Package com.authlete.common.util
Class FapiUtils
- java.lang.Object
-
- com.authlete.common.util.FapiUtils
-
public class FapiUtils extends Object
Utilities for Financial-grade API (FAPI).
-
-
Field Summary
Fields Modifier and Type Field Description static StringX_FAPI_AUTH_DATEx-fapi-auth-datestatic StringX_FAPI_CUSTOMER_IP_ADDRESSx-fapi-customer-ip-addressstatic StringX_FAPI_INTERACTION_IDx-fapi-interaction-id
-
Constructor Summary
Constructors Constructor Description FapiUtils()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static StringcomputeOutgoingInteractionId(String incomingInteractionId)Compute the value suitable for thex-fapi-interaction-idHTTP response header.static StringgenerateInteractionId()Generate a value suitable for thex-fapi-interaction-idHTTP header.
-
-
-
Field Detail
-
X_FAPI_AUTH_DATE
public static final String X_FAPI_AUTH_DATE
x-fapi-auth-dateFrom 6.2.2. Client provisions of Financial-grade API Security Profile 1.0 - Part 1: Baseline:
-
may send the last time the customer logged into the client in the
x-fapi-auth-dateheader where the value is supplied as a HTTP-date as in Section 7.1.1.1 of RFC7231, e.g.,x-fapi-auth-date: Tue, 11 Sep 2012 19:43:31 GMT;
-
may send the last time the customer logged into the client in the
-
X_FAPI_CUSTOMER_IP_ADDRESS
public static final String X_FAPI_CUSTOMER_IP_ADDRESS
x-fapi-customer-ip-addressFrom 6.2.1. Protected resources provisions of Financial-grade API Security Profile 1.0 - Part 1: Baseline:
-
shall not reject requests with a
x-fapi-customer-ip-addressheader containing a valid IPv4 or IPv6 address.
From 6.2.2. Client provisions of Financial-grade API Security Profile 1.0 - Part 1: Baseline:
-
may send the customer’s IP address if this data is available in the
x-fapi-customer-ip-addressheader, e.g.,x-fapi-customer-ip-address: 2001:DB8::1893:25c8:1946orx-fapi-customer-ip-address: 198.51.100.119; and
-
shall not reject requests with a
-
X_FAPI_INTERACTION_ID
public static final String X_FAPI_INTERACTION_ID
x-fapi-interaction-idFrom 6.2.1. Protected resources provisions of Financial-grade API Security Profile 1.0 - Part 1: Baseline:
-
shall set the response header
x-fapi-interaction-idto the value received from the corresponding FAPI client request header or to a RFC4122 UUID value if the request header was not provided to track the interaction, e.g.,x-fapi-interaction-id: c770aef3-6784-41f7-8e0e-ff5f97bddb3a; -
shall log the value of
x-fapi-interaction-idin the log entry; and
From 6.2.2. Client provisions of Financial-grade API Security Profile 1.0 - Part 1: Baseline:
-
may send the
x-fapi-interaction-idrequest header, in which case the value shall be a RFC4122 UUID to the server to help correlate log entries between client and server, e.g.,x-fapi-interaction-id: c770aef3-6784-41f7-8e0e-ff5f97bddb3a.
-
shall set the response header
-
-
Method Detail
-
computeOutgoingInteractionId
public static String computeOutgoingInteractionId(String incomingInteractionId) throws IllegalArgumentException
Compute the value suitable for thex-fapi-interaction-idHTTP response header.- Parameters:
incomingInteractionId- The value of thex-fapi-interaction-idHTTP request header. This may be null.- Returns:
- If
incomingInteractionIdis given, the same value is returned. Otherwise, a new value generated bygenerateInteractionId()is returned. - Throws:
IllegalArgumentException-incomingInteractionIdis not a valid UUID.
-
generateInteractionId
public static String generateInteractionId()
Generate a value suitable for thex-fapi-interaction-idHTTP header.- Returns:
- A value suitable for the
x-fapi-interaction-idHTTP header.
-
-