Class AllowedIdSupplierSpiffeIdVerifier

java.lang.Object

io.spiffe.provider.AllowedIdSupplierSpiffeIdVerifier

All Implemented Interfaces:

SpiffeIdVerifier

public class AllowedIdSupplierSpiffeIdVerifier
extends Object
implements SpiffeIdVerifier

Constructor Summary

Constructors

Constructor	Description
AllowedIdSupplierSpiffeIdVerifier(@NonNull Supplier<Set<io.spiffe.spiffeid.SpiffeId>> allowedSpiffeIdsSupplier)

Method Summary

Modifier and Type	Method	Description
void	verify(io.spiffe.spiffeid.SpiffeId spiffeId, X509Certificate[] verifiedChain)	Verify that an X509-SVID is acceptable.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AllowedIdSupplierSpiffeIdVerifier

public AllowedIdSupplierSpiffeIdVerifier(@NonNull
 @NonNull Supplier<Set<io.spiffe.spiffeid.SpiffeId>> allowedSpiffeIdsSupplier)

Method Details

verify

public void verify(io.spiffe.spiffeid.SpiffeId spiffeId,
 X509Certificate[] verifiedChain)
            throws SpiffeVerificationException

Description copied from interface: SpiffeIdVerifier

Verify that an X509-SVID is acceptable. This method receives the SPIFFE ID of the SVID and the certificate chain.

Specified by:

verify in interface SpiffeIdVerifier

Parameters:

spiffeId - the SPIFFE ID of the SVID

verifiedChain - the certificate chain with the X509-SVID certificate back to an X.509 root for the trust domain.

Throws:

SpiffeVerificationException - if there was an error verifying the SPIFFE ID or it wasn't considered valid.