AuthzJwtService (auth-jwt-service 2.0.7 API)

java.lang.Object
- io.stargate.auth.jwt.AuthzJwtService

All Implemented Interfaces:: AuthorizationService

public class AuthzJwtService
extends Object
implements AuthorizationService

Constructor Summary

Constructors
Constructor and Description

AuthzJwtService()

Constructors
Constructor and Description
`AuthzJwtService()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`authorizeDataRead(AuthenticationSubject authenticationSubject, String keyspace, String table, SourceAPI sourceAPI)` Authorization for data resource access without keys is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.
`void`	`authorizeDataWrite(AuthenticationSubject authenticationSubject, String keyspace, String table, List<TypedKeyValue> typedKeyValues, Scope scope, SourceAPI sourceAPI)`
`void`	`authorizeDataWrite(AuthenticationSubject authenticationSubject, String keyspace, String table, Scope scope, SourceAPI sourceAPI)` Authorization for data resource access without keys is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.
`ResultSet`	`authorizedDataRead(Callable<ResultSet> action, AuthenticationSubject authenticationSubject, String keyspace, String table, List<TypedKeyValue> typedKeyValues, SourceAPI sourceAPI)` Using the provided JWT and the claims it contains will perform pre-authorization where possible, executes the query provided, and then authorizes the response of the query.
`void`	`authorizePermissionManagement(AuthenticationSubject authenticationSubject, String resource, String grantee, Scope scope, SourceAPI sourceAPI)` Authorization for permission management is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.
`void`	`authorizePermissionRead(AuthenticationSubject authenticationSubject, String role, SourceAPI sourceAPI)` Authorization for permission management is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.
`void`	`authorizeRoleManagement(AuthenticationSubject authenticationSubject, String role, Scope scope, SourceAPI sourceAPI)` Authorization for role management is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.
`void`	`authorizeRoleManagement(AuthenticationSubject authenticationSubject, String role, String grantee, Scope scope, SourceAPI sourceAPI)` Authorization for role management is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.
`void`	`authorizeRoleRead(AuthenticationSubject authenticationSubject, String role, SourceAPI sourceAPI)` Authorization for role management is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.
`void`	`authorizeSchemaRead(AuthenticationSubject authenticationSubject, List<String> keyspaceNames, List<String> tableNames, SourceAPI sourceAPI, ResourceKind resource)` Authorization for schema resource access is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.
`void`	`authorizeSchemaWrite(AuthenticationSubject authenticationSubject, String keyspace, String table, Scope scope, SourceAPI sourceAPI, ResourceKind resource)` Authorization for schema resource access is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- AuthzJwtService
```
public AuthzJwtService()
```

Method Detail

authorizedDataRead

public ResultSet authorizedDataRead(Callable<ResultSet> action,
                                    AuthenticationSubject authenticationSubject,
                                    String keyspace,
                                    String table,
                                    List<TypedKeyValue> typedKeyValues,
                                    SourceAPI sourceAPI)
                             throws Exception

Using the provided JWT and the claims it contains will perform pre-authorization where possible, executes the query provided, and then authorizes the response of the query.

Specified by:: authorizedDataRead in interface AuthorizationService
Throws:: Exception

authorizeDataRead

public void authorizeDataRead(AuthenticationSubject authenticationSubject,
                              String keyspace,
                              String table,
                              SourceAPI sourceAPI)
                       throws UnauthorizedException

Authorization for data resource access without keys is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.

Specified by:: authorizeDataRead in interface AuthorizationService
Throws:: UnauthorizedException

authorizeDataWrite

public void authorizeDataWrite(AuthenticationSubject authenticationSubject,
                               String keyspace,
                               String table,
                               Scope scope,
                               SourceAPI sourceAPI)
                        throws UnauthorizedException

Authorization for data resource access without keys is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.

Specified by:: authorizeDataWrite in interface AuthorizationService
Throws:: UnauthorizedException

authorizeDataWrite

public void authorizeDataWrite(AuthenticationSubject authenticationSubject,
                               String keyspace,
                               String table,
                               List<TypedKeyValue> typedKeyValues,
                               Scope scope,
                               SourceAPI sourceAPI)
                        throws UnauthorizedException

Specified by:: authorizeDataWrite in interface AuthorizationService
Throws:: UnauthorizedException

authorizeSchemaRead

public void authorizeSchemaRead(AuthenticationSubject authenticationSubject,
                                List<String> keyspaceNames,
                                List<String> tableNames,
                                SourceAPI sourceAPI,
                                ResourceKind resource)
                         throws UnauthorizedException

Authorization for schema resource access is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.

Specified by:: authorizeSchemaRead in interface AuthorizationService
Throws:: UnauthorizedException

authorizeSchemaWrite

public void authorizeSchemaWrite(AuthenticationSubject authenticationSubject,
                                 String keyspace,
                                 String table,
                                 Scope scope,
                                 SourceAPI sourceAPI,
                                 ResourceKind resource)
                          throws UnauthorizedException

Authorization for schema resource access is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.

Specified by:: authorizeSchemaWrite in interface AuthorizationService
Throws:: UnauthorizedException

authorizeRoleManagement

public void authorizeRoleManagement(AuthenticationSubject authenticationSubject,
                                    String role,
                                    Scope scope,
                                    SourceAPI sourceAPI)
                             throws UnauthorizedException

Authorization for role management is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.

Specified by:: authorizeRoleManagement in interface AuthorizationService
Throws:: UnauthorizedException

authorizeRoleManagement

public void authorizeRoleManagement(AuthenticationSubject authenticationSubject,
                                    String role,
                                    String grantee,
                                    Scope scope,
                                    SourceAPI sourceAPI)
                             throws UnauthorizedException

Authorization for role management is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.

Specified by:: authorizeRoleManagement in interface AuthorizationService
Throws:: UnauthorizedException

authorizeRoleRead

public void authorizeRoleRead(AuthenticationSubject authenticationSubject,
                              String role,
                              SourceAPI sourceAPI)
                       throws UnauthorizedException

Authorization for role management is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.

Specified by:: authorizeRoleRead in interface AuthorizationService
Throws:: UnauthorizedException

authorizePermissionManagement

public void authorizePermissionManagement(AuthenticationSubject authenticationSubject,
                                          String resource,
                                          String grantee,
                                          Scope scope,
                                          SourceAPI sourceAPI)
                                   throws UnauthorizedException

Authorization for permission management is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.

Specified by:: authorizePermissionManagement in interface AuthorizationService
Throws:: UnauthorizedException

authorizePermissionRead

public void authorizePermissionRead(AuthenticationSubject authenticationSubject,
                                    String role,
                                    SourceAPI sourceAPI)
                             throws UnauthorizedException

Authorization for permission management is not provided by JWTs so all authorization will be deferred to the underlying permissions assigned to the role the JWT maps to.

Specified by:: authorizePermissionRead in interface AuthorizationService
Throws:: UnauthorizedException

Class AuthzJwtService

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

AuthzJwtService

Method Detail

authorizedDataRead

authorizeDataRead

authorizeDataWrite

authorizeDataWrite

authorizeSchemaRead

authorizeSchemaWrite

authorizeRoleManagement

authorizeRoleManagement

authorizeRoleRead

authorizePermissionManagement

authorizePermissionRead