Move identity document api types to vespa-athenz

author: Bjørn Christian Seime <bjorncs@oath.com> 2018-04-19 15:44:41 +0200
committer: Bjørn Christian Seime <bjorncs@oath.com> 2018-04-19 15:44:41 +0200
commit: a17b034ae224f67c8b47a6a70b34078b41efdd4a (patch)
tree: a6fc21e291caf47a579ba1d93835d796c99dbf6b /athenz-identity-provider-service
parent: 28a3c13c3dfcf93d05ace3dca4ddc5ce4cba6a35 (diff)
9 files changed, 27 insertions, 246 deletions
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocument.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocument.java
deleted file mode 100644
index bae8f6f03b6..00000000000
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocument.java
+++ /dev/null
@@ -1,59 +0,0 @@
-// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
-package com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument;
-
-import com.fasterxml.jackson.annotation.JsonProperty;
-
-import java.time.Instant;
-import java.util.Objects;
-
-/**
- * @author bjorncs
- */
-public class IdentityDocument {
-
-    @JsonProperty("provider-unique-id")
-    public final ProviderUniqueId providerUniqueId;
-    @JsonProperty("configserver-hostname")
-    public final String configServerHostname;
-    @JsonProperty("instance-hostname")
-    public final String instanceHostname;
-    @JsonProperty("created-at")
-    public final Instant createdAt;
-
-    public IdentityDocument(
-                            @JsonProperty("provider-unique-id") ProviderUniqueId providerUniqueId,
-                            @JsonProperty("configserver-hostname") String configServerHostname,
-                            @JsonProperty("instance-hostname") String instanceHostname,
-                            @JsonProperty("created-at") Instant createdAt) {
-        this.providerUniqueId = providerUniqueId;
-        this.configServerHostname = configServerHostname;
-        this.instanceHostname = instanceHostname;
-        this.createdAt = createdAt;
-    }
-
-    @Override
-    public String toString() {
-        return "IdentityDocument{" +
-                "providerUniqueId=" + providerUniqueId +
-                ", configServerHostname='" + configServerHostname + '\'' +
-                ", instanceHostname='" + instanceHostname + '\'' +
-                ", createdAt=" + createdAt +
-                '}';
-    }
-
-    @Override
-    public boolean equals(Object o) {
-        if (this == o) return true;
-        if (o == null || getClass() != o.getClass()) return false;
-        IdentityDocument that = (IdentityDocument) o;
-        return  Objects.equals(providerUniqueId, that.providerUniqueId) &&
-                Objects.equals(configServerHostname, that.configServerHostname) &&
-                Objects.equals(instanceHostname, that.instanceHostname) &&
-                Objects.equals(createdAt, that.createdAt);
-    }
-
-    @Override
-    public int hashCode() {
-        return Objects.hash(providerUniqueId, configServerHostname, instanceHostname, createdAt);
-    }
-}
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGenerator.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGenerator.java
index f2dc7d13818..2e4ecf475bc 100644
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGenerator.java
+++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGenerator.java
@@ -4,6 +4,9 @@ package com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument;
 import com.google.inject.Inject;
 import com.yahoo.config.provision.Zone;
 import com.yahoo.net.HostName;
+import com.yahoo.vespa.athenz.identityprovider.api.bindings.IdentityDocument;
+import com.yahoo.vespa.athenz.identityprovider.api.bindings.ProviderUniqueId;
+import com.yahoo.vespa.athenz.identityprovider.api.bindings.SignedIdentityDocument;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.KeyProvider;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.config.AthenzProviderServiceConfig;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.Utils;
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentResource.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentResource.java
index 943da5cdcb4..24efde665aa 100644
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentResource.java
+++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentResource.java
@@ -5,6 +5,8 @@ import com.google.inject.Inject;
 import com.yahoo.container.jaxrs.annotation.Component;
 import com.yahoo.jdisc.http.servlet.ServletRequest;
 import com.yahoo.log.LogLevel;
+import com.yahoo.vespa.athenz.identityprovider.api.bindings.IdentityDocumentApi;
+import com.yahoo.vespa.athenz.identityprovider.api.bindings.SignedIdentityDocument;
 import com.yahoo.vespa.hosted.provision.restapi.v2.filter.NodePrincipal;
 
 import javax.servlet.http.HttpServletRequest;
@@ -12,7 +14,6 @@ import javax.ws.rs.BadRequestException;
 import javax.ws.rs.ForbiddenException;
 import javax.ws.rs.GET;
 import javax.ws.rs.InternalServerErrorException;
-import javax.ws.rs.NotAuthorizedException;
 import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
@@ -25,27 +26,29 @@ import java.util.logging.Logger;
  * @author bjorncs
  */
 @Path("/identity-document")
-public class IdentityDocumentResource {
+public class IdentityDocumentResource implements IdentityDocumentApi {
 
     private static final Logger log = Logger.getLogger(IdentityDocumentResource.class.getName());
 
     private final IdentityDocumentGenerator identityDocumentGenerator;
+    private final HttpServletRequest request;
 
     @Inject
-    public IdentityDocumentResource(@Component IdentityDocumentGenerator identityDocumentGenerator) {
+    public IdentityDocumentResource(@Component IdentityDocumentGenerator identityDocumentGenerator,
+                                    @Context HttpServletRequest request) {
         this.identityDocumentGenerator = identityDocumentGenerator;
+        this.request = request;
     }
 
     /**
-     * @deprecated Use {@link #getNodeIdentityDocument(String, HttpServletRequest)}
-     *             and {@link #getTenantIdentityDocument(String, HttpServletRequest)} instead.
+     * @deprecated Use {@link #getNodeIdentityDocument(String)} and {@link #getTenantIdentityDocument(String)} instead.
      */
     @GET
     @Produces(MediaType.APPLICATION_JSON)
     @Deprecated
+    @Override
     // TODO Make this method private when the rest api is not longer in use
-    public SignedIdentityDocument getIdentityDocument(@QueryParam("hostname") String hostname,
-                                                      @Context HttpServletRequest request) {
+    public SignedIdentityDocument getIdentityDocument(@QueryParam("hostname") String hostname) {
         if (hostname == null) {
             throw new BadRequestException("The 'hostname' query parameter is missing");
         }
@@ -74,18 +77,17 @@ public class IdentityDocumentResource {
     @GET
     @Produces(MediaType.APPLICATION_JSON)
     @Path("/node/{host}")
-    public SignedIdentityDocument getNodeIdentityDocument(@PathParam("host") String host,
-                                                          @Context HttpServletRequest request) {
-        return getIdentityDocument(host, request);
+    @Override
+    public SignedIdentityDocument getNodeIdentityDocument(@PathParam("host") String host) {
+        return getIdentityDocument(host);
     }
 
-
     @GET
     @Produces(MediaType.APPLICATION_JSON)
     @Path("/tenant/{host}")
-    public SignedIdentityDocument getTenantIdentityDocument(@PathParam("host") String host,
-                                                            @Context HttpServletRequest request) {
-        return getIdentityDocument(host, request);
+    @Override
+    public SignedIdentityDocument getTenantIdentityDocument(@PathParam("host") String host) {
+        return getIdentityDocument(host);
     }
 
 }
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/ProviderUniqueId.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/ProviderUniqueId.java
deleted file mode 100644
index c956ead5f8c..00000000000
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/ProviderUniqueId.java
+++ /dev/null
@@ -1,80 +0,0 @@
-// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
-package com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument;
-
-import com.fasterxml.jackson.annotation.JsonProperty;
-import com.yahoo.vespa.athenz.identityprovider.api.VespaUniqueInstanceId;
-
-import java.util.Objects;
-
-/**
- * @author bjorncs
- */
-public class ProviderUniqueId {
-
-    @JsonProperty("tenant")
-    public final String tenant;
-    @JsonProperty("application")
-    public final String application;
-    @JsonProperty("environment")
-    public final String environment;
-    @JsonProperty("region")
-    public final String region;
-    @JsonProperty("instance")
-    public final String instance;
-    @JsonProperty("cluster-id")
-    public final String clusterId;
-    @JsonProperty("cluster-index")
-    public final int clusterIndex;
-
-    public ProviderUniqueId(@JsonProperty("tenant") String tenant,
-                            @JsonProperty("application") String application,
-                            @JsonProperty("environment") String environment,
-                            @JsonProperty("region") String region,
-                            @JsonProperty("instance") String instance,
-                            @JsonProperty("cluster-id") String clusterId,
-                            @JsonProperty("cluster-index") int clusterIndex) {
-        this.tenant = tenant;
-        this.application = application;
-        this.environment = environment;
-        this.region = region;
-        this.instance = instance;
-        this.clusterId = clusterId;
-        this.clusterIndex = clusterIndex;
-    }
-
-    public VespaUniqueInstanceId toVespaUniqueInstanceId() {
-        return new VespaUniqueInstanceId(clusterIndex, clusterId, instance, application, tenant, region, environment);
-    }
-
-    @Override
-    public String toString() {
-        return "ProviderUniqueId{" +
-               "tenant='" + tenant + '\'' +
-               ", application='" + application + '\'' +
-               ", environment='" + environment + '\'' +
-               ", region='" + region + '\'' +
-               ", instance='" + instance + '\'' +
-               ", clusterId='" + clusterId + '\'' +
-               ", clusterIndex=" + clusterIndex +
-               '}';
-    }
-
-    @Override
-    public boolean equals(Object o) {
-        if (this == o) return true;
-        if (o == null || getClass() != o.getClass()) return false;
-        ProviderUniqueId that = (ProviderUniqueId) o;
-        return clusterIndex == that.clusterIndex &&
-               Objects.equals(tenant, that.tenant) &&
-               Objects.equals(application, that.application) &&
-               Objects.equals(environment, that.environment) &&
-               Objects.equals(region, that.region) &&
-               Objects.equals(instance, that.instance) &&
-               Objects.equals(clusterId, that.clusterId);
-    }
-
-    @Override
-    public int hashCode() {
-        return Objects.hash(tenant, application, environment, region, instance, clusterId, clusterIndex);
-    }
-}
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/SignedIdentityDocument.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/SignedIdentityDocument.java
deleted file mode 100644
index 2545401f3ec..00000000000
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/SignedIdentityDocument.java
+++ /dev/null
@@ -1,87 +0,0 @@
-// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
-package com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument;
-
-import com.fasterxml.jackson.annotation.JsonCreator;
-import com.fasterxml.jackson.annotation.JsonIgnore;
-import com.fasterxml.jackson.annotation.JsonProperty;
-import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.Utils;
-
-import java.io.IOException;
-import java.io.UncheckedIOException;
-import java.util.Base64;
-import java.util.Objects;
-
-/**
- * @author bjorncs
- */
-public class SignedIdentityDocument {
-
-    public static final int DEFAULT_KEY_VERSION = 0;
-    public static final int DEFAULT_DOCUMENT_VERSION = 1;
-
-    @JsonProperty("identity-document")public final String rawIdentityDocument;
-    @JsonIgnore public final IdentityDocument identityDocument;
-    @JsonProperty("signature") public final String signature;
-    @JsonProperty("signing-key-version") public final int signingKeyVersion;
-    @JsonProperty("provider-unique-id") public final String providerUniqueId; // String representation
-    @JsonProperty("dns-suffix") public final String dnsSuffix;
-    @JsonProperty("provider-service") public final String providerService;
-    @JsonProperty("zts-endpoint") public final String ztsEndpoint;
-    @JsonProperty("document-version") public final int documentVersion;
-
-    @JsonCreator
-    public SignedIdentityDocument(@JsonProperty("identity-document") String rawIdentityDocument,
-                                  @JsonProperty("signature") String signature,
-                                  @JsonProperty("signing-key-version") int signingKeyVersion,
-                                  @JsonProperty("provider-unique-id") String providerUniqueId,
-                                  @JsonProperty("dns-suffix") String dnsSuffix,
-                                  @JsonProperty("provider-service") String providerService,
-                                  @JsonProperty("zts-endpoint") String ztsEndpoint,
-                                  @JsonProperty("document-version") int documentVersion) {
-        this.rawIdentityDocument = rawIdentityDocument;
-        this.identityDocument = parseIdentityDocument(rawIdentityDocument);
-        this.signature = signature;
-        this.signingKeyVersion = signingKeyVersion;
-        this.providerUniqueId = providerUniqueId;
-        this.dnsSuffix = dnsSuffix;
-        this.providerService = providerService;
-        this.ztsEndpoint = ztsEndpoint;
-        this.documentVersion = documentVersion;
-    }
-
-    private static IdentityDocument parseIdentityDocument(String rawIdentityDocument) {
-        try {
-            return Utils.getMapper().readValue(Base64.getDecoder().decode(rawIdentityDocument), IdentityDocument.class);
-        } catch (IOException e) {
-            throw new UncheckedIOException(e);
-        }
-    }
-
-    @Override
-    public String toString() {
-        return "SignedIdentityDocument{" +
-                "rawIdentityDocument='" + rawIdentityDocument + '\'' +
-                ", identityDocument=" + identityDocument +
-                ", signature='" + signature + '\'' +
-                ", signingKeyVersion=" + signingKeyVersion +
-                ", documentVersion=" + documentVersion +
-                '}';
-    }
-
-    @Override
-    public boolean equals(Object o) {
-        if (this == o) return true;
-        if (o == null || getClass() != o.getClass()) return false;
-        SignedIdentityDocument that = (SignedIdentityDocument) o;
-        return signingKeyVersion == that.signingKeyVersion &&
-                documentVersion == that.documentVersion &&
-                Objects.equals(rawIdentityDocument, that.rawIdentityDocument) &&
-                Objects.equals(identityDocument, that.identityDocument) &&
-                Objects.equals(signature, that.signature);
-    }
-
-    @Override
-    public int hashCode() {
-        return Objects.hash(rawIdentityDocument, identityDocument, signature, signingKeyVersion, documentVersion);
-    }
-}
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceConfirmation.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceConfirmation.java
index 7b2725a8d95..6e895711531 100644
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceConfirmation.java
+++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceConfirmation.java
@@ -14,7 +14,7 @@ import com.fasterxml.jackson.databind.SerializerProvider;
 import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
 import com.fasterxml.jackson.databind.annotation.JsonSerialize;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.Utils;
-import com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.SignedIdentityDocument;
+import com.yahoo.vespa.athenz.identityprovider.api.bindings.SignedIdentityDocument;
 
 import java.io.IOException;
 import java.util.HashMap;
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidator.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidator.java
index 69c5d961b7e..ca513ede320 100644
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidator.java
+++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidator.java
@@ -8,8 +8,8 @@ import com.yahoo.config.model.api.SuperModelProvider;
 import com.yahoo.config.provision.ApplicationId;
 import com.yahoo.log.LogLevel;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.KeyProvider;
-import com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.ProviderUniqueId;
-import com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.SignedIdentityDocument;
+import com.yahoo.vespa.athenz.identityprovider.api.bindings.ProviderUniqueId;
+import com.yahoo.vespa.athenz.identityprovider.api.bindings.SignedIdentityDocument;
 
 import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
diff --git a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGeneratorTest.java b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGeneratorTest.java
index 7389cf1596d..4e84fefbe53 100644
--- a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGeneratorTest.java
+++ b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGeneratorTest.java
@@ -14,6 +14,8 @@ import com.yahoo.config.provision.RegionName;
 import com.yahoo.config.provision.SystemName;
 import com.yahoo.config.provision.TenantName;
 import com.yahoo.config.provision.Zone;
+import com.yahoo.vespa.athenz.identityprovider.api.bindings.ProviderUniqueId;
+import com.yahoo.vespa.athenz.identityprovider.api.bindings.SignedIdentityDocument;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.AutoGeneratedKeyProvider;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.config.AthenzProviderServiceConfig;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.instanceconfirmation.InstanceValidator;
diff --git a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidatorTest.java b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidatorTest.java
index ffd3265957f..e7d8ef57a69 100644
--- a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidatorTest.java
+++ b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidatorTest.java
@@ -12,9 +12,9 @@ import com.yahoo.config.provision.ApplicationId;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.AutoGeneratedKeyProvider;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.KeyProvider;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.Utils;
-import com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.IdentityDocument;
-import com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.ProviderUniqueId;
-import com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.SignedIdentityDocument;
+import com.yahoo.vespa.athenz.identityprovider.api.bindings.IdentityDocument;
+import com.yahoo.vespa.athenz.identityprovider.api.bindings.ProviderUniqueId;
+import com.yahoo.vespa.athenz.identityprovider.api.bindings.SignedIdentityDocument;
 import org.junit.Test;
 
 import java.security.PrivateKey;
author	Bjørn Christian Seime <bjorncs@oath.com>	2018-04-19 15:44:41 +0200
committer	Bjørn Christian Seime <bjorncs@oath.com>	2018-04-19 15:44:41 +0200
commit	a17b034ae224f67c8b47a6a70b34078b41efdd4a (patch)
tree	a6fc21e291caf47a579ba1d93835d796c99dbf6b /athenz-identity-provider-service
parent	28a3c13c3dfcf93d05ace3dca4ddc5ce4cba6a35 (diff)