Class FapiResourceRequestSigner

java.lang.Object

com.authlete.hms.fapi.FapiResourceRequestBase<FapiResourceRequestSigner>

com.authlete.hms.fapi.FapiResourceRequestSigner

public class FapiResourceRequestSigner
extends FapiResourceRequestBase<FapiResourceRequestSigner>

A utility for signing a resource request in accordance with the FAPI 2.0 Http Signatures requirements.

Sample Code

 // Create a signer.
 FapiResourceRequestSigner signer = new FapiResourceRequestSigner()
         .setMethod("POST")
         .setTargetUri(URI.create("https://example.com/path?key=value"))
         .setAuthorization("Bearer abc")
         .setContentDigest(
             "sha-256=:RBNvo1WzZ4oRRq0W9+hknpT7T8If536DEMBg9hyq/4o=:"
         )
         .setCreated(Instant.now())
         .setSigningKey(JWK.parse(SIGNING_KEY))
         ;

 // Sign the HTTP request.
 SignatureInfo info = signer.sign();

 // Signature HTTP field.
 String signatureFieldValue = String.format("sig=%s", info.getSerializedSignature());
     // e.g. sig=:OXJQdFoyuYsbMfJHl/+bT8WwKv49Pt6fiYz/0bTQSAynaJH+HELTqZVzzm3/pyk/MPrjQ9iPmPxz8rgkkRe5kQ==:
 requestBuilder.header("Signature", signatureFieldValue);

 // Signature-Input HTTP field.
 String signatureInputFieldValue = String.format("sig=%s", info.getSerializedSignatureMetadata());
     // e.g. sig=("@method" "@target-uri" "authorization" "content-digest");created=1729584639;keyid="snIZq-_NvzkKV-IdiM348BCz_RKdwmufnrPubsKKyio";tag="fapi-2-request"
 requestBuilder.header("Signature-Input", signatureInputFieldValue);
 

Since:

1.4

See Also:

• FAPI 2.0 Http Signatures
• RFC 9421: HTTP Message Signatures

Constructor Summary

Constructors

Constructor	Description
FapiResourceRequestSigner()

Method Summary

Modifier and Type	Method	Description
JWK	getSigningKey()	Get the private key for signing the HTTP request.
FapiResourceRequestSigner	setSigningKey(JWK signingKey)	Set the private key for signing the HTTP request.
SigningInfo	sign()	Execute HTTP message signing.
SigningInfo	sign(SignatureMetadata metadata)	Execute HTTP message signing.

Methods inherited from class com.authlete.hms.fapi.FapiResourceRequestBase

getAuthorization, getContentDigest, getCreated, getDpop, getMethod, getTargetUri, setAuthorization, setContentDigest, setCreated, setCreated, setDpop, setMethod, setTargetUri

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

FapiResourceRequestSigner

public FapiResourceRequestSigner()

Method Details

getSigningKey

public JWK getSigningKey()

Get the private key for signing the HTTP request.

Returns:

The private key for signing the HTTP request.

setSigningKey

public FapiResourceRequestSigner setSigningKey(JWK signingKey)

Set the private key for signing the HTTP request.

Parameters:

signingKey - The private key for signing the HTTP request.

Returns:

this object.

sign

public SigningInfo sign()
                 throws IllegalStateException,
SignatureException

Execute HTTP message signing.

This method is an alias of sign(null).

Returns:

Information about the signing operation, including the computed signature base and the generated signature.

Throws:

IllegalStateException - Mandatory input parameters, such as method, targetUri, authorization, and signingKey, are not set.

SignatureException - Signing failed.

sign

public SigningInfo sign(SignatureMetadata metadata)
                 throws IllegalStateException,
SignatureException

Execute HTTP message signing.

Parameters:

metadata - The signature metadata referenced for creating the signature base. If null is given, the default signature metadata is built and used.

Returns:

Information about the signing operation, including the computed signature base and the generated signature.

Throws:

IllegalStateException - Mandatory input parameters, such as method, targetUri, authorization, and signingKey, are not set.

SignatureException - Signing failed.