Rename TlsPrincipal -> NodePrincipal

author: Bjørn Christian Seime <bjorncs@oath.com> 2018-04-19 12:45:33 +0200
committer: Bjørn Christian Seime <bjorncs@oath.com> 2018-04-19 12:45:33 +0200
commit: 730cb6dc10b4012002a6c5c49f140c33a55ba1ea (patch)
tree: 726db05ea849cbe75141abdd74282b9f2036db24 /node-repository
parent: ecb9bedb7d86af19836e82537d0934e996a0eb89 (diff)
4 files changed, 9 insertions, 11 deletions
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/AuthorizationFilter.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/AuthorizationFilter.java
index 360a6a1aa73..ccc09aad24a 100644
--- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/AuthorizationFilter.java
+++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/AuthorizationFilter.java
@@ -70,7 +70,7 @@ public class AuthorizationFilter implements SecurityRequestFilter {
             List<X509Certificate> clientCertificateChain = request.getClientCertificateChain();
             if (clientCertificateChain.isEmpty())
                 return Optional.of(ErrorResponse.unauthorized(createErrorMessage(request, "Missing credentials")));
-            TlsPrincipal hostIdentity = hostAuthenticator.authenticate(clientCertificateChain);
+            NodePrincipal hostIdentity = hostAuthenticator.authenticate(clientCertificateChain);
             if (!authorizer.test(hostIdentity, request.getUri()))
                 return Optional.of(ErrorResponse.forbidden(createErrorMessage(request, "Invalid credentials")));
             request.setUserPrincipal(hostIdentity);
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/HostAuthenticator.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/HostAuthenticator.java
index a6e56e2073d..de8d117de11 100644
--- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/HostAuthenticator.java
+++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/HostAuthenticator.java
@@ -33,7 +33,7 @@ class HostAuthenticator {
         this.nodeRepository = nodeRepository;
     }
 
-    TlsPrincipal authenticate(List<X509Certificate> certificateChain) throws AuthenticationException {
+    NodePrincipal authenticate(List<X509Certificate> certificateChain) throws AuthenticationException {
         X509Certificate clientCertificate = certificateChain.get(0);
         String subjectCommonName = X509CertificateUtils.getSubjectCommonNames(clientCertificate).stream()
                 .findFirst()
@@ -51,10 +51,10 @@ class HostAuthenticator {
                 default:
                     throw new AuthenticationException("Untrusted common name in subject: " + subjectCommonName);
             }
-            return new TlsPrincipal(hostname, certificateChain);
+            return new NodePrincipal(hostname, certificateChain);
         } else { // self-signed where common name is hostname
             // TODO Remove this branch once self-signed certificates are gone
-            return new TlsPrincipal(subjectCommonName, certificateChain);
+            return new NodePrincipal(subjectCommonName, certificateChain);
         }
     }
 
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/TlsPrincipal.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/NodePrincipal.java
index 227c514160b..dbff2b0da34 100644
--- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/TlsPrincipal.java
+++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/NodePrincipal.java
@@ -1,8 +1,6 @@
 // Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
 package com.yahoo.vespa.hosted.provision.restapi.v2.filter;
 
-import com.yahoo.vespa.athenz.tls.SubjectAlternativeName;
-
 import java.security.Principal;
 import java.security.cert.X509Certificate;
 import java.util.List;
@@ -10,11 +8,11 @@ import java.util.List;
 /**
  * @author bjorncs
  */
-public class TlsPrincipal implements Principal {
+public class NodePrincipal implements Principal {
     private final String hostIdentity;
     private final List<X509Certificate> clientCertificateChain;
 
-    public TlsPrincipal(String hostIdentity, List<X509Certificate> clientCertificateChain) {
+    public NodePrincipal(String hostIdentity, List<X509Certificate> clientCertificateChain) {
         this.hostIdentity = hostIdentity;
         this.clientCertificateChain = clientCertificateChain;
     }
diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/HostAuthenticatorTest.java b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/HostAuthenticatorTest.java
index fa6c25c189b..e301d8a80f9 100644
--- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/HostAuthenticatorTest.java
+++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/HostAuthenticatorTest.java
@@ -55,7 +55,7 @@ public class HostAuthenticatorTest {
                         KEYPAIR, new X500Principal("CN=" + HOSTNAME), Instant.EPOCH, Instant.EPOCH.plusSeconds(60), SHA256_WITH_RSA, 1)
                 .build();
         HostAuthenticator authenticator = new HostAuthenticator(ZONE, nodeRepositoryDummy.nodeRepository());
-        TlsPrincipal identity = authenticator.authenticate(singletonList(certificate));
+        NodePrincipal identity = authenticator.authenticate(singletonList(certificate));
         assertEquals(HOSTNAME, identity.getName());
     }
 
@@ -72,7 +72,7 @@ public class HostAuthenticatorTest {
                 .addSubjectAlternativeName(OPENSTACK_ID + ".instanceid.athenz.provider-name.ostk.yahoo.cloud")
                 .build();
         HostAuthenticator authenticator = new HostAuthenticator(ZONE, nodeRepositoryDummy.nodeRepository());
-        TlsPrincipal identity = authenticator.authenticate(singletonList(certificate));
+        NodePrincipal identity = authenticator.authenticate(singletonList(certificate));
         assertEquals(HOSTNAME, identity.getName());
     }
 
@@ -96,7 +96,7 @@ public class HostAuthenticatorTest {
                 .addSubjectAlternativeName(vespaUniqueInstanceId.asDottedString() + ".instanceid.athenz.provider-name.vespa.yahoo.cloud")
                 .build();
         HostAuthenticator authenticator = new HostAuthenticator(ZONE, nodeRepositoryDummy.nodeRepository());
-        TlsPrincipal identity = authenticator.authenticate(singletonList(certificate));
+        NodePrincipal identity = authenticator.authenticate(singletonList(certificate));
         assertEquals(HOSTNAME, identity.getName());
     }
author	Bjørn Christian Seime <bjorncs@oath.com>	2018-04-19 12:45:33 +0200
committer	Bjørn Christian Seime <bjorncs@oath.com>	2018-04-19 12:45:33 +0200
commit	730cb6dc10b4012002a6c5c49f140c33a55ba1ea (patch)
tree	726db05ea849cbe75141abdd74282b9f2036db24 /node-repository
parent	ecb9bedb7d86af19836e82537d0934e996a0eb89 (diff)