diff options
7 files changed, 32 insertions, 18 deletions
diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProvider.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProvider.java index 45b08c74688..63b0accbdd2 100644 --- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProvider.java +++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProvider.java @@ -2,11 +2,16 @@ package com.yahoo.container.jdisc.athenz; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; +import com.google.common.annotations.Beta; import com.google.inject.Inject; import com.yahoo.athenz.auth.util.Crypto; import com.yahoo.cloud.config.ConfigserverConfig; import com.yahoo.component.AbstractComponent; import com.yahoo.container.core.identity.IdentityConfig; +import com.yahoo.container.jdisc.athenz.impl.AthenzService; +import com.yahoo.container.jdisc.athenz.impl.InstanceIdentity; +import com.yahoo.container.jdisc.athenz.impl.InstanceRegisterInformation; +import com.yahoo.container.jdisc.athenz.impl.ServiceProviderApi; import org.bouncycastle.asn1.x509.GeneralName; import org.bouncycastle.operator.OperatorCreationException; @@ -18,6 +23,7 @@ import java.security.NoSuchAlgorithmException; /** * @author mortent */ +@Beta public final class AthenzIdentityProvider extends AbstractComponent { private InstanceIdentity instanceIdentity; diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzService.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/AthenzService.java index 06dd698988a..69c52e5e639 100644 --- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/AthenzService.java +++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/AthenzService.java @@ -1,4 +1,4 @@ -package com.yahoo.container.jdisc.athenz; +package com.yahoo.container.jdisc.athenz.impl; import com.fasterxml.jackson.databind.ObjectMapper; import org.apache.http.client.methods.CloseableHttpResponse; @@ -21,10 +21,9 @@ public class AthenzService { /** * Send instance register request to ZTS, get InstanceIdentity */ - InstanceIdentity sendInstanceRegisterRequest(InstanceRegisterInformation instanceRegisterInformation, String athenzUrl) { + public InstanceIdentity sendInstanceRegisterRequest(InstanceRegisterInformation instanceRegisterInformation, String athenzUrl) { try(CloseableHttpClient client = HttpClientBuilder.create().build()) { ObjectMapper objectMapper = new ObjectMapper(); - System.out.println(objectMapper.writeValueAsString(instanceRegisterInformation)); HttpUriRequest postRequest = RequestBuilder.post() .setUri(athenzUrl + "/instance") .setEntity(new StringEntity(objectMapper.writeValueAsString(instanceRegisterInformation), ContentType.APPLICATION_JSON)) @@ -33,9 +32,8 @@ public class AthenzService { if(HttpStatus.isSuccess(response.getStatusLine().getStatusCode())) { return objectMapper.readValue(response.getEntity().getContent(), InstanceIdentity.class); } else { - String s = EntityUtils.toString(response.getEntity()); - System.out.println("s = " + s); - throw new RuntimeException(response.toString()); + String message = EntityUtils.toString(response.getEntity()); + throw new RuntimeException(String.format("Unable to get identity. http code/message: %d/%s" + response.getStatusLine().getStatusCode(), message)); } } catch (IOException e) { throw new RuntimeException(e); diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/InstanceIdentity.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/InstanceIdentity.java index 45ef4c68d8e..35986e7276e 100644 --- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/InstanceIdentity.java +++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/InstanceIdentity.java @@ -1,4 +1,4 @@ -package com.yahoo.container.jdisc.athenz; +package com.yahoo.container.jdisc.athenz.impl; import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonInclude; @@ -13,7 +13,7 @@ import java.util.Map; */ @JsonIgnoreProperties(ignoreUnknown = true) @JsonInclude(JsonInclude.Include.NON_NULL) -class InstanceIdentity { +public class InstanceIdentity { @JsonProperty("attributes") private final Map<String, String> attributes; @JsonProperty("provider") private final String provider; @JsonProperty("name") private final String name; @@ -45,11 +45,11 @@ class InstanceIdentity { this.serviceToken = serviceToken; } - String getX509Certificate() { + public String getX509Certificate() { return x509Certificate; } - String getServiceToken() { + public String getServiceToken() { return serviceToken; } } diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/InstanceRegisterInformation.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/InstanceRegisterInformation.java index 2fa3c598c58..b5258cf793a 100644 --- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/InstanceRegisterInformation.java +++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/InstanceRegisterInformation.java @@ -1,4 +1,4 @@ -package com.yahoo.container.jdisc.athenz; +package com.yahoo.container.jdisc.athenz.impl; import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonInclude; @@ -11,7 +11,7 @@ import com.fasterxml.jackson.annotation.JsonProperty; */ @JsonIgnoreProperties(ignoreUnknown = true) @JsonInclude(JsonInclude.Include.NON_NULL) -class InstanceRegisterInformation { +public class InstanceRegisterInformation { @JsonProperty("provider") private final String provider; @JsonProperty("domain") diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/ServiceProviderApi.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/ServiceProviderApi.java index 74e3cfa4a89..a896106ffdf 100644 --- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/ServiceProviderApi.java +++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/ServiceProviderApi.java @@ -1,4 +1,4 @@ -package com.yahoo.container.jdisc.athenz; +package com.yahoo.container.jdisc.athenz.impl; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.RequestBuilder; @@ -21,11 +21,10 @@ public class ServiceProviderApi { providerUri = URI.create(String.format("https://%s:8443/athenz/v1/provider", providerAddress)); } - /** * Get signed identity document from config server */ - String getSignedIdentityDocument() { + public String getSignedIdentityDocument() { // TODO Use client side auth to establish trusted secure channel try (CloseableHttpClient httpClient = HttpClientBuilder.create().build()) { @@ -38,8 +37,7 @@ public class ServiceProviderApi { throw new RuntimeException("Failed to initialize Athenz instance provider"); } } catch (IOException e) { - e.printStackTrace(); - throw new RuntimeException(e); + throw new RuntimeException("Failed getting signed identity document", e); } } diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/package-info.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/package-info.java new file mode 100644 index 00000000000..1d59edcbf93 --- /dev/null +++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/package-info.java @@ -0,0 +1,9 @@ +/** + * @author mortent + */ +@ExportPackage +@PublicApi +package com.yahoo.container.jdisc.athenz; + +import com.yahoo.api.annotations.PublicApi; +import com.yahoo.osgi.annotation.ExportPackage;
\ No newline at end of file diff --git a/container-disc/src/test/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProviderTest.java b/container-disc/src/test/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProviderTest.java index 4b351f1d2c0..2651cfd3a63 100644 --- a/container-disc/src/test/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProviderTest.java +++ b/container-disc/src/test/java/com/yahoo/container/jdisc/athenz/AthenzIdentityProviderTest.java @@ -1,6 +1,9 @@ package com.yahoo.container.jdisc.athenz; import com.yahoo.container.core.identity.IdentityConfig; +import com.yahoo.container.jdisc.athenz.impl.AthenzService; +import com.yahoo.container.jdisc.athenz.impl.InstanceIdentity; +import com.yahoo.container.jdisc.athenz.impl.ServiceProviderApi; import org.junit.Assert; import org.junit.Test; @@ -24,7 +27,7 @@ public class AthenzIdentityProviderTest { when(serviceProviderApi.getSignedIdentityDocument()).thenReturn(getIdentityDocument()); when(athenzService.sendInstanceRegisterRequest(any(), anyString())).thenReturn( - new InstanceIdentity(null,null,null,null,null,null, null, null, "TOKEN")); + new InstanceIdentity(null, null, null, null, null, null, null, null, "TOKEN")); AthenzIdentityProvider identityProvider = new AthenzIdentityProvider(config, serviceProviderApi, athenzService); |