Interface ClientIdentityProvider

  • All Known Implementing Classes:
    ClientIdentityFileWatcher
    Functional Interface:
    This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.

    @FunctionalInterface
    public interface ClientIdentityProvider
    • Method Detail

      • getClientIdentities

        java.lang.Iterable<java.security.KeyPair> getClientIdentities​(SessionContext session)
                                                               throws java.io.IOException,
                                                                      java.security.GeneralSecurityException
        Provides a KeyPair representing the client identity
        Parameters:
        session - The SessionContext for invoking this load command - may be null if not invoked within a session context (e.g., offline tool).
        Returns:
        The client identities - may be null/empty if no currently available identity from this provider. Note: the provider may return a different value every time this method is called - e.g., if it is (re-)loading contents from a file.
        Throws:
        java.io.IOException - If failed to load the identity
        java.security.GeneralSecurityException - If failed to parse the identity
      • lazyKeysLoader

        static java.lang.Iterable<java.security.KeyPair> lazyKeysLoader​(java.lang.Iterable<? extends ClientIdentityProvider> providers,
                                                                        java.util.function.Function<? super ClientIdentityProvider,​? extends java.lang.Iterable<java.security.KeyPair>> kpExtractor,
                                                                        java.util.function.Predicate<java.security.KeyPair> filter)
        Wraps several ClientIdentityProvider into a KeyPair Iterable that invokes each provider "lazily" - i.e., only when Iterator.hasNext() is invoked. This prevents password protected private keys to be decrypted until they are actually needed.
        Parameters:
        providers - The providers - ignored if null
        kpExtractor - The (never null) extractor of the KeyPair from the ClientIdentityProvider argument. If returned pair is null then next provider is queried.
        filter - Any further filter to apply on (non-null) key pairs before returning it as the Iterator.next() result.
        Returns:
        The wrapper Iterable. Note: a new Iterator instance is returned on each Iterable.iterator() call - i.e., any encrypted private key may require the user to re-enter the relevant password. If the default ClientIdentityFileWatcher is used, this is not a problem since it caches the decoded result (unless the file has changed).
      • lazyKeysIterator

        static java.util.Iterator<java.security.KeyPair> lazyKeysIterator​(java.util.Iterator<? extends ClientIdentityProvider> providers,
                                                                          java.util.function.Function<? super ClientIdentityProvider,​? extends java.lang.Iterable<java.security.KeyPair>> kpExtractor,
                                                                          java.util.function.Predicate<java.security.KeyPair> filter)
        Wraps several ClientIdentityProvider into a KeyPair Iterator that invokes each provider "lazily" - i.e., only when Iterator.hasNext() is invoked. This prevents password protected private keys to be decrypted until they are actually needed.
        Parameters:
        providers - The providers - ignored if null
        kpExtractor - The (never null) extractor of the KeyPair from the ClientIdentityProvider argument. If returned pair is null then next provider is queried.
        filter - Any further filter to apply on (non-null) key pairs before returning it as the Iterator.next() result.
        Returns:
        The wrapper Iterator