Class AttestationAdministrationClientBuilder
- All Implemented Interfaces:
ConfigurationTrait<AttestationAdministrationClientBuilder>
,EndpointTrait<AttestationAdministrationClientBuilder>
,HttpTrait<AttestationAdministrationClientBuilder>
,TokenCredentialTrait<AttestationAdministrationClientBuilder>
AttestationAdministrationClient
and
AttestationAdministrationAsyncClient
classes calling the
AttestationClientBuilder.buildClient()
or AttestationClientBuilder.buildAsyncClient()
.
More information on attestation policies can be found here
There are two main families of APIs available from the Administration client.- Attestation Policy Management
- Policy Management Certificate Management
-
AttestationAdministrationClient.getAttestationPolicy(AttestationType)
-
AttestationAdministrationAsyncClient.getAttestationPolicy(AttestationType)
-
AttestationAdministrationClient.setAttestationPolicy(AttestationType, AttestationPolicySetOptions)
-
AttestationAdministrationAsyncClient.setAttestationPolicy(AttestationType, AttestationPolicySetOptions)
-
AttestationAdministrationClient.resetAttestationPolicy(AttestationType, AttestationPolicySetOptions)
-
AttestationAdministrationAsyncClient.resetAttestationPolicy(AttestationType, AttestationPolicySetOptions)
The Policy Management Certificate APIs provide the ability to manage the certificates which are used to establish authorization for Isolated mode attestation service instances. They include apis to enumerate, add and remove policy management certificates.
The minimal configuration options required by AttestationClientBuilder
are:
- A
String
endpoint. - A
TokenCredential
object.
Instantiate a synchronous Attestation Client
AttestationAdministrationClient client = new AttestationAdministrationClientBuilder() .endpoint(endpoint) .credential(new DefaultAzureCredentialBuilder().build()) .buildClient();
AttestationAdministrationAsyncClient asyncClient = new AttestationAdministrationClientBuilder() .endpoint(endpoint) .credential(new DefaultAzureCredentialBuilder().build()) .buildAsyncClient();
-
Constructor Summary
ConstructorDescriptionCreates a new instance of the AttestationClientBuilder class. -
Method Summary
Modifier and TypeMethodDescriptionaddPolicy
(HttpPipelinePolicy policy) Adds apipeline policy
to apply on each request sent.Builds an instance of AttestationAsyncClient async client.Builds an instance of AttestationClient sync client.clientOptions
(ClientOptions clientOptions) Allows for setting common properties such as application ID, headers, proxy configuration, etc.configuration
(Configuration configuration) Sets the client-specific configuration used to retrieve client or global configuration properties when building a client.credential
(TokenCredential credential) Sets theTokenCredential
used to authorize requests sent to the service.Sets The attestation endpoint URI, for example https://mytenant.attest.azure.net.httpClient
(HttpClient httpClient) Sets theHttpClient
to use for sending and receiving requests to and from the service.httpLogOptions
(HttpLogOptions httpLogOptions) Sets thelogging configuration
to use when sending and receiving requests to and from the service.pipeline
(HttpPipeline pipeline) Sets theHttpPipeline
to use for the service client.retryOptions
(RetryOptions retryOptions) Sets theRetryOptions
for all the requests made through the client.retryPolicy
(RetryPolicy retryPolicy) Sets The retry policy that will attempt to retry failed requests, if applicable.serviceVersion
(AttestationServiceVersion serviceVersion) Sets the desired API version for this attestation client.tokenValidationOptions
(AttestationTokenValidationOptions tokenValidationOptions) SetsAttestationToken
validation options for clients created from this builder.
-
Constructor Details
-
AttestationAdministrationClientBuilder
public AttestationAdministrationClientBuilder()Creates a new instance of the AttestationClientBuilder class.
-
-
Method Details
-
buildClient
Builds an instance of AttestationClient sync client. Instantiating a synchronous Attestation client:
AttestationAdministrationClient client = new AttestationAdministrationClientBuilder() .endpoint(endpoint) .credential(new DefaultAzureCredentialBuilder().build()) .buildClient();
- Returns:
- an instance of
AttestationClient
. - Throws:
IllegalStateException
- If bothretryOptions(RetryOptions)
andretryPolicy(RetryPolicy)
have been set.
-
buildAsyncClient
Builds an instance of AttestationAsyncClient async client. Instantiating a synchronous Attestation client:
AttestationAdministrationAsyncClient asyncClient = new AttestationAdministrationClientBuilder() .endpoint(endpoint) .credential(new DefaultAzureCredentialBuilder().build()) .buildAsyncClient();
- Returns:
- an instance of
AttestationClient
. - Throws:
IllegalStateException
- If bothretryOptions(RetryOptions)
andretryPolicy(RetryPolicy)
have been set.
-
endpoint
Sets The attestation endpoint URI, for example https://mytenant.attest.azure.net.- Specified by:
endpoint
in interfaceEndpointTrait<AttestationAdministrationClientBuilder>
- Parameters:
endpoint
- The endpoint to connect to.- Returns:
- the AttestationClientBuilder.
-
serviceVersion
public AttestationAdministrationClientBuilder serviceVersion(AttestationServiceVersion serviceVersion) Sets the desired API version for this attestation client.- Parameters:
serviceVersion
- Specifies the API version to use in the outgoing API calls.- Returns:
- the AttestationClientBuilder.
-
credential
Sets theTokenCredential
used to authorize requests sent to the service. Refer to the Azure SDK for Java identity and authentication documentation for more details on proper usage of theTokenCredential
type.- Specified by:
credential
in interfaceTokenCredentialTrait<AttestationAdministrationClientBuilder>
- Parameters:
credential
-TokenCredential
used to authorize requests sent to the service.- Returns:
- the AttestationClientBuilder.
-
pipeline
Sets theHttpPipeline
to use for the service client.Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a
HttpPipeline
is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If noHttpPipeline
is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if anHttpPipeline
is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.- Specified by:
pipeline
in interfaceHttpTrait<AttestationAdministrationClientBuilder>
- Parameters:
pipeline
-HttpPipeline
to use for sending service requests and receiving responses.- Returns:
- the AttestationClientBuilder.
-
httpClient
Sets theHttpClient
to use for sending and receiving requests to and from the service.Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a
HttpPipeline
is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If noHttpPipeline
is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if anHttpPipeline
is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.- Specified by:
httpClient
in interfaceHttpTrait<AttestationAdministrationClientBuilder>
- Parameters:
httpClient
- TheHttpClient
to use for requests.- Returns:
- the AttestationClientBuilder.
-
configuration
Sets the client-specific configuration used to retrieve client or global configuration properties when building a client.- Specified by:
configuration
in interfaceConfigurationTrait<AttestationAdministrationClientBuilder>
- Parameters:
configuration
- Configuration store used to retrieve client configurations.- Returns:
- the AttestationClientBuilder.
-
httpLogOptions
Sets thelogging configuration
to use when sending and receiving requests to and from the service. If alogLevel
is not provided, default value ofHttpLogDetailLevel.NONE
is set.Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a
HttpPipeline
is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If noHttpPipeline
is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if anHttpPipeline
is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.- Specified by:
httpLogOptions
in interfaceHttpTrait<AttestationAdministrationClientBuilder>
- Parameters:
httpLogOptions
- Thelogging configuration
to use when sending and receiving requests to and from the service.- Returns:
- the AttestationClientBuilder.
-
retryPolicy
Sets The retry policy that will attempt to retry failed requests, if applicable.Setting this is mutually exclusive with using
retryOptions(RetryOptions)
.- Parameters:
retryPolicy
- the retryPolicy value.- Returns:
- the AttestationClientBuilder.
-
retryOptions
Sets theRetryOptions
for all the requests made through the client.Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a
HttpPipeline
is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If noHttpPipeline
is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if anHttpPipeline
is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.Setting this is mutually exclusive with using
retryPolicy(RetryPolicy)
.- Specified by:
retryOptions
in interfaceHttpTrait<AttestationAdministrationClientBuilder>
- Parameters:
retryOptions
- TheRetryOptions
to use for all the requests made through the client.- Returns:
- the AttestationAdministrationClientBuilder.
-
clientOptions
Allows for setting common properties such as application ID, headers, proxy configuration, etc. Note that it is recommended that this method be called with an instance of theHttpClientOptions
class (a subclass of theClientOptions
base class). The HttpClientOptions subclass provides more configuration options suitable for HTTP clients, which is applicable for any class that implements this HttpTrait interface.Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a
HttpPipeline
is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If noHttpPipeline
is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if anHttpPipeline
is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.- Specified by:
clientOptions
in interfaceHttpTrait<AttestationAdministrationClientBuilder>
- Parameters:
clientOptions
- A configured instance ofHttpClientOptions
.- Returns:
- the updated
AttestationAdministrationClientBuilder
object - See Also:
-
addPolicy
Adds apipeline policy
to apply on each request sent.Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a
HttpPipeline
is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If noHttpPipeline
is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if anHttpPipeline
is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.- Specified by:
addPolicy
in interfaceHttpTrait<AttestationAdministrationClientBuilder>
- Parameters:
policy
- Apipeline policy
.- Returns:
- this
AttestationAdministrationClientBuilder
. - Throws:
NullPointerException
- IfpipelinePolicy
isnull
.
-
tokenValidationOptions
public AttestationAdministrationClientBuilder tokenValidationOptions(AttestationTokenValidationOptions tokenValidationOptions) SetsAttestationToken
validation options for clients created from this builder.Because attestation service clients need to have the ability to validate that the data returned by the attestation service actually originated from within the service, most Attestation Service APIs embed their response in a RFC 7519 JSON Web Token.
The
AttestationTokenValidationOptions
provides a mechanism for a client to customize the validation of responses sent by the attestation service.The
tokenValidationOptions
property sets the default validation options used by theAttestationClient
orAttestationAsyncClient
returned from this builder.Note: most APIs allow this value to be overridden on a per-api basis if that flexibility is needed.
AttestationAdministrationClient validatedClient = new AttestationAdministrationClientBuilder() .endpoint(endpoint) .tokenValidationOptions(new AttestationTokenValidationOptions() // Allow 10 seconds of clock drift between attestation service and client. .setValidationSlack(Duration.ofSeconds(10)) .setValidationCallback((token, signer) -> { // Perform custom validation steps. System.out.printf("Validate token signed by signer %s\n", signer.getCertificates().get(0).getSubjectDN().toString()); })) .buildClient();
- Parameters:
tokenValidationOptions
- - Validation options used when validating JSON Web Tokens returned by the attestation service.- Returns:
- this
AttestationAdministrationClientBuilder
-