signservice-integration-api

Logo

Signature Service Integration Service Java API

License

Java Signature Service Integration Service API.


Table of contents

  1. Introduction

    1.1. Design Principles

    1.2. Javadoc

    1.3. Distribution

  2. Configuration

  3. Creating a SignRequest

    3.1. SignRequestInput

    3.2. SignRequestData

  4. Processing a SignResponse

    4.1. Processing input

    4.2. SignatureResult


1. Introduction

TODO

1.1. Design Principles

TODO

No specific Jackson or GSON annotations Versioning Extensible objects (not so much subclassing)

1.2. Javadoc

The generated Javadoc at https://idsec-solutions.github.io/signservice-integration-api/javadoc/ contains the complete documentation of the Java API.

1.3. Distribution

The signservice-integration-api artifact is published to Maven central. Include its dependency by adding the following to your POM file:

<dependency>
  <groupId>se.idsec.signservice.integration</groupId>
  <artifactId>signservice-integration-api</artifactId>
  <version>${signservice-api.version}</version>
</dependency>

2. Configuration

An instance of a SignService Integration Service can function under one or several policies. Each policy has a configuration containing default settings for how to create sign requests and how to process sign responses, along with fixed settings such as signature certificates and the ID for the SignService.

An implementation probably has more settings per policy, but the settings that are of interest for the sign requester using the API are described in the IntegrationServiceDefaultConfiguration interface.

For more information about the configuration of a SignService Integration Service see the Configuration and Policies page.

3. Creating a SignRequest

The SignService Integration Service handles the complex process of creating a dss:SignRequest message that is to be sent to the Signature Service. This process includes:

The SignServiceIntegrationService interfaces defines the following method to create a SignRequest:

SignRequestData createSignRequest(
   SignRequestInput signRequestInput) throws SignServiceIntegrationException

3.1. SignRequestInput

The SignRequestInput class is used to set all input in order to create a SignRequest message. Generally, the SignService Integration Service is configured with a set of default values so in the normal case not all the attributes of the SignRequestInput instance need to be assigned. Below follows a minimal example of how a SignRequest is created:

final byte[] documentBytes = ...;
    
SignRequestInput input = SignRequestInput.builder()
  .signRequesterID("https://qa.test.swedenconnect.se/sp")
  .authnRequirements(AuthnRequirements.builder()
    .authnServiceID("https://idp-sweden-connect-valfr-2017-ct.test.frejaeid.com")
    .authnContextRef("http://id.elegnamnden.se/loa/1.0/loa3")
    .requestedSignerAttribute(SignerIdentityAttributeValue.builder()
      .name("urn:oid:1.2.752.29.4.13")
      .value("196911292032")
      .build())
    .build())
  .tbsDocument(TbsDocument.builder()
    .id("doc-1")
    .content(Base64.getEncoder().encodeToString(documentBytes))
    .mimeType(DocumentType.XML)
    .build())
  .signMessageParameters(
    SignMessageParameters.builder()
      .signMessage("I approve this contract")
      .mimeType(SignMessageMimeType.TEXT)
      .mustShow(true)
      .performEncryption(true)
      .displayEntity("https://idp-sweden-connect-valfr-2017-ct.test.frejaeid.com")
      .build())
  .build();
  
SignRequestData signRequest = integrationService.createSignRequest(input);

So, what is passed in?

3.2. SignRequestData

TODO

4. Processing a SignResponse

TODO

4.1. Processing input

TODO

4.2. SignatureResult


Copyright © 2019-2023, IDsec Solutions AB. Licensed under version 2.0 of the Apache License.