diff options
author | Bjørn Christian Seime <bjorncs@oath.com> | 2018-02-22 11:40:59 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@oath.com> | 2018-02-22 11:40:59 +0100 |
commit | b98312043d1bc2c7ccfd971d00d9c2fd828e44fd (patch) | |
tree | 2eaa8aa014ef0c93b96702074e56f26a5181700f /controller-server | |
parent | bf8625d8ad5c371d4247590d21a179c0c092a3d4 (diff) |
Use CKMS instead of KeyService to retrieve service private key
Diffstat (limited to 'controller-server')
-rw-r--r-- | controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzClientFactoryImpl.java | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzClientFactoryImpl.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzClientFactoryImpl.java index 1fb02299b46..c3471a40234 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzClientFactoryImpl.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzClientFactoryImpl.java @@ -10,12 +10,12 @@ import com.yahoo.athenz.auth.token.PrincipalToken; import com.yahoo.athenz.auth.util.Crypto; import com.yahoo.athenz.zms.ZMSClient; import com.yahoo.athenz.zts.ZTSClient; +import com.yahoo.container.jdisc.Ckms; import com.yahoo.vespa.athenz.api.NToken; import com.yahoo.vespa.athenz.utils.AthenzIdentities; import com.yahoo.vespa.hosted.controller.api.integration.athenz.AthenzClientFactory; import com.yahoo.vespa.hosted.controller.api.integration.athenz.ZmsClient; import com.yahoo.vespa.hosted.controller.api.integration.athenz.ZtsClient; -import com.yahoo.vespa.hosted.controller.api.integration.security.KeyService; import com.yahoo.vespa.hosted.controller.athenz.config.AthenzConfig; import java.security.PrivateKey; @@ -24,15 +24,16 @@ import java.time.Duration; /** * @author bjorncs */ +// TODO Use SiaIdentityProvider public class AthenzClientFactoryImpl implements AthenzClientFactory { - private final KeyService secretService; + private final Ckms ckms; private final AthenzConfig config; private final AthenzPrincipalAuthority athenzPrincipalAuthority; @Inject - public AthenzClientFactoryImpl(KeyService secretService, AthenzConfig config) { - this.secretService = secretService; + public AthenzClientFactoryImpl(Ckms ckms, AthenzConfig config) { + this.ckms = ckms; this.config = config; this.athenzPrincipalAuthority = new AthenzPrincipalAuthority(config.principalHeaderName()); } @@ -85,7 +86,7 @@ public class AthenzClientFactoryImpl implements AthenzClientFactory { private PrivateKey getServicePrivateKey() { AthenzConfig.Service service = config.service(); - String privateKey = secretService.getSecret(service.privateKeySecretName(), service.privateKeyVersion()).trim(); + String privateKey = ckms.getSecret(service.privateKeySecretName(), service.privateKeyVersion()).trim(); return Crypto.loadPrivateKey(privateKey); } |