Package com.google.auth.mtls

Class SecureConnectProvider

java.lang.Object

com.google.auth.mtls.SecureConnectProvider

All Implemented Interfaces:

MtlsProvider

public class SecureConnectProvider
extends Object
implements MtlsProvider

This class implements MtlsProvider for the Google Auth library transport layer via ContextAwareMetadataJson. This is only meant to be used internally by Google Cloud libraries, and the public facing methods may be changed without notice, and have no guarantee of backwards compatibility.

Note: This implementation is derived from the existing "MtlsProvider" found in the Gax library, with two notable differences: 1) All logic associated with parsing environment variables related to "mTLS usage" are omitted - a separate helper class will be introduced in the Gax library to serve this purpose. 2) getKeyStore throws CertificateSourceUnavailableException instead of returning "null" if this cert source is not available on the device.

Additionally, this implementation will replace the existing "MtlsProvider" in the Gax library. The Gax library version of MtlsProvider will be marked as deprecated.

Constructor Summary

Constructors

Constructor	Description
SecureConnectProvider()

Method Summary

Modifier and Type	Method	Description
KeyStore	getKeyStore()	Returns a mutual TLS key store backed by the certificate provided by the SecureConnect tool.
boolean	isAvailable()	Returns true if the SecureConnect mTLS provider is available.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SecureConnectProvider

public SecureConnectProvider()

Method Details

getKeyStore

public KeyStore getKeyStore()
                     throws CertificateSourceUnavailableException,
IOException

Returns a mutual TLS key store backed by the certificate provided by the SecureConnect tool.

Specified by:

getKeyStore in interface MtlsProvider

Returns:

a KeyStore containing the certificate provided by the SecureConnect tool.

Throws:

CertificateSourceUnavailableException - if the certificate source is unavailable (ex. missing configuration file).

IOException - if a general I/O error occurs while creating the KeyStore.

isAvailable

public boolean isAvailable()
                    throws IOException

Returns true if the SecureConnect mTLS provider is available.

Specified by:

isAvailable in interface MtlsProvider

Throws:

IOException - if a general I/O error occurs while determining availability.