Package com.yahoo.vespa.athenz.identity
Class SiaIdentityProvider
- java.lang.Object
-
- com.yahoo.component.AbstractComponent
-
- com.yahoo.vespa.athenz.identity.SiaIdentityProvider
-
- All Implemented Interfaces:
com.yahoo.component.Component
,ServiceIdentityProvider
,java.lang.Comparable<com.yahoo.component.Component>
public class SiaIdentityProvider extends com.yahoo.component.AbstractComponent implements ServiceIdentityProvider
AServiceIdentityProvider
that provides the credentials stored on file system.- Author:
- mortent, bjorncs
-
-
Constructor Summary
Constructors Constructor Description SiaIdentityProvider(AthenzIdentity service, java.nio.file.Path siaPath, java.nio.file.Path athenzTruststoreFile, java.nio.file.Path clientTruststoreFile)
SiaIdentityProvider(AthenzIdentity service, java.nio.file.Path privateKeyFile, java.nio.file.Path certificateFile, java.nio.file.Path athenzTruststoreFile, java.nio.file.Path clientTruststoreFile)
SiaIdentityProvider(SiaProviderConfig config)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.nio.file.Path
athenzTruststorePath()
java.nio.file.Path
certificatePath()
java.nio.file.Path
clientTruststorePath()
The client truststore contains the Athenz certificates fromServiceIdentityProvider.athenzTruststorePath()
and additional certificate authorities that issues trusted server certificates.void
deconstruct()
com.yahoo.security.X509CertificateWithKey
getIdentityCertificateWithKey()
javax.net.ssl.SSLContext
getIdentitySslContext()
AthenzIdentity
identity()
java.nio.file.Path
privateKeyPath()
-
-
-
Constructor Detail
-
SiaIdentityProvider
@Inject public SiaIdentityProvider(SiaProviderConfig config)
-
SiaIdentityProvider
public SiaIdentityProvider(AthenzIdentity service, java.nio.file.Path siaPath, java.nio.file.Path athenzTruststoreFile, java.nio.file.Path clientTruststoreFile)
-
SiaIdentityProvider
public SiaIdentityProvider(AthenzIdentity service, java.nio.file.Path privateKeyFile, java.nio.file.Path certificateFile, java.nio.file.Path athenzTruststoreFile, java.nio.file.Path clientTruststoreFile)
-
-
Method Detail
-
identity
public AthenzIdentity identity()
- Specified by:
identity
in interfaceServiceIdentityProvider
- Returns:
- The Athenz identity of the environment
-
getIdentitySslContext
public javax.net.ssl.SSLContext getIdentitySslContext()
- Specified by:
getIdentitySslContext
in interfaceServiceIdentityProvider
- Returns:
SSLContext
that is automatically updated.
-
getIdentityCertificateWithKey
public com.yahoo.security.X509CertificateWithKey getIdentityCertificateWithKey()
- Specified by:
getIdentityCertificateWithKey
in interfaceServiceIdentityProvider
- Returns:
- Current certificate and private key. Unlike
ServiceIdentityProvider.getIdentitySslContext()
underlying credentials are not automatically updated.
-
certificatePath
public java.nio.file.Path certificatePath()
- Specified by:
certificatePath
in interfaceServiceIdentityProvider
- Returns:
- Path to X.509 certificate in PEM format
-
privateKeyPath
public java.nio.file.Path privateKeyPath()
- Specified by:
privateKeyPath
in interfaceServiceIdentityProvider
- Returns:
- Path to private key in PEM format
-
athenzTruststorePath
public java.nio.file.Path athenzTruststorePath()
- Specified by:
athenzTruststorePath
in interfaceServiceIdentityProvider
- Returns:
- Path to Athenz truststore in PEM format
-
clientTruststorePath
public java.nio.file.Path clientTruststorePath()
Description copied from interface:ServiceIdentityProvider
The client truststore contains the Athenz certificates fromServiceIdentityProvider.athenzTruststorePath()
and additional certificate authorities that issues trusted server certificates.- Specified by:
clientTruststorePath
in interfaceServiceIdentityProvider
- Returns:
- Path to client truststore in PEM format
-
deconstruct
public void deconstruct()
- Overrides:
deconstruct
in classcom.yahoo.component.AbstractComponent
-
-