controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/Auth0Credentials.java


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
package com.yahoo.vespa.hosted.controller.security;

import com.yahoo.vespa.hosted.controller.api.role.Role;

import java.security.Principal;
import java.util.Collections;
import java.util.Set;

/**
 * Like {@link Credentials}, but we know the principal is authenticated by Auth0.
 * Also includes the set of roles for which the principal is a member.
 *
 * @author andreer
 */
public class Auth0Credentials extends Credentials {

    private final Set<Role> roles;

    public Auth0Credentials(Principal user, Set<Role> roles) {
        super(user);
        this.roles = Collections.unmodifiableSet(roles);
    }

    /** The set of roles set in the auth0 cookie, extracted by CloudAccessControlRequests. */
    public Set<Role> getRolesFromCookie() {
        return roles;
    }

}