diff options
author | Morten Tokle <mortent@verizonmedia.com> | 2021-04-09 08:09:12 +0200 |
---|---|---|
committer | Morten Tokle <mortent@verizonmedia.com> | 2021-04-09 08:47:16 +0200 |
commit | b3e8953bc5a8396b76613d1b8dbcd504262658f8 (patch) | |
tree | a659eb3f6228cd3da645f0c87883866909417dfd /athenz-identity-provider-service/src/main/java | |
parent | 50ba6295c808cf9cbe0e0a02daa96fb0ed16105f (diff) |
Validate ips on register
Diffstat (limited to 'athenz-identity-provider-service/src/main/java')
-rw-r--r-- | athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/InstanceValidator.java | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/InstanceValidator.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/InstanceValidator.java index 3dcb5a13d6d..816da5d095d 100644 --- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/InstanceValidator.java +++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/InstanceValidator.java @@ -87,11 +87,15 @@ public class InstanceValidator { log.log(Level.FINE, () -> String.format("Validating instance %s.", providerUniqueId)); PublicKey publicKey = keyProvider.getPublicKey(signedIdentityDocument.signingKeyVersion()); - if (signer.hasValidSignature(signedIdentityDocument, publicKey)) { + if (! signer.hasValidSignature(signedIdentityDocument, publicKey)) { + log.log(Level.SEVERE, () -> String.format("Instance %s has invalid signature.", providerUniqueId)); + return false; + } + + if(validateAttributes(instanceConfirmation, providerUniqueId)) { log.log(Level.FINE, () -> String.format("Instance %s is valid.", providerUniqueId)); return true; } - log.log(Level.SEVERE, () -> String.format("Instance %s has invalid signature.", providerUniqueId)); return false; } |