diff options
author | jonmv <venstad@gmail.com> | 2022-05-04 16:20:14 +0200 |
---|---|---|
committer | jonmv <venstad@gmail.com> | 2022-05-04 16:20:14 +0200 |
commit | 4204e6ea8a1f133dce2ac9d7265c45e5d4c84395 (patch) | |
tree | e4a0c425340930be65abe5ee8f886b41dd6deb3b /tenant-cd-api/src/main/java/ai/vespa/hosted/cd/EndpointAuthenticator.java | |
parent | 565de130d7a7a176d6658cce756288831ec3f387 (diff) |
Expose EndpointAuthenticator
Diffstat (limited to 'tenant-cd-api/src/main/java/ai/vespa/hosted/cd/EndpointAuthenticator.java')
-rw-r--r-- | tenant-cd-api/src/main/java/ai/vespa/hosted/cd/EndpointAuthenticator.java | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/tenant-cd-api/src/main/java/ai/vespa/hosted/cd/EndpointAuthenticator.java b/tenant-cd-api/src/main/java/ai/vespa/hosted/cd/EndpointAuthenticator.java new file mode 100644 index 00000000000..8985375fce2 --- /dev/null +++ b/tenant-cd-api/src/main/java/ai/vespa/hosted/cd/EndpointAuthenticator.java @@ -0,0 +1,43 @@ +// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package ai.vespa.hosted.cd; + +import javax.net.ssl.SSLContext; +import java.net.http.HttpRequest; +import java.security.NoSuchAlgorithmException; +import java.util.List; +import java.util.Map; + +/** + * Adds environment dependent authentication to HTTP request against Vespa deployments. + * + * An implementation typically needs to override either of the methods in this interface, + * and needs to run in different environments, e.g., local user testing and automatic testing + * in a deployment pipeline. + * + * @author jonmv + */ +public interface EndpointAuthenticator { + + /** Returns an SSLContext which provides authentication against a Vespa endpoint. */ + default SSLContext sslContext() { + try { + return SSLContext.getDefault(); + } catch (NoSuchAlgorithmException e) { + throw new RuntimeException(e); + } + } + + /** Adds necessary authentication data to the given HTTP request builder, to pass the data plane of a Vespa endpoint. */ + default HttpRequest.Builder authenticated(HttpRequest.Builder request) { + Map<String, List<String>> headers = request.build().headers().map(); + authorizationHeaders().forEach((name, value) -> { + if ( ! headers.containsKey(name)) + request.setHeader(name, value); + }); + return request; + } + + default Map<String, String> authorizationHeaders() { + return Map.of(); + } +} |