diff options
author | Martin Polden <mpolden@mpolden.no> | 2020-10-29 09:15:44 +0100 |
---|---|---|
committer | Martin Polden <mpolden@mpolden.no> | 2020-10-29 09:41:39 +0100 |
commit | c0cbed188c1e6cf2bc98e17d23b970b2ede8753c (patch) | |
tree | 3efd42d138db1d16a9677d25c94c75ad4556f4e7 /vespa-athenz/src/main | |
parent | 94d7e79bcebda73213abdf1b162487a4fa021768 (diff) |
Do not implement unexported interface
Diffstat (limited to 'vespa-athenz/src/main')
-rw-r--r-- | vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java (renamed from vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentialsProvider.java) | 29 |
1 files changed, 8 insertions, 21 deletions
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentialsProvider.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java index 48c6bea6174..b027e7272ea 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentialsProvider.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java @@ -1,9 +1,6 @@ // Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.athenz.aws; -import com.amazonaws.auth.AWSCredentials; -import com.amazonaws.auth.AWSCredentialsProvider; -import com.amazonaws.auth.BasicSessionCredentials; import com.yahoo.vespa.athenz.api.AthenzDomain; import com.yahoo.vespa.athenz.api.AwsRole; import com.yahoo.vespa.athenz.api.AwsTemporaryCredentials; @@ -18,11 +15,11 @@ import java.time.Instant; import java.util.Optional; /** - * Implementation of {@link AWSCredentialsProvider} that uses {@link ZtsClient} to retrieve temporary credentials. + * Retrieve {@link AwsTemporaryCredentials} through {@link ZtsClient}. * * @author tokle */ -public class AwsCredentialsProvider implements AWSCredentialsProvider { +public class AwsCredentials { private final static Duration MIN_EXPIRY = Duration.ofMinutes(5); private final AthenzDomain athenzDomain; @@ -30,42 +27,31 @@ public class AwsCredentialsProvider implements AWSCredentialsProvider { private final ZtsClient ztsClient; private volatile AwsTemporaryCredentials credentials; - public AwsCredentialsProvider(ZtsClient ztsClient, AthenzDomain athenzDomain, AwsRole awsRole) { + public AwsCredentials(ZtsClient ztsClient, AthenzDomain athenzDomain, AwsRole awsRole) { this.ztsClient = ztsClient; this.athenzDomain = athenzDomain; this.awsRole = awsRole; - this.credentials = getAthenzTempCredentials(); + this.credentials = get(); } - public AwsCredentialsProvider(URI ztsUrl, ServiceIdentityProvider identityProvider, AthenzDomain athenzDomain, AwsRole awsRole) { + public AwsCredentials(URI ztsUrl, ServiceIdentityProvider identityProvider, AthenzDomain athenzDomain, AwsRole awsRole) { this(new DefaultZtsClient(ztsUrl, identityProvider), athenzDomain, awsRole); } - public AwsCredentialsProvider(URI ztsUrl, SSLContext sslContext, AthenzDomain athenzDomain, AwsRole awsRole) { + public AwsCredentials(URI ztsUrl, SSLContext sslContext, AthenzDomain athenzDomain, AwsRole awsRole) { this(new DefaultZtsClient(ztsUrl, sslContext), athenzDomain, awsRole); } /** * Requests temporary credentials from ZTS or return cached credentials */ - private AwsTemporaryCredentials getAthenzTempCredentials() { + public AwsTemporaryCredentials get() { if(shouldRefresh(credentials)) { this.credentials = ztsClient.getAwsTemporaryCredentials(athenzDomain, awsRole); } return credentials; } - @Override - public AWSCredentials getCredentials() { - AwsTemporaryCredentials creds = getAthenzTempCredentials(); - return new BasicSessionCredentials(creds.accessKeyId(), creds.secretAccessKey(), creds.sessionToken()); - } - - @Override - public void refresh() { - getAthenzTempCredentials(); - } - /* * Checks credential expiration, returns true if it will expipre in the next MIN_EXPIRY minutes */ @@ -73,4 +59,5 @@ public class AwsCredentialsProvider implements AWSCredentialsProvider { Instant expiration = Optional.ofNullable(credentials).map(AwsTemporaryCredentials::expiration).orElse(Instant.EPOCH); return Duration.between(Instant.now(), expiration).toMinutes() < MIN_EXPIRY.toMinutes(); } + } |