diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2022-07-19 14:30:27 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-07-19 14:30:27 +0200 |
commit | 46ba1b00aa19e937e2c257b34c23417adeef56eb (patch) | |
tree | 7e595f7ca0c17bc74b07c18472f4cd2d4f57c4d4 /security-utils/src/main/java/com/yahoo/security/tls/authz/ConnectionAuthContext.java | |
parent | 8be6dd28753425126507b68c93a24607124871eb (diff) | |
parent | 529a26d7e1062a006196366454f1a047ca31202c (diff) |
Merge pull request #23496 from vespa-engine/bjorncs/capabilitiesv8.21.11
Bjorncs/capabilities
Diffstat (limited to 'security-utils/src/main/java/com/yahoo/security/tls/authz/ConnectionAuthContext.java')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/tls/authz/ConnectionAuthContext.java | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/authz/ConnectionAuthContext.java b/security-utils/src/main/java/com/yahoo/security/tls/authz/ConnectionAuthContext.java new file mode 100644 index 00000000000..877ba4e74bd --- /dev/null +++ b/security-utils/src/main/java/com/yahoo/security/tls/authz/ConnectionAuthContext.java @@ -0,0 +1,26 @@ +package com.yahoo.security.tls.authz; + +import com.yahoo.security.tls.policy.CapabilitySet; + +import java.security.cert.X509Certificate; +import java.util.List; +import java.util.Set; + +/** + * @author bjorncs + */ +public record ConnectionAuthContext(List<X509Certificate> peerCertificateChain, + CapabilitySet capabilities, + Set<String> matchedPolicies) { + + public ConnectionAuthContext { + if (peerCertificateChain.isEmpty()) throw new IllegalArgumentException("Peer certificate chain is empty"); + peerCertificateChain = List.copyOf(peerCertificateChain); + matchedPolicies = Set.copyOf(matchedPolicies); + } + + public boolean authorized() { return !capabilities.hasNone(); } + + public X509Certificate peerCertificate() { return peerCertificateChain.get(0); } + +} |