diff options
author | Morten Tokle <mortent@oath.com> | 2018-02-08 22:12:17 +0100 |
---|---|---|
committer | Morten Tokle <mortent@oath.com> | 2018-02-16 11:05:31 +0100 |
commit | 93d6928d040c17deda2d075e01b6686b2c15fe33 (patch) | |
tree | ae6807a4b1c49c7576d45aff9e6b2f0adb508e06 /container-disc/src | |
parent | 99d36b58fd993d3eb0c7e98d3fad9ab430593174 (diff) |
Refactor identityprovider. Add SiaIdentityProvider
Diffstat (limited to 'container-disc/src')
3 files changed, 15 insertions, 22 deletions
diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/Ckms.java b/container-disc/src/main/java/com/yahoo/container/jdisc/Ckms.java new file mode 100644 index 00000000000..132fa6b2882 --- /dev/null +++ b/container-disc/src/main/java/com/yahoo/container/jdisc/Ckms.java @@ -0,0 +1,11 @@ +// Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. + +package com.yahoo.container.jdisc; + +public interface Ckms { + /** Returns the secret for this key */ + String getSecret(String key); + + /** Returns the secret for this key and version */ + String getSecret(String key, int version); +} diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProvider.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProvider.java index c4c57f4bc47..b7190927d11 100644 --- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProvider.java +++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProvider.java @@ -7,8 +7,7 @@ import javax.net.ssl.SSLContext; * @author mortent */ public interface AthenzIdentityProvider { - String getNToken() throws AthenzIdentityProviderException; String getDomain(); String getService(); - SSLContext getSslContext(); + SSLContext getIdentitySslContext(); } diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/AthenzIdentityProviderImpl.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/AthenzIdentityProviderImpl.java index c32d08c97ff..b1cdbe50ae9 100644 --- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/AthenzIdentityProviderImpl.java +++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/AthenzIdentityProviderImpl.java @@ -103,23 +103,6 @@ public final class AthenzIdentityProviderImpl extends AbstractComponent implemen } @Override - public String getNToken() { - try { - credentialsRetrievedSignal.await(); - AthenzCredentials credentialsSnapshot = credentials.get(); - if (credentialsSnapshot == null) { - throw new AthenzIdentityProviderException("Could not retrieve Athenz credentials", lastThrowable.get()); - } - if (isExpired(credentialsSnapshot)) { - throw new AthenzIdentityProviderException("Athenz credentials are expired", lastThrowable.get()); - } - return credentialsSnapshot.getNToken(); - } catch (InterruptedException e) { - throw new AthenzIdentityProviderException("Failed to register instance credentials", lastThrowable.get()); - } - } - - @Override public String getDomain() { return domain; } @@ -130,12 +113,12 @@ public final class AthenzIdentityProviderImpl extends AbstractComponent implemen } @Override - public SSLContext getSslContext() { + public SSLContext getIdentitySslContext() { try { SSLContext sslContext = SSLContext.getInstance("TLSv1.2"); sslContext.init(createKeyManagersWithServiceCertificate(), - createTrustManagersWithAthenzCa(), - null); + createTrustManagersWithAthenzCa(), + null); return sslContext; } catch (NoSuchAlgorithmException | KeyManagementException e) { throw new RuntimeException(e); |