public class ConfluentPrincipal extends KafkaPrincipal
ConfluentPrincipal extends KafkaPrincipal to provide extra utility for principals. authorizationIds store all the authorization ids in one list which contributes to the authorization. Currently, this list contains may_act.principals + integerId in the case of the confluent token in the Confluent cloud and for any other mechanism, it contains the name of KafkaPrincipal.getName(). groups this is specific to Confluent Platform. As part of OAuth support to Confluent Platform, groups can be obtained from the Oauth token. And these group principals are also used in final authorization. authorizationIds and groups can't be mixed as of now. identityMetadata this is specific to confluent cloud. It is used in Audit log in case of Oauth authentication.| Modifier and Type | Field and Description |
|---|---|
static String | GROUP_TYPE |
ANONYMOUS, USER_TYPE| Constructor and Description |
|---|
ConfluentPrincipal(String principalType, String name, String authenticationId) |
ConfluentPrincipal(String principalType, String name, String authenticationId, boolean delegationTokenAuthenticated) |
ConfluentPrincipal(String principalType, String name, String authenticationId, Optional<String> networkId, boolean delegationTokenAuthenticated, Set<String> groups) |
ConfluentPrincipal(String principalType, String name, String authenticationId, Optional<String> networkId, boolean delegationTokenAuthenticated, Set<String> groups, List<String> authorizationIds, IdentityMetadata identityMetadata)authorizationIds: Contains list of ids used in authorization. |
| Modifier and Type | Method and Description |
|---|---|
String | authenticationId()Returns the public credential (e.g. |
List<String> | authorizationIds()Returns list of ids which will be used to authorize to request. |
boolean | equals(Object o) |
Set<String> | getGroups()Returns the principal groups if provided during authentication. |
int | hashCode() |
IdentityMetadata | identityMetadata() |
Optional<IdentityMetadata> | maybeGetIdentityMetadata() |
Optional<String> | networkId()Returns the networkId if available, where the authentication request originated from. |
getName, getPrincipalType, tokenAuthenticated, tokenAuthenticated, toStringpublic static final String GROUP_TYPE
public ConfluentPrincipal(String principalType, String name, String authenticationId)
public ConfluentPrincipal(String principalType, String name, String authenticationId, boolean delegationTokenAuthenticated)
public ConfluentPrincipal(String principalType, String name, String authenticationId, Optional<String> networkId, boolean delegationTokenAuthenticated, Set<String> groups)
public ConfluentPrincipal(String principalType, String name, String authenticationId, Optional<String> networkId, boolean delegationTokenAuthenticated, Set<String> groups, List<String> authorizationIds, IdentityMetadata identityMetadata)
public IdentityMetadata identityMetadata()
public Optional<IdentityMetadata> maybeGetIdentityMetadata()
public String authenticationId()
public Optional<String> networkId()
public List<String> authorizationIds()
public Set<String> getGroups()
public boolean equals(Object o)
equals in interface Principalequals in class KafkaPrincipalpublic int hashCode()
hashCode in interface PrincipalhashCode in class KafkaPrincipal