diff options
author | Ola Aunronning <olaa@yahooinc.com> | 2023-04-26 14:11:31 +0200 |
---|---|---|
committer | Ola Aunronning <olaa@yahooinc.com> | 2023-04-26 14:11:31 +0200 |
commit | 6d58df3ac8ab8e94eb3b7f71d9a3792f97d63e56 (patch) | |
tree | b8df4dc92eb8e512889c0e003abd7b9d8d5d9e86 /vespa-athenz/src | |
parent | 46239c2babb3025e98222cd5cf72856767a1289d (diff) |
Optional identity document. Skip in public
Diffstat (limited to 'vespa-athenz/src')
3 files changed, 10 insertions, 6 deletions
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/IdentityDocumentClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/IdentityDocumentClient.java index 0e13cba8de9..a3c2f0264d3 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/IdentityDocumentClient.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/IdentityDocumentClient.java @@ -1,6 +1,7 @@ // Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.athenz.identityprovider.api; +import java.util.Optional; import java.util.OptionalInt; /** @@ -10,5 +11,5 @@ import java.util.OptionalInt; */ public interface IdentityDocumentClient { SignedIdentityDocument getNodeIdentityDocument(String host, int documentVersion); - SignedIdentityDocument getTenantIdentityDocument(String host, int documentVersion); + Optional<SignedIdentityDocument> getTenantIdentityDocument(String host, int documentVersion); } diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzCredentialsService.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzCredentialsService.java index 1858653c9b4..d26386702d5 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzCredentialsService.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzCredentialsService.java @@ -76,7 +76,7 @@ class AthenzCredentialsService { KeyPair keyPair = KeyUtils.generateKeypair(KeyAlgorithm.RSA); IdentityDocumentClient identityDocumentClient = createIdentityDocumentClient(); // Use legacy version for now. - SignedIdentityDocument signedDocument = identityDocumentClient.getTenantIdentityDocument(hostname, SignedIdentityDocument.LEGACY_DEFAULT_DOCUMENT_VERSION); + SignedIdentityDocument signedDocument = identityDocumentClient.getTenantIdentityDocument(hostname, SignedIdentityDocument.LEGACY_DEFAULT_DOCUMENT_VERSION).orElseThrow(); IdentityDocument document = signedDocument.identityDocument(); Pkcs10Csr csr = csrGenerator.generateInstanceCsr( tenantIdentity, diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/DefaultIdentityDocumentClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/DefaultIdentityDocumentClient.java index 48fc021dced..f95a3335c24 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/DefaultIdentityDocumentClient.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/DefaultIdentityDocumentClient.java @@ -23,6 +23,7 @@ import java.io.IOException; import java.io.UncheckedIOException; import java.net.URI; import java.time.Duration; +import java.util.Optional; import java.util.function.Supplier; /** @@ -57,15 +58,15 @@ public class DefaultIdentityDocumentClient implements IdentityDocumentClient { @Override public SignedIdentityDocument getNodeIdentityDocument(String host, int documentVersion) { - return getIdentityDocument(host, "node", documentVersion); + return getIdentityDocument(host, "node", documentVersion).orElseThrow(); } @Override - public SignedIdentityDocument getTenantIdentityDocument(String host, int documentVersion) { + public Optional<SignedIdentityDocument> getTenantIdentityDocument(String host, int documentVersion) { return getIdentityDocument(host, "tenant", documentVersion); } - private SignedIdentityDocument getIdentityDocument(String host, String type, int documentVersion) { + private Optional<SignedIdentityDocument> getIdentityDocument(String host, String type, int documentVersion) { try (CloseableHttpClient client = createHttpClient(sslContextSupplier.get(), hostnameVerifier)) { URI uri = configserverUri @@ -83,7 +84,9 @@ public class DefaultIdentityDocumentClient implements IdentityDocumentClient { int statusCode = response.getStatusLine().getStatusCode(); if (statusCode >= 200 && statusCode <= 299) { SignedIdentityDocumentEntity entity = objectMapper.readValue(responseContent, SignedIdentityDocumentEntity.class); - return EntityBindingsMapper.toSignedIdentityDocument(entity); + return Optional.of(EntityBindingsMapper.toSignedIdentityDocument(entity)); + } else if (statusCode == 404) { + return Optional.empty(); } else { throw new RuntimeException( String.format( |