Package com.azure.security.attestation

Class AttestationClientBuilder

java.lang.Object
com.azure.security.attestation.AttestationClientBuilder
All Implemented Interfaces:
ConfigurationTrait<AttestationClientBuilder>, EndpointTrait<AttestationClientBuilder>, HttpTrait<AttestationClientBuilder>, TokenCredentialTrait<AttestationClientBuilder>
public final class AttestationClientBuilder extends Object implements ConfigurationTrait<AttestationClientBuilder>, EndpointTrait<AttestationClientBuilder>, HttpTrait<AttestationClientBuilder>, TokenCredentialTrait<AttestationClientBuilder>
This class provides a fluent builder API to help add in the configuration and instantiation of the AttestationClient and AttestationAsyncClient classes calling the buildClient() or buildAsyncClient().

The minimal configuration option required by AttestationClientBuilder is String endpoint. For the AttestationClient.attestTpm(String) API, the client also requires that a TokenCredential object be configured.

Instantiate a synchronous Attestation Client

 AttestationClient client = new AttestationClientBuilder()
     .endpoint(endpoint)
     .buildClient();
 
 AttestationAsyncClient asyncClient = new AttestationClientBuilder()
     .endpoint(endpoint)
     .buildAsyncClient();

Build a attestation client for use with the AttestationClient.attestTpm(String) API

 AttestationAsyncClient asyncClientForTpm = new AttestationClientBuilder()
     .endpoint(endpoint)
     .credential(new DefaultAzureCredentialBuilder().build())
     .buildAsyncClient();

  • Constructor Details

    • AttestationClientBuilder

      public AttestationClientBuilder()
      Creates a new instance of the AttestationClientBuilder class.

  • Method Details

    • buildClient

      public AttestationClient buildClient()
      Builds an instance of AttestationClient synchronous client. Instantiating a synchronous Attestation client: 
       AttestationClient client = new AttestationClientBuilder()
     .endpoint(endpoint)
     .buildClient();
      Returns:
      an instance of AttestationClient.
      Throws:
      IllegalStateException - If both retryOptions(RetryOptions) and retryPolicy(RetryPolicy) have been set.

    • buildAsyncClient

      public AttestationAsyncClient buildAsyncClient()
      Builds an instance of AttestationAsyncClient async client. Instantiating a synchronous Attestation client: 
       AttestationAsyncClient asyncClient = new AttestationClientBuilder()
     .endpoint(endpoint)
     .buildAsyncClient();
      Returns:
      an instance of AttestationClient.
      Throws:
      IllegalStateException - If both retryOptions(RetryOptions) and retryPolicy(RetryPolicy) have been set.

    • endpoint

      public AttestationClientBuilder endpoint(String endpoint)
      Sets The attestation endpoint URI, for example https://myinstance.attest.azure.net.
      Specified by:
      endpoint in interface EndpointTrait<AttestationClientBuilder>
      Parameters:
      endpoint - The endpoint to connect to.
      Returns:
      the AttestationClientBuilder.

    • serviceVersion

      public AttestationClientBuilder serviceVersion(AttestationServiceVersion serviceVersion)
      Sets the desired API version for this attestation client.
      Parameters:
      serviceVersion - Specifies the API version to use in the outgoing API calls.
      Returns:
      the AttestationClientBuilder.

    • credential

      public AttestationClientBuilder credential(TokenCredential credential)
      Sets the TokenCredential used to authorize requests sent to the service. Refer to the Azure SDK for Java identity and authentication documentation for more details on proper usage of the TokenCredential type.

      Note that this property is only required for the AttestationClient.attestTpm(String) and AttestationAsyncClient.attestTpm(String) APIs - other attestation APIs can be anonymous.

      Specified by:
      credential in interface TokenCredentialTrait<AttestationClientBuilder>
      Parameters:
      credential - TokenCredential used to authorize requests sent to the service.
      Returns:
      the AttestationClientBuilder.

    • pipeline

      public AttestationClientBuilder pipeline(HttpPipeline pipeline)
      Sets the HttpPipeline to use for the service client.

      Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a HttpPipeline is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If no HttpPipeline is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if an HttpPipeline is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.

      Specified by:
      pipeline in interface HttpTrait<AttestationClientBuilder>
      Parameters:
      pipeline - HttpPipeline to use for sending service requests and receiving responses.
      Returns:
      the AttestationClientBuilder.

    • httpClient

      public AttestationClientBuilder httpClient(HttpClient httpClient)
      Sets the HttpClient to use for sending and receiving requests to and from the service.

      Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a HttpPipeline is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If no HttpPipeline is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if an HttpPipeline is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.

      Specified by:
      httpClient in interface HttpTrait<AttestationClientBuilder>
      Parameters:
      httpClient - The HttpClient to use for requests.
      Returns:
      the AttestationClientBuilder.

    • configuration

      public AttestationClientBuilder configuration(Configuration configuration)
      Sets the client-specific configuration used to retrieve client or global configuration properties when building a client.
      Specified by:
      configuration in interface ConfigurationTrait<AttestationClientBuilder>
      Parameters:
      configuration - Configuration store used to retrieve client configurations.
      Returns:
      the AttestationClientBuilder.

    • httpLogOptions

      public AttestationClientBuilder httpLogOptions(HttpLogOptions httpLogOptions)
      Sets the logging configuration to use when sending and receiving requests to and from the service. If a logLevel is not provided, default value of HttpLogDetailLevel.NONE is set.

      Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a HttpPipeline is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If no HttpPipeline is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if an HttpPipeline is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.

      Specified by:
      httpLogOptions in interface HttpTrait<AttestationClientBuilder>
      Parameters:
      httpLogOptions - The logging configuration to use when sending and receiving requests to and from the service.
      Returns:
      the AttestationClientBuilder.

    • retryPolicy

      public AttestationClientBuilder retryPolicy(RetryPolicy retryPolicy)
      Sets The retry policy that will attempt to retry failed requests, if applicable.

      Setting this is mutually exclusive with using retryOptions(RetryOptions).

      Parameters:
      retryPolicy - the retryPolicy value.
      Returns:
      the AttestationClientBuilder.

    • retryOptions

      public AttestationClientBuilder retryOptions(RetryOptions retryOptions)
      Sets the RetryOptions for all the requests made through the client.

      Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a HttpPipeline is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If no HttpPipeline is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if an HttpPipeline is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.

      Setting this is mutually exclusive with using retryPolicy(RetryPolicy).

      Specified by:
      retryOptions in interface HttpTrait<AttestationClientBuilder>
      Parameters:
      retryOptions - The RetryOptions to use for all the requests made through the client.
      Returns:
      the AttestationClientBuilder.

    • addPolicy

      public AttestationClientBuilder addPolicy(HttpPipelinePolicy policy)
      Adds a pipeline policy to apply on each request sent.

      Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a HttpPipeline is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If no HttpPipeline is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if an HttpPipeline is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.

      Specified by:
      addPolicy in interface HttpTrait<AttestationClientBuilder>
      Parameters:
      policy - A pipeline policy.
      Returns:
      this AttestationClientBuilder.
      Throws:
      NullPointerException - If pipelinePolicy is null.

    • clientOptions

      public AttestationClientBuilder clientOptions(ClientOptions clientOptions)
      Allows for setting common properties such as application ID, headers, proxy configuration, etc. Note that it is recommended that this method be called with an instance of the HttpClientOptions class (a subclass of the ClientOptions base class). The HttpClientOptions subclass provides more configuration options suitable for HTTP clients, which is applicable for any class that implements this HttpTrait interface.

      Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a HttpPipeline is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If no HttpPipeline is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if an HttpPipeline is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.

      Specified by:
      clientOptions in interface HttpTrait<AttestationClientBuilder>
      Parameters:
      clientOptions - A configured instance of HttpClientOptions.
      Returns:
      the updated AttestationClientBuilder object
      See Also:

    • tokenValidationOptions

      public AttestationClientBuilder tokenValidationOptions(AttestationTokenValidationOptions tokenValidationOptions)
      Sets AttestationToken validation options for clients created from this builder.

      Because attestation service clients need to have the ability to validate that the data returned by the attestation service actually originated from within the service, most Attestation Service APIs embed their response in a RFC 7519 JSON Web Token.

      The AttestationTokenValidationOptions provides a mechanism for a client to customize the validation of responses sent by the attestation service.

      The tokenValidationOptions property sets the default validation options used by the AttestationClient or AttestationAsyncClient returned from this builder.

      Note: most APIs allow this value to be overridden on a per-api basis if that flexibility is needed.

       AttestationClient validatedClient = new AttestationClientBuilder()
     .endpoint(endpoint)
     .tokenValidationOptions(new AttestationTokenValidationOptions()
         // Allow 10 seconds of clock drift between attestation service and client.
         .setValidationSlack(Duration.ofSeconds(10))
         .setValidationCallback((token, signer) -> { // Perform custom validation steps.
             System.out.printf("Validate token signed by signer %s\n",
                 signer.getCertificates().get(0).getSubjectDN().toString());
         }))
     .buildClient();
      Parameters:
      tokenValidationOptions - - Validation options used when validating JSON Web Tokens returned by the attestation service.
      Returns:
      this AttestationClientBuilder