Class HeadersConfigurer.HpkpConfig

    • Method Detail

      • withPins

        public HeadersConfigurer.HpkpConfig withPins​(java.util.Map<java.lang.String,​java.lang.String> pins)

        Sets the value for the pin- directive of the Public-Key-Pins header.

        The pin directive specifies a way for web host operators to indicate a cryptographic identity that should be bound to a given web host. See Section 2.1.1 for additional details.

        Parameters:
        pins - the map of base64-encoded SPKI fingerprint & cryptographic hash algorithm pairs.
        Throws:
        java.lang.IllegalArgumentException - if pins is null
      • addSha256Pins

        public HeadersConfigurer.HpkpConfig addSha256Pins​(java.lang.String... pins)

        Adds a list of SHA256 hashed pins for the pin- directive of the Public-Key-Pins header.

        The pin directive specifies a way for web host operators to indicate a cryptographic identity that should be bound to a given web host. See Section 2.1.1 for additional details.

        Parameters:
        pins - a list of base64-encoded SPKI fingerprints.
        Throws:
        java.lang.IllegalArgumentException - if a pin is null
      • maxAgeInSeconds

        public HeadersConfigurer.HpkpConfig maxAgeInSeconds​(long maxAgeInSeconds)

        Sets the value (in seconds) for the max-age directive of the Public-Key-Pins header. The default is 60 days.

        This instructs browsers how long they should regard the host (from whom the message was received) as a known pinned host. See Section 2.1.2 for additional details.

        Parameters:
        maxAgeInSeconds - the maximum amount of time (in seconds) to regard the host as a known pinned host.
        Throws:
        java.lang.IllegalArgumentException - if maxAgeInSeconds is negative
      • includeSubDomains

        public HeadersConfigurer.HpkpConfig includeSubDomains​(boolean includeSubDomains)

        If true, the pinning policy applies to this pinned host as well as any subdomains of the host's domain name. The default is false.

        See Section 2.1.3 for additional details.

        Parameters:
        includeSubDomains - true to include subdomains, else false
      • reportOnly

        public HeadersConfigurer.HpkpConfig reportOnly​(boolean reportOnly)

        If true, the browser should not terminate the connection with the server. The default is true.

        See Section 2.1 for additional details.

        Parameters:
        reportOnly - true to report only, else false
      • reportUri

        public HeadersConfigurer.HpkpConfig reportUri​(java.net.URI reportUri)

        Sets the URI to which the browser should report pin validation failures.

        See Section 2.1.4 for additional details.

        Parameters:
        reportUri - the URI where the browser should send the report to.
      • reportUri

        public HeadersConfigurer.HpkpConfig reportUri​(java.lang.String reportUri)

        Sets the URI to which the browser should report pin validation failures.

        See Section 2.1.4 for additional details.

        Parameters:
        reportUri - the URI where the browser should send the report to.
        Throws:
        java.lang.IllegalArgumentException - if the reportUri is not a valid URI
      • and

        public HeadersConfigurer<H> and()
        Allows completing configuration of Public Key Pinning and continuing configuration of headers.
        Returns:
        the HeadersConfigurer for additional configuration