-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathSignedTokenGenerationExample.java
More file actions
108 lines (92 loc) · 5.8 KB
/
SignedTokenGenerationExample.java
File metadata and controls
108 lines (92 loc) · 5.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
package com.example.serviceaccount;
import com.skyflow.errors.SkyflowException;
import com.skyflow.serviceaccount.util.SignedDataTokenResponse;
import com.skyflow.serviceaccount.util.SignedDataTokens;
import java.io.File;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* This example demonstrates how to generate Signed Data Tokens using three methods:
* 1. Specifying the path to a credentials JSON file with a string context.
* 2. Providing the credentials JSON as a string with a string context.
* 3. Using a JSON object context for Conditional Data Access.
* <p>
* Signed data tokens are used to verify and securely transmit data with a specified context and TTL.
*/
public class SignedTokenGenerationExample {
public static void main(String[] args) {
List<SignedDataTokenResponse> signedTokenValues; // List to store signed data token responses
// Example 1: Generate Signed Data Token using a credentials file path
try {
// Step 1: Specify the path to the service account credentials JSON file
String filePath = "<YOUR_CREDENTIALS_FILE_PATH>"; // Replace with the actual file path
// Step 2: Set the context and create the list of data tokens to be signed
String context = "abc"; // Replace with your specific context (e.g., session identifier)
ArrayList<String> dataTokens = new ArrayList<>();
dataTokens.add("YOUR_DATA_TOKEN_1"); // Replace with your actual data token(s)
// Step 3: Build the SignedDataTokens object
SignedDataTokens signedToken = SignedDataTokens.builder()
.setCredentials(new File(filePath)) // Provide the credentials file
.setCtx(context) // Set the context for the token
.setTimeToLive(30) // Set the TTL (in seconds)
.setDataTokens(dataTokens) // Set the data tokens to sign
.build();
// Step 4: Retrieve and print the signed data tokens
signedTokenValues = signedToken.getSignedDataTokens();
System.out.println("Signed Tokens (using file path): " + signedTokenValues);
} catch (SkyflowException e) {
System.out.println("Error occurred while generating signed tokens using file path:");
e.printStackTrace();
}
// Example 2: Generate Signed Data Token using credentials JSON as a string
try {
// Step 1: Provide the contents of the credentials JSON file as a string
String fileContents = "<YOUR_CREDENTIALS_FILE_CONTENTS_AS_STRING>"; // Replace with actual JSON content
// Step 2: Set the context and create the list of data tokens to be signed
String context = "abc"; // Replace with your specific context
ArrayList<String> dataTokens = new ArrayList<>();
dataTokens.add("YOUR_DATA_TOKEN_1"); // Replace with your actual data token(s)
// Step 3: Build the SignedDataTokens object
SignedDataTokens signedToken = SignedDataTokens.builder()
.setCredentials(fileContents) // Provide the credentials as a string
.setCtx(context) // Set the context for the token
.setTimeToLive(30) // Set the TTL (in seconds)
.setDataTokens(dataTokens) // Set the data tokens to sign
.build();
// Step 4: Retrieve and print the signed data tokens
signedTokenValues = signedToken.getSignedDataTokens();
System.out.println("Signed Tokens (using credentials string): " + signedTokenValues);
} catch (SkyflowException e) {
System.out.println("Error occurred while generating signed tokens using credentials string:");
e.printStackTrace();
}
// Example 3: Generate Signed Data Token with a JSON object context for Conditional Data Access
// Use this approach when your Skyflow policy uses CEL expressions that reference nested
// context fields, such as: request.context.role == 'admin'
try {
// Step 1: Specify the path to the service account credentials JSON file
String filePath = "<YOUR_CREDENTIALS_FILE_PATH>"; // Replace with the actual file path
// Step 2: Create a context map with key-value pairs matching your Conditional Data Access policy
Map<String, Object> context = new HashMap<>();
context.put("role", "admin"); // Evaluated as request.context.role
context.put("project_id", "proj_123"); // Evaluated as request.context.project_id
ArrayList<String> dataTokens = new ArrayList<>();
dataTokens.add("YOUR_DATA_TOKEN_1"); // Replace with your actual data token(s)
// Step 3: Build the SignedDataTokens object with the JSON object context
SignedDataTokens signedToken = SignedDataTokens.builder()
.setCredentials(new File(filePath)) // Provide the credentials file
.setCtx(context) // Set context as a JSON object
.setTimeToLive(30) // Set the TTL (in seconds)
.setDataTokens(dataTokens) // Set the data tokens to sign
.build();
// Step 4: Retrieve and print the signed data tokens
signedTokenValues = signedToken.getSignedDataTokens();
System.out.println("Signed Tokens (using JSON object context): " + signedTokenValues);
} catch (SkyflowException e) {
System.out.println("Error occurred while generating signed tokens with JSON object context:");
e.printStackTrace();
}
}
}