diff options
author | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2022-09-22 14:32:12 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2022-09-22 14:38:51 +0200 |
commit | ca111fa6aff4f69a657a366b03745cf65e6c68d0 (patch) | |
tree | 93b0366c020f4785367543d0eb49c0bb72b48ca2 /controller-api/src | |
parent | aafc1ce1431c1fe6e7068934153c9860f6aa49b9 (diff) |
Add expiry to SecurityContext
Diffstat (limited to 'controller-api/src')
-rw-r--r-- | controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/SecurityContext.java | 27 |
1 files changed, 18 insertions, 9 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/SecurityContext.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/SecurityContext.java index 521b0c00316..85f42eecc58 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/SecurityContext.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/SecurityContext.java @@ -16,15 +16,21 @@ public class SecurityContext { private final Principal principal; private final Set<Role> roles; private final Instant issuedAt; + private final Instant expiresAt; public SecurityContext(Principal principal, Set<Role> roles, Instant issuedAt) { + this(principal, roles, issuedAt, Instant.MAX); + } + + public SecurityContext(Principal principal, Set<Role> roles, Instant issuedAt, Instant expiresAt) { this.principal = Objects.requireNonNull(principal); this.roles = Set.copyOf(roles); this.issuedAt = Objects.requireNonNull(issuedAt); + this.expiresAt = Objects.requireNonNull(expiresAt); } public SecurityContext(Principal principal, Set<Role> roles) { - this(principal, roles, Instant.EPOCH); + this(principal, roles, Instant.EPOCH, Instant.MAX); } public Principal principal() { @@ -39,28 +45,31 @@ public class SecurityContext { return issuedAt; } + /** @return credential expiration or {@link Instant#MAX} is not available */ + public Instant expiresAt() { return expiresAt; } + @Override public boolean equals(Object o) { if (this == o) return true; if (o == null || getClass() != o.getClass()) return false; SecurityContext that = (SecurityContext) o; - return Objects.equals(principal, that.principal) && - Objects.equals(roles, that.roles) && - Objects.equals(issuedAt, that.issuedAt); + return Objects.equals(principal, that.principal) && Objects.equals(roles, that.roles) + && Objects.equals(issuedAt, that.issuedAt) && Objects.equals(expiresAt, that.expiresAt); } @Override public int hashCode() { - return Objects.hash(principal, roles, issuedAt); + return Objects.hash(principal, roles, issuedAt, expiresAt); } @Override public String toString() { return "SecurityContext{" + - "principal=" + principal + - ", roles=" + roles + - ", issuedAt=" + issuedAt + - '}'; + "principal=" + principal + + ", roles=" + roles + + ", issuedAt=" + issuedAt + + ", expiresAt=" + expiresAt + + '}'; } } |