Class CertificateThumbprintFilter
- java.lang.Object
-
- org.forgerock.openig.filter.oauth2.cnf.CertificateThumbprintFilter
-
- All Implemented Interfaces:
Filter
public class CertificateThumbprintFilter extends Object implements Filter
A filter that evaluates a required EL expression to establish the client certificate from both context and request, then calculates the thumbprint for that certificate (sha-256 hash and base64 url encoding) before storing it in the attributes context for later retrieval in downstream components.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
CertificateThumbprintFilter.Heaplet
Creates and initializes a certificate thumbprint filter in a heap environment.
-
Field Summary
Fields Modifier and Type Field Description static String
CERTIFICATE_THUMBPRINT_ATTRIBUTE
The certificate attribute name.
-
Constructor Summary
Constructors Constructor Description CertificateThumbprintFilter(Expression<Certificate> certExpr, Handler failureHandler)
Build a CertificateThumbprintFilter that will compute a certificate thumbprint based on the givencertExpr
.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description Promise<Response,NeverThrowsException>
filter(Context context, Request request, Handler next)
Filters the request and/or response of an exchange.
-
-
-
Field Detail
-
CERTIFICATE_THUMBPRINT_ATTRIBUTE
public static final String CERTIFICATE_THUMBPRINT_ATTRIBUTE
The certificate attribute name.- See Also:
- Constant Field Values
-
-
Constructor Detail
-
CertificateThumbprintFilter
public CertificateThumbprintFilter(Expression<Certificate> certExpr, Handler failureHandler)
Build a CertificateThumbprintFilter that will compute a certificate thumbprint based on the givencertExpr
.- Parameters:
certExpr
- An EL expression which when evaluated will yield a certificate.failureHandler
- The failure handler.
-
-
Method Detail
-
filter
public Promise<Response,NeverThrowsException> filter(Context context, Request request, Handler next)
Description copied from interface:Filter
Filters the request and/or response of an exchange. To pass the request to the next filter or handler in the chain, the filter callsnext.handle(context, request)
.This method may elect not to pass the request to the next filter or handler, and instead handle the request itself. It can achieve this by merely avoiding a call to
next.handle(context, request)
and creating its own response object. The filter is also at liberty to replace a response with another of its own by intercepting the response returned by the next handler.
-
-