Package io.token.tpp

Class TokenClient

  • All Implemented Interfaces:
    java.io.Closeable, java.lang.AutoCloseable
    public class TokenClient
extends io.token.TokenClient

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description
      static class  TokenClient.Builder  

      • Nested classes/interfaces inherited from class io.token.TokenClient

        io.token.TokenClient.TokenCluster

    • Field Summary

      • Fields inherited from class io.token.TokenClient

        channel, cryptoFactory, tokenCluster

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods 
      Modifier and Type Method Description
      static TokenClient.Builder builder()
      Creates a new TokenClient.Builder instance that is used to configure and build a TokenClient instance.
      io.reactivex.Observable<Member> completeRecovery​(java.lang.String memberId, java.util.List<io.token.proto.common.member.MemberProtos.MemberRecoveryOperation> recoveryOperations, io.token.proto.common.security.SecurityProtos.Key privilegedKey, io.token.security.CryptoEngine cryptoEngine)
      Completes account recovery.
      Member completeRecoveryBlocking​(java.lang.String memberId, java.util.List<io.token.proto.common.member.MemberProtos.MemberRecoveryOperation> recoveryOperations, io.token.proto.common.security.SecurityProtos.Key privilegedKey, io.token.security.CryptoEngine cryptoEngine)
      Completes account recovery.
      io.reactivex.Observable<Member> completeRecoveryWithDefaultRule​(java.lang.String memberId, java.lang.String verificationId, java.lang.String code, io.token.security.CryptoEngine cryptoEngine)
      Completes account recovery if the default recovery rule was set.
      Member completeRecoveryWithDefaultRuleBlocking​(java.lang.String memberId, java.lang.String verificationId, java.lang.String code, io.token.security.CryptoEngine cryptoEngine)
      Completes account recovery if the default recovery rule was set.
      static TokenClient create​(io.token.TokenClient.TokenCluster cluster, java.lang.String developerKey)
      Creates a new instance of TokenClient that's configured to use the specified environment.
      static TokenClient create​(io.token.TokenClient.TokenCluster cluster, java.lang.String developerKey, io.token.security.CryptoEngineFactory cryptoEngineFactory)
      Creates a new instance of TokenClient that's configured to use the specified environment and crypto engine factory.
      io.reactivex.Observable<Member> createMember​(io.token.proto.common.alias.AliasProtos.Alias alias)
      Creates a new Token member with a set of auto-generated keys, an alias, and member type.
      io.reactivex.Observable<Member> createMember​(io.token.proto.common.alias.AliasProtos.Alias alias, java.lang.String partnerId)
      Creates a new Token member with a set of auto-generated keys, an alias, and member type.
      io.reactivex.Observable<Member> createMember​(io.token.proto.common.alias.AliasProtos.Alias alias, java.lang.String partnerId, java.lang.String realmId)
      Creates a new Token member with a set of auto-generated keys, an alias, and member type.
      Member createMemberBlocking​(io.token.proto.common.alias.AliasProtos.Alias alias)
      Creates a new Token member with a set of auto-generated keys, an alias, and member type.
      Member createMemberBlocking​(io.token.proto.common.alias.AliasProtos.Alias alias, java.lang.String partnerId)
      Creates a new business-use Token member with a set of auto-generated keys and and an alias.
      io.reactivex.Observable<Member> createMemberInRealm​(io.token.proto.common.alias.AliasProtos.Alias alias, java.lang.String realmId)
      Creates a new Token member in the provided realm with a set of auto-generated keys, an alias, and member type.
      Member createMemberInRealmBlocking​(io.token.proto.common.alias.AliasProtos.Alias alias, java.lang.String realmId)
      Creates a new Token member in the provided realm with a set of auto-generated keys, an alias, and member type.
      Member createMemberWithEidas​(java.lang.String bankId, EidasKeyStore keyStore, long timeout, java.util.concurrent.TimeUnit timeUnit)
      Creates a TPP member under realm of a bank and registers it with the provided eIDAS certificate.
      io.reactivex.Observable<java.lang.String> generateTokenRequestUrl​(java.lang.String requestId)
      Generate a Token request URL from a request ID.
      java.lang.String generateTokenRequestUrlBlocking​(java.lang.String requestId)
      Generate a Token request URL from a request ID, and state.
      io.reactivex.Observable<Member> getMember​(java.lang.String memberId)
      Return a Member set up to use some Token member's keys (assuming we have them).
      Member getMemberBlocking​(java.lang.String memberId)
      Return a Member set up to use some Token member's keys (assuming we have them).
      io.reactivex.Observable<io.token.tokenrequest.TokenRequestResult> getTokenRequestResult​(java.lang.String tokenRequestId)
      Get the token request result based on a token's tokenRequestId.
      io.token.tokenrequest.TokenRequestResult getTokenRequestResultBlocking​(java.lang.String tokenRequestId)
      Get the token request result based on a token's tokenRequestId.
      TokenRequestTransferDestinationsCallbackParameters parseSetTransferDestinationsUrl​(java.lang.String url)
      Parse the Set Transfer Destinations Url callback parameters to extract state, region and supported .
      TokenRequestTransferDestinationsCallbackParameters parseSetTransferDestinationsUrlParams​(java.util.Map<java.lang.String,​java.util.List<java.lang.String>> urlParams)
      Parse the Set Transfer Destinations Url callback parameters to extract country, bank and supported payments.
      io.reactivex.Observable<TokenRequestCallback> parseTokenRequestCallbackParams​(java.util.Map<java.lang.String,​java.lang.String> callbackParams, java.lang.String csrfToken)
      Deprecated.
      TokenRequestCallback parseTokenRequestCallbackParamsBlocking​(java.util.Map<java.lang.String,​java.lang.String> callbackParams, java.lang.String csrfToken)
      Deprecated.
      io.reactivex.Observable<TokenRequestCallback> parseTokenRequestCallbackUrl​(java.lang.String callbackUrl, java.lang.String csrfToken)
      Deprecated.
      TokenRequestCallback parseTokenRequestCallbackUrlBlocking​(java.lang.String callbackUrl, java.lang.String csrfToken)
      Deprecated.
      io.reactivex.Observable<Member> recoverEidasMember​(io.token.proto.common.eidas.EidasProtos.EidasRecoveryPayload payload, java.lang.String signature, io.token.security.CryptoEngine cryptoEngine)
      Recovers an eIDAS-verified member with eIDAS payload.
      io.reactivex.Observable<io.token.proto.gateway.Gateway.RegisterWithEidasResponse> registerWithEidas​(io.token.proto.common.eidas.EidasProtos.RegisterWithEidasPayload payload, java.lang.String signature)
      Creates a business member under realm of a bank with an EIDAS alias (with value equal to the authNumber from the certificate) and a PRIVILEGED-level public key taken from the certificate.
      io.reactivex.Observable<io.token.tokenrequest.TokenRequest> retrieveTokenRequest​(java.lang.String requestId)
      Return a TokenRequest that was previously stored.
      io.token.tokenrequest.TokenRequest retrieveTokenRequestBlocking​(java.lang.String requestId)
      Return a TokenRequest that was previously stored.
      io.reactivex.Observable<Member> setUpMember​(io.token.proto.common.alias.AliasProtos.Alias alias, java.lang.String memberId)
      Sets up a member given a specific ID of a member that already exists in the system.

      • Methods inherited from class io.token.TokenClient

        beginRecovery, beginRecoveryBlocking, close, completeRecoveryImpl, completeRecoveryWithDefaultRuleImpl, createMemberImpl, createRecoveryAuthorization, createRecoveryAuthorizationBlocking, getBanks, getBanks, getBanks, getBanks, getBanksBlocking, getBanksBlocking, getBanksBlocking, getCountries, getCountriesBlocking, getMemberId, getMemberIdBlocking, getMemberImpl, getRecoveryAuthorization, getRecoveryAuthorizationBlocking, resolveAlias, resolveAliasBlocking, setUpMemberImpl, trace

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Method Detail

      • create

        public static TokenClient create​(io.token.TokenClient.TokenCluster cluster,
                                 java.lang.String developerKey)
        Creates a new instance of TokenClient that's configured to use the specified environment.
        Parameters:
        cluster - token cluster to connect to
        developerKey - developer key
        Returns:
        TokenClient instance

      • create

        public static TokenClient create​(io.token.TokenClient.TokenCluster cluster,
                                 java.lang.String developerKey,
                                 io.token.security.CryptoEngineFactory cryptoEngineFactory)
        Creates a new instance of TokenClient that's configured to use the specified environment and crypto engine factory.
        Parameters:
        cluster - token cluster to connect to
        developerKey - developer key
        cryptoEngineFactory - crypto engine factory to use
        Returns:
        TokenClient instance

      • createMember

        public io.reactivex.Observable<Member> createMember​(io.token.proto.common.alias.AliasProtos.Alias alias)
        Creates a new Token member with a set of auto-generated keys, an alias, and member type.
        Parameters:
        alias - nullable member alias to use, must be unique. If null, then no alias will be created with the member.
        Returns:
        newly created member

      • createMember

        public io.reactivex.Observable<Member> createMember​(io.token.proto.common.alias.AliasProtos.Alias alias,
                                                    java.lang.String partnerId)
        Creates a new Token member with a set of auto-generated keys, an alias, and member type.
        Parameters:
        alias - nullable member alias to use, must be unique. If null, then no alias will be created with the member.
        partnerId - ID of partner member.
        Returns:
        newly created member

      • createMember

        public io.reactivex.Observable<Member> createMember​(io.token.proto.common.alias.AliasProtos.Alias alias,
                                                    @Nullable
                                                    java.lang.String partnerId,
                                                    @Nullable
                                                    java.lang.String realmId)
        Creates a new Token member with a set of auto-generated keys, an alias, and member type.
        Parameters:
        alias - nullable member alias to use, must be unique. If null, then no alias will be created with the member.
        partnerId - ID of partner member
        realmId - member Id of existing member to which this new member is associated with
        Returns:
        newly created member

      • createMemberBlocking

        public Member createMemberBlocking​(io.token.proto.common.alias.AliasProtos.Alias alias)
        Creates a new Token member with a set of auto-generated keys, an alias, and member type.
        Parameters:
        alias - nullable member alias to use, must be unique. If null, then no alias will be created with the member.
        Returns:
        newly created member

      • createMemberBlocking

        public Member createMemberBlocking​(io.token.proto.common.alias.AliasProtos.Alias alias,
                                   java.lang.String partnerId)
        Creates a new business-use Token member with a set of auto-generated keys and and an alias.
        Parameters:
        alias - alias to associate with member
        partnerId - ID of partner member
        Returns:
        newly created member

      • createMemberInRealm

        public io.reactivex.Observable<Member> createMemberInRealm​(io.token.proto.common.alias.AliasProtos.Alias alias,
                                                           java.lang.String realmId)
        Creates a new Token member in the provided realm with a set of auto-generated keys, an alias, and member type.
        Parameters:
        alias - nullable member alias to use, must be unique. If null, then no alias will be created with the member.
        realmId - member id of an existing Member to whose realm this new member belongs.
        Returns:
        newly created member

      • createMemberInRealmBlocking

        public Member createMemberInRealmBlocking​(io.token.proto.common.alias.AliasProtos.Alias alias,
                                          java.lang.String realmId)
        Creates a new Token member in the provided realm with a set of auto-generated keys, an alias, and member type.
        Parameters:
        alias - nullable member alias to use, must be unique. If null, then no alias will be created with the member.
        realmId - member id of the Member whose realm this new Member belongs.
        Returns:
        newly created member

      • setUpMember

        public io.reactivex.Observable<Member> setUpMember​(io.token.proto.common.alias.AliasProtos.Alias alias,
                                                   java.lang.String memberId)
        Sets up a member given a specific ID of a member that already exists in the system. If the member ID already has keys, this will not succeed. Used for testing since this gives more control over the member creation process.

        Adds an alias and a set of auto-generated keys to the member.

        Parameters:
        alias - nullable member alias to use, must be unique. If null, then no alias will be created with the member
        memberId - member id
        Returns:
        newly created member

      • getMember

        public io.reactivex.Observable<Member> getMember​(java.lang.String memberId)
        Return a Member set up to use some Token member's keys (assuming we have them).
        Parameters:
        memberId - member id
        Returns:
        member

      • getMemberBlocking

        public Member getMemberBlocking​(java.lang.String memberId)
        Return a Member set up to use some Token member's keys (assuming we have them).
        Parameters:
        memberId - member id
        Returns:
        member

      • completeRecovery

        public io.reactivex.Observable<Member> completeRecovery​(java.lang.String memberId,
                                                        java.util.List<io.token.proto.common.member.MemberProtos.MemberRecoveryOperation> recoveryOperations,
                                                        io.token.proto.common.security.SecurityProtos.Key privilegedKey,
                                                        io.token.security.CryptoEngine cryptoEngine)
        Completes account recovery.
        Parameters:
        memberId - the member id
        recoveryOperations - the member recovery operations
        privilegedKey - the privileged public key in the member recovery operations
        cryptoEngine - the new crypto engine
        Returns:
        an observable of the updated member

      • completeRecoveryBlocking

        public Member completeRecoveryBlocking​(java.lang.String memberId,
                                       java.util.List<io.token.proto.common.member.MemberProtos.MemberRecoveryOperation> recoveryOperations,
                                       io.token.proto.common.security.SecurityProtos.Key privilegedKey,
                                       io.token.security.CryptoEngine cryptoEngine)
        Completes account recovery.
        Parameters:
        memberId - the member id
        recoveryOperations - the member recovery operations
        privilegedKey - the privileged public key in the member recovery operations
        cryptoEngine - the new crypto engine
        Returns:
        an observable of the updated member

      • completeRecoveryWithDefaultRule

        public io.reactivex.Observable<Member> completeRecoveryWithDefaultRule​(java.lang.String memberId,
                                                                       java.lang.String verificationId,
                                                                       java.lang.String code,
                                                                       io.token.security.CryptoEngine cryptoEngine)
        Completes account recovery if the default recovery rule was set.
        Parameters:
        memberId - the member id
        verificationId - the verification id
        code - the code
        cryptoEngine - the new crypto engine
        Returns:
        the new member

      • completeRecoveryWithDefaultRuleBlocking

        public Member completeRecoveryWithDefaultRuleBlocking​(java.lang.String memberId,
                                                      java.lang.String verificationId,
                                                      java.lang.String code,
                                                      io.token.security.CryptoEngine cryptoEngine)
        Completes account recovery if the default recovery rule was set.
        Parameters:
        memberId - the member id
        verificationId - the verification id
        code - the code
        cryptoEngine - the new crypto engine
        Returns:
        the new member

      • recoverEidasMember

        public io.reactivex.Observable<Member> recoverEidasMember​(io.token.proto.common.eidas.EidasProtos.EidasRecoveryPayload payload,
                                                          java.lang.String signature,
                                                          io.token.security.CryptoEngine cryptoEngine)
        Recovers an eIDAS-verified member with eIDAS payload.
        Parameters:
        payload - a payload containing member id, the certificate and a new key to add to the member
        signature - a payload signature with the private key corresponding to the certificate
        cryptoEngine - a crypto engine that must contain the privileged key that is included in the payload (if it does not contain keys for other levels they will be generated)
        Returns:
        an observable of a new member

      • registerWithEidas

        public io.reactivex.Observable<io.token.proto.gateway.Gateway.RegisterWithEidasResponse> registerWithEidas​(io.token.proto.common.eidas.EidasProtos.RegisterWithEidasPayload payload,
                                                                                                           java.lang.String signature)
        Creates a business member under realm of a bank with an EIDAS alias (with value equal to the authNumber from the certificate) and a PRIVILEGED-level public key taken from the certificate. Then onboards the member with the provided certificate. A successful onboarding includes verifying the member and the alias and adding permissions based on the certificate.
        The call is idempotent.
        If you need to submit another certificate for an existing member, please use VerifyEidas call instead.

        Note, that the call is asynchronous and the newly created member might not be onboarded at the time the call returns. You can check the verification status using member.getEidasVerificationStatus call with the verification id returned by this call.
        Parameters:
        payload - payload with eIDAS certificate and bank id
        signature - payload signed with the private key corresponding to the certificate     *      public key
        Returns:
        member id, registered key id and id of the certificate verification request    

      • createMemberWithEidas

        public Member createMemberWithEidas​(java.lang.String bankId,
                                    EidasKeyStore keyStore,
                                    long timeout,
                                    java.util.concurrent.TimeUnit timeUnit)
                             throws java.security.cert.CertificateEncodingException,
                                    java.lang.InterruptedException,
                                    EidasTimeoutException
        Creates a TPP member under realm of a bank and registers it with the provided eIDAS certificate. The created member has a registered PRIVILEGED-level RSA key from the provided certificate (key ID is set to the decimal String representation of the certificate's serial number) and an EIDAS alias with value equal to authNumber from the certificate.

        Note, that the TokenClient used to make this call needs to be backed by the EidasKeyStore passed to this method, which contains a certificate and a key: 

         EidasKeyStore keyStore = new InMemoryEidasKeyStore(certificate, privateKey);
 TokenClient tokenClient = TokenClient.builder()
         .connectTo(SANDBOX)
         .withCryptoEngine(new EidasCryptoEngineFactory(keyStore))
         .build();
        IMPORTANT: this method is blocking, and a member will be returned only if it is successfully onboarded. Otherwise a EidasRegistrationException or EidasTimeoutException will be thrown. For asynchronous call see registerWithEidas(io.token.proto.common.eidas.EidasProtos.RegisterWithEidasPayload, java.lang.String).
        Parameters:
        bankId - id of the bank the TPP trying to get access to
        keyStore - a key store containing an eIDAS certificate and a private key for it
        timeout - a time period within which a certificate verification is expected to finish
        timeUnit - the time unit for the timeout
        Returns:
        a registered member
        Throws:
        EidasRegistrationException - if certificate verification failed
        EidasTimeoutException - if a verification has not finished within expected time period
        java.security.cert.CertificateEncodingException - if an encoding error occurs
        java.lang.InterruptedException - if any thread has interrupted the current thread

      • generateTokenRequestUrl

        public io.reactivex.Observable<java.lang.String> generateTokenRequestUrl​(java.lang.String requestId)
        Generate a Token request URL from a request ID.
        Parameters:
        requestId - request id
        Returns:
        token request url

      • generateTokenRequestUrlBlocking

        public java.lang.String generateTokenRequestUrlBlocking​(java.lang.String requestId)
        Generate a Token request URL from a request ID, and state. This does not set a CSRF token or pass in a state.
        Parameters:
        requestId - request id
        Returns:
        token request url

      • parseTokenRequestCallbackUrl

        @Deprecated
public io.reactivex.Observable<TokenRequestCallback> parseTokenRequestCallbackUrl​(java.lang.String callbackUrl,
                                                                                  java.lang.String csrfToken)
        Deprecated.
        Deprecated: The callback will contain request-id only. tokenId and state will be removed.
        Parameters:
        callbackUrl - token request callback url
        csrfToken - csrfToken
        Returns:
        TokenRequestCallback object containing the token id and the original state

      • parseSetTransferDestinationsUrl

        public TokenRequestTransferDestinationsCallbackParameters parseSetTransferDestinationsUrl​(java.lang.String url)
        Parse the Set Transfer Destinations Url callback parameters to extract state, region and supported . Check the CSRF token against the initial request and verify the signature.
        Parameters:
        url - token request callback url
        Returns:
        TokenRequestSetTransferDestinationUrl object containing the token id and the original state

      • parseTokenRequestCallbackUrlBlocking

        @Deprecated
public TokenRequestCallback parseTokenRequestCallbackUrlBlocking​(java.lang.String callbackUrl,
                                                                 java.lang.String csrfToken)
        Deprecated.
        Deprecated: The callback will contain request-id only. tokenId and state will be removed.
        Parameters:
        callbackUrl - token request callback url
        csrfToken - csrfToken
        Returns:
        TokenRequestCallback object containing the token id and the original state

      • parseTokenRequestCallbackParams

        @Deprecated
public io.reactivex.Observable<TokenRequestCallback> parseTokenRequestCallbackParams​(java.util.Map<java.lang.String,​java.lang.String> callbackParams,
                                                                                     java.lang.String csrfToken)
        Deprecated.
        Deprecated: The callback will contain request-id only. tokenId and state will be removed.
        Parameters:
        callbackParams - callback parameter map
        csrfToken - CSRF token
        Returns:
        TokenRequestCallback object containing the token ID and the original state

      • parseSetTransferDestinationsUrlParams

        public TokenRequestTransferDestinationsCallbackParameters parseSetTransferDestinationsUrlParams​(java.util.Map<java.lang.String,​java.util.List<java.lang.String>> urlParams)
        Parse the Set Transfer Destinations Url callback parameters to extract country, bank and supported payments.
        Parameters:
        urlParams - url parameters
        Returns:
        TokenRequestSetTransferDestinationUrl object containing region

      • parseTokenRequestCallbackParamsBlocking

        @Deprecated
public TokenRequestCallback parseTokenRequestCallbackParamsBlocking​(java.util.Map<java.lang.String,​java.lang.String> callbackParams,
                                                                    java.lang.String csrfToken)
        Deprecated.
        Parse the token request callback parameters to extract the state and the token ID. Check the CSRF token against the initial request and verify the signature.
        Parameters:
        callbackParams - callback parameter map
        csrfToken - CSRF token
        Returns:
        TokenRequestCallback object containing the token ID and the original state

      • getTokenRequestResult

        public io.reactivex.Observable<io.token.tokenrequest.TokenRequestResult> getTokenRequestResult​(java.lang.String tokenRequestId)
        Get the token request result based on a token's tokenRequestId.
        Parameters:
        tokenRequestId - token request id
        Returns:
        token request result

      • getTokenRequestResultBlocking

        public io.token.tokenrequest.TokenRequestResult getTokenRequestResultBlocking​(java.lang.String tokenRequestId)
        Get the token request result based on a token's tokenRequestId.
        Parameters:
        tokenRequestId - token request id
        Returns:
        token request result

      • retrieveTokenRequest

        public io.reactivex.Observable<io.token.tokenrequest.TokenRequest> retrieveTokenRequest​(java.lang.String requestId)
        Return a TokenRequest that was previously stored.
        Parameters:
        requestId - request id
        Returns:
        token request that was stored with the request id

      • retrieveTokenRequestBlocking

        public io.token.tokenrequest.TokenRequest retrieveTokenRequestBlocking​(java.lang.String requestId)
        Return a TokenRequest that was previously stored.
        Parameters:
        requestId - request id
        Returns:
        token request that was stored with the request id