Skip navigation links
A B C D E F G H I J K L M N O P R S T U V Y 

A

AbstractConfiguration<T> - Class in io.confluent.security.config
 
AbstractConfiguration() - Constructor for class io.confluent.security.config.AbstractConfiguration
 
AbstractConfiguration.Builder<BuilderT extends AbstractConfiguration.Builder<BuilderT>> - Class in io.confluent.security.config
Construct an immutable configuration object.
accessToken(String) - Method in class io.confluent.security.authentication.oidc.TokenResponse.Builder
 
acrValuesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
add(String, Object) - Method in class io.confluent.security.util.SecurityContext
 
add(Map.Entry<String, Object>) - Method in class io.confluent.security.util.SecurityContext
 
addAll(Map<String, Object>) - Method in class io.confluent.security.util.SecurityContext
 
addIdentityPool(Optional<Principal>, String, int, String, String, String, String, String, String) - Method in interface io.confluent.security.trustservice.store.TrustWriter
Adds a new IdentityPool record.
addIdentityPool(String, int, String, String, String, String, String) - Method in interface io.confluent.security.trustservice.store.TrustWriter
 
addJwtIssuer(Optional<Principal>, String, JsonWebKeySet, String) - Method in interface io.confluent.security.trustservice.store.TrustWriter
Adds a new JwtIssuer record.
addJwtIssuer(String, JsonWebKeySet) - Method in interface io.confluent.security.trustservice.store.TrustWriter
 
addRefreshTokenInfo(Optional<Principal>, String, String, long, String, String) - Method in interface io.confluent.security.trustservice.store.TrustWriter
Adds refresh token information
addRefreshTokenInfo(String, String, long, String, String) - Method in interface io.confluent.security.trustservice.store.TrustWriter
 
AdmissionController - Class in io.confluent.security.authentication
 
AdmissionController(Authenticator<?, ?>, Supplier<TrustCache>, PolicyEngine<String>) - Constructor for class io.confluent.security.authentication.AdmissionController
 
AlgorithmWhitelist - Class in io.confluent.security.authentication.oauthbearer
Constraint restricts signature verification to a specific set of SignatureAlgorithms.
AlgorithmWhitelist(Set<SignatureAlgorithm>) - Constructor for class io.confluent.security.authentication.oauthbearer.AlgorithmWhitelist
 
algorithmWhitelist() - Method in class io.confluent.security.authentication.oauthbearer.JwtAuthenticationConfig
 
algorithmWhitelist(Set<SignatureAlgorithm>) - Method in class io.confluent.security.authentication.oauthbearer.JwtAuthenticationConfig.Builder
 
ANONYMOUS - Static variable in class io.confluent.security.authentication.http.ConfluentSecurityContext
 
ARRAY_LIST_LIMIT_DEFAULT - Static variable in class io.confluent.security.policyapi.engine.TrustPolicyEngine
 
asMap() - Method in interface io.confluent.security.authentication.oauthbearer.Claims
 
asMap() - Method in class io.confluent.security.authentication.oauthbearer.JwtPrincipal
 
assumePrincipal(Map<String, Object>, String, String) - Method in class io.confluent.security.authentication.AdmissionController
 
AssumePrincipalData - Class in io.confluent.security.trustservice.entities.v1
 
AssumePrincipalData.Builder - Class in io.confluent.security.trustservice.entities.v1
 
AssumePrincipalRequest - Class in io.confluent.security.trustservice.entities.v1
 
AssumePrincipalRequest.Builder - Class in io.confluent.security.trustservice.entities.v1
 
AssumePrincipalResponse - Class in io.confluent.security.trustservice.entities.v1
 
atLeast(long, long) - Static method in class io.confluent.security.config.Validation
 
AUD_CLAIM_MISMATCH - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
audience() - Method in interface io.confluent.security.authentication.oauthbearer.Claims
 
audience() - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuer
The recipient(s) for this token.
audience() - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJku
The recipient(s) for this token.
audience(Set<String>) - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJku.Builder
 
audience() - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJwks
The recipient(s) for this token.
audience(Set<String>) - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJwks.Builder
 
audience() - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerStatic
The recipient(s) for this token.
audience(Set<String>) - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerStatic.Builder
 
audience() - Method in class io.confluent.security.authentication.oauthbearer.JwtPrincipal
 
authenticate(BearerCredential, SecurityContext) - Method in class io.confluent.security.authentication.AdmissionController
 
authenticate(BearerCredential) - Method in class io.confluent.security.authentication.AdmissionController
 
authenticate(C) - Method in interface io.confluent.security.authentication.Authenticator
Given , return a Principal.
authenticate(HttpCredential) - Method in class io.confluent.security.authentication.http.HttpAuthenticator
Given HttpCredential , return a Principal.
authenticate(HttpCredential) - Method in class io.confluent.security.authentication.http.HttpAuthenticatorJwt
Given HttpCredential , return a Principal.
authenticate(BearerCredential) - Method in class io.confluent.security.authentication.oauthbearer.JwtAuthenticator
Given , return a Principal.
authenticate(BearerCredential, SecurityContext) - Method in class io.confluent.security.authentication.oauthbearer.JwtAuthenticator
 
authenticateEndpoint(URI) - Method in class io.confluent.security.authentication.oauthbearer.TrustServiceClient.Builder
 
authentication(HttpCredential) - Method in class io.confluent.security.authentication.http.HttpClient.Builder
 
AUTHENTICATION_EXCEPTION_OCCURRED - Static variable in exception io.confluent.security.authentication.AuthenticationException
 
AuthenticationConfig<C extends Credential,P extends Principal> - Class in io.confluent.security.authentication
Configures a Authenticator instance.
AuthenticationConfig() - Constructor for class io.confluent.security.authentication.AuthenticationConfig
 
AuthenticationConfig.Kind - Enum in io.confluent.security.authentication
 
AuthenticationErrorInfo - Interface in io.confluent.security.authentication
This interface is used to specify extra payload in case AuthenticationException occurs.
AuthenticationErrorInfo.GeneralInfo - Class in io.confluent.security.authentication
 
AuthenticationErrorInfo.JwtClaimsInfo - Class in io.confluent.security.authentication
 
AuthenticationException - Exception in io.confluent.security.authentication
 
AuthenticationException(String) - Constructor for exception io.confluent.security.authentication.AuthenticationException
Deprecated.
AuthenticationException(String, Throwable) - Constructor for exception io.confluent.security.authentication.AuthenticationException
Deprecated.
AuthenticationException(String, String) - Constructor for exception io.confluent.security.authentication.AuthenticationException
Creates a new AuthenticationException with the given message.
AuthenticationException(String, Throwable, String) - Constructor for exception io.confluent.security.authentication.AuthenticationException
Creates a new AuthenticationException with the given message and cause.
AuthenticationExceptionReasonCodes - Class in io.confluent.security.authentication
 
AuthenticationExceptionReasonCodes() - Constructor for class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
AuthenticationExceptionReasonCodes.ErrorTypes - Enum in io.confluent.security.authentication
Enum to encapsulate Jose4J error codes
authenticationModule() - Static method in class io.confluent.security.authentication.utils.JacksonSerde
 
Authenticator<C extends Credential,P extends Principal> - Interface in io.confluent.security.authentication
Validates user-provided credentials and returns a Principal.
authMethod(Function<ClientCredentials, String>) - Method in class io.confluent.security.authentication.oidc.OpenIdClient.Builder
 
authorizationEndpoint() - Method in class io.confluent.security.authentication.oidc.MetadataResponse
 
authorizationEndpoint(URI) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
authorizedParty() - Method in interface io.confluent.security.authentication.oauthbearer.Claims
 
authorizedParty() - Method in class io.confluent.security.authentication.oauthbearer.JwtPrincipal
 
authParams() - Method in class io.confluent.security.authentication.credential.HttpAnonymousCredential
 
authParams() - Method in class io.confluent.security.authentication.credential.HttpBasicCredential
 
authParams() - Method in class io.confluent.security.authentication.credential.HttpBearerCredential
 
authParams() - Method in class io.confluent.security.authentication.credential.HttpCredential
HTTP authentication token.

B

BearerCredential - Class in io.confluent.security.authentication.credential
 
BearerCredential(String) - Constructor for class io.confluent.security.authentication.credential.BearerCredential
 
bearerToken() - Method in class io.confluent.security.authentication.credential.BearerCredential
 
build() - Method in class io.confluent.security.authentication.http.HttpClient.Builder
 
build() - Method in class io.confluent.security.authentication.oauthbearer.JwtAuthenticationConfig.Builder
 
build() - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJku.Builder
Construct new JwtIssuerJku instance.
build() - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJwks.Builder
Construct new JwtIssuerJku instance.
build() - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerStatic.Builder
Construct new JwtIssuerJku instance.
build() - Method in class io.confluent.security.authentication.oauthbearer.TrustServiceClient.Builder
 
build() - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
build() - Method in class io.confluent.security.authentication.oidc.OpenIdClient.Builder
 
build() - Method in class io.confluent.security.authentication.oidc.TokenResponse.Builder
 
build() - Method in class io.confluent.security.trustservice.entities.v1.AssumePrincipalData.Builder
 
build() - Method in class io.confluent.security.trustservice.entities.v1.AssumePrincipalRequest.Builder
 
builder() - Static method in class io.confluent.security.authentication.http.HttpClient
 
builder() - Static method in class io.confluent.security.authentication.oauthbearer.JwtAuthenticationConfig
 
builder() - Static method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJku
 
builder() - Static method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJwks
 
builder() - Static method in class io.confluent.security.authentication.oauthbearer.JwtIssuerStatic
 
builder() - Static method in class io.confluent.security.authentication.oauthbearer.TrustServiceClient
 
Builder() - Constructor for class io.confluent.security.authentication.oauthbearer.TrustServiceClient.Builder
 
builder() - Static method in class io.confluent.security.authentication.oidc.MetadataResponse
 
Builder() - Constructor for class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
builder() - Static method in class io.confluent.security.authentication.oidc.OpenIdClient
 
Builder() - Constructor for class io.confluent.security.authentication.oidc.OpenIdClient.Builder
 
builder() - Static method in class io.confluent.security.authentication.oidc.TokenResponse
 
Builder() - Constructor for class io.confluent.security.authentication.oidc.TokenResponse.Builder
 
builder() - Static method in class io.confluent.security.trustservice.entities.v1.AssumePrincipalData
 
Builder() - Constructor for class io.confluent.security.trustservice.entities.v1.AssumePrincipalData.Builder
 
builder() - Static method in class io.confluent.security.trustservice.entities.v1.AssumePrincipalRequest
 
Builder() - Constructor for class io.confluent.security.trustservice.entities.v1.AssumePrincipalRequest.Builder
 

C

CachedGrant - Class in io.confluent.security.authentication.oidc
 
calendar(Calendar) - Method in class io.confluent.security.authentication.oidc.OpenIdClient.Builder
 
CAPACITY_DEFAULT - Static variable in class io.confluent.security.policyapi.PolicyRuleLoadingCache
 
CHAIN_LIMIT_DEFAULT - Static variable in class io.confluent.security.policyapi.engine.TrustPolicyEngine
 
challenge() - Method in class io.confluent.security.authentication.http.HttpAuthenticator
 
challenge() - Method in class io.confluent.security.authentication.http.HttpAuthenticatorJwt
 
CLAIM_CLUSTERS - Static variable in class io.confluent.security.authentication.oauthbearer.CloudJwtPrincipal
 
CLAIM_ISSUER_POOL_FILTER_MISMATCH - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
CLAIM_ORGANIZATION_ID - Static variable in class io.confluent.security.authentication.oauthbearer.CloudJwtPrincipal
 
CLAIM_PREFIX - Static variable in class io.confluent.security.policyapi.cel.TrustPolicyCelParser
 
CLAIM_USER_ID - Static variable in class io.confluent.security.authentication.oauthbearer.CloudJwtPrincipal
 
CLAIM_USER_ID - Static variable in class io.confluent.security.util.JwtUtils
 
CLAIM_USER_RESOURCE_ID - Static variable in class io.confluent.security.authentication.oauthbearer.CloudJwtPrincipal
 
CLAIM_USER_RESOURCE_ID - Static variable in class io.confluent.security.util.JwtUtils
 
claims(Map<String, Object>) - Method in class io.confluent.security.authentication.AuthenticationErrorInfo.JwtClaimsInfo
 
claims() - Method in class io.confluent.security.authentication.AuthenticationErrorInfo.JwtClaimsInfo
 
Claims - Interface in io.confluent.security.authentication.oauthbearer
 
CLAIMS_POOL_FILTER_MISMATCH - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
claimsLocalesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
claimsParameterSupported(boolean) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
claimsSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
claimSuppliers() - Method in class io.confluent.security.util.JwtUtils.ErrorInfo
 
claimTypesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
claimValue(String, Class<T>) - Method in interface io.confluent.security.authentication.oauthbearer.Claims
 
claimValue(String, Class<T>) - Method in class io.confluent.security.authentication.oauthbearer.JwtPrincipal
 
claimValues(String, Class<T>) - Method in interface io.confluent.security.authentication.oauthbearer.Claims
 
claimValues(String, Class<T>) - Method in class io.confluent.security.authentication.oauthbearer.JwtPrincipal
 
client(HttpClient) - Method in class io.confluent.security.authentication.oauthbearer.TrustServiceClient.Builder
 
client(Client) - Method in class io.confluent.security.authentication.oidc.OpenIdClient.Builder
 
ClientCredentials - Class in io.confluent.security.authentication.oidc
Client id/secret pair used for client credentials grants ClientCredentialsGrant
ClientCredentials(String, String) - Constructor for class io.confluent.security.authentication.oidc.ClientCredentials
 
ClientCredentialsGrant - Class in io.confluent.security.authentication.oidc
Represents a client's request for authentication via client credentials https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication
ClientCredentialsGrant(Set<String>) - Constructor for class io.confluent.security.authentication.oidc.ClientCredentialsGrant
 
ClientCredentialsGrant(String) - Constructor for class io.confluent.security.authentication.oidc.ClientCredentialsGrant
 
close() - Method in class io.confluent.security.authentication.http.HttpClient
 
CloudJwtPrincipal - Class in io.confluent.security.authentication.oauthbearer
Extends JwtPrincipal with custom Confluent Cloud claims
CloudJwtPrincipal(JwtClaims) - Constructor for class io.confluent.security.authentication.oauthbearer.CloudJwtPrincipal
 
CLUSTER_ID_MISSING_OR_EMPTY - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
CLUSTER_NOT_ALLOWED - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
CLUSTER_NOT_FOUND - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
clusters() - Method in class io.confluent.security.authentication.oauthbearer.CloudJwtPrincipal
 
compilePolicy(Env, String) - Static method in class io.confluent.security.policyapi.cel.TrustPolicyCelParser
 
condition() - Method in interface io.confluent.security.policyapi.ConfluentPolicy
 
condition() - Method in class io.confluent.security.policyapi.jackson.ConfluentPolicyModule.TrustPolicyMixin
Policy statements.
condition() - Method in class io.confluent.security.policyapi.TrustPolicy
 
ConfigurationException - Exception in io.confluent.security.config
Raised when a problem arises processing a configuration object.
ConfigurationException(String) - Constructor for exception io.confluent.security.config.ConfigurationException
Creates a new ConfigurationException with the given message.
ConfigurationException(String, Throwable) - Constructor for exception io.confluent.security.config.ConfigurationException
Creates a new ConfigurationException with the given message and cause.
CONFLUENT_ISSUER - Static variable in class io.confluent.security.authentication.oauthbearer.JwtAuthenticationConfig
 
ConfluentPolicy<T> - Interface in io.confluent.security.policyapi
Versioned Confluent Policy definition.
ConfluentPolicy.Kind - Enum in io.confluent.security.policyapi
 
ConfluentPolicyModule - Class in io.confluent.security.policyapi.jackson
 
ConfluentPolicyModule() - Constructor for class io.confluent.security.policyapi.jackson.ConfluentPolicyModule
 
ConfluentPolicyModule.TrustPolicyMixin - Class in io.confluent.security.policyapi.jackson
 
ConfluentSecurityContext - Class in io.confluent.security.authentication.http
 
ConfluentSecurityContext(HttpCredential.Scheme, Principal, boolean) - Constructor for class io.confluent.security.authentication.http.ConfluentSecurityContext
 
connectTimeout(Duration) - Method in class io.confluent.security.authentication.http.HttpClient.Builder
 
ConstrainedVerificationKeyResolver - Class in io.confluent.security.authentication.oauthbearer
Extends VerificationKeyResolver with ability to add custom Constraints.
ConstrainedVerificationKeyResolver(VerificationKeyResolver, Collection<Constraint>) - Constructor for class io.confluent.security.authentication.oauthbearer.ConstrainedVerificationKeyResolver
Constructs a new VerificationKeyResolver with a collection of Constraint.
Constraint - Interface in io.confluent.security.authentication.oauthbearer
An interface for adding custom constraints to the token verification process.
create() - Method in class io.confluent.security.config.AbstractConfiguration
Construct an instance of T using the properties found within this Configuration instance.
create(AssumePrincipalData) - Static method in class io.confluent.security.trustservice.entities.v1.AssumePrincipalResponse
 
createAuthenticator() - Method in class io.confluent.security.authentication.AuthenticationConfig
Creates a new Authenticator instance.
createAuthenticator() - Method in class io.confluent.security.authentication.oauthbearer.JwtAuthenticationConfig
Creates a new Authenticator instance.
createConsumer(Collection<Constraint>, boolean, SecurityContext) - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuer
Creates a new JwtConsumer to process incoming JsonWebSignatures.
Credential - Class in io.confluent.security.authentication.credential
 
Credential() - Constructor for class io.confluent.security.authentication.credential.Credential
 
credential() - Method in class io.confluent.security.authentication.credential.HttpAnonymousCredential
 
credential() - Method in class io.confluent.security.authentication.credential.HttpBasicCredential
 
credential() - Method in class io.confluent.security.authentication.credential.HttpBearerCredential
 
credential() - Method in class io.confluent.security.authentication.credential.HttpCredential
 
credentialsSupplier(Supplier<ClientCredentials>) - Method in class io.confluent.security.authentication.oidc.OpenIdClient.Builder
 
customEnvOption() - Static method in class io.confluent.security.policyapi.cel.TrustPolicyCelLibrary
 

D

data(Map<String, Object>) - Method in interface io.confluent.security.authentication.AuthenticationErrorInfo
 
data() - Method in interface io.confluent.security.authentication.AuthenticationErrorInfo
 
data(String, Object) - Method in interface io.confluent.security.authentication.AuthenticationErrorInfo
 
data(Map<String, Object>) - Method in class io.confluent.security.authentication.AuthenticationErrorInfo.GeneralInfo
 
data() - Method in class io.confluent.security.authentication.AuthenticationErrorInfo.GeneralInfo
 
data(String, Object) - Method in class io.confluent.security.authentication.AuthenticationErrorInfo.GeneralInfo
 
deserialize(JsonParser, DeserializationContext) - Method in class io.confluent.security.authentication.utils.JacksonSerde.JwkJsonDeserializer
 
deserialize(JsonParser, DeserializationContext) - Method in class io.confluent.security.authentication.utils.JacksonSerde.JwksJsonDeserializer
 
details() - Method in class io.confluent.security.util.JwtUtils.ErrorInfo
 
displayValuesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
domainWhitelist(List<String>) - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJku.Builder
Set JkuDomainWhitelist domain whitelist.
doubleVal(String, Double) - Method in class io.confluent.security.util.SecurityContext
 
Duration - Class in io.confluent.security.config
A configuration value representing some duration.
Duration(long, TimeUnit) - Constructor for class io.confluent.security.config.Duration
 

E

encryptedRefreshToken() - Method in class io.confluent.security.authentication.oidc.RefreshTokenInfo
 
equals(Object) - Method in class io.confluent.security.authentication.credential.BearerCredential
 
equals(Object) - Method in class io.confluent.security.authentication.credential.Credential
 
equals(Object) - Method in class io.confluent.security.authentication.credential.HttpAnonymousCredential
 
equals(Object) - Method in class io.confluent.security.authentication.credential.HttpBasicCredential
 
equals(Object) - Method in class io.confluent.security.authentication.credential.HttpBearerCredential
 
equals(Object) - Method in class io.confluent.security.authentication.credential.UsernamePasswordCredential
 
equals(Object) - Method in class io.confluent.security.authentication.oidc.RefreshTokenInfo
 
equals(Object) - Method in class io.confluent.security.policyapi.TrustPolicy
 
equals(Object) - Method in class io.confluent.security.trustservice.store.data.IdentityPool
 
equals(Object) - Method in class io.confluent.security.util.JwtUtils.ErrorInfo
 
Error(String, List<JwtUtils.ErrorInfo>) - Constructor for class io.confluent.security.util.JwtUtils.Error
 
errorCodes(Throwable) - Static method in class io.confluent.security.util.JwtUtils
jose error codes, can be logged on server side and help lookup proper messages
errorDetails(Throwable, SecurityContext) - Static method in class io.confluent.security.util.JwtUtils
returns the error encapsulated in Error class for fine grain control.
errorInfo(AuthenticationErrorInfo) - Method in exception io.confluent.security.authentication.AuthenticationException
 
errorInfo() - Method in exception io.confluent.security.authentication.AuthenticationException
 
ErrorInfo(AuthenticationExceptionReasonCodes.ErrorTypes, Integer, String, Map<String, Object>, List<JwtUtils.MapSource>) - Constructor for class io.confluent.security.util.JwtUtils.ErrorInfo
 
errorMessage(Throwable) - Static method in class io.confluent.security.util.JwtUtils
safe and comprehensive error message to log on server and throw to client.
errors() - Method in class io.confluent.security.util.JwtUtils.Error
 
evaluatePolicy(Program, Map<String, Object>) - Static method in class io.confluent.security.policyapi.cel.TrustPolicyCelParser
 
evaluatePolicy(ConfluentPolicy<T>, Map<String, Object>) - Method in interface io.confluent.security.policyapi.engine.PolicyEngine
 
evaluatePolicy(ConfluentPolicy<String>, Map<String, Object>) - Method in class io.confluent.security.policyapi.engine.TrustPolicyEngine
 
expiresIn - Variable in class io.confluent.security.authentication.oidc.TokenResponse.Builder
 
expiresIn(long) - Method in class io.confluent.security.authentication.oidc.TokenResponse.Builder
 
expiresIn(long) - Method in class io.confluent.security.trustservice.entities.v1.AssumePrincipalData.Builder
 
expiresIn() - Method in class io.confluent.security.trustservice.entities.v1.AssumePrincipalData
 
expiresOn() - Method in interface io.confluent.security.authentication.oauthbearer.Claims
 
expiresOn() - Method in class io.confluent.security.authentication.oauthbearer.JwtPrincipal
 

F

FAILED_TO_READ_CLAIMS - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
filter(ClientRequestContext) - Method in class io.confluent.security.authentication.http.HttpClientAuthFilter
 
filter(ContainerRequestContext) - Method in class io.confluent.security.authentication.http.HttpServerAuthFilter
 
filter(ContainerRequestContext) - Method in class io.confluent.security.authentication.oauthbearer.TrustServiceBearerServerAuthFilter
 
from(String) - Static method in enum io.confluent.security.authentication.credential.HttpCredential.Scheme
 
fromCachedEntry(CachedGrant) - Static method in class io.confluent.security.authentication.oidc.TokenResponse
 
fromMap(Map<String, Object>) - Static method in class io.confluent.security.util.SecurityContext
 
fromTokenResponse(TokenResponse, Calendar) - Static method in class io.confluent.security.authentication.oidc.CachedGrant
 

G

GeneralInfo() - Constructor for class io.confluent.security.authentication.AuthenticationErrorInfo.GeneralInfo
 
get(ConfluentPolicy<T>) - Method in class io.confluent.security.policyapi.PolicyRuleLoadingCache
 
get(Function<Map<String, Object>, T>) - Method in class io.confluent.security.util.SecurityContext
 
getAccessToken() - Method in class io.confluent.security.authentication.oidc.CachedGrant
 
getAccessToken() - Method in class io.confluent.security.authentication.oidc.TokenResponse
 
getAuthenticationScheme() - Method in class io.confluent.security.authentication.http.ConfluentSecurityContext
 
getCompileOptions() - Method in class io.confluent.security.policyapi.cel.TrustPolicyCelLibrary
 
getContextMap() - Method in class io.confluent.security.util.SecurityContext
 
getError() - Method in class io.confluent.security.authentication.oidc.TokenError
 
getErrorDescription() - Method in class io.confluent.security.authentication.oidc.TokenError
 
getErrorUri() - Method in class io.confluent.security.authentication.oidc.TokenError
 
getExpiresAtMs() - Method in class io.confluent.security.authentication.oidc.CachedGrant
 
getExpiresIn() - Method in class io.confluent.security.authentication.oidc.TokenResponse
 
getGrantType() - Method in class io.confluent.security.authentication.oidc.ClientCredentialsGrant
 
getGrantType() - Method in class io.confluent.security.authentication.oidc.GrantBase
 
getIdentityInfo() - Method in class io.confluent.security.util.JwtUtils.ErrorInfo
 
getIdToken() - Method in class io.confluent.security.authentication.oidc.CachedGrant
 
getIdToken() - Method in class io.confluent.security.authentication.oidc.TokenResponse
 
getIssuer(String) - Static method in class io.confluent.security.authentication.oauthbearer.IssuerExtractor
Returns Json Web Token Issuer claim value.
getLifespanSeconds() - Method in class io.confluent.security.authentication.oidc.CachedGrant
 
getName() - Method in class io.confluent.security.authentication.oauthbearer.JwtPrincipal
 
getProgramOptions() - Method in class io.confluent.security.policyapi.cel.TrustPolicyCelLibrary
 
getRefreshToken() - Method in class io.confluent.security.authentication.oidc.CachedGrant
 
getRefreshToken() - Method in class io.confluent.security.authentication.oidc.TokenResponse
 
getRelatedClaims() - Method in class io.confluent.security.util.JwtUtils.ErrorInfo
 
getScope() - Method in class io.confluent.security.authentication.oidc.CachedGrant
 
getScope() - Method in class io.confluent.security.authentication.oidc.TokenResponse
 
getTokenError() - Method in class io.confluent.security.authentication.oidc.GrantBase
 
getTokenRequest() - Method in class io.confluent.security.authentication.oidc.GrantBase
 
getTokenResponse() - Method in class io.confluent.security.authentication.oidc.GrantBase
 
getTokenType() - Method in class io.confluent.security.authentication.oidc.CachedGrant
 
getTokenType() - Method in class io.confluent.security.authentication.oidc.TokenResponse
 
getTrustPolicyEnv() - Static method in class io.confluent.security.policyapi.cel.TrustPolicyCelParser
 
getUserPrincipal() - Method in class io.confluent.security.authentication.http.ConfluentSecurityContext
 
GrantBase - Class in io.confluent.security.authentication.oidc
Base class representing a client's OpenId authentication request.
GrantBase() - Constructor for class io.confluent.security.authentication.oidc.GrantBase
 
GrantBase.GrantType - Enum in io.confluent.security.authentication.oidc
 
grantType() - Method in interface io.confluent.security.authentication.oidc.TokenRequest
 
grantTypesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 

H

handleGrant(GrantBase) - Method in class io.confluent.security.authentication.oidc.OpenIdClient
 
hasClaims() - Method in class io.confluent.security.authentication.AuthenticationErrorInfo.JwtClaimsInfo
 
hasData() - Method in class io.confluent.security.authentication.AuthenticationErrorInfo.GeneralInfo
 
hasData() - Method in interface io.confluent.security.authentication.AuthenticationErrorInfo
 
hashCode() - Method in class io.confluent.security.authentication.credential.BearerCredential
 
hashCode() - Method in class io.confluent.security.authentication.credential.HttpAnonymousCredential
 
hashCode() - Method in class io.confluent.security.authentication.credential.HttpBasicCredential
 
hashCode() - Method in class io.confluent.security.authentication.credential.HttpBearerCredential
 
hashCode() - Method in class io.confluent.security.authentication.credential.UsernamePasswordCredential
 
hashCode() - Method in class io.confluent.security.authentication.oidc.RefreshTokenInfo
 
hashCode() - Method in class io.confluent.security.policyapi.TrustPolicy
 
hashCode() - Method in class io.confluent.security.trustservice.store.data.IdentityPool
 
hashCode() - Method in class io.confluent.security.util.JwtUtils.ErrorInfo
 
hostNameVerifier(HostnameVerifier) - Method in class io.confluent.security.authentication.http.HttpClient.Builder
 
HttpAnonymousCredential - Class in io.confluent.security.authentication.credential
 
HttpAnonymousCredential() - Constructor for class io.confluent.security.authentication.credential.HttpAnonymousCredential
 
HttpAuthenticator<T extends Principal> - Class in io.confluent.security.authentication.http
 
HttpAuthenticator() - Constructor for class io.confluent.security.authentication.http.HttpAuthenticator
 
HttpAuthenticatorJwt - Class in io.confluent.security.authentication.http
HttpAuthenticator which decodes and validates JsonWebSignatures.
HttpAuthenticatorJwt(Authenticator<BearerCredential, JwtPrincipal>) - Constructor for class io.confluent.security.authentication.http.HttpAuthenticatorJwt
 
HttpBasicCredential - Class in io.confluent.security.authentication.credential
HTTP Basic Authentication credentials.
HttpBasicCredential(String, String) - Constructor for class io.confluent.security.authentication.credential.HttpBasicCredential
 
HttpBasicCredential(Supplier<UsernamePasswordCredential>) - Constructor for class io.confluent.security.authentication.credential.HttpBasicCredential
 
HttpBasicCredential(String) - Constructor for class io.confluent.security.authentication.credential.HttpBasicCredential
 
HttpBearerCredential - Class in io.confluent.security.authentication.credential
HTTP Bearer Authentication credentials.
HttpBearerCredential(String) - Constructor for class io.confluent.security.authentication.credential.HttpBearerCredential
 
HttpBearerCredential(BearerCredential) - Constructor for class io.confluent.security.authentication.credential.HttpBearerCredential
 
HttpClient - Class in io.confluent.security.authentication.http
 
HttpClient(Client) - Constructor for class io.confluent.security.authentication.http.HttpClient
 
HttpClient.Builder - Class in io.confluent.security.authentication.http
 
HttpClientAuthFilter - Class in io.confluent.security.authentication.http
 
HttpClientAuthFilter(HttpCredential) - Constructor for class io.confluent.security.authentication.http.HttpClientAuthFilter
 
HttpCredential - Class in io.confluent.security.authentication.credential
Generic container for HTTP Client credentials.
HttpCredential() - Constructor for class io.confluent.security.authentication.credential.HttpCredential
 
HttpCredential.Scheme - Enum in io.confluent.security.authentication.credential
Supported HTTP Authentication Schemes.
HttpServerAuthFilter - Class in io.confluent.security.authentication.http
Given HttpAuthenticator authenticator, authenticate incoming request and set SecurityContext.
HttpServerAuthFilter(HttpAuthenticator<?>) - Constructor for class io.confluent.security.authentication.http.HttpServerAuthFilter
 
HttpServerAuthFilter(HttpAuthenticator<?>, Supplier<Collection<String>>) - Constructor for class io.confluent.security.authentication.http.HttpServerAuthFilter
 

I

id() - Method in interface io.confluent.security.policyapi.ConfluentPolicy
 
id() - Method in class io.confluent.security.policyapi.jackson.ConfluentPolicyModule.TrustPolicyMixin
Unique identifier for this policy
id() - Method in class io.confluent.security.policyapi.TrustPolicy
 
IDENTITY_POOL_IDENTITY_CLAIM_ABSENT_IN_CLAIMS - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
IDENTITY_POOL_NOT_FOUND - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
IDENTITY_SUPPLIERS - Static variable in class io.confluent.security.util.JwtUtils.ErrorInfo
 
identityInfo(String, Object) - Method in class io.confluent.security.util.JwtUtils.ErrorInfo
 
identityInfo(Map.Entry<String, Object>) - Method in class io.confluent.security.util.JwtUtils.ErrorInfo
 
identityPool(String) - Method in class io.confluent.security.trustservice.entities.v1.AssumePrincipalRequest.Builder
 
identityPool() - Method in class io.confluent.security.trustservice.entities.v1.AssumePrincipalRequest
 
IdentityPool - Class in io.confluent.security.trustservice.store.data
 
IdentityPool(String, long, String, String, String, String, String, String) - Constructor for class io.confluent.security.trustservice.store.data.IdentityPool
 
IdentityPool(String, long, String, String, String, String, String) - Constructor for class io.confluent.security.trustservice.store.data.IdentityPool
 
IdentityPool(String, long, String, String, String, String) - Constructor for class io.confluent.security.trustservice.store.data.IdentityPool
 
identityPool(String) - Method in interface io.confluent.security.trustservice.store.TrustCache
Returns IdentityPool identified by poolId.
identityPools() - Method in interface io.confluent.security.trustservice.store.TrustCache
Returns map of known IdentityPools keyed by pool id.
idToken - Variable in class io.confluent.security.authentication.oidc.TokenResponse.Builder
 
idToken(String) - Method in class io.confluent.security.authentication.oidc.TokenResponse.Builder
 
idTokenEncryptionAlgValuesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
idTokenEncryptionEncValuesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
idTokenSigningAlgValuesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
IdTokenSigningAlgValuesSupported() - Method in class io.confluent.security.authentication.oidc.MetadataResponse
 
INCORRECT_AUTHENTICATOR_TYPE - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
intVal(String, Integer) - Method in class io.confluent.security.util.SecurityContext
 
io.confluent.security.authentication - package io.confluent.security.authentication
 
io.confluent.security.authentication.credential - package io.confluent.security.authentication.credential
 
io.confluent.security.authentication.http - package io.confluent.security.authentication.http
 
io.confluent.security.authentication.oauthbearer - package io.confluent.security.authentication.oauthbearer
 
io.confluent.security.authentication.oidc - package io.confluent.security.authentication.oidc
 
io.confluent.security.authentication.utils - package io.confluent.security.authentication.utils
 
io.confluent.security.config - package io.confluent.security.config
 
io.confluent.security.policyapi - package io.confluent.security.policyapi
 
io.confluent.security.policyapi.cel - package io.confluent.security.policyapi.cel
 
io.confluent.security.policyapi.engine - package io.confluent.security.policyapi.engine
 
io.confluent.security.policyapi.exception - package io.confluent.security.policyapi.exception
 
io.confluent.security.policyapi.jackson - package io.confluent.security.policyapi.jackson
 
io.confluent.security.trustservice.entities.v1 - package io.confluent.security.trustservice.entities.v1
 
io.confluent.security.trustservice.store - package io.confluent.security.trustservice.store
 
io.confluent.security.trustservice.store.data - package io.confluent.security.trustservice.store.data
 
io.confluent.security.util - package io.confluent.security.util
 
isBetween(int, int, int) - Static method in class io.confluent.security.config.Validation
 
isExpired() - Method in class io.confluent.security.authentication.oidc.CachedGrant
 
isSecure() - Method in class io.confluent.security.authentication.http.ConfluentSecurityContext
 
issuedAt() - Method in interface io.confluent.security.authentication.oauthbearer.Claims
 
issuedAt() - Method in class io.confluent.security.authentication.oauthbearer.JwtPrincipal
 
issuedAt() - Method in class io.confluent.security.authentication.oidc.RefreshTokenInfo
 
issuer() - Method in interface io.confluent.security.authentication.oauthbearer.Claims
 
issuer() - Method in class io.confluent.security.authentication.oauthbearer.JwtPrincipal
 
Issuer(String) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
Issuer(URI) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
issuer() - Method in class io.confluent.security.authentication.oidc.MetadataResponse
 
issuer(String) - Method in class io.confluent.security.authentication.oidc.OpenIdClient.Builder
 
issuer() - Method in class io.confluent.security.authentication.oidc.RefreshTokenInfo
 
issuer() - Method in class io.confluent.security.trustservice.store.data.IdentityPool
 
IssuerExtractor - Class in io.confluent.security.authentication.oauthbearer
Decode JWT to extract issuer field in the JWT claims.
issuers(List<JwtIssuer>) - Method in class io.confluent.security.authentication.oauthbearer.JwtAuthenticationConfig.Builder
List of VerificationKeyResolver instances keyed by Issuer name.
issuers() - Method in class io.confluent.security.authentication.oauthbearer.JwtAuthenticationConfig
List of JwtIssuers registered with this JwtAuthenticator.
isUserInRole(String) - Method in class io.confluent.security.authentication.http.ConfluentSecurityContext
 

J

JacksonSerde - Class in io.confluent.security.authentication.utils
 
JacksonSerde() - Constructor for class io.confluent.security.authentication.utils.JacksonSerde
 
JacksonSerde.DataFormat - Enum in io.confluent.security.authentication.utils
Supported ObjectMapper data formats.
JacksonSerde.JwkJsonDeserializer - Class in io.confluent.security.authentication.utils
 
JacksonSerde.JwkJsonSerializer - Class in io.confluent.security.authentication.utils
 
JacksonSerde.JwksJsonDeserializer - Class in io.confluent.security.authentication.utils
 
jsonMapper() - Static method in class io.confluent.security.authentication.utils.JacksonSerde
 
jsonWebKeySet(String) - Method in interface io.confluent.security.trustservice.store.TrustCache
Returns the JsonWebKeySet associated with the given Issuer.
jsonWebKeySets() - Method in interface io.confluent.security.trustservice.store.TrustCache
Returns a map of all known JsonWebKeySets keyed by Issuer.
jti() - Method in interface io.confluent.security.authentication.oauthbearer.Claims
 
jti() - Method in class io.confluent.security.authentication.oauthbearer.JwtPrincipal
 
JwkJsonDeserializer(Class<JsonWebKey>) - Constructor for class io.confluent.security.authentication.utils.JacksonSerde.JwkJsonDeserializer
 
JwkJsonSerializer(Class<JsonWebKey>) - Constructor for class io.confluent.security.authentication.utils.JacksonSerde.JwkJsonSerializer
 
jwksEndpoint(URI) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
jwksEndpoint() - Method in class io.confluent.security.authentication.oidc.MetadataResponse
 
JwksJsonDeserializer(Class<JsonWebKeySet>) - Constructor for class io.confluent.security.authentication.utils.JacksonSerde.JwksJsonDeserializer
 
jwksUri(String) - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJwks.Builder
Set Jwks endpoint where Issuer's JsonWebKeySet can be fetched.
jwksUri() - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJwks
HTTPS endpoint hosting this issuers JsonWebKeySet.
JwtAuthenticationConfig - Class in io.confluent.security.authentication.oauthbearer
Configure JwtAuthenticator instance.
JwtAuthenticationConfig.Builder - Class in io.confluent.security.authentication.oauthbearer
 
JwtAuthenticator - Class in io.confluent.security.authentication.oauthbearer
Authenticator which decodes and validates JsonWebSignatures.
JwtAuthenticator(List<JwtIssuer>, Collection<Constraint>) - Constructor for class io.confluent.security.authentication.oauthbearer.JwtAuthenticator
 
JwtClaimsInfo() - Constructor for class io.confluent.security.authentication.AuthenticationErrorInfo.JwtClaimsInfo
 
JwtIssuer - Class in io.confluent.security.authentication.oauthbearer
Constructs a new JwtConsumer instance for JsonWebSignature decoding and validation.
JwtIssuer() - Constructor for class io.confluent.security.authentication.oauthbearer.JwtIssuer
 
JwtIssuerJku - Class in io.confluent.security.authentication.oauthbearer
Fetches Signature Verification key information at the URL found in the tokens jku claim.
JwtIssuerJku.Builder - Class in io.confluent.security.authentication.oauthbearer
 
JwtIssuerJwks - Class in io.confluent.security.authentication.oauthbearer
JwtIssuer which fetches JsonWebKeySet from a trusted HTTPS endpoint.
JwtIssuerJwks.Builder - Class in io.confluent.security.authentication.oauthbearer
Constructs a new JwtIssuer instance with a HttpsJwksVerificationKeyResolver.
JwtIssuerStatic - Class in io.confluent.security.authentication.oauthbearer
JwtIssuer with a static JsonWebKeySet.
JwtIssuerStatic(String, Set<String>, JsonWebKeySet) - Constructor for class io.confluent.security.authentication.oauthbearer.JwtIssuerStatic
 
JwtIssuerStatic.Builder - Class in io.confluent.security.authentication.oauthbearer
 
JwtPrincipal - Class in io.confluent.security.authentication.oauthbearer
A Principal implementation that wraps a JSON Web Token (JWT).
JwtPrincipal(JwtClaims) - Constructor for class io.confluent.security.authentication.oauthbearer.JwtPrincipal
 
JwtUtils - Class in io.confluent.security.util
 
JwtUtils() - Constructor for class io.confluent.security.util.JwtUtils
 
JwtUtils.Error - Class in io.confluent.security.util
 
JwtUtils.ErrorInfo - Class in io.confluent.security.util
 

K

KeyConstraintException - Exception in io.confluent.security.authentication.oauthbearer
Exception raised when a Constraint can't be satisfied.
KeyConstraintException(String) - Constructor for exception io.confluent.security.authentication.oauthbearer.KeyConstraintException
Creates a new KeyConstraintException with the given message.
KeyConstraintException(String, Throwable) - Constructor for exception io.confluent.security.authentication.oauthbearer.KeyConstraintException
Creates a new KeyConstraintException with the given message and cause.
keyResolver(Collection<Constraint>, SecurityContext) - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuer
Creates a new ConstrainedVerificationKeyResolver bound to this issuer.
keyResolver(Collection<Constraint>, SecurityContext) - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJku
Returns Signature Verification Key identified by HeaderParameterNames.JWK_SET_URL
keyResolver(Collection<Constraint>, SecurityContext) - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJwks
Returns Signature Verification Key identified by HeaderParameterNames.JWK_SET_URL
keyResolver(Collection<Constraint>, SecurityContext) - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerStatic
Returns Signature Verification Key identified by HeaderParameterNames.JWK_SET_URL
kind() - Method in class io.confluent.security.authentication.AuthenticationConfig
Describes the AuthenticationConfig implementation.
kind() - Method in class io.confluent.security.authentication.oauthbearer.JwtAuthenticationConfig
Describes the AuthenticationConfig implementation.
kind() - Method in interface io.confluent.security.policyapi.ConfluentPolicy
 
kind() - Method in class io.confluent.security.policyapi.jackson.ConfluentPolicyModule.TrustPolicyMixin
 
kind() - Method in class io.confluent.security.policyapi.TrustPolicy
 

L

load(URL, Class<T>) - Method in class io.confluent.security.config.YamlConfigReader
 
load(InputStream, Class<T>) - Method in class io.confluent.security.config.YamlConfigReader
Creates a new instance of T based on the contents read from the specified InputStream.
load(URL, Class<T>) - Method in interface io.confluent.security.util.ResourceLoader
Creates a new instance of T based on the contents retrieved from the specified URL.
load(InputStream, Class<T>) - Method in interface io.confluent.security.util.ResourceLoader
Creates a new instance of T based on the contents read from the specified InputStream.

M

mapper(JacksonSerde.DataFormat) - Static method in class io.confluent.security.authentication.utils.JacksonSerde
 
MDS_POOL_ID_KEY - Static variable in class io.confluent.security.authentication.oauthbearer.TrustServiceBearerServerAuthFilter
 
message() - Method in class io.confluent.security.util.JwtUtils.Error
 
MetadataResponse - Class in io.confluent.security.authentication.oidc
Metadata returned by the IdP containing info useful for OpenId operations, such as token exchange endpoints https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
MetadataResponse.Builder - Class in io.confluent.security.authentication.oidc
 
mkErrorInfo(AuthenticationExceptionReasonCodes.ErrorTypes, Integer, String) - Static method in class io.confluent.security.util.JwtUtils.ErrorInfo
 
mkErrorInfo(AuthenticationExceptionReasonCodes.ErrorTypes, Integer, String, List<JwtUtils.MapSource>) - Static method in class io.confluent.security.util.JwtUtils.ErrorInfo
 
mkErrorInfo(AuthenticationExceptionReasonCodes.ErrorTypes, Integer, String, Map<String, Object>, List<JwtUtils.MapSource>) - Static method in class io.confluent.security.util.JwtUtils.ErrorInfo
 

N

name() - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuer
JsonWebSignature Issuer name.
name(String) - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJku.Builder
 
name() - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJku
JsonWebSignature Issuer name.
name(String) - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJwks.Builder
 
name() - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerJwks
JsonWebSignature Issuer name.
name(String) - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerStatic.Builder
 
name() - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerStatic
JsonWebSignature Issuer name.
NESTING_LIMIT_DEFAULT - Static variable in class io.confluent.security.policyapi.engine.TrustPolicyEngine
 
NETWORK_ID_DISALLOWED - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
notBefore() - Method in interface io.confluent.security.authentication.oauthbearer.Claims
 
notBefore() - Method in class io.confluent.security.authentication.oauthbearer.JwtPrincipal
 

O

OAUTH_AUTHORIZED_PARTY - Static variable in class io.confluent.security.authentication.AdmissionController
 
OAUTH_POOL_ID - Static variable in class io.confluent.security.util.JwtUtils
 
OAUTH_PROVIDER_ID - Static variable in class io.confluent.security.util.JwtUtils
 
objectMapper(ObjectMapper) - Method in class io.confluent.security.authentication.oidc.OpenIdClient.Builder
 
objectMapper(JacksonSerde.DataFormat) - Static method in class io.confluent.security.authentication.utils.JacksonSerde
 
OpenIdClient - Class in io.confluent.security.authentication.oidc
OpenIdHttpClient processes authentication requests based on the OpenId spec https://openid.net/specs/openid-connect-core-1_0.html
OpenIdClient.Builder - Class in io.confluent.security.authentication.oidc
 
opPolicyUri(URI) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
opTosUri(URI) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
ORG_ID_CLUSTER_ID_MISMATCH - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
ORG_ID_POOL_FILTER_MISMATCH - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
organizationId() - Method in class io.confluent.security.authentication.oauthbearer.CloudJwtPrincipal
 
orgId() - Method in class io.confluent.security.trustservice.store.data.IdentityPool
 

P

pems(List<String>) - Method in class io.confluent.security.authentication.oauthbearer.JwtIssuerStatic.Builder
Set PEM encoded key material
policy() - Method in class io.confluent.security.trustservice.store.data.IdentityPool
 
PolicyEngine<T> - Interface in io.confluent.security.policyapi.engine
Evaluates a ConfluentPolicy against a collection of verified claims.
PolicyEngineException - Exception in io.confluent.security.policyapi.exception
Any exception raised during policy rule compilation or evaluation.
PolicyEngineException(String) - Constructor for exception io.confluent.security.policyapi.exception.PolicyEngineException
 
PolicyEngineException(Throwable) - Constructor for exception io.confluent.security.policyapi.exception.PolicyEngineException
 
PolicyEngineException(String, Throwable) - Constructor for exception io.confluent.security.policyapi.exception.PolicyEngineException
 
PolicyRuleLoadingCache<T> - Class in io.confluent.security.policyapi
 
PolicyRuleLoadingCache(Env) - Constructor for class io.confluent.security.policyapi.PolicyRuleLoadingCache
 
PolicyRuleLoadingCache(long, Env) - Constructor for class io.confluent.security.policyapi.PolicyRuleLoadingCache
 
poolId() - Method in class io.confluent.security.trustservice.store.data.IdentityPool
 
providerId() - Method in class io.confluent.security.trustservice.store.data.IdentityPool
 

R

read(String) - Static method in class io.confluent.security.authentication.credential.HttpCredential
 
readTimeout(Duration) - Method in class io.confluent.security.authentication.http.HttpClient.Builder
 
reasonCode() - Method in exception io.confluent.security.authentication.AuthenticationException
 
reasonCode() - Method in class io.confluent.security.util.JwtUtils.ErrorInfo
 
refreshToken(String) - Method in class io.confluent.security.authentication.oidc.TokenResponse.Builder
 
RefreshTokenInfo - Class in io.confluent.security.authentication.oidc
 
RefreshTokenInfo(String, String, long, String, String) - Constructor for class io.confluent.security.authentication.oidc.RefreshTokenInfo
 
refreshTokenInfo(String) - Method in interface io.confluent.security.trustservice.store.TrustCache
Returns RefreshTokenInfo keyed by combination of issuer and subClaim.
registrationEndpoint(URI) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
registrationEndpoint() - Method in class io.confluent.security.authentication.oidc.MetadataResponse
 
relatedClaims(String, Object) - Method in class io.confluent.security.util.JwtUtils.ErrorInfo
 
relatedClaims(Map.Entry<String, Object>) - Method in class io.confluent.security.util.JwtUtils.ErrorInfo
 
removeIdentityPool(Optional<Principal>, String, String) - Method in interface io.confluent.security.trustservice.store.TrustWriter
Removes an IdentityPool record.
removeIdentityPool(String) - Method in interface io.confluent.security.trustservice.store.TrustWriter
 
removeJwtIssuer(Optional<Principal>, String, String) - Method in interface io.confluent.security.trustservice.store.TrustWriter
Removes a JwtIssuer
removeJwtIssuer(String) - Method in interface io.confluent.security.trustservice.store.TrustWriter
 
removeRefreshTokenInfo(Optional<Principal>, String, String) - Method in interface io.confluent.security.trustservice.store.TrustWriter
 
removeRefreshTokenInfo(String, String) - Method in interface io.confluent.security.trustservice.store.TrustWriter
 
replaceIdentityPool(Optional<Principal>, String, int, String, String, String, String, String, String) - Method in interface io.confluent.security.trustservice.store.TrustWriter
Replaces an IdentityPool
replaceIdentityPool(String, int, String, String, String, String, String) - Method in interface io.confluent.security.trustservice.store.TrustWriter
 
replaceJwtIssuer(Optional<Principal>, String, JsonWebKeySet, String) - Method in interface io.confluent.security.trustservice.store.TrustWriter
Replaces a JwtIssuer
replaceJwtIssuer(String, JsonWebKeySet) - Method in interface io.confluent.security.trustservice.store.TrustWriter
 
replaceRefreshTokenInfo(Optional<Principal>, String, String, long, String, String) - Method in interface io.confluent.security.trustservice.store.TrustWriter
 
replaceRefreshTokenInfo(String, String, long, String, String) - Method in interface io.confluent.security.trustservice.store.TrustWriter
 
requestObjectEncryptionAlgValuesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
requestObjectEncryptionEncValuesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
requestObjectSigningAlgValuesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
requestParameterSupported(boolean) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
requestUriParameterSupported(boolean) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
requireRequestUriRegistration(boolean) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
resolveKey(JsonWebSignature, List<JsonWebStructure>) - Method in class io.confluent.security.authentication.oauthbearer.ConstrainedVerificationKeyResolver
Chooses the key to be used for signature verification on the given JWS.
ResourceLoader - Interface in io.confluent.security.util
Constructs a new object based on the contents read from some URL.
responseModesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
responseTypesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
responseTypesSupported() - Method in class io.confluent.security.authentication.oidc.MetadataResponse
 

S

scheme() - Method in class io.confluent.security.authentication.credential.HttpAnonymousCredential
 
scheme() - Method in class io.confluent.security.authentication.credential.HttpBasicCredential
 
scheme() - Method in class io.confluent.security.authentication.credential.HttpBearerCredential
 
scheme() - Method in class io.confluent.security.authentication.credential.HttpCredential
HTTP Authentication Scheme.
scope - Variable in class io.confluent.security.authentication.oidc.TokenResponse.Builder
 
scope(String) - Method in class io.confluent.security.authentication.oidc.TokenResponse.Builder
 
scopesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
SecurityContext - Class in io.confluent.security.util
 
SecurityContext() - Constructor for class io.confluent.security.util.SecurityContext
 
serialize(JsonWebKey, JsonGenerator, SerializerProvider) - Method in class io.confluent.security.authentication.utils.JacksonSerde.JwkJsonSerializer
 
serviceAccount() - Method in class io.confluent.security.trustservice.store.data.IdentityPool
 
serviceDocumentation(URI) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
sessionId() - Method in class io.confluent.security.authentication.oidc.RefreshTokenInfo
 
setIdentityPool(String) - Method in class io.confluent.security.trustservice.entities.v1.AssumePrincipalRequest
 
setToken(String) - Method in class io.confluent.security.trustservice.entities.v1.AssumePrincipalRequest
 
SignatureAlgorithm - Enum in io.confluent.security.authentication.oauthbearer
Supported JsonWebSignature algorithms.
SNI_ID_CLUSTER_ID_MISMATCH - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
sslContext(SSLContext) - Method in class io.confluent.security.authentication.http.HttpClient.Builder
 
sslContext(SSLContext) - Method in class io.confluent.security.authentication.oidc.OpenIdClient.Builder
 
strVal(String, String) - Method in class io.confluent.security.util.SecurityContext
 
strVal(String, String, boolean) - Method in class io.confluent.security.util.SecurityContext
 
subClaim() - Method in class io.confluent.security.authentication.oidc.RefreshTokenInfo
 
subject() - Method in interface io.confluent.security.authentication.oauthbearer.Claims
 
subject() - Method in class io.confluent.security.authentication.oauthbearer.JwtPrincipal
 
subjectClaim() - Method in class io.confluent.security.trustservice.store.data.IdentityPool
 
subjectTypesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
subjectTypesSupported() - Method in class io.confluent.security.authentication.oidc.MetadataResponse
 
SyntaxException - Exception in io.confluent.security.policyapi.exception
 
SyntaxException(String) - Constructor for exception io.confluent.security.policyapi.exception.SyntaxException
 

T

target(URI) - Method in class io.confluent.security.authentication.http.HttpClient
 
target(URI, HttpCredential) - Method in class io.confluent.security.authentication.http.HttpClient
 
token(String) - Method in class io.confluent.security.trustservice.entities.v1.AssumePrincipalData.Builder
 
token() - Method in class io.confluent.security.trustservice.entities.v1.AssumePrincipalData
 
token(String) - Method in class io.confluent.security.trustservice.entities.v1.AssumePrincipalRequest.Builder
 
token() - Method in class io.confluent.security.trustservice.entities.v1.AssumePrincipalRequest
 
TOKEN_ISSUER_CLAIM_ABSENT - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
TOKEN_ISSUER_CLAIM_UNRECOGNIZED - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
TOKEN_PROCESSING_FAILURE - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
TOKEN_VALUE_ABSENT - Static variable in class io.confluent.security.authentication.AuthenticationExceptionReasonCodes
 
tokenEndpoint(URI) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
tokenEndpoint() - Method in class io.confluent.security.authentication.oidc.MetadataResponse
 
tokenEndpointAuthMethodsSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
tokenEndpointAuthSigningAlgValuesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
TokenError - Class in io.confluent.security.authentication.oidc
 
TokenRequest - Interface in io.confluent.security.authentication.oidc
 
TokenResponse - Class in io.confluent.security.authentication.oidc
 
TokenResponse(String, String, String, long, String, String) - Constructor for class io.confluent.security.authentication.oidc.TokenResponse
 
TokenResponse.Builder - Class in io.confluent.security.authentication.oidc
 
tokenType(String) - Method in class io.confluent.security.authentication.oidc.TokenResponse.Builder
 
toString() - Method in enum io.confluent.security.authentication.AuthenticationExceptionReasonCodes.ErrorTypes
 
toString() - Method in enum io.confluent.security.authentication.credential.HttpCredential.Scheme
 
toString() - Method in class io.confluent.security.authentication.credential.HttpCredential
 
toString() - Method in enum io.confluent.security.authentication.oidc.GrantBase.GrantType
 
toString() - Method in class io.confluent.security.authentication.oidc.RefreshTokenInfo
 
toString() - Method in class io.confluent.security.util.JwtUtils.Error
 
toString() - Method in class io.confluent.security.util.JwtUtils.ErrorInfo
 
TrustCache - Interface in io.confluent.security.trustservice.store
 
TrustPolicy - Class in io.confluent.security.policyapi
A TrustPolicy describes who may assume some role.
TrustPolicy(String, long, String) - Constructor for class io.confluent.security.policyapi.TrustPolicy
 
TrustPolicyCelLibrary - Class in io.confluent.security.policyapi.cel
This class implements a library similar to the cel standard library, but with only the subset of compile and program options that we want to support.
TrustPolicyCelLibrary() - Constructor for class io.confluent.security.policyapi.cel.TrustPolicyCelLibrary
 
TrustPolicyCelParser - Class in io.confluent.security.policyapi.cel
 
TrustPolicyCelParser() - Constructor for class io.confluent.security.policyapi.cel.TrustPolicyCelParser
 
TrustPolicyEngine - Class in io.confluent.security.policyapi.engine
 
TrustPolicyEngine() - Constructor for class io.confluent.security.policyapi.engine.TrustPolicyEngine
 
TrustPolicyEngine(PolicyRuleLoadingCache<String>) - Constructor for class io.confluent.security.policyapi.engine.TrustPolicyEngine
 
TrustPolicyEngine(Env, PolicyRuleLoadingCache<String>) - Constructor for class io.confluent.security.policyapi.engine.TrustPolicyEngine
 
TrustServiceBearerServerAuthFilter - Class in io.confluent.security.authentication.oauthbearer
 
TrustServiceBearerServerAuthFilter(TrustServiceClient, HttpAuthenticatorJwt) - Constructor for class io.confluent.security.authentication.oauthbearer.TrustServiceBearerServerAuthFilter
 
TrustServiceClient - Class in io.confluent.security.authentication.oauthbearer
 
TrustServiceClient.Builder - Class in io.confluent.security.authentication.oauthbearer
 
TrustWriter - Interface in io.confluent.security.trustservice.store
 
typeVal(String, Class<T>, T) - Method in class io.confluent.security.util.SecurityContext
 

U

uiLocalesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
unit() - Method in class io.confluent.security.config.Duration
 
userId() - Method in class io.confluent.security.authentication.oauthbearer.CloudJwtPrincipal
 
userInfoEncryptionAlgValuesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
userInfoEncryptionEncValuesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
userInfoEndpoint(URI) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
userInfoSigningAlgValuesSupported(String[]) - Method in class io.confluent.security.authentication.oidc.MetadataResponse.Builder
 
UsernamePasswordCredential - Class in io.confluent.security.authentication.credential
 
UsernamePasswordCredential(String, String) - Constructor for class io.confluent.security.authentication.credential.UsernamePasswordCredential
 
userResourceId() - Method in class io.confluent.security.authentication.oauthbearer.CloudJwtPrincipal
 

V

validate(JsonWebSignature) - Method in class io.confluent.security.authentication.oauthbearer.AlgorithmWhitelist
Ensures JWS was signed using a whitelisted signature algorithm.
validate(JsonWebSignature) - Method in interface io.confluent.security.authentication.oauthbearer.Constraint
Custom constraints to be enforced on the token verification process.
validatePolicy(T) - Method in interface io.confluent.security.policyapi.engine.PolicyEngine
 
validatePolicy(String) - Method in class io.confluent.security.policyapi.engine.TrustPolicyEngine
 
validatePolicyEvaluation(T, Map<String, Object>) - Method in interface io.confluent.security.policyapi.engine.PolicyEngine
 
validatePolicyEvaluation(String, Map<String, Object>) - Method in class io.confluent.security.policyapi.engine.TrustPolicyEngine
 
validateToken(AssumePrincipalRequest) - Method in class io.confluent.security.authentication.oauthbearer.TrustServiceClient
 
Validation - Class in io.confluent.security.config
Shared collection of configuration parameter input validations.
Validation() - Constructor for class io.confluent.security.config.Validation
 
value() - Method in class io.confluent.security.config.Duration
 
value() - Method in class io.confluent.security.trustservice.entities.v1.AssumePrincipalResponse
 
valueOf(String) - Static method in enum io.confluent.security.authentication.AuthenticationConfig.Kind
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum io.confluent.security.authentication.AuthenticationExceptionReasonCodes.ErrorTypes
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum io.confluent.security.authentication.credential.HttpCredential.Scheme
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum io.confluent.security.authentication.oauthbearer.SignatureAlgorithm
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum io.confluent.security.authentication.oidc.GrantBase.GrantType
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum io.confluent.security.authentication.utils.JacksonSerde.DataFormat
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum io.confluent.security.policyapi.ConfluentPolicy.Kind
Returns the enum constant of this type with the specified name.
values() - Static method in enum io.confluent.security.authentication.AuthenticationConfig.Kind
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum io.confluent.security.authentication.AuthenticationExceptionReasonCodes.ErrorTypes
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum io.confluent.security.authentication.credential.HttpCredential.Scheme
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum io.confluent.security.authentication.oauthbearer.SignatureAlgorithm
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum io.confluent.security.authentication.oidc.GrantBase.GrantType
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum io.confluent.security.authentication.utils.JacksonSerde.DataFormat
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum io.confluent.security.policyapi.ConfluentPolicy.Kind
Returns an array containing the constants of this enum type, in the order they are declared.
version() - Method in interface io.confluent.security.policyapi.ConfluentPolicy
 
version() - Method in class io.confluent.security.policyapi.jackson.ConfluentPolicyModule.TrustPolicyMixin
The version number for this policy
version() - Method in class io.confluent.security.policyapi.TrustPolicy
 
version() - Method in class io.confluent.security.trustservice.store.data.IdentityPool
 

Y

YamlConfigReader - Class in io.confluent.security.config
ResourceLoader for reading YAML encoded configurations.
YamlConfigReader() - Constructor for class io.confluent.security.config.YamlConfigReader
 
A B C D E F G H I J K L M N O P R S T U V Y 
Skip navigation links