risdenk commented on a change in pull request #72: KNOX-1820 - Cleanup
KeystoreService implementations and add unit tests
URL: https://github.com/apache/knox/pull/72#discussion_r265301283
##########
File path:
gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultKeystoreService.java
##########
@@ -473,13 +482,113 @@ private KeyStore getKeystore(Path keystorePath, String
keystoreType, String alia
readLock.lock();
try {
- return getKeystore(keystoreFile, keystoreType,
getKeystorePassword(alias));
+ return loadKeyStore(keystorePath, keystoreType,
getKeyStorePassword(alias));
} finally {
readLock.unlock();
}
}
- private char[] getKeystorePassword(String alias) throws
KeystoreServiceException {
+ private boolean isKeyStoreAvailable(final Path keyStoreFilePath, String
storeType, char[] password) throws KeyStoreException, IOException {
+ if (keyStoreFilePath.toFile().exists()) {
+ try (InputStream input = Files.newInputStream(keyStoreFilePath)) {
+ final KeyStore keyStore = KeyStore.getInstance(storeType);
+ keyStore.load(input, password);
+ return true;
+ } catch (NoSuchAlgorithmException | CertificateException e) {
+ LOG.failedToLoadKeystore(keyStoreFilePath.toString(), storeType, e);
+ } catch (IOException | KeyStoreException e) {
+ LOG.failedToLoadKeystore(keyStoreFilePath.toString(), storeType, e);
+ throw e;
+ }
+ }
+ return false;
+ }
+
+ // Package private for unit test access
+ KeyStore createKeyStore(Path keystoreFilePath, String keystoreType, char[]
password) throws KeystoreServiceException {
+ try (OutputStream out = createKeyStoreFile(keystoreFilePath)) {
+ KeyStore ks = KeyStore.getInstance(keystoreType);
+ ks.load(null, null);
+ ks.store(out, password);
+ return ks;
+ } catch (NoSuchAlgorithmException | CertificateException |
KeyStoreException | IOException e) {
+ LOG.failedToCreateKeystore(keystoreFilePath.toString(), keystoreType, e);
+ throw new KeystoreServiceException(e);
+ }
+ }
+
+ private static OutputStream createKeyStoreFile(Path keystoreFilePath) throws
IOException {
+ File file = keystoreFilePath.toFile();
+ if (file.exists()) {
+ if (file.isDirectory()) {
+ throw new IOException(file.getAbsolutePath());
+ } else if (!file.canWrite()) {
+ throw new IOException(file.getAbsolutePath());
+ }
+ } else {
+ File dir = file.getParentFile();
+ if (!dir.exists()) {
+ if (!dir.mkdirs()) {
Review comment:
Can these 2 if statements be merged?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
