Package se.swedenconnect.security.credential

Interface PkiCredential.Metadata

Enclosing interface:
PkiCredential
public static interface PkiCredential.Metadata
Metadata associated with a PkiCredential.

Implementations may add any type of metadata to a credential. However, some XXX

  • Field Details

    • KEY_ID_PROPERTY

      static final String KEY_ID_PROPERTY
      Property name for the key identifier metadata property. This property holds a String.
      See Also:

    • ISSUED_AT_PROPERTY

      static final String ISSUED_AT_PROPERTY
      Property name for the Instant when the credential was issued.
      See Also:

    • EXPIRES_AT_PROPERTY

      static final String EXPIRES_AT_PROPERTY
      Property name for the Instant when the credential expires. Note that this may be different from the instant holding the ACTIVE_TO_PROPERTY property.
      See Also:

    • ACTIVE_TO_PROPERTY

      static final String ACTIVE_TO_PROPERTY
      Property that may be set to the Instant at which the credential no longer should be regarded as active.
      See Also:

    • ACTIVE_FROM_PROPERTY

      static final String ACTIVE_FROM_PROPERTY
      Property that may be set to the Instant from when the credential should be regarded as active.
      See Also:

    • USAGE_PROPERTY

      static final String USAGE_PROPERTY
      Property name for the usage property. This property holds a String, that may be "signing", "encryption", "metadata-signing" or any other application specific usage.
      See Also:

    • USAGE_SIGNING

      static final String USAGE_SIGNING
      Usage value indicating that a credential is used for signing.
      See Also:

    • USAGE_ENCRYPTION

      static final String USAGE_ENCRYPTION
      Usage value indicating that a credential is used for encryption.
      See Also:

    • USAGE_METADATA_SIGNING

      static final String USAGE_METADATA_SIGNING
      Usage value indicating thet a credential is used for metadata signing, for example SAML metadata, or OIDC entity statements.
      See Also:

  • Method Details

    • setKeyId

      default void setKeyId(@Nullable String keyId)
      Assigns the key identifier ("key-id" property).
      Parameters:
      keyId - the key identifier, or null to reset the value

    • getKeyId

      @Nullable default String getKeyId()
      Gets the stored key identifier ("key-id" property).
      Returns:
      the credential key identifier, or null, if not assigned

    • setUsage

      default void setUsage(@Nullable String usage)
      Assigns the credential usage represented by the "usage" property.
      Parameters:
      usage - the usage string, or null to reset the "usage" property.

    • getUsage

      @Nullable default String getUsage()
      Gets the value for the "usage" property.
      Returns:
      a credential usage string or null

    • setActiveFrom

      default void setActiveFrom(@Nullable Instant activeFrom)
      Assigns the Instant from when the credential should be regarded as active. Stored using the "active-from" property.
      Parameters:
      activeFrom - the active-from instant, or null for resetting the property

    • getActiveFrom

      @Nullable default Instant getActiveFrom()
      Gets the Instant for the "active-from" property.
      Returns:
      an Instant or null

    • setActiveTo

      default void setActiveTo(@Nullable Instant activeTo)
      Assigns the Instant for when the credential should no longer be active. Stored using the "active-to" property.
      Parameters:
      activeTo - the active-to instant, or null for resetting the property

    • getActiveTo

      @Nullable default Instant getActiveTo()
      Gets the Instant for the "active-to" property.
      Returns:
      an Instant or null

    • getIssuedAt

      @Nullable default Instant getIssuedAt()
      The instant for when the key pair/credential was issued.

      If not explicitly assigned, implementations may use the notBefore property from the credential entity certificate.

      Returns:
      an instant for when the credential was issued/created, or null if this information is not available

    • getExpiresAt

      @Nullable default Instant getExpiresAt()
      The instant for when the key pair/credential "expires".

      If not explicitly assigned, implementations may use the notAfter property from the credential entity certificate.

      Returns:
      an instant for when the credential expires, or null if this information is not available

    • getProperties

      @Nonnull Map<String,Object> getProperties()
      Gets a live map of the additional metadata properties.
      Returns:
      a (possibly empty) map of additional metadata properties