Ignore cluster type in identity document signature

author: Bjørn Christian Seime <bjorncs@yahooinc.com> 2023-02-07 10:57:22 +0100
committer: Bjørn Christian Seime <bjorncs@yahooinc.com> 2023-02-07 10:57:22 +0100
commit: 97d4ece6766db04fe0306d78ce6af7a9e582ce46 (patch)
tree: 808c9854eb691acdb8d6c257911f4162627336d6 /vespa-athenz/src/test/java
parent: 0a44cf455dd74557f1dd769954f5e66e52089330 (diff)
1 files changed, 11 insertions, 6 deletions
diff --git a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/IdentityDocumentSignerTest.java b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/IdentityDocumentSignerTest.java
index f53518d9a07..0b8ff4277f1 100644
--- a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/IdentityDocumentSignerTest.java
+++ b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/IdentityDocumentSignerTest.java
@@ -17,6 +17,7 @@ import java.util.HashSet;
 
 import static com.yahoo.vespa.athenz.identityprovider.api.IdentityType.TENANT;
 import static com.yahoo.vespa.athenz.identityprovider.api.SignedIdentityDocument.DEFAULT_DOCUMENT_VERSION;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
@@ -41,7 +42,7 @@ public class IdentityDocumentSignerTest {
         IdentityDocumentSigner signer = new IdentityDocumentSigner();
         String signature =
                 signer.generateSignature(id, providerService, configserverHostname, instanceHostname, createdAt,
-                                         ipAddresses, identityType, clusterType, keyPair.getPrivate());
+                                         ipAddresses, identityType, keyPair.getPrivate());
 
         SignedIdentityDocument signedIdentityDocument = new SignedIdentityDocument(
                 signature, KEY_VERSION, id, providerService, DEFAULT_DOCUMENT_VERSION, configserverHostname,
@@ -51,17 +52,21 @@ public class IdentityDocumentSignerTest {
     }
 
     @Test
-    void handles_missing_cluster_type() {
+    void ignores_cluster_type() {
         IdentityDocumentSigner signer = new IdentityDocumentSigner();
         String signature =
                 signer.generateSignature(id, providerService, configserverHostname, instanceHostname, createdAt,
-                                         ipAddresses, identityType, /*clusterType*/null, keyPair.getPrivate());
+                                         ipAddresses, identityType, keyPair.getPrivate());
 
-        SignedIdentityDocument signedIdentityDocument = new SignedIdentityDocument(
+        var docWithoutClusterType = new SignedIdentityDocument(
+                signature, KEY_VERSION, id, providerService, DEFAULT_DOCUMENT_VERSION, configserverHostname,
+                instanceHostname, createdAt, ipAddresses, identityType, null);
+        var docWithClusterType = new SignedIdentityDocument(
                 signature, KEY_VERSION, id, providerService, DEFAULT_DOCUMENT_VERSION, configserverHostname,
-                instanceHostname, createdAt, ipAddresses, identityType, /*clusterType*/null);
+                instanceHostname, createdAt, ipAddresses, identityType, clusterType);
 
-        assertTrue(signer.hasValidSignature(signedIdentityDocument, keyPair.getPublic()));
+        assertTrue(signer.hasValidSignature(docWithoutClusterType, keyPair.getPublic()));
+        assertEquals(docWithClusterType.signature(), docWithoutClusterType.signature());
     }
 
 }
 \ No newline at end of file
author	Bjørn Christian Seime <bjorncs@yahooinc.com>	2023-02-07 10:57:22 +0100
committer	Bjørn Christian Seime <bjorncs@yahooinc.com>	2023-02-07 10:57:22 +0100
commit	97d4ece6766db04fe0306d78ce6af7a9e582ce46 (patch)
tree	808c9854eb691acdb8d6c257911f4162627336d6 /vespa-athenz/src/test/java
parent	0a44cf455dd74557f1dd769954f5e66e52089330 (diff)