aboutsummaryrefslogtreecommitdiffstats
path: root/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzPrincipalFilter.java
diff options
context:
space:
mode:
Diffstat (limited to 'jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzPrincipalFilter.java')
-rw-r--r--jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzPrincipalFilter.java14
1 files changed, 4 insertions, 10 deletions
diff --git a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzPrincipalFilter.java b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzPrincipalFilter.java
index 3c154fa4d89..a30ca654b83 100644
--- a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzPrincipalFilter.java
+++ b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/athenz/AthenzPrincipalFilter.java
@@ -4,8 +4,7 @@ package com.yahoo.jdisc.http.filter.security.athenz;
import com.google.inject.Inject;
import com.yahoo.jdisc.Response;
import com.yahoo.jdisc.http.filter.DiscFilterRequest;
-import com.yahoo.jdisc.http.filter.security.cors.CorsFilterConfig;
-import com.yahoo.jdisc.http.filter.security.cors.CorsRequestFilterBase;
+import com.yahoo.jdisc.http.filter.security.base.JsonSecurityRequestFilterBase;
import com.yahoo.vespa.athenz.api.AthenzPrincipal;
import com.yahoo.vespa.athenz.api.NToken;
import com.yahoo.vespa.athenz.utils.AthenzIdentities;
@@ -13,10 +12,8 @@ import com.yahoo.vespa.athenz.utils.ntoken.NTokenValidator;
import java.nio.file.Paths;
import java.security.cert.X509Certificate;
-import java.util.HashSet;
import java.util.List;
import java.util.Optional;
-import java.util.Set;
/**
@@ -29,7 +26,7 @@ import java.util.Set;
*
* @author bjorncs
*/
-public class AthenzPrincipalFilter extends CorsRequestFilterBase {
+public class AthenzPrincipalFilter extends JsonSecurityRequestFilterBase {
private static final String RESULT_ATTRIBUTE_PREFIX = "jdisc-security-filters.athenz-principal-filter.result";
public static final String RESULT_ERROR_CODE_ATTRIBUTE = RESULT_ATTRIBUTE_PREFIX + ".error.code";
@@ -41,25 +38,22 @@ public class AthenzPrincipalFilter extends CorsRequestFilterBase {
private final boolean passthroughMode;
@Inject
- public AthenzPrincipalFilter(AthenzPrincipalFilterConfig athenzPrincipalFilterConfig, CorsFilterConfig corsConfig) {
+ public AthenzPrincipalFilter(AthenzPrincipalFilterConfig athenzPrincipalFilterConfig) {
this(new NTokenValidator(Paths.get(athenzPrincipalFilterConfig.athenzConfFile())),
athenzPrincipalFilterConfig.principalHeaderName(),
- new HashSet<>(corsConfig.allowedUrls()),
athenzPrincipalFilterConfig.passthroughMode());
}
AthenzPrincipalFilter(NTokenValidator validator,
String principalTokenHeader,
- Set<String> corsAllowedUrls,
boolean passthroughMode) {
- super(corsAllowedUrls);
this.validator = validator;
this.principalTokenHeader = principalTokenHeader;
this.passthroughMode = passthroughMode;
}
@Override
- public Optional<ErrorResponse> filterRequest(DiscFilterRequest request) {
+ public Optional<ErrorResponse> filter(DiscFilterRequest request) {
try {
Optional<AthenzPrincipal> certificatePrincipal = getClientCertificate(request)
.map(AthenzIdentities::from)