diff options
| author | jonmv <venstad@gmail.com> | 2022-05-04 16:20:14 +0200 |
|---|---|---|
| committer | jonmv <venstad@gmail.com> | 2022-05-04 16:20:14 +0200 |
| commit | 4204e6ea8a1f133dce2ac9d7265c45e5d4c84395 (patch) | |
| tree | e4a0c425340930be65abe5ee8f886b41dd6deb3b /tenant-cd-commons | |
| parent | 565de130d7a7a176d6658cce756288831ec3f387 (diff) | |
Expose EndpointAuthenticator
Diffstat (limited to 'tenant-cd-commons')
5 files changed, 9 insertions, 43 deletions
diff --git a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/DefaultEndpointAuthenticator.java b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/DefaultEndpointAuthenticator.java index b52abddba07..b8030afd901 100644 --- a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/DefaultEndpointAuthenticator.java +++ b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/DefaultEndpointAuthenticator.java @@ -2,6 +2,7 @@ package ai.vespa.hosted.cd.commons; import ai.vespa.hosted.api.Properties; +import ai.vespa.hosted.cd.EndpointAuthenticator; import com.yahoo.config.provision.SystemName; import com.yahoo.security.KeyUtils; import com.yahoo.security.SslContextBuilder; diff --git a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/EndpointAuthenticator.java b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/EndpointAuthenticator.java deleted file mode 100644 index 590f49f0124..00000000000 --- a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/EndpointAuthenticator.java +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package ai.vespa.hosted.cd.commons; - -import javax.net.ssl.SSLContext; -import java.net.http.HttpRequest; -import java.security.NoSuchAlgorithmException; -import java.util.List; -import java.util.Map; - -/** - * Adds environment dependent authentication to HTTP request against Vespa deployments. - * - * An implementation typically needs to override either of the methods in this interface, - * and needs to run in different environments, e.g., local user testing and automatic testing - * in a deployment pipeline. - * - * @author jonmv - */ -public interface EndpointAuthenticator { - - /** Returns an SSLContext which provides authentication against a Vespa endpoint. */ - default SSLContext sslContext() { - try { - return SSLContext.getDefault(); - } catch (NoSuchAlgorithmException e) { - throw new RuntimeException(e); - } - } - - /** Adds necessary authentication data to the given HTTP request builder, to pass the data plane of a Vespa endpoint. */ - default HttpRequest.Builder authenticated(HttpRequest.Builder request) { - Map<String, List<String>> headers = request.build().headers().map(); - authorizationHeaders().forEach((name, value) -> { - if ( ! headers.containsKey(name)) - request.setHeader(name, value); - }); - return request; - } - - default Map<String, String> authorizationHeaders() { - return Map.of(); - } -} diff --git a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/FeedClientBuilder.java b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/FeedClientBuilder.java index 892c8b63645..7e7355ae6d4 100644 --- a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/FeedClientBuilder.java +++ b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/FeedClientBuilder.java @@ -3,6 +3,7 @@ package ai.vespa.hosted.cd.commons; import ai.vespa.feed.client.impl.FeedClientBuilderImpl; +import ai.vespa.hosted.cd.EndpointAuthenticator; import java.util.Objects; import java.util.concurrent.atomic.AtomicReference; diff --git a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/HttpDeployment.java b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/HttpDeployment.java index 347d772b148..1abdc4d4297 100644 --- a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/HttpDeployment.java +++ b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/HttpDeployment.java @@ -3,6 +3,7 @@ package ai.vespa.hosted.cd.commons; import ai.vespa.hosted.cd.Deployment; import ai.vespa.hosted.cd.Endpoint; +import ai.vespa.hosted.cd.EndpointAuthenticator; import java.net.URI; import java.util.Map; diff --git a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/HttpEndpoint.java b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/HttpEndpoint.java index fdca5c6e69b..0e5f42fa178 100644 --- a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/HttpEndpoint.java +++ b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/HttpEndpoint.java @@ -2,6 +2,7 @@ package ai.vespa.hosted.cd.commons; import ai.vespa.hosted.cd.Endpoint; +import ai.vespa.hosted.cd.EndpointAuthenticator; import javax.net.ssl.SSLParameters; import java.io.IOException; @@ -47,6 +48,11 @@ public class HttpEndpoint implements Endpoint { } @Override + public EndpointAuthenticator authenticator() { + return authenticator; + } + + @Override public <T> HttpResponse<T> send(HttpRequest.Builder request, HttpResponse.BodyHandler<T> handler) { try { return client.send(authenticator.authenticated(request).build(), handler); |