diff options
author | Jon Marius Venstad <jvenstad@yahoo-inc.com> | 2019-03-21 11:48:12 +0100 |
---|---|---|
committer | Jon Marius Venstad <jvenstad@yahoo-inc.com> | 2019-03-21 12:08:59 +0100 |
commit | 28f88d339d58aa00ded654c19693364d940e44c5 (patch) | |
tree | 36d12df140fd8c327e93bfa64b1661cf38fcec91 | |
parent | f42b2f8b2f4bae5501b29507e9b405e52c6b1a5c (diff) |
Remove things that were moved to Credentials from TenantClaim and children
8 files changed, 14 insertions, 34 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/AthenzAccessControlRequests.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/AthenzAccessControlRequests.java index cb11140e38d..aceb3615f90 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/AthenzAccessControlRequests.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/AthenzAccessControlRequests.java @@ -38,11 +38,9 @@ public class AthenzAccessControlRequests implements AccessControlRequests { @Override public TenantClaim getTenantClaim(TenantName tenant, Inspector requestObject) { return new AthenzTenantClaim(tenant, - new AthenzPrincipal(new AthenzUser("dummy")), optional("athensDomain", requestObject).map(AthenzDomain::new), optional("property", requestObject).map(Property::new), - optional("propertyId", requestObject).map(PropertyId::new), - new OktaAccessToken("token")); + optional("propertyId", requestObject).map(PropertyId::new)); } @Override diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/AthenzTenantClaim.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/AthenzTenantClaim.java index 46a3e51c2eb..fc216edc78b 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/AthenzTenantClaim.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/AthenzTenantClaim.java @@ -20,14 +20,10 @@ public class AthenzTenantClaim extends TenantClaim { private final Optional<Property> property; private final Optional<PropertyId> propertyId; - private final Optional<AthenzDomain> domain; - private final OktaAccessToken token; - - public AthenzTenantClaim(TenantName tenant, Principal user, Optional<AthenzDomain> domain, - Optional<Property> property, Optional<PropertyId> propertyId, OktaAccessToken token) { - super(tenant, user); - this.domain = requireNonNull(domain); - this.token = requireNonNull(token); + + public AthenzTenantClaim(TenantName tenant, Optional<AthenzDomain> domain, + Optional<Property> property, Optional<PropertyId> propertyId) { + super(tenant); this.property = requireNonNull(property); this.propertyId = requireNonNull(propertyId); } @@ -38,10 +34,4 @@ public class AthenzTenantClaim extends TenantClaim { /** The ID of the property of the tenant to create. */ public Optional<PropertyId> propertyId() { return propertyId; } - /** The Athens domain of the concerned tenant. */ - public Optional<AthenzDomain> domain() { return domain; } - - /** The Okta issued token proving the user's access to Athenz. */ - public OktaAccessToken token() { return token; } - } diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControlRequests.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControlRequests.java index 21d2e9b7171..c4cb5c5dc59 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControlRequests.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControlRequests.java @@ -14,12 +14,13 @@ public class CloudAccessControlRequests implements AccessControlRequests { @Override public CloudTenantClaim getTenantClaim(TenantName tenant, Inspector requestObject) { - return new CloudTenantClaim(tenant, null, null); + // TODO extract marketplace token. + return new CloudTenantClaim(tenant, "token"); } @Override public Credentials getCredentials(TenantName tenant, Inspector requestObject, HttpRequest request) { - // TODO Pick out token data and return a specialised credential thing? + // TODO Pick out JWT data and return a specialised credentials thing. return new Credentials(request.getUserPrincipal()); } diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudTenantClaim.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudTenantClaim.java index fd6bfaeb74d..acd26291c47 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudTenantClaim.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudTenantClaim.java @@ -15,8 +15,8 @@ public class CloudTenantClaim extends TenantClaim { private final String registrationToken; - public CloudTenantClaim(TenantName tenant, Principal user, String registrationToken) { - super(tenant, user); + public CloudTenantClaim(TenantName tenant, String registrationToken) { + super(tenant); this.registrationToken = requireNonNull(registrationToken); } diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/TenantClaim.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/TenantClaim.java index 2705ed52ac9..fb44dc5f4af 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/TenantClaim.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/TenantClaim.java @@ -14,17 +14,12 @@ import static java.util.Objects.requireNonNull; public abstract class TenantClaim { private final TenantName tenant; - private final Principal user; - protected TenantClaim(TenantName tenant, Principal user) { - this.user = requireNonNull(user); + protected TenantClaim(TenantName tenant) { this.tenant = requireNonNull(tenant); } /** The tenant this claim concerns. */ public TenantName tenant() { return tenant; } - /** The user making this claim. */ - public Principal user() { return user; } - } diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java index 98d138fac5d..5bcd363feac 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java @@ -267,11 +267,9 @@ public final class ControllerTester { AthenzUser user = new AthenzUser("user"); AthenzDomain domain = createDomainWithAdmin(domainName, user); AthenzTenantClaim claim = new AthenzTenantClaim(name, - new AthenzPrincipal(user), Optional.of(domain), Optional.of(new Property("Property" + propertyId)), - Optional.ofNullable(propertyId).map(Object::toString).map(PropertyId::new), - new OktaAccessToken("okta-token")); + Optional.ofNullable(propertyId).map(Object::toString).map(PropertyId::new)); AthenzCredentials credentials = new AthenzCredentials(new AthenzPrincipal(user), domain, new OktaAccessToken("okta-token")); controller().tenants().create(claim, credentials); if (contact.isPresent()) diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerControllerTester.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerControllerTester.java index 45ff9d46a4e..c19d6f66bed 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerControllerTester.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerControllerTester.java @@ -79,11 +79,9 @@ public class ContainerControllerTester { AthenzPrincipal user = new AthenzPrincipal(new AthenzUser("user")); AthenzCredentials credentials = new AthenzCredentials(user, domain1, new OktaAccessToken("okta-token")); AthenzTenantClaim tenantClaim = new AthenzTenantClaim(TenantName.from(tenant), - user, Optional.of(domain1), Optional.of(new Property("property1")), - Optional.of(new PropertyId("1234")), - new OktaAccessToken("okta-token")); + Optional.of(new PropertyId("1234"))); controller().tenants().create(tenantClaim, credentials); ApplicationId app = ApplicationId.from(tenant, application, "default"); diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java index 51e78ef96b3..3179e353f50 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java @@ -93,7 +93,7 @@ public class ControllerContainerTest { " <component id='com.yahoo.vespa.hosted.controller.integration.ApplicationStoreMock'/>\n" + " <component id='com.yahoo.vespa.hosted.controller.api.integration.stubs.MockTesterCloud'/>\n" + " <component id='com.yahoo.vespa.hosted.controller.api.integration.stubs.MockMailer'/>\n" + - " <component id='com.yahoo.vespa.hosted.controller.security.AthenzClaims'/>\n" + + " <component id='com.yahoo.vespa.hosted.controller.security.AthenzAccessControlRequests'/>\n" + " <component id='com.yahoo.vespa.hosted.controller.athenz.impl.AthenzFacade'/>\n" + " <handler id='com.yahoo.vespa.hosted.controller.restapi.application.ApplicationApiHandler'>\n" + " <binding>http://*/application/v4/*</binding>\n" + |