Package com.yahoo.vespa.athenz.identity
Class SiaIdentityProvider
- java.lang.Object
-
- com.yahoo.component.AbstractComponent
-
- com.yahoo.vespa.athenz.identity.SiaIdentityProvider
-
- All Implemented Interfaces:
com.yahoo.component.Component,ServiceIdentityProvider,java.lang.Comparable<com.yahoo.component.Component>
public class SiaIdentityProvider extends com.yahoo.component.AbstractComponent implements ServiceIdentityProvider
AServiceIdentityProviderthat provides the credentials stored on file system.- Author:
- mortent, bjorncs
-
-
Constructor Summary
Constructors Constructor Description SiaIdentityProvider(AthenzIdentity service, java.nio.file.Path siaPath, java.nio.file.Path athenzTruststoreFile, java.nio.file.Path clientTruststoreFile)SiaIdentityProvider(AthenzIdentity service, java.nio.file.Path privateKeyFile, java.nio.file.Path certificateFile, java.nio.file.Path athenzTruststoreFile, java.nio.file.Path clientTruststoreFile)SiaIdentityProvider(SiaProviderConfig config)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.nio.file.PathathenzTruststorePath()java.nio.file.PathcertificatePath()java.nio.file.PathclientTruststorePath()The client truststore contains the Athenz certificates fromServiceIdentityProvider.athenzTruststorePath()and additional certificate authorities that issues trusted server certificates.voiddeconstruct()com.yahoo.security.X509CertificateWithKeygetIdentityCertificateWithKey()javax.net.ssl.SSLContextgetIdentitySslContext()AthenzIdentityidentity()java.nio.file.PathprivateKeyPath()
-
-
-
Constructor Detail
-
SiaIdentityProvider
@Inject public SiaIdentityProvider(SiaProviderConfig config)
-
SiaIdentityProvider
public SiaIdentityProvider(AthenzIdentity service, java.nio.file.Path siaPath, java.nio.file.Path athenzTruststoreFile, java.nio.file.Path clientTruststoreFile)
-
SiaIdentityProvider
public SiaIdentityProvider(AthenzIdentity service, java.nio.file.Path privateKeyFile, java.nio.file.Path certificateFile, java.nio.file.Path athenzTruststoreFile, java.nio.file.Path clientTruststoreFile)
-
-
Method Detail
-
identity
public AthenzIdentity identity()
- Specified by:
identityin interfaceServiceIdentityProvider- Returns:
- The Athenz identity of the environment
-
getIdentitySslContext
public javax.net.ssl.SSLContext getIdentitySslContext()
- Specified by:
getIdentitySslContextin interfaceServiceIdentityProvider- Returns:
SSLContextthat is automatically updated.
-
getIdentityCertificateWithKey
public com.yahoo.security.X509CertificateWithKey getIdentityCertificateWithKey()
- Specified by:
getIdentityCertificateWithKeyin interfaceServiceIdentityProvider- Returns:
- Current certificate and private key. Unlike
ServiceIdentityProvider.getIdentitySslContext()underlying credentials are not automatically updated.
-
certificatePath
public java.nio.file.Path certificatePath()
- Specified by:
certificatePathin interfaceServiceIdentityProvider- Returns:
- Path to X.509 certificate in PEM format
-
privateKeyPath
public java.nio.file.Path privateKeyPath()
- Specified by:
privateKeyPathin interfaceServiceIdentityProvider- Returns:
- Path to private key in PEM format
-
athenzTruststorePath
public java.nio.file.Path athenzTruststorePath()
- Specified by:
athenzTruststorePathin interfaceServiceIdentityProvider- Returns:
- Path to Athenz truststore in PEM format
-
clientTruststorePath
public java.nio.file.Path clientTruststorePath()
Description copied from interface:ServiceIdentityProviderThe client truststore contains the Athenz certificates fromServiceIdentityProvider.athenzTruststorePath()and additional certificate authorities that issues trusted server certificates.- Specified by:
clientTruststorePathin interfaceServiceIdentityProvider- Returns:
- Path to client truststore in PEM format
-
deconstruct
public void deconstruct()
- Overrides:
deconstructin classcom.yahoo.component.AbstractComponent
-
-