Package io.quarkus.vertx.http.runtime.security

Class MtlsAuthenticationMechanism

java.lang.Object
io.quarkus.vertx.http.runtime.security.MtlsAuthenticationMechanism
All Implemented Interfaces:
HttpAuthenticationMechanism
public class MtlsAuthenticationMechanism extends Object implements HttpAuthenticationMechanism
The authentication handler responsible for mTLS client authentication

  • Field Details

    • INCLUSIVE_AUTHENTICATION_PRIORITY

      public static final int INCLUSIVE_AUTHENTICATION_PRIORITY
      See Also:

  • Constructor Details

    • MtlsAuthenticationMechanism

      MtlsAuthenticationMechanism(boolean inclusiveAuthentication)

  • Method Details

    • authenticate

      public io.smallrye.mutiny.Uni<io.quarkus.security.identity.SecurityIdentity> authenticate(io.vertx.ext.web.RoutingContext context, io.quarkus.security.identity.IdentityProviderManager identityProviderManager)
      Specified by:
      authenticate in interface HttpAuthenticationMechanism

    • getChallenge

      public io.smallrye.mutiny.Uni<ChallengeData> getChallenge(io.vertx.ext.web.RoutingContext context)
      Specified by:
      getChallenge in interface HttpAuthenticationMechanism

    • getCredentialTypes

      public Set<Class<? extends io.quarkus.security.identity.request.AuthenticationRequest>> getCredentialTypes()
      Description copied from interface: HttpAuthenticationMechanism
      If this mechanism delegates authentication to the IdentityProviderManager using the IdentityProviderManager.authenticate(AuthenticationRequest) call, then the mechanism must provide supported AuthenticationRequest request types. It allows Quarkus to validate that one or more IdentityProvider providers with matching supported IdentityProvider.getRequestType() request types exist and fail otherwise.
      Specified by:
      getCredentialTypes in interface HttpAuthenticationMechanism
      Returns:
      required credential types

    • getCredentialTransport

      public io.smallrye.mutiny.Uni<HttpCredentialTransport> getCredentialTransport(io.vertx.ext.web.RoutingContext context)
      Description copied from interface: HttpAuthenticationMechanism
      The credential transport, used for finding the best candidate for authenticating and challenging when more than one mechanism is installed. May be null if this mechanism cannot interfere with other mechanisms
      Specified by:
      getCredentialTransport in interface HttpAuthenticationMechanism

    • getPriority

      public int getPriority()
      Description copied from interface: HttpAuthenticationMechanism
      Returns a priority which determines in which order HttpAuthenticationMechanisms handle the authentication and challenge requests when it is not possible to select the best candidate authentication mechanism based on the request credentials or path specific configuration. Multiple mechanisms are sorted in descending order, so the highest priority gets the first chance to send a challenge. The default priority is equal to 1000.
      Specified by:
      getPriority in interface HttpAuthenticationMechanism
      Returns:
      priority

    • setCertificateToRolesMapper

      void setCertificateToRolesMapper(Function<X509Certificate,Set<String>> certificateToRoles)