Move Athenz types from controller-api to vespa-athenz

3 files changed, 0 insertions, 158 deletions

diff --git a/controller-api/src/test/java/com/yahoo/vespa/athenz/api/AthenzDomainTest.java b/controller-api/src/test/java/com/yahoo/vespa/athenz/api/AthenzDomainTest.java
deleted file mode 100644
index 637a643cf63..00000000000
--- a/controller-api/src/test/java/com/yahoo/vespa/athenz/api/AthenzDomainTest.java
+++ /dev/null
@@ -1,55 +0,0 @@
-package com.yahoo.vespa.athenz.api;
-
-import org.hamcrest.CoreMatchers;
-import org.junit.Test;
-
-import java.util.concurrent.Callable;
-import java.util.function.Supplier;
-
-import static org.hamcrest.CoreMatchers.containsString;
-import static org.hamcrest.CoreMatchers.startsWith;
-import static org.junit.Assert.*;
-
-/**
- * @author bjorncs
- */
-public class AthenzDomainTest {
-
-    @Test
-    public void domain_can_be_constructed_from_valid_string() {
-        new AthenzDomain("home.john.my-app");
-    }
-
-    @Test
-    public void invalid_domain_throws_exception() {
-        assertInvalid(() -> new AthenzDomain("endswithdot."));
-        assertInvalid(() -> new AthenzDomain(".startswithdot"));
-    }
-
-    @Test
-    public void parent_domain_is_without_name_suffix() {
-        assertEquals(new AthenzDomain("home.john"), new AthenzDomain("home.john.myapp").getParent());
-    }
-
-    @Test
-    public void domain_name_suffix_is_the_suffix_after_last_dot() {
-        assertEquals("myapp", new AthenzDomain("home.john.myapp").getNameSuffix());
-    }
-
-    @Test
-    public void domain_without_dot_is_toplevel() {
-        assertTrue(new AthenzDomain("toplevel").isTopLevelDomain());
-        assertFalse(new AthenzDomain("not.toplevel").isTopLevelDomain());
-    }
-
-    private static void assertInvalid(Supplier<AthenzDomain> domainCreator) {
-        try {
-            AthenzDomain domain = domainCreator.get();
-            fail("Expected IllegalArgumentException for domain: " + domain.getName());
-        } catch (IllegalArgumentException e) {
-            assertThat(e.getMessage(), startsWith("Not a valid domain name"));
-        }
-    }
-
-
-}
\ No newline at end of file
diff --git a/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzIdentityVerifierTest.java b/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzIdentityVerifierTest.java
deleted file mode 100644
index 88da28fb273..00000000000
--- a/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzIdentityVerifierTest.java
+++ /dev/null
@@ -1,82 +0,0 @@
-package com.yahoo.vespa.hosted.controller.api.integration.athenz;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.cert.CertIOException;
-import org.bouncycastle.cert.X509v3CertificateBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.junit.Test;
-
-import javax.net.ssl.SSLPeerUnverifiedException;
-import javax.net.ssl.SSLSession;
-import java.math.BigInteger;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import java.time.Duration;
-import java.time.Instant;
-import java.util.Date;
-
-import static java.util.Collections.singleton;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
-
-/**
- * @author bjorncs
- */
-public class AthenzIdentityVerifierTest {
-
-    @Test
-    public void verifies_certificate_with_athenz_service_as_common_name() throws Exception {
-        AthenzIdentity trustedIdentity = new AthenzService("mydomain", "alice");
-        AthenzIdentity unknownIdentity = new AthenzService("mydomain", "mallory");
-        KeyPair keyPair = createKeyPair();
-        AthenzIdentityVerifier verifier = new AthenzIdentityVerifier(singleton(trustedIdentity));
-        assertTrue(verifier.verify("hostname", createSslSessionMock(createSelfSignedCertificate(keyPair, trustedIdentity))));
-        assertFalse(verifier.verify("hostname", createSslSessionMock(createSelfSignedCertificate(keyPair, unknownIdentity))));
-    }
-
-    private static KeyPair createKeyPair() throws NoSuchAlgorithmException {
-        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
-        keyGen.initialize(512);
-        return keyGen.generateKeyPair();
-    }
-
-    private static X509Certificate createSelfSignedCertificate(KeyPair keyPair, AthenzIdentity identity)
-            throws OperatorCreationException, CertIOException, CertificateException {
-        ContentSigner contentSigner = new JcaContentSignerBuilder("SHA256WithRSA").build(keyPair.getPrivate());
-        X500Name x500Name = new X500Name("CN="+ identity.getFullName());
-        Instant now = Instant.now();
-        Date notBefore = Date.from(now);
-        Date notAfter = Date.from(now.plus(Duration.ofDays(30)));
-
-        X509v3CertificateBuilder certificateBuilder =
-                new JcaX509v3CertificateBuilder(
-                        x500Name, BigInteger.valueOf(now.toEpochMilli()), notBefore, notAfter, x500Name, keyPair.getPublic()
-                )
-                        .addExtension(Extension.basicConstraints, true, new BasicConstraints(true));
-
-        return new JcaX509CertificateConverter()
-                .setProvider(new BouncyCastleProvider())
-                .getCertificate(certificateBuilder.build(contentSigner));
-
-    }
-
-    private static SSLSession createSslSessionMock(X509Certificate certificate) throws SSLPeerUnverifiedException {
-        SSLSession sslSession = mock(SSLSession.class);
-        when(sslSession.getPeerCertificates()).thenReturn(new Certificate[]{certificate});
-        return sslSession;
-    }
-
-}
\ No newline at end of file
diff --git a/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzUtilsTest.java b/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzUtilsTest.java
deleted file mode 100644
index f257255a07e..00000000000
--- a/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzUtilsTest.java
+++ /dev/null
@@ -1,21 +0,0 @@
-package com.yahoo.vespa.hosted.controller.api.integration.athenz;
-
-import com.yahoo.vespa.athenz.api.AthenzDomain;
-import org.junit.Test;
-
-import static org.junit.Assert.assertEquals;
-
-/**
- * @author bjorncs
- */
-public class AthenzUtilsTest {
-
-    @Test
-    public void athenz_identity_is_parsed_from_dot_separated_string() {
-        AthenzIdentity expectedIdentity = new AthenzService(new AthenzDomain("my.subdomain"), "myservicename");
-        String fullName = expectedIdentity.getFullName();
-        AthenzIdentity actualIdentity = AthenzUtils.createAthenzIdentity(fullName);
-        assertEquals(expectedIdentity, actualIdentity);
-    }
-
-}
\ No newline at end of file