diff options
author | Bjørn Christian Seime <bjorncs@oath.com> | 2018-11-26 13:48:40 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@oath.com> | 2018-11-26 13:53:02 +0100 |
commit | 2e6f1bbac52aa20856ee8feaefd810360298d0b3 (patch) | |
tree | 5934130d1380f8c8d22be4dfb465a81ee4ba4d63 /security-utils | |
parent | 4e6a8029faa24db84df281092a8ab71c00558c99 (diff) |
Make 'roles' field optional
Diffstat (limited to 'security-utils')
2 files changed, 7 insertions, 5 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsEntity.java b/security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsEntity.java index be2027f1c7d..bcd5b193493 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsEntity.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsEntity.java @@ -30,7 +30,7 @@ class TransportSecurityOptionsEntity { static class AuthorizedPeer { @JsonProperty("required-credentials") List<RequiredCredential> requiredCredentials = new ArrayList<>(); @JsonProperty("name") String name; - @JsonProperty("roles") List<String> roles = new ArrayList<>(); + @JsonProperty("roles") @JsonInclude(NON_EMPTY) List<String> roles; } static class RequiredCredential { diff --git a/security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializer.java b/security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializer.java index 8b7c860fd85..cfabd81cf44 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializer.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializer.java @@ -19,6 +19,7 @@ import java.io.OutputStream; import java.io.UncheckedIOException; import java.nio.file.Paths; import java.util.ArrayList; +import java.util.Collections; import java.util.List; import java.util.Set; @@ -85,13 +86,11 @@ public class TransportSecurityOptionsJsonSerializer { if (authorizedPeer.requiredCredentials.isEmpty()) { throw missingFieldException("required-credentials"); } - if (authorizedPeer.roles.isEmpty()) { - throw missingFieldException("roles"); - } return new PeerPolicy(authorizedPeer.name, toRoles(authorizedPeer.roles), toRequestPeerCredentials(authorizedPeer.requiredCredentials)); } private static Set<Role> toRoles(List<String> roles) { + if (roles == null) return Collections.emptySet(); return roles.stream() .map(Role::new) .collect(toSet()); @@ -138,7 +137,10 @@ public class TransportSecurityOptionsJsonSerializer { requiredCredential.matchExpression = requiredPeerCredential.pattern().asString(); authorizedPeer.requiredCredentials.add(requiredCredential); } - peerPolicy.assumedRoles().forEach(role -> authorizedPeer.roles.add(role.name())); + if (!peerPolicy.assumedRoles().isEmpty()) { + authorizedPeer.roles = new ArrayList<>(); + peerPolicy.assumedRoles().forEach(role -> authorizedPeer.roles.add(role.name())); + } entity.authorizedPeers.add(authorizedPeer); } }); |