diff options
author | Bjørn Christian Seime <bjorncs@oath.com> | 2018-08-09 12:57:46 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@oath.com> | 2018-08-09 13:49:42 +0200 |
commit | b609be23cfdaa7eb6f71b77aa6d480a6ccba97bb (patch) | |
tree | 3f0fa7ee12280f01b02a91bc852e68a2426b363d /node-admin | |
parent | 0e00a548dcd671cd5a73038091d870d52dd13f7e (diff) |
Use utility methods from EntityBindingsMapper
Diffstat (limited to 'node-admin')
-rw-r--r-- | node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java | 30 |
1 files changed, 2 insertions, 28 deletions
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java index a8403b8b10d..9ee2ff58166 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java @@ -1,8 +1,6 @@ // Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.hosted.node.admin.maintenance.identity; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; import com.yahoo.vespa.athenz.api.AthenzService; import com.yahoo.vespa.athenz.client.zts.DefaultZtsClient; import com.yahoo.vespa.athenz.client.zts.InstanceIdentity; @@ -12,7 +10,6 @@ import com.yahoo.vespa.athenz.identity.ServiceIdentityProvider; import com.yahoo.vespa.athenz.identityprovider.api.EntityBindingsMapper; import com.yahoo.vespa.athenz.identityprovider.api.IdentityDocumentClient; import com.yahoo.vespa.athenz.identityprovider.api.SignedIdentityDocument; -import com.yahoo.vespa.athenz.identityprovider.api.bindings.SignedIdentityDocumentEntity; import com.yahoo.vespa.athenz.identityprovider.client.DefaultIdentityDocumentClient; import com.yahoo.vespa.athenz.identityprovider.client.InstanceCsrGenerator; import com.yahoo.vespa.athenz.tls.AthenzIdentityVerifier; @@ -55,8 +52,6 @@ public class AthenzCredentialsMaintainer { private static final Duration REFRESH_PERIOD = Duration.ofDays(1); private static final Path CONTAINER_SIA_DIRECTORY = Paths.get("/var/lib/sia"); - private static final ObjectMapper mapper = new ObjectMapper().registerModule(new JavaTimeModule()); - private final boolean enabled; private final PrefixLogger log; private final String hostname; @@ -177,7 +172,7 @@ public class AthenzCredentialsMaintainer { EntityBindingsMapper.toAttestationData(signedIdentityDocument), false, csr); - writeIdentityDocument(signedIdentityDocument); + EntityBindingsMapper.writeSignedIdentityDocumentToFile(identityDocumentFile, signedIdentityDocument); writePrivateKeyAndCertificate(keyPair.getPrivate(), instanceIdentity.certificate()); log.info("Instance successfully registered and credentials written to file"); } catch (IOException e) { @@ -186,7 +181,7 @@ public class AthenzCredentialsMaintainer { } private void refreshIdentity() { - SignedIdentityDocument identityDocument = readIdentityDocument(); + SignedIdentityDocument identityDocument = EntityBindingsMapper.readSignedIdentityDocumentFromFile(identityDocumentFile); KeyPair keyPair = KeyUtils.generateKeypair(KeyAlgorithm.RSA); Pkcs10Csr csr = csrGenerator.generateCsr(containerIdentity, identityDocument.providerUniqueId(), identityDocument.ipAddresses(), keyPair); SSLContext containerIdentitySslContext = @@ -215,27 +210,6 @@ public class AthenzCredentialsMaintainer { } } - private SignedIdentityDocument readIdentityDocument() { - try { - SignedIdentityDocumentEntity entity = mapper.readValue(identityDocumentFile.toFile(), SignedIdentityDocumentEntity.class); - return EntityBindingsMapper.toSignedIdentityDocument(entity); - } catch (IOException e) { - throw new UncheckedIOException(e); - } - } - - private void writeIdentityDocument(SignedIdentityDocument signedIdentityDocument) { - try { - SignedIdentityDocumentEntity entity = - EntityBindingsMapper.toSignedIdentityDocumentEntity(signedIdentityDocument); - Path tempIdentityDocumentFile = toTempPath(identityDocumentFile); - mapper.writeValue(tempIdentityDocumentFile.toFile(), entity); - Files.move(tempIdentityDocumentFile, identityDocumentFile, StandardCopyOption.ATOMIC_MOVE); - } catch (IOException e) { - throw new UncheckedIOException(e); - } - } - private void writePrivateKeyAndCertificate(PrivateKey privateKey, X509Certificate certificate) throws IOException { Path tempPrivateKeyFile = toTempPath(privateKeyFile); Files.write(tempPrivateKeyFile, KeyUtils.toPem(privateKey).getBytes()); |