From 4204e6ea8a1f133dce2ac9d7265c45e5d4c84395 Mon Sep 17 00:00:00 2001
From: jonmv <venstad@gmail.com>
Date: Wed, 4 May 2022 16:20:14 +0200
Subject: Expose EndpointAuthenticator

---
 tenant-cd-api/abi-spec.json                        | 16 ++++++++
 .../src/main/java/ai/vespa/hosted/cd/Endpoint.java |  3 ++
 .../ai/vespa/hosted/cd/EndpointAuthenticator.java  | 43 ++++++++++++++++++++++
 .../cd/commons/DefaultEndpointAuthenticator.java   |  1 +
 .../hosted/cd/commons/EndpointAuthenticator.java   | 43 ----------------------
 .../vespa/hosted/cd/commons/FeedClientBuilder.java |  1 +
 .../ai/vespa/hosted/cd/commons/HttpDeployment.java |  1 +
 .../ai/vespa/hosted/cd/commons/HttpEndpoint.java   |  6 +++
 8 files changed, 71 insertions(+), 43 deletions(-)
 create mode 100644 tenant-cd-api/src/main/java/ai/vespa/hosted/cd/EndpointAuthenticator.java
 delete mode 100644 tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/EndpointAuthenticator.java

diff --git a/tenant-cd-api/abi-spec.json b/tenant-cd-api/abi-spec.json
index 18094f2973f..48222a63e28 100644
--- a/tenant-cd-api/abi-spec.json
+++ b/tenant-cd-api/abi-spec.json
@@ -22,6 +22,7 @@
     ],
     "methods": [
       "public abstract java.net.URI uri()",
+      "public abstract ai.vespa.hosted.cd.EndpointAuthenticator authenticator()",
       "public abstract java.net.http.HttpResponse send(java.net.http.HttpRequest$Builder, java.net.http.HttpResponse$BodyHandler)",
       "public java.net.http.HttpResponse send(java.net.http.HttpRequest$Builder)",
       "public abstract java.net.http.HttpRequest$Builder request(java.lang.String, java.util.Map)",
@@ -29,6 +30,21 @@
     ],
     "fields": []
   },
+  "ai.vespa.hosted.cd.EndpointAuthenticator": {
+    "superClass": "java.lang.Object",
+    "interfaces": [],
+    "attributes": [
+      "public",
+      "interface",
+      "abstract"
+    ],
+    "methods": [
+      "public javax.net.ssl.SSLContext sslContext()",
+      "public java.net.http.HttpRequest$Builder authenticated(java.net.http.HttpRequest$Builder)",
+      "public java.util.Map authorizationHeaders()"
+    ],
+    "fields": []
+  },
   "ai.vespa.hosted.cd.InconclusiveTestException": {
     "superClass": "java.lang.RuntimeException",
     "interfaces": [],
diff --git a/tenant-cd-api/src/main/java/ai/vespa/hosted/cd/Endpoint.java b/tenant-cd-api/src/main/java/ai/vespa/hosted/cd/Endpoint.java
index 3fd345abaff..319d835c73a 100644
--- a/tenant-cd-api/src/main/java/ai/vespa/hosted/cd/Endpoint.java
+++ b/tenant-cd-api/src/main/java/ai/vespa/hosted/cd/Endpoint.java
@@ -18,6 +18,9 @@ public interface Endpoint {
     /** Returns the URI of the endpoint, with scheme, host and port. */
     URI uri();
 
+    /** Returns the authenticator for HTTP requests against this particular endpoint. */
+    EndpointAuthenticator authenticator();
+
     /** Sends the given request with required authentication. */
     <T> HttpResponse<T> send(HttpRequest.Builder request, HttpResponse.BodyHandler<T> handler);
 
diff --git a/tenant-cd-api/src/main/java/ai/vespa/hosted/cd/EndpointAuthenticator.java b/tenant-cd-api/src/main/java/ai/vespa/hosted/cd/EndpointAuthenticator.java
new file mode 100644
index 00000000000..8985375fce2
--- /dev/null
+++ b/tenant-cd-api/src/main/java/ai/vespa/hosted/cd/EndpointAuthenticator.java
@@ -0,0 +1,43 @@
+// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+package ai.vespa.hosted.cd;
+
+import javax.net.ssl.SSLContext;
+import java.net.http.HttpRequest;
+import java.security.NoSuchAlgorithmException;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * Adds environment dependent authentication to HTTP request against Vespa deployments.
+ *
+ * An implementation typically needs to override either of the methods in this interface,
+ * and needs to run in different environments, e.g., local user testing and automatic testing
+ * in a deployment pipeline.
+ *
+ * @author jonmv
+ */
+public interface EndpointAuthenticator {
+
+    /** Returns an SSLContext which provides authentication against a Vespa endpoint. */
+    default SSLContext sslContext() {
+        try {
+            return SSLContext.getDefault();
+        } catch (NoSuchAlgorithmException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    /** Adds necessary authentication data to the given HTTP request builder, to pass the data plane of a Vespa endpoint. */
+    default HttpRequest.Builder authenticated(HttpRequest.Builder request) {
+        Map<String, List<String>> headers = request.build().headers().map();
+        authorizationHeaders().forEach((name, value) -> {
+            if ( ! headers.containsKey(name))
+                request.setHeader(name, value);
+        });
+        return request;
+    }
+
+    default Map<String, String> authorizationHeaders() {
+        return Map.of();
+    }
+}
diff --git a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/DefaultEndpointAuthenticator.java b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/DefaultEndpointAuthenticator.java
index b52abddba07..b8030afd901 100644
--- a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/DefaultEndpointAuthenticator.java
+++ b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/DefaultEndpointAuthenticator.java
@@ -2,6 +2,7 @@
 package ai.vespa.hosted.cd.commons;
 
 import ai.vespa.hosted.api.Properties;
+import ai.vespa.hosted.cd.EndpointAuthenticator;
 import com.yahoo.config.provision.SystemName;
 import com.yahoo.security.KeyUtils;
 import com.yahoo.security.SslContextBuilder;
diff --git a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/EndpointAuthenticator.java b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/EndpointAuthenticator.java
deleted file mode 100644
index 590f49f0124..00000000000
--- a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/EndpointAuthenticator.java
+++ /dev/null
@@ -1,43 +0,0 @@
-// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
-package ai.vespa.hosted.cd.commons;
-
-import javax.net.ssl.SSLContext;
-import java.net.http.HttpRequest;
-import java.security.NoSuchAlgorithmException;
-import java.util.List;
-import java.util.Map;
-
-/**
- * Adds environment dependent authentication to HTTP request against Vespa deployments.
- *
- * An implementation typically needs to override either of the methods in this interface,
- * and needs to run in different environments, e.g., local user testing and automatic testing
- * in a deployment pipeline.
- *
- * @author jonmv
- */
-public interface EndpointAuthenticator {
-
-    /** Returns an SSLContext which provides authentication against a Vespa endpoint. */
-    default SSLContext sslContext() {
-        try {
-            return SSLContext.getDefault();
-        } catch (NoSuchAlgorithmException e) {
-            throw new RuntimeException(e);
-        }
-    }
-
-    /** Adds necessary authentication data to the given HTTP request builder, to pass the data plane of a Vespa endpoint. */
-    default HttpRequest.Builder authenticated(HttpRequest.Builder request) {
-        Map<String, List<String>> headers = request.build().headers().map();
-        authorizationHeaders().forEach((name, value) -> {
-            if ( ! headers.containsKey(name))
-                request.setHeader(name, value);
-        });
-        return request;
-    }
-
-    default Map<String, String> authorizationHeaders() {
-        return Map.of();
-    }
-}
diff --git a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/FeedClientBuilder.java b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/FeedClientBuilder.java
index 892c8b63645..7e7355ae6d4 100644
--- a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/FeedClientBuilder.java
+++ b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/FeedClientBuilder.java
@@ -3,6 +3,7 @@
 package ai.vespa.hosted.cd.commons;
 
 import ai.vespa.feed.client.impl.FeedClientBuilderImpl;
+import ai.vespa.hosted.cd.EndpointAuthenticator;
 
 import java.util.Objects;
 import java.util.concurrent.atomic.AtomicReference;
diff --git a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/HttpDeployment.java b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/HttpDeployment.java
index 347d772b148..1abdc4d4297 100644
--- a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/HttpDeployment.java
+++ b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/HttpDeployment.java
@@ -3,6 +3,7 @@ package ai.vespa.hosted.cd.commons;
 
 import ai.vespa.hosted.cd.Deployment;
 import ai.vespa.hosted.cd.Endpoint;
+import ai.vespa.hosted.cd.EndpointAuthenticator;
 
 import java.net.URI;
 import java.util.Map;
diff --git a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/HttpEndpoint.java b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/HttpEndpoint.java
index fdca5c6e69b..0e5f42fa178 100644
--- a/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/HttpEndpoint.java
+++ b/tenant-cd-commons/src/main/java/ai/vespa/hosted/cd/commons/HttpEndpoint.java
@@ -2,6 +2,7 @@
 package ai.vespa.hosted.cd.commons;
 
 import ai.vespa.hosted.cd.Endpoint;
+import ai.vespa.hosted.cd.EndpointAuthenticator;
 
 import javax.net.ssl.SSLParameters;
 import java.io.IOException;
@@ -46,6 +47,11 @@ public class HttpEndpoint implements Endpoint {
         return endpoint;
     }
 
+    @Override
+    public EndpointAuthenticator authenticator() {
+        return authenticator;
+    }
+
     @Override
     public <T> HttpResponse<T> send(HttpRequest.Builder request, HttpResponse.BodyHandler<T> handler) {
         try {
-- 
cgit v1.2.3