in server/src/main/java/org/apache/cassandra/sidecar/acl/authentication/JwtRoleProcessorImpl.java [44:68]
public List<String> processRoles(JsonObject decodedToken)
{
String identity;
if ((identity = decodedToken.getString(IDENTITY_KEY)) != null || (identity = decodedToken.getString(SUB_KEY)) != null)
{
String role = identityToRoleCache.get(identity);
return role != null ? List.of(role) : List.of();
}
JsonArray identityKeyArray = decodedToken.getJsonArray(IDENTITIES_KEY);
List<String> roles = new ArrayList<>();
if (identityKeyArray != null)
{
// noinspection unchecked
for (String i : (List<String>) identityKeyArray.getList())
{
String roleFromIdentity = identityToRoleCache.get(i);
if (roleFromIdentity != null)
{
roles.add(roleFromIdentity);
}
}
}
return List.copyOf(roles);
}