Remove 'dnsSuffix' and 'ztsEndpoint' from identity document

author: Bjørn Christian Seime <bjorncs@oath.com> 2018-07-26 14:54:59 +0200
committer: Bjørn Christian Seime <bjorncs@oath.com> 2018-07-26 14:54:59 +0200
commit: 89ed03becd84005a538005f84f7a1aded2c5711f (patch)
tree: c51105052fd53ce78ec5f64db2a4d2ccc0eb2c8a
parent: 03408498730ce0461804022f96c3a91087db8db9 (diff)
6 files changed, 3 insertions, 41 deletions
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGenerator.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGenerator.java
index 2c57db7f9b0..950d2df9532 100644
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGenerator.java
+++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGenerator.java
@@ -16,7 +16,6 @@ import com.yahoo.vespa.hosted.provision.Node;
 import com.yahoo.vespa.hosted.provision.NodeRepository;
 import com.yahoo.vespa.hosted.provision.node.Allocation;
 
-import java.net.URI;
 import java.security.PrivateKey;
 import java.time.Instant;
 import java.util.HashSet;
@@ -76,9 +75,7 @@ public class IdentityDocumentGenerator {
                     signature,
                     SignedIdentityDocument.DEFAULT_KEY_VERSION,
                     providerUniqueId,
-                    toZoneDnsSuffix(zone, zoneConfig.certDnsSuffix()),
                     providerService,
-                    URI.create(zoneConfig.ztsUrl()),
                     SignedIdentityDocument.DEFAULT_DOCUMENT_VERSION,
                     configServerHostname,
                     node.hostname(),
diff --git a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGeneratorTest.java b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGeneratorTest.java
index a1839ec62a2..48e85f6047e 100644
--- a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGeneratorTest.java
+++ b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGeneratorTest.java
@@ -87,8 +87,6 @@ public class IdentityDocumentGeneratorTest {
 
         String environment = "dev";
         String region = "us-north-1";
-        String expectedZoneDnsSuffix = environment + "-" + region + "." + dnsSuffix;
-        assertEquals(expectedZoneDnsSuffix, signedIdentityDocument.dnsSuffix());
 
         VespaUniqueInstanceId expectedProviderUniqueId =
                 new VespaUniqueInstanceId(0, "default", "default", "application", "tenant", region, environment, IdentityType.TENANT);
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/EntityBindingsMapper.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/EntityBindingsMapper.java
index 86bad03b407..a01bbe2fae1 100644
--- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/EntityBindingsMapper.java
+++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/EntityBindingsMapper.java
@@ -37,9 +37,7 @@ public class EntityBindingsMapper {
                 entity.signature,
                 entity.signingKeyVersion,
                 fromDottedString(entity.providerUniqueId),
-                entity.dnsSuffix,
                 new AthenzService(entity.providerService),
-                entity.ztsEndpoint,
                 entity.documentVersion,
                 entity.configServerHostname,
                 entity.instanceHostname,
@@ -53,9 +51,7 @@ public class EntityBindingsMapper {
                 model.signature(),
                 model.signingKeyVersion(),
                 model.providerUniqueId().asDottedString(),
-                model.dnsSuffix(),
                 model.providerService().getFullName(),
-                model.ztsEndpoint(),
                 model.documentVersion(),
                 model.configServerHostname(),
                 model.instanceHostname(),
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/SignedIdentityDocument.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/SignedIdentityDocument.java
index bf36113d523..dc5dae9d516 100644
--- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/SignedIdentityDocument.java
+++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/SignedIdentityDocument.java
@@ -3,7 +3,6 @@ package com.yahoo.vespa.athenz.identityprovider.api;
 
 import com.yahoo.vespa.athenz.api.AthenzService;
 
-import java.net.URI;
 import java.time.Instant;
 import java.util.Set;
 
@@ -19,9 +18,7 @@ public class SignedIdentityDocument {
     private final String signature;
     private final int signingKeyVersion;
     private final VespaUniqueInstanceId providerUniqueId;
-    private final String dnsSuffix;
     private final AthenzService providerService;
-    private final URI ztsEndpoint;
     private final int documentVersion;
     private final String configServerHostname;
     private final String instanceHostname;
@@ -32,9 +29,7 @@ public class SignedIdentityDocument {
     public SignedIdentityDocument(String signature,
                                   int signingKeyVersion,
                                   VespaUniqueInstanceId providerUniqueId,
-                                  String dnsSuffix,
                                   AthenzService providerService,
-                                  URI ztsEndpoint,
                                   int documentVersion,
                                   String configServerHostname,
                                   String instanceHostname,
@@ -44,9 +39,7 @@ public class SignedIdentityDocument {
         this.signature = signature;
         this.signingKeyVersion = signingKeyVersion;
         this.providerUniqueId = providerUniqueId;
-        this.dnsSuffix = dnsSuffix;
         this.providerService = providerService;
-        this.ztsEndpoint = ztsEndpoint;
         this.documentVersion = documentVersion;
         this.configServerHostname = configServerHostname;
         this.instanceHostname = instanceHostname;
@@ -67,20 +60,10 @@ public class SignedIdentityDocument {
         return providerUniqueId;
     }
 
-    @Deprecated
-    public String dnsSuffix() {
-        return dnsSuffix;
-    }
-
     public AthenzService providerService() {
         return providerService;
     }
 
-    @Deprecated
-    public URI ztsEndpoint() {
-        return ztsEndpoint;
-    }
-
     public int documentVersion() {
         return documentVersion;
     }
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/bindings/SignedIdentityDocumentEntity.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/bindings/SignedIdentityDocumentEntity.java
index e43849d7b21..52d33f79c1d 100644
--- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/bindings/SignedIdentityDocumentEntity.java
+++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/bindings/SignedIdentityDocumentEntity.java
@@ -5,7 +5,6 @@ import com.fasterxml.jackson.annotation.JsonCreator;
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 import com.fasterxml.jackson.annotation.JsonProperty;
 
-import java.net.URI;
 import java.time.Instant;
 import java.util.Objects;
 import java.util.Set;
@@ -19,9 +18,7 @@ public class SignedIdentityDocumentEntity {
     @JsonProperty("signature") public final String signature;
     @JsonProperty("signing-key-version") public final int signingKeyVersion;
     @JsonProperty("provider-unique-id") public final String providerUniqueId; // String representation
-    @JsonProperty("dns-suffix") public final String dnsSuffix;
     @JsonProperty("provider-service") public final String providerService;
-    @JsonProperty("zts-endpoint") public final URI ztsEndpoint;
     @JsonProperty("document-version") public final int documentVersion;
     @JsonProperty("configserver-hostname") public final String configServerHostname;
     @JsonProperty("instance-hostname") public final String instanceHostname;
@@ -33,9 +30,7 @@ public class SignedIdentityDocumentEntity {
     public SignedIdentityDocumentEntity(@JsonProperty("signature") String signature,
                                         @JsonProperty("signing-key-version") int signingKeyVersion,
                                         @JsonProperty("provider-unique-id") String providerUniqueId,
-                                        @JsonProperty("dns-suffix") String dnsSuffix,
                                         @JsonProperty("provider-service") String providerService,
-                                        @JsonProperty("zts-endpoint") URI ztsEndpoint,
                                         @JsonProperty("document-version") int documentVersion,
                                         @JsonProperty("configserver-hostname") String configServerHostname,
                                         @JsonProperty("instance-hostname") String instanceHostname,
@@ -45,9 +40,7 @@ public class SignedIdentityDocumentEntity {
         this.signature = signature;
         this.signingKeyVersion = signingKeyVersion;
         this.providerUniqueId = providerUniqueId;
-        this.dnsSuffix = dnsSuffix;
         this.providerService = providerService;
-        this.ztsEndpoint = ztsEndpoint;
         this.documentVersion = documentVersion;
         this.configServerHostname = configServerHostname;
         this.instanceHostname = instanceHostname;
@@ -62,9 +55,7 @@ public class SignedIdentityDocumentEntity {
                 ", signature='" + signature + '\'' +
                 ", signingKeyVersion=" + signingKeyVersion +
                 ", providerUniqueId='" + providerUniqueId + '\'' +
-                ", dnsSuffix='" + dnsSuffix + '\'' +
                 ", providerService='" + providerService + '\'' +
-                ", ztsEndpoint=" + ztsEndpoint +
                 ", documentVersion=" + documentVersion +
                 ", configServerHostname='" + configServerHostname + '\'' +
                 ", instanceHostname='" + instanceHostname + '\'' +
@@ -83,9 +74,7 @@ public class SignedIdentityDocumentEntity {
                 documentVersion == that.documentVersion &&
                 Objects.equals(signature, that.signature) &&
                 Objects.equals(providerUniqueId, that.providerUniqueId) &&
-                Objects.equals(dnsSuffix, that.dnsSuffix) &&
                 Objects.equals(providerService, that.providerService) &&
-                Objects.equals(ztsEndpoint, that.ztsEndpoint) &&
                 Objects.equals(configServerHostname, that.configServerHostname) &&
                 Objects.equals(instanceHostname, that.instanceHostname) &&
                 Objects.equals(createdAt, that.createdAt) &&
@@ -95,6 +84,6 @@ public class SignedIdentityDocumentEntity {
 
     @Override
     public int hashCode() {
-        return Objects.hash(signature, signingKeyVersion, providerUniqueId, dnsSuffix, providerService, ztsEndpoint, documentVersion, configServerHostname, instanceHostname, createdAt, ipAddresses, identityType);
+        return Objects.hash(signature, signingKeyVersion, providerUniqueId, providerService, documentVersion, configServerHostname, instanceHostname, createdAt, ipAddresses, identityType);
     }
 }
diff --git a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/IdentityDocumentSignerTest.java b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/IdentityDocumentSignerTest.java
index efee6907a42..38483bdbaee 100644
--- a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/IdentityDocumentSignerTest.java
+++ b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/IdentityDocumentSignerTest.java
@@ -9,7 +9,6 @@ import com.yahoo.vespa.athenz.tls.KeyAlgorithm;
 import com.yahoo.vespa.athenz.tls.KeyUtils;
 import org.junit.Test;
 
-import java.net.URI;
 import java.security.KeyPair;
 import java.time.Instant;
 import java.util.Arrays;
@@ -18,7 +17,7 @@ import java.util.HashSet;
 import static com.yahoo.vespa.athenz.identityprovider.api.IdentityType.TENANT;
 import static com.yahoo.vespa.athenz.identityprovider.api.SignedIdentityDocument.DEFAULT_DOCUMENT_VERSION;
 import static com.yahoo.vespa.athenz.identityprovider.api.SignedIdentityDocument.DEFAULT_KEY_VERSION;
-import static org.junit.Assert.*;
+import static org.junit.Assert.assertTrue;
 
 /**
  * @author bjorncs
@@ -41,7 +40,7 @@ public class IdentityDocumentSignerTest {
                 signer.generateSignature(id, providerService, configserverHostname, instanceHostname, createdAt, ipAddresses, identityType, keyPair.getPrivate());
 
         SignedIdentityDocument signedIdentityDocument = new SignedIdentityDocument(
-                signature, DEFAULT_KEY_VERSION, id, "dns-suffix", providerService, URI.create("https://zts"),
+                signature, DEFAULT_KEY_VERSION, id, providerService,
                 DEFAULT_DOCUMENT_VERSION, configserverHostname, instanceHostname, createdAt, ipAddresses, identityType);
 
         assertTrue(signer.hasValidSignature(signedIdentityDocument, keyPair.getPublic()));
author	Bjørn Christian Seime <bjorncs@oath.com>	2018-07-26 14:54:59 +0200
committer	Bjørn Christian Seime <bjorncs@oath.com>	2018-07-26 14:54:59 +0200
commit	89ed03becd84005a538005f84f7a1aded2c5711f (patch)
tree	c51105052fd53ce78ec5f64db2a4d2ccc0eb2c8a
parent	03408498730ce0461804022f96c3a91087db8db9 (diff)