Examples with ServiceIdentity com.yahoo.athenz.zms.ServiceIdentity used on opensource projects

Search in sources :

Example 31 with ServiceIdentity

use of com.yahoo.athenz.zms.ServiceIdentity in project athenz by yahoo.

the class FileConnection method deleteServiceHost.

@Override
public boolean deleteServiceHost(String domainName, String serviceName, String hostName) {
    DomainStruct domainStruct = getDomainStruct(domainName);
    if (domainStruct == null) {
        throw ZMSUtils.error(ResourceException.NOT_FOUND, "domain not found", "deleteServiceHost");
    }
    ServiceIdentity service = getServiceObject(domainStruct, serviceName);
    if (service == null) {
        throw ZMSUtils.error(ResourceException.NOT_FOUND, "service not found", "deleteServiceHost");
    }
    List<String> hosts = service.getHosts();
    if (hosts == null) {
        return false;
    }
    hosts.remove(hostName);
    putDomainStruct(domainName, domainStruct);
    return true;
}
Also used : ServiceIdentity(com.yahoo.athenz.zms.ServiceIdentity)

Example 32 with ServiceIdentity

use of com.yahoo.athenz.zms.ServiceIdentity in project athenz by yahoo.

the class FileConnection method getPublicKeyEntry.

@Override
public PublicKeyEntry getPublicKeyEntry(String domainName, String serviceName, String keyId, boolean domainStateCheck) {
    DomainStruct domainStruct = getDomainStruct(domainName);
    if (domainStruct == null) {
        throw ZMSUtils.error(ResourceException.NOT_FOUND, "domain not found", "getPublicKeyEntry");
    }
    if (domainStateCheck && domainStruct.getMeta().getEnabled() == Boolean.FALSE) {
        throw ZMSUtils.error(ResourceException.NOT_FOUND, "domain disabled", "getPublicKeyEntry");
    }
    ServiceIdentity service = getServiceObject(domainStruct, serviceName);
    if (service == null) {
        throw ZMSUtils.error(ResourceException.NOT_FOUND, "service not found", "getPublicKeyEntry");
    }
    List<PublicKeyEntry> publicKeys = service.getPublicKeys();
    if (publicKeys == null) {
        return null;
    }
    for (PublicKeyEntry keyEntry : publicKeys) {
        if (keyId.equals(keyEntry.getId())) {
            return keyEntry;
        }
    }
    return null;
}
Also used : PublicKeyEntry(com.yahoo.athenz.zms.PublicKeyEntry) ServiceIdentity(com.yahoo.athenz.zms.ServiceIdentity)

Example 33 with ServiceIdentity

use of com.yahoo.athenz.zms.ServiceIdentity in project athenz by yahoo.

the class ZTSImplTest method createMultipleSignedDomains.

private SignedDomain createMultipleSignedDomains(String domainName, String tenantDomain1, String tenantDomain2, String serviceName, boolean includeServices) {
    SignedDomain signedDomain = new SignedDomain();
    List<Role> roles = new ArrayList<>();
    Role role = new Role();
    role.setName(generateRoleName(domainName, "admin"));
    List<RoleMember> members = new ArrayList<>();
    members.add(new RoleMember().setMemberName("user_domain.adminuser"));
    role.setRoleMembers(members);
    roles.add(role);
    role = new Role();
    role.setName(generateRoleName(domainName, serviceName + ".tenant." + tenantDomain1 + ".admin"));
    role.setTrust(tenantDomain1);
    roles.add(role);
    role = new Role();
    role.setName(generateRoleName(domainName, serviceName + ".tenant." + tenantDomain2 + ".admin"));
    role.setTrust(tenantDomain2);
    roles.add(role);
    List<ServiceIdentity> services = new ArrayList<>();
    if (includeServices) {
        ServiceIdentity service = new ServiceIdentity();
        service.setName(generateServiceIdentityName(domainName, serviceName));
        setServicePublicKey(service, "0", ZTS_Y64_CERT0);
        List<String> hosts = new ArrayList<>();
        hosts.add("host1");
        hosts.add("host2");
        service.setHosts(hosts);
        services.add(service);
    }
    List<com.yahoo.athenz.zms.Policy> policies = new ArrayList<>();
    // tenant admin domain
    com.yahoo.athenz.zms.Policy policy = new com.yahoo.athenz.zms.Policy();
    com.yahoo.athenz.zms.Assertion assertion = new com.yahoo.athenz.zms.Assertion();
    assertion.setResource(domainName + ":service." + serviceName + ".tenant." + tenantDomain1 + ".*");
    assertion.setAction("read");
    assertion.setRole(generateRoleName(domainName, serviceName + ".tenant." + tenantDomain1 + ".admin"));
    List<com.yahoo.athenz.zms.Assertion> assertions = new ArrayList<>();
    assertions.add(assertion);
    policy.setAssertions(assertions);
    policy.setName(generatePolicyName(domainName, serviceName + ".tenant." + tenantDomain1 + ".admin"));
    policies.add(policy);
    policy = new com.yahoo.athenz.zms.Policy();
    assertion = new com.yahoo.athenz.zms.Assertion();
    assertion.setResource(domainName + ":service." + serviceName + ".tenant." + tenantDomain2 + ".*");
    assertion.setAction("read");
    assertion.setRole(generateRoleName(domainName, serviceName + ".tenant." + tenantDomain2 + ".admin"));
    assertions = new ArrayList<>();
    assertions.add(assertion);
    policy.setAssertions(assertions);
    policy.setName(generatePolicyName(domainName, serviceName + ".tenant." + tenantDomain2 + ".admin"));
    policies.add(policy);
    com.yahoo.athenz.zms.DomainPolicies domainPolicies = new com.yahoo.athenz.zms.DomainPolicies();
    domainPolicies.setDomain(domainName);
    domainPolicies.setPolicies(policies);
    com.yahoo.athenz.zms.SignedPolicies signedPolicies = new com.yahoo.athenz.zms.SignedPolicies();
    signedPolicies.setContents(domainPolicies);
    signedPolicies.setSignature(Crypto.sign(SignUtils.asCanonicalString(domainPolicies), privateKey));
    signedPolicies.setKeyId("0");
    DomainData domain = new DomainData();
    domain.setName(domainName);
    domain.setRoles(roles);
    domain.setServices(services);
    domain.setPolicies(signedPolicies);
    domain.setModified(Timestamp.fromCurrentTime());
    signedDomain.setDomain(domain);
    signedDomain.setSignature(Crypto.sign(SignUtils.asCanonicalString(domain), privateKey));
    signedDomain.setKeyId("0");
    return signedDomain;
}
Also used : Policy(com.yahoo.athenz.zms.Policy) ArrayList(java.util.ArrayList) DomainData(com.yahoo.athenz.zms.DomainData) Assertion(com.yahoo.athenz.zms.Assertion) SignedDomain(com.yahoo.athenz.zms.SignedDomain) Policy(com.yahoo.athenz.zms.Policy) ServiceIdentity(com.yahoo.athenz.zms.ServiceIdentity) Assertion(com.yahoo.athenz.zms.Assertion) Role(com.yahoo.athenz.zms.Role) RoleMember(com.yahoo.athenz.zms.RoleMember)

Example 34 with ServiceIdentity

use of com.yahoo.athenz.zms.ServiceIdentity in project athenz by yahoo.

the class ZTSImplTest method createSignedDomain.

private SignedDomain createSignedDomain(String domainName, String tenantDomain, String serviceName, List<RoleMember> writers, List<RoleMember> readers, boolean includeServices) {
    SignedDomain signedDomain = new SignedDomain();
    List<Role> roles = new ArrayList<>();
    Role role = new Role();
    role.setName(generateRoleName(domainName, "admin"));
    List<RoleMember> members = new ArrayList<>();
    members.add(new RoleMember().setMemberName("user_domain.adminuser"));
    role.setRoleMembers(members);
    roles.add(role);
    role = new Role();
    role.setName(generateRoleName(domainName, "writers"));
    role.setRoleMembers(writers);
    roles.add(role);
    role = new Role();
    role.setName(generateRoleName(domainName, "readers"));
    role.setRoleMembers(readers);
    roles.add(role);
    role = new Role();
    role.setName(generateRoleName(domainName, "tenant.readers"));
    role.setTrust(tenantDomain);
    roles.add(role);
    role = new Role();
    role.setName(generateRoleName(domainName, serviceName + ".tenant." + tenantDomain + ".admin"));
    role.setTrust(tenantDomain);
    roles.add(role);
    List<ServiceIdentity> services = new ArrayList<>();
    if (includeServices) {
        ServiceIdentity service = new ServiceIdentity();
        service.setName(generateServiceIdentityName(domainName, serviceName));
        setServicePublicKey(service, "0", ZTS_Y64_CERT0);
        List<String> hosts = new ArrayList<>();
        hosts.add("host1");
        hosts.add("host2");
        service.setHosts(hosts);
        services.add(service);
        service = new ServiceIdentity();
        service.setName(generateServiceIdentityName(domainName, "backup"));
        setServicePublicKey(service, "0", ZTS_Y64_CERT0);
        hosts = new ArrayList<>();
        hosts.add("host2");
        hosts.add("host3");
        service.setHosts(hosts);
        services.add(service);
    }
    List<com.yahoo.athenz.zms.Policy> policies = new ArrayList<>();
    com.yahoo.athenz.zms.Policy policy = new com.yahoo.athenz.zms.Policy();
    com.yahoo.athenz.zms.Assertion assertion = new com.yahoo.athenz.zms.Assertion();
    assertion.setResource(domainName + ":tenant." + tenantDomain + ".*");
    assertion.setAction("read");
    assertion.setRole(generateRoleName(domainName, "tenant.readers"));
    List<com.yahoo.athenz.zms.Assertion> assertions = new ArrayList<>();
    assertions.add(assertion);
    policy.setAssertions(assertions);
    policy.setName(generatePolicyName(domainName, "tenant.reader"));
    policies.add(policy);
    // tenant admin domain
    policy = new com.yahoo.athenz.zms.Policy();
    assertion = new com.yahoo.athenz.zms.Assertion();
    assertion.setResource(domainName + ":service." + serviceName + ".tenant." + tenantDomain + ".*");
    assertion.setAction("read");
    assertion.setRole(generateRoleName(domainName, serviceName + ".tenant." + tenantDomain + ".admin"));
    assertions = new ArrayList<>();
    assertions.add(assertion);
    policy.setAssertions(assertions);
    policy.setName(generatePolicyName(domainName, serviceName + ".tenant." + tenantDomain + ".admin"));
    policies.add(policy);
    com.yahoo.athenz.zms.DomainPolicies domainPolicies = new com.yahoo.athenz.zms.DomainPolicies();
    domainPolicies.setDomain(domainName);
    domainPolicies.setPolicies(policies);
    com.yahoo.athenz.zms.SignedPolicies signedPolicies = new com.yahoo.athenz.zms.SignedPolicies();
    signedPolicies.setContents(domainPolicies);
    signedPolicies.setSignature(Crypto.sign(SignUtils.asCanonicalString(domainPolicies), privateKey));
    signedPolicies.setKeyId("0");
    DomainData domain = new DomainData();
    domain.setName(domainName);
    domain.setRoles(roles);
    domain.setServices(services);
    domain.setPolicies(signedPolicies);
    domain.setModified(Timestamp.fromCurrentTime());
    signedDomain.setDomain(domain);
    signedDomain.setSignature(Crypto.sign(SignUtils.asCanonicalString(domain), privateKey));
    signedDomain.setKeyId("0");
    return signedDomain;
}
Also used : Policy(com.yahoo.athenz.zms.Policy) ArrayList(java.util.ArrayList) DomainData(com.yahoo.athenz.zms.DomainData) Assertion(com.yahoo.athenz.zms.Assertion) SignedDomain(com.yahoo.athenz.zms.SignedDomain) Policy(com.yahoo.athenz.zms.Policy) ServiceIdentity(com.yahoo.athenz.zms.ServiceIdentity) Assertion(com.yahoo.athenz.zms.Assertion) Role(com.yahoo.athenz.zms.Role) RoleMember(com.yahoo.athenz.zms.RoleMember)

Example 35 with ServiceIdentity

use of com.yahoo.athenz.zms.ServiceIdentity in project athenz by yahoo.

the class ZTSImplTest method testLookupServiceIdentity.

@Test
public void testLookupServiceIdentity() {
    List<ServiceIdentity> services = new ArrayList<>();
    ServiceIdentity service = new ServiceIdentity();
    service.setName(generateServiceIdentityName("coretech", "storage"));
    setServicePublicKey(service, "0", ZTS_Y64_CERT0);
    services.add(service);
    service = new ServiceIdentity();
    service.setName(generateServiceIdentityName("coretech", "backup"));
    setServicePublicKey(service, "0", ZTS_Y64_CERT0);
    services.add(service);
    DomainData domain = new DomainData();
    domain.setName("coretech");
    domain.setServices(services);
    com.yahoo.athenz.zts.ServiceIdentity svc = zts.lookupServiceIdentity(domain, "coretech.storage");
    assertNotNull(svc);
}
Also used : ServiceIdentity(com.yahoo.athenz.zms.ServiceIdentity) ArrayList(java.util.ArrayList) DomainData(com.yahoo.athenz.zms.DomainData) Test(org.testng.annotations.Test)

Aggregations

ServiceIdentity (com.yahoo.athenz.zms.ServiceIdentity)53 Test (org.testng.annotations.Test)32 ArrayList (java.util.ArrayList)29 DomainData (com.yahoo.athenz.zms.DomainData)21 DataCache (com.yahoo.athenz.zts.cache.DataCache)17 Role (com.yahoo.athenz.zms.Role)11 JDBCConnection (com.yahoo.athenz.zms.store.jdbc.JDBCConnection)11 MockZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.MockZMSFileChangeLogStore)11 ZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.ZMSFileChangeLogStore)11 RoleMember (com.yahoo.athenz.zms.RoleMember)8 SignedDomain (com.yahoo.athenz.zms.SignedDomain)8 Domain (com.yahoo.athenz.zms.Domain)6 PublicKeyEntry (com.yahoo.athenz.zms.PublicKeyEntry)5 HostServices (com.yahoo.athenz.zts.HostServices)5 Set (java.util.Set)5 Policy (com.yahoo.athenz.zms.Policy)4 ResourceException (com.yahoo.athenz.zms.ResourceException)4 SQLException (java.sql.SQLException)4 Assertion (com.yahoo.athenz.zms.Assertion)3 MemberRole (com.yahoo.athenz.zts.cache.MemberRole)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial