Package com.yahoo.security.tls

Record Class ConnectionAuthContext

java.lang.Object
java.lang.Record
com.yahoo.security.tls.ConnectionAuthContext
public record ConnectionAuthContext(List<X509Certificate> peerCertificateChain, CapabilitySet capabilities, Set<String> matchedPolicies, CapabilityMode capabilityMode) extends Record
Author:
bjorncs

  • Constructor Details

    • ConnectionAuthContext

      public ConnectionAuthContext(List<X509Certificate> peerCertificateChain, CapabilitySet capabilities, Set<String> matchedPolicies, CapabilityMode capabilityMode)
      Creates an instance of a ConnectionAuthContext record class.
      Parameters:
      peerCertificateChain - the value for the peerCertificateChain record component
      capabilities - the value for the capabilities record component
      matchedPolicies - the value for the matchedPolicies record component
      capabilityMode - the value for the capabilityMode record component

  • Method Details

    • authorized

      public boolean authorized()

    • verifyCapabilities

      public void verifyCapabilities(CapabilitySet requiredCapabilities) throws MissingCapabilitiesException
      Throws checked exception to force caller to handle verification failed.
      Throws:
      MissingCapabilitiesException

    • verifyCapabilities

      public void verifyCapabilities(CapabilitySet requiredCapabilities, String action, String resource, String peer) throws MissingCapabilitiesException
      Throws checked exception to force caller to handle verification failed. Provided strings are used for improved logging only
      Throws:
      MissingCapabilitiesException

    • peerCertificate

      public Optional<X509Certificate> peerCertificate()

    • peerCertificateString

      public Optional<String> peerCertificateString()

    • defaultAllCapabilities

      public static ConnectionAuthContext defaultAllCapabilities()
      Construct instance with all capabilities

    • defaultAllCapabilities

      public static ConnectionAuthContext defaultAllCapabilities(List<X509Certificate> certs)
      Construct instance with all capabilities

    • toString

      public final String toString()
      Returns a string representation of this record class. The representation contains the name of the class, followed by the name and value of each of the record components.
      Specified by:
      toString in class Record
      Returns:
      a string representation of this object

    • hashCode

      public final int hashCode()
      Returns a hash code value for this object. The value is derived from the hash code of each of the record components.
      Specified by:
      hashCode in class Record
      Returns:
      a hash code value for this object

    • equals

      public final boolean equals(Object o)
      Indicates whether some other object is "equal to" this one. The objects are equal if the other object is of the same class and if all the record components are equal. All components in this record class are compared with Objects::equals(Object,Object).
      Specified by:
      equals in class Record
      Parameters:
      o - the object with which to compare
      Returns:
      true if this object is the same as the o argument; false otherwise.

    • peerCertificateChain

      public List<X509Certificate> peerCertificateChain()
      Returns the value of the peerCertificateChain record component.
      Returns:
      the value of the peerCertificateChain record component

    • capabilities

      public CapabilitySet capabilities()
      Returns the value of the capabilities record component.
      Returns:
      the value of the capabilities record component

    • matchedPolicies

      public Set<String> matchedPolicies()
      Returns the value of the matchedPolicies record component.
      Returns:
      the value of the matchedPolicies record component

    • capabilityMode

      public CapabilityMode capabilityMode()
      Returns the value of the capabilityMode record component.
      Returns:
      the value of the capabilityMode record component