diff options
author | Bjørn Christian Seime <bjorncs@oath.com> | 2018-03-13 13:22:53 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@oath.com> | 2018-03-13 13:25:20 +0100 |
commit | c224f1bfa5e087be63a0f6df2321ebde7778cbfb (patch) | |
tree | f86dc0d834e14105f56374995afb2fdcf722d629 /jdisc_http_service | |
parent | a72221f64cd61a8a5d10dbc5acea1aa560d3c97d (diff) |
Change return type of getClientCertificateChain() to List<X509Certificate>
Diffstat (limited to 'jdisc_http_service')
3 files changed, 17 insertions, 6 deletions
diff --git a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/filter/DiscFilterRequest.java b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/filter/DiscFilterRequest.java index 2cb68462005..da76e288a2a 100644 --- a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/filter/DiscFilterRequest.java +++ b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/filter/DiscFilterRequest.java @@ -22,7 +22,6 @@ import java.util.HashMap; import java.util.List; import java.util.Locale; import java.util.Map; -import java.util.Optional; import java.util.concurrent.TimeUnit; import java.util.regex.Pattern; @@ -371,7 +370,11 @@ public abstract class DiscFilterRequest { public abstract void setUserPrincipal(Principal principal); - public abstract Optional<X509Certificate[]> getClientCertificateChain(); + /** + * @return The client certificate chain in ascending order of trust. The first certificate is the one sent from the client. + * Returns an empty list if the client did not provide a certificate. + */ + public abstract List<X509Certificate> getClientCertificateChain(); public void setUserRoles(String[] roles) { this.roles = roles; diff --git a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/filter/JdiscFilterRequest.java b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/filter/JdiscFilterRequest.java index c161b374e83..f8d9e6b2642 100644 --- a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/filter/JdiscFilterRequest.java +++ b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/filter/JdiscFilterRequest.java @@ -9,6 +9,7 @@ import java.net.URI; import java.security.Principal; import java.security.cert.X509Certificate; import java.util.ArrayList; +import java.util.Arrays; import java.util.Collections; import java.util.Enumeration; import java.util.List; @@ -117,8 +118,11 @@ public class JdiscFilterRequest extends DiscFilterRequest { } @Override - public Optional<X509Certificate[]> getClientCertificateChain() { - return Optional.ofNullable((X509Certificate[]) parent.context().get(ServletRequest.JDISC_REQUEST_X509CERT)); + public List<X509Certificate> getClientCertificateChain() { + return Optional.ofNullable(parent.context().get(ServletRequest.JDISC_REQUEST_X509CERT)) + .map(X509Certificate[].class::cast) + .map(Arrays::asList) + .orElse(Collections.emptyList()); } @Override diff --git a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/filter/ServletFilterRequest.java b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/filter/ServletFilterRequest.java index 6f23f128b4e..5921f0b8e0a 100644 --- a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/filter/ServletFilterRequest.java +++ b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/filter/ServletFilterRequest.java @@ -8,6 +8,7 @@ import java.io.UnsupportedEncodingException; import java.net.URI; import java.security.Principal; import java.security.cert.X509Certificate; +import java.util.Arrays; import java.util.Collections; import java.util.Enumeration; import java.util.HashSet; @@ -141,8 +142,11 @@ class ServletFilterRequest extends DiscFilterRequest { } @Override - public Optional<X509Certificate[]> getClientCertificateChain() { - return Optional.ofNullable((X509Certificate[]) parent.context().get(ServletRequest.SERVLET_REQUEST_X509CERT)); + public List<X509Certificate> getClientCertificateChain() { + return Optional.ofNullable(parent.context().get(ServletRequest.SERVLET_REQUEST_X509CERT)) + .map(X509Certificate[].class::cast) + .map(Arrays::asList) + .orElse(Collections.emptyList()); } @Override |