All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.authlete.common.util.FapiUtils Maven / Gradle / Ivy

/*
 * Copyright (C) 2021 Authlete, Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.authlete.common.util;


import java.util.UUID;


/**
 * Utilities for Financial-grade API (FAPI).
 *
 * @since 2.94
 *
 * @see Financial-grade API Security Profile 1.0 - Part 1: Baseline
 *
 * @see Financial-grade API Security Profile 1.0 - Part 2: Advanced
 */
public class FapiUtils
{
    /**
     * {@code x-fapi-auth-date}
     *
     * 

* From 6.2.2. Client provisions of Financial-grade API Security Profile 1.0 - Part 1: Baseline: *

*
*
    *
  1. * may send the last time the customer logged into the client in the * {@code x-fapi-auth-date} header where the value is supplied as a * HTTP-date as in Section 7.1.1.1 of RFC7231, e.g., * {@code x-fapi-auth-date: Tue, 11 Sep 2012 19:43:31 GMT}; *
*
* * @see Financial-grade API Security Profile 1.0 - Part 1: Baseline, 6.2.2. Client provisions */ public static final String X_FAPI_AUTH_DATE = "x-fapi-auth-date"; /** * {@code x-fapi-customer-ip-address} * *

* From 6.2.1. Protected resources provisions of Financial-grade API Security Profile 1.0 - Part 1: Baseline: *

*
*
    *
  1. * shall not reject requests with a {@code x-fapi-customer-ip-address} * header containing a valid IPv4 or IPv6 address. *
*
* *

* From 6.2.2. Client provisions of Financial-grade API Security Profile 1.0 - Part 1: Baseline: *

*
*
    *
  1. * may send the customer’s IP address if this data is available in the * {@code x-fapi-customer-ip-address} header, e.g., * {@code x-fapi-customer-ip-address: 2001:DB8::1893:25c8:1946} or * {@code x-fapi-customer-ip-address: 198.51.100.119}; and *
*
* * @see Financial-grade API Security Profile 1.0 - Part 1: Baseline, 6.2.1. Protected resources provisions * * @see Financial-grade API Security Profile 1.0 - Part 1: Baseline, 6.2.2. Client provisions */ public static final String X_FAPI_CUSTOMER_IP_ADDRESS = "x-fapi-customer-ip-address"; /** * {@code x-fapi-interaction-id} * *

* From 6.2.1. Protected resources provisions of Financial-grade API Security Profile 1.0 - Part 1: Baseline: *

*
*
    *
  1. * shall set the response header {@code x-fapi-interaction-id} to the value * received from the corresponding FAPI client request header or to a RFC4122 * UUID value if the request header was not provided to track the interaction, e.g., * {@code x-fapi-interaction-id: c770aef3-6784-41f7-8e0e-ff5f97bddb3a}; *
  2. * shall log the value of {@code x-fapi-interaction-id} in the log entry; and *
*
* *

* From 6.2.2. Client provisions of Financial-grade API Security Profile 1.0 - Part 1: Baseline: *

*
*
    *
  1. * may send the {@code x-fapi-interaction-id} request header, in which case * the value shall be a RFC4122 UUID to the server to help correlate log * entries between client and server, e.g., * {@code x-fapi-interaction-id: c770aef3-6784-41f7-8e0e-ff5f97bddb3a}. *
*
* * @see Financial-grade API Security Profile 1.0 - Part 1: Baseline, 6.2.1. Protected resources provisions * * @see Financial-grade API Security Profile 1.0 - Part 1: Baseline, 6.2.2. Client provisions */ public static final String X_FAPI_INTERACTION_ID = "x-fapi-interaction-id"; /** * Compute the value suitable for the {@code x-fapi-interaction-id} HTTP * response header. * * @param incomingInteractionId * The value of the {@code x-fapi-interaction-id} HTTP request header. * This may be null. * * @return * If {@code incomingInteractionId} is given, the same value is * returned. Otherwise, a new value generated by * {@link #generateInteractionId()} is returned. * * @throws IllegalArgumentException * {@code incomingInteractionId} is not a valid UUID. */ public static String computeOutgoingInteractionId(String incomingInteractionId) throws IllegalArgumentException { // If there is no 'x-fapi-interaction-id' request header or its value is empty. if (incomingInteractionId == null || incomingInteractionId.isEmpty()) { // Generate a new interaction ID. return generateInteractionId(); } // Make sure that the incoming interaction ID is a valid UUID. // If the format of the incoming interaction ID is wrong, an // IllegalArgumentExcepion is thrown. UUID.fromString(incomingInteractionId); // Use the same value. return incomingInteractionId; } /** * Generate a value suitable for the {@code x-fapi-interaction-id} HTTP header. * * @return * A value suitable for the {@code x-fapi-interaction-id} HTTP header. */ public static String generateInteractionId() { return UUID.randomUUID().toString(); } }




© 2015 - 2025 Weber Informatics LLC | Privacy Policy