diff options
author | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2023-06-16 10:36:14 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2023-06-16 10:36:14 +0200 |
commit | eec7644398330a189c9ec87f1935f9183b1ca17b (patch) | |
tree | cb77d0ce7b4eefffcdc6a3169a7693aaf4823954 | |
parent | 4611c4e3ab75f2a3cd291495fc8f0d4f32425807 (diff) |
Simplify token domain definition
2 files changed, 3 insertions, 16 deletions
diff --git a/config-model/src/main/java/com/yahoo/vespa/model/container/xml/CloudDataPlaneFilter.java b/config-model/src/main/java/com/yahoo/vespa/model/container/xml/CloudDataPlaneFilter.java index 548e05014d0..2217b58c508 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/container/xml/CloudDataPlaneFilter.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/container/xml/CloudDataPlaneFilter.java @@ -9,7 +9,6 @@ import com.yahoo.config.provision.DataplaneToken; import com.yahoo.container.bundle.BundleInstantiationSpecification; import com.yahoo.jdisc.http.filter.security.cloud.config.CloudDataPlaneFilterConfig; import com.yahoo.security.X509CertificateUtils; -import com.yahoo.security.token.TokenDomain; import com.yahoo.vespa.model.container.ApplicationContainerCluster; import com.yahoo.vespa.model.container.http.Client; import com.yahoo.vespa.model.container.http.Filter; @@ -17,10 +16,6 @@ import com.yahoo.vespa.model.container.http.Filter; import java.util.Collection; import java.util.List; -import static com.yahoo.security.ArrayUtils.concat; -import static com.yahoo.security.ArrayUtils.fromUtf8Bytes; -import static java.nio.charset.StandardCharsets.UTF_8; - class CloudDataPlaneFilter extends Filter implements CloudDataPlaneFilterConfig.Producer { private static final String CLASS = "com.yahoo.jdisc.http.filter.security.cloud.CloudDataPlaneFilter"; @@ -35,9 +30,8 @@ class CloudDataPlaneFilter extends Filter implements CloudDataPlaneFilterConfig. this.clients = List.copyOf(cluster.getClients()); this.clientsLegacyMode = cluster.clientsLegacyMode(); // Token domain must be identical to the domain used for generating the tokens - this.tokenContext = fromUtf8Bytes(TokenDomain.of(fromUtf8Bytes(concat( - "Vespa Cloud tenant data plane:".getBytes(UTF_8), - state.getProperties().applicationId().tenant().value().getBytes(UTF_8)))).checkHashContext()); + this.tokenContext = "Vespa Cloud tenant data plane:%s" + .formatted(state.getProperties().applicationId().tenant().value()); } private static ChainedComponentModel model() { diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/dataplanetoken/DataplaneTokenService.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/dataplanetoken/DataplaneTokenService.java index e517a0a2729..b3e5f663317 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/dataplanetoken/DataplaneTokenService.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/dataplanetoken/DataplaneTokenService.java @@ -20,10 +20,6 @@ import java.util.Objects; import java.util.Optional; import java.util.stream.Stream; -import static com.yahoo.security.ArrayUtils.concat; -import static com.yahoo.security.ArrayUtils.fromUtf8Bytes; -import static java.nio.charset.StandardCharsets.UTF_8; - /** * Service to list, generate and delete data plane tokens * @@ -59,10 +55,7 @@ public class DataplaneTokenService { * @return a DataplaneToken containing the secret generated token */ public DataplaneToken generateToken(TenantName tenantName, TokenId tokenId, Principal principal) { - TokenDomain tokenDomain = TokenDomain.of( - fromUtf8Bytes( - concat("Vespa Cloud tenant data plane:".getBytes(UTF_8), - tenantName.value().getBytes(UTF_8)))); + TokenDomain tokenDomain = TokenDomain.of("Vespa Cloud tenant data plane:%s".formatted(tenantName.value())); Token token = TokenGenerator.generateToken(tokenDomain, TOKEN_PREFIX, TOKEN_BYTES); TokenCheckHash checkHash = TokenCheckHash.of(token, CHECK_HASH_BYTES); DataplaneTokenVersions.Version newTokenVersion = new DataplaneTokenVersions.Version( |