Remove things that were moved to Credentials from TenantClaim and children

author: Jon Marius Venstad <jvenstad@yahoo-inc.com> 2019-03-21 11:48:12 +0100
committer: Jon Marius Venstad <jvenstad@yahoo-inc.com> 2019-03-21 12:08:59 +0100
commit: 28f88d339d58aa00ded654c19693364d940e44c5 (patch)
tree: 36d12df140fd8c327e93bfa64b1661cf38fcec91
parent: f42b2f8b2f4bae5501b29507e9b405e52c6b1a5c (diff)
8 files changed, 14 insertions, 34 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/AthenzAccessControlRequests.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/AthenzAccessControlRequests.java
index cb11140e38d..aceb3615f90 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/AthenzAccessControlRequests.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/AthenzAccessControlRequests.java
@@ -38,11 +38,9 @@ public class AthenzAccessControlRequests implements AccessControlRequests {
     @Override
     public TenantClaim getTenantClaim(TenantName tenant, Inspector requestObject) {
         return new AthenzTenantClaim(tenant,
-                                     new AthenzPrincipal(new AthenzUser("dummy")),
                                      optional("athensDomain", requestObject).map(AthenzDomain::new),
                                      optional("property", requestObject).map(Property::new),
-                                     optional("propertyId", requestObject).map(PropertyId::new),
-                                     new OktaAccessToken("token"));
+                                     optional("propertyId", requestObject).map(PropertyId::new));
     }
 
     @Override
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/AthenzTenantClaim.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/AthenzTenantClaim.java
index 46a3e51c2eb..fc216edc78b 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/AthenzTenantClaim.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/AthenzTenantClaim.java
@@ -20,14 +20,10 @@ public class AthenzTenantClaim extends TenantClaim {
 
     private final Optional<Property> property;
     private final Optional<PropertyId> propertyId;
-    private final Optional<AthenzDomain> domain;
-    private final OktaAccessToken token;
-
-    public AthenzTenantClaim(TenantName tenant, Principal user, Optional<AthenzDomain> domain,
-                             Optional<Property> property, Optional<PropertyId> propertyId, OktaAccessToken token) {
-        super(tenant, user);
-        this.domain = requireNonNull(domain);
-        this.token = requireNonNull(token);
+
+    public AthenzTenantClaim(TenantName tenant, Optional<AthenzDomain> domain,
+                             Optional<Property> property, Optional<PropertyId> propertyId) {
+        super(tenant);
         this.property = requireNonNull(property);
         this.propertyId = requireNonNull(propertyId);
     }
@@ -38,10 +34,4 @@ public class AthenzTenantClaim extends TenantClaim {
     /** The ID of the property of the tenant to create. */
     public Optional<PropertyId> propertyId() { return propertyId; }
 
-    /** The Athens domain of the concerned tenant. */
-    public Optional<AthenzDomain> domain() { return domain; }
-
-    /** The Okta issued token proving the user's access to Athenz. */
-    public OktaAccessToken token() { return token; }
-
 }
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControlRequests.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControlRequests.java
index 21d2e9b7171..c4cb5c5dc59 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControlRequests.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControlRequests.java
@@ -14,12 +14,13 @@ public class CloudAccessControlRequests implements AccessControlRequests {
 
     @Override
     public CloudTenantClaim getTenantClaim(TenantName tenant, Inspector requestObject) {
-        return new CloudTenantClaim(tenant, null, null);
+        // TODO extract marketplace token.
+        return new CloudTenantClaim(tenant, "token");
     }
 
     @Override
     public Credentials getCredentials(TenantName tenant, Inspector requestObject, HttpRequest request) {
-        // TODO Pick out token data and return a specialised credential thing?
+        // TODO Pick out JWT data and return a specialised credentials thing.
         return new Credentials(request.getUserPrincipal());
     }
 
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudTenantClaim.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudTenantClaim.java
index fd6bfaeb74d..acd26291c47 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudTenantClaim.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudTenantClaim.java
@@ -15,8 +15,8 @@ public class CloudTenantClaim extends TenantClaim {
 
     private final String registrationToken;
 
-    public CloudTenantClaim(TenantName tenant, Principal user, String registrationToken) {
-        super(tenant, user);
+    public CloudTenantClaim(TenantName tenant, String registrationToken) {
+        super(tenant);
         this.registrationToken = requireNonNull(registrationToken);
     }
 
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/TenantClaim.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/TenantClaim.java
index 2705ed52ac9..fb44dc5f4af 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/TenantClaim.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/TenantClaim.java
@@ -14,17 +14,12 @@ import static java.util.Objects.requireNonNull;
 public abstract class TenantClaim {
 
     private final TenantName tenant;
-    private final Principal user;
 
-    protected TenantClaim(TenantName tenant, Principal user) {
-        this.user = requireNonNull(user);
+    protected TenantClaim(TenantName tenant) {
         this.tenant = requireNonNull(tenant);
     }
 
     /** The tenant this claim concerns. */
     public TenantName tenant() { return tenant; }
 
-    /** The user making this claim. */
-    public Principal user() { return user; }
-
 }
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java
index 98d138fac5d..5bcd363feac 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java
@@ -267,11 +267,9 @@ public final class ControllerTester {
         AthenzUser user = new AthenzUser("user");
         AthenzDomain domain = createDomainWithAdmin(domainName, user);
         AthenzTenantClaim claim = new AthenzTenantClaim(name,
-                                                        new AthenzPrincipal(user),
                                                         Optional.of(domain),
                                                         Optional.of(new Property("Property" + propertyId)),
-                                                        Optional.ofNullable(propertyId).map(Object::toString).map(PropertyId::new),
-                                                        new OktaAccessToken("okta-token"));
+                                                        Optional.ofNullable(propertyId).map(Object::toString).map(PropertyId::new));
         AthenzCredentials credentials = new AthenzCredentials(new AthenzPrincipal(user), domain, new OktaAccessToken("okta-token"));
         controller().tenants().create(claim, credentials);
         if (contact.isPresent())
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerControllerTester.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerControllerTester.java
index 45ff9d46a4e..c19d6f66bed 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerControllerTester.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerControllerTester.java
@@ -79,11 +79,9 @@ public class ContainerControllerTester {
         AthenzPrincipal user = new AthenzPrincipal(new AthenzUser("user"));
         AthenzCredentials credentials = new AthenzCredentials(user, domain1, new OktaAccessToken("okta-token"));
         AthenzTenantClaim tenantClaim = new AthenzTenantClaim(TenantName.from(tenant),
-                                                              user,
                                                               Optional.of(domain1),
                                                               Optional.of(new Property("property1")),
-                                                              Optional.of(new PropertyId("1234")),
-                                                              new OktaAccessToken("okta-token"));
+                                                              Optional.of(new PropertyId("1234")));
         controller().tenants().create(tenantClaim, credentials);
 
         ApplicationId app = ApplicationId.from(tenant, application, "default");
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java
index 51e78ef96b3..3179e353f50 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java
@@ -93,7 +93,7 @@ public class ControllerContainerTest {
             "  <component id='com.yahoo.vespa.hosted.controller.integration.ApplicationStoreMock'/>\n" +
             "  <component id='com.yahoo.vespa.hosted.controller.api.integration.stubs.MockTesterCloud'/>\n" +
             "  <component id='com.yahoo.vespa.hosted.controller.api.integration.stubs.MockMailer'/>\n" +
-            "  <component id='com.yahoo.vespa.hosted.controller.security.AthenzClaims'/>\n" +
+            "  <component id='com.yahoo.vespa.hosted.controller.security.AthenzAccessControlRequests'/>\n" +
             "  <component id='com.yahoo.vespa.hosted.controller.athenz.impl.AthenzFacade'/>\n" +
             "  <handler id='com.yahoo.vespa.hosted.controller.restapi.application.ApplicationApiHandler'>\n" +
             "    <binding>http://*/application/v4/*</binding>\n" +
author	Jon Marius Venstad <jvenstad@yahoo-inc.com>	2019-03-21 11:48:12 +0100
committer	Jon Marius Venstad <jvenstad@yahoo-inc.com>	2019-03-21 12:08:59 +0100
commit	28f88d339d58aa00ded654c19693364d940e44c5 (patch)
tree	36d12df140fd8c327e93bfa64b1661cf38fcec91
parent	f42b2f8b2f4bae5501b29507e9b405e52c6b1a5c (diff)