From 70648658fdf0a4df8dacc6f9949c0f18c95b8f8d Mon Sep 17 00:00:00 2001
From: Bjørn Christian Seime <bjorncs@verizonmedia.com>
Date: Wed, 8 May 2019 16:39:43 +0200
Subject: Add NodeIdentifier interface

---
 .../config/provision/security/NodeIdentifier.java  | 16 ++++
 .../security/NodeIdentifierException.java          | 11 +++
 .../config/provision/security/NodeIdentity.java    | 87 ++++++++++++++++++++++
 .../config/provision/security/package-info.java    |  8 ++
 4 files changed, 122 insertions(+)
 create mode 100644 config-provisioning/src/main/java/com/yahoo/config/provision/security/NodeIdentifier.java
 create mode 100644 config-provisioning/src/main/java/com/yahoo/config/provision/security/NodeIdentifierException.java
 create mode 100644 config-provisioning/src/main/java/com/yahoo/config/provision/security/NodeIdentity.java
 create mode 100644 config-provisioning/src/main/java/com/yahoo/config/provision/security/package-info.java

(limited to 'config-provisioning')

diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/security/NodeIdentifier.java b/config-provisioning/src/main/java/com/yahoo/config/provision/security/NodeIdentifier.java
new file mode 100644
index 00000000000..77aac21fcf6
--- /dev/null
+++ b/config-provisioning/src/main/java/com/yahoo/config/provision/security/NodeIdentifier.java
@@ -0,0 +1,16 @@
+// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+package com.yahoo.config.provision.security;
+
+import java.security.cert.X509Certificate;
+import java.util.List;
+
+/**
+ * Identifies Vespa nodes from the their X509 certificate.
+ *
+ * @author bjorncs
+ */
+public interface NodeIdentifier {
+
+    NodeIdentity identifyNode(List<X509Certificate> peerCertificateChain);
+
+}
diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/security/NodeIdentifierException.java b/config-provisioning/src/main/java/com/yahoo/config/provision/security/NodeIdentifierException.java
new file mode 100644
index 00000000000..795a4e8a1d2
--- /dev/null
+++ b/config-provisioning/src/main/java/com/yahoo/config/provision/security/NodeIdentifierException.java
@@ -0,0 +1,11 @@
+// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+package com.yahoo.config.provision.security;
+
+/**
+ * @author bjorncs
+ */
+public class NodeIdentifierException extends RuntimeException {
+    public NodeIdentifierException(String message) {
+        super(message);
+    }
+}
diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/security/NodeIdentity.java b/config-provisioning/src/main/java/com/yahoo/config/provision/security/NodeIdentity.java
new file mode 100644
index 00000000000..ea78caaeba7
--- /dev/null
+++ b/config-provisioning/src/main/java/com/yahoo/config/provision/security/NodeIdentity.java
@@ -0,0 +1,87 @@
+// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+package com.yahoo.config.provision.security;
+
+import com.yahoo.config.provision.HostName;
+import com.yahoo.config.provision.NodeType;
+
+import java.util.Objects;
+import java.util.Optional;
+
+/**
+ * The identity of a Vespa node
+ *
+ * @author bjorncs
+ */
+public class NodeIdentity {
+
+    private final NodeType nodeType;
+    private final String identityName;
+    private final HostName hostname;
+
+    private NodeIdentity(NodeType nodeType, String identityName, HostName hostname) {
+        this.nodeType = nodeType;
+        this.identityName = identityName;
+        this.hostname = hostname;
+    }
+
+    public NodeType nodeType() {
+        return nodeType;
+    }
+
+
+    public Optional<String> identityName() {
+        return Optional.ofNullable(identityName);
+    }
+
+    public Optional<HostName> hostname() {
+        return Optional.ofNullable(hostname);
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) return true;
+        if (o == null || getClass() != o.getClass()) return false;
+        NodeIdentity that = (NodeIdentity) o;
+        return nodeType == that.nodeType &&
+                Objects.equals(identityName, that.identityName) &&
+                Objects.equals(hostname, that.hostname);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(nodeType, identityName, hostname);
+    }
+
+    @Override
+    public String toString() {
+        return "NodeIdentity{" +
+                "nodeType=" + nodeType +
+                ", identityName='" + identityName + '\'' +
+                ", hostname=" + hostname +
+                '}';
+    }
+
+    public static class Builder {
+        private final NodeType nodeType;
+        private String identityName;
+        private HostName hostname;
+
+        public Builder(NodeType nodeType) {
+            this.nodeType = nodeType;
+        }
+
+        public Builder identityName(String identityName) {
+            this.identityName = identityName;
+            return this;
+        }
+
+        public Builder hostname(HostName hostname) {
+            this.hostname = hostname;
+            return this;
+        }
+
+        public NodeIdentity build() {
+            return new NodeIdentity(nodeType, identityName, hostname);
+        }
+    }
+}
diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/security/package-info.java b/config-provisioning/src/main/java/com/yahoo/config/provision/security/package-info.java
new file mode 100644
index 00000000000..f1f28c9ad27
--- /dev/null
+++ b/config-provisioning/src/main/java/com/yahoo/config/provision/security/package-info.java
@@ -0,0 +1,8 @@
+// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+/**
+ * @author bjorncs
+ */
+@ExportPackage
+package com.yahoo.config.provision.security;
+
+import com.yahoo.osgi.annotation.ExportPackage;
\ No newline at end of file
-- 
cgit v1.2.3