All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.deephaven.ssl.config.SSLConfig Maven / Gradle / Ivy

There is a newer version: 0.37.0
Show newest version
/**
 * Copyright (c) 2016-2022 Deephaven Data Labs and Patent Pending
 */
package io.deephaven.ssl.config;

import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
import io.deephaven.annotations.BuildableStyle;
import org.immutables.value.Value;
import org.immutables.value.Value.Default;
import org.immutables.value.Value.Immutable;

import java.io.IOException;
import java.net.URL;
import java.nio.file.Path;
import java.util.Optional;

/**
 * The SSL configuration object.
 *
 * @see io.deephaven.ssl.config
 */
@Immutable(copy = true)
@BuildableStyle
@JsonDeserialize(as = ImmutableSSLConfig.class)
public abstract class SSLConfig {

    public static Builder builder() {
        return ImmutableSSLConfig.builder();
    }

    /**
     * An empty SSL configuration, equivalent to {@code builder().build()}.
     *
     * @return the empty configuration
     */
    public static SSLConfig empty() {
        return builder().build();
    }

    public static SSLConfig parseJson(Path path) throws IOException {
        return Parser.parseJson(path.toFile(), SSLConfig.class);
    }

    public static SSLConfig parseJson(String value) throws IOException {
        return Parser.parseJson(value, SSLConfig.class);
    }

    public static SSLConfig parseJson(URL url) throws IOException {
        return Parser.parseJson(url, SSLConfig.class);
    }

    /**
     * The identity material. Optional for clients, necessary for servers.
     */
    public abstract Optional identity();

    /**
     * The optional trust material.
     */
    public abstract Optional trust();

    /**
     * The optional protocols.
     */
    public abstract Optional protocols();

    /**
     * The optional ciphers.
     */
    public abstract Optional ciphers();

    /**
     * The optional client authentication.
     */
    public abstract Optional clientAuthentication();

    public abstract SSLConfig withTrust(Trust trust);

    public abstract SSLConfig withProtocols(Protocols protocols);

    public abstract SSLConfig withCiphers(Ciphers ciphers);

    public final SSLConfig orTrust(Trust trust) {
        return trust().isPresent() ? this : withTrust(trust);
    }

    public final SSLConfig orProtocols(Protocols protocols) {
        return protocols().isPresent() ? this : withProtocols(protocols);
    }

    public final SSLConfig orCiphers(Ciphers ciphers) {
        return ciphers().isPresent() ? this : withCiphers(ciphers);
    }

    public enum ClientAuth {
        NONE, WANTED, NEEDED
    }

    public interface Builder {
        Builder identity(Identity identity);

        Builder trust(Trust trust);

        Builder protocols(Protocols protocols);

        Builder ciphers(Ciphers ciphers);

        Builder clientAuthentication(ClientAuth clientAuthentication);

        SSLConfig build();
    }

    @Value.Check
    final void checkMutualTLS() {
        if (clientAuthentication().orElse(ClientAuth.NONE) != ClientAuth.NONE) {
            if (!trust().isPresent()) {
                throw new IllegalArgumentException("Trust material must be present when requesting mutual TLS");
            }
            if (!identity().isPresent()) {
                throw new IllegalArgumentException("Identity material must be present when requesting mutual TLS");
            }
        }
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy