• Home
• io.quarkus
• quarkus-vertx-http
• 3.17.5
• source code
• AuthRuntimeConfig.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.quarkus.vertx.http.runtime.AuthRuntimeConfig Maven / Gradle / Ivy

package io.quarkus.vertx.http.runtime;

import java.nio.file.Path;
import java.util.List;
import java.util.Map;
import java.util.Optional;

import io.quarkus.runtime.annotations.ConfigDocMapKey;
import io.quarkus.runtime.annotations.ConfigGroup;
import io.quarkus.runtime.annotations.ConfigItem;

/**
 * Authentication mechanism information used for configuring HTTP auth instance for the deployment.
 */
@ConfigGroup
public class AuthRuntimeConfig {

    /**
     * The HTTP permissions
     */
    @ConfigItem(name = "permission")
    public Map permissions;

    /**
     * The HTTP role based policies
     */
    @ConfigItem(name = "policy")
    public Map rolePolicy;

    /**
     * Map the `SecurityIdentity` roles to deployment specific roles and add the matching roles to `SecurityIdentity`.
     * 

     * For example, if `SecurityIdentity` has a `user` role and the endpoint is secured with a 'UserRole' role,
     * use this property to map the `user` role to the `UserRole` role, and have `SecurityIdentity` to have
     * both `user` and `UserRole` roles.
     */
    @ConfigItem
    @ConfigDocMapKey("role-name")
    public Map> rolesMapping;

    /**
     * Client certificate attribute whose values are going to be mapped to the 'SecurityIdentity' roles
     * according to the roles mapping specified in the certificate properties file.
     * The attribute must be either one of the Relative Distinguished Names (RDNs) or Subject Alternative Names (SANs).
     * By default, the Common Name (CN) attribute value is used for roles mapping.
     * Supported values are:
     * 

     * 
RDN type - Distinguished Name field. For example 'CN' represents Common Name field.
     * Multivalued RNDs and multiple instances of the same attributes are currently not supported.
     * 
     * 
'SAN_RFC822' - Subject Alternative Name field RFC 822 Name.
     * 
'SAN_URI' - Subject Alternative Name field Uniform Resource Identifier (URI).
     * 
'SAN_ANY' - Subject Alternative Name field Other Name.
     * Please note that only simple case of UTF8 identifier mapping is supported.
     * For example, you can map 'other-identifier' to the SecurityIdentity roles.
     * If you use 'openssl' tool, supported Other name definition would look like this:
     * subjectAltName=otherName:1.2.3.4;UTF8:other-identifier
     * 
     * 
     */
    @ConfigItem(defaultValue = "CN")
    public String certificateRoleAttribute;

    /**
     * Properties file containing the client certificate attribute value to role mappings.
     * Use it only if the mTLS authentication mechanism is enabled with either
     * `quarkus.http.ssl.client-auth=required` or `quarkus.http.ssl.client-auth=request`.
     * 

     * Properties file is expected to have the `CN_VALUE=role1,role,...,roleN` format and should be encoded using UTF-8.
     */
    @ConfigItem
    public Optional certificateRoleProperties;

    /**
     * The authentication realm
     */
    @ConfigItem
    public Optional realm;

    /**
     * Form Auth config
     */
    @ConfigItem
    public FormAuthRuntimeConfig form;
}