diff options
-rw-r--r-- | tenant-auth/src/main/java/ai/vespa/hosted/auth/Authenticator.java | 20 | ||||
-rw-r--r-- | tenant-cd/src/main/java/ai/vespa/hosted/cd/TestConfig.java | 4 |
2 files changed, 11 insertions, 13 deletions
diff --git a/tenant-auth/src/main/java/ai/vespa/hosted/auth/Authenticator.java b/tenant-auth/src/main/java/ai/vespa/hosted/auth/Authenticator.java index 6ecf1100630..9ded35a5726 100644 --- a/tenant-auth/src/main/java/ai/vespa/hosted/auth/Authenticator.java +++ b/tenant-auth/src/main/java/ai/vespa/hosted/auth/Authenticator.java @@ -34,7 +34,7 @@ public class Authenticator { Path privateKeyFile = credentialsRoot.resolve("key"); X509Certificate certificate = X509CertificateUtils.fromPem(new String(Files.readAllBytes(certificateFile))); - if (Instant.now().isBefore(certificate.getNotBefore().toInstant()) + if ( Instant.now().isBefore(certificate.getNotBefore().toInstant()) || Instant.now().isAfter(certificate.getNotAfter().toInstant())) throw new IllegalStateException("Certificate at '" + certificateFile + "' is valid between " + certificate.getNotBefore() + " and " + certificate.getNotAfter() + " — not now."); @@ -50,17 +50,15 @@ public class Authenticator { return request; } - ApplicationId id = ApplicationId.from(requireNonBlankProperty("tenant"), - requireNonBlankProperty("application"), - getNonBlankProperty("instance").orElse("default")); + public ControllerHttpClient controller() { + ApplicationId id = ApplicationId.from(requireNonBlankProperty("tenant"), + requireNonBlankProperty("application"), + getNonBlankProperty("instance").orElse("default")); + URI endpoint = URI.create(requireNonBlankProperty("endpoint")); + Path privateKeyFile = Paths.get(requireNonBlankProperty("privateKeyFile")); - URI endpoint = URI.create(requireNonBlankProperty("endpoint")); - Path privateKeyFile = Paths.get(requireNonBlankProperty("privateKeyFile")); - Optional<Path> certificateFile = getNonBlankProperty("certificateFile").map(Paths::get); - - ControllerHttpClient controller = certificateFile.isPresent() - ? ControllerHttpClient.withKeyAndCertificate(endpoint, privateKeyFile, certificateFile.get()) - : ControllerHttpClient.withSignatureKey(endpoint, privateKeyFile, id); + return ControllerHttpClient.withSignatureKey(endpoint, privateKeyFile, id); + } static Optional<String> getNonBlankProperty(String name) { return Optional.ofNullable(System.getProperty(name)).filter(value -> ! value.isBlank()); diff --git a/tenant-cd/src/main/java/ai/vespa/hosted/cd/TestConfig.java b/tenant-cd/src/main/java/ai/vespa/hosted/cd/TestConfig.java index 36c14a38b37..e441254cff7 100644 --- a/tenant-cd/src/main/java/ai/vespa/hosted/cd/TestConfig.java +++ b/tenant-cd/src/main/java/ai/vespa/hosted/cd/TestConfig.java @@ -1,6 +1,7 @@ package ai.vespa.hosted.cd; import ai.vespa.hosted.api.ControllerHttpClient; +import ai.vespa.hosted.auth.Authenticator; import com.yahoo.config.provision.ApplicationId; import com.yahoo.config.provision.SystemName; import com.yahoo.slime.ArrayTraverser; @@ -12,13 +13,11 @@ import com.yahoo.slime.Slime; import java.net.URI; import java.nio.file.Files; -import java.nio.file.Path; import java.nio.file.Paths; import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; -import java.util.Optional; /** * The place to obtain environment-dependent configuration for the current test run. @@ -81,6 +80,7 @@ public class TestConfig { } static TestConfig fromController() { + ControllerHttpClient controller = new Authenticator().controller(); return null; } |