Skip navigation links
A B C D E F G H I J K L M O P R S T U V 

A

AbstractTokenLoginCallbackHandler - Class in io.confluent.kafka.clients.plugins.auth.token
An abstract CallbackHandler for the OAuthLoginModule.
AbstractTokenLoginCallbackHandler() - Constructor for class io.confluent.kafka.clients.plugins.auth.token.AbstractTokenLoginCallbackHandler
 
ALLOW_UNSAFE_KEY_RESOLVER_URL_CONFIG - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
ALLOW_UNSAFE_KEY_RESOLVER_URL_DOC - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
AsyncHttpsJwks - Class in io.confluent.kafka.clients.plugins.auth.jwt
Extends HttpsJwks with an asynchronous refresh implementation.
AsyncHttpsJwks(URI) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.AsyncHttpsJwks
Create a new HttpsJwks that can be used to retrieve JWKs from the given location asynchronously.
AsyncHttpsJwks(String) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.AsyncHttpsJwks
 
AsyncHttpsJwks(String, boolean, long) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.AsyncHttpsJwks
 
AsyncHttpsJwksVerificationKeyResolver - Class in io.confluent.kafka.clients.plugins.auth.jwt
AsyncHttpsJwksVerificationKeyResolver asynchronously maintains a JsonWebKeySet.
AsyncHttpsJwksVerificationKeyResolver(AsyncHttpsJwks) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.AsyncHttpsJwksVerificationKeyResolver
 
AsyncHttpsJwksVerificationKeyResolver(AsyncHttpsJwks, boolean) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.AsyncHttpsJwksVerificationKeyResolver
 
audience() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
AUDIENCE_CONFIG - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
AUDIENCE_DOC - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 

B

BcFipsJsseProviderCreator - Class in io.confluent.kafka.security.fips.provider
 
BcFipsJsseProviderCreator() - Constructor for class io.confluent.kafka.security.fips.provider.BcFipsJsseProviderCreator
 
BcFipsProviderCreator - Class in io.confluent.kafka.security.fips.provider
 
BcFipsProviderCreator() - Constructor for class io.confluent.kafka.security.fips.provider.BcFipsProviderCreator
 

C

CIPHER_PATTERN - Static variable in class io.confluent.kafka.security.config.provider.DecryptionEngine
 
claim(String, Class<T>) - Method in class io.confluent.kafka.clients.plugins.auth.jwt.UnverifiedJwtBearerToken
 
close() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.AsyncHttpsJwks
 
close() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.AsyncHttpsJwksVerificationKeyResolver
 
close() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.JkuVerificationKeyResolver
 
close() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticator
 
close() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.PublicKeyVerificationKeyResolver
 
close() - Method in class io.confluent.kafka.clients.plugins.auth.oauth.OAuthBearerLoginCallbackHandler
 
close() - Method in class io.confluent.kafka.clients.plugins.auth.token.AbstractTokenLoginCallbackHandler
 
close() - Method in class io.confluent.kafka.clients.plugins.auth.token.TokenBearerLoginCallbackHandler
 
close() - Method in class io.confluent.kafka.clients.plugins.auth.token.TokenUserLoginCallbackHandler
 
close() - Method in class io.confluent.kafka.security.config.provider.SecurePassConfigProvider
 
CloseableVerificationKeyResolver - Interface in io.confluent.kafka.clients.plugins.auth.jwt
Extends VerificationKeyResolver interface with Closeable.
CONFIG_PREFIX - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
configure(Map<String, ?>, String, List<AppConfigurationEntry>) - Method in class io.confluent.kafka.clients.plugins.auth.oauth.OAuthBearerLoginCallbackHandler
 
configure(Map<String, ?>) - Method in class io.confluent.kafka.clients.plugins.auth.token.AbstractTokenLoginCallbackHandler
 
configure(Map<String, ?>, String, List<AppConfigurationEntry>) - Method in class io.confluent.kafka.clients.plugins.auth.token.AbstractTokenLoginCallbackHandler
 
configure(Map<String, ?>) - Method in class io.confluent.kafka.clients.plugins.auth.token.TokenBearerLoginCallbackHandler
 
configure(Map<String, ?>) - Method in class io.confluent.kafka.clients.plugins.auth.token.TokenUserLoginCallbackHandler
 
configure(Map<String, ?>) - Method in class io.confluent.kafka.security.config.provider.SecurePassConfigProvider
 
ConfluentFipsValidator - Class in io.confluent.kafka.security.fips
This class centralizes FIPS validation for cipher suites, SSL/TLS versions and kafka broker protocols.
ConfluentFipsValidator() - Constructor for class io.confluent.kafka.security.fips.ConfluentFipsValidator
 

D

DATA_ENCRYPTION_KEY - Static variable in class io.confluent.kafka.security.config.provider.SecurePassConfigProvider
 
DecryptionEngine - Class in io.confluent.kafka.security.config.provider
DecryptionEngine Engine performs Key loading and decryption operations.
DecryptionEngine(String, String, String) - Constructor for class io.confluent.kafka.security.config.provider.DecryptionEngine
 
decryptWithDEK(String) - Method in class io.confluent.kafka.security.config.provider.DecryptionEngine
 
decryptWithMasterKey(String) - Method in class io.confluent.kafka.security.config.provider.DecryptionEngine
 
DEFAULT_REFRESH_INTERVAL_MS - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.AsyncHttpsJwks
 

E

ENABLE_FIPS_CONFIG - Static variable in class io.confluent.kafka.security.fips.config.FipsSecurityConfig
 
ENABLE_FIPS_CONFIG_DOC - Static variable in class io.confluent.kafka.security.fips.config.FipsSecurityConfig
 
extractSignature(OAuthBearerToken) - Static method in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticator
 

F

fipsEnabled() - Method in class io.confluent.kafka.security.fips.ConfluentFipsValidator
 
FipsSecurityConfig - Class in io.confluent.kafka.security.fips.config
Contains the FIPS security config
FipsSecurityConfig() - Constructor for class io.confluent.kafka.security.fips.config.FipsSecurityConfig
 

G

GCM_TAG_LENGTH - Static variable in class io.confluent.kafka.security.config.provider.DecryptionEngine
 
get(String) - Method in class io.confluent.kafka.security.config.provider.SecurePassConfigProvider
Retrieves the data at the given Properties file and decrypts the values using the CONFLUENT_MASTER_KEY.
get(String, Set<String>) - Method in class io.confluent.kafka.security.config.provider.SecurePassConfigProvider
Retrieves the data with the given keys at the given Properties file and decrypts the values using the CONFLUENT_MASTER_KEY.
getJsonWebKeys() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.AsyncHttpsJwks
 
getJsonWebKeys() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.PublicKeyJwks
 
getProvider() - Method in class io.confluent.kafka.security.fips.provider.BcFipsJsseProviderCreator
Create the security provider configured
getProvider() - Method in class io.confluent.kafka.security.fips.provider.BcFipsProviderCreator
Create the security provider configured.

H

handle(Callback[]) - Method in class io.confluent.kafka.clients.plugins.auth.oauth.OAuthBearerLoginCallbackHandler
 
handle(Callback[]) - Method in class io.confluent.kafka.clients.plugins.auth.token.AbstractTokenLoginCallbackHandler
 
hasValidJkuDomain(Collection<String>, String, String) - Static method in class io.confluent.kafka.clients.plugins.auth.jwt.JkuVerificationKeyResolver
 
HTTPS_JWKS - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 

I

initializeDecryptionEngine(Properties) - Method in class io.confluent.kafka.security.config.provider.SecurePassConfigProvider
 
InvalidFipsBrokerProtocolException - Exception in io.confluent.kafka.security.fips.exceptions
 
InvalidFipsBrokerProtocolException(String) - Constructor for exception io.confluent.kafka.security.fips.exceptions.InvalidFipsBrokerProtocolException
 
InvalidFipsBrokerProtocolException(String, Throwable) - Constructor for exception io.confluent.kafka.security.fips.exceptions.InvalidFipsBrokerProtocolException
 
InvalidFipsTlsCipherSuiteException - Exception in io.confluent.kafka.security.fips.exceptions
 
InvalidFipsTlsCipherSuiteException(String) - Constructor for exception io.confluent.kafka.security.fips.exceptions.InvalidFipsTlsCipherSuiteException
 
InvalidFipsTlsCipherSuiteException(String, Throwable) - Constructor for exception io.confluent.kafka.security.fips.exceptions.InvalidFipsTlsCipherSuiteException
 
InvalidFipsTlsVersionException - Exception in io.confluent.kafka.security.fips.exceptions
 
InvalidFipsTlsVersionException(String) - Constructor for exception io.confluent.kafka.security.fips.exceptions.InvalidFipsTlsVersionException
 
InvalidFipsTlsVersionException(String, Throwable) - Constructor for exception io.confluent.kafka.security.fips.exceptions.InvalidFipsTlsVersionException
 
io.confluent.kafka.clients.plugins.auth.jwt - package io.confluent.kafka.clients.plugins.auth.jwt
 
io.confluent.kafka.clients.plugins.auth.oauth - package io.confluent.kafka.clients.plugins.auth.oauth
 
io.confluent.kafka.clients.plugins.auth.token - package io.confluent.kafka.clients.plugins.auth.token
 
io.confluent.kafka.common.multitenant.oauth - package io.confluent.kafka.common.multitenant.oauth
 
io.confluent.kafka.security - package io.confluent.kafka.security
 
io.confluent.kafka.security.config.provider - package io.confluent.kafka.security.config.provider
 
io.confluent.kafka.security.fips - package io.confluent.kafka.security.fips
 
io.confluent.kafka.security.fips.config - package io.confluent.kafka.security.fips.config
 
io.confluent.kafka.security.fips.exceptions - package io.confluent.kafka.security.fips.exceptions
 
io.confluent.kafka.security.fips.provider - package io.confluent.kafka.security.fips.provider
 
isRunning() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.AsyncHttpsJwks
 
issuer() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticator
 
issuer() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
ISSUER_CONFIG - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
ISSUER_DOC - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 

J

JKU_JWKS - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
JKU_KEY_RESOLVER_WHITELIST_CONFIG - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
JKU_KEY_RESOLVER_WHITELIST_DOC - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
JkuVerificationKeyResolver - Class in io.confluent.kafka.clients.plugins.auth.jwt
Inspired by Confluent's Schroedinger https://github.com/confluentinc/schroedinger JkuVerificationKeyResolver extracts jku from the JWT header and validates that it is from an authorized domain.
JkuVerificationKeyResolver(Collection<String>) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.JkuVerificationKeyResolver
 
JkuVerificationKeyResolver(Collection<String>, boolean) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.JkuVerificationKeyResolver
 
JkuVerificationKeyResolver(Function<String, AsyncHttpsJwks>, Collection<String>, boolean, boolean) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.JkuVerificationKeyResolver
 
JWKS_LOCATION_CONFIG - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
JWKS_LOCATION_DOC - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
JWKS_PEMFILE - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
JwtAuthenticator - Class in io.confluent.kafka.clients.plugins.auth.jwt
JwtAuthenticator validates JwtClaims returning OAuthBearerJwsToken on success.
JwtAuthenticator(String, CloseableVerificationKeyResolver, String) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticator
 
JwtAuthenticator(String, CloseableVerificationKeyResolver) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticator
 
JwtAuthenticator(JwtAuthenticatorConfig) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticator
 
JwtAuthenticatorConfig - Class in io.confluent.kafka.clients.plugins.auth.jwt
 
JwtAuthenticatorConfig(Map<String, ?>) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
JwtAuthenticatorConfig(String, Map<String, ?>) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
JwtVerificationException - Exception in io.confluent.kafka.clients.plugins.auth.jwt
 
JwtVerificationException(String) - Constructor for exception io.confluent.kafka.clients.plugins.auth.jwt.JwtVerificationException
 
JwtVerificationException(String, Throwable) - Constructor for exception io.confluent.kafka.clients.plugins.auth.jwt.JwtVerificationException
 

K

KEY_RESOLVER_CONFIG - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
KEY_RESOLVER_DOC - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 

L

lifetimeMs() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.UnverifiedJwtBearerToken
 
lifetimeMs() - Method in class io.confluent.kafka.common.multitenant.oauth.OAuthBearerJwsToken
 
loadMasterKey(String) - Method in class io.confluent.kafka.security.config.provider.DecryptionEngine
 
loadPublicKey(String) - Static method in class io.confluent.kafka.clients.plugins.auth.jwt.PublicKeyJwks
Convert PEM encoded public key files to a PublicKey collection.
login(String, String) - Method in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticator
 
login(String) - Method in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticator
 
login(OAuthBearerToken) - Method in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticator
 

M

MASTER_KEY_ENV_VAR - Static variable in class io.confluent.kafka.security.config.provider.SecurePassConfigProvider
 
METADATA_KEY_LENGTH - Static variable in class io.confluent.kafka.security.config.provider.SecurePassConfigProvider
 
METADATA_PREFIX - Static variable in class io.confluent.kafka.security.config.provider.SecurePassConfigProvider
 

O

OAUTH_NEGOTIATED_LOGICAL_CLUSTER_PROPERTY_KEY - Static variable in class io.confluent.kafka.common.multitenant.oauth.OAuthBearerJwsToken
 
OAuthBearerJwsToken - Class in io.confluent.kafka.common.multitenant.oauth
 
OAuthBearerJwsToken(String, Set<String>, long, String, Long) - Constructor for class io.confluent.kafka.common.multitenant.oauth.OAuthBearerJwsToken
 
OAuthBearerLoginCallbackHandler - Class in io.confluent.kafka.clients.plugins.auth.oauth
A CallbackHandler that recognizes OAuthBearerTokenCallback and retrieves OAuth 2 Bearer Token that was provided via the JAAS config.
OAuthBearerLoginCallbackHandler() - Constructor for class io.confluent.kafka.clients.plugins.auth.oauth.OAuthBearerLoginCallbackHandler
 

P

PemKey - Class in io.confluent.kafka.security
Utility class for reading PEM encoded objects.
PemKey() - Constructor for class io.confluent.kafka.security.PemKey
 
principalName() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.UnverifiedJwtBearerToken
 
principalName() - Method in class io.confluent.kafka.common.multitenant.oauth.OAuthBearerJwsToken
 
PublicKeyJwks - Class in io.confluent.kafka.clients.plugins.auth.jwt
PublicKeyJwks converts PublicKeys files into a JsonWebKey collection.
PublicKeyJwks(Collection<PublicKey>) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.PublicKeyJwks
 
PublicKeyVerificationKeyResolver - Class in io.confluent.kafka.clients.plugins.auth.jwt
PublicKeyKeyVerificationKeyResolver maintains a static JsonWebKeySet.
PublicKeyVerificationKeyResolver(PublicKeyJwks) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.PublicKeyVerificationKeyResolver
 
PublicKeyVerificationKeyResolver(List<JsonWebKey>) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.PublicKeyVerificationKeyResolver
 

R

reader(String) - Method in class io.confluent.kafka.security.config.provider.SecurePassConfigProvider
 
readKeyPair(Path) - Static method in class io.confluent.kafka.security.PemKey
 
readKeyPair(String) - Static method in class io.confluent.kafka.security.PemKey
 
readKeyPair(Reader) - Static method in class io.confluent.kafka.security.PemKey
 
readPrivateKey(Path) - Static method in class io.confluent.kafka.security.PemKey
 
readPrivateKey(String) - Static method in class io.confluent.kafka.security.PemKey
 
readPrivateKey(Reader) - Static method in class io.confluent.kafka.security.PemKey
 
readPublicKey(Path) - Static method in class io.confluent.kafka.security.PemKey
 
readPublicKey(String) - Static method in class io.confluent.kafka.security.PemKey
 
readPublicKey(Reader) - Static method in class io.confluent.kafka.security.PemKey
 
refresh() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.AsyncHttpsJwks
 
resolveKey(JsonWebSignature, List<JsonWebStructure>) - Method in class io.confluent.kafka.clients.plugins.auth.jwt.AsyncHttpsJwksVerificationKeyResolver
 
resolveKey(JsonWebSignature, List<JsonWebStructure>) - Method in class io.confluent.kafka.clients.plugins.auth.jwt.JkuVerificationKeyResolver
 
resolveKey(JsonWebSignature, List<JsonWebStructure>) - Method in class io.confluent.kafka.clients.plugins.auth.jwt.PublicKeyVerificationKeyResolver
 

S

scope() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.UnverifiedJwtBearerToken
 
scope() - Method in class io.confluent.kafka.common.multitenant.oauth.OAuthBearerJwsToken
 
SecurePassConfigProvider - Class in io.confluent.kafka.security.config.provider
An implementation of ConfigProvider that represents a Properties file.
SecurePassConfigProvider() - Constructor for class io.confluent.kafka.security.config.provider.SecurePassConfigProvider
 
startTimeMs() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.UnverifiedJwtBearerToken
 
startTimeMs() - Method in class io.confluent.kafka.common.multitenant.oauth.OAuthBearerJwsToken
 

T

TokenBearerLoginCallbackHandler - Class in io.confluent.kafka.clients.plugins.auth.token
A CallbackHandler for the OAuthLoginModule.
TokenBearerLoginCallbackHandler() - Constructor for class io.confluent.kafka.clients.plugins.auth.token.TokenBearerLoginCallbackHandler
 
TokenUserLoginCallbackHandler - Class in io.confluent.kafka.clients.plugins.auth.token
A CallbackHandler for the OAuthLoginModule.
TokenUserLoginCallbackHandler() - Constructor for class io.confluent.kafka.clients.plugins.auth.token.TokenUserLoginCallbackHandler
 

U

UnverifiedJwtBearerToken - Class in io.confluent.kafka.clients.plugins.auth.jwt
 
UnverifiedJwtBearerToken(String) - Constructor for class io.confluent.kafka.clients.plugins.auth.jwt.UnverifiedJwtBearerToken
 

V

validateFipsBrokerProtocol(Map<String, SecurityProtocol>) - Method in class io.confluent.kafka.security.fips.ConfluentFipsValidator
 
validateFipsTls(Map<String, ?>) - Method in class io.confluent.kafka.security.fips.ConfluentFipsValidator
Validate FIPS requirements on cipher suites, TLS protocols versions.
validateFipsTlsCipherSuite(Map<String, ?>) - Method in class io.confluent.kafka.security.fips.ConfluentFipsValidator
 
validateFipsTlsCipherSuite(Collection<String>) - Method in class io.confluent.kafka.security.fips.ConfluentFipsValidator
 
validateFipsTlsVersion(Map<String, ?>) - Method in class io.confluent.kafka.security.fips.ConfluentFipsValidator
 
validateFipsTlsVersion(Collection<String>) - Method in class io.confluent.kafka.security.fips.ConfluentFipsValidator
 
value() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.UnverifiedJwtBearerToken
 
value() - Method in class io.confluent.kafka.common.multitenant.oauth.OAuthBearerJwsToken
 
VERIFICATION_KEY_REFRESH_INTERVAL_MS_CONFIG - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
VERIFICATION_KEY_REFRESH_INTERVAL_MS_DOC - Static variable in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
verificationKeyResolver() - Method in class io.confluent.kafka.clients.plugins.auth.jwt.JwtAuthenticatorConfig
 
A B C D E F G H I J K L M O P R S T U V 
Skip navigation links