Package com.yubico.fido.metadata

Class FidoMetadataDownloader.FidoMetadataDownloaderBuilder.Step4

java.lang.Object

com.yubico.fido.metadata.FidoMetadataDownloader.FidoMetadataDownloaderBuilder.Step4

Enclosing class:

FidoMetadataDownloader.FidoMetadataDownloaderBuilder

public static class FidoMetadataDownloader.FidoMetadataDownloaderBuilder.Step4
extends Object

Step 4: Configure how to fetch the FIDO Metadata Service metadata BLOB.

This step offers three mutually exclusive options:

1. Use the default download URL. This is the main intended use case. See useDefaultBlob().
2. Use a custom download URL. This is for future-proofing in case the BLOB download URL changes and there is no new release of this library. See downloadBlob(URL).
3. Use a pre-retrieved BLOB. The signature will still be verified, but it is up to you to renew it when appropriate and perform any caching as desired. See useBlob(String).

Method Summary

Modifier and Type	Method	Description
FidoMetadataDownloader.FidoMetadataDownloaderBuilder.Step5	downloadBlob(@NonNull URL url)	Download the metadata BLOB from the given HTTPS url.
FidoMetadataDownloader.FidoMetadataDownloaderBuilder	useBlob(@NonNull String blobJwt)	Use the given metadata BLOB; never download it.
FidoMetadataDownloader.FidoMetadataDownloaderBuilder.Step5	useDefaultBlob()	Download the metadata BLOB from a hard-coded URL.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

useDefaultBlob

public FidoMetadataDownloader.FidoMetadataDownloaderBuilder.Step5 useDefaultBlob()

Download the metadata BLOB from a hard-coded URL.

This is an alias of downloadBlob(new URL("https://mds.fidoalliance.org/")).

This is the current FIDO Metadata Service BLOB download URL at the time of this library release.

See Also:

• downloadBlob(URL)

downloadBlob

public FidoMetadataDownloader.FidoMetadataDownloaderBuilder.Step5 downloadBlob(@NonNull
 @NonNull URL url)

Download the metadata BLOB from the given HTTPS url.

The BLOB will be downloaded if it does not exist in the cache, or if the nextUpdate property of the cached BLOB is the current date or earlier.

If the BLOB is downloaded, it is also written to the cache File or Consumer configured in the next step.

Parameters:

url - the HTTP URL to download. It MUST use the https: scheme.

useBlob

public FidoMetadataDownloader.FidoMetadataDownloaderBuilder useBlob(@NonNull
 @NonNull String blobJwt)

Use the given metadata BLOB; never download it.

The blob signature and trust chain will still be verified, but it is the caller's responsibility to renew the metadata BLOB according to the FIDO Metadata Service specification.

Parameters:

blobJwt - the Metadata BLOB in JWT format as defined in FIDO Metadata Service §3.1.7. Metadata BLOB. The byte array MUST NOT be Base64-decoded.

See Also:

• FIDO Metadata Service §3.1.7. Metadata BLOB
• FIDO Metadata Service §3.2. Metadata BLOB object processing rules