From 778baff41eff34afec2fc2a60c067e311abac31c Mon Sep 17 00:00:00 2001 From: Carl Mastrangelo Date: Tue, 11 May 2021 12:03:12 -0700 Subject: [PATCH] zuul-core: add ability to create trusted origin name authority (#1055) --- .../com/netflix/zuul/origins/OriginName.java | 20 +++++++++- .../netflix/zuul/origins/OriginNameTest.java | 39 +++++++++++++++++++ 2 files changed, 58 insertions(+), 1 deletion(-) create mode 100644 zuul-core/src/test/java/com/netflix/zuul/origins/OriginNameTest.java diff --git a/zuul-core/src/main/java/com/netflix/zuul/origins/OriginName.java b/zuul-core/src/main/java/com/netflix/zuul/origins/OriginName.java index 4959148324..7de8c9c192 100644 --- a/zuul-core/src/main/java/com/netflix/zuul/origins/OriginName.java +++ b/zuul-core/src/main/java/com/netflix/zuul/origins/OriginName.java @@ -19,6 +19,8 @@ import com.netflix.zuul.util.VipUtils; import java.util.Locale; import java.util.Objects; +import java.util.Optional; +import javax.annotation.CheckReturnValue; public final class OriginName { /** @@ -55,6 +57,11 @@ public static OriginName fromVip(String vip, String niwsClientName) { return new OriginName(niwsClientName, vip, VipUtils.extractUntrustedAppNameFromVIP(vip), false); } + @CheckReturnValue + public OriginName withTrustedAuthority(String authority) { + return new OriginName(niwsClientName, target, authority, true); + } + private OriginName(String niwsClientName, String target, String authority, boolean authorityTrusted) { this.niwsClientName = Objects.requireNonNull(niwsClientName, "niwsClientName"); this.metricId = niwsClientName.toLowerCase(Locale.ROOT); @@ -86,6 +93,17 @@ public String getMetricId() { return metricId; } + /** + * Returns the Authority of this origin. This is used for establishing secure connections. May be absent + * if the authority is not trusted. + */ + public Optional getTrustedAuthority() { + if (authorityTrusted) { + return Optional.of(authority); + } + return Optional.empty(); + } + @Override public boolean equals(Object o) { if (!(o instanceof OriginName)) { @@ -100,7 +118,7 @@ public boolean equals(Object o) { @Override public int hashCode() { - return Objects.hash(niwsClientName, target, authority, authorityTrusted); + return Objects.hash(authorityTrusted, niwsClientName, target, authority); } @Override diff --git a/zuul-core/src/test/java/com/netflix/zuul/origins/OriginNameTest.java b/zuul-core/src/test/java/com/netflix/zuul/origins/OriginNameTest.java new file mode 100644 index 0000000000..5a8c676c25 --- /dev/null +++ b/zuul-core/src/test/java/com/netflix/zuul/origins/OriginNameTest.java @@ -0,0 +1,39 @@ +/* + * Copyright 2021 Netflix, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package com.netflix.zuul.origins; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; + +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.JUnit4; + +@RunWith(JUnit4.class) +public class OriginNameTest { + @Test + public void getTrustedAuthority() { + OriginName originName = OriginName.fromVip("woodly-doodly"); + + assertFalse(originName.getTrustedAuthority().isPresent()); + + OriginName trusted = originName.withTrustedAuthority("westerndigital"); + + assertEquals("westerndigital", trusted.getTrustedAuthority().get()); + } +}