Package io.getstream.chat.java.models

Class App

    • Constructor Detail

      • App

        public App()

    • Method Detail

      • get

        @NotNull
public static @NotNull App.AppGetRequest get()
        Creates a get request.
        Returns:
        the created request

      • getRateLimits

        @NotNull
public static @NotNull App.AppGetRateLimitsRequest getRateLimits()
        Creates a get rate limits request.
        Returns:
        the created request

      • revokeTokens

        @NotNull
public static @NotNull App.AppRevokeTokensRequest revokeTokens​(@Nullable
                                                               @Nullable java.util.Date revokeTokensIssuedBefore)
        Creates a revoke tokens request
        Parameters:
        revokeTokensIssuedBefore - the limit date to revoke tokens
        Returns:
        the created request

      • listPushProviders

        @NotNull
public static @NotNull App.ListPushProvidersRequest listPushProviders()
        Creates a list push providers request
        Returns:
        the created request

      • deletePushProvider

        @NotNull
public static @NotNull App.DeletePushProviderRequest deletePushProvider​(@NotNull
                                                                        @NotNull java.lang.String providerType,
                                                                        @NotNull
                                                                        @NotNull java.lang.String name)
        Creates a delete push provider request
        Parameters:
        providerType - push provider type
        name - push provider name
        Returns:
        the created request

      • verifyWebhook

        public boolean verifyWebhook​(@NotNull
                             @NotNull java.lang.String body,
                             @NotNull
                             @NotNull java.lang.String signature)
        Validates if hmac signature is correct for the message body.

        Kept for backward compatibility. New integrations should call verifyAndParseWebhook(byte[], String) (or the SQS / SNS variants), which also handle gzip payload compression.

        Parameters:
        body - raw body from http request converted to a string.
        signature - the signature provided in X-Signature header
        Returns:
        true if the signature is valid

      • verifyWebhookSignature

        public static boolean verifyWebhookSignature​(@NotNull
                                             @NotNull java.lang.String apiSecret,
                                             @NotNull
                                             @NotNull java.lang.String body,
                                             @NotNull
                                             @NotNull java.lang.String signature)
        Validates if hmac signature is correct for message body. Backward-compatible alias for verifySignature(byte[], String, String).
        Parameters:
        apiSecret - the secret key
        body - raw body from http request converted to a string.
        signature - the signature provided in X-Signature header
        Returns:
        true if the signature is valid

      • verifyWebhookSignature

        public static boolean verifyWebhookSignature​(@NotNull
                                             @NotNull java.lang.String body,
                                             @NotNull
                                             @NotNull java.lang.String signature)
        Validates if hmac signature is correct for the message body using the singleton client's API secret.
        Parameters:
        body - the message body
        signature - the signature provided in X-Signature header
        Returns:
        true if the signature is valid

      • verifySignature

        public static boolean verifySignature​(@NotNull
                                      @org.jetbrains.annotations.NotNull byte[] body,
                                      @NotNull
                                      @NotNull java.lang.String signature,
                                      @NotNull
                                      @NotNull java.lang.String secret)
        Constant-time HMAC-SHA256 verification of signature against the digest of body using secret as the key.

        The signature is always computed over the uncompressed JSON bytes, so callers that decoded a gzipped or base64-wrapped payload must pass the inflated bytes here.

        Parameters:
        body - the uncompressed body bytes
        signature - the signature provided in X-Signature
        secret - the app's API secret
        Returns:
        true if the signature matches

      • gunzipPayload

        public static byte[] gunzipPayload​(@NotNull
                                   @org.jetbrains.annotations.NotNull byte[] body)
        Returns body unchanged unless it starts with the gzip magic (1f 8b, per RFC 1952), in which case the gzip stream is inflated and the decompressed bytes are returned.

        Magic-byte detection (rather than relying on a header) lets the same handler stay correct when middleware auto-decompresses the request before your code sees it.

      • decodeSqsPayload

        public static byte[] decodeSqsPayload​(@NotNull
                                      @NotNull java.lang.String body)
        Reverses the SQS firehose envelope: the message Body is base64-decoded and, when the result begins with the gzip magic, it is gzip-decompressed. The same call works whether or not Stream is currently compressing payloads.
        Parameters:
        body - the SQS message Body
        Returns:
        the raw JSON bytes Stream signed

      • decodeSnsPayload

        public static byte[] decodeSnsPayload​(@NotNull
                                      @NotNull java.lang.String notificationBody)
        Reverses an SNS HTTP notification envelope. When notificationBody is a JSON envelope ({"Type":"Notification","Message":"..."}), the inner Message field is extracted and run through the SQS pipeline (base64-decode, then gzip-if-magic). When the input is not a JSON envelope it is treated as the already-extracted Message string, so call sites that pre-unwrap continue to work.

      • parseEvent

        @NotNull
public static @NotNull Event parseEvent​(@NotNull
                                        @org.jetbrains.annotations.NotNull byte[] payload)
        Parse a JSON-encoded webhook event into a typed Event. Unknown event types still parse successfully because Event.getType() is a free-form string; unknown nested fields and unknown enum values are tolerated so the handler stays forward-compatible with new Stream server releases.
        Throws:
        InvalidWebhookError - when the bytes are not valid JSON

      • verifyAndParseWebhook

        @NotNull
public static @NotNull Event verifyAndParseWebhook​(@NotNull
                                                   @org.jetbrains.annotations.NotNull byte[] body,
                                                   @NotNull
                                                   @NotNull java.lang.String signature,
                                                   @NotNull
                                                   @NotNull java.lang.String secret)
        Decompresses body when gzipped, verifies the HMAC signature, and returns the parsed Event. Works for HTTP webhooks regardless of whether payload compression is enabled.
        Parameters:
        body - raw HTTP request body bytes Stream signed
        signature - value of the X-Signature header
        secret - the app's API secret
        Returns:
        the parsed event
        Throws:
        InvalidWebhookError - when the signature does not match, the gzip envelope is malformed, or the payload is not JSON

      • verifyAndParseWebhook

        @NotNull
public static @NotNull Event verifyAndParseWebhook​(@NotNull
                                                   @org.jetbrains.annotations.NotNull byte[] body,
                                                   @NotNull
                                                   @NotNull java.lang.String signature)
        Singleton-secret overload: uses the API secret of the configured Client singleton.

      • parseSqs

        @NotNull
public static @NotNull Event parseSqs​(@NotNull
                                      @NotNull java.lang.String messageBody)
        Decode the SQS Body (base64, then gzip-if-magic) and return the parsed Event. Stream does not HMAC-sign SQS message bodies.

      • parseSns

        @NotNull
public static @NotNull Event parseSns​(@NotNull
                                      @NotNull java.lang.String notificationBody)
        Decode an SNS-delivered payload (unwraps envelope JSON when needed) and return the parsed Event. No HMAC verification.

      • setApp

        public void setApp​(@Nullable
                   @Nullable App.AppConfig app)