Package com.android.identity

Class CredentialDataRequest.Builder

    • Constructor Detail

      • Builder

        public Builder()
        Creates a new builder.

    • Method Detail

      • setDeviceSignedEntriesToRequest

        @NonNull
public CredentialDataRequest.Builder setDeviceSignedEntriesToRequest​(@NonNull
                                                                     java.util.Map<java.lang.String,​java.util.Collection<java.lang.String>> entriesToRequest)
        Sets the device-signed entries to request.
        Parameters:
        entriesToRequest - the device-signed entries to request.
        Returns:
        the builder.

      • setIssuerSignedEntriesToRequest

        @NonNull
public CredentialDataRequest.Builder setIssuerSignedEntriesToRequest​(@NonNull
                                                                     java.util.Map<java.lang.String,​java.util.Collection<java.lang.String>> entriesToRequest)
        Sets the issuer-signed entries to request.
        Parameters:
        entriesToRequest - the issuer-signed entries to request.
        Returns:
        the builder.

      • setAllowUsingExhaustedKeys

        @NonNull
public CredentialDataRequest.Builder setAllowUsingExhaustedKeys​(boolean allowUsingExhaustedKeys)
        Sets whether to allow using an authentication key which use count has been exceeded.

        This is useful in situations where the application hasn't had a chance to renew authentication keys, for example if the device hasn't been connected to the Internet or if the issuing authority server has been down.

        The reason this could be useful is that the privacy risk of reusing an authentication key for a credential presentation could be significantly smaller compared to the inconvenience of not being able to present the credential at all.

        By default this is set to true.

        Parameters:
        allowUsingExhaustedKeys - whether to allow using an authentication key which use count has been exceeded if no other key is available.
        Returns:
        the builder.

      • setAllowUsingExpiredKeys

        @NonNull
public CredentialDataRequest.Builder setAllowUsingExpiredKeys​(boolean allowUsingExpiredKeys)
        Sets whether to allow using an authentication key which is expired.

        This is useful in situations where the application hasn't had a chance to renew authentication keys, for example if the device hasn't been connected to the Internet or if the issuing authority server has been down.

        The reason this could be useful is that many verifiers are likely to accept a credential presentation using an expired authentication key (the credential itself wouldn't be expired) and it's likely better for the holder to be able to do this than not present their credential at all.

        By default this is set to false.

        Parameters:
        allowUsingExpiredKeys - whether to allow using an authentication key which is expired if no other key is available.
        Returns:
        the builder.

      • setIncrementUseCount

        @NonNull
public CredentialDataRequest.Builder setIncrementUseCount​(boolean incrementUseCount)
        Sets whether to increment the use-count for the authentication key used.

        Not incrementing the use-count for an authentication key is useful in situations where the authentication key is known with certainty to not be leaked. For example, consider an application doing a credential presentation for the sole purpose of displaying the credential data to the user (not for verification).

        By default this is set to true.

        Parameters:
        incrementUseCount - whether to increment the user count of the authentication key used.
        Returns:
        the builder.