Introduce SecurityContext

3 files changed, 53 insertions, 15 deletions

diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RolePrincipal.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RolePrincipal.java
deleted file mode 100644
index 4164dc80e70..00000000000
--- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RolePrincipal.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package com.yahoo.vespa.hosted.controller.api.role;
-
-import java.security.Principal;
-
-/**
- * A {@link Principal} with a {@link RoleMembership}.
- *
- * @author jonmv
- */
-public interface RolePrincipal extends Principal {
-
-    /** Returns the roles with context this principal is a member of. */
-    RoleMembership roles();
-
-}
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/SecurityContext.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/SecurityContext.java
new file mode 100644
index 00000000000..1ad98e761f5
--- /dev/null
+++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/SecurityContext.java
@@ -0,0 +1,48 @@
+// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+package com.yahoo.vespa.hosted.controller.api.role;
+
+import java.security.Principal;
+import java.util.Objects;
+
+public class SecurityContext {
+
+    public static final String ATTRIBUTE_NAME = SecurityContext.class.getName();
+
+    private final Principal principal;
+    private final RoleMembership roles;
+
+    public SecurityContext(Principal principal, RoleMembership roles) {
+        this.principal = principal;
+        this.roles = roles;
+    }
+
+    public Principal principal() {
+        return principal;
+    }
+
+    public RoleMembership roles() {
+        return roles;
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) return true;
+        if (o == null || getClass() != o.getClass()) return false;
+        SecurityContext that = (SecurityContext) o;
+        return Objects.equals(principal, that.principal) &&
+               Objects.equals(roles, that.roles);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(principal, roles);
+    }
+
+    @Override
+    public String toString() {
+        return "SecurityContext{" +
+               "principal=" + principal +
+               ", roles=" + roles +
+               '}';
+    }
+}
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/package-info.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/package-info.java
new file mode 100644
index 00000000000..a7f70d6fe3c
--- /dev/null
+++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/package-info.java
@@ -0,0 +1,5 @@
+// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+@ExportPackage
+package com.yahoo.vespa.hosted.controller.api.role;
+
+import com.yahoo.osgi.annotation.ExportPackage;
\ No newline at end of file