Google 致力于为黑人社区推动种族平等。查看具体举措

AccessControlProfile.Builder

public static final class AccessControlProfile.Builder
extends Object

java.lang.Object
   ↳ androidx.security.identity.AccessControlProfile.Builder

A builder for AccessControlProfile.

Summary

Public constructors

Builder(AccessControlProfileId accessControlProfileId)

Each access control profile has numeric identifier that must be unique within the context of a Credential and may be used to reference the profile.

Public methods

AccessControlProfile build()

Creates a new AccessControlProfile from the data supplied to the builder.

AccessControlProfile.Builder setReaderCertificate(X509Certificate readerCertificate)

Sets the reader certificate to use when checking access control.

AccessControlProfile.Builder setUserAuthenticationRequired(boolean userAuthenticationRequired)

Set whether user authentication is required.

AccessControlProfile.Builder setUserAuthenticationTimeout(long userAuthenticationTimeoutMillis)

Sets the authentication timeout to use.

Inherited methods

Public constructors

Builder

public Builder (AccessControlProfileId accessControlProfileId)

Each access control profile has numeric identifier that must be unique within the context of a Credential and may be used to reference the profile.

By default, the resulting AccessControlProfile will require user authentication with a timeout of zero, thus requiring the holder to authenticate for every presentation where data elements using this access control profile is used.

Parameters
accessControlProfileId AccessControlProfileId: the access control profile identifier.

Public methods

build

public AccessControlProfile build ()

Creates a new AccessControlProfile from the data supplied to the builder.

Returns
AccessControlProfile The created AccessControlProfile object.

setReaderCertificate

public AccessControlProfile.Builder setReaderCertificate (X509Certificate readerCertificate)

Sets the reader certificate to use when checking access control.

If set, this is checked against the certificate chain presented by reader. The access check is fulfilled only if the public key from one of the certificates in the chain, matches the public key in the certificate set by this method.

The default behavior of a AccessControlProfile created from a builder is to not use reader authentication.

Parameters
readerCertificate X509Certificate: the certificate to use for the access control check.
Returns
AccessControlProfile.Builder The builder.

setUserAuthenticationRequired

public AccessControlProfile.Builder setUserAuthenticationRequired (boolean userAuthenticationRequired)

Set whether user authentication is required.

This should be used sparingly since disabling user authentication on just a single data element can easily create a Relay Attack if the device on which the credential is stored is compromised.

The default behavior of a AccessControlProfile created from a builder is to require user authentication.

Parameters
userAuthenticationRequired boolean: Set to true if user authentication is required, false otherwise.
Returns
AccessControlProfile.Builder The builder.

setUserAuthenticationTimeout

public AccessControlProfile.Builder setUserAuthenticationTimeout (long userAuthenticationTimeoutMillis)

Sets the authentication timeout to use.

The authentication timeout specifies the amount of time, in milliseconds, for which a user authentication is valid, if user authentication is required (see setUserAuthenticationRequired(boolean)).

If the timeout is zero, then authentication is always required for each reader session.

The default behavior of a AccessControlProfile created from a builder is to use a timeout of 0.

Parameters
userAuthenticationTimeoutMillis long: the authentication timeout, in milliseconds.
Returns
AccessControlProfile.Builder The builder.