diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2020-01-30 12:43:28 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2020-02-03 12:05:21 +0100 |
commit | 848db39659f58d751ec2ccf0d910a2ec8cad2eb6 (patch) | |
tree | ae7495078d1a5c2ecfc1d0e71ba98a6bef89cf78 /vespa-athenz | |
parent | 266df2643f5d7d601d66043e1fe0f4f116895b0d (diff) |
Add methods to convert AthenzRole to and from single string
Diffstat (limited to 'vespa-athenz')
-rw-r--r-- | vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzRole.java | 14 | ||||
-rw-r--r-- | vespa-athenz/src/main/java/com/yahoo/vespa/athenz/tls/AthenzX509CertificateUtils.java | 5 |
2 files changed, 15 insertions, 4 deletions
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzRole.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzRole.java index 3a81e4a5e17..a7c9dbff3f8 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzRole.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzRole.java @@ -7,6 +7,8 @@ import java.util.Objects; * @author tokle */ public class AthenzRole { + private static final String DOMAIN_ROLE_NAME_DELIMITER = ":role."; + private final AthenzDomain domain; private final String roleName; @@ -20,6 +22,16 @@ public class AthenzRole { this.roleName = roleName; } + public static AthenzRole fromString(String string) { + if (!string.contains(DOMAIN_ROLE_NAME_DELIMITER)) { + throw new IllegalArgumentException("Not a valid role: " + string); + } + int delimiterIndex = string.indexOf(DOMAIN_ROLE_NAME_DELIMITER); + String domain = string.substring(0, delimiterIndex); + String roleName = string.substring(delimiterIndex + DOMAIN_ROLE_NAME_DELIMITER.length()); + return new AthenzRole(domain, roleName); + } + public AthenzDomain domain() { return domain; } @@ -28,6 +40,8 @@ public class AthenzRole { return roleName; } + public String asString() { return domain.getName() + DOMAIN_ROLE_NAME_DELIMITER + roleName; } + @Override public boolean equals(Object o) { if (this == o) return true; diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/tls/AthenzX509CertificateUtils.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/tls/AthenzX509CertificateUtils.java index 33e5552eaf6..6793d5804c7 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/tls/AthenzX509CertificateUtils.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/tls/AthenzX509CertificateUtils.java @@ -43,10 +43,7 @@ public class AthenzX509CertificateUtils { public static AthenzRole getRolesFromRoleCertificate(X509Certificate certificate) { String commonName = com.yahoo.security.X509CertificateUtils.getSubjectCommonNames(certificate).get(0); - int delimiterIndex = commonName.indexOf(COMMON_NAME_ROLE_DELIMITER); - String domain = commonName.substring(0, delimiterIndex); - String roleName = commonName.substring(delimiterIndex + COMMON_NAME_ROLE_DELIMITER.length()); - return new AthenzRole(domain, roleName); + return AthenzRole.fromString(commonName); } private static AthenzIdentity getIdentityFromSanEmail(String email) { |