diff options
author | Morten Tokle <mortent@yahooinc.com> | 2022-06-28 11:53:46 +0200 |
---|---|---|
committer | Morten Tokle <mortent@yahooinc.com> | 2022-06-28 11:53:46 +0200 |
commit | d3c93914926802b52d526fe6204050717b3af94d (patch) | |
tree | a781f7a0938bb77a33b36edf04ccaf8d5a1a02b5 /vespa-athenz/src | |
parent | 241597aa46ee3ea284c4c80ffb81ad83c8c808c4 (diff) |
Request tokens with max expiry time
Diffstat (limited to 'vespa-athenz/src')
-rw-r--r-- | vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/DefaultZtsClient.java | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/DefaultZtsClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/DefaultZtsClient.java index 13a61d65d78..197af753442 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/DefaultZtsClient.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/DefaultZtsClient.java @@ -116,22 +116,23 @@ public class DefaultZtsClient extends ClientBase implements ZtsClient { } @Override - public ZToken getRoleToken(AthenzDomain domain) { - return getRoleToken(domain, null); + public ZToken getRoleToken(AthenzDomain domain, Duration expiry) { + return getRoleToken(domain, null, expiry); } @Override - public ZToken getRoleToken(AthenzRole athenzRole) { - return getRoleToken(athenzRole.domain(), athenzRole.roleName()); + public ZToken getRoleToken(AthenzRole athenzRole, Duration expiry) { + return getRoleToken(athenzRole.domain(), athenzRole.roleName(), expiry); } - private ZToken getRoleToken(AthenzDomain domain, String roleName) { + private ZToken getRoleToken(AthenzDomain domain, String roleName, Duration expiry) { URI uri = ztsUrl.resolve(String.format("domain/%s/token", domain.getName())); RequestBuilder requestBuilder = RequestBuilder.get(uri) .addHeader("Content-Type", "application/json"); if (roleName != null) { requestBuilder.addParameter("role", roleName); } + requestBuilder.addParameter("maxExpiryTime", Long.toString(expiry.getSeconds())); HttpUriRequest request = requestBuilder.build(); return execute(request, response -> { RoleTokenResponseEntity roleTokenResponseEntity = readEntity(response, RoleTokenResponseEntity.class); |