public class ConfluentPrincipal extends KafkaPrincipal
ConfluentPrincipal
extends KafkaPrincipal
to provide extra utility for principals.
authorizationIds
store all the authorization ids in one list which contributes to
the authorization. Currently, this list contains may_act.principals + integerId
in the case of
the confluent token in the Confluent cloud and for any other mechanism, it contains the name of
KafkaPrincipal.getName()
.
groups
this is specific to Confluent Platform. As part of OAuth support to
Confluent Platform, groups can be obtained from the Oauth token. And these group principals are also used
in final authorization.
authorizationIds
and groups
can't be mixed as of now.
identityMetadata
this is specific to confluent cloud. It is used in Audit log in case
of Oauth authentication.Modifier and Type | Field and Description |
---|---|
static String |
GROUP_TYPE |
ANONYMOUS, USER_TYPE
Constructor and Description |
---|
ConfluentPrincipal(String principalType,
String name,
String authenticationId) |
ConfluentPrincipal(String principalType,
String name,
String authenticationId,
boolean delegationTokenAuthenticated) |
ConfluentPrincipal(String principalType,
String name,
String authenticationId,
Optional<String> networkId,
boolean delegationTokenAuthenticated,
Set<String> groups) |
ConfluentPrincipal(String principalType,
String name,
String authenticationId,
Optional<String> networkId,
boolean delegationTokenAuthenticated,
Set<String> groups,
List<String> authorizationIds,
IdentityMetadata identityMetadata)
authorizationIds: Contains list of ids used in authorization.
|
Modifier and Type | Method and Description |
---|---|
String |
authenticationId()
Returns the public credential (e.g.
|
List<String> |
authorizationIds()
Returns list of ids which will be used to authorize to request.
|
boolean |
equals(Object o) |
Set<String> |
getGroups()
Returns the principal groups if provided during authentication.
|
int |
hashCode() |
IdentityMetadata |
identityMetadata() |
Optional<IdentityMetadata> |
maybeGetIdentityMetadata() |
Optional<String> |
networkId()
Returns the networkId if available, where the authentication request originated from.
|
getName, getPrincipalType, tokenAuthenticated, tokenAuthenticated, toString
public static final String GROUP_TYPE
public ConfluentPrincipal(String principalType, String name, String authenticationId)
public ConfluentPrincipal(String principalType, String name, String authenticationId, boolean delegationTokenAuthenticated)
public ConfluentPrincipal(String principalType, String name, String authenticationId, Optional<String> networkId, boolean delegationTokenAuthenticated, Set<String> groups)
public ConfluentPrincipal(String principalType, String name, String authenticationId, Optional<String> networkId, boolean delegationTokenAuthenticated, Set<String> groups, List<String> authorizationIds, IdentityMetadata identityMetadata)
public IdentityMetadata identityMetadata()
public Optional<IdentityMetadata> maybeGetIdentityMetadata()
public String authenticationId()
public Optional<String> networkId()
public List<String> authorizationIds()
public Set<String> getGroups()
public boolean equals(Object o)
equals
in interface Principal
equals
in class KafkaPrincipal
public int hashCode()
hashCode
in interface Principal
hashCode
in class KafkaPrincipal