From a04935fd04c3bf6ef4c6e49b66e71293dc5b8b51 Mon Sep 17 00:00:00 2001 From: Bjørn Christian Seime Date: Fri, 31 Jan 2020 11:18:04 +0100 Subject: Improve naming of string conversion methods for AthenzRole --- .../com/yahoo/vespa/athenz/api/AthenzRole.java | 23 +++++++++++++--------- .../athenz/tls/AthenzX509CertificateUtils.java | 2 +- 2 files changed, 15 insertions(+), 10 deletions(-) (limited to 'vespa-athenz/src') diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzRole.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzRole.java index a7c9dbff3f8..4e432768298 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzRole.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzRole.java @@ -7,7 +7,7 @@ import java.util.Objects; * @author tokle */ public class AthenzRole { - private static final String DOMAIN_ROLE_NAME_DELIMITER = ":role."; + private static final String ROLE_RESOURCE_PREFIX = "role."; private final AthenzDomain domain; private final String roleName; @@ -22,14 +22,17 @@ public class AthenzRole { this.roleName = roleName; } - public static AthenzRole fromString(String string) { - if (!string.contains(DOMAIN_ROLE_NAME_DELIMITER)) { - throw new IllegalArgumentException("Not a valid role: " + string); + public static AthenzRole fromResourceNameString(String string) { + return fromResourceName(AthenzResourceName.fromString(string)); + } + + public static AthenzRole fromResourceName(AthenzResourceName resourceName) { + String entityName = resourceName.getEntityName(); + if (!entityName.startsWith(ROLE_RESOURCE_PREFIX)) { + throw new IllegalArgumentException("Not a valid role: " + resourceName.toResourceNameString()); } - int delimiterIndex = string.indexOf(DOMAIN_ROLE_NAME_DELIMITER); - String domain = string.substring(0, delimiterIndex); - String roleName = string.substring(delimiterIndex + DOMAIN_ROLE_NAME_DELIMITER.length()); - return new AthenzRole(domain, roleName); + String roleName = entityName.substring(ROLE_RESOURCE_PREFIX.length()); + return new AthenzRole(resourceName.getDomain(), roleName); } public AthenzDomain domain() { @@ -40,7 +43,9 @@ public class AthenzRole { return roleName; } - public String asString() { return domain.getName() + DOMAIN_ROLE_NAME_DELIMITER + roleName; } + public String toResourceNameString() { return toResourceName().toResourceNameString(); } + + public AthenzResourceName toResourceName() { return new AthenzResourceName(domain, ROLE_RESOURCE_PREFIX + roleName); } @Override public boolean equals(Object o) { diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/tls/AthenzX509CertificateUtils.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/tls/AthenzX509CertificateUtils.java index 6793d5804c7..81525918f03 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/tls/AthenzX509CertificateUtils.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/tls/AthenzX509CertificateUtils.java @@ -43,7 +43,7 @@ public class AthenzX509CertificateUtils { public static AthenzRole getRolesFromRoleCertificate(X509Certificate certificate) { String commonName = com.yahoo.security.X509CertificateUtils.getSubjectCommonNames(certificate).get(0); - return AthenzRole.fromString(commonName); + return AthenzRole.fromResourceNameString(commonName); } private static AthenzIdentity getIdentityFromSanEmail(String email) { -- cgit v1.2.3