Export AthenzIdentityProvider

author: Morten Tokle <mortent@oath.com> 2017-10-24 12:38:03 +0200
committer: Morten Tokle <mortent@oath.com> 2017-10-24 12:41:38 +0200
commit: 1954ef4d591876623799907b5260fbf9573a28b8 (patch)
tree: 36c14527528a2492ba9bb34c6b8c2ac8e1697814 /container-disc
parent: 385a40a34979d8e0be49c84c29ad211f7b2c0ce5 (diff)
7 files changed, 32 insertions, 18 deletions
diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProvider.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProvider.java
index 45b08c74688..63b0accbdd2 100644
--- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProvider.java
+++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProvider.java
@@ -2,11 +2,16 @@ package com.yahoo.container.jdisc.athenz;
 
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.common.annotations.Beta;
 import com.google.inject.Inject;
 import com.yahoo.athenz.auth.util.Crypto;
 import com.yahoo.cloud.config.ConfigserverConfig;
 import com.yahoo.component.AbstractComponent;
 import com.yahoo.container.core.identity.IdentityConfig;
+import com.yahoo.container.jdisc.athenz.impl.AthenzService;
+import com.yahoo.container.jdisc.athenz.impl.InstanceIdentity;
+import com.yahoo.container.jdisc.athenz.impl.InstanceRegisterInformation;
+import com.yahoo.container.jdisc.athenz.impl.ServiceProviderApi;
 import org.bouncycastle.asn1.x509.GeneralName;
 import org.bouncycastle.operator.OperatorCreationException;
 
@@ -18,6 +23,7 @@ import java.security.NoSuchAlgorithmException;
 /**
  * @author mortent
  */
+@Beta
 public final class AthenzIdentityProvider extends AbstractComponent {
 
     private InstanceIdentity instanceIdentity;
diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzService.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/AthenzService.java
index 06dd698988a..69c52e5e639 100644
--- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzService.java
+++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/AthenzService.java
@@ -1,4 +1,4 @@
-package com.yahoo.container.jdisc.athenz;
+package com.yahoo.container.jdisc.athenz.impl;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
 import org.apache.http.client.methods.CloseableHttpResponse;
@@ -21,10 +21,9 @@ public class AthenzService {
     /**
      * Send instance register request to ZTS, get InstanceIdentity
      */
-     InstanceIdentity sendInstanceRegisterRequest(InstanceRegisterInformation instanceRegisterInformation, String athenzUrl) {
+     public InstanceIdentity sendInstanceRegisterRequest(InstanceRegisterInformation instanceRegisterInformation, String athenzUrl) {
         try(CloseableHttpClient client = HttpClientBuilder.create().build()) {
             ObjectMapper objectMapper = new ObjectMapper();
-            System.out.println(objectMapper.writeValueAsString(instanceRegisterInformation));
             HttpUriRequest postRequest = RequestBuilder.post()
                     .setUri(athenzUrl + "/instance")
                     .setEntity(new StringEntity(objectMapper.writeValueAsString(instanceRegisterInformation), ContentType.APPLICATION_JSON))
@@ -33,9 +32,8 @@ public class AthenzService {
             if(HttpStatus.isSuccess(response.getStatusLine().getStatusCode())) {
                 return objectMapper.readValue(response.getEntity().getContent(), InstanceIdentity.class);
             } else {
-                String s = EntityUtils.toString(response.getEntity());
-                System.out.println("s = " + s);
-                throw new RuntimeException(response.toString());
+                String message = EntityUtils.toString(response.getEntity());
+                throw new RuntimeException(String.format("Unable to get identity. http code/message: %d/%s" + response.getStatusLine().getStatusCode(), message));
             }
         } catch (IOException e) {
             throw new RuntimeException(e);
diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/InstanceIdentity.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/InstanceIdentity.java
index 45ef4c68d8e..35986e7276e 100644
--- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/InstanceIdentity.java
+++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/InstanceIdentity.java
@@ -1,4 +1,4 @@
-package com.yahoo.container.jdisc.athenz;
+package com.yahoo.container.jdisc.athenz.impl;
 
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 import com.fasterxml.jackson.annotation.JsonInclude;
@@ -13,7 +13,7 @@ import java.util.Map;
  */
 @JsonIgnoreProperties(ignoreUnknown = true)
 @JsonInclude(JsonInclude.Include.NON_NULL)
-class InstanceIdentity {
+public class InstanceIdentity {
     @JsonProperty("attributes") private final Map<String, String> attributes;
     @JsonProperty("provider") private final String provider;
     @JsonProperty("name") private final String name;
@@ -45,11 +45,11 @@ class InstanceIdentity {
         this.serviceToken = serviceToken;
     }
 
-    String getX509Certificate() {
+    public String getX509Certificate() {
         return x509Certificate;
     }
 
-    String getServiceToken() {
+    public String getServiceToken() {
         return serviceToken;
     }
 }
diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/InstanceRegisterInformation.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/InstanceRegisterInformation.java
index 2fa3c598c58..b5258cf793a 100644
--- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/InstanceRegisterInformation.java
+++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/InstanceRegisterInformation.java
@@ -1,4 +1,4 @@
-package com.yahoo.container.jdisc.athenz;
+package com.yahoo.container.jdisc.athenz.impl;
 
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 import com.fasterxml.jackson.annotation.JsonInclude;
@@ -11,7 +11,7 @@ import com.fasterxml.jackson.annotation.JsonProperty;
  */
 @JsonIgnoreProperties(ignoreUnknown = true)
 @JsonInclude(JsonInclude.Include.NON_NULL)
-class InstanceRegisterInformation {
+public class InstanceRegisterInformation {
     @JsonProperty("provider")
     private final String provider;
     @JsonProperty("domain")
diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/ServiceProviderApi.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/ServiceProviderApi.java
index 74e3cfa4a89..a896106ffdf 100644
--- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/ServiceProviderApi.java
+++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/ServiceProviderApi.java
@@ -1,4 +1,4 @@
-package com.yahoo.container.jdisc.athenz;
+package com.yahoo.container.jdisc.athenz.impl;
 
 import org.apache.http.client.methods.CloseableHttpResponse;
 import org.apache.http.client.methods.RequestBuilder;
@@ -21,11 +21,10 @@ public class ServiceProviderApi {
         providerUri = URI.create(String.format("https://%s:8443/athenz/v1/provider", providerAddress));
     }
 
-
     /**
      * Get signed identity document from config server
      */
-    String getSignedIdentityDocument() {
+    public String getSignedIdentityDocument() {
 
         // TODO Use client side auth to establish trusted secure channel
         try (CloseableHttpClient httpClient = HttpClientBuilder.create().build()) {
@@ -38,8 +37,7 @@ public class ServiceProviderApi {
                 throw new RuntimeException("Failed to initialize Athenz instance provider");
             }
         } catch (IOException e) {
-            e.printStackTrace();
-            throw new RuntimeException(e);
+            throw new RuntimeException("Failed getting signed identity document", e);
         }
     }
 
diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/package-info.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/package-info.java
new file mode 100644
index 00000000000..1d59edcbf93
--- /dev/null
+++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/package-info.java
@@ -0,0 +1,9 @@
+/**
+ * @author mortent
+ */
+@ExportPackage
+@PublicApi
+package com.yahoo.container.jdisc.athenz;
+
+import com.yahoo.api.annotations.PublicApi;
+import com.yahoo.osgi.annotation.ExportPackage;
+\ No newline at end of file
diff --git a/container-disc/src/test/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProviderTest.java b/container-disc/src/test/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProviderTest.java
index 4b351f1d2c0..2651cfd3a63 100644
--- a/container-disc/src/test/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProviderTest.java
+++ b/container-disc/src/test/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProviderTest.java
@@ -1,6 +1,9 @@
 package com.yahoo.container.jdisc.athenz;
 
 import com.yahoo.container.core.identity.IdentityConfig;
+import com.yahoo.container.jdisc.athenz.impl.AthenzService;
+import com.yahoo.container.jdisc.athenz.impl.InstanceIdentity;
+import com.yahoo.container.jdisc.athenz.impl.ServiceProviderApi;
 import org.junit.Assert;
 import org.junit.Test;
 
@@ -24,7 +27,7 @@ public class AthenzIdentityProviderTest {
 
         when(serviceProviderApi.getSignedIdentityDocument()).thenReturn(getIdentityDocument());
         when(athenzService.sendInstanceRegisterRequest(any(), anyString())).thenReturn(
-                new InstanceIdentity(null,null,null,null,null,null, null, null, "TOKEN"));
+                new InstanceIdentity(null, null, null, null, null, null, null, null, "TOKEN"));
 
         AthenzIdentityProvider identityProvider = new AthenzIdentityProvider(config, serviceProviderApi, athenzService);
author	Morten Tokle <mortent@oath.com>	2017-10-24 12:38:03 +0200
committer	Morten Tokle <mortent@oath.com>	2017-10-24 12:41:38 +0200
commit	1954ef4d591876623799907b5260fbf9573a28b8 (patch)
tree	36c14527528a2492ba9bb34c6b8c2ac8e1697814 /container-disc
parent	385a40a34979d8e0be49c84c29ad211f7b2c0ce5 (diff)