Encapsulate pattern implementation in RequiredPeerCredential

author: Bjørn Christian Seime <bjorncs@verizonmedia.com> 2020-11-25 17:52:42 +0100
committer: Bjørn Christian Seime <bjorncs@verizonmedia.com> 2020-11-25 17:52:42 +0100
commit: 64e97d099cb33c32a1c890e734f50c66701b17a6 (patch)
tree: f92fdbb23d1019fa53e570096c04c2927a20bafb /security-utils/src/main/java
parent: 3ca30562411372bb23d3d871a24111e20f79892b (diff)
3 files changed, 27 insertions, 7 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializer.java b/security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializer.java
index 4f6d9264f51..49cae9aa7fb 100644
--- a/security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializer.java
+++ b/security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializer.java
@@ -8,7 +8,6 @@ import com.yahoo.security.tls.json.TransportSecurityOptionsEntity.CredentialFiel
 import com.yahoo.security.tls.json.TransportSecurityOptionsEntity.Files;
 import com.yahoo.security.tls.json.TransportSecurityOptionsEntity.RequiredCredential;
 import com.yahoo.security.tls.policy.AuthorizedPeers;
-import com.yahoo.security.tls.policy.HostGlobPattern;
 import com.yahoo.security.tls.policy.PeerPolicy;
 import com.yahoo.security.tls.policy.RequiredPeerCredential;
 import com.yahoo.security.tls.policy.Role;
@@ -119,7 +118,7 @@ public class TransportSecurityOptionsJsonSerializer {
         if (requiredCredential.matchExpression == null) {
             throw missingFieldException("must-match");
         }
-        return new RequiredPeerCredential(toField(requiredCredential.field), new HostGlobPattern(requiredCredential.matchExpression));
+        return RequiredPeerCredential.of(toField(requiredCredential.field), requiredCredential.matchExpression);
     }
 
     private static RequiredPeerCredential.Field toField(CredentialField field) {
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/policy/HostGlobPattern.java b/security-utils/src/main/java/com/yahoo/security/tls/policy/HostGlobPattern.java
index c7acf5dfbeb..e8798686e05 100644
--- a/security-utils/src/main/java/com/yahoo/security/tls/policy/HostGlobPattern.java
+++ b/security-utils/src/main/java/com/yahoo/security/tls/policy/HostGlobPattern.java
@@ -7,20 +7,22 @@ import java.util.regex.Pattern;
 /**
  * @author bjorncs
  */
-public class HostGlobPattern {
+class HostGlobPattern implements RequiredPeerCredential.Pattern {
 
     private final String pattern;
     private final Pattern regexPattern;
 
-    public HostGlobPattern(String pattern) {
+    HostGlobPattern(String pattern) {
         this.pattern = pattern;
         this.regexPattern = toRegexPattern(pattern);
     }
 
+    @Override
     public String asString() {
         return pattern;
     }
 
+    @Override
     public boolean matches(String hostString) {
         return regexPattern.matcher(hostString).matches();
     }
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/policy/RequiredPeerCredential.java b/security-utils/src/main/java/com/yahoo/security/tls/policy/RequiredPeerCredential.java
index 4f028d8b1ab..1eef3a67521 100644
--- a/security-utils/src/main/java/com/yahoo/security/tls/policy/RequiredPeerCredential.java
+++ b/security-utils/src/main/java/com/yahoo/security/tls/policy/RequiredPeerCredential.java
@@ -11,18 +11,32 @@ public class RequiredPeerCredential {
     public enum Field { CN, SAN_DNS }
 
     private final Field field;
-    private final HostGlobPattern pattern;
+    private final Pattern pattern;
 
-    public RequiredPeerCredential(Field field, HostGlobPattern pattern) {
+    private RequiredPeerCredential(Field field, Pattern pattern) {
         this.field = field;
         this.pattern = pattern;
     }
 
+    public static RequiredPeerCredential of(Field field, String pattern) {
+        return new RequiredPeerCredential(field, createPattern(field, pattern));
+    }
+
+    private static Pattern createPattern(Field field, String pattern) {
+        switch (field) {
+            case CN:
+            case SAN_DNS:
+                return new HostGlobPattern(pattern);
+            default:
+                throw new IllegalArgumentException("Unknown field: " + field);
+        }
+    }
+
     public Field field() {
         return field;
     }
 
-    public HostGlobPattern pattern() {
+    public Pattern pattern() {
         return pattern;
     }
 
@@ -47,4 +61,9 @@ public class RequiredPeerCredential {
     public int hashCode() {
         return Objects.hash(field, pattern);
     }
+
+    public interface Pattern {
+        String asString();
+        boolean matches(String fieldValue);
+    }
 }
author	Bjørn Christian Seime <bjorncs@verizonmedia.com>	2020-11-25 17:52:42 +0100
committer	Bjørn Christian Seime <bjorncs@verizonmedia.com>	2020-11-25 17:52:42 +0100
commit	64e97d099cb33c32a1c890e734f50c66701b17a6 (patch)
tree	f92fdbb23d1019fa53e570096c04c2927a20bafb /security-utils/src/main/java
parent	3ca30562411372bb23d3d871a24111e20f79892b (diff)