summaryrefslogtreecommitdiffstats
path: root/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/IdentityProviderRequestHandler.java
diff options
context:
space:
mode:
Diffstat (limited to 'athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/IdentityProviderRequestHandler.java')
-rw-r--r--athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/IdentityProviderRequestHandler.java99
1 files changed, 0 insertions, 99 deletions
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/IdentityProviderRequestHandler.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/IdentityProviderRequestHandler.java
deleted file mode 100644
index c1dd70d7656..00000000000
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/IdentityProviderRequestHandler.java
+++ /dev/null
@@ -1,99 +0,0 @@
-// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
-package com.yahoo.vespa.hosted.athenz.instanceproviderservice;
-
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.databind.SerializationFeature;
-import com.fasterxml.jackson.datatype.jdk8.Jdk8Module;
-import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
-import com.yahoo.component.annotation.Inject;
-import com.yahoo.container.jdisc.ThreadedHttpRequestHandler;
-import com.yahoo.restapi.RestApi;
-import com.yahoo.restapi.RestApiException;
-import com.yahoo.restapi.RestApiRequestHandler;
-import com.yahoo.vespa.athenz.identityprovider.api.EntityBindingsMapper;
-import com.yahoo.vespa.athenz.identityprovider.api.IdentityType;
-import com.yahoo.vespa.athenz.identityprovider.api.bindings.SignedIdentityDocumentEntity;
-
-import java.util.logging.Level;
-
-/**
- * Handler implementing the Athenz Identity Provider API (Copper Argos).
- *
- * @author bjorncs
- */
-public class IdentityProviderRequestHandler extends RestApiRequestHandler<IdentityProviderRequestHandler> {
-
- private final IdentityDocumentGenerator documentGenerator;
- private final InstanceValidator instanceValidator;
-
- @Inject
- public IdentityProviderRequestHandler(ThreadedHttpRequestHandler.Context context,
- IdentityDocumentGenerator documentGenerator,
- InstanceValidator instanceValidator) {
- super(context, IdentityProviderRequestHandler::createRestApi);
- this.documentGenerator = documentGenerator;
- this.instanceValidator = instanceValidator;
- }
-
- private static RestApi createRestApi(IdentityProviderRequestHandler self) {
- return RestApi.builder()
- .addRoute(RestApi.route("/athenz/v1/provider/identity-document/node/{host}")
- .get(self::getNodeIdentityDocument))
- .addRoute(RestApi.route("/athenz/v1/provider/identity-document/tenant/{host}")
- .get(self::getTenantIdentityDocument))
- .addRoute(RestApi.route("/athenz/v1/provider/instance")
- .post(InstanceConfirmation.class, self::confirmInstance))
- .addRoute(RestApi.route("/athenz/v1/provider/refresh")
- .post(InstanceConfirmation.class, self::confirmInstanceRefresh))
- .registerJacksonRequestEntity(InstanceConfirmation.class)
- .registerJacksonResponseEntity(InstanceConfirmation.class)
- .registerJacksonResponseEntity(SignedIdentityDocumentEntity.class)
- // Overriding object mapper to change serialization of timestamps
- .setObjectMapper(new ObjectMapper()
- .registerModule(new JavaTimeModule())
- .registerModule(new Jdk8Module())
- .configure(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS, true))
- .build();
- }
-
- private SignedIdentityDocumentEntity getNodeIdentityDocument(RestApi.RequestContext context) {
- String host = context.pathParameters().getString("host").orElse(null);
- return getIdentityDocument(host, IdentityType.NODE);
- }
-
- private SignedIdentityDocumentEntity getTenantIdentityDocument(RestApi.RequestContext context) {
- String host = context.pathParameters().getString("host").orElse(null);
- return getIdentityDocument(host, IdentityType.TENANT);
- }
-
- private InstanceConfirmation confirmInstance(RestApi.RequestContext context, InstanceConfirmation instanceConfirmation) {
- log.log(Level.FINE, () -> instanceConfirmation.toString());
- if (!instanceValidator.isValidInstance(instanceConfirmation)) {
- log.log(Level.SEVERE, "Invalid instance: " + instanceConfirmation);
- throw new RestApiException.Forbidden("Instance is invalid");
- }
- return instanceConfirmation;
- }
-
- private InstanceConfirmation confirmInstanceRefresh(RestApi.RequestContext context, InstanceConfirmation instanceConfirmation) {
- log.log(Level.FINE, () -> instanceConfirmation.toString());
- if (!instanceValidator.isValidRefresh(instanceConfirmation)) {
- log.log(Level.SEVERE, "Invalid instance refresh: " + instanceConfirmation);
- throw new RestApiException.Forbidden("Instance is invalid");
- }
- return instanceConfirmation;
- }
-
- private SignedIdentityDocumentEntity getIdentityDocument(String hostname, IdentityType identityType) {
- if (hostname == null) {
- throw new RestApiException.BadRequest("The 'hostname' query parameter is missing");
- }
- try {
- return EntityBindingsMapper.toSignedIdentityDocumentEntity(documentGenerator.generateSignedIdentityDocument(hostname, identityType));
- } catch (Exception e) {
- String message = String.format("Unable to generate identity document for '%s': %s", hostname, e.getMessage());
- log.log(Level.SEVERE, message, e);
- throw new RestApiException.InternalServerError(message, e);
- }
- }
-}