diff options
author | Martin Polden <mpolden@mpolden.no> | 2020-10-29 09:15:44 +0100 |
---|---|---|
committer | Martin Polden <mpolden@mpolden.no> | 2020-10-29 09:41:39 +0100 |
commit | c0cbed188c1e6cf2bc98e17d23b970b2ede8753c (patch) | |
tree | 3efd42d138db1d16a9677d25c94c75ad4556f4e7 /vespa-athenz | |
parent | 94d7e79bcebda73213abdf1b162487a4fa021768 (diff) |
Do not implement unexported interface
Diffstat (limited to 'vespa-athenz')
-rw-r--r-- | vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java (renamed from vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentialsProvider.java) | 29 | ||||
-rw-r--r-- | vespa-athenz/src/test/java/com/yahoo/vespa/athenz/aws/AwsCredentialsTest.java (renamed from vespa-athenz/src/test/java/com/yahoo/vespa/athenz/aws/AwsCredentialProviderTest.java) | 12 |
2 files changed, 15 insertions, 26 deletions
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentialsProvider.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java index 48c6bea6174..b027e7272ea 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentialsProvider.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java @@ -1,9 +1,6 @@ // Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.athenz.aws; -import com.amazonaws.auth.AWSCredentials; -import com.amazonaws.auth.AWSCredentialsProvider; -import com.amazonaws.auth.BasicSessionCredentials; import com.yahoo.vespa.athenz.api.AthenzDomain; import com.yahoo.vespa.athenz.api.AwsRole; import com.yahoo.vespa.athenz.api.AwsTemporaryCredentials; @@ -18,11 +15,11 @@ import java.time.Instant; import java.util.Optional; /** - * Implementation of {@link AWSCredentialsProvider} that uses {@link ZtsClient} to retrieve temporary credentials. + * Retrieve {@link AwsTemporaryCredentials} through {@link ZtsClient}. * * @author tokle */ -public class AwsCredentialsProvider implements AWSCredentialsProvider { +public class AwsCredentials { private final static Duration MIN_EXPIRY = Duration.ofMinutes(5); private final AthenzDomain athenzDomain; @@ -30,42 +27,31 @@ public class AwsCredentialsProvider implements AWSCredentialsProvider { private final ZtsClient ztsClient; private volatile AwsTemporaryCredentials credentials; - public AwsCredentialsProvider(ZtsClient ztsClient, AthenzDomain athenzDomain, AwsRole awsRole) { + public AwsCredentials(ZtsClient ztsClient, AthenzDomain athenzDomain, AwsRole awsRole) { this.ztsClient = ztsClient; this.athenzDomain = athenzDomain; this.awsRole = awsRole; - this.credentials = getAthenzTempCredentials(); + this.credentials = get(); } - public AwsCredentialsProvider(URI ztsUrl, ServiceIdentityProvider identityProvider, AthenzDomain athenzDomain, AwsRole awsRole) { + public AwsCredentials(URI ztsUrl, ServiceIdentityProvider identityProvider, AthenzDomain athenzDomain, AwsRole awsRole) { this(new DefaultZtsClient(ztsUrl, identityProvider), athenzDomain, awsRole); } - public AwsCredentialsProvider(URI ztsUrl, SSLContext sslContext, AthenzDomain athenzDomain, AwsRole awsRole) { + public AwsCredentials(URI ztsUrl, SSLContext sslContext, AthenzDomain athenzDomain, AwsRole awsRole) { this(new DefaultZtsClient(ztsUrl, sslContext), athenzDomain, awsRole); } /** * Requests temporary credentials from ZTS or return cached credentials */ - private AwsTemporaryCredentials getAthenzTempCredentials() { + public AwsTemporaryCredentials get() { if(shouldRefresh(credentials)) { this.credentials = ztsClient.getAwsTemporaryCredentials(athenzDomain, awsRole); } return credentials; } - @Override - public AWSCredentials getCredentials() { - AwsTemporaryCredentials creds = getAthenzTempCredentials(); - return new BasicSessionCredentials(creds.accessKeyId(), creds.secretAccessKey(), creds.sessionToken()); - } - - @Override - public void refresh() { - getAthenzTempCredentials(); - } - /* * Checks credential expiration, returns true if it will expipre in the next MIN_EXPIRY minutes */ @@ -73,4 +59,5 @@ public class AwsCredentialsProvider implements AWSCredentialsProvider { Instant expiration = Optional.ofNullable(credentials).map(AwsTemporaryCredentials::expiration).orElse(Instant.EPOCH); return Duration.between(Instant.now(), expiration).toMinutes() < MIN_EXPIRY.toMinutes(); } + } diff --git a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/aws/AwsCredentialProviderTest.java b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/aws/AwsCredentialsTest.java index 3569f231814..5467504285b 100644 --- a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/aws/AwsCredentialProviderTest.java +++ b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/aws/AwsCredentialsTest.java @@ -9,25 +9,27 @@ import java.time.Clock; import java.time.Duration; import java.time.Instant; +import static org.junit.Assert.assertFalse; + /** * @author tokle */ -public class AwsCredentialProviderTest { +public class AwsCredentialsTest { @Test public void refreshes_correctly() { Clock clock = Clock.systemUTC(); // Does not require refresh when expires in 10 minutes - Assert.assertFalse(AwsCredentialsProvider.shouldRefresh(getCredentials(clock.instant().plus(Duration.ofMinutes(10))))); + assertFalse(AwsCredentials.shouldRefresh(getCredentials(clock.instant().plus(Duration.ofMinutes(10))))); // Requires refresh when expires in 3 minutes - Assert.assertTrue(AwsCredentialsProvider.shouldRefresh(getCredentials(clock.instant().plus(Duration.ofMinutes(3))))); + Assert.assertTrue(AwsCredentials.shouldRefresh(getCredentials(clock.instant().plus(Duration.ofMinutes(3))))); // Requires refresh when expired - Assert.assertTrue(AwsCredentialsProvider.shouldRefresh(getCredentials(clock.instant().minus(Duration.ofMinutes(1))))); + Assert.assertTrue(AwsCredentials.shouldRefresh(getCredentials(clock.instant().minus(Duration.ofMinutes(1))))); // Refreshes when no credentials provided - Assert.assertTrue(AwsCredentialsProvider.shouldRefresh(null)); + Assert.assertTrue(AwsCredentials.shouldRefresh(null)); } private AwsTemporaryCredentials getCredentials(Instant expiration) { |