AttestationAdministrationClientBuilder Class

Package:

com.azure.security.attestation

Maven Artifact:

com.azure:azure-security-attestation:1.1.30

• java.lang.Object
• • com.azure.security.attestation.AttestationAdministrationClientBuilder

Implements

ConfigurationTrait<AttestationAdministrationClientBuilder> EndpointTrait<AttestationAdministrationClientBuilder> HttpTrait<AttestationAdministrationClientBuilder> TokenCredentialTrait<AttestationAdministrationClientBuilder>

public final class AttestationAdministrationClientBuilder
implements ConfigurationTrait<AttestationAdministrationClientBuilder>, EndpointTrait<AttestationAdministrationClientBuilder>, HttpTrait<AttestationAdministrationClientBuilder>, TokenCredentialTrait<AttestationAdministrationClientBuilder>

This class provides a fluent builder API to help add in the configuration and instantiation of the administrative APIs implemented by the Attestation Service: AttestationAdministrationClient and AttestationAdministrationAsyncClient classes calling the buildClient() or buildAsyncClient().

More information on attestation policies can be found here

There are two main families of APIs available from the Administration client.

• Attestation Policy Management
• Policy Management Certificate Management

The Policy Management APIs provide the ability to retrieve, modify and reset attestation policies. The policy management APIs are:

• getAttestationPolicy(AttestationType attestationType)
• getAttestationPolicy(AttestationType attestationType)
• setAttestationPolicy(AttestationType attestationType, AttestationPolicySetOptions options)
• setAttestationPolicy(AttestationType attestationType, AttestationPolicySetOptions options)
• resetAttestationPolicy(AttestationType attestationType, AttestationPolicySetOptions options)
• resetAttestationPolicy(AttestationType attestationType, AttestationPolicySetOptions options)

The Policy Management Certificate APIs provide the ability to manage the certificates which are used to establish authorization for Isolated mode attestation service instances. They include apis to enumerate, add and remove policy management certificates.

The minimal configuration options required by AttestationClientBuilder are:

• A String endpoint.
• A TokenCredential object.

Instantiate a synchronous Attestation Client

Java

AttestationAdministrationClient client = new AttestationAdministrationClientBuilder()
     .endpoint(endpoint)
     .credential(new DefaultAzureCredentialBuilder().build())
     .buildClient();

Java

AttestationAdministrationAsyncClient asyncClient = new AttestationAdministrationClientBuilder()
     .endpoint(endpoint)
     .credential(new DefaultAzureCredentialBuilder().build())
     .buildAsyncClient();

Constructor Summary

Constructor	Description
AttestationAdministrationClientBuilder()	Creates a new instance of the AttestationClientBuilder class.

Method Summary

Modifier and Type	Method and Description
AttestationAdministrationClientBuilder	addPolicy(HttpPipelinePolicy policy) Adds a HttpPipelinePolicy to apply on each request sent.
AttestationAdministrationAsyncClient	buildAsyncClient() Builds an instance of AttestationAsyncClient async client.
AttestationAdministrationClient	buildClient() Builds an instance of AttestationClient sync client.
AttestationAdministrationClientBuilder	clientOptions(ClientOptions clientOptions) Allows for setting common properties such as application ID, headers, proxy configuration, etc.
AttestationAdministrationClientBuilder	configuration(Configuration configuration) Sets the client-specific configuration used to retrieve client or global configuration properties when building a client.
AttestationAdministrationClientBuilder	credential(TokenCredential credential) Sets the TokenCredential used to authorize requests sent to the service.
AttestationAdministrationClientBuilder	endpoint(String endpoint) Sets The attestation endpoint URI, for example https://mytenant.attest.azure.net.
AttestationAdministrationClientBuilder	httpClient(HttpClient httpClient) Sets the HttpClient to use for sending and receiving requests to and from the service.
AttestationAdministrationClientBuilder	httpLogOptions(HttpLogOptions httpLogOptions) Sets the HttpLogOptions to use when sending and receiving requests to and from the service.
AttestationAdministrationClientBuilder	pipeline(HttpPipeline pipeline) Sets the HttpPipeline to use for the service client.
AttestationAdministrationClientBuilder	retryOptions(RetryOptions retryOptions) Sets the RetryOptions for all the requests made through the client.
AttestationAdministrationClientBuilder	retryPolicy(RetryPolicy retryPolicy) Sets The retry policy that will attempt to retry failed requests, if applicable.
AttestationAdministrationClientBuilder	serviceVersion(AttestationServiceVersion serviceVersion) Sets the desired API version for this attestation client.
AttestationAdministrationClientBuilder	tokenValidationOptions(AttestationTokenValidationOptions tokenValidationOptions) Sets AttestationToken validation options for clients created from this builder.

Methods inherited from java.lang.Object

clone equals finalize getClass hashCode notify notifyAll toString wait wait wait

Constructor Details

AttestationAdministrationClientBuilder

public AttestationAdministrationClientBuilder()

Creates a new instance of the AttestationClientBuilder class.

Method Details

addPolicy

public AttestationAdministrationClientBuilder addPolicy(HttpPipelinePolicy policy)

Adds a HttpPipelinePolicy to apply on each request sent.

Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a HttpPipeline is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If no HttpPipeline is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if an HttpPipeline is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.

Parameters:

policy - A HttpPipelinePolicy.

Returns:

this AttestationAdministrationClientBuilder.

buildAsyncClient

public AttestationAdministrationAsyncClient buildAsyncClient()

Builds an instance of AttestationAsyncClient async client. Instantiating a synchronous Attestation client:

Java

AttestationAdministrationAsyncClient asyncClient = new AttestationAdministrationClientBuilder()
     .endpoint(endpoint)
     .credential(new DefaultAzureCredentialBuilder().build())
     .buildAsyncClient();

Returns:

an instance of AttestationClient.

buildClient

public AttestationAdministrationClient buildClient()

Builds an instance of AttestationClient sync client. Instantiating a synchronous Attestation client:

Java

AttestationAdministrationClient client = new AttestationAdministrationClientBuilder()
     .endpoint(endpoint)
     .credential(new DefaultAzureCredentialBuilder().build())
     .buildClient();

Returns:

an instance of AttestationClient.

clientOptions

public AttestationAdministrationClientBuilder clientOptions(ClientOptions clientOptions)

Allows for setting common properties such as application ID, headers, proxy configuration, etc. Note that it is recommended that this method be called with an instance of the HttpClientOptions class (a subclass of the ClientOptions base class). The HttpClientOptions subclass provides more configuration options suitable for HTTP clients, which is applicable for any class that implements this HttpTrait interface.

Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a HttpPipeline is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If no HttpPipeline is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if an HttpPipeline is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.

Parameters:

clientOptions - A configured instance of HttpClientOptions.

Returns:

the updated AttestationAdministrationClientBuilder object

configuration

public AttestationAdministrationClientBuilder configuration(Configuration configuration)

Sets the client-specific configuration used to retrieve client or global configuration properties when building a client.

Parameters:

configuration - Configuration store used to retrieve client configurations.

Returns:

the AttestationClientBuilder.

credential

public AttestationAdministrationClientBuilder credential(TokenCredential credential)

Sets the TokenCredential used to authorize requests sent to the service. Refer to the Azure SDK for Java identity and authentication documentation for more details on proper usage of the TokenCredential type.

Parameters:

credential - TokenCredential used to authorize requests sent to the service.

Returns:

the AttestationClientBuilder.

endpoint

public AttestationAdministrationClientBuilder endpoint(String endpoint)

Sets The attestation endpoint URI, for example https://mytenant.attest.azure.net.

Parameters:

endpoint - The endpoint to connect to.

Returns:

the AttestationClientBuilder.

httpClient

public AttestationAdministrationClientBuilder httpClient(HttpClient httpClient)

Sets the HttpClient to use for sending and receiving requests to and from the service.

Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a HttpPipeline is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If no HttpPipeline is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if an HttpPipeline is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.

Parameters:

httpClient - The HttpClient to use for requests.

Returns:

the AttestationClientBuilder.

httpLogOptions

public AttestationAdministrationClientBuilder httpLogOptions(HttpLogOptions httpLogOptions)

Sets the HttpLogOptions to use when sending and receiving requests to and from the service. If a logLevel is not provided, default value of HttpLogDetailLevel#NONE is set.

Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a HttpPipeline is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If no HttpPipeline is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if an HttpPipeline is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.

Parameters:

httpLogOptions - The HttpLogOptions to use when sending and receiving requests to and from the service.

Returns:

the AttestationClientBuilder.

pipeline

public AttestationAdministrationClientBuilder pipeline(HttpPipeline pipeline)

Sets the HttpPipeline to use for the service client.

Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a HttpPipeline is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If no HttpPipeline is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if an HttpPipeline is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.

Parameters:

pipeline - HttpPipeline to use for sending service requests and receiving responses.

Returns:

the AttestationClientBuilder.

retryOptions

public AttestationAdministrationClientBuilder retryOptions(RetryOptions retryOptions)

Sets the RetryOptions for all the requests made through the client.

Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a HttpPipeline is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If no HttpPipeline is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if an HttpPipeline is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.

Setting this is mutually exclusive with using retryPolicy(RetryPolicy retryPolicy).

Parameters:

retryOptions - The RetryOptions to use for all the requests made through the client.

Returns:

the AttestationAdministrationClientBuilder.

retryPolicy

public AttestationAdministrationClientBuilder retryPolicy(RetryPolicy retryPolicy)

Sets The retry policy that will attempt to retry failed requests, if applicable.

Setting this is mutually exclusive with using retryOptions(RetryOptions retryOptions).

Parameters:

retryPolicy - the retryPolicy value.

Returns:

the AttestationClientBuilder.

serviceVersion

public AttestationAdministrationClientBuilder serviceVersion(AttestationServiceVersion serviceVersion)

Sets the desired API version for this attestation client.

Parameters:

serviceVersion - Specifies the API version to use in the outgoing API calls.

Returns:

the AttestationClientBuilder.

tokenValidationOptions

public AttestationAdministrationClientBuilder tokenValidationOptions(AttestationTokenValidationOptions tokenValidationOptions)

Sets AttestationToken validation options for clients created from this builder.

Because attestation service clients need to have the ability to validate that the data returned by the attestation service actually originated from within the service, most Attestation Service APIs embed their response in a RFC 7519 JSON Web Token.

The AttestationTokenValidationOptions provides a mechanism for a client to customize the validation of responses sent by the attestation service.

The tokenValidationOptions property sets the default validation options used by the AttestationClient or AttestationAsyncClient returned from this builder.

Note: most APIs allow this value to be overridden on a per-api basis if that flexibility is needed.

Java

AttestationAdministrationClient validatedClient = new AttestationAdministrationClientBuilder()
     .endpoint(endpoint)
     .tokenValidationOptions(new AttestationTokenValidationOptions()
         // Allow 10 seconds of clock drift between attestation service and client.
         .setValidationSlack(Duration.ofSeconds(10))
         .setValidationCallback((token, signer) -> { // Perform custom validation steps.
             System.out.printf("Validate token signed by signer %s\n",
                 signer.getCertificates().get(0).getSubjectDN().toString());
         }))
     .buildClient();

Parameters:

tokenValidationOptions -

• Validation options used when validating JSON Web Tokens returned by the attestation service.

Returns:

this AttestationAdministrationClientBuilder

Azure SDK for Java

Latest