diff options
Diffstat (limited to 'security-utils/src/main/java/com/yahoo/security/tls/ConnectionAuthContext.java')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/tls/ConnectionAuthContext.java | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/ConnectionAuthContext.java b/security-utils/src/main/java/com/yahoo/security/tls/ConnectionAuthContext.java index 3ee6ed1dcaa..b4e8878fb01 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/ConnectionAuthContext.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/ConnectionAuthContext.java @@ -18,14 +18,15 @@ public record ConnectionAuthContext(List<X509Certificate> peerCertificateChain, CapabilitySet capabilities, Set<String> matchedPolicies) { - private static final ConnectionAuthContext DEFAULT_ALL_CAPABILITIES = - new ConnectionAuthContext(List.of(), CapabilitySet.all(), Set.of()); + private static final ConnectionAuthContext DEFAULT_ALL_CAPABILITIES = new ConnectionAuthContext(List.of()); public ConnectionAuthContext { peerCertificateChain = List.copyOf(peerCertificateChain); matchedPolicies = Set.copyOf(matchedPolicies); } + private ConnectionAuthContext(List<X509Certificate> certs) { this(certs, CapabilitySet.all(), Set.of()); } + public boolean authorized() { return !capabilities.hasNone(); } public Optional<X509Certificate> peerCertificate() { @@ -60,6 +61,12 @@ public record ConnectionAuthContext(List<X509Certificate> peerCertificateChain, return Optional.of(b.append("]").toString()); } + /** Construct instance with all capabilities */ public static ConnectionAuthContext defaultAllCapabilities() { return DEFAULT_ALL_CAPABILITIES; } + /** Construct instance with all capabilities */ + public static ConnectionAuthContext defaultAllCapabilities(List<X509Certificate> certs) { + return new ConnectionAuthContext(certs); + } + } |