Class: OCI::NetworkFirewall::Models::SslForwardProxyProfile

Inherits:

DecryptionProfile

• Object
• DecryptionProfile
• OCI::NetworkFirewall::Models::SslForwardProxyProfile

Defined in:

lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb

Overview

SSLForwardProxy used on the firewall policy rules.

Constant Summary

Constants inherited from DecryptionProfile

DecryptionProfile::TYPE_ENUM

Instance Attribute Summary

• #are_certificate_extensions_restricted ⇒ BOOLEAN

  **[Required]** Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.

• #is_auto_include_alt_name ⇒ BOOLEAN

  **[Required]** Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.

• #is_expired_certificate_blocked ⇒ BOOLEAN

  **[Required]** Whether to block sessions if server's certificate is expired.

• #is_out_of_capacity_blocked ⇒ BOOLEAN

  **[Required]** Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.

• #is_revocation_status_timeout_blocked ⇒ BOOLEAN

  **[Required]** Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).

• #is_unknown_revocation_status_blocked ⇒ BOOLEAN

  **[Required]** Whether to block sessions if the revocation status check for server's certificate results in "unknown".

• #is_unsupported_cipher_blocked ⇒ BOOLEAN

  **[Required]** Whether to block sessions if SSL cipher suite is not supported.

• #is_unsupported_version_blocked ⇒ BOOLEAN

  **[Required]** Whether to block sessions if SSL version is not supported.

• #is_untrusted_issuer_blocked ⇒ BOOLEAN

  **[Required]** Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).

Attributes inherited from DecryptionProfile

#type

Class Method Summary

• .attribute_map ⇒ Object

  Attribute mapping from ruby-style variable name to JSON key.

• .swagger_types ⇒ Object

  Attribute type mapping.

Instance Method Summary

• #==(other) ⇒ Object

  Checks equality by comparing each attribute.

• #build_from_hash(attributes) ⇒ Object

  Builds the object from hash.

• #eql?(other) ⇒ Boolean
• #hash ⇒ Fixnum

  Calculates hash code according to all attributes.

• #initialize(attributes = {}) ⇒ SslForwardProxyProfile constructor

  Initializes the object.

• #to_hash ⇒ Hash

  Returns the object in the form of hash.

• #to_s ⇒ String

  Returns the string representation of the object.

Methods inherited from DecryptionProfile

get_subtype

Constructor Details

#initialize(attributes = {}) ⇒ SslForwardProxyProfile

Initializes the object

Parameters:

• attributes (Hash) (defaults to: {}) —

  Model attributes in the form of hash

Options Hash (attributes):

• :is_expired_certificate_blocked (BOOLEAN) —

  The value to assign to the #is_expired_certificate_blocked property

• :is_untrusted_issuer_blocked (BOOLEAN) —

  The value to assign to the #is_untrusted_issuer_blocked property

• :is_revocation_status_timeout_blocked (BOOLEAN) —

  The value to assign to the #is_revocation_status_timeout_blocked property

• :is_unsupported_version_blocked (BOOLEAN) —

  The value to assign to the #is_unsupported_version_blocked property

• :is_unsupported_cipher_blocked (BOOLEAN) —

  The value to assign to the #is_unsupported_cipher_blocked property

• :is_unknown_revocation_status_blocked (BOOLEAN) —

  The value to assign to the #is_unknown_revocation_status_blocked property

• :are_certificate_extensions_restricted (BOOLEAN) —

  The value to assign to the #are_certificate_extensions_restricted property

• :is_auto_include_alt_name (BOOLEAN) —

  The value to assign to the #is_auto_include_alt_name property

• :is_out_of_capacity_blocked (BOOLEAN) —

  The value to assign to the #is_out_of_capacity_blocked property

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 100

def initialize(attributes = {})
  return unless attributes.is_a?(Hash)

  attributes['type'] = 'SSL_FORWARD_PROXY'

  super(attributes)

  # convert string to symbol for hash key
  attributes = attributes.each_with_object({}) { |(k, v), h| h[k.to_sym] = v }

  self.is_expired_certificate_blocked = attributes[:'isExpiredCertificateBlocked'] unless attributes[:'isExpiredCertificateBlocked'].nil?

  raise 'You cannot provide both :isExpiredCertificateBlocked and :is_expired_certificate_blocked' if attributes.key?(:'isExpiredCertificateBlocked') && attributes.key?(:'is_expired_certificate_blocked')

  self.is_expired_certificate_blocked = attributes[:'is_expired_certificate_blocked'] unless attributes[:'is_expired_certificate_blocked'].nil?

  self.is_untrusted_issuer_blocked = attributes[:'isUntrustedIssuerBlocked'] unless attributes[:'isUntrustedIssuerBlocked'].nil?

  raise 'You cannot provide both :isUntrustedIssuerBlocked and :is_untrusted_issuer_blocked' if attributes.key?(:'isUntrustedIssuerBlocked') && attributes.key?(:'is_untrusted_issuer_blocked')

  self.is_untrusted_issuer_blocked = attributes[:'is_untrusted_issuer_blocked'] unless attributes[:'is_untrusted_issuer_blocked'].nil?

  self.is_revocation_status_timeout_blocked = attributes[:'isRevocationStatusTimeoutBlocked'] unless attributes[:'isRevocationStatusTimeoutBlocked'].nil?

  raise 'You cannot provide both :isRevocationStatusTimeoutBlocked and :is_revocation_status_timeout_blocked' if attributes.key?(:'isRevocationStatusTimeoutBlocked') && attributes.key?(:'is_revocation_status_timeout_blocked')

  self.is_revocation_status_timeout_blocked = attributes[:'is_revocation_status_timeout_blocked'] unless attributes[:'is_revocation_status_timeout_blocked'].nil?

  self.is_unsupported_version_blocked = attributes[:'isUnsupportedVersionBlocked'] unless attributes[:'isUnsupportedVersionBlocked'].nil?

  raise 'You cannot provide both :isUnsupportedVersionBlocked and :is_unsupported_version_blocked' if attributes.key?(:'isUnsupportedVersionBlocked') && attributes.key?(:'is_unsupported_version_blocked')

  self.is_unsupported_version_blocked = attributes[:'is_unsupported_version_blocked'] unless attributes[:'is_unsupported_version_blocked'].nil?

  self.is_unsupported_cipher_blocked = attributes[:'isUnsupportedCipherBlocked'] unless attributes[:'isUnsupportedCipherBlocked'].nil?

  raise 'You cannot provide both :isUnsupportedCipherBlocked and :is_unsupported_cipher_blocked' if attributes.key?(:'isUnsupportedCipherBlocked') && attributes.key?(:'is_unsupported_cipher_blocked')

  self.is_unsupported_cipher_blocked = attributes[:'is_unsupported_cipher_blocked'] unless attributes[:'is_unsupported_cipher_blocked'].nil?

  self.is_unknown_revocation_status_blocked = attributes[:'isUnknownRevocationStatusBlocked'] unless attributes[:'isUnknownRevocationStatusBlocked'].nil?

  raise 'You cannot provide both :isUnknownRevocationStatusBlocked and :is_unknown_revocation_status_blocked' if attributes.key?(:'isUnknownRevocationStatusBlocked') && attributes.key?(:'is_unknown_revocation_status_blocked')

  self.is_unknown_revocation_status_blocked = attributes[:'is_unknown_revocation_status_blocked'] unless attributes[:'is_unknown_revocation_status_blocked'].nil?

  self.are_certificate_extensions_restricted = attributes[:'areCertificateExtensionsRestricted'] unless attributes[:'areCertificateExtensionsRestricted'].nil?

  raise 'You cannot provide both :areCertificateExtensionsRestricted and :are_certificate_extensions_restricted' if attributes.key?(:'areCertificateExtensionsRestricted') && attributes.key?(:'are_certificate_extensions_restricted')

  self.are_certificate_extensions_restricted = attributes[:'are_certificate_extensions_restricted'] unless attributes[:'are_certificate_extensions_restricted'].nil?

  self.is_auto_include_alt_name = attributes[:'isAutoIncludeAltName'] unless attributes[:'isAutoIncludeAltName'].nil?

  raise 'You cannot provide both :isAutoIncludeAltName and :is_auto_include_alt_name' if attributes.key?(:'isAutoIncludeAltName') && attributes.key?(:'is_auto_include_alt_name')

  self.is_auto_include_alt_name = attributes[:'is_auto_include_alt_name'] unless attributes[:'is_auto_include_alt_name'].nil?

  self.is_out_of_capacity_blocked = attributes[:'isOutOfCapacityBlocked'] unless attributes[:'isOutOfCapacityBlocked'].nil?

  raise 'You cannot provide both :isOutOfCapacityBlocked and :is_out_of_capacity_blocked' if attributes.key?(:'isOutOfCapacityBlocked') && attributes.key?(:'is_out_of_capacity_blocked')

  self.is_out_of_capacity_blocked = attributes[:'is_out_of_capacity_blocked'] unless attributes[:'is_out_of_capacity_blocked'].nil?
end

Instance Attribute Details

#are_certificate_extensions_restricted ⇒ BOOLEAN

**[Required]** Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.

Returns:

• (BOOLEAN)

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 39

def are_certificate_extensions_restricted
  @are_certificate_extensions_restricted
end

#is_auto_include_alt_name ⇒ BOOLEAN

**[Required]** Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.

Returns:

• (BOOLEAN)

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 43

def is_auto_include_alt_name
  @is_auto_include_alt_name
end

#is_expired_certificate_blocked ⇒ BOOLEAN

**[Required]** Whether to block sessions if server's certificate is expired.

Returns:

• (BOOLEAN)

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 13

def is_expired_certificate_blocked
  @is_expired_certificate_blocked
end

#is_out_of_capacity_blocked ⇒ BOOLEAN

**[Required]** Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.

Returns:

• (BOOLEAN)

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 47

def is_out_of_capacity_blocked
  @is_out_of_capacity_blocked
end

#is_revocation_status_timeout_blocked ⇒ BOOLEAN

**[Required]** Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).

Returns:

• (BOOLEAN)

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 23

def is_revocation_status_timeout_blocked
  @is_revocation_status_timeout_blocked
end

#is_unknown_revocation_status_blocked ⇒ BOOLEAN

**[Required]** Whether to block sessions if the revocation status check for server's certificate results in "unknown".

Returns:

• (BOOLEAN)

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 35

def is_unknown_revocation_status_blocked
  @is_unknown_revocation_status_blocked
end

#is_unsupported_cipher_blocked ⇒ BOOLEAN

**[Required]** Whether to block sessions if SSL cipher suite is not supported.

Returns:

• (BOOLEAN)

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 31

def is_unsupported_cipher_blocked
  @is_unsupported_cipher_blocked
end

#is_unsupported_version_blocked ⇒ BOOLEAN

**[Required]** Whether to block sessions if SSL version is not supported.

Returns:

• (BOOLEAN)

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 27

def is_unsupported_version_blocked
  @is_unsupported_version_blocked
end

#is_untrusted_issuer_blocked ⇒ BOOLEAN

**[Required]** Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).

Returns:

• (BOOLEAN)

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 17

def is_untrusted_issuer_blocked
  @is_untrusted_issuer_blocked
end

Class Method Details

.attribute_map ⇒ Object

Attribute mapping from ruby-style variable name to JSON key.

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 50

def self.attribute_map
  {
    # rubocop:disable Style/SymbolLiteral
    'type': :'type',
    'is_expired_certificate_blocked': :'isExpiredCertificateBlocked',
    'is_untrusted_issuer_blocked': :'isUntrustedIssuerBlocked',
    'is_revocation_status_timeout_blocked': :'isRevocationStatusTimeoutBlocked',
    'is_unsupported_version_blocked': :'isUnsupportedVersionBlocked',
    'is_unsupported_cipher_blocked': :'isUnsupportedCipherBlocked',
    'is_unknown_revocation_status_blocked': :'isUnknownRevocationStatusBlocked',
    'are_certificate_extensions_restricted': :'areCertificateExtensionsRestricted',
    'is_auto_include_alt_name': :'isAutoIncludeAltName',
    'is_out_of_capacity_blocked': :'isOutOfCapacityBlocked'
    # rubocop:enable Style/SymbolLiteral
  }
end

.swagger_types ⇒ Object

Attribute type mapping.

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 68

def self.swagger_types
  {
    # rubocop:disable Style/SymbolLiteral
    'type': :'String',
    'is_expired_certificate_blocked': :'BOOLEAN',
    'is_untrusted_issuer_blocked': :'BOOLEAN',
    'is_revocation_status_timeout_blocked': :'BOOLEAN',
    'is_unsupported_version_blocked': :'BOOLEAN',
    'is_unsupported_cipher_blocked': :'BOOLEAN',
    'is_unknown_revocation_status_blocked': :'BOOLEAN',
    'are_certificate_extensions_restricted': :'BOOLEAN',
    'is_auto_include_alt_name': :'BOOLEAN',
    'is_out_of_capacity_blocked': :'BOOLEAN'
    # rubocop:enable Style/SymbolLiteral
  }
end

Instance Method Details

#==(other) ⇒ Object

Checks equality by comparing each attribute.

Parameters:

• other (Object) —

  the other object to be compared

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 172

def ==(other)
  return true if equal?(other)

  self.class == other.class &&
    type == other.type &&
    is_expired_certificate_blocked == other.is_expired_certificate_blocked &&
    is_untrusted_issuer_blocked == other.is_untrusted_issuer_blocked &&
    is_revocation_status_timeout_blocked == other.is_revocation_status_timeout_blocked &&
    is_unsupported_version_blocked == other.is_unsupported_version_blocked &&
    is_unsupported_cipher_blocked == other.is_unsupported_cipher_blocked &&
    is_unknown_revocation_status_blocked == other.is_unknown_revocation_status_blocked &&
    are_certificate_extensions_restricted == other.are_certificate_extensions_restricted &&
    is_auto_include_alt_name == other.is_auto_include_alt_name &&
    is_out_of_capacity_blocked == other.is_out_of_capacity_blocked
end

#build_from_hash(attributes) ⇒ Object

Builds the object from hash

Parameters:

• attributes (Hash) —

  Model attributes in the form of hash

Returns:

• (Object) —

  Returns the model itself

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 211

def build_from_hash(attributes)
  return nil unless attributes.is_a?(Hash)

  self.class.swagger_types.each_pair do |key, type|
    if type =~ /^Array<(.*)>/i
      # check to ensure the input is an array given that the the attribute
      # is documented as an array but the input is not
      if attributes[self.class.attribute_map[key]].is_a?(Array)
        public_method("#{key}=").call(
          attributes[self.class.attribute_map[key]]
            .map { |v| OCI::Internal::Util.convert_to_type(Regexp.last_match(1), v) }
        )
      end
    elsif !attributes[self.class.attribute_map[key]].nil?
      public_method("#{key}=").call(
        OCI::Internal::Util.convert_to_type(type, attributes[self.class.attribute_map[key]])
      )
    end
    # or else data not found in attributes(hash), not an issue as the data can be optional
  end

  self
end

#eql?(other) ⇒ Boolean

Parameters:

• other (Object) —

  the other object to be compared

Returns:

• (Boolean)

See Also:

• `==` method

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 191

def eql?(other)
  self == other
end

#hash ⇒ Fixnum

Calculates hash code according to all attributes.

Returns:

• (Fixnum) —

  Hash code

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 200

def hash
  [type, is_expired_certificate_blocked, is_untrusted_issuer_blocked, is_revocation_status_timeout_blocked, is_unsupported_version_blocked, is_unsupported_cipher_blocked, is_unknown_revocation_status_blocked, are_certificate_extensions_restricted, is_auto_include_alt_name, is_out_of_capacity_blocked].hash
end

#to_hash ⇒ Hash

Returns the object in the form of hash

Returns:

• (Hash) —

  Returns the object in the form of hash

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 244

def to_hash
  hash = {}
  self.class.attribute_map.each_pair do |attr, param|
    value = public_method(attr).call
    next if value.nil? && !instance_variable_defined?("@#{attr}")

    hash[param] = _to_hash(value)
  end
  hash
end

#to_s ⇒ String

Returns the string representation of the object

Returns:

• (String) —

  String presentation of the object

# File 'lib/oci/network_firewall/models/ssl_forward_proxy_profile.rb', line 238

def to_s
  to_hash.to_s
end