Package com.yahoo.vespa.athenz.identity
Class SiaIdentityProvider
java.lang.Object
com.yahoo.component.AbstractComponent
com.yahoo.vespa.athenz.identity.SiaIdentityProvider
- All Implemented Interfaces:
com.yahoo.component.Component
,com.yahoo.component.Deconstructable
,ServiceIdentityProvider
,Comparable<com.yahoo.component.Component>
public class SiaIdentityProvider
extends com.yahoo.component.AbstractComponent
implements ServiceIdentityProvider
A
ServiceIdentityProvider
that provides the credentials stored on file system.- Author:
- mortent, bjorncs
-
Field Summary
Fields inherited from class com.yahoo.component.AbstractComponent
isDeconstructable
-
Constructor Summary
ConstructorDescriptionSiaIdentityProvider
(AthenzIdentity service, Path siaPath, Path athenzTruststoreFile, Path clientTruststoreFile) SiaIdentityProvider
(AthenzIdentity service, Path privateKeyFile, Path certificateFile, Path athenzTruststoreFile, Path clientTruststoreFile) SiaIdentityProvider
(SiaProviderConfig config) -
Method Summary
Modifier and TypeMethodDescriptionThe client truststore contains the Athenz certificates fromServiceIdentityProvider.athenzTruststorePath()
and additional certificate authorities that issues trusted server certificates.void
com.yahoo.security.X509CertificateWithKey
identity()
Methods inherited from class com.yahoo.component.AbstractComponent
clone, compareTo, getClassName, getId, getIdString, hasInitializedId, initId, isDeconstructable, setIsDeconstructable, toString
-
Constructor Details
-
SiaIdentityProvider
-
SiaIdentityProvider
public SiaIdentityProvider(AthenzIdentity service, Path siaPath, Path athenzTruststoreFile, Path clientTruststoreFile) -
SiaIdentityProvider
public SiaIdentityProvider(AthenzIdentity service, Path privateKeyFile, Path certificateFile, Path athenzTruststoreFile, Path clientTruststoreFile)
-
-
Method Details
-
identity
- Specified by:
identity
in interfaceServiceIdentityProvider
- Returns:
- The Athenz identity of the environment
-
getIdentitySslContext
- Specified by:
getIdentitySslContext
in interfaceServiceIdentityProvider
- Returns:
SSLContext
that is automatically updated.
-
getIdentityCertificateWithKey
public com.yahoo.security.X509CertificateWithKey getIdentityCertificateWithKey()- Specified by:
getIdentityCertificateWithKey
in interfaceServiceIdentityProvider
- Returns:
- Current certificate and private key. Unlike
ServiceIdentityProvider.getIdentitySslContext()
underlying credentials are not automatically updated.
-
certificatePath
- Specified by:
certificatePath
in interfaceServiceIdentityProvider
- Returns:
- Path to X.509 certificate in PEM format
-
privateKeyPath
- Specified by:
privateKeyPath
in interfaceServiceIdentityProvider
- Returns:
- Path to private key in PEM format
-
athenzTruststorePath
- Specified by:
athenzTruststorePath
in interfaceServiceIdentityProvider
- Returns:
- Path to Athenz truststore in PEM format
-
clientTruststorePath
Description copied from interface:ServiceIdentityProvider
The client truststore contains the Athenz certificates fromServiceIdentityProvider.athenzTruststorePath()
and additional certificate authorities that issues trusted server certificates.- Specified by:
clientTruststorePath
in interfaceServiceIdentityProvider
- Returns:
- Path to client truststore in PEM format
-
deconstruct
public void deconstruct()- Specified by:
deconstruct
in interfacecom.yahoo.component.Deconstructable
- Overrides:
deconstruct
in classcom.yahoo.component.AbstractComponent
-