Move logic for capability checking/logging to ConnectionAuthContext

author: Bjørn Christian Seime <bjorncs@yahooinc.com> 2022-07-21 14:56:51 +0200
committer: Bjørn Christian Seime <bjorncs@yahooinc.com> 2022-07-21 15:30:19 +0200
commit: f4965306b79f0015ca9e8e32072877e57f7f532c (patch)
tree: c3bc93a0916de30dcb70435531c1aa850b27c51c /security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java
parent: d2864cf3be9a93d784ac98b6beee0813dc60b290 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java b/security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java
index 44293de6eb7..951b5c57c9e 100644
--- a/security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java
+++ b/security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java
@@ -47,7 +47,10 @@ public class PeerAuthorizer {
                 grantedCapabilities.add(peerPolicy.capabilities());
             }
         }
-        return new ConnectionAuthContext(certChain, CapabilitySet.unionOf(grantedCapabilities), matchedPolicies);
+        // TODO Pass this through constructor
+        CapabilityMode capabilityMode = TransportSecurityUtils.getCapabilityMode();
+        return new ConnectionAuthContext(
+                certChain, CapabilitySet.unionOf(grantedCapabilities), matchedPolicies, capabilityMode);
     }
 
     private static boolean matchesPolicy(PeerPolicy peerPolicy, String cn, List<String> sans) {
author	Bjørn Christian Seime <bjorncs@yahooinc.com>	2022-07-21 14:56:51 +0200
committer	Bjørn Christian Seime <bjorncs@yahooinc.com>	2022-07-21 15:30:19 +0200
commit	f4965306b79f0015ca9e8e32072877e57f7f532c (patch)
tree	c3bc93a0916de30dcb70435531c1aa850b27c51c /security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java
parent	d2864cf3be9a93d784ac98b6beee0813dc60b290 (diff)