Package com.ibm.cloud.sdk.core.security
Class VpcInstanceAuthenticator
- java.lang.Object
-
- com.ibm.cloud.sdk.core.security.AuthenticatorBase
-
- com.ibm.cloud.sdk.core.security.TokenRequestBasedAuthenticator<IamToken,VpcTokenResponse>
-
- com.ibm.cloud.sdk.core.security.VpcInstanceAuthenticator
-
- All Implemented Interfaces:
Authenticator
public class VpcInstanceAuthenticator extends TokenRequestBasedAuthenticator<IamToken,VpcTokenResponse> implements Authenticator
VpcInstanceAuthenticator implements an authentication scheme in which it retrieves an "instance identity token" and exchanges that for an IAM access token using the VPC Instance Metadata Service API which is available on a local VPC-managed compute resource (VM).The instance identity token is similar to an IAM apikey, except that it is managed automatically by the compute resource provider (VPC).
The resulting IAM access token is then added to outbound requests in an Authorization header of the form: "Authorization: Bearer <access-token>"
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classVpcInstanceAuthenticator.BuilderThis Builder class is used to construct IamAuthenticator instances.
-
Field Summary
-
Fields inherited from class com.ibm.cloud.sdk.core.security.AuthenticatorBase
ERRORMSG_ATLEAST_ONE_PROP_ERROR, ERRORMSG_ATMOST_ONE_PROP_ERROR, ERRORMSG_EXCLUSIVE_PROP_ERROR, ERRORMSG_PROP_INVALID, ERRORMSG_PROP_INVALID_INTEGER_VALUE, ERRORMSG_PROP_MISSING, ERRORMSG_REQ_FAILED
-
Fields inherited from interface com.ibm.cloud.sdk.core.security.Authenticator
AUTHTYPE_BASIC, AUTHTYPE_BEARER_TOKEN, AUTHTYPE_CONTAINER, AUTHTYPE_CP4D, AUTHTYPE_CP4D_SERVICE, AUTHTYPE_CP4D_SERVICE_INSTANCE, AUTHTYPE_IAM, AUTHTYPE_NOAUTH, AUTHTYPE_VPC, PROPNAME_APIKEY, PROPNAME_AUTH_TYPE, PROPNAME_BEARER_TOKEN, PROPNAME_CLIENT_ID, PROPNAME_CLIENT_SECRET, PROPNAME_CR_TOKEN_FILENAME, PROPNAME_DISABLE_SSL, PROPNAME_DISPLAY_NAME, PROPNAME_EXPIRATION_TIME, PROPNAME_IAM_PROFILE_CRN, PROPNAME_IAM_PROFILE_ID, PROPNAME_IAM_PROFILE_NAME, PROPNAME_PASSWORD, PROPNAME_PERMISSIONS, PROPNAME_SCOPE, PROPNAME_SERVICE_BROKER_SECRET, PROPNAME_SERVICE_INSTANCE_ID, PROPNAME_UID, PROPNAME_URL, PROPNAME_USERNAME
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.StringauthenticationType()Returns the authentication type associated with this Authenticator.static VpcInstanceAuthenticatorfromConfiguration(java.util.Map<java.lang.String,java.lang.String> config)Constructs a ContainerAuthenticator instance using properties contained in the specified Map.java.lang.StringgetIamProfileCrn()java.lang.StringgetIamProfileId()java.lang.StringgetURL()VpcInstanceAuthenticator.BuildernewBuilder()Returns a new Builder instance pre-loaded with the configuration from "this".IamTokenrequestToken()Fetches an IAM access token using the authenticator's configuration.voidvalidate()Validates the configuration of the authenticator and throws an exception if validation fails.-
Methods inherited from class com.ibm.cloud.sdk.core.security.TokenRequestBasedAuthenticator
authenticate, getClient, getDisableSSLVerification, getHeaders, getProxy, getProxyAuthenticator, getToken, setClient, setDisableSSLVerification, setHeaders, setProxy, setProxyAuthenticator
-
Methods inherited from class com.ibm.cloud.sdk.core.security.AuthenticatorBase
constructBasicAuthHeader, constructBearerTokenAuthHeader
-
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface com.ibm.cloud.sdk.core.security.Authenticator
authenticate
-
-
-
-
Method Detail
-
newBuilder
public VpcInstanceAuthenticator.Builder newBuilder()
Returns a new Builder instance pre-loaded with the configuration from "this".- Returns:
- the Builder instance
-
fromConfiguration
public static VpcInstanceAuthenticator fromConfiguration(java.util.Map<java.lang.String,java.lang.String> config)
Constructs a ContainerAuthenticator instance using properties contained in the specified Map.- Parameters:
config- a map containing the configuration properties- Returns:
- the ContainerAuthenticator instance
-
validate
public void validate()
Validates the configuration of the authenticator and throws an exception if validation fails.- Specified by:
validatein interfaceAuthenticator- Specified by:
validatein classTokenRequestBasedAuthenticator<IamToken,VpcTokenResponse>
-
authenticationType
public java.lang.String authenticationType()
Returns the authentication type associated with this Authenticator.- Specified by:
authenticationTypein interfaceAuthenticator- Specified by:
authenticationTypein classTokenRequestBasedAuthenticator<IamToken,VpcTokenResponse>- Returns:
- the authentication type ("vpc")
-
getIamProfileCrn
public java.lang.String getIamProfileCrn()
- Returns:
- the iamProfileCrn configured on this Authenticator.
-
getIamProfileId
public java.lang.String getIamProfileId()
- Returns:
- the iamProfileId configured on this Authenticator.
-
getURL
public java.lang.String getURL()
- Returns:
- the URL configured on this Authenticator.
-
requestToken
public IamToken requestToken()
Fetches an IAM access token using the authenticator's configuration.- Specified by:
requestTokenin classTokenRequestBasedAuthenticator<IamToken,VpcTokenResponse>- Returns:
- an IamToken instance that contains the access token
-
-