View Javadoc
1   package org.eclipse.aether.spi.checksums;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *  http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  
22  import java.io.IOException;
23  import java.util.List;
24  import java.util.Map;
25  
26  import org.eclipse.aether.RepositorySystemSession;
27  import org.eclipse.aether.artifact.Artifact;
28  import org.eclipse.aether.repository.ArtifactRepository;
29  import org.eclipse.aether.spi.connector.checksum.ChecksumAlgorithmFactory;
30  
31  /**
32   * Component able to provide (trusted) checksums for artifacts.
33   * <p>
34   * Note: the "trusted" meaning depends solely on implementation and the user using it. Resolver itself does nothing
35   * for "trust" (like some crypto magic or what not). It all boils down that the source being used by implementation is
36   * "trusted" by user or not.
37   *
38   * @since 1.9.0
39   */
40  public interface TrustedChecksumsSource
41  {
42      /**
43       * May return the trusted checksums (for given artifact) from trusted source, or {@code null} if not enabled.
44       * Enabled trusted checksum source SHOULD return non-null (empty map) result, when it has no data for given
45       * artifact. Empty map means in this case "no information", but how that case is interpreted depends on consumer
46       * for trusted checksums.
47       *
48       * @param session                    The repository system session, never {@code null}.
49       * @param artifact                   The artifact we want checksums for, never {@code null}.
50       * @param artifactRepository         The origin repository: local, workspace, remote repository, never {@code null}.
51       * @param checksumAlgorithmFactories The checksum algorithms that are expected, never {@code null}.
52       * @return Map of expected checksums, or {@code null} if not enabled.
53       */
54      Map<String, String> getTrustedArtifactChecksums( RepositorySystemSession session,
55                                                       Artifact artifact,
56                                                       ArtifactRepository artifactRepository,
57                                                       List<ChecksumAlgorithmFactory> checksumAlgorithmFactories );
58  
59      /**
60       * A writer that is able to write/add trusted checksums to this implementation.
61       */
62      interface Writer
63      {
64          /**
65           * Performs whatever implementation requires to "set" (write/add/append) given map of trusted checksums.
66           * The passed in list of checksum algorithm factories and the map must have equal size and mapping must
67           * contain all algorithm names in list.
68           */
69          void addTrustedArtifactChecksums( Artifact artifact,
70                                            ArtifactRepository artifactRepository,
71                                            List<ChecksumAlgorithmFactory> checksumAlgorithmFactories,
72                                            Map<String, String> trustedArtifactChecksums ) throws IOException;
73      }
74  
75      /**
76       * Some trusted checksums sources may implement this optional method: ability to write/add checksums to them.
77       * If source does not support this feature, method should return {@code null}.
78       */
79      Writer getTrustedArtifactChecksumsWriter( RepositorySystemSession session );
80  }