diff options
author | Morten Tokle <mortent@verizonmedia.com> | 2021-06-03 11:19:25 +0200 |
---|---|---|
committer | Morten Tokle <mortent@verizonmedia.com> | 2021-06-03 11:19:25 +0200 |
commit | d4a0b5486f49a24f2c002a813cdeba3674ce21ad (patch) | |
tree | 8bc9ed21c6f74a0f29ac83d57c5bf3e207436ec0 /vespa-athenz | |
parent | 2e331d2a6096920bd268efe325b5d96633c189ad (diff) |
Implement listMembers
Diffstat (limited to 'vespa-athenz')
3 files changed, 18 insertions, 0 deletions
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java index 9ee599b22eb..f73ac9c3535 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java @@ -33,6 +33,7 @@ import java.util.Collections; import java.util.List; import java.util.OptionalInt; import java.util.Set; +import java.util.function.Function; import java.util.function.Supplier; import java.util.stream.Collectors; @@ -230,6 +231,17 @@ public class DefaultZmsClient extends ClientBase implements ZmsClient { execute(request, response -> readEntity(response, Void.class)); } + @Override + public List<AthenzIdentity> listMembers(AthenzRole athenzRole) { + URI uri = zmsUrl.resolve(String.format("domain/%s/role/%s", athenzRole.domain().getName(), athenzRole.roleName())); + RoleEntity execute = execute(RequestBuilder.get(uri).build(), response -> readEntity(response, RoleEntity.class)); + return execute.roleMembers().stream() + .filter(member -> ! member.pendingApproval()) + .map(RoleEntity.Member::memberName) + .map(AthenzIdentities::from) + .collect(Collectors.toList()); + } + private static Header createCookieHeaderWithOktaTokens(OktaIdentityToken identityToken, OktaAccessToken accessToken) { return new BasicHeader("Cookie", String.format("okta_at=%s; okta_it=%s", accessToken.token(), identityToken.token())); } diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/ZmsClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/ZmsClient.java index 8afa9000ed1..15e8ba77850 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/ZmsClient.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/ZmsClient.java @@ -48,5 +48,7 @@ public interface ZmsClient extends AutoCloseable { void approvePendingRoleMembership(AthenzRole athenzRole, AthenzUser athenzUser, Instant expiry); + List<AthenzIdentity> listMembers(AthenzRole athenzRole); + void close(); } diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/RoleEntity.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/RoleEntity.java index e5bcc4d977e..5babe292138 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/RoleEntity.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/RoleEntity.java @@ -8,6 +8,9 @@ import com.fasterxml.jackson.annotation.JsonProperty; import java.util.List; +/** + * @author mortent + */ @JsonIgnoreProperties(ignoreUnknown = true) public class RoleEntity { private final String roleName; @@ -27,6 +30,7 @@ public class RoleEntity { return roleMembers; } + @JsonIgnoreProperties(ignoreUnknown = true) public static final class Member { private final String memberName; private final boolean active; |