Class IotRegistrationNode

  • All Implemented Interfaces:
    Node

    public class IotRegistrationNode
    extends Object
    This node handles the registration of things. It is responsible for collecting the registration Proof of Possession JWT for a thing and verifying that the JWT`s claims and x.509 certificate signature are valid. The node can create a new thing identity (with provided claims) and register or rotate the thing's confirmation key.
    • Field Detail

      • realm

        protected final Realm realm
      • coreWrapper

        protected final org.forgerock.openam.core.CoreWrapper coreWrapper
      • verifierFactory

        protected final org.forgerock.am.iot.JwtProofOfPossessionVerifier.Factory verifierFactory
      • callbackId

        protected final String callbackId
    • Constructor Detail

      • IotRegistrationNode

        @Inject
        public IotRegistrationNode​(Realm realm,
                                   IotRegistrationNode.Config config,
                                   org.forgerock.openam.core.CoreWrapper coreWrapper,
                                   org.forgerock.openam.identity.idm.IdentityUtils identityUtils,
                                   org.forgerock.am.iot.JwtProofOfPossessionVerifier.Factory verifierFactory,
                                   org.forgerock.openam.integration.idm.IdmIntegrationConfig idmConfig,
                                   org.forgerock.openam.integration.idm.IdmIntegrationService idmIntegrationService,
                                   com.sun.identity.idm.IdServices idServices)
        Create an instance of the IotRegistrationNode.
        Parameters:
        realm - the realm in which to create the node.
        config - the node configuration.
        coreWrapper - wrapper for abstracting core AM functionality.
        identityUtils - an instance of IdentityUtils.
        passwordGenerator - for generating new thing passwords.
        verifierFactory - factory for creating JWT PoP verifiers.
    • Method Detail

      • process

        public Action process​(TreeContext context)
        Description copied from interface: Node
        Performs processing on the given shared state, which holds all the data gathered by nodes that have already executed as part of this authentication session in the tree.

        This method is invoked when the node is reached in the tree.

        Specified by:
        process in interface Node
        Parameters:
        context - The context of the tree authentication.
        Returns:
        The next action to perform. Must not be null.
      • failureAction

        protected Action failureAction()
      • successAction

        protected Action successAction​(JWK confirmationKey,
                                       org.forgerock.am.iot.JwtProofOfPossessionVerifier.VerifiedClaimSet verifiedClaims,
                                       TreeContext context)
                                throws Exception
        Throws:
        Exception