diff options
author | Bjørn Christian Seime <bjorncs@oath.com> | 2017-11-03 17:20:58 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@oath.com> | 2017-11-06 17:49:17 +0100 |
commit | 7be9f1d94f6b98ea56fbf8afb520835f83bd024d (patch) | |
tree | dcc1de02090be9f1eecf67791a24c20f38105139 /container-disc | |
parent | 579a0a1d651bf2961e578063a02dad55fb2010a9 (diff) |
Add deserializer for X509 certificate
Diffstat (limited to 'container-disc')
3 files changed, 24 insertions, 5 deletions
diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProvider.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProvider.java index 19e04e0ae01..418b3511ebb 100644 --- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProvider.java +++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProvider.java @@ -1,13 +1,15 @@ // Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.container.jdisc.athenz; +import java.security.cert.X509Certificate; + /** * @author mortent */ public interface AthenzIdentityProvider { String getNToken(); - String getX509Cert(); + X509Certificate getX509Cert(); String domain(); String service(); } diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/AthenzIdentityProviderImpl.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/AthenzIdentityProviderImpl.java index 478f7ee8759..83c001eaab7 100644 --- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/AthenzIdentityProviderImpl.java +++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/AthenzIdentityProviderImpl.java @@ -10,6 +10,7 @@ import com.yahoo.container.jdisc.athenz.AthenzIdentityProvider; import java.io.IOException; import java.net.URI; import java.security.KeyPair; +import java.security.cert.X509Certificate; /** * @author mortent @@ -60,7 +61,7 @@ public final class AthenzIdentityProviderImpl extends AbstractComponent implemen } @Override - public String getX509Cert() { + public X509Certificate getX509Cert() { return instanceIdentity.getX509Certificate(); } diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/InstanceIdentity.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/InstanceIdentity.java index f64b2c765a5..20bbb2aa67e 100644 --- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/InstanceIdentity.java +++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/InstanceIdentity.java @@ -4,6 +4,13 @@ package com.yahoo.container.jdisc.athenz.impl; import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.core.JsonParser; +import com.fasterxml.jackson.databind.DeserializationContext; +import com.fasterxml.jackson.databind.JsonDeserializer; +import com.fasterxml.jackson.databind.annotation.JsonDeserialize; + +import java.io.IOException; +import java.security.cert.X509Certificate; /** * Used for deserializing response from ZTS @@ -13,20 +20,29 @@ import com.fasterxml.jackson.annotation.JsonProperty; @JsonIgnoreProperties(ignoreUnknown = true) @JsonInclude(JsonInclude.Include.NON_NULL) public class InstanceIdentity { - @JsonProperty("x509Certificate") private final String x509Certificate; + @JsonProperty("x509Certificate") private final X509Certificate x509Certificate; @JsonProperty("serviceToken") private final String serviceToken; - public InstanceIdentity(@JsonProperty("x509Certificate") String x509Certificate, + public InstanceIdentity(@JsonProperty("x509Certificate") @JsonDeserialize(using = X509CertificateDeserializer.class) + X509Certificate x509Certificate, @JsonProperty("serviceToken") String serviceToken) { this.x509Certificate = x509Certificate; this.serviceToken = serviceToken; } - public String getX509Certificate() { + public X509Certificate getX509Certificate() { return x509Certificate; } public String getServiceToken() { return serviceToken; } + + public static class X509CertificateDeserializer extends JsonDeserializer<X509Certificate> { + @Override + public X509Certificate deserialize(JsonParser parser, DeserializationContext context) throws IOException { + return CryptoUtils.parseCertificate(parser.getValueAsString()); + } + } + } |