diff options
author | Morten Tokle <mortent@yahooinc.com> | 2022-06-28 09:54:30 +0200 |
---|---|---|
committer | Morten Tokle <mortent@yahooinc.com> | 2022-06-28 09:54:30 +0200 |
commit | cd37a82cf3118c6ebfe2a0c1abe3876ebe61cd56 (patch) | |
tree | 9e558e4d1bef431082dbbab116f5bd23ed178d8d /vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client | |
parent | 954e9f4467bc50f686ee3c0813c467ddea998d5a (diff) |
Reduce role token expiry to 10 minutes
Diffstat (limited to 'vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client')
-rw-r--r-- | vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/ZtsClient.java | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/ZtsClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/ZtsClient.java index e52abc4193b..30c8ab2fd50 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/ZtsClient.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/ZtsClient.java @@ -68,15 +68,37 @@ public interface ZtsClient extends AutoCloseable { * @param domain Target domain * @return A role token */ - ZToken getRoleToken(AthenzDomain domain); + default ZToken getRoleToken(AthenzDomain domain) { + return getRoleToken(domain, Duration.ofHours(1)); + } + + /** + * Fetch a role token for the target domain + * + * @param domain Target domain + * @param tokenExpiry Token expiry + * @return A role token + */ + ZToken getRoleToken(AthenzDomain domain, Duration tokenExpiry); + + /** + * Fetch a role token for the target role + * + * @param athenzRole Target role + * @return A role token + */ + default ZToken getRoleToken(AthenzRole athenzRole) { + return getRoleToken(athenzRole, Duration.ofHours(1)); + } /** * Fetch a role token for the target role * * @param athenzRole Target role + * @param tokenExpiry Token expiry * @return A role token */ - ZToken getRoleToken(AthenzRole athenzRole); + ZToken getRoleToken(AthenzRole athenzRole, Duration tokenExpiry); /** * Fetch an access token for the target domain |