diff options
author | Jon Marius Venstad <jvenstad@yahoo-inc.com> | 2019-06-13 14:24:49 +0200 |
---|---|---|
committer | Jon Marius Venstad <jvenstad@yahoo-inc.com> | 2019-06-13 14:24:49 +0200 |
commit | 17579280e419347d76ff950ebac88844c27a4d8e (patch) | |
tree | 7c40f096cef1cec6529eaacfbd9f250cf9c8b261 /tenant-auth | |
parent | 2bb71582b979a83a39260f3f11466737b94ee47f (diff) |
Separate API and deployment authenticators
Diffstat (limited to 'tenant-auth')
-rw-r--r-- | tenant-auth/src/main/java/ai/vespa/hosted/auth/ApiAuthenticator.java | 16 | ||||
-rw-r--r-- | tenant-auth/src/main/java/ai/vespa/hosted/auth/EndpointAuthenticator.java (renamed from tenant-auth/src/main/java/ai/vespa/hosted/auth/Authenticator.java) | 20 |
2 files changed, 21 insertions, 15 deletions
diff --git a/tenant-auth/src/main/java/ai/vespa/hosted/auth/ApiAuthenticator.java b/tenant-auth/src/main/java/ai/vespa/hosted/auth/ApiAuthenticator.java new file mode 100644 index 00000000000..2b5bbb188dc --- /dev/null +++ b/tenant-auth/src/main/java/ai/vespa/hosted/auth/ApiAuthenticator.java @@ -0,0 +1,16 @@ +package ai.vespa.hosted.auth; + +import ai.vespa.hosted.api.ControllerHttpClient; +import ai.vespa.hosted.api.Properties; + +public class ApiAuthenticator implements ai.vespa.hosted.api.ApiAuthenticator { + + /** Returns an authenticating controller client, using private key signatures for authentication. */ + @Override + public ControllerHttpClient controller() { + return ControllerHttpClient.withSignatureKey(Properties.endpoint(), + Properties.privateKeyFile(), + Properties.application()); + } + +} diff --git a/tenant-auth/src/main/java/ai/vespa/hosted/auth/Authenticator.java b/tenant-auth/src/main/java/ai/vespa/hosted/auth/EndpointAuthenticator.java index f2de1f1e210..abb4197bda1 100644 --- a/tenant-auth/src/main/java/ai/vespa/hosted/auth/Authenticator.java +++ b/tenant-auth/src/main/java/ai/vespa/hosted/auth/EndpointAuthenticator.java @@ -1,8 +1,6 @@ package ai.vespa.hosted.auth; -import ai.vespa.hosted.api.ControllerHttpClient; -import ai.vespa.hosted.api.Properties; -import com.yahoo.config.provision.ApplicationId; +import com.yahoo.config.provision.SystemName; import com.yahoo.security.KeyUtils; import com.yahoo.security.SslContextBuilder; import com.yahoo.security.X509CertificateUtils; @@ -10,11 +8,9 @@ import com.yahoo.security.X509CertificateUtils; import javax.net.ssl.SSLContext; import java.io.IOException; import java.io.UncheckedIOException; -import java.net.URI; import java.net.http.HttpRequest; import java.nio.file.Files; import java.nio.file.Path; -import java.nio.file.Paths; import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.cert.X509Certificate; @@ -22,14 +18,16 @@ import java.time.Instant; import java.util.Optional; import static ai.vespa.hosted.api.Properties.getNonBlankProperty; -import static ai.vespa.hosted.api.Properties.requireNonBlankProperty; /** * Authenticates against the hosted Vespa API using private key signatures, and against Vespa applications using mutual TLS. * * @author jonmv */ -public class Authenticator implements ai.vespa.hosted.api.Authenticator { +public class EndpointAuthenticator implements ai.vespa.hosted.api.EndpointAuthenticator { + + /** Don't touch. */ + public EndpointAuthenticator(@SuppressWarnings("unused") SystemName __) { } /** * If {@code System.getProperty("vespa.test.credentials.root")} is set, key and certificate files @@ -67,12 +65,4 @@ public class Authenticator implements ai.vespa.hosted.api.Authenticator { return request; } - /** Returns an authenticating controller client, using the (overridable) project properties of this Vespa application. */ - @Override - public ControllerHttpClient controller() { - return ControllerHttpClient.withSignatureKey(Properties.endpoint(), - Properties.privateKeyFile(), - Properties.application()); - } - } |