diff options
author | Jon Marius Venstad <jvenstad@yahoo-inc.com> | 2019-04-03 17:37:12 +0200 |
---|---|---|
committer | Jon Marius Venstad <venstad@gmail.com> | 2019-04-04 09:48:01 +0200 |
commit | 7cdbaaf2100f83eb1e574a1bb75f6e8232e3b494 (patch) | |
tree | 0f7797a53d8d8b7e58c492bcde88af5454c5a1f1 /controller-server/src | |
parent | 4757b61f2fa9801a08bc06994de4b3945e31468d (diff) |
Auth0RolerFilter skeleton
Diffstat (limited to 'controller-server/src')
2 files changed, 43 insertions, 2 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/filter/AthenzRoleFilter.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/filter/AthenzRoleFilter.java index 798036c1c42..fb98070295a 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/filter/AthenzRoleFilter.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/filter/AthenzRoleFilter.java @@ -38,7 +38,7 @@ import static java.util.Objects.requireNonNull; * * @author jonmv */ -public class AthenzRoleFilter extends CorsRequestFilterBase { +public class AthenzRoleFilter extends CorsRequestFilterBase { // TODO: No need for this super anyway. private static final Logger logger = Logger.getLogger(AthenzRoleFilter.class.getName()); diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/filter/Auth0RoleFilter.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/filter/Auth0RoleFilter.java index b3264c0f51a..d96edd57e33 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/filter/Auth0RoleFilter.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/filter/Auth0RoleFilter.java @@ -1,5 +1,46 @@ package com.yahoo.vespa.hosted.controller.restapi.filter; -public class Auth0RoleFilter { +import com.yahoo.jdisc.http.filter.DiscFilterRequest; +import com.yahoo.jdisc.http.filter.security.base.JsonSecurityRequestFilterBase; +import com.yahoo.vespa.hosted.controller.role.RoleMembership; + +import java.util.Objects; +import java.util.Optional; + +/** + * Enriches the request principal with roles from Athenz. + * + * @author jonmv + */ +public class Auth0RoleFilter extends JsonSecurityRequestFilterBase { + + @Override + protected Optional<ErrorResponse> filter(DiscFilterRequest request) { + return Optional.empty(); + } + + + private static class Auth0RolePrincipal implements RolePrincipal { + + private final String name; + private final RoleMembership roles; + + public Auth0RolePrincipal(String name, RoleMembership roles) { + if (name.isBlank()) throw new IllegalArgumentException("Name may not be blank."); + this.name = name; + this.roles = Objects.requireNonNull(roles); + } + + @Override + public String getName() { + return name; + } + + @Override + public RoleMembership roles() { + return roles; + } + + } } |