Package com.adobe.granite.auth.cert

Interface UserCertificateMapping

public interface UserCertificateMapping
Provides a service to store and map certificates to users.

  • Method Details

    • mapCertificate

      void mapCertificate(ResourceResolver resolver, String userId, X509Certificate certificate) throws UserCertificateMappingException
      Maps a certificate to a user by adding it to the global trust store using an autogenerated alias based on the given user ID and a timestamp.
      Parameters:
      resolver - the resource resolver to use for accessing the global trust-store
      userId - the ID of the user to map the certificate to
      certificate - the certificate to map
      Throws:
      UserCertificateMappingException - if the mapping fails for various reasons like the given user doesn't exist or trust-store access denied

    • unmapCertificate

      void unmapCertificate(ResourceResolver resolver, String alias) throws UserCertificateMappingException
      Unmaps a certificate by removing the certificate from the global trust-store.
      Parameters:
      resolver - the resource resolver to use for accessing the global trust-store
      alias - the alias of the certificate to remove
      Throws:
      UserCertificateMappingException - if the certificate removal fails for various reasons like the given alias doesn't exist or trust-store access denied

    • listCertificates

      Map<String,X509Certificate> listCertificates(ResourceResolver resolver, String userId) throws UserCertificateMappingException
      List the accessible certificates mapped to the given user.
      Parameters:
      userId - the ID of the user who's certificates are listed
      Returns:
      a map of accessible certificates, using the alias as key, corresponding to the given user
      Throws:
      UserCertificateMappingException - if the listing fails for various reasons like the given user doesn't exist or trust-store access denied