diff options
3 files changed, 116 insertions, 7 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/EndpointCertificateMetadata.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/EndpointCertificateMetadata.java index 56a50faa4fa..0aa0df8ae2b 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/EndpointCertificateMetadata.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/EndpointCertificateMetadata.java @@ -1,11 +1,13 @@ package com.yahoo.vespa.hosted.controller.api.integration.certificates; +import java.util.List; import java.util.Objects; +import java.util.Optional; /** * This class is used for metadata about an application's endpoint certificate on the controller. * <p> - * It is a copy of com.yahoo.config.model.api.EndpointCertificateMetadata, but will soon be extended. + * It has more properties than com.yahoo.config.model.api.EndpointCertificateMetadata. * * @author andreer */ @@ -14,11 +16,27 @@ public class EndpointCertificateMetadata { private final String keyName; private final String certName; private final int version; + private final Optional<String> request_id; + private final Optional<List<String>> requestedDnsSans; public EndpointCertificateMetadata(String keyName, String certName, int version) { this.keyName = keyName; this.certName = certName; this.version = version; + this.request_id = Optional.empty(); + this.requestedDnsSans = Optional.empty(); + } + + public EndpointCertificateMetadata(String keyName, String certName, int version, Optional<String> request_id, Optional<List<String>> requestedDnsSans) { + this.keyName = keyName; + this.certName = certName; + this.version = version; + this.request_id = request_id; + this.requestedDnsSans = requestedDnsSans; + } + + public EndpointCertificateMetadata(String keyName, String certName, int version, String request_id, List<String> requestedDnsSans) { + this(keyName, certName, version, Optional.of(request_id), Optional.of(requestedDnsSans)); } public String keyName() { @@ -33,12 +51,22 @@ public class EndpointCertificateMetadata { return version; } + public Optional<String> request_id() { + return request_id; + } + + public Optional<List<String>> requestedDnsSans() { + return requestedDnsSans; + } + @Override public String toString() { return "EndpointCertificateMetadata{" + "keyName='" + keyName + '\'' + ", certName='" + certName + '\'' + ", version=" + version + + ", request_id=" + request_id + + ", requestedDnsSans=" + requestedDnsSans + '}'; } @@ -48,12 +76,14 @@ public class EndpointCertificateMetadata { if (o == null || getClass() != o.getClass()) return false; EndpointCertificateMetadata that = (EndpointCertificateMetadata) o; return version == that.version && - Objects.equals(keyName, that.keyName) && - Objects.equals(certName, that.certName); + keyName.equals(that.keyName) && + certName.equals(that.certName) && + request_id.equals(that.request_id) && + requestedDnsSans.equals(that.requestedDnsSans); } @Override public int hashCode() { - return Objects.hash(keyName, certName, version); + return Objects.hash(keyName, certName, version, request_id, requestedDnsSans); } } diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializer.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializer.java index 702234b7634..8537118d309 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializer.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializer.java @@ -6,6 +6,11 @@ import com.yahoo.slime.Slime; import com.yahoo.vespa.config.SlimeUtils; import com.yahoo.vespa.hosted.controller.api.integration.certificates.EndpointCertificateMetadata; +import java.util.List; +import java.util.Optional; +import java.util.stream.Collectors; +import java.util.stream.IntStream; + /** * (de)serializes endpoint certificate metadata * <p> @@ -26,6 +31,8 @@ public class EndpointCertificateMetadataSerializer { private final static String keyNameField = "keyName"; private final static String certNameField = "certName"; private final static String versionField = "version"; + private final static String requestIdField = "requestId"; + private final static String requestedDnsSansField = "requestedDnsSans"; public static Slime toSlime(EndpointCertificateMetadata metadata) { Slime slime = new Slime(); @@ -33,6 +40,13 @@ public class EndpointCertificateMetadataSerializer { object.setString(keyNameField, metadata.keyName()); object.setString(certNameField, metadata.certName()); object.setLong(versionField, metadata.version()); + + metadata.request_id().ifPresent(id -> object.setString(requestIdField, id)); + metadata.requestedDnsSans().ifPresent(sans -> { + Cursor cursor = object.setArray(requestedDnsSansField); + sans.forEach(cursor::addString); + }); + return slime; } @@ -44,12 +58,24 @@ public class EndpointCertificateMetadataSerializer { inspector.asString() + "-cert", 0 ); - case OBJECT: + case OBJECT: { + Optional<String> request_id = inspector.field(requestIdField).valid() ? + Optional.of(inspector.field(requestIdField).asString()) : + Optional.empty(); + + Optional<List<String>> requestedDnsSans = inspector.field(requestedDnsSansField).valid() ? + Optional.of(IntStream.range(0, inspector.field(requestedDnsSansField).entries()) + .mapToObj(i -> inspector.field(requestedDnsSansField).entry(i).asString()).collect(Collectors.toList())) : + Optional.empty(); + return new EndpointCertificateMetadata( inspector.field(keyNameField).asString(), inspector.field(certNameField).asString(), - Math.toIntExact(inspector.field(versionField).asLong()) + Math.toIntExact(inspector.field(versionField).asLong()), + request_id, + requestedDnsSans ); + } default: throw new IllegalArgumentException("Unknown format encountered for endpoint certificate metadata!"); @@ -61,7 +87,7 @@ public class EndpointCertificateMetadataSerializer { } public static EndpointCertificateMetadata fromJsonOrTlsSecretsKeysString(String zkdata) { - if(zkdata.strip().startsWith("{")) { + if (zkdata.strip().startsWith("{")) { return fromSlime(SlimeUtils.jsonToSlime(zkdata).get()); } else { return fromTlsSecretsKeysString(zkdata); diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializerTest.java new file mode 100644 index 00000000000..7428b9901a2 --- /dev/null +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializerTest.java @@ -0,0 +1,53 @@ +package com.yahoo.vespa.hosted.controller.persistence; + +import com.yahoo.vespa.hosted.controller.api.integration.certificates.EndpointCertificateMetadata; +import org.junit.Test; + +import java.util.List; + +import static org.junit.Assert.*; + +public class EndpointCertificateMetadataSerializerTest { + + private EndpointCertificateMetadata sample = + new EndpointCertificateMetadata("keyName", "certName", 1); + private EndpointCertificateMetadata sampleWithRequestMetadata = + new EndpointCertificateMetadata("keyName", "certName", 1, "requestId", List.of("SAN1", "SAN2")); + + @Test + public void serialize() { + assertEquals( + "{\"keyName\":\"keyName\",\"certName\":\"certName\",\"version\":1}", + EndpointCertificateMetadataSerializer.toSlime(sample).toString()); + } + + @Test + public void serializeWithRequestMetadata() { + assertEquals( + "{\"keyName\":\"keyName\",\"certName\":\"certName\",\"version\":1,\"requestId\":\"requestId\",\"requestedDnsSans\":[\"SAN1\",\"SAN2\"]}", + EndpointCertificateMetadataSerializer.toSlime(sampleWithRequestMetadata).toString()); + } + + @Test + public void deserializeFromString() { + assertEquals( + new EndpointCertificateMetadata("foo-key", "foo-cert", 0), + EndpointCertificateMetadataSerializer.fromJsonOrTlsSecretsKeysString("foo")); + } + + @Test + public void deserializeFromJson() { + assertEquals( + sample, + EndpointCertificateMetadataSerializer.fromJsonOrTlsSecretsKeysString( + "{\"keyName\":\"keyName\",\"certName\":\"certName\",\"version\":1}")); + } + + @Test + public void deserializeFromJsonWithRequestMetadata() { + assertEquals( + sampleWithRequestMetadata, + EndpointCertificateMetadataSerializer.fromJsonOrTlsSecretsKeysString( + "{\"keyName\":\"keyName\",\"certName\":\"certName\",\"version\":1,\"requestId\":\"requestId\",\"requestedDnsSans\":[\"SAN1\",\"SAN2\"]}")); + } +}
\ No newline at end of file |