diff options
Diffstat (limited to 'container-core/src/main/java/com/yahoo/jdisc/http/ssl/impl/CloudTokenSslContextProvider.java')
-rw-r--r-- | container-core/src/main/java/com/yahoo/jdisc/http/ssl/impl/CloudTokenSslContextProvider.java | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/ssl/impl/CloudTokenSslContextProvider.java b/container-core/src/main/java/com/yahoo/jdisc/http/ssl/impl/CloudTokenSslContextProvider.java new file mode 100644 index 00000000000..fe71d1b24c6 --- /dev/null +++ b/container-core/src/main/java/com/yahoo/jdisc/http/ssl/impl/CloudTokenSslContextProvider.java @@ -0,0 +1,37 @@ +// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.jdisc.http.ssl.impl; + +import com.yahoo.component.annotation.Inject; +import com.yahoo.jdisc.http.ConnectorConfig; +import com.yahoo.jdisc.http.server.jetty.DataplaneProxyCredentials; + +import java.io.IOException; +import java.nio.charset.StandardCharsets; +import java.nio.file.Files; +import java.util.Optional; + +/** + * Used to enable token based endpoints in Cloud. Amends trust store to allow proxy. + * + * @author mortent + */ +public class CloudTokenSslContextProvider extends ConfiguredSslContextFactoryProvider { + + private final DataplaneProxyCredentials dataplaneProxyCredentials; + + @Inject + public CloudTokenSslContextProvider(ConnectorConfig connectorConfig, + DataplaneProxyCredentials dataplaneProxyCredentials) { + super(connectorConfig); + this.dataplaneProxyCredentials = dataplaneProxyCredentials; + } + + @Override + Optional<String> getCaCertificates(ConnectorConfig.Ssl sslConfig) { + try { + return Optional.of(Files.readString(dataplaneProxyCredentials.certificateFile(), StandardCharsets.UTF_8)); + } catch (IOException e) { + throw new IllegalArgumentException("Dataplane proxy certificate not available", e); + } + } +} |