Interface ClientIdentityProvider
- All Known Implementing Classes:
ClientIdentityFileWatcher
- Functional Interface:
- This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.
-
Method Summary
Modifier and TypeMethodDescriptiongetClientIdentities
(SessionContext session) Provides aKeyPair
representing the client identitylazyKeysIterator
(Iterator<? extends ClientIdentityProvider> providers, Function<? super ClientIdentityProvider, ? extends Iterable<KeyPair>> kpExtractor, Predicate<KeyPair> filter) Wraps severalClientIdentityProvider
into aKeyPair
Iterator
that invokes each provider "lazily" - i.e., only whenIterator.hasNext()
is invoked.lazyKeysLoader
(Iterable<? extends ClientIdentityProvider> providers, Function<? super ClientIdentityProvider, ? extends Iterable<KeyPair>> kpExtractor, Predicate<KeyPair> filter) Wraps severalClientIdentityProvider
into aKeyPair
Iterable
that invokes each provider "lazily" - i.e., only whenIterator.hasNext()
is invoked.static ClientIdentityProvider
Wraps aKeyPair
into aClientIdentityProvider
that simply returns this value as itgetClientIdentities(SessionContext)
.
-
Method Details
-
getClientIdentities
Iterable<KeyPair> getClientIdentities(SessionContext session) throws IOException, GeneralSecurityException Provides aKeyPair
representing the client identity- Parameters:
session
- TheSessionContext
for invoking this load command - may benull
if not invoked within a session context (e.g., offline tool).- Returns:
- The client identities - may be
null
/empty if no currently available identity from this provider. Note: the provider may return a different value every time this method is called - e.g., if it is (re-)loading contents from a file. - Throws:
IOException
- If failed to load the identityGeneralSecurityException
- If failed to parse the identity
-
of
Wraps aKeyPair
into aClientIdentityProvider
that simply returns this value as itgetClientIdentities(SessionContext)
.- Parameters:
kp
- TheKeyPair
instance (includingnull
)- Returns:
- The wrapping provider
-
lazyKeysLoader
static Iterable<KeyPair> lazyKeysLoader(Iterable<? extends ClientIdentityProvider> providers, Function<? super ClientIdentityProvider, ? extends Iterable<KeyPair>> kpExtractor, Predicate<KeyPair> filter) Wraps severalClientIdentityProvider
into aKeyPair
Iterable
that invokes each provider "lazily" - i.e., only whenIterator.hasNext()
is invoked. This prevents password protected private keys to be decrypted until they are actually needed.- Parameters:
providers
- The providers - ignored ifnull
kpExtractor
- The (nevernull
) extractor of theKeyPair
from theClientIdentityProvider
argument. If returned pair isnull
then next provider is queried.filter
- Any further filter to apply on (non-null
) key pairs before returning it as theIterator.next()
result.- Returns:
- The wrapper
Iterable
. Note: a newIterator
instance is returned on eachIterable.iterator()
call - i.e., any encrypted private key may require the user to re-enter the relevant password. If the defaultClientIdentityFileWatcher
is used, this is not a problem since it caches the decoded result (unless the file has changed).
-
lazyKeysIterator
static Iterator<KeyPair> lazyKeysIterator(Iterator<? extends ClientIdentityProvider> providers, Function<? super ClientIdentityProvider, ? extends Iterable<KeyPair>> kpExtractor, Predicate<KeyPair> filter) Wraps severalClientIdentityProvider
into aKeyPair
Iterator
that invokes each provider "lazily" - i.e., only whenIterator.hasNext()
is invoked. This prevents password protected private keys to be decrypted until they are actually needed.- Parameters:
providers
- The providers - ignored ifnull
kpExtractor
- The (nevernull
) extractor of theKeyPair
from theClientIdentityProvider
argument. If returned pair isnull
then next provider is queried.filter
- Any further filter to apply on (non-null
) key pairs before returning it as theIterator.next()
result.- Returns:
- The wrapper
Iterator
-