Package org.apache.polaris.service.quarkus.auth.external.mapping

Interface PrincipalMapper

public interface PrincipalMapper

Maps the SecurityIdentity, as provided by the OIDC authentication mechanism, to a Polaris principal.

There are two ways to map the principal: by ID and by name. The ID is a long value that uniquely identifies the principal in Polaris, while the name is a string that represents the principal's unique name in Polaris.

At least one of these mappings must be provided, otherwise the authentication will fail. If both mappings are available, the ID mapping takes precedence.

Method Summary

Modifier and Type	Method	Description
OptionalLong	mapPrincipalId(io.quarkus.security.identity.SecurityIdentity identity)	Maps the SecurityIdentity to a Polaris principal.
Optional<String>	mapPrincipalName(io.quarkus.security.identity.SecurityIdentity identity)	Maps the SecurityIdentity to a Polaris principal name.

Method Details

mapPrincipalId

OptionalLong mapPrincipalId(io.quarkus.security.identity.SecurityIdentity identity)

Maps the SecurityIdentity to a Polaris principal.

Parameters:

identity - the SecurityIdentity of the user

Returns:

the Polaris principal, or an empty optional if no mapping is available

mapPrincipalName

Optional<String> mapPrincipalName(io.quarkus.security.identity.SecurityIdentity identity)

Maps the SecurityIdentity to a Polaris principal name.

Parameters:

identity - the SecurityIdentity of the user

Returns:

the Polaris principal name, or an empty optional if no mapping is available