Package io.deephaven.enterprise.auth

Interface AuthenticationClient

All Superinterfaces:
PublicKeyAuthenticationClient, TokenAuthenticationClient, TokenFactoryFactory, TokenVerificationClient
All Known Implementing Classes:
AuthenticationClientManager, AuthenticationClientManager.Null, GrpcAuthenticationClientManager
public interface AuthenticationClient extends PublicKeyAuthenticationClient
Auth client API, common to both local-only and remote clients.

  • Method Details

    • close

      void close()
      Disconnect from the origin
      Specified by:
      close in interface TokenFactoryFactory

    • passwordAuthentication

      default boolean passwordAuthentication(String userToAuthenticate, String password)
      Authenticate the specified user
      Parameters:
      userToAuthenticate - The user to authenticate
      password - The password
      Returns:
      true on success, false on failure
      Throws:
      UncheckedIOException - if the client can not communicate with the Auth server
      AuthException - if any other problem occurred

    • passwordAuthentication

      boolean passwordAuthentication(String userToAuthenticate, String password, String effectiveUser)
      Authenticate the specified user as a different effective user
      Parameters:
      userToAuthenticate - The user to authenticate
      password - The password
      effectiveUser - The effective user to operate as
      Returns:
      true on success, false on failure
      Throws:
      UncheckedIOException - if the client can not communicate with the Auth server
      AuthException - if any other problem occurred

    • presentDelegateToken

      boolean presentDelegateToken(AuthToken token)
      Authenticate using the specified delegate token
      Parameters:
      token - The delegate token created by AuthenticationClientManager.createDelegateTokens()
      Throws:
      UncheckedIOException - if the server was unreachable
      AuthException - if any other problem occurred

    • externalLogin

      String externalLogin(String key)
      Attempt to authenticate against an auth-module for an as-yet-unknown user based on the provided key. On successful key-based authentication, the user-name shall be provided by the auth-module. This method will block until the authentication-attempt succeeds or fails, or is timed-out by the auth-module waiting for the external authentication message
      Parameters:
      key - a nonce which an appropriate auth-module may be able to confirm as authenticated
      Returns:
      the authenticated user-name if this key is approved by an auth-module, else null
      Throws:
      UncheckedIOException - if the server was unreachable
      AuthException - if any other problem occurred