Package se.idsec.signservice.integration.config

Interface IntegrationServiceDefaultConfiguration

All Superinterfaces:
Extensible, Serializable
public interface IntegrationServiceDefaultConfiguration extends Extensible
Interface that represents the default settings of a SignService Integration Service policy/instance.
Author:
Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)

  • Field Details

  • Method Details

    • getPolicy

      @Nonnull String getPolicy()
      Gets the integration policy name for which this configuration applies.
      Returns:
      the policy identifier

    • getDefaultSignRequesterID

      @Nullable String getDefaultSignRequesterID()
      Gets the default ID of the entity that requests a signature. If SAML is used as the authentication protocol, this is the SAML entityID of the sign requester.

      This value is used if SignRequestInput.getSignRequesterID() returns null.

      Returns:
      the default sign requester ID

    • getDefaultReturnUrl

      @Nullable String getDefaultReturnUrl()
      Gets the default URL to which the user agent along with the sign response message should be directed after a signature operation.

      This value is used if SignRequestInput.getReturnUrl() returns null.

      Returns:
      the default URL to which a sign response is to be returned

    • getDefaultSignatureAlgorithm

      @Nullable String getDefaultSignatureAlgorithm()
      Gets the default algorithm identifier for the signature algorithm that should be used during signing of specified tasks.

      This value is used if SignRequestInput.getSignatureAlgorithm() returns null.

      Returns:
      signature algorithm identifier

    • getSignServiceID

      @Nonnull String getSignServiceID()
      Gets the entityID of the signature service. If SAML is used as the authentication protocol, this is the SAML entityID of the SAML Service Provider that is running in the signature service.
      Returns:
      the ID of the signature service

    • getDefaultDestinationUrl

      @Nullable String getDefaultDestinationUrl()
      Gets the default signature service URL to where SignRequest messages should be posted.

      This value is used if SignRequestInput.getDestinationUrl() returns null.

      Returns:
      the default destination URL of the signature service to where sign messages should be posted

    • getDefaultAuthnServiceID

      @Nullable String getDefaultAuthnServiceID()
      In a setup where only one authentication service (IdP) is used to authenticate users, a default value could be used. If the AuthnRequirements.getAuthnServiceID() method returns null, the default value will be used.
      Returns:
      the entityID for the default authentication service, or null if no default exists
      See Also:

    • getDefaultAuthnContextRef

      @Nullable String getDefaultAuthnContextRef()
      In a setup where all users are authenticated according to the same authentication contect, a default value could be used. If the AuthnRequirements.getAuthnContextClassRefs() method returns null or is empty, the default value will be used.
      Returns:
      the default authentication context reference URI
      See Also:

    • getDefaultCertificateRequirements

      @Nullable SigningCertificateRequirements getDefaultCertificateRequirements()
      Gets the default signing certificate requirements to use for SignRequest messages created under this policy/configuration.

      This value is used if SignRequestInput.getCertificateRequirements() returns null.

      Returns:
      the default signing certificate requirements

    • getDefaultVisiblePdfSignatureRequirement

      @Nullable VisiblePdfSignatureRequirement getDefaultVisiblePdfSignatureRequirement()
      A policy may be configured to include a default "visible PDF signature requirement" for all PDF documents that are signed under this policy.
      Returns:
      the default visible PDF signature requirement to use for PDF signatures, or null

    • getPdfSignatureImageTemplates

      @Nullable List<? extends PdfSignatureImageTemplate> getPdfSignatureImageTemplates()
      A policy may have one, or more, image templates for visible PDF signatures in its configuration. See PdfSignatureImageTemplate. This method gets these templates.
      Returns:
      a list of image templates for visible PDF signatures, or null if none exists

    • getPdfSignaturePages

      @Nullable List<? extends PdfSignaturePage> getPdfSignaturePages()
      A policy may have one, or more, configured PDF signature pages. See ExtendedSignServiceIntegrationService.preparePdfDocument(String, byte[], PdfSignaturePagePreferences, Boolean, String) for a description of PDF signature pages. The first object in the list is regarded as the default page for the policy.
      Returns:
      a list of PDF signature pages for the policy, or null if no such pages are defined for the policy

    • getPdfPrepareSettings

      @Nonnull PdfPrepareSettings getPdfPrepareSettings()
      Gets the settings for preparing PDF documents.
      Returns:
      a PdfPrepareSettings
      See Also:

    • isStateless

      boolean isStateless()
      Tells whether the SignService Integration Service is running in stateless mode or not.

      A SignService Integration Service may execute in a stateless mode, meaning that it does not keep a session state and leaves it up to the caller to maintain the state between calls to SignServiceIntegrationService.createSignRequest(SignRequestInput) and SignServiceIntegrationService.processSignResponse(String, String, SignatureState, SignResponseProcessingParameters), or it may execute in a stateful mode, meaning that it keeps the necessary data between calls to SignServiceIntegrationService.createSignRequest(SignRequestInput) and SignServiceIntegrationService.processSignResponse(String, String, SignatureState, SignResponseProcessingParameters) and the only thing the caller needs to keep track of its the ID of the signature operation (see SignatureState.getId().

      Returns:
      if the SignService Integration Service is running in stateless mode true is returned, otherwise false
      See Also:

    • getDefaultEncryptionParameters

      @Nullable EncryptionParameters getDefaultEncryptionParameters()
      Gets the default encryption parameters (algorithms) that is used by the SignService Integration Service when encrypting a SignMessage. The sign requester can not override these values, but the recipient may declare other algorithms to use (in the SAML case, this is done in IdP metadata).
      Returns:
      the default encryption parameters

    • getSignatureCertificate

      @Nonnull String getSignatureCertificate()
      Gets the signing certificate that the SignService Integration Service uses to sign SignRequest messages.

      The format on the returned certificate is the Base64-encoding of the DER-encoding.

      Note: This certificate has nothing to do with the signing certificates that are issued by the sign service.

      Returns:
      the signature certificates for the SignService Integration Service

    • getSignServiceCertificates

      @Nonnull List<String> getSignServiceCertificates()
      Gets the signature service signing certificate(s) used by the signature service to sign SignResponse messages.

      The format on the returned certificates is the Base64-encoding of the DER-encoding.

      The reason that more than one certificate may be returned is to facilitate signature service key rollover.

      Returns:
      the signature service signing certificate(s)

    • getTrustAnchors

      @Nonnull List<String> getTrustAnchors()
      Gets the trust anchor certificate(s) of the SignService CA (Certificate Authority). With trust anchor we mean the trusted root certificate that is the root of the certificate chain that starts with the generated user signature certificate.

      The format on the returned certificates is the Base64-encoding of the DER-encoding.

      If an empty list is returned, this means that signature validation "trusts any" root.

      Returns:
      the SignService CA root certificate(s)