summaryrefslogtreecommitdiffstats
path: root/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzAuthorizationFilter.java
diff options
context:
space:
mode:
Diffstat (limited to 'jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzAuthorizationFilter.java')
-rw-r--r--jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzAuthorizationFilter.java10
1 files changed, 5 insertions, 5 deletions
diff --git a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzAuthorizationFilter.java b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzAuthorizationFilter.java
index d586983138e..74e0ee36959 100644
--- a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzAuthorizationFilter.java
+++ b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzAuthorizationFilter.java
@@ -13,7 +13,7 @@ import com.yahoo.vespa.athenz.api.AthenzResourceName;
import com.yahoo.vespa.athenz.api.AthenzRole;
import com.yahoo.vespa.athenz.api.ZToken;
import com.yahoo.vespa.athenz.tls.AthenzX509CertificateUtils;
-import com.yahoo.vespa.athenz.zpe.AccessCheckResult;
+import com.yahoo.vespa.athenz.zpe.AuthorizationResult;
import com.yahoo.vespa.athenz.zpe.DefaultZpe;
import com.yahoo.vespa.athenz.zpe.Zpe;
@@ -120,12 +120,12 @@ public class AthenzAuthorizationFilter extends JsonSecurityRequestFilterBase {
DiscFilterRequest request,
ZpeCheck<C> accessCheck,
Function<C, AthenzPrincipal> principalFactory) {
- AccessCheckResult accessCheckResult = accessCheck.checkAccess(credentials, resAndAction.resourceName(), resAndAction.action());
- if (accessCheckResult == AccessCheckResult.ALLOW) {
+ AuthorizationResult authorizationResult = accessCheck.checkAccess(credentials, resAndAction.resourceName(), resAndAction.action());
+ if (authorizationResult == AuthorizationResult.ALLOW) {
request.setUserPrincipal(principalFactory.apply(credentials));
return Optional.empty();
}
- return Optional.of(new ErrorResponse(Response.Status.FORBIDDEN, "Access forbidden: " + accessCheckResult.getDescription()));
+ return Optional.of(new ErrorResponse(Response.Status.FORBIDDEN, "Access forbidden: " + authorizationResult.getDescription()));
}
private static AthenzPrincipal createPrincipal(X509Certificate certificate) {
@@ -139,7 +139,7 @@ public class AthenzAuthorizationFilter extends JsonSecurityRequestFilterBase {
}
@FunctionalInterface private interface ZpeCheck<C> {
- AccessCheckResult checkAccess(C credentials, AthenzResourceName resourceName, String action);
+ AuthorizationResult checkAccess(C credentials, AthenzResourceName resourceName, String action);
}
}