Return granted capabilities from PeerAuthorizer

Introduce new ConnectionAuthContext as replacement for AuthorizationResult/SecurityContext.
author: Bjørn Christian Seime <bjorncs@yahooinc.com> 2022-07-13 16:53:43 +0200
committer: Bjørn Christian Seime <bjorncs@yahooinc.com> 2022-07-15 15:35:10 +0200
commit: eed3e5deaf3fd13c353361e45420735a93d0f3d0 (patch)
tree: b4e738c5cf85775153237ec07ea08f4e97d224f1 /security-utils/src/main/java/com/yahoo/security/tls/authz/ConnectionAuthContext.java
parent: ff26daaf31ec0567dc6a9049d5e275cf7c4810dc (diff)
1 files changed, 23 insertions, 0 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/authz/ConnectionAuthContext.java b/security-utils/src/main/java/com/yahoo/security/tls/authz/ConnectionAuthContext.java
new file mode 100644
index 00000000000..a5fb51da763
--- /dev/null
+++ b/security-utils/src/main/java/com/yahoo/security/tls/authz/ConnectionAuthContext.java
@@ -0,0 +1,23 @@
+package com.yahoo.security.tls.authz;
+
+import com.yahoo.security.tls.policy.CapabilitySet;
+
+import java.security.cert.X509Certificate;
+import java.util.List;
+import java.util.SortedSet;
+import java.util.TreeSet;
+
+/**
+ * @author bjorncs
+ */
+public record ConnectionAuthContext(List<X509Certificate> peerCertificate,
+                                    CapabilitySet capabilities,
+                                    SortedSet<String> matchedPolicies) {
+
+    public ConnectionAuthContext {
+        matchedPolicies = new TreeSet<>(matchedPolicies);
+    }
+
+    public boolean succeeded() { return matchedPolicies.size() > 0; }
+
+}
author	Bjørn Christian Seime <bjorncs@yahooinc.com>	2022-07-13 16:53:43 +0200
committer	Bjørn Christian Seime <bjorncs@yahooinc.com>	2022-07-15 15:35:10 +0200
commit	eed3e5deaf3fd13c353361e45420735a93d0f3d0 (patch)
tree	b4e738c5cf85775153237ec07ea08f4e97d224f1 /security-utils/src/main/java/com/yahoo/security/tls/authz/ConnectionAuthContext.java
parent	ff26daaf31ec0567dc6a9049d5e275cf7c4810dc (diff)