Package io.strimzi.kafka.oauth.common

Interface BearerTokenWithPayload

All Superinterfaces:
org.apache.kafka.common.security.oauthbearer.OAuthBearerToken
public interface BearerTokenWithPayload extends org.apache.kafka.common.security.oauthbearer.OAuthBearerToken
This extension of OAuthBearerToken provides a way to associate any additional information with the token at run time, that is cached for the duration of the client session.

This class is the only notion of client session that we can get. Kafka code holds on to it for as long as the session is alive, and then the object can be garbage collected.

Successful re-authentication starts a new session without disconnecting the current connection, avoiding the need to re-establish any existing TLS connection for example.

Token is instantiated during authentication, but the 'payload' methods can be accessed later by custom extensions. For example, it can be used by a custom authorizer to cache a parsed JWT token payload or to cache authorization grants for current session.

  • Method Summary

    Modifier and Type
    Method
    Description
    com.fasterxml.jackson.databind.node.ObjectNode
    getClaimsJSON()
    The token claims as a JSON object.
    Set<String>
    getGroups()
    Get groups associated with this token (principal).
    com.fasterxml.jackson.databind.JsonNode
    getPayload()
    Get the usage dependent object previously associated with this instance by calling setPayload(com.fasterxml.jackson.databind.JsonNode)
    default int
    getSessionId()
    This method returns an id of the current instance of this object.
    void
    setPayload(com.fasterxml.jackson.databind.JsonNode payload)
    Associate a usage dependent object with this instance

    Methods inherited from interface org.apache.kafka.common.security.oauthbearer.OAuthBearerToken

    lifetimeMs, principalName, scope, startTimeMs, value

  • Method Details

    • getPayload

      com.fasterxml.jackson.databind.JsonNode getPayload()
      Get the usage dependent object previously associated with this instance by calling setPayload(com.fasterxml.jackson.databind.JsonNode)
      Returns:
      The associated object

    • setPayload

      void setPayload(com.fasterxml.jackson.databind.JsonNode payload)
      Associate a usage dependent object with this instance
      Parameters:
      payload - The object to associate with this instance

    • getGroups

      Set<String> getGroups()
      Get groups associated with this token (principal).
      Returns:
      The groups for the user

    • getClaimsJSON

      com.fasterxml.jackson.databind.node.ObjectNode getClaimsJSON()
      The token claims as a JSON object. For JWT tokens it contains the content of the JWT Payload part of the token. If introspection is used, it contains the introspection endpoint response.
      Returns:
      Token content / details as a JSON object

    • getSessionId

      default int getSessionId()
      This method returns an id of the current instance of this object. It is used for debugging purposes - e.g. logging that allows tracking of an individual instance of this object through logs.
      Returns:
      An int identifying this instance