View Javadoc

1   /*
2    * Copyright [2007] [University Corporation for Advanced Internet Development, Inc.]
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.opensaml.xml.security.keyinfo;
18  
19  import java.util.Collection;
20  
21  import org.opensaml.xml.XMLObject;
22  import org.opensaml.xml.security.CriteriaSet;
23  import org.opensaml.xml.security.SecurityException;
24  import org.opensaml.xml.security.credential.Credential;
25  import org.opensaml.xml.signature.KeyInfo;
26  
27  /**
28   * Interface for providers used in conjunction with a {@link KeyInfoCredentialResolver} which 
29   * support resolving {@link Credential}s based on a child element of {@link KeyInfo}.
30   */
31  public interface KeyInfoProvider {
32      
33      /**
34       * Process a specified KeyInfo child (XMLobject) and attempt to resolve a credential from it.
35       * 
36       * @param resolver reference to a resolver which is calling the provider
37       * @param keyInfoChild the KeyInfo child being processed
38       * @param criteriaSet the credential criteria the credential must satisfy
39       * @param kiContext the resolution context, used for sharing state amongst resolvers and providers
40       * 
41       * @return a resolved Credential collection, or null
42       * 
43       * @throws SecurityException if there is an error during credential resolution.  
44       *          Note: failure to resolve a credential is not an error.
45       */
46      public Collection<Credential> process(KeyInfoCredentialResolver resolver, XMLObject keyInfoChild, 
47              CriteriaSet criteriaSet, KeyInfoResolutionContext kiContext) throws SecurityException;
48      
49      /**
50       * Evaluate whether the given provider should attempt to handle resolving a credential
51       * from the specified KeyInfo child.
52       * 
53       * An evaluation of <code>true</code> does not guarantee that a credential can or will be 
54       * extracted form the particular KeyInfo child, only that processing should be attempted.
55       * 
56       * @param keyInfoChild the KeyInfo child object to consider
57       * 
58       * @return true if the provider should attempt to resolve credentials, false otherwise
59       */
60      public boolean handles(XMLObject keyInfoChild);
61  
62  }