blob: 825ccac1ce92e7e85fdb8ad9b6944b94fae9816e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
<?php
declare(strict_types=1);
/**
* SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later
*/
namespace NCU\Security\Signature;
use NCU\Security\Signature\Model\IIncomingSignedRequest;
use NCU\Security\Signature\Model\ISignatory;
/**
* ISignatoryManager contains a group of method that will help
* - signing outgoing request
* - confirm the authenticity of incoming signed request.
*
* @experimental 31.0.0
* @since 31.0.0
*/
interface ISignatoryManager {
/**
* id of the signatory manager.
* This is used to store, confirm uniqueness and avoid conflict of the remote key pairs.
*
* Must be unique.
*
* @return string
* @since 31.0.0
*/
public function getProviderId(): string;
/**
* options that might affect the way the whole process is handled:
* [
* 'ttl' => 300,
* 'ttlSignatory' => 86400*3,
* 'extraSignatureHeaders' => [],
* 'algorithm' => 'sha256',
* 'dateHeader' => "D, d M Y H:i:s T",
* ]
*
* @return array
* @since 31.0.0
*/
public function getOptions(): array;
/**
* generate and returns local signatory including private and public key pair.
*
* Used to sign outgoing request
*
* @return ISignatory
* @since 31.0.0
*/
public function getLocalSignatory(): ISignatory;
/**
* retrieve details and generate signatory from remote instance.
* If signatory cannot be found, returns NULL.
*
* Used to confirm authenticity of incoming request.
*
* @param IIncomingSignedRequest $signedRequest
*
* @return ISignatory|null must be NULL if no signatory is found
* @since 31.0.0
*/
public function getRemoteSignatory(IIncomingSignedRequest $signedRequest): ?ISignatory;
}
|
