Notice: This Wiki is now read only and edits are no longer possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Org.eclipse.higgins.icard
This page describes the one mandatory I-Card interface that all types of Higgins-compatible I-Cards must implement, as well as these optional interfaces:
- TokenIssuerCard
- IdASCard
Base ICard Interface
All I-Cards must implement the ICard Interface:
// Return the human friendly name of the card String getDisplayName(); // Set the human friendly name of the card void setDisplayName(String); // Return true if this card only manages information about a // exactly one Digital Subject boolean isSingle(); // Returns if 'isSingle()' is true, an optional contextually-unique identifier for the Digital Subject // Otherwise return null. String getCUID(); // Return an identifier that is at least unique for the associated card issuer or creator URI getCardID(); // Returns the human friendly name of the card issuer, originator, creator String getIssuerName(); // Sets the card's human friendly name of the card issuer, originator, creator void setIssuerName(String name); // Returns a background image of the card Image getCardImage(); // Sets the background image of the card void setCardImage(Image image); // Return the mime type of the background image (JPEG or GIF) String getImageMimeType(); // Returns when the card was first issued, created, orginated Date getTimeIssued(); // Returns (optionally) the time after which the card should // be considered expired, invalid. Otherwise returns null Date getExpiredTime(); // Set the expiration date and time void setExpiredTime(Date date); // Return the date and time after which the card should be // treated as expired and invalid. If there is no expiration // If card handles only simple claim types then // return a list of all possible types of claims that are supported // throw exception otherwise // This is here for backward compatibility with CardSpace cards List getSupportedSimpleClaimTypes(); // If card handles complex claim/attribute types then // return a data structure containing nested lists of claim types and // string values (this needs work!) TBD getSupportedComplexClaimSchema(); // Retrieve the value of a simple claim type // Note: Implementations of this method will likely retreive and cache all // supported simple claim type values in in a single operation for performance // reasons // Returns the value of the claim type ClaimType String getClaimValue(String ClaimType);
// TBD: how to retrieve the value of complex claim types // Given a relying party policy Policy, return true // if this card can provide the claims required/desired by the relying party // else return false // Note: we have discussed the need (esp for Idemix support) to indicate the // degree of match, not just a boolean. boolean isMatch(Policy); // Return whether the user wishes to be asked for explicit release of // this card's information (i) every time it is requested (ii) only // the first time it is requested (iii) never ReleasePolicy getReleasePolicy(); // Set the release policy of this card void setReleasePolicy(ReleasePolicy); // Return a list of the types of expored card data stream formats supported // ?? presumably a CardFormat also mentions XML language and/or version number List getSupportedExportFormats(); // Return a data stream containing a serialization of the card // The format depends on the kind of card // E.g. CardSpace I-Cards will export CardSpace format data String export(CardFormat format);
To Do
- Need methods to get/set the access control list idea (see I-Card)
TokenIssuerCard Interface
Some types of I-Cards may implement this interface.
// If card is of type (1) then return a Digital Identity // that satisfies the policy policy // The credential parameter used to authenticate to the // Token Issuer–-may be null if Token Issuer policy doesn’t require it DigitalIdentity requestDigitalIdentity(Policy policy, DigitalIdentity credential); // Return the EPR of the card issuer // For CardSpace cards this is either the local STS endpoint (for // self-asserted cards) or a remote STS (for managed cards) EndpointReference getCardIssuerEndpoint(); // Return a list of {endpoint references, credential hint, credential selector} List getTokenServices() // Return a list of supported token types List getSupportedTokenTypes(); // Is the RP identity required in the token request message? boolean getRequireAppliesTo() // Returns the issuer that is referenced in the returned RSTR (or null if no issuer is listed) String getIssuedTokenIssuer();
IdASCard
Some types of I-Cards may implement this interface. If ICard.isSingle() is true, then implementation can invoke ICard.getCUID() to retreive the CUID of the Digital Subject with the Context returned by IdASCard.getContextRef() below.
// Return the EPR of the IdAS service this card uses EndpointReference getIdASEndpoint(); // Return the IdAS Context reference ContextRef getContextRef();
- Need method to get the IdAS endpoint ref and related credentials