summaryrefslogtreecommitdiffstats
path: root/controller-server/src
diff options
context:
space:
mode:
authorBjørn Christian Seime <bjorncs@yahooinc.com>2023-06-15 15:50:41 +0200
committerBjørn Christian Seime <bjorncs@yahooinc.com>2023-06-15 15:51:49 +0200
commit12da7ac0dc15cc66b6c6a9621472d2ec8e1e73d0 (patch)
tree9eb6323380c5a5df76171c94c8510b340defcfce /controller-server/src
parent44638b48e119a558deafb8e7a556845af4120f2f (diff)
Use correct token domain
Diffstat (limited to 'controller-server/src')
-rw-r--r--controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/dataplanetoken/DataplaneTokenService.java10
1 files changed, 8 insertions, 2 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/dataplanetoken/DataplaneTokenService.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/dataplanetoken/DataplaneTokenService.java
index 731806bd53a..e517a0a2729 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/dataplanetoken/DataplaneTokenService.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/dataplanetoken/DataplaneTokenService.java
@@ -14,13 +14,16 @@ import com.yahoo.vespa.hosted.controller.api.integration.dataplanetoken.FingerPr
import com.yahoo.vespa.hosted.controller.api.integration.dataplanetoken.TokenId;
import com.yahoo.vespa.hosted.controller.persistence.CuratorDb;
-import java.nio.charset.StandardCharsets;
import java.security.Principal;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.stream.Stream;
+import static com.yahoo.security.ArrayUtils.concat;
+import static com.yahoo.security.ArrayUtils.fromUtf8Bytes;
+import static java.nio.charset.StandardCharsets.UTF_8;
+
/**
* Service to list, generate and delete data plane tokens
*
@@ -56,7 +59,10 @@ public class DataplaneTokenService {
* @return a DataplaneToken containing the secret generated token
*/
public DataplaneToken generateToken(TenantName tenantName, TokenId tokenId, Principal principal) {
- TokenDomain tokenDomain = TokenDomain.of(tenantName.value());
+ TokenDomain tokenDomain = TokenDomain.of(
+ fromUtf8Bytes(
+ concat("Vespa Cloud tenant data plane:".getBytes(UTF_8),
+ tenantName.value().getBytes(UTF_8))));
Token token = TokenGenerator.generateToken(tokenDomain, TOKEN_PREFIX, TOKEN_BYTES);
TokenCheckHash checkHash = TokenCheckHash.of(token, CHECK_HASH_BYTES);
DataplaneTokenVersions.Version newTokenVersion = new DataplaneTokenVersions.Version(