net.adamcin.httpsig.api

Class Signer

java.lang.Object

net.adamcin.httpsig.api.Signer

public final class Signer
extends Object

Instance of a Signer, used by an HTTP client to sign a RequestContent and create an Authorization

Constructor Summary

Constructors

Constructor and Description
Signer(Keychain keychain)
Signer(Keychain keychain, KeyId keyId)
Signer(Key singleKey, KeyId keyId)

Method Summary

Modifier and Type	Method and Description
Keychain	getCandidateKeys()
Keychain	getKeychain()
KeyId	getKeyId()
boolean	rotateKeys() Call this method to rotate the candidate keys back to the original state.
boolean	rotateKeys(Challenge nextChallenge) Call this method to rotate the candidate keys according to the provided Challenge.
boolean	rotateKeys(Challenge nextChallenge, Authorization failedAuthz) Call this method to rotate the candidate keys
Authorization	sign(RequestContent requestContent) Signs a RequestContent and returns an Authorization header.
Authorization	sign(RequestContent requestContent, List<String> electiveHeaders) Signs a RequestContent and returns an Authorization header.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Signer

public Signer(Keychain keychain)

Signer

public Signer(Key singleKey,
              KeyId keyId)

Signer

public Signer(Keychain keychain,
              KeyId keyId)

Method Detail

getKeychain

public Keychain getKeychain()

Returns:

the original keychain supplied to the Signer

getCandidateKeys

public Keychain getCandidateKeys()

Returns:

the Challenge-filtered and rotated Keychain

See Also:

rotateKeys()

getKeyId

public KeyId getKeyId()

rotateKeys

public boolean rotateKeys()

Call this method to rotate the candidate keys back to the original state.

Returns:

true if there is at least one key left after rotation, false otherwise

rotateKeys

public boolean rotateKeys(Challenge nextChallenge)

Call this method to rotate the candidate keys according to the provided Challenge.

Parameters:

nextChallenge - the Challenge header which was returned for the previous failed request.

Returns:

true if there is at least one key left after rotation, false otherwise

rotateKeys

public boolean rotateKeys(Challenge nextChallenge,
                          Authorization failedAuthz)

Call this method to rotate the candidate keys

Parameters:

nextChallenge - the Challenge header which was returned for the previous failed request.

failedAuthz - the Authorization header which failed on the previous request.

Returns:

true if there is at least one key left after rotation, false otherwise

sign

public Authorization sign(RequestContent requestContent)

Signs a RequestContent and returns an Authorization header. The signature will use all headers included in the RequestContent.

Parameters:

requestContent - the Request containing the headers to be signed

Returns:

a signed Authorization header or null if no identities could sign the RequestContent

sign

public Authorization sign(RequestContent requestContent,
                          List<String> electiveHeaders)

Signs a RequestContent and returns an Authorization header.

Parameters:

requestContent - the Request containing the headers to be signed

electiveHeaders - a list of headers to include in the signature, beyond those required by the Challenge

Returns:

a signed Authorization header or null if no identities could sign the RequestContent