Class RepositoryRevocationSource<R extends Revocation>
java.lang.Object
eu.europa.esig.dss.spi.x509.revocation.RepositoryRevocationSource<R>
- Type Parameters:
R-CRLorOCSP
- All Implemented Interfaces:
MultipleRevocationSource<R>,RevocationSource<R>,Serializable
- Direct Known Subclasses:
JdbcRevocationSource
public abstract class RepositoryRevocationSource<R extends Revocation>
extends Object
implements RevocationSource<R>, MultipleRevocationSource<R>
Allows storing and retrieving of revocation data to/from a repository
(e.g. database)
- See Also:
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected RevocationSource<R> Data source used to access a revocation token that is not present in the repository -
Constructor Summary
ConstructorsModifierConstructorDescriptionprotectedDefault constructor instantiating object with null values -
Method Summary
Modifier and TypeMethodDescriptionprotected abstract List<RevocationToken<R>> findRevocations(String key, CertificateToken certificateToken, CertificateToken issuerCertToken) Finds a list of RevocationTokens in the cache for the givencertificateTokenwith the correspondingkeygetRevocationAccessUrls(CertificateToken certificateToken) Returns a revocation access URLs of the given revocation type for the providedCertificateTokenprotected StringgetRevocationSourceUrl(CertificateToken certificateToken, RevocationToken<R> revocationToken) Returns a revocation URL for the givenrevocationTokengetRevocationToken(CertificateToken certificateToken, CertificateToken issuerCertificateToken) This method retrieves aRevocationTokenfor the certificateTokengetRevocationToken(CertificateToken certificateToken, CertificateToken issuerCertificateToken, boolean forceRefresh) Retrieves a revocation token for the givenCertificateTokenprotected abstract StringgetRevocationTokenKey(CertificateToken certificateToken, String urlString) Gets a unique revocation token identifier used to store the revocation token for thiscertificateTokenwithin a repositorygetRevocationTokens(CertificateToken certificateToken, CertificateToken issuerCertificateToken) This method retrieves a list ofRevocationTokenfor the certificateTokengetRevocationTokens(CertificateToken certificateToken, CertificateToken issuerCertificateToken, boolean forceRefresh) Retrieves a list of revocation token for the givenCertificateTokeninitRevocationTokenKeys(CertificateToken certificateToken) Initialize a list of revocation token keysStringfrom the givenCertificateTokenprotected abstract voidinsertRevocation(String revocationKey, RevocationToken<R> token) Inserts a new RevocationToken into the cacheprotected booleanisNotExpired(RevocationToken<R> revocationToken, CertificateToken certificateTokenIssuer) Checks if the nextUpdate date is currently valid with respect of nextUpdateDelay and maxNexUpdateDelay parameters.protected abstract voidremoveRevocation(String revocationKey) Removes the RevocationToken from cache with the given keyvoidsetDefaultNextUpdateDelay(Long defaultNextUpdateDelay) Sets the default next update delay for the cached files in seconds.voidsetMaxNextUpdateDelay(Long maxNextUpdateDelay) Sets the maximum allowed nextUpdate delay for cached files in seconds.voidsetProxySource(RevocationSource<R> proxiedSource) The proxied revocation source to be called if the data is not available in the cachevoidsetRemoveExpired(boolean removeExpired) Sets whether the expired revocation data shall be removed from the cacheprotected abstract voidupdateRevocation(String revocationKey, RevocationToken<R> token) Updates the RevocationToken into cache
-
Field Details
-
proxiedSource
Data source used to access a revocation token that is not present in the repository
-
-
Constructor Details
-
RepositoryRevocationSource
protected RepositoryRevocationSource()Default constructor instantiating object with null values
-
-
Method Details
-
initRevocationTokenKeys
Initialize a list of revocation token keysStringfrom the givenCertificateToken- Parameters:
certificateToken-CertificateToken- Returns:
- list of
Stringrevocation keys
-
findRevocations
protected abstract List<RevocationToken<R>> findRevocations(String key, CertificateToken certificateToken, CertificateToken issuerCertToken) Finds a list of RevocationTokens in the cache for the givencertificateTokenwith the correspondingkey- Parameters:
key- the keyStringcertificateToken-CertificateTokenissuerCertToken-CertificateToken- Returns:
- a list of
RevocationTokenobjects
-
insertRevocation
Inserts a new RevocationToken into the cache- Parameters:
revocationKey-Stringtoken-RevocationToken
-
updateRevocation
Updates the RevocationToken into cache- Parameters:
revocationKey-Stringtoken-RevocationToken
-
removeRevocation
-
setDefaultNextUpdateDelay
Sets the default next update delay for the cached files in seconds. If more time has passed from the revocation token's thisUpdate and next update time is not specified, then a fresh copy is downloaded and cached, otherwise a cached copy is used.If revocation.nextUpdate = null, then nextUpdate = revocation.thisUpdate + defaultNextUpdateDelay- Parameters:
defaultNextUpdateDelay- long value (seconds)
-
setMaxNextUpdateDelay
Sets the maximum allowed nextUpdate delay for cached files in seconds. Allows to force refresh in case of long periods between revocation publication (eg : 6 months for ARL).If revocation.nextUpdate > revocation.thisUpdate + maxNextUpdateDelay, then nextUpdate = revocation.thisUpdate + maxNextUpdateDelay- Parameters:
maxNextUpdateDelay- long value (seconds)
-
setProxySource
The proxied revocation source to be called if the data is not available in the cache- Parameters:
proxiedSource- the proxiedSource to set
-
setRemoveExpired
public void setRemoveExpired(boolean removeExpired) Sets whether the expired revocation data shall be removed from the cacheDefault : TRUE (expired revocation data is being removed from the cache)
- Parameters:
removeExpired- the removeExpired to set
-
getRevocationToken
public RevocationToken<R> getRevocationToken(CertificateToken certificateToken, CertificateToken issuerCertificateToken) Description copied from interface:RevocationSourceThis method retrieves aRevocationTokenfor the certificateToken- Specified by:
getRevocationTokenin interfaceRevocationSource<R extends Revocation>- Parameters:
certificateToken- TheCertificateTokenfor which the request is madeissuerCertificateToken- TheCertificateTokenwhich is the issuer of the certificateToken- Returns:
- an instance of
RevocationToken
-
getRevocationToken
public RevocationToken<R> getRevocationToken(CertificateToken certificateToken, CertificateToken issuerCertificateToken, boolean forceRefresh) Retrieves a revocation token for the givenCertificateToken- Parameters:
certificateToken-CertificateTokenissuerCertificateToken-CertificateTokenof the issuer of certificateTokenforceRefresh- if true, explicitly skips the cache- Returns:
RevocationToken
-
getRevocationTokens
public List<RevocationToken<R>> getRevocationTokens(CertificateToken certificateToken, CertificateToken issuerCertificateToken) Description copied from interface:MultipleRevocationSourceThis method retrieves a list ofRevocationTokenfor the certificateToken- Specified by:
getRevocationTokensin interfaceMultipleRevocationSource<R extends Revocation>- Parameters:
certificateToken- TheCertificateTokenfor which the request is madeissuerCertificateToken- TheCertificateTokenwhich is the issuer of the certificateToken- Returns:
- a list of
RevocationToken
-
getRevocationTokens
public List<RevocationToken<R>> getRevocationTokens(CertificateToken certificateToken, CertificateToken issuerCertificateToken, boolean forceRefresh) Retrieves a list of revocation token for the givenCertificateToken- Parameters:
certificateToken-CertificateTokenissuerCertificateToken-CertificateTokenof the issuer of certificateTokenforceRefresh- if true, explicitly skips the cache- Returns:
- a list of
RevocationTokens
-
getRevocationSourceUrl
protected String getRevocationSourceUrl(CertificateToken certificateToken, RevocationToken<R> revocationToken) Returns a revocation URL for the givenrevocationToken- Parameters:
certificateToken-CertificateTokenrevocationToken-RevocationToken- Returns:
String
-
getRevocationAccessUrls
Returns a revocation access URLs of the given revocation type for the providedCertificateToken- Parameters:
certificateToken-CertificateTokento get revocation URLs for- Returns:
- a list of
StringURLs
-
getRevocationTokenKey
protected abstract String getRevocationTokenKey(CertificateToken certificateToken, String urlString) Gets a unique revocation token identifier used to store the revocation token for thiscertificateTokenwithin a repository- Parameters:
certificateToken-CertificateTokenurlString-Stringrepresenting a URL used to download the revocation token from- Returns:
Stringrevocation token key
-
isNotExpired
protected boolean isNotExpired(RevocationToken<R> revocationToken, CertificateToken certificateTokenIssuer) Checks if the nextUpdate date is currently valid with respect of nextUpdateDelay and maxNexUpdateDelay parameters.- Parameters:
revocationToken-CRLTokenorOCSPTokencertificateTokenIssuer- issuer of a CertificateToken to check the revocation for- Returns:
- TRUE if the token is still valid, FALSE otherwise
-