6 files changed, 29 insertions, 24 deletions

diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/SimplePrincipal.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/SimplePrincipal.java
index 780171d0ccb..363d0726a1f 100644
--- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/SimplePrincipal.java
+++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/SimplePrincipal.java
@@ -18,6 +18,10 @@ public class SimplePrincipal implements Principal {
         this.name = name;
     }
 
+    public static SimplePrincipal of(Principal principal) {
+        return new SimplePrincipal(principal.getName());
+    }
+
     @Override
     public String getName() {
         return name;
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/tenant/CloudTenant.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/tenant/CloudTenant.java
index 44f9c0ea3b8..ae0467fcc86 100644
--- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/tenant/CloudTenant.java
+++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/tenant/CloudTenant.java
@@ -5,6 +5,7 @@ import com.google.common.collect.BiMap;
 import com.google.common.collect.ImmutableBiMap;
 import com.yahoo.config.provision.TenantName;
 import com.yahoo.vespa.hosted.controller.api.integration.secrets.TenantSecretStore;
+import com.yahoo.vespa.hosted.controller.api.role.SimplePrincipal;
 
 import java.security.Principal;
 import java.security.PublicKey;
@@ -20,16 +21,16 @@ import java.util.Optional;
  */
 public class CloudTenant extends Tenant {
 
-    private final Optional<Principal> creator;
-    private final BiMap<PublicKey, Principal> developerKeys;
+    private final Optional<SimplePrincipal> creator;
+    private final BiMap<PublicKey, SimplePrincipal> developerKeys;
     private final TenantInfo info;
     private final List<TenantSecretStore> tenantSecretStores;
     private final ArchiveAccess archiveAccess;
     private final Optional<Instant> invalidateUserSessionsBefore;
 
     /** Public for the serialization layer — do not use! */
-    public CloudTenant(TenantName name, Instant createdAt, LastLoginInfo lastLoginInfo, Optional<Principal> creator,
-                       BiMap<PublicKey, Principal> developerKeys, TenantInfo info,
+    public CloudTenant(TenantName name, Instant createdAt, LastLoginInfo lastLoginInfo, Optional<SimplePrincipal> creator,
+                       BiMap<PublicKey, SimplePrincipal> developerKeys, TenantInfo info,
                        List<TenantSecretStore> tenantSecretStores, ArchiveAccess archiveAccess, Optional<Instant> invalidateUserSessionsBefore) {
         super(name, createdAt, lastLoginInfo, Optional.empty());
         this.creator = creator;
@@ -45,12 +46,12 @@ public class CloudTenant extends Tenant {
         return new CloudTenant(requireName(tenantName),
                                createdAt,
                                LastLoginInfo.EMPTY,
-                               Optional.ofNullable(creator),
+                               Optional.ofNullable(creator).map(SimplePrincipal::of),
                                ImmutableBiMap.of(), TenantInfo.empty(), List.of(), new ArchiveAccess(), Optional.empty());
     }
 
     /** The user that created the tenant */
-    public Optional<Principal> creator() {
+    public Optional<SimplePrincipal> creator() {
         return creator;
     }
 
@@ -60,7 +61,7 @@ public class CloudTenant extends Tenant {
     }
 
     /** Returns the set of developer keys and their corresponding developers for this tenant. */
-    public BiMap<PublicKey, Principal> developerKeys() { return developerKeys; }
+    public BiMap<PublicKey, SimplePrincipal> developerKeys() { return developerKeys; }
 
     /** List of configured secret stores */
     public List<TenantSecretStore> tenantSecretStores() {
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/LockedTenant.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/LockedTenant.java
index a340982bec0..da40f63d543 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/LockedTenant.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/LockedTenant.java
@@ -125,15 +125,15 @@ public abstract class LockedTenant {
     /** A locked CloudTenant. */
     public static class Cloud extends LockedTenant {
 
-        private final Optional<Principal> creator;
-        private final BiMap<PublicKey, Principal> developerKeys;
+        private final Optional<SimplePrincipal> creator;
+        private final BiMap<PublicKey, SimplePrincipal> developerKeys;
         private final TenantInfo info;
         private final List<TenantSecretStore> tenantSecretStores;
         private final ArchiveAccess archiveAccess;
         private final Optional<Instant> invalidateUserSessionsBefore;
 
-        private Cloud(TenantName name, Instant createdAt, LastLoginInfo lastLoginInfo, Optional<Principal> creator,
-                      BiMap<PublicKey, Principal> developerKeys, TenantInfo info,
+        private Cloud(TenantName name, Instant createdAt, LastLoginInfo lastLoginInfo, Optional<SimplePrincipal> creator,
+                      BiMap<PublicKey, SimplePrincipal> developerKeys, TenantInfo info,
                       List<TenantSecretStore> tenantSecretStores, ArchiveAccess archiveAccess, Optional<Instant> invalidateUserSessionsBefore) {
             super(name, createdAt, lastLoginInfo);
             this.developerKeys = ImmutableBiMap.copyOf(developerKeys);
@@ -154,18 +154,18 @@ public abstract class LockedTenant {
         }
 
         public Cloud withDeveloperKey(PublicKey key, Principal principal) {
-            BiMap<PublicKey, Principal> keys = HashBiMap.create(developerKeys);
-            principal = new SimplePrincipal(principal.getName());
+            BiMap<PublicKey, SimplePrincipal> keys = HashBiMap.create(developerKeys);
+            SimplePrincipal simplePrincipal = new SimplePrincipal(principal.getName());
             if (keys.containsKey(key))
                 throw new IllegalArgumentException("Key " + KeyUtils.toPem(key) + " is already owned by " + keys.get(key));
-            if (keys.inverse().containsKey(principal))
-                throw new IllegalArgumentException(principal + " is already associated with key " + KeyUtils.toPem(keys.inverse().get(principal)));
-            keys.put(key, principal);
+            if (keys.inverse().containsKey(simplePrincipal))
+                throw new IllegalArgumentException(principal + " is already associated with key " + KeyUtils.toPem(keys.inverse().get(simplePrincipal)));
+            keys.put(key, simplePrincipal);
             return new Cloud(name, createdAt, lastLoginInfo, creator, keys, info, tenantSecretStores, archiveAccess, invalidateUserSessionsBefore);
         }
 
         public Cloud withoutDeveloperKey(PublicKey key) {
-            BiMap<PublicKey, Principal> keys = HashBiMap.create(developerKeys);
+            BiMap<PublicKey, SimplePrincipal> keys = HashBiMap.create(developerKeys);
             keys.remove(key);
             return new Cloud(name, createdAt, lastLoginInfo, creator, keys, info, tenantSecretStores, archiveAccess, invalidateUserSessionsBefore);
         }
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/TenantSerializer.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/TenantSerializer.java
index e91fbe8b1b7..fc7cafe4c89 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/TenantSerializer.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/TenantSerializer.java
@@ -137,7 +137,7 @@ public class TenantSerializer {
         root.setLong(deletedAtField, tenant.deletedAt().toEpochMilli());
     }
 
-    private void developerKeysToSlime(BiMap<PublicKey, Principal> keys, Cursor array) {
+    private void developerKeysToSlime(BiMap<PublicKey, ? extends Principal> keys, Cursor array) {
         keys.forEach((key, user) -> {
             Cursor object = array.addObject();
             object.setString("key", KeyUtils.toPem(key));
@@ -184,8 +184,8 @@ public class TenantSerializer {
         TenantName name = TenantName.from(tenantObject.field(nameField).asString());
         Instant createdAt = SlimeUtils.instant(tenantObject.field(createdAtField));
         LastLoginInfo lastLoginInfo = lastLoginInfoFromSlime(tenantObject.field(lastLoginInfoField));
-        Optional<Principal> creator = SlimeUtils.optionalString(tenantObject.field(creatorField)).map(SimplePrincipal::new);
-        BiMap<PublicKey, Principal> developerKeys = developerKeysFromSlime(tenantObject.field(pemDeveloperKeysField));
+        Optional<SimplePrincipal> creator = SlimeUtils.optionalString(tenantObject.field(creatorField)).map(SimplePrincipal::new);
+        BiMap<PublicKey, SimplePrincipal> developerKeys = developerKeysFromSlime(tenantObject.field(pemDeveloperKeysField));
         TenantInfo info = tenantInfoFromSlime(tenantObject.field(tenantInfoField));
         List<TenantSecretStore> tenantSecretStores = secretStoresFromSlime(tenantObject.field(secretStoresField));
         ArchiveAccess archiveAccess = archiveAccessFromSlime(tenantObject);
@@ -200,8 +200,8 @@ public class TenantSerializer {
         return new DeletedTenant(name, createdAt, deletedAt);
     }
 
-    private BiMap<PublicKey, Principal> developerKeysFromSlime(Inspector array) {
-        ImmutableBiMap.Builder<PublicKey, Principal> keys = ImmutableBiMap.builder();
+    private BiMap<PublicKey, SimplePrincipal> developerKeysFromSlime(Inspector array) {
+        ImmutableBiMap.Builder<PublicKey, SimplePrincipal> keys = ImmutableBiMap.builder();
         array.traverse((ArrayTraverser) (__, keyObject) ->
                 keys.put(KeyUtils.fromPemEncodedPublicKey(keyObject.field("key").asString()),
                          new SimplePrincipal(keyObject.field("user").asString())));
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java
index a4bb9034a85..9011274482b 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java
@@ -1081,7 +1081,7 @@ public class ApplicationApiHandler extends AuditLoggingRequestHandler {
         return new SlimeJsonResponse(root);
     }
 
-    private void toSlime(Cursor keysArray, Map<PublicKey, Principal> keys) {
+    private void toSlime(Cursor keysArray, Map<PublicKey, ? extends Principal> keys) {
         keys.forEach((key, principal) -> {
             Cursor keyObject = keysArray.addObject();
             keyObject.setString("key", KeyUtils.toPem(key));
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/filter/SignatureFilterTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/filter/SignatureFilterTest.java
index ec9be1f04c3..fcbecfa2e68 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/filter/SignatureFilterTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/filter/SignatureFilterTest.java
@@ -121,7 +121,7 @@ public class SignatureFilterTest {
                 Instant.EPOCH,
                 LastLoginInfo.EMPTY,
                 Optional.empty(),
-                ImmutableBiMap.of(publicKey, () -> "user"),
+                ImmutableBiMap.of(publicKey, new SimplePrincipal("user")),
                 TenantInfo.empty(),
                 List.of(),
                 new ArchiveAccess(),