diff options
author | Bjørn Christian Seime <bjorncs@oath.com> | 2018-05-28 13:14:30 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@oath.com> | 2018-05-28 13:14:30 +0200 |
commit | 6faa134c70c79a491c6130680da6b146d4685ec1 (patch) | |
tree | dddb09b1434d8eb73f4f75fa32a6e01a6a3e5c2d /node-admin | |
parent | c721dbc32a95a5a754464461bf154141ad6c5f07 (diff) |
Remove deprecated identity-document entity types
Diffstat (limited to 'node-admin')
-rw-r--r-- | node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java | 34 |
1 files changed, 2 insertions, 32 deletions
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java index 8c59568c00d..a41afa2225f 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java @@ -1,14 +1,12 @@ // Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.hosted.node.admin.maintenance.identity; -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; import com.yahoo.vespa.athenz.api.AthenzService; import com.yahoo.vespa.athenz.client.zts.DefaultZtsClient; import com.yahoo.vespa.athenz.client.zts.InstanceIdentity; import com.yahoo.vespa.athenz.client.zts.ZtsClient; import com.yahoo.vespa.athenz.identity.ServiceIdentityProvider; +import com.yahoo.vespa.athenz.identityprovider.api.EntityBindingsMapper; import com.yahoo.vespa.athenz.identityprovider.api.IdentityDocumentClient; import com.yahoo.vespa.athenz.identityprovider.api.SignedIdentityDocument; import com.yahoo.vespa.athenz.identityprovider.api.VespaUniqueInstanceId; @@ -40,7 +38,6 @@ import java.security.cert.X509Certificate; import java.time.Clock; import java.time.Duration; import java.time.Instant; -import java.util.Base64; import java.util.Set; import static java.util.Collections.singleton; @@ -50,15 +47,12 @@ import static java.util.Collections.singleton; * * @author bjorncs */ -@SuppressWarnings("deprecation") // TODO Use new entity response types public class AthenzCredentialsMaintainer { private static final Duration EXPIRY_MARGIN = Duration.ofDays(1); private static final Duration REFRESH_PERIOD = Duration.ofDays(1); private static final Path CONTAINER_SIA_DIRECTORY = Paths.get("/var/lib/sia"); - private static final ObjectMapper objectMapper = new ObjectMapper().registerModule(new JavaTimeModule()); - private final boolean enabled; private final PrefixLogger log; private final String hostname; @@ -190,7 +184,7 @@ public class AthenzCredentialsMaintainer { configserverIdentity, containerIdentity, instanceId.asDottedString(), - toAttestationDataString(signedIdentityDocument), + EntityBindingsMapper.toAttestationData(signedIdentityDocument), false, csr); writePrivateKeyAndCertificate(keyPair.getPrivate(), instanceIdentity.certificate()); @@ -244,30 +238,6 @@ public class AthenzCredentialsMaintainer { } // TODO Move to vespa-athenz - private String toAttestationDataString(SignedIdentityDocument signedIdDoc) throws JsonProcessingException { - com.yahoo.vespa.athenz.identityprovider.api.IdentityDocument idDoc = signedIdDoc.identityDocument(); - com.yahoo.vespa.athenz.identityprovider.api.bindings.IdentityDocument identityDocumentPayload = - new com.yahoo.vespa.athenz.identityprovider.api.bindings.IdentityDocument( - com.yahoo.vespa.athenz.identityprovider.api.bindings.ProviderUniqueId.fromVespaUniqueInstanceId(idDoc.providerUniqueId()), - idDoc.configServerHostname(), - idDoc.instanceHostname(), - idDoc.createdAt(), - idDoc.ipAddresses()); - String rawIdentityDocument = Base64.getEncoder().encodeToString(objectMapper.writeValueAsString(identityDocumentPayload).getBytes()); - com.yahoo.vespa.athenz.identityprovider.api.bindings.SignedIdentityDocument payload = - new com.yahoo.vespa.athenz.identityprovider.api.bindings.SignedIdentityDocument( - rawIdentityDocument, - signedIdDoc.signature(), - signedIdDoc.signingKeyVersion(), - signedIdDoc.providerUniqueId().asDottedString(), - signedIdDoc.dnsSuffix(), - signedIdDoc.providerService().getFullName(), - signedIdDoc.ztsEndpoint(), - signedIdDoc.documentVersion()); - return objectMapper.writeValueAsString(payload); - } - - // TODO Move to vespa-athenz private static Path getPrivateKeyFile(Path root, AthenzService service) { return root .resolve("keys") |