All Classes and Interfaces

Class
Description
AbstractConfiguration<T>
 
AbstractConfiguration.Builder<BuilderT>
Construct an immutable configuration object.
AdmissionController
 
AlgorithmWhitelist
Constraint restricts signature verification to a specific set of SignatureAlgorithms.
AssumePrincipalData
 
AssumePrincipalData.Builder
 
AssumePrincipalRequest
 
AssumePrincipalRequest.Builder
 
AssumePrincipalResponse
 
AuthenticationConfig<C,P>
Configures a Authenticator instance.
AuthenticationConfig.Kind
 
Authenticator<C,P>
Validates user-provided credentials and returns a Principal.
BearerCredential
 
CachedGrant
 
CertIdentityPoolFilter
This class implements the CEL filter for the cert identity pool.
CertificateMetadata
Utility class for generating certificate metadata.
CertificateUtils
 
CertMetadataIdentifier
Enum for Certificate Metadata Identifiers, defined in spec
Claims
 
ClientCredentials
Client id/secret pair used for client credentials grants ClientCredentialsGrant
ClientCredentialsGrant
Represents a client's request for authentication via client credentials https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication
CloudJwtPrincipal
Extends JwtPrincipal with custom Confluent Cloud claims
ConfigurationException
Raised when a problem arises processing a configuration object.
ConfluentPolicy<T>
Versioned Confluent Policy definition.
ConfluentPolicy.Kind
 
ConfluentPolicyModule
 
ConfluentPolicyModule.TrustPolicyMixin
 
ConfluentSecurityContext
 
ConstrainedVerificationKeyResolver
Extends VerificationKeyResolver with ability to add custom Constraints.
Constraint
An interface for adding custom constraints to the token verification process.
Credential
 
Duration
A configuration value representing some duration.
GrantBase
Base class representing a client's OpenId authentication request.
GrantBase.GrantType
 
HttpAnonymousCredential
 
HttpAuthenticator<T>
 
HttpAuthenticatorJwt
HttpAuthenticator which decodes and validates JsonWebSignatures.
HttpBasicCredential
HTTP Basic Authentication credentials.
HttpBearerCredential
HTTP Bearer Authentication credentials.
HttpClient
 
HttpClient.Builder
 
HttpClientAuthFilter
 
HttpCredential
Generic container for HTTP Client credentials.
HttpCredential.Scheme
Supported HTTP Authentication Schemes.
HttpServerAuthFilter
Given HttpAuthenticator authenticator, authenticate incoming request and set SecurityContext.
IdentityPool
 
IdentityProvider
 
IssuerExtractor
Decode JWT to extract issuer field in the JWT claims.
JacksonSerde
 
JacksonSerde.DataFormat
Supported ObjectMapper data formats.
JacksonSerde.JwkJsonDeserializer
 
JacksonSerde.JwkJsonSerializer
 
JacksonSerde.JwksJsonDeserializer
 
JwtAuthenticationConfig
Configure JwtAuthenticator instance.
JwtAuthenticationConfig.Builder
 
JwtAuthenticator
Authenticator which decodes and validates JsonWebSignatures.
JwtIssuer
Constructs a new JwtConsumer instance for JsonWebSignature decoding and validation.
JwtIssuerJku
Fetches Signature Verification key information at the URL found in the tokens jku claim.
JwtIssuerJku.Builder
 
JwtIssuerJwks
JwtIssuer which fetches JsonWebKeySet from a trusted HTTPS endpoint.
JwtIssuerJwks.Builder
Constructs a new JwtIssuer instance with a HttpsJwksVerificationKeyResolver.
JwtIssuerSpire
JwtIssuer which fetches trust bundle JwtBundle from SPIRE workload API.
JwtIssuerSpire.Builder
Constructs a new JwtIssuerSpire instance.
JwtIssuerSpireConfigurator
Interface with method that can be used to configure the SPIRE agent endpoint for fetching trust bundle JwtBundle.
JwtIssuerStatic
JwtIssuer with a static JsonWebKeySet.
JwtIssuerStatic.Builder
 
JwtPrincipal
A Principal implementation that wraps a JSON Web Token (JWT).
KeyConstraintException
Exception raised when a Constraint can't be satisfied.
MetadataResponse
Metadata returned by the IdP containing info useful for OpenId operations, such as token exchange endpoints https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
MetadataResponse.Builder
 
MockJwtSource
Mock JwtSource class Visible for testing SPIFFE JWT-SVID changes
MockJwtSource.Kid
 
OpenIdClient
OpenIdHttpClient processes authentication requests based on the OpenId spec https://openid.net/specs/openid-connect-core-1_0.html
OpenIdClient.Builder
 
PolicyEngine<T>
Evaluates a ConfluentPolicy against a collection of verified claims.
PolicyEngineException
Any exception raised during policy rule compilation or evaluation.
PolicyRuleLoadingCache<T>
 
PolicyViolationException
 
RefreshTokenInfo
 
ResourceLoader
Constructs a new object based on the contents read from some URL.
SignatureAlgorithm
Supported JsonWebSignature algorithms.
SpireVerificationKeyResolver
Fetch JWKS data from SPIRE Trust Bundle.
SyntaxException
 
TokenError
 
TokenRequest
 
TokenResponse
 
TokenResponse.Builder
 
TrustCache
 
TrustPolicy
A TrustPolicy describes who may assume some role.
TrustPolicyCelLibrary
This class implements a library similar to the cel standard library, but with only the subset of compile and program options that we want to support.
TrustPolicyCelParser
 
TrustPolicyEngine
 
TrustServiceBearerServerAuthFilter
 
TrustServiceClient
 
TrustServiceClient.Builder
 
TrustWriter
 
UsernamePasswordCredential
 
Validation
Shared collection of configuration parameter input validations.
YamlConfigReader
ResourceLoader for reading YAML encoded configurations.