Do not implement unexported interface

2 files changed, 15 insertions, 26 deletions

diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentialsProvider.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java
index 48c6bea6174..b027e7272ea 100644
--- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentialsProvider.java
+++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java
@@ -1,9 +1,6 @@
 // Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
 package com.yahoo.vespa.athenz.aws;
 
-import com.amazonaws.auth.AWSCredentials;
-import com.amazonaws.auth.AWSCredentialsProvider;
-import com.amazonaws.auth.BasicSessionCredentials;
 import com.yahoo.vespa.athenz.api.AthenzDomain;
 import com.yahoo.vespa.athenz.api.AwsRole;
 import com.yahoo.vespa.athenz.api.AwsTemporaryCredentials;
@@ -18,11 +15,11 @@ import java.time.Instant;
 import java.util.Optional;
 
 /**
- * Implementation of {@link AWSCredentialsProvider} that uses {@link ZtsClient} to retrieve temporary credentials.
+ * Retrieve {@link AwsTemporaryCredentials} through {@link ZtsClient}.
  *
  * @author tokle
  */
-public class AwsCredentialsProvider implements AWSCredentialsProvider {
+public class AwsCredentials {
 
     private final static Duration MIN_EXPIRY = Duration.ofMinutes(5);
     private final AthenzDomain athenzDomain;
@@ -30,42 +27,31 @@ public class AwsCredentialsProvider implements AWSCredentialsProvider {
     private final ZtsClient ztsClient;
     private volatile AwsTemporaryCredentials credentials;
 
-    public AwsCredentialsProvider(ZtsClient ztsClient, AthenzDomain athenzDomain, AwsRole awsRole) {
+    public AwsCredentials(ZtsClient ztsClient, AthenzDomain athenzDomain, AwsRole awsRole) {
         this.ztsClient = ztsClient;
         this.athenzDomain = athenzDomain;
         this.awsRole = awsRole;
-        this.credentials = getAthenzTempCredentials();
+        this.credentials = get();
     }
 
-    public AwsCredentialsProvider(URI ztsUrl, ServiceIdentityProvider identityProvider, AthenzDomain athenzDomain, AwsRole awsRole) {
+    public AwsCredentials(URI ztsUrl, ServiceIdentityProvider identityProvider, AthenzDomain athenzDomain, AwsRole awsRole) {
         this(new DefaultZtsClient(ztsUrl, identityProvider), athenzDomain, awsRole);
     }
 
-    public AwsCredentialsProvider(URI ztsUrl, SSLContext sslContext, AthenzDomain athenzDomain, AwsRole awsRole) {
+    public AwsCredentials(URI ztsUrl, SSLContext sslContext, AthenzDomain athenzDomain, AwsRole awsRole) {
         this(new DefaultZtsClient(ztsUrl, sslContext), athenzDomain, awsRole);
     }
 
     /**
      * Requests temporary credentials from ZTS or return cached credentials
      */
-    private AwsTemporaryCredentials getAthenzTempCredentials() {
+    public AwsTemporaryCredentials get() {
         if(shouldRefresh(credentials)) {
             this.credentials = ztsClient.getAwsTemporaryCredentials(athenzDomain, awsRole);
         }
         return credentials;
     }
 
-    @Override
-    public AWSCredentials getCredentials() {
-        AwsTemporaryCredentials creds = getAthenzTempCredentials();
-        return new BasicSessionCredentials(creds.accessKeyId(), creds.secretAccessKey(), creds.sessionToken());
-    }
-
-    @Override
-    public void refresh() {
-        getAthenzTempCredentials();
-    }
-
     /*
      * Checks credential expiration, returns true if it will expipre in the next MIN_EXPIRY minutes
      */
@@ -73,4 +59,5 @@ public class AwsCredentialsProvider implements AWSCredentialsProvider {
         Instant expiration = Optional.ofNullable(credentials).map(AwsTemporaryCredentials::expiration).orElse(Instant.EPOCH);
         return Duration.between(Instant.now(), expiration).toMinutes() < MIN_EXPIRY.toMinutes();
     }
+
 }
diff --git a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/aws/AwsCredentialProviderTest.java b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/aws/AwsCredentialsTest.java
index 3569f231814..5467504285b 100644
--- a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/aws/AwsCredentialProviderTest.java
+++ b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/aws/AwsCredentialsTest.java
@@ -9,25 +9,27 @@ import java.time.Clock;
 import java.time.Duration;
 import java.time.Instant;
 
+import static org.junit.Assert.assertFalse;
+
 /**
  * @author tokle
  */
-public class AwsCredentialProviderTest {
+public class AwsCredentialsTest {
 
     @Test
     public void refreshes_correctly() {
         Clock clock = Clock.systemUTC();
         // Does not require refresh when expires in 10 minutes
-        Assert.assertFalse(AwsCredentialsProvider.shouldRefresh(getCredentials(clock.instant().plus(Duration.ofMinutes(10)))));
+        assertFalse(AwsCredentials.shouldRefresh(getCredentials(clock.instant().plus(Duration.ofMinutes(10)))));
 
         // Requires refresh when expires in 3 minutes
-        Assert.assertTrue(AwsCredentialsProvider.shouldRefresh(getCredentials(clock.instant().plus(Duration.ofMinutes(3)))));
+        Assert.assertTrue(AwsCredentials.shouldRefresh(getCredentials(clock.instant().plus(Duration.ofMinutes(3)))));
 
         // Requires refresh when expired
-        Assert.assertTrue(AwsCredentialsProvider.shouldRefresh(getCredentials(clock.instant().minus(Duration.ofMinutes(1)))));
+        Assert.assertTrue(AwsCredentials.shouldRefresh(getCredentials(clock.instant().minus(Duration.ofMinutes(1)))));
 
         // Refreshes when no credentials provided
-        Assert.assertTrue(AwsCredentialsProvider.shouldRefresh(null));
+        Assert.assertTrue(AwsCredentials.shouldRefresh(null));
     }
 
     private AwsTemporaryCredentials getCredentials(Instant expiration) {