Examples with ZTSClientException com.yahoo.athenz.zts.ZTSClientException used on opensource projects

Search in sources :

Example 1 with ZTSClientException

use of com.yahoo.athenz.zts.ZTSClientException in project athenz by yahoo.

the class ZTSAWSCredsClient method retrieveAWSTempCreds.

private static boolean retrieveAWSTempCreds(AWSCredentialsProvider awsCredProvider) {
    try {
        for (int i = 0; i < 120; i++) {
            AWSCredentials awsCreds = awsCredProvider.getCredentials();
            if (awsCreds == null) {
                System.out.println("Error: AWS Credentials are not available");
                return false;
            }
            System.out.println("AWS Temporary Credentials:\n");
            System.out.println("\tAccess Key Id : " + awsCreds.getAWSAccessKeyId());
            System.out.println("\tSecret Key    : " + awsCreds.getAWSSecretKey());
            try {
                Thread.sleep(60000);
            } catch (InterruptedException ex) {
            }
        }
    } catch (ZTSClientException ex) {
        System.out.println("Unable to retrieve AWS credentials: " + ex.getMessage());
        return false;
    }
    return true;
}
Also used : ZTSClientException(com.yahoo.athenz.zts.ZTSClientException) AWSCredentials(com.amazonaws.auth.AWSCredentials)

Example 2 with ZTSClientException

use of com.yahoo.athenz.zts.ZTSClientException in project athenz by yahoo.

the class InstanceClientRegister method main.

public static void main(String[] args) throws MalformedURLException, IOException {
    // parse our command line to retrieve required input
    CommandLine cmd = parseCommandLine(args);
    String domainName = cmd.getOptionValue("domain").toLowerCase();
    String serviceName = cmd.getOptionValue("service").toLowerCase();
    String provider = cmd.getOptionValue("provider").toLowerCase();
    String instance = cmd.getOptionValue("instance");
    String dnsSuffix = cmd.getOptionValue("dnssuffix");
    String providerKeyPath = cmd.getOptionValue("providerkey");
    String providerKeyId = cmd.getOptionValue("providerkeyid");
    String instanceKeyPath = cmd.getOptionValue("instancekey");
    String ztsUrl = cmd.getOptionValue("ztsurl");
    // get our configured private key
    PrivateKey providerKey = Crypto.loadPrivateKey(new File(providerKeyPath));
    // first we are going to generate our attestation data
    // which we are going to use jwt. ZTS Server will send
    // this object to the specified provider for validation
    String compactJws = Jwts.builder().setSubject(domainName + "." + serviceName).setIssuer(provider).setAudience("zts").setId(instance).setExpiration(new Date(System.currentTimeMillis() + TimeUnit.MILLISECONDS.convert(5, TimeUnit.MINUTES))).setHeaderParam("keyId", providerKeyId).signWith(SignatureAlgorithm.RS256, providerKey).compact();
    System.out.println("JWS: \n" + compactJws + "\n");
    // now we need to generate our CSR so we can get
    // a TLS certificate for our instance
    PrivateKey instanceKey = Crypto.loadPrivateKey(new File(instanceKeyPath));
    String csr = generateCSR(domainName, serviceName, instance, dnsSuffix, instanceKey);
    if (csr == null) {
        System.err.println("Unable to generate CSR for instance");
        System.exit(1);
    }
    System.out.println("CSR: \n" + csr + "\n");
    // now let's generate our instance register object that will be sent
    // to the ZTS Server
    InstanceRegisterInformation info = new InstanceRegisterInformation().setAttestationData(compactJws).setDomain(domainName).setService(serviceName).setProvider(provider).setToken(true).setCsr(csr);
    // now contact zts server to request identity for instance
    InstanceIdentity identity = null;
    Map<String, List<String>> responseHeaders = new HashMap<>();
    try (ZTSClient ztsClient = new ZTSClient(ztsUrl)) {
        identity = ztsClient.postInstanceRegisterInformation(info, responseHeaders);
    } catch (ZTSClientException ex) {
        System.out.println("Unable to register instance: " + ex.getMessage());
        System.exit(2);
    }
    System.out.println("Identity TLS Certificate: \n" + identity.getX509Certificate());
    Map<String, String> attrs = identity.getAttributes();
    if (attrs != null) {
        System.out.println("Provider Attributes:");
        for (String key : attrs.keySet()) {
            System.out.println("\t" + key + ": " + attrs.get(key));
        }
    }
}
Also used : PrivateKey(java.security.PrivateKey) HashMap(java.util.HashMap) InstanceRegisterInformation(com.yahoo.athenz.zts.InstanceRegisterInformation) ZTSClient(com.yahoo.athenz.zts.ZTSClient) DERIA5String(org.bouncycastle.asn1.DERIA5String) InstanceIdentity(com.yahoo.athenz.zts.InstanceIdentity) Date(java.util.Date) CommandLine(org.apache.commons.cli.CommandLine) List(java.util.List) ZTSClientException(com.yahoo.athenz.zts.ZTSClientException) File(java.io.File)

Example 3 with ZTSClientException

use of com.yahoo.athenz.zts.ZTSClientException in project athenz by yahoo.

the class ZTSMock method getPublicKeyEntry.

@Override
public PublicKeyEntry getPublicKeyEntry(String domainName, String serviceName, String keyId) {
    PublicKeyEntry keyEntry = null;
    if ("2".equals(keyId)) {
        keyEntry = new PublicKeyEntry();
        Path path = Paths.get("./src/test/resources/zts_public_k1.pem");
        keyEntry.setId(keyId);
        try {
            keyEntry.setKey(Crypto.ybase64(Files.readAllBytes(path)));
        } catch (IOException e) {
        }
    }
    if (keyEntry == null) {
        throw new ZTSClientException(404, "Unknown ZTS Public Key");
    } else {
        return keyEntry;
    }
}
Also used : PublicKeyEntry(com.yahoo.athenz.zts.PublicKeyEntry) Path(java.nio.file.Path) ZTSClientException(com.yahoo.athenz.zts.ZTSClientException) IOException(java.io.IOException)

Example 4 with ZTSClientException

use of com.yahoo.athenz.zts.ZTSClientException in project athenz by yahoo.

the class ZTSTLSClient method main.

public static void main(String[] args) {
    // parse our command line to retrieve required input
    CommandLine cmd = parseCommandLine(args);
    final String domainName = cmd.getOptionValue("domain").toLowerCase();
    final String serviceName = cmd.getOptionValue("service").toLowerCase();
    final String keyId = cmd.getOptionValue("keyid").toLowerCase();
    final String ztsUrl = cmd.getOptionValue("ztsurl");
    final String keyPath = cmd.getOptionValue("key");
    final String certPath = cmd.getOptionValue("cert");
    final String trustStorePath = cmd.getOptionValue("trustStorePath");
    final String trustStorePassword = cmd.getOptionValue("trustStorePassword");
    final String proxyUrl = cmd.getOptionValue("proxy");
    try {
        KeyRefresher keyRefresher = Utils.generateKeyRefresher(trustStorePath, trustStorePassword, certPath, keyPath);
        SSLContext sslContext = Utils.buildSSLContext(keyRefresher.getKeyManagerProxy(), keyRefresher.getTrustManagerProxy());
        try (ZTSClient ztsClient = new ZTSClient(ztsUrl, proxyUrl, sslContext)) {
            try {
                PublicKeyEntry publicKey = ztsClient.getPublicKeyEntry(domainName, serviceName, keyId);
                System.out.println("PublicKey: " + publicKey.getKey());
            } catch (ZTSClientException ex) {
                System.out.println("Unable to retrieve public key: " + ex.getMessage());
                System.exit(2);
            }
        }
    } catch (Exception ex) {
        System.out.println("Exception: " + ex.getMessage());
        ex.printStackTrace();
        System.exit(1);
    }
}
Also used : PublicKeyEntry(com.yahoo.athenz.zts.PublicKeyEntry) CommandLine(org.apache.commons.cli.CommandLine) ZTSClient(com.yahoo.athenz.zts.ZTSClient) ZTSClientException(com.yahoo.athenz.zts.ZTSClientException) SSLContext(javax.net.ssl.SSLContext) KeyRefresher(com.oath.auth.KeyRefresher) ZTSClientException(com.yahoo.athenz.zts.ZTSClientException) ParseException(org.apache.commons.cli.ParseException)

Example 5 with ZTSClientException

use of com.yahoo.athenz.zts.ZTSClientException in project athenz by yahoo.

the class InstanceClientRefresh method main.

public static void main(String[] args) throws MalformedURLException, IOException {
    // parse our command line to retrieve required input
    CommandLine cmd = parseCommandLine(args);
    String domainName = cmd.getOptionValue("domain").toLowerCase();
    String serviceName = cmd.getOptionValue("service").toLowerCase();
    String provider = cmd.getOptionValue("provider").toLowerCase();
    String instance = cmd.getOptionValue("instance");
    String dnsSuffix = cmd.getOptionValue("dnssuffix");
    String instanceKeyPath = cmd.getOptionValue("instancekey");
    String ztsUrl = cmd.getOptionValue("ztsurl");
    // now we need to generate our CSR so we can get
    // a TLS certificate for our instance
    PrivateKey instanceKey = Crypto.loadPrivateKey(new File(instanceKeyPath));
    String csr = generateCSR(domainName, serviceName, instance, dnsSuffix, instanceKey);
    if (csr == null) {
        System.err.println("Unable to generate CSR for instance");
        System.exit(1);
    }
    System.out.println("CSR: \n" + csr + "\n");
    // now let's generate our instance refresh object that will be sent
    // to the ZTS Server
    InstanceRefreshInformation info = new InstanceRefreshInformation().setToken(true).setCsr(csr);
    // now contact zts server to request identity for instance
    InstanceIdentity identity = null;
    try (ZTSClient ztsClient = new ZTSClient(ztsUrl)) {
        identity = ztsClient.postInstanceRefreshInformation(provider, domainName, serviceName, instance, info);
    } catch (ZTSClientException ex) {
        System.out.println("Unable to register instance: " + ex.getMessage());
        System.exit(2);
    }
    System.out.println("Identity TLS Certificate: \n" + identity.getX509Certificate());
}
Also used : CommandLine(org.apache.commons.cli.CommandLine) InstanceRefreshInformation(com.yahoo.athenz.zts.InstanceRefreshInformation) PrivateKey(java.security.PrivateKey) ZTSClient(com.yahoo.athenz.zts.ZTSClient) ZTSClientException(com.yahoo.athenz.zts.ZTSClientException) DERIA5String(org.bouncycastle.asn1.DERIA5String) File(java.io.File) InstanceIdentity(com.yahoo.athenz.zts.InstanceIdentity)

Aggregations

ZTSClientException (com.yahoo.athenz.zts.ZTSClientException)6 ZTSClient (com.yahoo.athenz.zts.ZTSClient)3 File (java.io.File)3 CommandLine (org.apache.commons.cli.CommandLine)3 InstanceIdentity (com.yahoo.athenz.zts.InstanceIdentity)2 PublicKeyEntry (com.yahoo.athenz.zts.PublicKeyEntry)2 IOException (java.io.IOException)2 Path (java.nio.file.Path)2 PrivateKey (java.security.PrivateKey)2 DERIA5String (org.bouncycastle.asn1.DERIA5String)2 AWSCredentials (com.amazonaws.auth.AWSCredentials)1 KeyRefresher (com.oath.auth.KeyRefresher)1 DomainMetrics (com.yahoo.athenz.zts.DomainMetrics)1 InstanceRefreshInformation (com.yahoo.athenz.zts.InstanceRefreshInformation)1 InstanceRegisterInformation (com.yahoo.athenz.zts.InstanceRegisterInformation)1 Date (java.util.Date)1 HashMap (java.util.HashMap)1 List (java.util.List)1 SSLContext (javax.net.ssl.SSLContext)1 ParseException (org.apache.commons.cli.ParseException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial