Class FapiResourceResponseSigner

java.lang.Object
com.authlete.hms.fapi.FapiResourceResponseBase<FapiResourceResponseSigner>
com.authlete.hms.fapi.FapiResourceResponseSigner
public class FapiResourceResponseSigner extends FapiResourceResponseBase<FapiResourceResponseSigner>
A utility for signing a resource response in accordance with the FAPI 2.0 Http Signatures requirements.

Sample Code

 // Create a signer.
 FapiResourceResponseSigner signer = new FapiResourceResponseSigner()
         .setMethod("GET")
         .setTargetUri(URI.create("https://example.com/path?key=value"))
         .setStatus(200)
         .setResponseContentDigest(
             "sha-256=:RBNvo1WzZ4oRRq0W9+hknpT7T8If536DEMBg9hyq/4o=:"
         )
         .setCreated(Instant.now())
         .setSigningKey(JWK.parse(SIGNING_KEY))
         ;

 // Sign the HTTP response.
 SignatureInfo info = signer.sign();

 // Signature HTTP field.
 String signatureFieldValue = String.format("sig=%s", info.getSerializedSignature());
     // e.g. sig=:OXJQdFoyuYsbMfJHl/+bT8WwKv49Pt6fiYz/0bTQSAynaJH+HELTqZVzzm3/pyk/MPrjQ9iPmPxz8rgkkRe5kQ==:
 responseBuilder.header("Signature", signatureFieldValue);

 // Signature-Input HTTP field.
 String signatureInputFieldValue = String.format("sig=%s", info.getSerializedSignatureMetadata());
     // e.g. sig=("@method";req "@target-uri";req "@status" "content-digest");created=1729584639;keyid="snIZq-_NvzkKV-IdiM348BCz_RKdwmufnrPubsKKyio";tag="fapi-2-response"
 responseBuilder.header("Signature-Input", signatureInputFieldValue);
Since:
1.3
See Also:

  • Constructor Details

    • FapiResourceResponseSigner

      public FapiResourceResponseSigner()

  • Method Details

    • getSigningKey

      public JWK getSigningKey()
      Get the private key for signing the HTTP response.
      Returns:
      The private key for signing the HTTP response.

    • setSigningKey

      public FapiResourceResponseSigner setSigningKey(JWK signingKey)
      Set the private key for signing the HTTP response.
      Parameters:
      signingKey - The private key for signing the HTTP response.
      Returns:
      this object.

    • sign

      public SigningInfo sign() throws IllegalStateException, SignatureException
      Execute HTTP message signing.

      This method is an alias of sign(null).

      Returns:
      Information about the signing operation, including the computed signature base and the generated signature.
      Throws:
      IllegalStateException - Mandatory input parameters, such as method, targetUri, status, and signingKey, are not set.
      SignatureException - Signing failed.

    • sign

      public SigningInfo sign(SignatureMetadata metadata) throws IllegalStateException, SignatureException
      Execute HTTP message signing.
      Parameters:
      metadata - The signature metadata referenced for creating the signature base. If null is given, the default signature metadata is built and used.
      Returns:
      Information about the signing operation, including the computed signature base and the generated signature.
      Throws:
      IllegalStateException - Mandatory input parameters, such as method, targetUri, status, and signingKey, are not set.
      SignatureException - Signing failed.