001/*
002 * (C) Copyright 2010 Nuxeo SAS (http://nuxeo.com/) and contributors.
003 *
004 * All rights reserved. This program and the accompanying materials
005 * are made available under the terms of the GNU Lesser General Public License
006 * (LGPL) version 2.1 which accompanies this distribution, and is available at
007 * http://www.gnu.org/licenses/lgpl.html
008 *
009 * This library is distributed in the hope that it will be useful,
010 * but WITHOUT ANY WARRANTY; without even the implied warranty of
011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012 * Lesser General Public License for more details.
013 *
014 * Contributors:
015 *     Nuxeo - initial API and implementation
016 */
017
018package org.nuxeo.ecm.platform.oauth.keys;
019
020import org.nuxeo.ecm.platform.oauth.consumers.NuxeoOAuthConsumer;
021
022/**
023 * Service to manage the key and shared secret used by Nuxeo server :
024 * <ul>
025 * <li>private/public key pair used by Nuxeo to use Signed request with RSA
026 * <li>shared key between Nuxeo and Shindig to manage Signed Fetch
027 * </ul>
028 *
029 * @author tiry
030 */
031public interface OAuthServerKeyManager {
032
033    /**
034     * Returns the Public Key certificate used by Nuxeo server to do RSA Signing.
035     */
036    String getPublicKeyCertificate();
037
038    /**
039     * Returns the Public Key certificate used by Nuxeo server to do RSA Signing. (Removes OpenSSL decorators).
040     */
041    String getBarePublicCertificate();
042
043    /**
044     * Returns the Private Key used by Nuxeo server to do RSA Signing.
045     */
046    String getPrivateKey();
047
048    /**
049     * Returns the Private Key used by Nuxeo server to do RSA Signing. (Removes OpenSSL decorators).
050     */
051    String getBarePrivateKey();
052
053    /**
054     * Returns key name (not really used).
055     */
056    String getKeyName();
057
058    /**
059     * Returns the consumerKey used in Shindig => Nuxeo sign fetch.
060     */
061    String getInternalKey();
062
063    /**
064     * Returns the consumerSecret (HMAC) used in Shindig => Nuxeo sign fetch.
065     */
066    String getInternalSecret();
067
068    /**
069     * Returns the {@link NuxeoOAuthConsumer} representing local (embedded) Shindig instance.
070     */
071    NuxeoOAuthConsumer getInternalConsumer();
072
073}