From 68e4890241b7ace78f1e0eaa26577a47623ec42a Mon Sep 17 00:00:00 2001 From: Bjørn Christian Seime Date: Thu, 26 Jul 2018 14:47:39 +0200 Subject: Remove wrapped document structure from SignedIdentityDocument --- .../identityprovider/api/EntityBindingsMapper.java | 62 +++----------- .../identityprovider/api/IdentityDocument.java | 52 ------------ .../api/SignedIdentityDocument.java | 12 +-- .../api/bindings/IdentityDocumentEntity.java | 73 ---------------- .../api/bindings/SignedIdentityDocumentEntity.java | 35 +------- .../api/bindings/VespaUniqueInstanceIdEntity.java | 97 ---------------------- .../client/IdentityDocumentSignerTest.java | 2 +- 7 files changed, 16 insertions(+), 317 deletions(-) delete mode 100644 vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/IdentityDocument.java delete mode 100644 vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/bindings/IdentityDocumentEntity.java delete mode 100644 vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/bindings/VespaUniqueInstanceIdEntity.java (limited to 'vespa-athenz') diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/EntityBindingsMapper.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/EntityBindingsMapper.java index 641c3001795..3fc7d484334 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/EntityBindingsMapper.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/EntityBindingsMapper.java @@ -5,9 +5,7 @@ import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; import com.yahoo.vespa.athenz.api.AthenzService; -import com.yahoo.vespa.athenz.identityprovider.api.bindings.IdentityDocumentEntity; import com.yahoo.vespa.athenz.identityprovider.api.bindings.SignedIdentityDocumentEntity; -import com.yahoo.vespa.athenz.identityprovider.api.bindings.VespaUniqueInstanceIdEntity; import java.io.IOException; import java.io.UncheckedIOException; @@ -15,7 +13,6 @@ import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; import java.nio.file.StandardCopyOption; -import java.util.Base64; import static com.yahoo.vespa.athenz.identityprovider.api.VespaUniqueInstanceId.fromDottedString; @@ -38,23 +35,8 @@ public class EntityBindingsMapper { } } - public static VespaUniqueInstanceId toVespaUniqueInstanceId(VespaUniqueInstanceIdEntity entity) { - return new VespaUniqueInstanceId( - entity.clusterIndex, entity.clusterId, entity.instance, entity.application, entity.tenant, entity.region, entity.environment, entity.type != null ? IdentityType.fromId(entity.type) : null); // TODO Remove support for legacy representation without type - } - - public static IdentityDocument toIdentityDocument(IdentityDocumentEntity entity) { - return new IdentityDocument( - toVespaUniqueInstanceId(entity.providerUniqueId), - entity.configServerHostname, - entity.instanceHostname, - entity.createdAt, - entity.ipAddresses); - } - public static SignedIdentityDocument toSignedIdentityDocument(SignedIdentityDocumentEntity entity) { return new SignedIdentityDocument( - entity.identityDocument != null ? toIdentityDocument(entity.identityDocument) : null, entity.signature, entity.signingKeyVersion, fromDottedString(entity.providerUniqueId), @@ -69,42 +51,20 @@ public class EntityBindingsMapper { entity.identityType != null ? IdentityType.fromId(entity.identityType) : null); // TODO Remove support for legacy representation without type } - public static VespaUniqueInstanceIdEntity toVespaUniqueInstanceIdEntity(VespaUniqueInstanceId model) { - return new VespaUniqueInstanceIdEntity( - model.tenant(), model.application(), model.environment(), model.region(), - model.instance(), model.clusterId(), model.clusterIndex(), model.type() != null ? model.type().id() : null); // TODO Remove support for legacy representation without type - } - - public static IdentityDocumentEntity toIdentityDocumentEntity(IdentityDocument model) { - return new IdentityDocumentEntity( - toVespaUniqueInstanceIdEntity(model.providerUniqueId()), + public static SignedIdentityDocumentEntity toSignedIdentityDocumentEntity(SignedIdentityDocument model) { + return new SignedIdentityDocumentEntity( + model.signature(), + model.signingKeyVersion(), + model.providerUniqueId().asDottedString(), + model.dnsSuffix(), + model.providerService().getFullName(), + model.ztsEndpoint(), + model.documentVersion(), model.configServerHostname(), model.instanceHostname(), model.createdAt(), - model.ipAddresses()); - } - - public static SignedIdentityDocumentEntity toSignedIdentityDocumentEntity(SignedIdentityDocument model) { - try { - IdentityDocumentEntity identityDocumentEntity = model.identityDocument() != null ? toIdentityDocumentEntity(model.identityDocument()) : null; - String rawDocument = Base64.getEncoder().encodeToString(mapper.writeValueAsString(identityDocumentEntity).getBytes()); - return new SignedIdentityDocumentEntity( - rawDocument, - model.signature(), - model.signingKeyVersion(), - model.providerUniqueId().asDottedString(), - model.dnsSuffix(), - model.providerService().getFullName(), - model.ztsEndpoint(), - model.documentVersion(), - model.configServerHostname(), - model.instanceHostname(), - model.createdAt(), - model.ipAddresses(), - model.identityType() != null ? model.identityType().id() : null); // TODO Remove support for legacy representation without type - } catch (JsonProcessingException e) { - throw new RuntimeException(e); - } + model.ipAddresses(), + model.identityType() != null ? model.identityType().id() : null); // TODO Remove support for legacy representation without type } public static SignedIdentityDocument readSignedIdentityDocumentFromFile(Path file) { diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/IdentityDocument.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/IdentityDocument.java deleted file mode 100644 index 82d0a3d622c..00000000000 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/IdentityDocument.java +++ /dev/null @@ -1,52 +0,0 @@ -// Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.athenz.identityprovider.api; - -import java.time.Instant; -import java.util.Set; - -/** - * The identity document that contains the instance specific information - * - * @author bjorncs - * @deprecated Will soon be inlined into {@link SignedIdentityDocument} - */ -@Deprecated -public class IdentityDocument { - private final VespaUniqueInstanceId providerUniqueId; - private final String configServerHostname; - private final String instanceHostname; - private final Instant createdAt; - private final Set ipAddresses; - - public IdentityDocument(VespaUniqueInstanceId providerUniqueId, - String configServerHostname, - String instanceHostname, - Instant createdAt, - Set ipAddresses) { - this.providerUniqueId = providerUniqueId; - this.configServerHostname = configServerHostname; - this.instanceHostname = instanceHostname; - this.createdAt = createdAt; - this.ipAddresses = ipAddresses; - } - - public VespaUniqueInstanceId providerUniqueId() { - return providerUniqueId; - } - - public String configServerHostname() { - return configServerHostname; - } - - public String instanceHostname() { - return instanceHostname; - } - - public Instant createdAt() { - return createdAt; - } - - public Set ipAddresses() { - return ipAddresses; - } -} diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/SignedIdentityDocument.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/SignedIdentityDocument.java index aa1dbd4dac3..bf36113d523 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/SignedIdentityDocument.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/SignedIdentityDocument.java @@ -8,7 +8,7 @@ import java.time.Instant; import java.util.Set; /** - * A signed identity document which contains a {@link IdentityDocument} + * A signed identity document * * @author bjorncs */ @@ -16,7 +16,6 @@ public class SignedIdentityDocument { public static final int DEFAULT_KEY_VERSION = 0; public static final int DEFAULT_DOCUMENT_VERSION = 1; - private final IdentityDocument identityDocument; private final String signature; private final int signingKeyVersion; private final VespaUniqueInstanceId providerUniqueId; @@ -30,8 +29,7 @@ public class SignedIdentityDocument { private final Set ipAddresses; private final IdentityType identityType; - public SignedIdentityDocument(IdentityDocument identityDocument, - String signature, + public SignedIdentityDocument(String signature, int signingKeyVersion, VespaUniqueInstanceId providerUniqueId, String dnsSuffix, @@ -43,7 +41,6 @@ public class SignedIdentityDocument { Instant createdAt, Set ipAddresses, IdentityType identityType) { - this.identityDocument = identityDocument; this.signature = signature; this.signingKeyVersion = signingKeyVersion; this.providerUniqueId = providerUniqueId; @@ -58,11 +55,6 @@ public class SignedIdentityDocument { this.identityType = identityType; } - @Deprecated - public IdentityDocument identityDocument() { - return identityDocument; - } - public String signature() { return signature; } diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/bindings/IdentityDocumentEntity.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/bindings/IdentityDocumentEntity.java deleted file mode 100644 index b4b2e82ab0e..00000000000 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/bindings/IdentityDocumentEntity.java +++ /dev/null @@ -1,73 +0,0 @@ -// Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.athenz.identityprovider.api.bindings; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; - -import java.time.Instant; -import java.util.Objects; -import java.util.Set; - -/** - * @author bjorncs - * @deprecated Will soon be inlined into {@link SignedIdentityDocumentEntity} - */ -@JsonIgnoreProperties(ignoreUnknown = true) -@Deprecated -public class IdentityDocumentEntity { - - @JsonProperty("provider-unique-id") - public final VespaUniqueInstanceIdEntity providerUniqueId; - @JsonProperty("configserver-hostname") - public final String configServerHostname; - @JsonProperty("instance-hostname") - public final String instanceHostname; - @JsonProperty("created-at") - public final Instant createdAt; - @JsonProperty("ip-addresses") - public final Set ipAddresses; - - public IdentityDocumentEntity( - @JsonProperty("provider-unique-id") VespaUniqueInstanceIdEntity providerUniqueId, - @JsonProperty("configserver-hostname") String configServerHostname, - @JsonProperty("instance-hostname") String instanceHostname, - @JsonProperty("created-at") Instant createdAt, - @JsonProperty("ip-addresses") Set ipAddresses) { - this.providerUniqueId = providerUniqueId; - this.configServerHostname = configServerHostname; - this.instanceHostname = instanceHostname; - this.createdAt = createdAt; - this.ipAddresses = ipAddresses; - } - - - @Override - public String toString() { - return "IdentityDocumentEntity{" + - "providerUniqueId=" + providerUniqueId + - ", configServerHostname='" + configServerHostname + '\'' + - ", instanceHostname='" + instanceHostname + '\'' + - ", createdAt=" + createdAt + - ", ipAddresses=" + ipAddresses + - '}'; - } - - - @Override - public boolean equals(Object o) { - if (this == o) return true; - if (o == null || getClass() != o.getClass()) return false; - IdentityDocumentEntity that = (IdentityDocumentEntity) o; - return Objects.equals(providerUniqueId, that.providerUniqueId) && - Objects.equals(configServerHostname, that.configServerHostname) && - Objects.equals(instanceHostname, that.instanceHostname) && - Objects.equals(createdAt, that.createdAt) && - Objects.equals(ipAddresses, that.ipAddresses); - } - - @Override - public int hashCode() { - - return Objects.hash(providerUniqueId, configServerHostname, instanceHostname, createdAt, ipAddresses); - } -} diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/bindings/SignedIdentityDocumentEntity.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/bindings/SignedIdentityDocumentEntity.java index 6f773d51df3..e43849d7b21 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/bindings/SignedIdentityDocumentEntity.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/bindings/SignedIdentityDocumentEntity.java @@ -2,17 +2,11 @@ package com.yahoo.vespa.athenz.identityprovider.api.bindings; import com.fasterxml.jackson.annotation.JsonCreator; -import com.fasterxml.jackson.annotation.JsonIgnore; import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; -import java.io.IOException; -import java.io.UncheckedIOException; import java.net.URI; import java.time.Instant; -import java.util.Base64; import java.util.Objects; import java.util.Set; @@ -22,10 +16,6 @@ import java.util.Set; @JsonIgnoreProperties(ignoreUnknown = true) public class SignedIdentityDocumentEntity { - private static final ObjectMapper mapper = createObjectMapper(); - - @JsonProperty("identity-document")public final String rawIdentityDocument; - @JsonIgnore @Deprecated public final IdentityDocumentEntity identityDocument; @JsonProperty("signature") public final String signature; @JsonProperty("signing-key-version") public final int signingKeyVersion; @JsonProperty("provider-unique-id") public final String providerUniqueId; // String representation @@ -40,8 +30,7 @@ public class SignedIdentityDocumentEntity { @JsonProperty("identity-type") public final String identityType; @JsonCreator - public SignedIdentityDocumentEntity(@JsonProperty("identity-document") String rawIdentityDocument, - @JsonProperty("signature") String signature, + public SignedIdentityDocumentEntity(@JsonProperty("signature") String signature, @JsonProperty("signing-key-version") int signingKeyVersion, @JsonProperty("provider-unique-id") String providerUniqueId, @JsonProperty("dns-suffix") String dnsSuffix, @@ -53,8 +42,6 @@ public class SignedIdentityDocumentEntity { @JsonProperty("created-at") Instant createdAt, @JsonProperty("ip-addresses") Set ipAddresses, @JsonProperty("identity-type") String identityType) { - this.rawIdentityDocument = rawIdentityDocument; - this.identityDocument = rawIdentityDocument != null ? parseIdentityDocument(rawIdentityDocument) : null; this.signature = signature; this.signingKeyVersion = signingKeyVersion; this.providerUniqueId = providerUniqueId; @@ -69,25 +56,9 @@ public class SignedIdentityDocumentEntity { this.identityType = identityType; } - private static IdentityDocumentEntity parseIdentityDocument(String rawIdentityDocument) { - try { - return mapper.readValue(Base64.getDecoder().decode(rawIdentityDocument), IdentityDocumentEntity.class); - } catch (IOException e) { - throw new UncheckedIOException(e); - } - } - - private static ObjectMapper createObjectMapper() { - ObjectMapper mapper = new ObjectMapper(); - mapper.registerModule(new JavaTimeModule()); - return mapper; - } - @Override public String toString() { return "SignedIdentityDocumentEntity{" + - "rawIdentityDocument='" + rawIdentityDocument + '\'' + - ", identityDocument=" + identityDocument + ", signature='" + signature + '\'' + ", signingKeyVersion=" + signingKeyVersion + ", providerUniqueId='" + providerUniqueId + '\'' + @@ -110,8 +81,6 @@ public class SignedIdentityDocumentEntity { SignedIdentityDocumentEntity that = (SignedIdentityDocumentEntity) o; return signingKeyVersion == that.signingKeyVersion && documentVersion == that.documentVersion && - Objects.equals(rawIdentityDocument, that.rawIdentityDocument) && - Objects.equals(identityDocument, that.identityDocument) && Objects.equals(signature, that.signature) && Objects.equals(providerUniqueId, that.providerUniqueId) && Objects.equals(dnsSuffix, that.dnsSuffix) && @@ -126,6 +95,6 @@ public class SignedIdentityDocumentEntity { @Override public int hashCode() { - return Objects.hash(rawIdentityDocument, identityDocument, signature, signingKeyVersion, providerUniqueId, dnsSuffix, providerService, ztsEndpoint, documentVersion, configServerHostname, instanceHostname, createdAt, ipAddresses, identityType); + return Objects.hash(signature, signingKeyVersion, providerUniqueId, dnsSuffix, providerService, ztsEndpoint, documentVersion, configServerHostname, instanceHostname, createdAt, ipAddresses, identityType); } } diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/bindings/VespaUniqueInstanceIdEntity.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/bindings/VespaUniqueInstanceIdEntity.java deleted file mode 100644 index 3fdbb49b28e..00000000000 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/api/bindings/VespaUniqueInstanceIdEntity.java +++ /dev/null @@ -1,97 +0,0 @@ -// Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.athenz.identityprovider.api.bindings; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonCreator; -import com.fasterxml.jackson.annotation.JsonProperty; - -import java.util.Objects; - -/** - * @author bjorncs - */ -@JsonIgnoreProperties(ignoreUnknown = true) -public class VespaUniqueInstanceIdEntity { - - @JsonProperty("tenant") - public final String tenant; - @JsonProperty("application") - public final String application; - @JsonProperty("environment") - public final String environment; - @JsonProperty("region") - public final String region; - @JsonProperty("instance") - public final String instance; - @JsonProperty("cluster-id") - public final String clusterId; - @JsonProperty("cluster-index") - public final int clusterIndex; - @JsonProperty("type") - public final String type; - - @JsonCreator - public VespaUniqueInstanceIdEntity(@JsonProperty("tenant") String tenant, - @JsonProperty("application") String application, - @JsonProperty("environment") String environment, - @JsonProperty("region") String region, - @JsonProperty("instance") String instance, - @JsonProperty("cluster-id") String clusterId, - @JsonProperty("cluster-index") int clusterIndex, - @JsonProperty("type") String type) { - this.tenant = tenant; - this.application = application; - this.environment = environment; - this.region = region; - this.instance = instance; - this.clusterId = clusterId; - this.clusterIndex = clusterIndex; - this.type = type; - } - - @Deprecated - public VespaUniqueInstanceIdEntity(String tenant, - String application, - String environment, - String region, - String instance, - String clusterId, - int clusterIndex) { - this(tenant, application, environment, region, instance, clusterId, clusterIndex, null); - } - - - @Override - public String toString() { - return "VespaUniqueInstanceIdEntity{" + - "tenant='" + tenant + '\'' + - ", application='" + application + '\'' + - ", environment='" + environment + '\'' + - ", region='" + region + '\'' + - ", instance='" + instance + '\'' + - ", clusterId='" + clusterId + '\'' + - ", clusterIndex=" + clusterIndex + - ", type='" + type + '\'' + - '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) return true; - if (o == null || getClass() != o.getClass()) return false; - VespaUniqueInstanceIdEntity that = (VespaUniqueInstanceIdEntity) o; - return clusterIndex == that.clusterIndex && - Objects.equals(tenant, that.tenant) && - Objects.equals(application, that.application) && - Objects.equals(environment, that.environment) && - Objects.equals(region, that.region) && - Objects.equals(instance, that.instance) && - Objects.equals(clusterId, that.clusterId) && - Objects.equals(type, that.type); - } - - @Override - public int hashCode() { - return Objects.hash(tenant, application, environment, region, instance, clusterId, clusterIndex, type); - } -} diff --git a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/IdentityDocumentSignerTest.java b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/IdentityDocumentSignerTest.java index 9cc500ee241..efee6907a42 100644 --- a/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/IdentityDocumentSignerTest.java +++ b/vespa-athenz/src/test/java/com/yahoo/vespa/athenz/identityprovider/client/IdentityDocumentSignerTest.java @@ -41,7 +41,7 @@ public class IdentityDocumentSignerTest { signer.generateSignature(id, providerService, configserverHostname, instanceHostname, createdAt, ipAddresses, identityType, keyPair.getPrivate()); SignedIdentityDocument signedIdentityDocument = new SignedIdentityDocument( - null, signature, DEFAULT_KEY_VERSION, id, "dns-suffix", providerService, URI.create("https://zts"), + signature, DEFAULT_KEY_VERSION, id, "dns-suffix", providerService, URI.create("https://zts"), DEFAULT_DOCUMENT_VERSION, configserverHostname, instanceHostname, createdAt, ipAddresses, identityType); assertTrue(signer.hasValidSignature(signedIdentityDocument, keyPair.getPublic())); -- cgit v1.2.3