Index

A C D E G H I J K L M O P R S T U V W
All Classes and Interfaces|All Packages|Constant Field Values

A

aclCount() - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

aclMutatorOrException() - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

acls(AclBindingFilter) - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

addAcl(Uuid, StandardAcl) - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

ALTER - Enum constant in enum io.strimzi.kafka.oauth.server.authorizer.ScopesSpec.AuthzScope

ALTER

ALTER_CONFIGS - Enum constant in enum io.strimzi.kafka.oauth.server.authorizer.ScopesSpec.AuthzScope

ALTER_CONFIGS or ALTERCONFIGS

authorize(AuthorizableRequestContext, List<Action>) - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

authorizeByResourceType(AuthorizableRequestContext, AclOperation, ResourceType) - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

AuthzConfig - Class in io.strimzi.kafka.oauth.server.authorizer

Configuration handling class used in KeycloakRBACAuthorizer

C

close() - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

CLUSTER - Enum constant in enum io.strimzi.kafka.oauth.server.authorizer.ResourceSpec.ResourceType

CLUSTER

CLUSTER_ACTION - Enum constant in enum io.strimzi.kafka.oauth.server.authorizer.ScopesSpec.AuthzScope

CLUSTER_ACTION or CLUSTERACTION

completeInitialLoad() - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

completeInitialLoad(Exception) - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

Configuration - Class in io.strimzi.kafka.oauth.server.authorizer

The classes used to parse and store Authorizer configuration.

configure(Map<String, ?>) - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

CREATE - Enum constant in enum io.strimzi.kafka.oauth.server.authorizer.ScopesSpec.AuthzScope

CREATE

createAcls(AuthorizableRequestContext, List<AclBinding>) - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

D

DELEGATION_TOKEN - Enum constant in enum io.strimzi.kafka.oauth.server.authorizer.ResourceSpec.ResourceType

DELEGATION_TOKEN

DELETE - Enum constant in enum io.strimzi.kafka.oauth.server.authorizer.ScopesSpec.AuthzScope

DELETE

deleteAcls(AuthorizableRequestContext, List<AclBindingFilter>) - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

DESCRIBE - Enum constant in enum io.strimzi.kafka.oauth.server.authorizer.ScopesSpec.AuthzScope

DESCRIBE

DESCRIBE_CONFIGS - Enum constant in enum io.strimzi.kafka.oauth.server.authorizer.ScopesSpec.AuthzScope

DESCRIBE_CONFIGS or DESCRIBECONFIGS

E

equals(Object) - Method in class io.strimzi.kafka.oauth.server.authorizer.Configuration

equals(Object) - Method in class io.strimzi.kafka.oauth.server.authorizer.UserSpec

errorKey(Throwable) - Method in class io.strimzi.kafka.oauth.server.authorizer.metrics.GrantsHttpSensorKeyProducer

Generate a SensorKey for metrics about failed HTTP requests

errorKey(Throwable) - Method in class io.strimzi.kafka.oauth.server.authorizer.metrics.KeycloakAuthorizationSensorKeyProducer

Generate a SensorKey for metrics about failed authorizations

G

getClusterName() - Method in class io.strimzi.kafka.oauth.server.authorizer.ResourceSpec

Get a 'kafka-cluster' value (not the same as Kafka Cluster resource type).

getName() - Method in class io.strimzi.kafka.oauth.server.authorizer.UserSpec

Get the name

getResourceName() - Method in class io.strimzi.kafka.oauth.server.authorizer.ResourceSpec

Get resource name

getResourceType() - Method in class io.strimzi.kafka.oauth.server.authorizer.ResourceSpec

Get a resource type

getType() - Method in class io.strimzi.kafka.oauth.server.authorizer.UserSpec

Get the type

GrantsHttpSensorKeyProducer - Class in io.strimzi.kafka.oauth.server.authorizer.metrics

A SensorKeyProducer used for token endpoint HTTP metrics for Keycloak grants requests performed by KeycloakRBACAuthorizer

GrantsHttpSensorKeyProducer(String, URI) - Constructor for class io.strimzi.kafka.oauth.server.authorizer.metrics.GrantsHttpSensorKeyProducer

Create a new instance

GROUP - Enum constant in enum io.strimzi.kafka.oauth.server.authorizer.ResourceSpec.ResourceType

GROUP

H

hashCode() - Method in class io.strimzi.kafka.oauth.server.authorizer.Configuration

hashCode() - Method in class io.strimzi.kafka.oauth.server.authorizer.UserSpec

I

IDEMPOTENT_WRITE - Enum constant in enum io.strimzi.kafka.oauth.server.authorizer.ScopesSpec.AuthzScope

IDEMPOTENT_WRITE or IDEMPOTENTWRITE

io.strimzi.kafka.oauth.server.authorizer - package io.strimzi.kafka.oauth.server.authorizer

io.strimzi.kafka.oauth.server.authorizer.metrics - package io.strimzi.kafka.oauth.server.authorizer.metrics

isClusterStartsWith() - Method in class io.strimzi.kafka.oauth.server.authorizer.ResourceSpec

See if 'kafka-cluster' specification uses an asterisk as in kafka-cluster:*,Topic:orders

isGranted(String) - Method in class io.strimzi.kafka.oauth.server.authorizer.ScopesSpec

See if the specific operation is granted based on the list of grants contained in this instance of ScopesSpec.

isResourceStartsWith() - Method in class io.strimzi.kafka.oauth.server.authorizer.ResourceSpec

See if a resource specification uses an asterisk as in Topic:orders_*

J

JwtKafkaPrincipalBuilder - Class in io.strimzi.kafka.oauth.server.authorizer

Deprecated.

Use OAuthKafkaPrincipalBuilder class instead.

JwtKafkaPrincipalBuilder() - Constructor for class io.strimzi.kafka.oauth.server.authorizer.JwtKafkaPrincipalBuilder

Deprecated.

K

KeycloakAuthorizationSensorKeyProducer - Class in io.strimzi.kafka.oauth.server.authorizer.metrics

A SensorKeyProducer used for authorization metrics

KeycloakAuthorizationSensorKeyProducer(String, URI) - Constructor for class io.strimzi.kafka.oauth.server.authorizer.metrics.KeycloakAuthorizationSensorKeyProducer

Create a new instance

KeycloakAuthorizer - Class in io.strimzi.kafka.oauth.server.authorizer

An authorizer using Keycloak Authorization Services that supports KRaft mode.

KeycloakAuthorizer() - Constructor for class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

KeycloakAuthorizerService - Class in io.strimzi.kafka.oauth.server.authorizer

A static holder for the KeycloakAuthorizerSingleton instance

KeycloakAuthorizerService() - Constructor for class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizerService

L

loadSnapshot(Map<Uuid, StandardAcl>) - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

M

match(String, String, String) - Method in class io.strimzi.kafka.oauth.server.authorizer.ResourceSpec

Match specific resource's cluster, type and name to this ResourceSpec If clusterName is set then cluster must match, otherwise cluster match is ignored.

O

of(String) - Static method in class io.strimzi.kafka.oauth.server.authorizer.ResourceSpec

A factory method to parse a ResourceSpec from a string

of(String) - Static method in enum io.strimzi.kafka.oauth.server.authorizer.ScopesSpec.AuthzScope

Get a AuthzScope enum value corresponding to the passed grant

of(String) - Static method in class io.strimzi.kafka.oauth.server.authorizer.UserSpec

Factory method to parse a UserSpec instance from a string

P

printLogs() - Method in class io.strimzi.kafka.oauth.server.authorizer.Configuration

When a new instance of the Configuration is created some configuration options may generate warnings.

R

READ - Enum constant in enum io.strimzi.kafka.oauth.server.authorizer.ScopesSpec.AuthzScope

READ

removeAcl(Uuid) - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

ResourceSpec - Class in io.strimzi.kafka.oauth.server.authorizer

ResourceSpec is used to parse a resource matching pattern and to perform matching to a specific resource.

ResourceSpec() - Constructor for class io.strimzi.kafka.oauth.server.authorizer.ResourceSpec

ResourceSpec.ResourceType - Enum in io.strimzi.kafka.oauth.server.authorizer

Kafka resource types

S

ScopesSpec - Class in io.strimzi.kafka.oauth.server.authorizer

This class represents parsed Keycloak Authorization Services grants as returned by the token endpoint

ScopesSpec.AuthzScope - Enum in io.strimzi.kafka.oauth.server.authorizer

Keycloak Authorization Services scope.

setAclMutator(AclMutator) - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

start(AuthorizerServerInfo) - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

STRIMZI_AUTHORIZATION_CLIENT_ID - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

Client id used by authorizer when requesting grants from Keycloak Authorization Services.

STRIMZI_AUTHORIZATION_CONNECT_TIMEOUT_SECONDS - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

Connect timeout for connections to the token endpoint in seconds.

STRIMZI_AUTHORIZATION_DELEGATE_TO_KAFKA_ACL - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

If true, the authorization decision is delegated to standard kafka ACL authorizer for non-oauth listeners and whenever the Keycloak Authorization Services grants don't result in ALLOWED permission.

STRIMZI_AUTHORIZATION_ENABLE_METRICS - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

Enable authorization specific metrics.

STRIMZI_AUTHORIZATION_GRANTS_GC_PERIOD_SECONDS - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

A period in seconds for a background service that removes no-longer-used grants information from grants cache.

STRIMZI_AUTHORIZATION_GRANTS_MAX_IDLE_TIME_SECONDS - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

The maximum time in seconds that a grant is kept in grants cache without being accessed.

STRIMZI_AUTHORIZATION_GRANTS_REFRESH_PERIOD_SECONDS - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

The time period in seconds for the background job to refresh the cached grants for active sessions.

STRIMZI_AUTHORIZATION_GRANTS_REFRESH_POOL_SIZE - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

The number of worker threads used by the background job that refreshes the grants.

STRIMZI_AUTHORIZATION_HTTP_RETRIES - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

A maximum number of retries to attempt if the request to Keycloak token endpoint fails in unexpected way (connection timeout, read timeout, unexpected HTTP status code, unexpected response body).

STRIMZI_AUTHORIZATION_INCLUDE_ACCEPT_HEADER - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

Disable sending the Accept header to the upstream server.

STRIMZI_AUTHORIZATION_KAFKA_CLUSTER_NAME - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

The cluster name used by this configuration which can be targeted in Keycloak Authorization Services by a resource name prefix 'cluster-name:$CLUSTER_NAME,'.

STRIMZI_AUTHORIZATION_READ_TIMEOUT_SECONDS - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

Read timeout for connections to the token endpoint in seconds.

STRIMZI_AUTHORIZATION_REUSE_GRANTS - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

Reuse cached grants for the same principal (user id) possibly fetched by another session using a different access token.

STRIMZI_AUTHORIZATION_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

Certificate checking method to use for HTTPS.

STRIMZI_AUTHORIZATION_SSL_SECURE_RANDOM_IMPLEMENTATION - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

Pseudo random number generator implementation to use for HTTPS.

STRIMZI_AUTHORIZATION_SSL_TRUSTSTORE_CERTIFICATES - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

Trusted certificates in PEM format as alternative way to provide certs

STRIMZI_AUTHORIZATION_SSL_TRUSTSTORE_LOCATION - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

Truststore file location

STRIMZI_AUTHORIZATION_SSL_TRUSTSTORE_PASSWORD - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

Truststore password

STRIMZI_AUTHORIZATION_SSL_TRUSTSTORE_TYPE - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

Truststore type

STRIMZI_AUTHORIZATION_TOKEN_ENDPOINT_URI - Static variable in class io.strimzi.kafka.oauth.server.authorizer.AuthzConfig

Keycloak token endpoint used to fetch grants for individual access token.

successKey() - Method in class io.strimzi.kafka.oauth.server.authorizer.metrics.GrantsHttpSensorKeyProducer

Generate a SensorKey for metrics about successful HTTP requests

successKey() - Method in class io.strimzi.kafka.oauth.server.authorizer.metrics.KeycloakAuthorizationSensorKeyProducer

Generate a SensorKey for metrics about successful authorizations

T

TOPIC - Enum constant in enum io.strimzi.kafka.oauth.server.authorizer.ResourceSpec.ResourceType

TOPIC

toString() - Method in class io.strimzi.kafka.oauth.server.authorizer.KeycloakAuthorizer

toString() - Method in class io.strimzi.kafka.oauth.server.authorizer.ResourceSpec

toString() - Method in class io.strimzi.kafka.oauth.server.authorizer.ScopesSpec

toString() - Method in class io.strimzi.kafka.oauth.server.authorizer.UserSpec

TRANSACTIONAL_ID - Enum constant in enum io.strimzi.kafka.oauth.server.authorizer.ResourceSpec.ResourceType

TRANSACTIONAL_ID

U

UserSpec - Class in io.strimzi.kafka.oauth.server.authorizer

A class used to hold parsed superusers specs

V

valueOf(String) - Static method in enum io.strimzi.kafka.oauth.server.authorizer.ResourceSpec.ResourceType

Returns the enum constant of this type with the specified name.

valueOf(String) - Static method in enum io.strimzi.kafka.oauth.server.authorizer.ScopesSpec.AuthzScope

Returns the enum constant of this type with the specified name.

values() - Static method in enum io.strimzi.kafka.oauth.server.authorizer.ResourceSpec.ResourceType

Returns an array containing the constants of this enum type, in the order they are declared.

values() - Static method in enum io.strimzi.kafka.oauth.server.authorizer.ScopesSpec.AuthzScope

Returns an array containing the constants of this enum type, in the order they are declared.

W

WRITE - Enum constant in enum io.strimzi.kafka.oauth.server.authorizer.ScopesSpec.AuthzScope

WRITE

A C D E G H I J K L M O P R S T U V W
All Classes and Interfaces|All Packages|Constant Field Values