Optional identity document. Skip in public

author: Ola Aunronning <olaa@yahooinc.com> 2023-04-26 14:11:31 +0200
committer: Ola Aunronning <olaa@yahooinc.com> 2023-04-26 14:11:31 +0200
commit: 6d58df3ac8ab8e94eb3b7f71d9a3792f97d63e56 (patch)
tree: b8df4dc92eb8e512889c0e003abd7b9d8d5d9e86 /vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider
parent: 46239c2babb3025e98222cd5cf72856767a1289d (diff)
3 files changed, 10 insertions, 6 deletions
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/IdentityDocumentClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/IdentityDocumentClient.java
index 0e13cba8de9..a3c2f0264d3 100644
--- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/IdentityDocumentClient.java
+++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/IdentityDocumentClient.java
@@ -1,6 +1,7 @@
 // Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
 package com.yahoo.vespa.athenz.identityprovider.api;
 
+import java.util.Optional;
 import java.util.OptionalInt;
 
 /**
@@ -10,5 +11,5 @@ import java.util.OptionalInt;
  */
 public interface IdentityDocumentClient {
     SignedIdentityDocument getNodeIdentityDocument(String host, int documentVersion);
-    SignedIdentityDocument getTenantIdentityDocument(String host, int documentVersion);
+    Optional<SignedIdentityDocument> getTenantIdentityDocument(String host, int documentVersion);
 }
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzCredentialsService.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzCredentialsService.java
index 1858653c9b4..d26386702d5 100644
--- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzCredentialsService.java
+++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzCredentialsService.java
@@ -76,7 +76,7 @@ class AthenzCredentialsService {
         KeyPair keyPair = KeyUtils.generateKeypair(KeyAlgorithm.RSA);
         IdentityDocumentClient identityDocumentClient = createIdentityDocumentClient();
         // Use legacy version for now.
-        SignedIdentityDocument signedDocument = identityDocumentClient.getTenantIdentityDocument(hostname, SignedIdentityDocument.LEGACY_DEFAULT_DOCUMENT_VERSION);
+        SignedIdentityDocument signedDocument = identityDocumentClient.getTenantIdentityDocument(hostname, SignedIdentityDocument.LEGACY_DEFAULT_DOCUMENT_VERSION).orElseThrow();
         IdentityDocument document = signedDocument.identityDocument();
         Pkcs10Csr csr = csrGenerator.generateInstanceCsr(
                 tenantIdentity,
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/DefaultIdentityDocumentClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/DefaultIdentityDocumentClient.java
index 48fc021dced..f95a3335c24 100644
--- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/DefaultIdentityDocumentClient.java
+++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/DefaultIdentityDocumentClient.java
@@ -23,6 +23,7 @@ import java.io.IOException;
 import java.io.UncheckedIOException;
 import java.net.URI;
 import java.time.Duration;
+import java.util.Optional;
 import java.util.function.Supplier;
 
 /**
@@ -57,15 +58,15 @@ public class DefaultIdentityDocumentClient implements IdentityDocumentClient {
 
     @Override
     public SignedIdentityDocument getNodeIdentityDocument(String host, int documentVersion) {
-        return getIdentityDocument(host, "node", documentVersion);
+        return getIdentityDocument(host, "node", documentVersion).orElseThrow();
     }
 
     @Override
-    public SignedIdentityDocument getTenantIdentityDocument(String host, int documentVersion) {
+    public Optional<SignedIdentityDocument> getTenantIdentityDocument(String host, int documentVersion) {
         return getIdentityDocument(host, "tenant", documentVersion);
     }
 
-    private SignedIdentityDocument getIdentityDocument(String host, String type, int documentVersion) {
+    private Optional<SignedIdentityDocument> getIdentityDocument(String host, String type, int documentVersion) {
 
         try (CloseableHttpClient client = createHttpClient(sslContextSupplier.get(), hostnameVerifier)) {
             URI uri = configserverUri
@@ -83,7 +84,9 @@ public class DefaultIdentityDocumentClient implements IdentityDocumentClient {
                 int statusCode = response.getStatusLine().getStatusCode();
                 if (statusCode >= 200 && statusCode <= 299) {
                     SignedIdentityDocumentEntity entity = objectMapper.readValue(responseContent, SignedIdentityDocumentEntity.class);
-                    return EntityBindingsMapper.toSignedIdentityDocument(entity);
+                    return Optional.of(EntityBindingsMapper.toSignedIdentityDocument(entity));
+                } else if (statusCode == 404) {
+                    return Optional.empty();
                 } else {
                     throw new RuntimeException(
                             String.format(
author	Ola Aunronning <olaa@yahooinc.com>	2023-04-26 14:11:31 +0200
committer	Ola Aunronning <olaa@yahooinc.com>	2023-04-26 14:11:31 +0200
commit	6d58df3ac8ab8e94eb3b7f71d9a3792f97d63e56 (patch)
tree	b8df4dc92eb8e512889c0e003abd7b9d8d5d9e86 /vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider
parent	46239c2babb3025e98222cd5cf72856767a1289d (diff)