diff options
author | Håkon Hallingstad <hakon@verizonmedia.com> | 2019-04-10 23:43:18 +0200 |
---|---|---|
committer | Håkon Hallingstad <hakon@verizonmedia.com> | 2019-04-10 23:43:18 +0200 |
commit | 9bd1ea0ff940c620460c5181c38541fcd9386483 (patch) | |
tree | adf3e637db26044cd6643e3f0beee6759231b23b /vespa-athenz | |
parent | eeb0b2b3c6f8a3c3ffff6e8b2c6d169ae4fffbf6 (diff) |
Use AthenzIdentity instead of AthensService
Diffstat (limited to 'vespa-athenz')
12 files changed, 55 insertions, 49 deletions
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java index d81c9f064b1..da3bd18440b 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java @@ -5,7 +5,7 @@ import com.yahoo.vespa.athenz.api.AthenzDomain; import com.yahoo.vespa.athenz.api.AthenzIdentity; import com.yahoo.vespa.athenz.api.AthenzResourceName; import com.yahoo.vespa.athenz.api.AthenzRole; -import com.yahoo.vespa.athenz.api.AthenzService; +import com.yahoo.vespa.athenz.api.AthenzIdentity; import com.yahoo.vespa.athenz.api.OktaAccessToken; import com.yahoo.vespa.athenz.client.common.ClientBase; import com.yahoo.vespa.athenz.client.zms.bindings.AccessResponseEntity; @@ -55,7 +55,7 @@ public class DefaultZmsClient extends ClientBase implements ZmsClient { } @Override - public void createTenancy(AthenzDomain tenantDomain, AthenzService providerService, OktaAccessToken token) { + public void createTenancy(AthenzDomain tenantDomain, AthenzIdentity providerService, OktaAccessToken token) { URI uri = zmsUrl.resolve(String.format("domain/%s/tenancy/%s", tenantDomain.getName(), providerService.getFullName())); HttpUriRequest request = RequestBuilder.put() .setUri(uri) @@ -66,7 +66,7 @@ public class DefaultZmsClient extends ClientBase implements ZmsClient { } @Override - public void deleteTenancy(AthenzDomain tenantDomain, AthenzService providerService, OktaAccessToken token) { + public void deleteTenancy(AthenzDomain tenantDomain, AthenzIdentity providerService, OktaAccessToken token) { URI uri = zmsUrl.resolve(String.format("domain/%s/tenancy/%s", tenantDomain.getName(), providerService.getFullName())); HttpUriRequest request = RequestBuilder.delete() .setUri(uri) @@ -76,7 +76,7 @@ public class DefaultZmsClient extends ClientBase implements ZmsClient { } @Override - public void createProviderResourceGroup(AthenzDomain tenantDomain, AthenzService providerService, String resourceGroup, Set<RoleAction> roleActions, OktaAccessToken token) { + public void createProviderResourceGroup(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, Set<RoleAction> roleActions, OktaAccessToken token) { URI uri = zmsUrl.resolve(String.format("domain/%s/provDomain/%s/provService/%s/resourceGroup/%s", tenantDomain.getName(), providerService.getDomainName(), providerService.getName(), resourceGroup)); HttpUriRequest request = RequestBuilder.put() .setUri(uri) @@ -87,7 +87,7 @@ public class DefaultZmsClient extends ClientBase implements ZmsClient { } @Override - public void deleteProviderResourceGroup(AthenzDomain tenantDomain, AthenzService providerService, String resourceGroup, OktaAccessToken token) { + public void deleteProviderResourceGroup(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, OktaAccessToken token) { URI uri = zmsUrl.resolve(String.format("domain/%s/provDomain/%s/provService/%s/resourceGroup/%s", tenantDomain.getName(), providerService.getDomainName(), providerService.getName(), resourceGroup)); HttpUriRequest request = RequestBuilder.delete() .setUri(uri) diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/ZmsClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/ZmsClient.java index cf044edeac0..e78478bc1a2 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/ZmsClient.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/ZmsClient.java @@ -17,13 +17,13 @@ import java.util.Set; */ public interface ZmsClient extends AutoCloseable { - void createTenancy(AthenzDomain tenantDomain, AthenzService providerService, OktaAccessToken token); + void createTenancy(AthenzDomain tenantDomain, AthenzIdentity providerService, OktaAccessToken token); - void deleteTenancy(AthenzDomain tenantDomain, AthenzService providerService, OktaAccessToken token); + void deleteTenancy(AthenzDomain tenantDomain, AthenzIdentity providerService, OktaAccessToken token); - void createProviderResourceGroup(AthenzDomain tenantDomain, AthenzService providerService, String resourceGroup, Set<RoleAction> roleActions, OktaAccessToken token); + void createProviderResourceGroup(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, Set<RoleAction> roleActions, OktaAccessToken token); - void deleteProviderResourceGroup(AthenzDomain tenantDomain, AthenzService providerService, String resourceGroup, OktaAccessToken token); + void deleteProviderResourceGroup(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, OktaAccessToken token); boolean getMembership(AthenzRole role, AthenzIdentity identity); diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/ProviderResourceGroupRolesRequestEntity.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/ProviderResourceGroupRolesRequestEntity.java index dccd18fed61..a67bd4dcad6 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/ProviderResourceGroupRolesRequestEntity.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/ProviderResourceGroupRolesRequestEntity.java @@ -33,7 +33,7 @@ public class ProviderResourceGroupRolesRequestEntity { @JsonProperty("resourceGroup") private final String resourceGroup; - public ProviderResourceGroupRolesRequestEntity(AthenzService providerService, AthenzDomain tenantDomain, Set<RoleAction> rolesActions, String resourceGroup) { + public ProviderResourceGroupRolesRequestEntity(AthenzIdentity providerService, AthenzDomain tenantDomain, Set<RoleAction> rolesActions, String resourceGroup) { this.domain = providerService.getDomainName(); this.service = providerService.getName(); this.tenant = tenantDomain.getName(); diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/TenancyRequestEntity.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/TenancyRequestEntity.java index 7883a505c71..6e1987130f2 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/TenancyRequestEntity.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/TenancyRequestEntity.java @@ -4,6 +4,7 @@ package com.yahoo.vespa.athenz.client.zms.bindings; import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonProperty; import com.yahoo.vespa.athenz.api.AthenzDomain; +import com.yahoo.vespa.athenz.api.AthenzIdentity; import com.yahoo.vespa.athenz.api.AthenzService; import java.util.List; @@ -23,7 +24,7 @@ public class TenancyRequestEntity { @JsonInclude(JsonInclude.Include.NON_EMPTY) private final List<String> resourceGroups; - public TenancyRequestEntity(AthenzDomain tenantDomain, AthenzService providerService, List<String> resourceGroups) { + public TenancyRequestEntity(AthenzDomain tenantDomain, AthenzIdentity providerService, List<String> resourceGroups) { this.tenantDomain = tenantDomain.getName(); this.providerService = providerService.getFullName(); this.resourceGroups = resourceGroups; diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/DefaultZtsClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/DefaultZtsClient.java index 05395947fc1..ddba229d8d1 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/DefaultZtsClient.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/DefaultZtsClient.java @@ -1,10 +1,10 @@ // Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.athenz.client.zts; +import com.yahoo.security.Pkcs10Csr; import com.yahoo.vespa.athenz.api.AthenzDomain; import com.yahoo.vespa.athenz.api.AthenzIdentity; import com.yahoo.vespa.athenz.api.AthenzRole; -import com.yahoo.vespa.athenz.api.AthenzService; import com.yahoo.vespa.athenz.api.AwsRole; import com.yahoo.vespa.athenz.api.AwsTemporaryCredentials; import com.yahoo.vespa.athenz.api.NToken; @@ -22,7 +22,6 @@ import com.yahoo.vespa.athenz.client.zts.bindings.RoleTokenResponseEntity; import com.yahoo.vespa.athenz.client.zts.bindings.TenantDomainsResponseEntity; import com.yahoo.vespa.athenz.client.zts.utils.IdentityCsrGenerator; import com.yahoo.vespa.athenz.identity.ServiceIdentityProvider; -import com.yahoo.security.Pkcs10Csr; import org.apache.http.HttpResponse; import org.apache.http.client.methods.HttpUriRequest; import org.apache.http.client.methods.RequestBuilder; @@ -65,8 +64,8 @@ public class DefaultZtsClient extends ClientBase implements ZtsClient { } @Override - public InstanceIdentity registerInstance(AthenzService providerIdentity, - AthenzService instanceIdentity, + public InstanceIdentity registerInstance(AthenzIdentity providerIdentity, + AthenzIdentity instanceIdentity, String instanceId, String attestationData, boolean requestServiceToken, @@ -81,8 +80,8 @@ public class DefaultZtsClient extends ClientBase implements ZtsClient { } @Override - public InstanceIdentity refreshInstance(AthenzService providerIdentity, - AthenzService instanceIdentity, + public InstanceIdentity refreshInstance(AthenzIdentity providerIdentity, + AthenzIdentity instanceIdentity, String instanceId, boolean requestServiceToken, Pkcs10Csr csr) { @@ -101,7 +100,7 @@ public class DefaultZtsClient extends ClientBase implements ZtsClient { } @Override - public Identity getServiceIdentity(AthenzService identity, String keyId, Pkcs10Csr csr) { + public Identity getServiceIdentity(AthenzIdentity identity, String keyId, Pkcs10Csr csr) { URI uri = ztsUrl.resolve(String.format("instance/%s/%s/refresh", identity.getDomainName(), identity.getName())); HttpUriRequest request = RequestBuilder.post() .setUri(uri) @@ -114,7 +113,7 @@ public class DefaultZtsClient extends ClientBase implements ZtsClient { } @Override - public Identity getServiceIdentity(AthenzService identity, String keyId, KeyPair keyPair, String dnsSuffix) { + public Identity getServiceIdentity(AthenzIdentity identity, String keyId, KeyPair keyPair, String dnsSuffix) { Pkcs10Csr csr = new IdentityCsrGenerator(dnsSuffix).generateIdentityCsr(identity, keyPair); return getServiceIdentity(identity, keyId, csr); } diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/ZtsClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/ZtsClient.java index 7b77fccfed6..efe244d500f 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/ZtsClient.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/ZtsClient.java @@ -28,8 +28,8 @@ public interface ZtsClient extends AutoCloseable { * @param attestationData The signed identity documented serialized to a string. * @return A x509 certificate + service token (optional) */ - InstanceIdentity registerInstance(AthenzService providerIdentity, - AthenzService instanceIdentity, + InstanceIdentity registerInstance(AthenzIdentity providerIdentity, + AthenzIdentity instanceIdentity, String instanceId, // TODO Remove this parameter (unused/unnecessary) String attestationData, boolean requestServiceToken, @@ -40,8 +40,8 @@ public interface ZtsClient extends AutoCloseable { * * @return A x509 certificate + service token (optional) */ - InstanceIdentity refreshInstance(AthenzService providerIdentity, - AthenzService instanceIdentity, + InstanceIdentity refreshInstance(AthenzIdentity providerIdentity, + AthenzIdentity instanceIdentity, String instanceId, boolean requestServiceToken, Pkcs10Csr csr); @@ -51,7 +51,7 @@ public interface ZtsClient extends AutoCloseable { * * @return A x509 certificate with CA certificates */ - Identity getServiceIdentity(AthenzService identity, + Identity getServiceIdentity(AthenzIdentity identity, String keyId, Pkcs10Csr csr); @@ -60,7 +60,7 @@ public interface ZtsClient extends AutoCloseable { * * @return A x509 certificate with CA certificates */ - Identity getServiceIdentity(AthenzService identity, + Identity getServiceIdentity(AthenzIdentity identity, String keyId, KeyPair keyPair, String dnsSuffix); diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/bindings/InstanceRegisterInformation.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/bindings/InstanceRegisterInformation.java index 49d9bb1ec5c..67a49059776 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/bindings/InstanceRegisterInformation.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/bindings/InstanceRegisterInformation.java @@ -4,6 +4,7 @@ package com.yahoo.vespa.athenz.client.zts.bindings; import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonProperty; +import com.yahoo.vespa.athenz.api.AthenzIdentity; import com.yahoo.vespa.athenz.api.AthenzService; import com.yahoo.security.Pkcs10Csr; import com.yahoo.security.Pkcs10CsrUtils; @@ -32,8 +33,8 @@ public class InstanceRegisterInformation { @JsonProperty("token") private final boolean token; - public InstanceRegisterInformation(AthenzService providerIdentity, - AthenzService instanceIdentity, + public InstanceRegisterInformation(AthenzIdentity providerIdentity, + AthenzIdentity instanceIdentity, String attestationData, Pkcs10Csr csr, boolean requestServiceToken) { diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/utils/IdentityCsrGenerator.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/utils/IdentityCsrGenerator.java index b2af2d732bf..d1383bd04fd 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/utils/IdentityCsrGenerator.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zts/utils/IdentityCsrGenerator.java @@ -1,6 +1,7 @@ // Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.athenz.client.zts.utils; +import com.yahoo.vespa.athenz.api.AthenzIdentity; import com.yahoo.vespa.athenz.api.AthenzService; import com.yahoo.vespa.athenz.client.zts.ZtsClient; import com.yahoo.security.Pkcs10Csr; @@ -12,7 +13,7 @@ import java.security.KeyPair; import static com.yahoo.security.SignatureAlgorithm.SHA256_WITH_RSA; /** - * Generates a {@link Pkcs10Csr} instance for use with {@link ZtsClient#getServiceIdentity(AthenzService, String, Pkcs10Csr)} + * Generates a {@link Pkcs10Csr} instance for use with {@link ZtsClient#getServiceIdentity(AthenzIdentity, String, Pkcs10Csr)} * * @author bjorncs */ @@ -24,7 +25,7 @@ public class IdentityCsrGenerator { this.dnsSuffix = dnsSuffix; } - public Pkcs10Csr generateIdentityCsr(AthenzService identity, KeyPair keypair) { + public Pkcs10Csr generateIdentityCsr(AthenzIdentity identity, KeyPair keypair) { return Pkcs10CsrBuilder.fromKeypair(new X500Principal("CN=" + identity.getFullName()), keypair, SHA256_WITH_RSA) .addSubjectAlternativeName(String.format( "%s.%s.%s", diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identity/ServiceIdentityProvider.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identity/ServiceIdentityProvider.java index 6b318fb16be..e5ed885b316 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identity/ServiceIdentityProvider.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identity/ServiceIdentityProvider.java @@ -2,6 +2,7 @@ package com.yahoo.vespa.athenz.identity; import com.yahoo.container.jdisc.athenz.AthenzIdentityProvider; +import com.yahoo.vespa.athenz.api.AthenzIdentity; import com.yahoo.vespa.athenz.api.AthenzService; import javax.net.ssl.SSLContext; @@ -13,6 +14,6 @@ import javax.net.ssl.SSLContext; * @author bjorncs */ public interface ServiceIdentityProvider { - AthenzService identity(); + AthenzIdentity identity(); SSLContext getIdentitySslContext(); } diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identity/SiaIdentityProvider.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identity/SiaIdentityProvider.java index d8fa910aa73..2b0e50ed982 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identity/SiaIdentityProvider.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identity/SiaIdentityProvider.java @@ -4,6 +4,7 @@ package com.yahoo.vespa.athenz.identity; import com.google.inject.Inject; import com.yahoo.component.AbstractComponent; import com.yahoo.log.LogLevel; +import com.yahoo.vespa.athenz.api.AthenzIdentity; import com.yahoo.vespa.athenz.api.AthenzService; import com.yahoo.security.KeyStoreType; import com.yahoo.security.SslContextBuilder; @@ -33,7 +34,7 @@ public class SiaIdentityProvider extends AbstractComponent implements ServiceIde private static final Duration REFRESH_INTERVAL = Duration.ofHours(1); private final AtomicReference<SSLContext> sslContext = new AtomicReference<>(); - private final AthenzService service; + private final AthenzIdentity service; private final File privateKeyFile; private final File certificateFile; private final File trustStoreFile; @@ -48,7 +49,7 @@ public class SiaIdentityProvider extends AbstractComponent implements ServiceIde createScheduler()); } - public SiaIdentityProvider(AthenzService service, + public SiaIdentityProvider(AthenzIdentity service, Path siaPath, File trustStoreFile) { this(service, @@ -58,7 +59,7 @@ public class SiaIdentityProvider extends AbstractComponent implements ServiceIde createScheduler()); } - public SiaIdentityProvider(AthenzService service, + public SiaIdentityProvider(AthenzIdentity service, File privateKeyFile, File certificateFile, File trustStoreFile, @@ -81,7 +82,7 @@ public class SiaIdentityProvider extends AbstractComponent implements ServiceIde } @Override - public AthenzService identity() { + public AthenzIdentity identity() { return service; } diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/utils/SiaUtils.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/utils/SiaUtils.java index cd35a204b00..40f12b9c6db 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/utils/SiaUtils.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/utils/SiaUtils.java @@ -1,6 +1,7 @@ // Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.athenz.utils; +import com.yahoo.vespa.athenz.api.AthenzIdentity; import com.yahoo.vespa.athenz.api.AthenzService; import com.yahoo.security.KeyUtils; import com.yahoo.security.X509CertificateUtils; @@ -31,31 +32,31 @@ public class SiaUtils { private SiaUtils() {} - public static Path getPrivateKeyFile(AthenzService service) { + public static Path getPrivateKeyFile(AthenzIdentity service) { return getPrivateKeyFile(DEFAULT_SIA_DIRECTORY, service); } - public static Path getPrivateKeyFile(Path root, AthenzService service) { + public static Path getPrivateKeyFile(Path root, AthenzIdentity service) { return root .resolve("keys") .resolve(String.format("%s.%s.key.pem", service.getDomainName(), service.getName())); } - public static Path getCertificateFile(AthenzService service) { + public static Path getCertificateFile(AthenzIdentity service) { return getCertificateFile(DEFAULT_SIA_DIRECTORY, service); } - public static Path getCertificateFile(Path root, AthenzService service) { + public static Path getCertificateFile(Path root, AthenzIdentity service) { return root .resolve("certs") .resolve(String.format("%s.%s.cert.pem", service.getDomainName(), service.getName())); } - public static Optional<PrivateKey> readPrivateKeyFile(AthenzService service) { + public static Optional<PrivateKey> readPrivateKeyFile(AthenzIdentity service) { return readPrivateKeyFile(DEFAULT_SIA_DIRECTORY, service); } - public static Optional<PrivateKey> readPrivateKeyFile(Path root, AthenzService service) { + public static Optional<PrivateKey> readPrivateKeyFile(Path root, AthenzIdentity service) { try { Path privateKeyFile = getPrivateKeyFile(root, service); if (Files.notExists(privateKeyFile)) return Optional.empty(); @@ -65,11 +66,11 @@ public class SiaUtils { } } - public static Optional<X509Certificate> readCertificateFile(AthenzService service) { + public static Optional<X509Certificate> readCertificateFile(AthenzIdentity service) { return readCertificateFile(DEFAULT_SIA_DIRECTORY, service); } - public static Optional<X509Certificate> readCertificateFile(Path root, AthenzService service) { + public static Optional<X509Certificate> readCertificateFile(Path root, AthenzIdentity service) { try { Path certificateFile = getCertificateFile(root, service); if (Files.notExists(certificateFile)) return Optional.empty(); @@ -79,11 +80,11 @@ public class SiaUtils { } } - public static void writePrivateKeyFile(AthenzService service, PrivateKey privateKey) { + public static void writePrivateKeyFile(AthenzIdentity service, PrivateKey privateKey) { writePrivateKeyFile(DEFAULT_SIA_DIRECTORY, service, privateKey); } - public static void writePrivateKeyFile(Path root, AthenzService service, PrivateKey privateKey) { + public static void writePrivateKeyFile(Path root, AthenzIdentity service, PrivateKey privateKey) { try { Path privateKeyFile = getPrivateKeyFile(root, service); Files.createDirectories(privateKeyFile.getParent()); @@ -95,11 +96,11 @@ public class SiaUtils { } } - public static void writeCertificateFile(AthenzService service, X509Certificate certificate) { + public static void writeCertificateFile(AthenzIdentity service, X509Certificate certificate) { writeCertificateFile(DEFAULT_SIA_DIRECTORY, service, certificate); } - public static void writeCertificateFile(Path root, AthenzService service, X509Certificate certificate) { + public static void writeCertificateFile(Path root, AthenzIdentity service, X509Certificate certificate) { try { Path certificateFile = getCertificateFile(root, service); Files.createDirectories(certificateFile.getParent()); @@ -111,11 +112,11 @@ public class SiaUtils { } } - public static List<AthenzService> findSiaServices() { + public static List<AthenzIdentity> findSiaServices() { return findSiaServices(DEFAULT_SIA_DIRECTORY); } - public static List<AthenzService> findSiaServices(Path root) { + public static List<AthenzIdentity> findSiaServices(Path root) { String keyFileSuffix = ".key.pem"; Path keysDirectory = root.resolve("keys"); if ( ! Files.exists(keysDirectory)) diff --git a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/utils/SiaUtilsTest.java b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/utils/SiaUtilsTest.java index f69e937f294..0e6aff1eeca 100644 --- a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/utils/SiaUtilsTest.java +++ b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/utils/SiaUtilsTest.java @@ -1,6 +1,7 @@ // Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.athenz.utils; +import com.yahoo.vespa.athenz.api.AthenzIdentity; import com.yahoo.vespa.athenz.api.AthenzService; import org.junit.Rule; import org.junit.Test; @@ -35,7 +36,7 @@ public class SiaUtilsTest { AthenzService barService = new AthenzService("my.domain.bar"); Files.createFile(SiaUtils.getPrivateKeyFile(siaRoot, barService)); - List<AthenzService> siaIdentities = SiaUtils.findSiaServices(siaRoot); + List<AthenzIdentity> siaIdentities = SiaUtils.findSiaServices(siaRoot); assertThat(siaIdentities.size(), equalTo(2)); assertThat(siaIdentities, hasItem(fooService)); assertThat(siaIdentities, hasItem(barService)); |