Package io.deephaven.enterprise.auth

Class AuthServerForwarder

java.lang.Object

io.deephaven.enterprise.auth.AuthServerForwarder

All Implemented Interfaces:

AutoCloseable

public class AuthServerForwarder
extends Object
implements AutoCloseable

Class to manage requests that need to go to a specific authentication server origin. Eg, verifying tokens.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	AuthServerForwarder.InvalidTokenOriginException

Field Summary

Fields

Modifier and Type	Field	Description
static final String	LOG_PFX

Constructor Summary

Constructors

Constructor	Description
AuthServerForwarder(io.deephaven.shadow.jetcd.io.etcd.jetcd.Client etcdClient)

Method Summary

Modifier and Type	Method	Description
void	close()
CompletableFuture<VerifyChallengeResponse>	verifyChallengeAsync(ClientId clientId, com.google.protobuf.ByteString publicKey, UserContext userContext, InetAddress addy, com.google.protobuf.ByteString challengeResponse, long remainingDeadlineTimeMillis)	Asynchronously verify a challenge to the particular authentication server that generated it.
CompletableFuture<VerifyTokenResponse>	verifyTokenToOriginAsync(String service, AuthToken authToken, long remainingDeadlineTimeMillis)	Asynchronously verify an AuthToken to the particular authentication server that generated it.
boolean	verifyTokenToOriginOrThrow(String service, AuthToken authToken, long remainingDeadlineTimeMillis)	Verify an AuthToken to the particular authentication server that generated it.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

LOG_PFX

public static final String LOG_PFX

See Also:

• Constant Field Values

Constructor Details

AuthServerForwarder

public AuthServerForwarder(io.deephaven.shadow.jetcd.io.etcd.jetcd.Client etcdClient)

Method Details

verifyTokenToOriginAsync

public CompletableFuture<VerifyTokenResponse> verifyTokenToOriginAsync(String service,
 AuthToken authToken,
 long remainingDeadlineTimeMillis)

Asynchronously verify an AuthToken to the particular authentication server that generated it.

Parameters:

service - The service for which the token is intended

authToken - The auth token

remainingDeadlineTimeMillis - How much time is remaining in the deadline for this request

Returns:

a future representing the async operation

verifyTokenToOriginOrThrow

public boolean verifyTokenToOriginOrThrow(String service,
 AuthToken authToken,
 long remainingDeadlineTimeMillis)
                                   throws AuthServerForwarder.InvalidTokenOriginException

Verify an AuthToken to the particular authentication server that generated it.

Parameters:

service - The service for which the token is intended

authToken - The auth token

remainingDeadlineTimeMillis - How much time is remaining in the deadline for this request

Returns:

true if the token verifies correctly.

Throws:

AuthServerForwarder.InvalidTokenOriginException - if the token origin address is not recognized as a valid origin address

verifyChallengeAsync

public CompletableFuture<VerifyChallengeResponse> verifyChallengeAsync(ClientId clientId,
 com.google.protobuf.ByteString publicKey,
 UserContext userContext,
 InetAddress addy,
 com.google.protobuf.ByteString challengeResponse,
 long remainingDeadlineTimeMillis)

Asynchronously verify a challenge to the particular authentication server that generated it.

Parameters:

clientId - The client id of the requesting client

publicKey - The public key

userContext - The user context

addy - The address where to forward

challengeResponse - the challenge response to verify

remainingDeadlineTimeMillis - How much time is remaining in the deadline for this request

Returns:

a future representing the async operation

close

public void close()

Specified by:

close in interface AutoCloseable