Package com.yubico.fido.metadata
Class FidoMetadataDownloader.FidoMetadataDownloaderBuilder.Step3
java.lang.Object
com.yubico.fido.metadata.FidoMetadataDownloader.FidoMetadataDownloaderBuilder.Step3
- Enclosing class:
- FidoMetadataDownloader.FidoMetadataDownloaderBuilder
Step 3: Configure how to cache the trust root certificate.
This step offers two mutually exclusive options:
- Cache the trust root certificate in a
File
. SeeuseTrustRootCacheFile(File)
. - Cache the trust root certificate using a
Supplier
to read the cache and aConsumer
to write the cache. SeeuseTrustRootCache(Supplier, Consumer)
.
-
Method Summary
Modifier and TypeMethodDescriptionuseTrustRootCache
(@NonNull Supplier<Optional<com.yubico.webauthn.data.ByteArray>> getCachedTrustRootCert, @NonNull Consumer<com.yubico.webauthn.data.ByteArray> writeCachedTrustRootCert) useTrustRootCacheFile
(@NonNull File cacheFile) Cache the trust root certificate in the filecacheFile
.
-
Method Details
-
useTrustRootCacheFile
public FidoMetadataDownloader.FidoMetadataDownloaderBuilder.Step4 useTrustRootCacheFile(@NonNull @NonNull File cacheFile) Cache the trust root certificate in the filecacheFile
.If
cacheFile
exists, is a normal file, is readable, matches one of the SHA-256 hashes configured in the previous step, and contains a currently valid X.509 certificate, then it will be used as the trust root for the FIDO Metadata Service blob.Otherwise, the trust root certificate will be downloaded and written to this file.
-
useTrustRootCache
public FidoMetadataDownloader.FidoMetadataDownloaderBuilder.Step4 useTrustRootCache(@NonNull @NonNull Supplier<Optional<com.yubico.webauthn.data.ByteArray>> getCachedTrustRootCert, @NonNull @NonNull Consumer<com.yubico.webauthn.data.ByteArray> writeCachedTrustRootCert) Cache the trust root certificate using aSupplier
to read the cache, and using aConsumer
to write the cache.If
getCachedTrustRootCert
returns non-empty, the value matches one of the SHA-256 hashes configured in the previous step, and is a currently valid X.509 certificate, then it will be used as the trust root for the FIDO Metadata Service blob.Otherwise, the trust root certificate will be downloaded and written to
writeCachedTrustRootCert
.- Parameters:
getCachedTrustRootCert
- aSupplier
that fetches the cached trust root certificate if it exists. The returned value, if any, should be the trust root certificate in X.509 DER format.writeCachedTrustRootCert
- aConsumer
that accepts the trust root certificate in X.509 DER format and writes it to the cache.
-