diff options
-rw-r--r-- | vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzCredentialsService.java | 24 | ||||
-rw-r--r-- | vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzIdentityProviderImpl.java | 9 | ||||
-rw-r--r-- | vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/ZtsClient.java (renamed from vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzService.java) | 20 | ||||
-rw-r--r-- | vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzIdentityProviderImplTest.java | 8 |
4 files changed, 31 insertions, 30 deletions
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzCredentialsService.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzCredentialsService.java index e11445518ab..4278e641166 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzCredentialsService.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzCredentialsService.java @@ -35,16 +35,16 @@ class AthenzCredentialsService { private final IdentityConfig identityConfig; private final IdentityDocumentService identityDocumentService; - private final AthenzService athenzService; + private final ZtsClient ztsClient; private final File trustStoreJks; AthenzCredentialsService(IdentityConfig identityConfig, IdentityDocumentService identityDocumentService, - AthenzService athenzService, + ZtsClient ztsClient, File trustStoreJks) { this.identityConfig = identityConfig; this.identityDocumentService = identityDocumentService; - this.athenzService = athenzService; + this.ztsClient = ztsClient; this.trustStoreJks = trustStoreJks; } @@ -64,8 +64,8 @@ class AthenzCredentialsService { identityConfig.service(), rawDocument, Pkcs10CsrUtils.toPem(csr)); - InstanceIdentity instanceIdentity = athenzService.sendInstanceRegisterRequest(instanceRegisterInformation, - document.ztsEndpoint); + InstanceIdentity instanceIdentity = ztsClient.sendInstanceRegisterRequest(instanceRegisterInformation, + document.ztsEndpoint); return toAthenzCredentials(instanceIdentity, keyPair, document); } @@ -79,13 +79,13 @@ class AthenzCredentialsService { newKeyPair); InstanceRefreshInformation refreshInfo = new InstanceRefreshInformation(Pkcs10CsrUtils.toPem(csr)); InstanceIdentity instanceIdentity = - athenzService.sendInstanceRefreshRequest(document.providerService, - identityConfig.domain(), - identityConfig.service(), - document.providerUniqueId, - refreshInfo, - document.ztsEndpoint, - sslContext); + ztsClient.sendInstanceRefreshRequest(document.providerService, + identityConfig.domain(), + identityConfig.service(), + document.providerUniqueId, + refreshInfo, + document.ztsEndpoint, + sslContext); return toAthenzCredentials(instanceIdentity, newKeyPair, document); } diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzIdentityProviderImpl.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzIdentityProviderImpl.java index 0feaabd4d9d..3773af6b808 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzIdentityProviderImpl.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzIdentityProviderImpl.java @@ -8,6 +8,7 @@ import com.yahoo.container.jdisc.athenz.AthenzIdentityProvider; import com.yahoo.container.jdisc.athenz.AthenzIdentityProviderException; import com.yahoo.jdisc.Metric; import com.yahoo.log.LogLevel; +import com.yahoo.vespa.athenz.api.AthenzService; import com.yahoo.vespa.athenz.identity.ServiceIdentityProvider; import com.yahoo.vespa.defaults.Defaults; @@ -41,7 +42,7 @@ public final class AthenzIdentityProviderImpl extends AbstractComponent implemen private final AthenzCredentialsService athenzCredentialsService; private final ScheduledExecutorService scheduler; private final Clock clock; - private final com.yahoo.vespa.athenz.api.AthenzService identity; + private final AthenzService identity; @Inject public AthenzIdentityProviderImpl(IdentityConfig config, Metric metric) { @@ -49,7 +50,7 @@ public final class AthenzIdentityProviderImpl extends AbstractComponent implemen metric, new AthenzCredentialsService(config, new IdentityDocumentService(config.loadBalancerAddress()), - new AthenzService(), + new ZtsClient(), new File(Defaults.getDefaults().underVespaHome("share/ssl/certs/yahoo_certificate_bundle.jks"))), new ScheduledThreadPoolExecutor(1), Clock.systemUTC()); @@ -65,7 +66,7 @@ public final class AthenzIdentityProviderImpl extends AbstractComponent implemen this.athenzCredentialsService = athenzCredentialsService; this.scheduler = scheduler; this.clock = clock; - this.identity = new com.yahoo.vespa.athenz.api.AthenzService(config.domain(), config.service()); + this.identity = new AthenzService(config.domain(), config.service()); registerInstance(); } @@ -80,7 +81,7 @@ public final class AthenzIdentityProviderImpl extends AbstractComponent implemen } @Override - public com.yahoo.vespa.athenz.api.AthenzService identity() { + public AthenzService identity() { return identity; } diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzService.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/ZtsClient.java index 713e9c6c015..a4fde8270c6 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzService.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/ZtsClient.java @@ -1,4 +1,4 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +// Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.athenz.identityprovider.client; import com.fasterxml.jackson.core.JsonProcessingException; @@ -24,7 +24,7 @@ import java.net.URI; * @author mortent * @author bjorncs */ -public class AthenzService { +class ZtsClient { private static final String INSTANCE_API_PATH = "/zts/v1/instance"; @@ -34,7 +34,7 @@ public class AthenzService { /** * Send instance register request to ZTS, get InstanceIdentity */ - public InstanceIdentity sendInstanceRegisterRequest(InstanceRegisterInformation instanceRegisterInformation, + InstanceIdentity sendInstanceRegisterRequest(InstanceRegisterInformation instanceRegisterInformation, URI uri) { try(CloseableHttpClient client = HttpClientBuilder.create().setRetryHandler(retryHandler).build()) { HttpUriRequest postRequest = RequestBuilder.post() @@ -47,13 +47,13 @@ public class AthenzService { } } - public InstanceIdentity sendInstanceRefreshRequest(String providerService, - String instanceDomain, - String instanceServiceName, - String instanceId, - InstanceRefreshInformation instanceRefreshInformation, - URI ztsEndpoint, - SSLContext sslContext) { + InstanceIdentity sendInstanceRefreshRequest(String providerService, + String instanceDomain, + String instanceServiceName, + String instanceId, + InstanceRefreshInformation instanceRefreshInformation, + URI ztsEndpoint, + SSLContext sslContext) { try (CloseableHttpClient client = createHttpClientWithTlsAuth(sslContext, retryHandler)) { URI uri = ztsEndpoint .resolve(INSTANCE_API_PATH + '/') diff --git a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzIdentityProviderImplTest.java b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzIdentityProviderImplTest.java index 12e60326f97..91c68702e87 100644 --- a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzIdentityProviderImplTest.java +++ b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/AthenzIdentityProviderImplTest.java @@ -58,25 +58,25 @@ public class AthenzIdentityProviderImplTest { @Test public void metrics_updated_on_refresh() throws IOException { IdentityDocumentService identityDocumentService = mock(IdentityDocumentService.class); - AthenzService athenzService = mock(AthenzService.class); + ZtsClient ztsClient = mock(ZtsClient.class); ManualClock clock = new ManualClock(Instant.EPOCH); Metric metric = mock(Metric.class); when(identityDocumentService.getSignedIdentityDocument()).thenReturn(getIdentityDocument()); - when(athenzService.sendInstanceRegisterRequest(any(), any())).then(new Answer<InstanceIdentity>() { + when(ztsClient.sendInstanceRegisterRequest(any(), any())).then(new Answer<InstanceIdentity>() { @Override public InstanceIdentity answer(InvocationOnMock invocationOnMock) throws Throwable { return new InstanceIdentity(getCertificate(getExpirationSupplier(clock)), "TOKEN"); } }); - when(athenzService.sendInstanceRefreshRequest(anyString(), anyString(), anyString(), anyString(), any(), any(), any())) + when(ztsClient.sendInstanceRefreshRequest(anyString(), anyString(), anyString(), anyString(), any(), any(), any())) .thenThrow(new RuntimeException("#1")) .thenThrow(new RuntimeException("#2")) .thenReturn(new InstanceIdentity(getCertificate(getExpirationSupplier(clock)), "TOKEN")); AthenzCredentialsService credentialService = - new AthenzCredentialsService(IDENTITY_CONFIG, identityDocumentService, athenzService, createDummyTrustStore()); + new AthenzCredentialsService(IDENTITY_CONFIG, identityDocumentService, ztsClient, createDummyTrustStore()); AthenzIdentityProviderImpl identityProvider = new AthenzIdentityProviderImpl(IDENTITY_CONFIG, metric, credentialService, mock(ScheduledExecutorService.class), clock); |