Package com.ibm.cloud.sdk.core.security
Class IamAssumeAuthenticator
- java.lang.Object
-
- com.ibm.cloud.sdk.core.security.AuthenticatorBase
-
- com.ibm.cloud.sdk.core.security.TokenRequestBasedAuthenticatorImmutable<IamToken,IamToken>
-
- com.ibm.cloud.sdk.core.security.IamRequestBasedAuthenticatorImmutable
-
- com.ibm.cloud.sdk.core.security.IamAssumeAuthenticator
-
- All Implemented Interfaces:
Authenticator
public class IamAssumeAuthenticator extends IamRequestBasedAuthenticatorImmutable implements Authenticator
The IamAssumeAuthenticator obtains an IAM access token for a user-supplied apikey and a trusted profile using the IAM "get-token" operation's "assume" grant type. The authenticator first obtains an initial IAM access token, then exchanges this initial access token for another token that reflects the identity of the trusted profile. When the access token expires, a new access token will be fetched.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classIamAssumeAuthenticator.BuilderThis Builder class is used to construct IamAssumeAuthenticator instances.
-
Field Summary
-
Fields inherited from class com.ibm.cloud.sdk.core.security.AuthenticatorBase
ERRORMSG_ACCOUNTID_PROP_ERROR, ERRORMSG_ATLEAST_ONE_PROP_ERROR, ERRORMSG_ATMOST_ONE_PROP_ERROR, ERRORMSG_EXCLUSIVE_PROP_ERROR, ERRORMSG_PROP_INVALID, ERRORMSG_PROP_INVALID_BOOL, ERRORMSG_PROP_INVALID_INTEGER_VALUE, ERRORMSG_PROP_MISSING, ERRORMSG_REQ_FAILED
-
Fields inherited from interface com.ibm.cloud.sdk.core.security.Authenticator
AUTHTYPE_BASIC, AUTHTYPE_BEARER_TOKEN, AUTHTYPE_CONTAINER, AUTHTYPE_CP4D, AUTHTYPE_CP4D_SERVICE, AUTHTYPE_CP4D_SERVICE_INSTANCE, AUTHTYPE_IAM, AUTHTYPE_IAM_ASSUME, AUTHTYPE_MCSP, AUTHTYPE_MCSPV2, AUTHTYPE_NOAUTH, AUTHTYPE_VPC, PROPNAME_APIKEY, PROPNAME_AUTH_TYPE, PROPNAME_BEARER_TOKEN, PROPNAME_CALLER_EXT_CLAIM, PROPNAME_CLIENT_ID, PROPNAME_CLIENT_SECRET, PROPNAME_CR_TOKEN_FILENAME, PROPNAME_DISABLE_SSL, PROPNAME_DISPLAY_NAME, PROPNAME_EXPIRATION_TIME, PROPNAME_IAM_ACCOUNT_ID, PROPNAME_IAM_PROFILE_CRN, PROPNAME_IAM_PROFILE_ID, PROPNAME_IAM_PROFILE_NAME, PROPNAME_INCLUDE_BUILTIN_ACTIONS, PROPNAME_INCLUDE_CUSTOM_ACTIONS, PROPNAME_INCLUDE_ROLES, PROPNAME_PASSWORD, PROPNAME_PERMISSIONS, PROPNAME_PREFIX_ROLES, PROPNAME_SCOPE, PROPNAME_SCOPE_COLLECTION_TYPE, PROPNAME_SCOPE_ID, PROPNAME_SERVICE_BROKER_SECRET, PROPNAME_SERVICE_INSTANCE_ID, PROPNAME_UID, PROPNAME_URL, PROPNAME_USERNAME
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.StringauthenticationType()Returns the authentication type associated with this Authenticator.static IamAssumeAuthenticatorfromConfiguration(java.util.Map<java.lang.String,java.lang.String> config)Construct ann IamAssumeAuthenticator instance using properties retrieved from the specified Map.java.lang.StringgetIamAccountId()Gets the iamAccountId value.java.lang.StringgetIamProfileCrn()Gets the iamProfileCrn value.java.lang.StringgetIamProfileId()Gets the iamProfileId value.java.lang.StringgetIamProfileName()Gets the iamProfileName value.IamAssumeAuthenticator.BuildernewBuilder()Returns a new Builder instance pre-loaded with the configuration from "this".IamTokenrequestToken()Fetches an IAM access token for the apikey using the configured URL.voidvalidate()Validates the configuration properties associated with the Authenticator.-
Methods inherited from class com.ibm.cloud.sdk.core.security.IamRequestBasedAuthenticatorImmutable
getClientId, getClientSecret, getScope, getURL
-
Methods inherited from class com.ibm.cloud.sdk.core.security.TokenRequestBasedAuthenticatorImmutable
authenticate, getClient, getDisableSSLVerification, getHeaders, getProxy, getProxyAuthenticator, getToken
-
Methods inherited from class com.ibm.cloud.sdk.core.security.AuthenticatorBase
constructBasicAuthHeader, constructBearerTokenAuthHeader
-
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface com.ibm.cloud.sdk.core.security.Authenticator
authenticate
-
-
-
-
Method Detail
-
newBuilder
public IamAssumeAuthenticator.Builder newBuilder()
Returns a new Builder instance pre-loaded with the configuration from "this".- Returns:
- the Builder instance
-
fromConfiguration
public static IamAssumeAuthenticator fromConfiguration(java.util.Map<java.lang.String,java.lang.String> config)
Construct ann IamAssumeAuthenticator instance using properties retrieved from the specified Map.- Parameters:
config- a map containing the configuration properties- Returns:
- the IamAssumeAuthenticator instance
-
validate
public void validate()
Description copied from class:TokenRequestBasedAuthenticatorImmutableValidates the configuration properties associated with the Authenticator. Each concrete subclass must implement this method.- Specified by:
validatein interfaceAuthenticator- Overrides:
validatein classIamRequestBasedAuthenticatorImmutable
-
authenticationType
public java.lang.String authenticationType()
Description copied from class:TokenRequestBasedAuthenticatorImmutableReturns the authentication type associated with this Authenticator. Each concrete subclass must implement this method.- Specified by:
authenticationTypein interfaceAuthenticator- Specified by:
authenticationTypein classTokenRequestBasedAuthenticatorImmutable<IamToken,IamToken>- Returns:
- the authentication type
-
getIamProfileCrn
public java.lang.String getIamProfileCrn()
Gets the iamProfileCrn value.- Returns:
- the iamProfileCrn value
-
getIamProfileId
public java.lang.String getIamProfileId()
Gets the iamProfileId value.- Returns:
- the iamProfileId value
-
getIamProfileName
public java.lang.String getIamProfileName()
Gets the iamProfileName value.- Returns:
- the iamProfileName value
-
getIamAccountId
public java.lang.String getIamAccountId()
Gets the iamAccountId value.- Returns:
- the iamAccountId value
-
requestToken
public IamToken requestToken()
Fetches an IAM access token for the apikey using the configured URL.- Specified by:
requestTokenin classTokenRequestBasedAuthenticatorImmutable<IamToken,IamToken>- Returns:
- an IamToken instance that contains the access token
-
-