Package com.oracle.bmc.identitydomains.model

Class ExtensionX509IdentityProvider

  • @Generated(value="OracleSDKGenerator",
           comments="API Version: v1")
public final class ExtensionX509IdentityProvider
extends com.oracle.bmc.http.client.internal.ExplicitlySetBmcModel
    X509 Identity Provider Extension Schema
    Note: Objects should always be created or deserialized using the ExtensionX509IdentityProvider.Builder.

    This model distinguishes fields that are null because they are unset from fields that are explicitly set to null. This is done in the setter methods of the ExtensionX509IdentityProvider.Builder, which maintain a set of all explicitly set fields called ExtensionX509IdentityProvider.Builder.__explicitlySet__. The hashCode() and equals(Object) methods are implemented to take the explicitly set fields into account. The constructor, on the other hand, does not take the explicitly set fields into account (since the constructor cannot distinguish explicit null from unset null).

    • Constructor Detail

      • ExtensionX509IdentityProvider

        @Deprecated
@ConstructorProperties({"certMatchAttribute","userMatchAttribute","otherCertMatchAttribute","signingCertificateChain","ocspEnabled","ocspServerName","ocspResponderURL","ocspAllowUnknownResponseStatus","ocspRevalidateTime","ocspEnableSignedResponse","ocspTrustCertChain","crlEnabled","crlCheckOnOCSPFailureEnabled","crlLocation","crlReloadDuration","ekuValidationEnabled","ekuValues"})
public ExtensionX509IdentityProvider​(String certMatchAttribute,
                                     String userMatchAttribute,
                                     String otherCertMatchAttribute,
                                     List<String> signingCertificateChain,
                                     Boolean ocspEnabled,
                                     String ocspServerName,
                                     String ocspResponderURL,
                                     Boolean ocspAllowUnknownResponseStatus,
                                     Integer ocspRevalidateTime,
                                     Boolean ocspEnableSignedResponse,
                                     List<String> ocspTrustCertChain,
                                     Boolean crlEnabled,
                                     Boolean crlCheckOnOCSPFailureEnabled,
                                     String crlLocation,
                                     Integer crlReloadDuration,
                                     Boolean ekuValidationEnabled,
                                     List<ExtensionX509IdentityProvider.EkuValues> ekuValues)
        Deprecated.

    • Method Detail

      • getCertMatchAttribute

        public String getCertMatchAttribute()
        X509 Certificate Matching Attribute

        *Added In:** 2010242156

        *SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: true - returned: default - type: string - uniqueness: none

        Returns:
        the value

      • getUserMatchAttribute

        public String getUserMatchAttribute()
        This property specifies the userstore attribute value that must match the incoming certificate attribute.

        *Added In:** 2010242156

        *SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: true - returned: default - type: string - uniqueness: none

        Returns:
        the value

      • getOtherCertMatchAttribute

        public String getOtherCertMatchAttribute()
        Check for specific conditions of other certificate attributes

        *Added In:** 2010242156

        *SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none

        Returns:
        the value

      • getSigningCertificateChain

        public List<String> getSigningCertificateChain()
        Certificate alias list to create a chain for the incoming client certificate

        *Added In:** 2010242156

        *SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: true - mutability: readWrite - required: true - returned: default - type: string - uniqueness: none

        Returns:
        the value

      • getOcspEnabled

        public Boolean getOcspEnabled()
        Set to true to enable OCSP Validation

        *Added In:** 2010242156

        *SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none

        Returns:
        the value

      • getOcspServerName

        public String getOcspServerName()
        This property specifies the OCSP Server alias name

        *Added In:** 2010242156

        *SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none

        Returns:
        the value

      • getOcspResponderURL

        public String getOcspResponderURL()
        This property specifies OCSP Responder URL.

        *Added In:** 2010242156

        *SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none

        Returns:
        the value

      • getOcspAllowUnknownResponseStatus

        public Boolean getOcspAllowUnknownResponseStatus()
        Allow access if OCSP response is UNKNOWN or OCSP Responder does not respond within the timeout duration

        *Added In:** 2010242156

        *SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none

        Returns:
        the value

      • getOcspRevalidateTime

        public Integer getOcspRevalidateTime()
        Revalidate OCSP status for user after X hours

        *Added In:** 2010242156

        *SCIM++ Properties:** - idcsMaxValue: 24 - idcsMinValue: 0 - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: integer - uniqueness: none

        Returns:
        the value

      • getOcspEnableSignedResponse

        public Boolean getOcspEnableSignedResponse()
        Describes if the OCSP response is signed

        *Added In:** 2010242156

        *SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none

        Returns:
        the value

      • getOcspTrustCertChain

        public List<String> getOcspTrustCertChain()
        OCSP Trusted Certificate Chain

        *Added In:** 2010242156

        *SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: true - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none

        Returns:
        the value

      • getCrlEnabled

        public Boolean getCrlEnabled()
        Set to true to enable CRL Validation

        *Added In:** 2010242156

        *SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none

        Returns:
        the value

      • getCrlCheckOnOCSPFailureEnabled

        public Boolean getCrlCheckOnOCSPFailureEnabled()
        Fallback on CRL Validation if OCSP fails.

        *Added In:** 2010242156

        *SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none

        Returns:
        the value

      • getCrlLocation

        public String getCrlLocation()
        CRL Location URL

        *Added In:** 2010242156

        *SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none

        Returns:
        the value

      • getCrlReloadDuration

        public Integer getCrlReloadDuration()
        Fetch the CRL contents every X minutes

        *Added In:** 2010242156

        *SCIM++ Properties:** - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: integer - uniqueness: none

        Returns:
        the value

      • getEkuValidationEnabled

        public Boolean getEkuValidationEnabled()
        Set to true to enable EKU Validation

        *Added In:** 2304270343

        *SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: false - mutability: readWrite - required: false - returned: default - type: boolean - uniqueness: none

        Returns:
        the value

      • getEkuValues

        public List<ExtensionX509IdentityProvider.EkuValues> getEkuValues()
        List of EKU which needs to be validated

        *Added In:** 2304270343

        *SCIM++ Properties:** - caseExact: false - idcsSearchable: false - multiValued: true - mutability: readWrite - required: false - returned: default - type: string - uniqueness: none

        Returns:
        the value

      • toString

        public String toString()
        Overrides:
        toString in class com.oracle.bmc.http.client.internal.ExplicitlySetBmcModel

      • toString

        public String toString​(boolean includeByteArrayContents)
        Return a string representation of the object.
        Parameters:
        includeByteArrayContents - true to include the full contents of byte arrays
        Returns:
        string representation

      • equals

        public boolean equals​(Object o)
        Overrides:
        equals in class com.oracle.bmc.http.client.internal.ExplicitlySetBmcModel

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class com.oracle.bmc.http.client.internal.ExplicitlySetBmcModel