Class DynamicAuthnFilter
- java.lang.Object
-
- com.vmware.vapi.core.DecoratorApiProvider
-
- com.vmware.vapi.client.util.DynamicAuthnFilter
-
- All Implemented Interfaces:
ApiProvider
public class DynamicAuthnFilter extends com.vmware.vapi.core.DecoratorApiProvider
Filter that can be used to acquire on-demand security context for requests. This filter is to be used as decorator of the clientApiProvider
upon which theStub
classes are Instantiated.The filter relies on externally provided
Supplier
ofExecutionContext.SecurityContext
s. To allow for efficient operation aCompletionStage
is expected from the supplier.Supplier will be invoked once on the first call to obtain security context and will be invoked subsequently when
Unauthenticated
exception is encountered from the remote service.SecurityContextAcquisitionError
will be returned when the filter cannot obtain authentication token with the providedSupplier
.Requests failing with
Unauthenticated
errors will be retried only once with new credential. IfUnauthenticated
is encountered with the new credential the error will be returned in the bindings tier.Calls waiting on a failing future before the timeout for refreshing failed future lapse will fail with no retry. If multiple retries are to be made to acquire credential this is to be implemented in the future logic.
-
-
Constructor Summary
Constructors Constructor Description DynamicAuthnFilter(ApiProvider decoratedProvider, java.util.function.Supplier<java.util.concurrent.CompletionStage<ExecutionContext.SecurityContext>> supplier, long timeoutMs)
Creates a new authentication filter that can be used to create stub that will have all their calls authenticated
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
invoke(java.lang.String service, java.lang.String operation, DataValue input, ExecutionContext ctx, AsyncHandle<MethodResult> asyncHandle)
Invokes the decorated provider and in case ofUnauthenticated
error retries the request with refreshedExecutionContext.SecurityContext
.protected void
invokeNext(java.lang.String service, java.lang.String operation, DataValue input, ExecutionContext ctx, AsyncHandle<MethodResult> handle)
-
-
-
Constructor Detail
-
DynamicAuthnFilter
public DynamicAuthnFilter(ApiProvider decoratedProvider, java.util.function.Supplier<java.util.concurrent.CompletionStage<ExecutionContext.SecurityContext>> supplier, long timeoutMs)
Creates a new authentication filter that can be used to create stub that will have all their calls authenticated- Parameters:
decoratedProvider
-ApiProvider
that invokes the real API. Typically obtained from a connection.supplier
- whenever new security context is needed this will be called to obtain a newCompletionStage
that will deliver the context. It is expected that this operation is relatively fast. While the completion stage may take time to acquire the actualExecutionContext.SecurityContext
.Supplier will be called on the first request and after
Unauthenticated
errors are reported from the API.timeoutMs
- is the interval after acquisition of token fails until refresh is attempted. Positive number is required.
-
-
Method Detail
-
invoke
public void invoke(java.lang.String service, java.lang.String operation, DataValue input, ExecutionContext ctx, AsyncHandle<MethodResult> asyncHandle)
Invokes the decorated provider and in case ofUnauthenticated
error retries the request with refreshedExecutionContext.SecurityContext
. SeeApiProvider.invoke(String, String, DataValue, ExecutionContext, AsyncHandle)
for details on the parameters and operation.- Specified by:
invoke
in interfaceApiProvider
- Overrides:
invoke
in classcom.vmware.vapi.core.DecoratorApiProvider
- Parameters:
service
- identifier of the target serviceoperation
- identifier of the target operationinput
- operation input parametersctx
- execution context for the invocationasyncHandle
- handle used to asynchronously "return" the result or error of the invocation
-
invokeNext
protected void invokeNext(java.lang.String service, java.lang.String operation, DataValue input, ExecutionContext ctx, AsyncHandle<MethodResult> handle)
-
-