@FunctionalInterface public interface ClientIdentityProvider
Iterable<KeyPair> getClientIdentities(SessionContext session) throws IOException, GeneralSecurityException
KeyPair
representing the client identitysession
- The SessionContext
for invoking this load command - may be null
if not invoked within a session context (e.g., offline tool).null
/empty if no currently available
identity from this provider. Note: the provider may return a
different value every time this method is called - e.g., if it is
(re-)loading contents from a file.IOException
- If failed to load the identityGeneralSecurityException
- If failed to parse the identitystatic ClientIdentityProvider of(KeyPair kp)
KeyPair
into a ClientIdentityProvider
that simply returns this value as it
getClientIdentities(SessionContext)
.kp
- The KeyPair
instance (including null
)static Iterable<KeyPair> lazyKeysLoader(Iterable<? extends ClientIdentityProvider> providers, Function<? super ClientIdentityProvider,? extends Iterable<KeyPair>> kpExtractor, Predicate<KeyPair> filter)
ClientIdentityProvider
into a KeyPair
Iterable
that invokes each provider
"lazily" - i.e., only when Iterator.hasNext()
is invoked. This prevents password protected
private keys to be decrypted until they are actually needed.providers
- The providers - ignored if null
kpExtractor
- The (never null
) extractor of the KeyPair
from the
ClientIdentityProvider
argument. If returned pair is null
then next provider
is queried.filter
- Any further filter to apply on (non-null
) key pairs before returning it as the
Iterator.next()
result.Iterable
. Note: a new Iterator
instance is returned
on each Iterable.iterator()
call - i.e., any encrypted private key may require the
user to re-enter the relevant password. If the default ClientIdentityFileWatcher
is
used, this is not a problem since it caches the decoded result (unless the file has changed).static Iterator<KeyPair> lazyKeysIterator(Iterator<? extends ClientIdentityProvider> providers, Function<? super ClientIdentityProvider,? extends Iterable<KeyPair>> kpExtractor, Predicate<KeyPair> filter)
ClientIdentityProvider
into a KeyPair
Iterator
that invokes each provider
"lazily" - i.e., only when Iterator.hasNext()
is invoked. This prevents password protected
private keys to be decrypted until they are actually needed.providers
- The providers - ignored if null
kpExtractor
- The (never null
) extractor of the KeyPair
from the
ClientIdentityProvider
argument. If returned pair is null
then next provider
is queried.filter
- Any further filter to apply on (non-null
) key pairs before returning it as the
Iterator.next()
result.Iterator
Copyright © 2008–2024 The Apache Software Foundation. All rights reserved.