Package org.opensaml.storage

Interface RevocationCache

All Known Implementing Classes:
StorageServiceRevocationCache
@ThreadSafe public interface RevocationCache
Interface to a cache that tracks revoked information.

Revocation may include specific information for storage and retrieval, or simply a tracking of revoked status.

  • Method Details

    • revoke

      default boolean revoke(@Nonnull @NotEmpty String context, @Nonnull @NotEmpty String key)
      Invokes revoke(String, String, Duration) with a default expiration parameter.
      Parameters:
      context - a context label to subdivide the cache
      key - key to revoke
      Returns:
      true if key has successfully been listed as revoked in the cache

    • revoke

      default boolean revoke(@Nonnull @NotEmpty String context, @Nonnull @NotEmpty String key, @Nonnull Duration exp)
      Invokes revoke(String, String, String, Duration) with a placeholder value parameter.
      Parameters:
      context - a context label to subdivide the cache
      key - key to revoke
      exp - entry expiration
      Returns:
      true if key has successfully been listed as revoked in the cache
      Since:
      4.3.0

    • revoke

      boolean revoke(@Nonnull @NotEmpty String context, @Nonnull @NotEmpty String key, @Nonnull @NotEmpty String value)
      Invokes revoke(String, String, String, Duration) with a default expiration parameter.

      If the key has already been revoked, expiration is updated.

      Parameters:
      context - a context label to subdivide the cache
      key - key to revoke
      value - value to insert into revocation record
      Returns:
      true if key has successfully been listed as revoked in the cache
      Since:
      4.3.0

    • revoke

      boolean revoke(@Nonnull @NotEmpty String context, @Nonnull @NotEmpty String key, @Nonnull @NotEmpty String value, @Nonnull Duration exp)
      Returns true if the value is successfully revoked.

      If the key has already been revoked, expiration is updated.

      Parameters:
      context - a context label to subdivide the cache
      key - key to revoke
      value - value to insert into revocation record
      exp - entry expiration
      Returns:
      true if key has successfully been listed as revoked in the cache
      Since:
      4.3.0

    • unrevoke

      boolean unrevoke(@Nonnull @NotEmpty String context, @Nonnull @NotEmpty String key)
      Remove a revocation record.
      Parameters:
      context - a context label to subdivide the cache
      key - value to remove
      Returns:
      true iff a record was removed
      Since:
      4.3.0

    • isRevoked

      boolean isRevoked(@Nonnull @NotEmpty String context, @Nonnull @NotEmpty String key)
      Returns true iff the value has been revoked.
      Parameters:
      context - a context label to subdivide the cache
      key - value to check
      Returns:
      true iff the check value is found in the cache

    • getRevocationRecord

      @Nullable String getRevocationRecord(@Nonnull @NotEmpty String context, @Nonnull @NotEmpty String key) throws IOException
      Attempts to read back a revocation record for a given context and key.

      This alternative approach allows revocation records to include richer data, rather than simple presence/absence as a signal.

      Parameters:
      context - revocation context
      key - revocation key
      Returns:
      the matching record, if found, or null if absent
      Throws:
      IOException - raised if an error occurs leading to an indeterminate result
      Since:
      4.3.0