Simplify token API by using fixed context for fingerprints

Fingerprints are now always derived using the a fixed context
of `Vespa token fingerprint`. Enforcement has been added that a
`TokenDomain` cannot be initialized with a context equal to the
fingerprint context.

This changes the fingerprint outputs from their previous values,
but that's fine since they are not yet in use anywhere.

1 files changed, 1 insertions, 2 deletions

diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/dataplanetoken/DataplaneTokenService.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/dataplanetoken/DataplaneTokenService.java
index 7941ae68a4f..731806bd53a 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/dataplanetoken/DataplaneTokenService.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/dataplanetoken/DataplaneTokenService.java
@@ -29,7 +29,6 @@ import java.util.stream.Stream;
 public class DataplaneTokenService {
 
     private static final String TOKEN_PREFIX = "vespa_cloud_";
-    private static final byte[] FINGERPRINT_CONTEXT = new byte[0];
     private static final int TOKEN_BYTES = 32;
     private static final int CHECK_HASH_BYTES = 32;
 
@@ -57,7 +56,7 @@ public class DataplaneTokenService {
      * @return a DataplaneToken containing the secret generated token
      */
     public DataplaneToken generateToken(TenantName tenantName, TokenId tokenId, Principal principal) {
-        TokenDomain tokenDomain = new TokenDomain(FINGERPRINT_CONTEXT, tenantName.value().getBytes(StandardCharsets.UTF_8));
+        TokenDomain tokenDomain = TokenDomain.of(tenantName.value());
         Token token = TokenGenerator.generateToken(tokenDomain, TOKEN_PREFIX, TOKEN_BYTES);
         TokenCheckHash checkHash = TokenCheckHash.of(token, CHECK_HASH_BYTES);
         DataplaneTokenVersions.Version newTokenVersion = new DataplaneTokenVersions.Version(