From dc10115a4f417d96cbd7aaed4b31374f5bb8d23d Mon Sep 17 00:00:00 2001 From: Jon Marius Venstad Date: Tue, 3 Mar 2020 12:55:48 +0100 Subject: Expose controller client factory with SSL context argument --- .../java/ai/vespa/hosted/api/ControllerHttpClient.java | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) (limited to 'hosted-api/src/main') diff --git a/hosted-api/src/main/java/ai/vespa/hosted/api/ControllerHttpClient.java b/hosted-api/src/main/java/ai/vespa/hosted/api/ControllerHttpClient.java index 6fba083e607..376719aed1d 100644 --- a/hosted-api/src/main/java/ai/vespa/hosted/api/ControllerHttpClient.java +++ b/hosted-api/src/main/java/ai/vespa/hosted/api/ControllerHttpClient.java @@ -17,6 +17,7 @@ import com.yahoo.slime.JsonFormat; import com.yahoo.slime.ObjectTraverser; import com.yahoo.slime.Slime; +import javax.net.ssl.SSLContext; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -77,6 +78,11 @@ public abstract class ControllerHttpClient { return new SigningControllerHttpClient(endpoint, privateKeyFile, id); } + /** Creates an HTTP client against the given endpoint, which uses the given SSL context for authentication. */ + public static ControllerHttpClient withSSLContext(URI endpoint, SSLContext sslContext) { + return new MutualTlsControllerHttpClient(endpoint, sslContext); + } + /** Creates an HTTP client against the given endpoint, which uses the given private key and certificate identity. */ public static ControllerHttpClient withKeyAndCertificate(URI endpoint, Path privateKeyFile, Path certificateFile) { var privateKey = unchecked(() -> KeyUtils.fromPemEncodedPrivateKey(Files.readString(privateKeyFile, UTF_8))); @@ -410,14 +416,17 @@ public abstract class ControllerHttpClient { /** Client that uses a given key / certificate identity to authenticate to the remote controller. */ private static class MutualTlsControllerHttpClient extends ControllerHttpClient { + private MutualTlsControllerHttpClient(URI endpoint, SSLContext sslContext) { + super(endpoint, HttpClient.newBuilder().sslContext(sslContext)); + } + private MutualTlsControllerHttpClient(URI endpoint, PrivateKey privateKey, List certs) { - super(endpoint, - HttpClient.newBuilder() - .sslContext(new SslContextBuilder().withKeyStore(privateKey, certs).build())); + this(endpoint, new SslContextBuilder().withKeyStore(privateKey, certs).build()); } } + private static DeploymentLog.Status valueOf(String status) { switch (status) { case "running": return DeploymentLog.Status.running; -- cgit v1.2.3