public class DynamicAuthnFilter
extends com.vmware.vapi.core.DecoratorApiProvider
ApiProvider upon
which the Stub classes are
Instantiated.
The filter relies on externally provided Supplier of
ExecutionContext.SecurityContexts. To allow for
efficient operation a CompletionStage is expected from the supplier.
Supplier will be invoked once on the first call to obtain security context
and will be invoked subsequently when Unauthenticated exception is
encountered from the remote service.
SecurityContextAcquisitionError will be returned when the filter
cannot obtain authentication token with the provided Supplier.
Requests failing with Unauthenticated errors will be retried only
once with new credential. If Unauthenticated is encountered with the
new credential the error will be returned in the bindings tier.
Calls waiting on a failing future before the timeout for refreshing failed future lapse will fail with no retry. If multiple retries are to be made to acquire credential this is to be implemented in the future logic.
| Constructor and Description |
|---|
DynamicAuthnFilter(ApiProvider decoratedProvider,
java.util.function.Supplier<java.util.concurrent.CompletionStage<ExecutionContext.SecurityContext>> supplier,
long timeoutMs)
Creates a new authentication filter that can be used to create stub that
will have all their calls authenticated
|
| Modifier and Type | Method and Description |
|---|---|
void |
invoke(java.lang.String service,
java.lang.String operation,
DataValue input,
ExecutionContext ctx,
AsyncHandle<MethodResult> asyncHandle)
Invokes the decorated provider and in case of
Unauthenticated
error retries the request with refreshed ExecutionContext.SecurityContext. |
protected void |
invokeNext(java.lang.String service,
java.lang.String operation,
DataValue input,
ExecutionContext ctx,
AsyncHandle<MethodResult> handle) |
public DynamicAuthnFilter(ApiProvider decoratedProvider, java.util.function.Supplier<java.util.concurrent.CompletionStage<ExecutionContext.SecurityContext>> supplier, long timeoutMs)
decoratedProvider - ApiProvider that invokes the real API.
Typically obtained from a connection.supplier - whenever new security context is needed this will be
called to obtain a new CompletionStage that will deliver
the context. It is expected that this operation is relatively
fast. While the completion stage may take time to acquire the
actual ExecutionContext.SecurityContext.
Supplier will be called on the first request and after
Unauthenticated errors are reported from the API.
timeoutMs - is the interval after acquisition of token fails until
refresh is attempted. Positive number is required.public void invoke(java.lang.String service,
java.lang.String operation,
DataValue input,
ExecutionContext ctx,
AsyncHandle<MethodResult> asyncHandle)
Unauthenticated
error retries the request with refreshed ExecutionContext.SecurityContext. See
ApiProvider.invoke(String, String, DataValue, ExecutionContext, AsyncHandle)
for details on the parameters and operation.invoke in interface ApiProviderinvoke in class com.vmware.vapi.core.DecoratorApiProviderservice - identifier of the target serviceoperation - identifier of the target operationinput - operation input parametersctx - execution context for the invocationasyncHandle - handle used to asynchronously "return" the result
or error of the invocationprotected void invokeNext(java.lang.String service,
java.lang.String operation,
DataValue input,
ExecutionContext ctx,
AsyncHandle<MethodResult> handle)