Packages

class MemberAuthenticationService extends NamedLogging with FlagCloseable

The authentication service issues tokens to members after they have successfully completed the following challenge response protocol and after they have accepted the service agreement of the synchronizer. The tokens are required for connecting to the sequencer.

In order for a member to subscribe to the sequencer, it must follow a few steps for it to authenticate. Assuming the synchronizer already has knowledge of the member's public keys, the following steps are to be taken:

  1. member sends request to the synchronizer for authenticating
  2. synchronizer returns a nonce (a challenge random number)
  3. member takes the nonce, concatenates it with the identity of the synchronizer, signs it and sends it back
  4. synchronizer checks the signature against the key of the member. if it matches, create a token and return it
  5. member will use the token when subscribing to the sequencer
Linear Supertypes
FlagCloseable, PerformUnlessClosing, HasSynchronizeWithReaders, OnShutdownRunner, HasRunOnClosing, HasUnlessClosing, AutoCloseable, NamedLogging, AnyRef, Any
Known Subclasses
MemberAuthenticationServiceImpl
Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. MemberAuthenticationService
  2. FlagCloseable
  3. PerformUnlessClosing
  4. HasSynchronizeWithReaders
  5. OnShutdownRunner
  6. HasRunOnClosing
  7. HasUnlessClosing
  8. AutoCloseable
  9. NamedLogging
  10. AnyRef
  11. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. Protected

Instance Constructors

  1. new MemberAuthenticationService(synchronizerId: SynchronizerId, cryptoApi: SynchronizerCryptoClient, store: MemberAuthenticationStore, clock: Clock, nonceExpirationInterval: Duration, maxTokenExpirationInterval: Duration, useExponentialRandomTokenExpiration: Boolean, invalidateMemberCallback: (Traced[Member]) => Unit, isTopologyInitialized: FutureUnlessShutdown[Unit], timeouts: ProcessingTimeout, loggerFactory: NamedLoggerFactory)(implicit ec: ExecutionContext)

    invalidateMemberCallback

    Called when a member is explicitly deactivated on the synchronizer so all active subscriptions for this member should be terminated.

Value Members

  1. final def !=(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  2. final def ##: Int
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  4. def addReader(reader: String)(implicit traceContext: TraceContext): UnlessShutdown[ReaderHandle]

    TODO(#16601) Make this method private once PerformUnlessClosing doesn't need it any more

    TODO(#16601) Make this method private once PerformUnlessClosing doesn't need it any more

    Attributes
    protected[this]
    Definition Classes
    HasSynchronizeWithReaders
  5. final def asInstanceOf[T0]: T0
    Definition Classes
    Any
  6. def clone(): AnyRef
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.CloneNotSupportedException]) @IntrinsicCandidate() @native()
  7. final def close(): Unit

    Blocks until all earlier tasks have completed and then prevents further tasks from being run.

    Blocks until all earlier tasks have completed and then prevents further tasks from being run.

    Definition Classes
    FlagCloseableOnShutdownRunner → AutoCloseable
  8. def closingTimeout: FiniteDuration
    Attributes
    protected
    Definition Classes
    FlagCloseablePerformUnlessClosing
  9. final def eq(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  10. def equals(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef → Any
  11. implicit def errorLoggingContext(implicit traceContext: TraceContext): ErrorLoggingContext
    Attributes
    protected
    Definition Classes
    NamedLogging
  12. def generateNonce(member: Member)(implicit traceContext: TraceContext): EitherT[FutureUnlessShutdown, AuthenticationError, (Nonce, NonEmpty[Seq[Fingerprint]])]

    synchronizer generates nonce that he expects the participant to use to concatenate with the synchronizer's id and sign to proceed with the authentication (step 2).

    synchronizer generates nonce that he expects the participant to use to concatenate with the synchronizer's id and sign to proceed with the authentication (step 2). We expect to find a key with usage 'SequencerAuthentication' to sign these messages.

  13. final def getClass(): Class[_ <: AnyRef]
    Definition Classes
    AnyRef → Any
    Annotations
    @IntrinsicCandidate() @native()
  14. def hashCode(): Int
    Definition Classes
    AnyRef → Any
    Annotations
    @IntrinsicCandidate() @native()
  15. def invalidateAndExpire[T <: Member](isActiveCheck: (T) => FutureUnlessShutdown[Boolean])(memberId: T)(implicit traceContext: TraceContext): FutureUnlessShutdown[Unit]
    Attributes
    protected
  16. def invalidateMemberWithToken(token: AuthenticationToken)(implicit traceContext: TraceContext): FutureUnlessShutdown[Either[LogoutTokenDoesNotExist.type, Unit]]
  17. def isClosing: Boolean

    Check whether we're closing.

    Check whether we're closing. Susceptible to race conditions; unless you're using this as a flag to the retry lib or you really know what you're doing, prefer performUnlessClosing and friends.

    Definition Classes
    OnShutdownRunnerHasUnlessClosing
  18. final def isInstanceOf[T0]: Boolean
    Definition Classes
    Any
  19. def isMediatorActive(mediator: MediatorId)(implicit traceContext: TraceContext): FutureUnlessShutdown[Boolean]
    Attributes
    protected
  20. def isMemberActive(check: (TopologySnapshot) => FutureUnlessShutdown[Boolean])(implicit traceContext: TraceContext): FutureUnlessShutdown[Boolean]
    Attributes
    protected
  21. def isParticipantActive(participant: ParticipantId)(implicit traceContext: TraceContext): FutureUnlessShutdown[Boolean]
    Attributes
    protected
  22. def isSequencerActive(sequencer: SequencerId)(implicit traceContext: TraceContext): FutureUnlessShutdown[Boolean]
    Attributes
    protected
  23. def keepTrackOfReaderCallStack: Boolean

    Set this to true to get detailed information about all futures that did not complete during shutdown.

    Set this to true to get detailed information about all futures that did not complete during shutdown.

    Attributes
    protected[this]
    Definition Classes
    PerformUnlessClosingHasSynchronizeWithReaders
  24. def logger: TracedLogger
    Attributes
    protected
    Definition Classes
    NamedLogging
  25. val loggerFactory: NamedLoggerFactory
    Definition Classes
    MemberAuthenticationServiceNamedLogging
  26. def maxSleepMillis: Long

    How often to poll to check that all tasks have completed.

    How often to poll to check that all tasks have completed.

    Attributes
    protected
    Definition Classes
    PerformUnlessClosing
  27. def nameInternal: String
    Attributes
    protected[this]
    Definition Classes
    PerformUnlessClosingHasSynchronizeWithReaders
  28. implicit def namedLoggingContext(implicit traceContext: TraceContext): NamedLoggingContext
    Attributes
    protected
    Definition Classes
    NamedLogging
  29. final def ne(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  30. def noTracingLogger: Logger
    Attributes
    protected
    Definition Classes
    NamedLogging
  31. final def notify(): Unit
    Definition Classes
    AnyRef
    Annotations
    @IntrinsicCandidate() @native()
  32. final def notifyAll(): Unit
    Definition Classes
    AnyRef
    Annotations
    @IntrinsicCandidate() @native()
  33. def onCloseFailure(e: Throwable): Unit
    Attributes
    protected
    Definition Classes
    PerformUnlessClosing
  34. def onClosed(): Unit
    Attributes
    protected
    Definition Classes
    PerformUnlessClosing
  35. final def onFirstClose(): Unit

    Blocks until all earlier tasks have completed and then prevents further tasks from being run.

    Blocks until all earlier tasks have completed and then prevents further tasks from being run.

    Definition Classes
    PerformUnlessClosingOnShutdownRunner
    Annotations
    @SuppressWarnings()
  36. def performUnlessClosing[A](name: String)(f: => A)(implicit traceContext: TraceContext): UnlessShutdown[A]

    Performs the task given by f unless a shutdown has been initiated.

    Performs the task given by f unless a shutdown has been initiated. The shutdown will only begin after f completes, but other tasks may execute concurrently with f, if started using this function, or one of the other variants (performUnlessClosingF and performUnlessClosingEitherT). The tasks are assumed to take less than closingTimeout to complete.

    DO NOT CALL this.close as part of f, because it will result in a deadlock. DO NOT PUT retries, especially indefinite ones, inside f.

    f

    The task to perform

    returns

    scala.None$ if a shutdown has been initiated. Otherwise the result of the task.

    Definition Classes
    PerformUnlessClosing
  37. def performUnlessClosingCheckedT[A, N, R](name: String, onClosing: => Checked[A, N, R])(etf: => CheckedT[Future, A, N, R])(implicit ec: ExecutionContext, traceContext: TraceContext): CheckedT[Future, A, N, R]
    Definition Classes
    PerformUnlessClosing
  38. def performUnlessClosingCheckedUST[A, N, R](name: String, onClosing: => Checked[A, N, R])(etf: => CheckedT[FutureUnlessShutdown, A, N, R])(implicit ec: ExecutionContext, traceContext: TraceContext): CheckedT[FutureUnlessShutdown, A, N, R]
    Definition Classes
    PerformUnlessClosing
  39. def performUnlessClosingEitherT[E, R](name: String, onClosing: => E)(etf: => EitherT[Future, E, R])(implicit ec: ExecutionContext, traceContext: TraceContext): EitherT[Future, E, R]

    Performs the EitherT[Future] given by etf unless a shutdown has been initiated, in which case the provided error is returned instead.

    Performs the EitherT[Future] given by etf unless a shutdown has been initiated, in which case the provided error is returned instead. Both etf and the error are lazy; etf is only evaluated if there is no shutdown, the error only if we're shutting down. The shutdown will only begin after etf completes, but other tasks may execute concurrently with etf, if started using this function, or one of the other variants (performUnlessClosing and performUnlessClosingF). The tasks are assumed to take less than closingTimeout to complete.

    DO NOT CALL this.close as part of etf, because it will result in a deadlock. DO NOT PUT retries, especially indefinite ones, inside f.

    etf

    The task to perform

    Definition Classes
    PerformUnlessClosing
  40. def performUnlessClosingEitherU[E, R](name: String)(etf: => EitherT[Future, E, R])(implicit ec: ExecutionContext, traceContext: TraceContext): EitherT[FutureUnlessShutdown, E, R]
    Definition Classes
    PerformUnlessClosing
  41. def performUnlessClosingEitherUSF[E, R](name: String)(etf: => EitherT[FutureUnlessShutdown, E, R])(implicit ec: ExecutionContext, traceContext: TraceContext): EitherT[FutureUnlessShutdown, E, R]
    Definition Classes
    PerformUnlessClosing
  42. def performUnlessClosingEitherUSFAsync[E, R](name: String)(etf: => EitherT[FutureUnlessShutdown, E, R])(asyncResultToWaitForF: (R) => FutureUnlessShutdown[_])(implicit ec: ExecutionContext, traceContext: TraceContext): EitherT[FutureUnlessShutdown, E, R]

    Use this method if closing/shutdown of the object should wait for asynchronous computation to finish too.

    Use this method if closing/shutdown of the object should wait for asynchronous computation to finish too.

    etf

    closing of this object will wait for all such spawned Futures to finish

    asyncResultToWaitForF

    closing of this object will wait also wait for all such asynchronous Futures to finish too

    returns

    the future spawned by etf

    Definition Classes
    PerformUnlessClosing
  43. def performUnlessClosingF[A](name: String)(f: => Future[A])(implicit ec: ExecutionContext, traceContext: TraceContext): FutureUnlessShutdown[A]

    Performs the Future given by f unless a shutdown has been initiated.

    Performs the Future given by f unless a shutdown has been initiated. The future is lazy and not evaluated during shutdown. The shutdown will only begin after f completes, but other tasks may execute concurrently with f, if started using this function, or one of the other variants (performUnlessClosing and performUnlessClosingEitherT). The tasks are assumed to take less than closingTimeout to complete.

    DO NOT CALL this.close as part of f, because it will result in a deadlock. DO NOT PUT retries, especially indefinite ones, inside f.

    f

    The task to perform

    returns

    The future completes with com.digitalasset.canton.lifecycle.UnlessShutdown.AbortedDueToShutdown if a shutdown has been initiated. Otherwise the result of the task wrapped in com.digitalasset.canton.lifecycle.UnlessShutdown.Outcome.

    Definition Classes
    PerformUnlessClosing
  44. def performUnlessClosingOptionUSF[R](name: String)(otf: => OptionT[FutureUnlessShutdown, R])(implicit ec: ExecutionContext, traceContext: TraceContext): OptionT[FutureUnlessShutdown, R]
    Definition Classes
    PerformUnlessClosing
  45. def performUnlessClosingUSF[A](name: String)(f: => FutureUnlessShutdown[A])(implicit ec: ExecutionContext, traceContext: TraceContext): FutureUnlessShutdown[A]
    Definition Classes
    PerformUnlessClosing
  46. def performUnlessClosingUSFAsync[A](name: String)(f: => FutureUnlessShutdown[A])(asyncResultToWaitForF: (A) => FutureUnlessShutdown[_])(implicit ec: ExecutionContext, traceContext: TraceContext): FutureUnlessShutdown[A]

    Use this method if closing/shutdown of the object should wait for asynchronous computation to finish too.

    Use this method if closing/shutdown of the object should wait for asynchronous computation to finish too.

    f

    closing of this object will wait for all such spawned Futures to finish

    asyncResultToWaitForF

    closing of this object will wait also wait for all such asynchronous Futures to finish too

    returns

    the future spawned by f

    Definition Classes
    PerformUnlessClosing
  47. def remainingReaders(): Seq[String]
    Attributes
    protected[this]
    Definition Classes
    HasSynchronizeWithReaders
  48. def removeReader(handle: ReaderHandle): Unit

    TODO(#16601) Make this method private once PerformUnlessClosing doesn't need it any more

    TODO(#16601) Make this method private once PerformUnlessClosing doesn't need it any more

    Attributes
    protected[this]
    Definition Classes
    HasSynchronizeWithReaders
  49. def runOnClose(task: RunOnClosing): UnlessShutdown[LifeCycleRegistrationHandle]

    Schedules the given task to be run upon closing.

    Schedules the given task to be run upon closing.

    returns

    An com.digitalasset.canton.lifecycle.UnlessShutdown.Outcome indicates that the task will have been run when the LifeCycleManager's closeAsync method completes or when AutoCloseable's close method returns, unless the returned LifeCycleRegistrationHandle was used to cancel the task or the task has been done beforehand. com.digitalasset.canton.lifecycle.UnlessShutdown.AbortedDueToShutdown if the task is not run due to closing. This always happens if isClosing returns true.

    Definition Classes
    OnShutdownRunnerHasRunOnClosing
  50. def runOnOrAfterClose(task: RunOnClosing)(implicit traceContext: TraceContext): LifeCycleRegistrationHandle

    Register a task to run when closing is initiated, or run it immediately if closing is already ongoing.

    Register a task to run when closing is initiated, or run it immediately if closing is already ongoing. Unlike runOnClose, this method does not guarantee that this task will have run by the time the LifeCycleManager's closeAsync method completes or AutoCloseable's close returns. This is because the task is run immediately if the component has already been closed.

    Definition Classes
    HasRunOnClosing
  51. final def runOnOrAfterClose_(task: RunOnClosing)(implicit traceContext: TraceContext): Unit

    Variant of runOnOrAfterClose that does not return a com.digitalasset.canton.lifecycle.LifeCycleRegistrationHandle.

    Variant of runOnOrAfterClose that does not return a com.digitalasset.canton.lifecycle.LifeCycleRegistrationHandle.

    Definition Classes
    HasRunOnClosing
  52. def runTaskUnlessDone(task: RunOnClosing)(implicit traceContext: TraceContext): Unit
    Attributes
    protected[this]
    Definition Classes
    OnShutdownRunnerHasRunOnClosing
  53. def synchronizeWithClosingPatience: FiniteDuration
    Attributes
    protected[this]
    Definition Classes
    PerformUnlessClosingHasSynchronizeWithReaders
  54. def synchronizeWithReaders()(implicit traceContext: TraceContext): Boolean
    Attributes
    protected[this]
    Definition Classes
    HasSynchronizeWithReaders
  55. final def synchronized[T0](arg0: => T0): T0
    Definition Classes
    AnyRef
  56. val timeouts: ProcessingTimeout
    Definition Classes
    MemberAuthenticationServiceFlagCloseable
  57. def toString(): String
    Definition Classes
    AnyRef → Any
  58. final def unlessClosing[F[_], A](fa: => F[A])(implicit F: CanAbortDueToShutdown[F]): F[A]

    Runs the computation fa unless isClosing returns true.

    Runs the computation fa unless isClosing returns true.

    This method does not delay the closing while fa is running, unlike the methods in HasSynchronizeWithClosing. Accordingly, this method is useful for intermittent checks whether the result of the computation is still relevant.

    returns

    The result of fa or com.digitalasset.canton.lifecycle.UnlessShutdown.AbortedDueToShutdown if isClosing is true

    Definition Classes
    HasUnlessClosing
    Annotations
    @inline()
  59. def validateSignature(member: Member, signature: Signature, providedNonce: Nonce)(implicit traceContext: TraceContext): EitherT[FutureUnlessShutdown, AuthenticationError, AuthenticationTokenWithExpiry]

    synchronizer checks that the signature given by the member matches and returns a token if it does (step 4)

  60. def validateToken(intendedSynchronizerId: SynchronizerId, member: Member, token: AuthenticationToken): Either[AuthenticationError, StoredAuthenticationToken]

    synchronizer checks if the token given by the participant is the one previously assigned to it for authentication.

    synchronizer checks if the token given by the participant is the one previously assigned to it for authentication. The participant also provides the synchronizer id for which they think they are connecting to. If this id does not match this synchronizer's id, it means the participant was previously connected to a different synchronizer on the same address and now should be informed that this address now hosts a different synchronizer.

  61. final def wait(arg0: Long, arg1: Int): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])
  62. final def wait(arg0: Long): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException]) @native()
  63. final def wait(): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])
  64. def withReader[F[_], A](name: String)(f: => F[A])(implicit traceContext: TraceContext, F: Thereafter[F]): UnlessShutdown[F[A]]
    Attributes
    protected[this]
    Definition Classes
    HasSynchronizeWithReaders

Deprecated Value Members

  1. def finalize(): Unit
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.Throwable]) @Deprecated
    Deprecated

    (Since version 9)

Inherited from FlagCloseable

Inherited from PerformUnlessClosing

Inherited from HasSynchronizeWithReaders

Inherited from OnShutdownRunner

Inherited from HasRunOnClosing

Inherited from HasUnlessClosing

Inherited from AutoCloseable

Inherited from NamedLogging

Inherited from AnyRef

Inherited from Any

Ungrouped