Class ScramClient.Builder

java.lang.Object

com.ongres.scram.client.ScramClient.Builder

All Implemented Interfaces:

ScramClient.FinalBuildStage, ScramClient.MechanismsBuildStage, ScramClient.PasswordBuildStage, ScramClient.UsernameBuildStage

Enclosing class:

ScramClient

static final class ScramClient.Builder
extends Object
implements ScramClient.MechanismsBuildStage, ScramClient.UsernameBuildStage, ScramClient.PasswordBuildStage, ScramClient.FinalBuildStage

Builds instances of type ScramClient. Initialize attributes and then invoke the build() method to create an instance.

Field Summary

Fields

Modifier and Type	Field	Description
(package private) String	authzid
(package private) byte[]	cbindData
(package private) String	cbindType
(package private) Gs2CbindFlag	channelBinding
(package private) byte[]	clientKey
(package private) String	nonce
(package private) int	nonceLength
(package private) Supplier<String>	nonceSupplier
(package private) char[]	password
(package private) byte[]	saltedPassword
(package private) Collection<String>	scramMechanisms
(package private) SecureRandom	secureRandom
(package private) ScramMechanism	selectedScramMechanism
(package private) byte[]	serverKey
(package private) StringPreparation	stringPreparation
(package private) String	username

Constructor Summary

Constructors

Modifier	Constructor	Description
private	Builder()

Method Summary

Modifier and Type	Method	Description
ScramClient.UsernameBuildStage	advertisedMechanisms(@NotNull Collection<@NotNull String> scramMechanisms)	List of the advertised mechanisms that will be negotiated between the server and the client.
ScramClient.FinalBuildStage	authzid(@NotNull String authzid)	Sets the authzid.
ScramClient	build()	Returns the fully contructed ScramClient ready to start the message flow with the server.
ScramClient.FinalBuildStage	channelBinding(@Nullable String cbindType, byte @Nullable [] cbindData)	If the client supports channel binding negotiation, this method sets the type and data used for channel binding.
ScramClient.FinalBuildStage	clientAndServerKey(byte @NotNull [] clientKey, byte @NotNull [] serverKey)	Sets the ClientKey/ServerKey.
private ScramMechanism	mechanismNegotiation()
ScramClient.FinalBuildStage	nonceLength(int length)	Sets a non-default length for the nonce generation.
ScramClient.FinalBuildStage	nonceSupplier(@NotNull Supplier<@NotNull String> nonceSupplier)	The client will use a default nonce generator, unless an external one is provided by this method.
ScramClient.FinalBuildStage	password(char @NotNull [] password)	Sets the password.
ScramClient.FinalBuildStage	saltedPassword(byte @NotNull [] saltedPassword)	Sets the SaltedPassword.
ScramClient.FinalBuildStage	secureRandomAlgorithmProvider(@NotNull String algorithm, @Nullable String provider)	Selects a non-default SecureRandom instance, based on the given algorithm and optionally provider.
private static @Nullable ScramMechanism	selectMechanism(@NotNull Collection<@NotNull String> scramMechanisms, boolean channelBinding)	This method classifies SCRAM mechanisms by two properties: whether they support channel binding; and a priority, which is higher for safer algorithms (like SHA-256 vs SHA-1).
ScramClient.FinalBuildStage	stringPreparation(@NotNull StringPreparation stringPreparation)	Sets the StringPreparation, is recommended to leave the default SASL_PREPARATION.
ScramClient.PasswordBuildStage	username(@NotNull String username)	Sets the username.

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

selectedScramMechanism

ScramMechanism selectedScramMechanism

scramMechanisms

Collection<String> scramMechanisms

channelBinding

Gs2CbindFlag channelBinding

stringPreparation

StringPreparation stringPreparation

nonceLength

int nonceLength

nonce

String nonce

secureRandom

SecureRandom secureRandom

username

String username

password

char[] password

saltedPassword

byte[] saltedPassword

clientKey

byte[] clientKey

serverKey

byte[] serverKey

cbindType

String cbindType

cbindData

byte[] cbindData

authzid

String authzid

nonceSupplier

Supplier<String> nonceSupplier

Constructor Details

Builder

private Builder()

Method Details

stringPreparation

public ScramClient.FinalBuildStage stringPreparation(@NotNull
 @NotNull StringPreparation stringPreparation)

Description copied from interface: ScramClient.FinalBuildStage

Sets the StringPreparation, is recommended to leave the default SASL_PREPARATION.

Specified by:

stringPreparation in interface ScramClient.FinalBuildStage

Parameters:

stringPreparation - type of string preparation normalization

Returns:

this builder for use in a chained invocation

channelBinding

public ScramClient.FinalBuildStage channelBinding(@Nullable
 @Nullable String cbindType,
 byte @Nullable [] cbindData)

Description copied from interface: ScramClient.FinalBuildStage

If the client supports channel binding negotiation, this method sets the type and data used for channel binding.

Specified by:

channelBinding in interface ScramClient.FinalBuildStage

Parameters:

cbindType - channel bynding type name

cbindData - channel binding data

Returns:

this builder for use in a chained invocation

authzid

public ScramClient.FinalBuildStage authzid(@NotNull
 @NotNull String authzid)

Description copied from interface: ScramClient.FinalBuildStage

Sets the authzid.

Specified by:

authzid in interface ScramClient.FinalBuildStage

Parameters:

authzid - the optional authorization id

Returns:

this builder for use in a chained invocation

username

public ScramClient.PasswordBuildStage username(@NotNull
 @NotNull String username)

Description copied from interface: ScramClient.UsernameBuildStage

Sets the username.

Specified by:

username in interface ScramClient.UsernameBuildStage

Parameters:

username - the required username

Returns:

this builder for use in a chained invocation

password

public ScramClient.FinalBuildStage password(char @NotNull [] password)

Description copied from interface: ScramClient.PasswordBuildStage

Sets the password.

Specified by:

password in interface ScramClient.PasswordBuildStage

Parameters:

password - the required password

Returns:

this builder for use in a chained invocation

saltedPassword

public ScramClient.FinalBuildStage saltedPassword(byte @NotNull [] saltedPassword)

Description copied from interface: ScramClient.PasswordBuildStage

Sets the SaltedPassword.

Specified by:

saltedPassword in interface ScramClient.PasswordBuildStage

Parameters:

saltedPassword - the required SaltedPassword

Returns:

this builder for use in a chained invocation

clientAndServerKey

public ScramClient.FinalBuildStage clientAndServerKey(byte @NotNull [] clientKey,
 byte @NotNull [] serverKey)

Description copied from interface: ScramClient.PasswordBuildStage

Sets the ClientKey/ServerKey.

Specified by:

clientAndServerKey in interface ScramClient.PasswordBuildStage

Parameters:

clientKey - the required ClientKey

serverKey - the required ServerKey

Returns:

this builder for use in a chained invocation

advertisedMechanisms

public ScramClient.UsernameBuildStage advertisedMechanisms(@NotNull
 @NotNull Collection<@NotNull String> scramMechanisms)

Description copied from interface: ScramClient.MechanismsBuildStage

List of the advertised mechanisms that will be negotiated between the server and the client.

Specified by:

advertisedMechanisms in interface ScramClient.MechanismsBuildStage

Parameters:

scramMechanisms - list with the IANA-registered mechanism name of this SASL client

Returns:

this builder for use in a chained invocation

nonceLength

public ScramClient.FinalBuildStage nonceLength(int length)

Description copied from interface: ScramClient.FinalBuildStage

Sets a non-default length for the nonce generation.

The default value is 24. This call overwrites the length used for the client nonce.

Specified by:

nonceLength in interface ScramClient.FinalBuildStage

Parameters:

length - The length of the nonce. Must be positive and greater than 0

Returns:

this builder for use in a chained invocation

nonceSupplier

public ScramClient.FinalBuildStage nonceSupplier(@NotNull
 @NotNull Supplier<@NotNull String> nonceSupplier)

Description copied from interface: ScramClient.FinalBuildStage

The client will use a default nonce generator, unless an external one is provided by this method.

Specified by:

nonceSupplier in interface ScramClient.FinalBuildStage

Parameters:

nonceSupplier - A supplier of valid nonce Strings. Please note that according to the SCRAM RFC only ASCII printable characters (except the comma, ',') are permitted on a nonce. Length is not limited.

Returns:

this builder for use in a chained invocation

secureRandomAlgorithmProvider

public ScramClient.FinalBuildStage secureRandomAlgorithmProvider(@NotNull
 @NotNull String algorithm,
 @Nullable
 @Nullable String provider)

Description copied from interface: ScramClient.FinalBuildStage

Selects a non-default SecureRandom instance, based on the given algorithm and optionally provider. This SecureRandom instance will be used to generate secure random values, like the ones required to generate the nonce. Algorithm and provider names are those supported by the SecureRandom class.

Specified by:

secureRandomAlgorithmProvider in interface ScramClient.FinalBuildStage

Parameters:

algorithm - The name of the algorithm to use

provider - The name of the provider of SecureRandom. Might be null

Returns:

this builder for use in a chained invocation

build

public ScramClient build()

Description copied from interface: ScramClient.FinalBuildStage

Returns the fully contructed ScramClient ready to start the message flow with the server.

Specified by:

build in interface ScramClient.FinalBuildStage

Returns:

ScramClient specific for the set of parameters

mechanismNegotiation

private ScramMechanism mechanismNegotiation()

selectMechanism

@Nullable
private static @Nullable ScramMechanism selectMechanism(@NotNull
 @NotNull Collection<@NotNull String> scramMechanisms,
 boolean channelBinding)

This method classifies SCRAM mechanisms by two properties: whether they support channel binding; and a priority, which is higher for safer algorithms (like SHA-256 vs SHA-1).

Parameters:

scramMechanisms - The mechanisms supported by the other peer

channelBinding - True to select -PLUS mechanisms.

Returns:

The selected mechanism, or null if no mechanism matched