com.oracle.bmc.identitydomains.model

Class ExtensionX509IdentityProvider.Builder

java.lang.Object

com.oracle.bmc.identitydomains.model.ExtensionX509IdentityProvider.Builder

Enclosing class:

ExtensionX509IdentityProvider

public static class ExtensionX509IdentityProvider.Builder
extends Object

Constructor Summary

Constructors

Constructor and Description
Builder()

Method Summary

Modifier and Type	Method and Description
ExtensionX509IdentityProvider	build()
ExtensionX509IdentityProvider.Builder	certMatchAttribute(String certMatchAttribute) X509 Certificate Matching Attribute
ExtensionX509IdentityProvider.Builder	copy(ExtensionX509IdentityProvider model)
ExtensionX509IdentityProvider.Builder	crlCheckOnOCSPFailureEnabled(Boolean crlCheckOnOCSPFailureEnabled) Fallback on CRL Validation if OCSP fails.
ExtensionX509IdentityProvider.Builder	crlEnabled(Boolean crlEnabled) Set to true to enable CRL Validation
ExtensionX509IdentityProvider.Builder	crlLocation(String crlLocation) CRL Location URL
ExtensionX509IdentityProvider.Builder	crlReloadDuration(Integer crlReloadDuration) Fetch the CRL contents every X minutes
ExtensionX509IdentityProvider.Builder	ekuValidationEnabled(Boolean ekuValidationEnabled) Set to true to enable EKU Validation
ExtensionX509IdentityProvider.Builder	ekuValues(List<ExtensionX509IdentityProvider.EkuValues> ekuValues) List of EKU which needs to be validated
ExtensionX509IdentityProvider.Builder	ocspAllowUnknownResponseStatus(Boolean ocspAllowUnknownResponseStatus) Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration
ExtensionX509IdentityProvider.Builder	ocspEnabled(Boolean ocspEnabled) Set to true to enable OCSP Validation
ExtensionX509IdentityProvider.Builder	ocspEnableSignedResponse(Boolean ocspEnableSignedResponse) Describes if the OCSP response is signed
ExtensionX509IdentityProvider.Builder	ocspResponderURL(String ocspResponderURL) This property specifies OCSP Responder URL.
ExtensionX509IdentityProvider.Builder	ocspRevalidateTime(Integer ocspRevalidateTime) Revalidate OCSP status for user after X hours
ExtensionX509IdentityProvider.Builder	ocspServerName(String ocspServerName) This property specifies the OCSP Server alias name
ExtensionX509IdentityProvider.Builder	ocspTrustCertChain(List<String> ocspTrustCertChain) OCSP Trusted Certificate Chain
ExtensionX509IdentityProvider.Builder	otherCertMatchAttribute(String otherCertMatchAttribute) Check for specific conditions of other certificate attributes
ExtensionX509IdentityProvider.Builder	signingCertificateChain(List<String> signingCertificateChain) Certificate alias list to create a chain for the incoming client certificate
ExtensionX509IdentityProvider.Builder	userMatchAttribute(String userMatchAttribute) This property specifies the userstore attribute value that must match the incoming certificate attribute.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Builder

public Builder()

Method Detail

certMatchAttribute

public ExtensionX509IdentityProvider.Builder certMatchAttribute(String certMatchAttribute)

X509 Certificate Matching Attribute

*Added In:** 2010242156

*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: true - returned: default - type: string - uniqueness: none

Parameters:

certMatchAttribute - the value to set

Returns:

this builder

userMatchAttribute

public ExtensionX509IdentityProvider.Builder userMatchAttribute(String userMatchAttribute)

This property specifies the userstore attribute value that must match the incoming certificate attribute.

*Added In:** 2010242156

*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: true - returned: default - type: string - uniqueness: none

Parameters:

userMatchAttribute - the value to set

Returns:

this builder

otherCertMatchAttribute

public ExtensionX509IdentityProvider.Builder otherCertMatchAttribute(String otherCertMatchAttribute)

Check for specific conditions of other certificate attributes

*Added In:** 2010242156

*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none

Parameters:

otherCertMatchAttribute - the value to set

Returns:

this builder

signingCertificateChain

public ExtensionX509IdentityProvider.Builder signingCertificateChain(List<String> signingCertificateChain)

Certificate alias list to create a chain for the incoming client certificate

*Added In:** 2010242156

*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: true - mutability: readWrite - required: true - returned: default - type: string - uniqueness: none

Parameters:

signingCertificateChain - the value to set

Returns:

this builder

ocspEnabled

public ExtensionX509IdentityProvider.Builder ocspEnabled(Boolean ocspEnabled)

Set to true to enable OCSP Validation

*Added In:** 2010242156

*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none

Parameters:

ocspEnabled - the value to set

Returns:

this builder

ocspServerName

public ExtensionX509IdentityProvider.Builder ocspServerName(String ocspServerName)

This property specifies the OCSP Server alias name

*Added In:** 2010242156

*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none

Parameters:

ocspServerName - the value to set

Returns:

this builder

ocspResponderURL

public ExtensionX509IdentityProvider.Builder ocspResponderURL(String ocspResponderURL)

This property specifies OCSP Responder URL.

*Added In:** 2010242156

*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none

Parameters:

ocspResponderURL - the value to set

Returns:

this builder

ocspAllowUnknownResponseStatus

public ExtensionX509IdentityProvider.Builder ocspAllowUnknownResponseStatus(Boolean ocspAllowUnknownResponseStatus)

Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration

*Added In:** 2010242156

*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none

Parameters:

ocspAllowUnknownResponseStatus - the value to set

Returns:

this builder

ocspRevalidateTime

public ExtensionX509IdentityProvider.Builder ocspRevalidateTime(Integer ocspRevalidateTime)

Revalidate OCSP status for user after X hours

*Added In:** 2010242156

*SCIM++ Properties:** - idcsMaxValue: 24 - idcsMinValue: 0 - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: integer - uniqueness: none

Parameters:

ocspRevalidateTime - the value to set

Returns:

this builder

ocspEnableSignedResponse

public ExtensionX509IdentityProvider.Builder ocspEnableSignedResponse(Boolean ocspEnableSignedResponse)

Describes if the OCSP response is signed

*Added In:** 2010242156

*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none

Parameters:

ocspEnableSignedResponse - the value to set

Returns:

this builder

ocspTrustCertChain

public ExtensionX509IdentityProvider.Builder ocspTrustCertChain(List<String> ocspTrustCertChain)

OCSP Trusted Certificate Chain

*Added In:** 2010242156

*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: true - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none

Parameters:

ocspTrustCertChain - the value to set

Returns:

this builder

crlEnabled

public ExtensionX509IdentityProvider.Builder crlEnabled(Boolean crlEnabled)

Set to true to enable CRL Validation

*Added In:** 2010242156

*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none

Parameters:

crlEnabled - the value to set

Returns:

this builder

crlCheckOnOCSPFailureEnabled

public ExtensionX509IdentityProvider.Builder crlCheckOnOCSPFailureEnabled(Boolean crlCheckOnOCSPFailureEnabled)

Fallback on CRL Validation if OCSP fails.

*Added In:** 2010242156

*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none

Parameters:

crlCheckOnOCSPFailureEnabled - the value to set

Returns:

this builder

crlLocation

public ExtensionX509IdentityProvider.Builder crlLocation(String crlLocation)

CRL Location URL

*Added In:** 2010242156

*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none

Parameters:

crlLocation - the value to set

Returns:

this builder

crlReloadDuration

public ExtensionX509IdentityProvider.Builder crlReloadDuration(Integer crlReloadDuration)

Fetch the CRL contents every X minutes

*Added In:** 2010242156

*SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: integer - uniqueness: none

Parameters:

crlReloadDuration - the value to set

Returns:

this builder

ekuValidationEnabled

public ExtensionX509IdentityProvider.Builder ekuValidationEnabled(Boolean ekuValidationEnabled)

Set to true to enable EKU Validation

*Added In:** 2304270343

*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none

Parameters:

ekuValidationEnabled - the value to set

Returns:

this builder

ekuValues

public ExtensionX509IdentityProvider.Builder ekuValues(List<ExtensionX509IdentityProvider.EkuValues> ekuValues)

List of EKU which needs to be validated

*Added In:** 2304270343

*SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: true - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none

Parameters:

ekuValues - the value to set

Returns:

this builder

build

public ExtensionX509IdentityProvider build()

copy

public ExtensionX509IdentityProvider.Builder copy(ExtensionX509IdentityProvider model)