Package org.keycloak.services.x509

Class AbstractClientCertificateFromHttpHeadersLookup

java.lang.Object

org.keycloak.services.x509.AbstractClientCertificateFromHttpHeadersLookup

All Implemented Interfaces:

Provider, X509ClientCertificateLookup

Direct Known Subclasses:

ApacheProxySslClientCertificateLookup, HaProxySslClientCertificateLookup, NginxProxySslClientCertificateLookup, NginxProxyTrustedClientCertificateLookup

public abstract class AbstractClientCertificateFromHttpHeadersLookup
extends Object
implements X509ClientCertificateLookup

Since:

3/29/2017

Version:

$Revision: 1 $

Author:

Peter Nalyvayko

Field Summary

Fields

Modifier and Type	Field	Description
protected final int	certificateChainLength
protected static final org.jboss.logging.Logger	logger
protected final String	sslCertChainHttpHeaderPrefix
protected final String	sslClientCertHttpHeader

Constructor Summary

Constructors

Constructor	Description
AbstractClientCertificateFromHttpHeadersLookup(String sslCientCertHttpHeader, String sslCertChainHttpHeaderPrefix, int certificateChainLength)

Method Summary

Modifier and Type	Method	Description
protected void	buildChain(HttpRequest httpRequest, List<X509Certificate> chain, X509Certificate cert)
void	close()
protected abstract X509Certificate	decodeCertificateFromPem(String pem)
final X509Certificate[]	getCertificateChain(HttpRequest httpRequest)	Returns a client certificate, and optionally any certificates in the certificate chain.
protected X509Certificate	getCertificateFromHttpHeader(HttpRequest request, String httpHeader)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

logger

protected static final org.jboss.logging.Logger logger

sslClientCertHttpHeader

protected final String sslClientCertHttpHeader

sslCertChainHttpHeaderPrefix

protected final String sslCertChainHttpHeaderPrefix

certificateChainLength

protected final int certificateChainLength

Constructor Details

AbstractClientCertificateFromHttpHeadersLookup

public AbstractClientCertificateFromHttpHeadersLookup(String sslCientCertHttpHeader,
 String sslCertChainHttpHeaderPrefix,
 int certificateChainLength)

Method Details

close

public void close()

Specified by:

close in interface Provider

decodeCertificateFromPem

protected abstract X509Certificate decodeCertificateFromPem(String pem)
                                                     throws PemException

Throws:

PemException

getCertificateFromHttpHeader

protected X509Certificate getCertificateFromHttpHeader(HttpRequest request,
 String httpHeader)
                                                throws GeneralSecurityException

Throws:

GeneralSecurityException

getCertificateChain

public final X509Certificate[] getCertificateChain(HttpRequest httpRequest)
                                            throws GeneralSecurityException

Description copied from interface: X509ClientCertificateLookup

Returns a client certificate, and optionally any certificates in the certificate chain.

Specified by:

getCertificateChain in interface X509ClientCertificateLookup

Returns:

Throws:

GeneralSecurityException

buildChain

protected void buildChain(HttpRequest httpRequest,
 List<X509Certificate> chain,
 X509Certificate cert)