Package io.nats.client
Interface AuthHandler
-
public interface AuthHandlerNATS provides a challenge-response based authentication scheme based onNKeys. Since NKeys depend on a private seed, we do not handle them directly in the client library. Instead you can work with them inside an AuthHandler that only makes the public key available to the library.char[] nkey; char[] jwt; public byte[] sign(byte[] nonce) { try { NKey nkey = NKey.fromSeed(this.nkey); byte[] sig = nkey.sign(nonce); nkey.clear(); return sig; } catch (Exception exp) { throw new IllegalStateException("problem signing nonce", exp); } } public char[] getID() { try { NKey nkey = NKey.fromSeed(this.nkey); char[] pubKey = nkey.getPublicKey(); nkey.clear(); return pubKey; } catch (Exception exp) { throw new IllegalStateException("problem getting public key", exp); } } public char[] getJWT() { return this.jwt; }
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description char[]getID()getID should return a public key associated with a client key known to the server.char[]getJWT()getJWT should return the user JWT associated with this connection.byte[]sign(byte[] nonce)Sign is called by the library when the server sends a nonce.
-
-
-
Method Detail
-
sign
byte[] sign(byte[] nonce)
Sign is called by the library when the server sends a nonce. The client's NKey should be used to sign the provided value.- Parameters:
nonce- the nonce to sign- Returns:
- the signature for the nonce
-
getID
char[] getID()
getID should return a public key associated with a client key known to the server. If the server is not in nonce-mode, this array can be empty.- Returns:
- the public key as a char array
-
getJWT
char[] getJWT()
getJWT should return the user JWT associated with this connection. This can return null for challenge only authentication, but for account/user JWT-based authentication you need to return the JWT bytes here.- Returns:
- the user JWT
-
-