diff --git a/xds/src/main/java/io/grpc/xds/sds/SslContextSecretVolumeSecretProvider.java b/xds/src/main/java/io/grpc/xds/sds/SecretVolumeSslContextProvider.java similarity index 94% rename from xds/src/main/java/io/grpc/xds/sds/SslContextSecretVolumeSecretProvider.java rename to xds/src/main/java/io/grpc/xds/sds/SecretVolumeSslContextProvider.java index d104a0a184..661c2eac77 100644 --- a/xds/src/main/java/io/grpc/xds/sds/SslContextSecretVolumeSecretProvider.java +++ b/xds/src/main/java/io/grpc/xds/sds/SecretVolumeSslContextProvider.java @@ -45,10 +45,10 @@ import javax.annotation.Nullable; * An SslContext provider that uses file-based secrets (secret volume). Used for both server and * client SslContexts */ -final class SslContextSecretVolumeSecretProvider implements SecretProvider { +final class SecretVolumeSslContextProvider implements SslContextProvider { private static final Logger logger = - Logger.getLogger(SslContextSecretVolumeSecretProvider.class.getName()); + Logger.getLogger(SecretVolumeSslContextProvider.class.getName()); private final boolean server; @Nullable private final String privateKey; @@ -56,7 +56,7 @@ final class SslContextSecretVolumeSecretProvider implements SecretProvider callback, Executor executor) { + public void addCallback(final Callback callback, Executor executor) { checkNotNull(callback, "callback"); checkNotNull(executor, "executor"); executor.execute( diff --git a/xds/src/main/java/io/grpc/xds/sds/SecretProvider.java b/xds/src/main/java/io/grpc/xds/sds/SslContextProvider.java similarity index 57% rename from xds/src/main/java/io/grpc/xds/sds/SecretProvider.java rename to xds/src/main/java/io/grpc/xds/sds/SslContextProvider.java index f7f5dd9094..2198eea86b 100644 --- a/xds/src/main/java/io/grpc/xds/sds/SecretProvider.java +++ b/xds/src/main/java/io/grpc/xds/sds/SslContextProvider.java @@ -17,28 +17,30 @@ package io.grpc.xds.sds; import io.grpc.Internal; +import io.netty.handler.ssl.SslContext; + import java.util.concurrent.Executor; /** - * A SecretProvider is a "container" or provider of a secret. This is used by gRPC-xds to access - * secrets, so is not part of the public API of gRPC. This "container" may represent a stream that - * is receiving the requested secret(s) or it could represent file-system based secret(s) that are - * dynamic. + * A SslContextProvider is a "container" or provider of SslContext. This is used by gRPC-xds to + * obtain an SslContext, so is not part of the public API of gRPC. This "container" may represent + * a stream that is receiving the requested secret(s) or it could represent file-system based + * secret(s) that are dynamic. */ @Internal -public interface SecretProvider { +public interface SslContextProvider { - interface Callback { - /** Informs callee of new/updated secret. */ - void updateSecret(T secret); + interface Callback { + /** Informs callee of new/updated SslContext. */ + void updateSecret(SslContext sslContext); /** Informs callee of an exception that was generated. */ void onException(Throwable throwable); } /** - * Registers a callback on the given executor. The callback will run when secret becomes available - * or immediately if the result is already available. + * Registers a callback on the given executor. The callback will run when SslContext becomes + * available or immediately if the result is already available. */ - void addCallback(Callback callback, Executor executor); + void addCallback(Callback callback, Executor executor); } diff --git a/xds/src/main/java/io/grpc/xds/sds/TlsContextManager.java b/xds/src/main/java/io/grpc/xds/sds/TlsContextManager.java index 8f7b8c0e70..b1bda1ef58 100644 --- a/xds/src/main/java/io/grpc/xds/sds/TlsContextManager.java +++ b/xds/src/main/java/io/grpc/xds/sds/TlsContextManager.java @@ -19,13 +19,12 @@ package io.grpc.xds.sds; import io.envoyproxy.envoy.api.v2.auth.DownstreamTlsContext; import io.envoyproxy.envoy.api.v2.auth.UpstreamTlsContext; import io.grpc.Internal; -import io.netty.handler.ssl.SslContext; /** * Class to manage secrets used to create SSL contexts - this effectively manages SSL contexts * (aka TlsContexts) based on inputs we get from xDS. This is used by gRPC-xds to access the * SSL contexts/secrets and is not public API. - * Currently it just creates a new SecretProvider for each call. + * Currently it just creates a new SslContextProvider for each call. */ // TODO(sanjaypujare): implement a Map and ref-counting @Internal @@ -43,15 +42,15 @@ public final class TlsContextManager { return instance; } - /** Creates a SecretProvider. Used for retrieving a server-side SslContext. */ - public SecretProvider findOrCreateServerSslContextProvider( + /** Creates a SslContextProvider. Used for retrieving a server-side SslContext. */ + public SslContextProvider findOrCreateServerSslContextProvider( DownstreamTlsContext downstreamTlsContext) { - return SslContextSecretVolumeSecretProvider.getProviderForServer(downstreamTlsContext); + return SecretVolumeSslContextProvider.getProviderForServer(downstreamTlsContext); } - /** Creates a SecretProvider. Used for retrieving a client-side SslContext. */ - public SecretProvider findOrCreateClientSslContextProvider( + /** Creates a SslContextProvider. Used for retrieving a client-side SslContext. */ + public SslContextProvider findOrCreateClientSslContextProvider( UpstreamTlsContext upstreamTlsContext) { - return SslContextSecretVolumeSecretProvider.getProviderForClient(upstreamTlsContext); + return SecretVolumeSslContextProvider.getProviderForClient(upstreamTlsContext); } } diff --git a/xds/src/main/java/io/grpc/xds/sds/internal/SdsProtocolNegotiators.java b/xds/src/main/java/io/grpc/xds/sds/internal/SdsProtocolNegotiators.java index 4a72ea20f0..d6b40b1bbb 100644 --- a/xds/src/main/java/io/grpc/xds/sds/internal/SdsProtocolNegotiators.java +++ b/xds/src/main/java/io/grpc/xds/sds/internal/SdsProtocolNegotiators.java @@ -29,7 +29,7 @@ import io.grpc.netty.InternalProtocolNegotiator; import io.grpc.netty.InternalProtocolNegotiator.ProtocolNegotiator; import io.grpc.netty.InternalProtocolNegotiators; import io.grpc.netty.NettyChannelBuilder; -import io.grpc.xds.sds.SecretProvider; +import io.grpc.xds.sds.SslContextProvider; import io.grpc.xds.sds.TlsContextManager; import io.netty.channel.ChannelHandler; import io.netty.channel.ChannelHandlerAdapter; @@ -192,11 +192,11 @@ public final class SdsProtocolNegotiators { final BufferReadsHandler bufferReads = new BufferReadsHandler(); ctx.pipeline().addBefore(ctx.name(), null, bufferReads); - SecretProvider sslContextProvider = + SslContextProvider sslContextProvider = TlsContextManager.getInstance().findOrCreateClientSslContextProvider(upstreamTlsContext); sslContextProvider.addCallback( - new SecretProvider.Callback() { + new SslContextProvider.Callback() { @Override public void updateSecret(SslContext sslContext) { @@ -277,12 +277,12 @@ public final class SdsProtocolNegotiators { final BufferReadsHandler bufferReads = new BufferReadsHandler(); ctx.pipeline().addBefore(ctx.name(), null, bufferReads); - SecretProvider sslContextProvider = + SslContextProvider sslContextProvider = TlsContextManager.getInstance() .findOrCreateServerSslContextProvider(downstreamTlsContext); sslContextProvider.addCallback( - new SecretProvider.Callback() { + new SslContextProvider.Callback() { @Override public void updateSecret(SslContext sslContext) { diff --git a/xds/src/test/java/io/grpc/xds/sds/SslContextSecretVolumeSecretProviderTest.java b/xds/src/test/java/io/grpc/xds/sds/SecretVolumeSslContextProviderTest.java similarity index 86% rename from xds/src/test/java/io/grpc/xds/sds/SslContextSecretVolumeSecretProviderTest.java rename to xds/src/test/java/io/grpc/xds/sds/SecretVolumeSslContextProviderTest.java index b1607c773f..fa4e67d74d 100644 --- a/xds/src/test/java/io/grpc/xds/sds/SslContextSecretVolumeSecretProviderTest.java +++ b/xds/src/test/java/io/grpc/xds/sds/SecretVolumeSslContextProviderTest.java @@ -39,9 +39,9 @@ import org.junit.rules.TemporaryFolder; import org.junit.runner.RunWith; import org.junit.runners.JUnit4; -/** Unit tests for {@link SslContextSecretVolumeSecretProvider}. */ +/** Unit tests for {@link SecretVolumeSslContextProvider}. */ @RunWith(JUnit4.class) -public class SslContextSecretVolumeSecretProviderTest { +public class SecretVolumeSslContextProviderTest { private static final String SERVER_1_PEM_FILE = "server1.pem"; private static final String SERVER_1_KEY_FILE = "server1.key"; @@ -55,7 +55,7 @@ public class SslContextSecretVolumeSecretProviderTest { public void validateCertificateContext_nullAndNotOptional_throwsException() { // expect exception when certContext is null and not optional try { - SslContextSecretVolumeSecretProvider.validateCertificateContext( + SecretVolumeSslContextProvider.validateCertificateContext( /* certContext= */ null, /* optional= */ false); Assert.fail("no exception thrown"); } catch (IllegalArgumentException expected) { @@ -68,7 +68,7 @@ public class SslContextSecretVolumeSecretProviderTest { // expect exception when certContext has no CA and not optional CertificateValidationContext certContext = CertificateValidationContext.getDefaultInstance(); try { - SslContextSecretVolumeSecretProvider.validateCertificateContext( + SecretVolumeSslContextProvider.validateCertificateContext( certContext, /* optional= */ false); Assert.fail("no exception thrown"); } catch (IllegalArgumentException expected) { @@ -80,7 +80,7 @@ public class SslContextSecretVolumeSecretProviderTest { public void validateCertificateContext_nullAndOptional() { // certContext argument can be null when optional CertificateValidationContext certContext = - SslContextSecretVolumeSecretProvider.validateCertificateContext( + SecretVolumeSslContextProvider.validateCertificateContext( /* certContext= */ null, /* optional= */ true); assertThat(certContext).isNull(); } @@ -90,7 +90,7 @@ public class SslContextSecretVolumeSecretProviderTest { // certContext argument can have missing CA when optional CertificateValidationContext certContext = CertificateValidationContext.getDefaultInstance(); assertThat( - SslContextSecretVolumeSecretProvider.validateCertificateContext( + SecretVolumeSslContextProvider.validateCertificateContext( certContext, /* optional= */ true)) .isNull(); } @@ -103,7 +103,7 @@ public class SslContextSecretVolumeSecretProviderTest { .setTrustedCa(DataSource.newBuilder().setInlineString("foo")) .build(); try { - SslContextSecretVolumeSecretProvider.validateCertificateContext( + SecretVolumeSslContextProvider.validateCertificateContext( certContext, /* optional= */ false); Assert.fail("no exception thrown"); } catch (IllegalArgumentException expected) { @@ -119,7 +119,7 @@ public class SslContextSecretVolumeSecretProviderTest { .setTrustedCa(DataSource.newBuilder().setFilename("bar")) .build(); assertThat( - SslContextSecretVolumeSecretProvider.validateCertificateContext( + SecretVolumeSslContextProvider.validateCertificateContext( certContext, /* optional= */ false)) .isSameInstanceAs(certContext); } @@ -128,7 +128,7 @@ public class SslContextSecretVolumeSecretProviderTest { public void validateTlsCertificate_nullAndNotOptional_throwsException() { // expect exception when tlsCertificate is null and not optional try { - SslContextSecretVolumeSecretProvider.validateTlsCertificate( + SecretVolumeSslContextProvider.validateTlsCertificate( /* tlsCertificate= */ null, /* optional= */ false); Assert.fail("no exception thrown"); } catch (IllegalArgumentException expected) { @@ -139,7 +139,7 @@ public class SslContextSecretVolumeSecretProviderTest { @Test public void validateTlsCertificate_nullOptional() { assertThat( - SslContextSecretVolumeSecretProvider.validateTlsCertificate( + SecretVolumeSslContextProvider.validateTlsCertificate( /* tlsCertificate= */ null, /* optional= */ true)) .isNull(); } @@ -149,7 +149,7 @@ public class SslContextSecretVolumeSecretProviderTest { // tlsCertificate is not null but has no value (default instance): expect null TlsCertificate tlsCert = TlsCertificate.getDefaultInstance(); assertThat( - SslContextSecretVolumeSecretProvider.validateTlsCertificate( + SecretVolumeSslContextProvider.validateTlsCertificate( tlsCert, /* optional= */ true)) .isNull(); } @@ -162,7 +162,7 @@ public class SslContextSecretVolumeSecretProviderTest { .setPrivateKey(DataSource.newBuilder().setInlineString("foo")) .build(); try { - SslContextSecretVolumeSecretProvider.validateTlsCertificate(tlsCert, /* optional= */ false); + SecretVolumeSslContextProvider.validateTlsCertificate(tlsCert, /* optional= */ false); Assert.fail("no exception thrown"); } catch (IllegalArgumentException expected) { assertThat(expected).hasMessageThat().isEqualTo("filename expected"); @@ -177,7 +177,7 @@ public class SslContextSecretVolumeSecretProviderTest { .setPrivateKey(DataSource.newBuilder().setInlineString("foo")) .build(); try { - SslContextSecretVolumeSecretProvider.validateTlsCertificate(tlsCert, /* optional= */ true); + SecretVolumeSslContextProvider.validateTlsCertificate(tlsCert, /* optional= */ true); Assert.fail("no exception thrown"); } catch (IllegalArgumentException expected) { assertThat(expected).hasMessageThat().isEqualTo("filename expected"); @@ -192,7 +192,7 @@ public class SslContextSecretVolumeSecretProviderTest { .setCertificateChain(DataSource.newBuilder().setInlineString("foo")) .build(); try { - SslContextSecretVolumeSecretProvider.validateTlsCertificate(tlsCert, /* optional= */ false); + SecretVolumeSslContextProvider.validateTlsCertificate(tlsCert, /* optional= */ false); Assert.fail("no exception thrown"); } catch (IllegalArgumentException expected) { assertThat(expected).hasMessageThat().isEqualTo("filename expected"); @@ -207,7 +207,7 @@ public class SslContextSecretVolumeSecretProviderTest { .setCertificateChain(DataSource.newBuilder().setInlineString("foo")) .build(); try { - SslContextSecretVolumeSecretProvider.validateTlsCertificate(tlsCert, /* optional= */ true); + SecretVolumeSslContextProvider.validateTlsCertificate(tlsCert, /* optional= */ true); Assert.fail("no exception thrown"); } catch (IllegalArgumentException expected) { assertThat(expected).hasMessageThat().isEqualTo("filename expected"); @@ -222,7 +222,7 @@ public class SslContextSecretVolumeSecretProviderTest { .setPrivateKey(DataSource.newBuilder().setFilename("bar")) .build(); assertThat( - SslContextSecretVolumeSecretProvider.validateTlsCertificate( + SecretVolumeSslContextProvider.validateTlsCertificate( tlsCert, /* optional= */ true)) .isSameInstanceAs(tlsCert); } @@ -235,7 +235,7 @@ public class SslContextSecretVolumeSecretProviderTest { .setPrivateKey(DataSource.newBuilder().setFilename("bar")) .build(); assertThat( - SslContextSecretVolumeSecretProvider.validateTlsCertificate( + SecretVolumeSslContextProvider.validateTlsCertificate( tlsCert, /* optional= */ false)) .isSameInstanceAs(tlsCert); } @@ -249,7 +249,7 @@ public class SslContextSecretVolumeSecretProviderTest { .setPrivateKey(DataSource.newBuilder().setFilename("bar")) .build(); try { - SslContextSecretVolumeSecretProvider.validateTlsCertificate(tlsCert, /* optional= */ true); + SecretVolumeSslContextProvider.validateTlsCertificate(tlsCert, /* optional= */ true); Assert.fail("no exception thrown"); } catch (IllegalArgumentException expected) { assertThat(expected).hasMessageThat().isEqualTo("filename expected"); @@ -265,7 +265,7 @@ public class SslContextSecretVolumeSecretProviderTest { .setCertificateChain(DataSource.newBuilder().setFilename("bar")) .build(); try { - SslContextSecretVolumeSecretProvider.validateTlsCertificate(tlsCert, /* optional= */ true); + SecretVolumeSslContextProvider.validateTlsCertificate(tlsCert, /* optional= */ true); Assert.fail("no exception thrown"); } catch (IllegalArgumentException expected) { assertThat(expected).hasMessageThat().isEqualTo("filename expected"); @@ -276,7 +276,7 @@ public class SslContextSecretVolumeSecretProviderTest { public void getProviderForServer_defaultTlsCertificate_throwsException() { TlsCertificate tlsCert = TlsCertificate.getDefaultInstance(); try { - SslContextSecretVolumeSecretProvider.getProviderForServer( + SecretVolumeSslContextProvider.getProviderForServer( buildDownstreamTlsContext(getCommonTlsContext(tlsCert, /* certContext= */ null))); Assert.fail("no exception thrown"); } catch (IllegalArgumentException expected) { @@ -296,7 +296,7 @@ public class SslContextSecretVolumeSecretProviderTest { .setTrustedCa(DataSource.newBuilder().setInlineString("foo")) .build(); try { - SslContextSecretVolumeSecretProvider.getProviderForServer( + SecretVolumeSslContextProvider.getProviderForServer( buildDownstreamTlsContext(getCommonTlsContext(tlsCert, certContext))); Assert.fail("no exception thrown"); } catch (IllegalArgumentException expected) { @@ -308,7 +308,7 @@ public class SslContextSecretVolumeSecretProviderTest { public void getProviderForClient_defaultCertContext_throwsException() { CertificateValidationContext certContext = CertificateValidationContext.getDefaultInstance(); try { - SslContextSecretVolumeSecretProvider.getProviderForClient( + SecretVolumeSslContextProvider.getProviderForClient( buildUpstreamTlsContext(getCommonTlsContext(/* tlsCertificate= */ null, certContext))); Assert.fail("no exception thrown"); } catch (IllegalArgumentException expected) { @@ -328,7 +328,7 @@ public class SslContextSecretVolumeSecretProviderTest { .setTrustedCa(DataSource.newBuilder().setFilename("foo")) .build(); try { - SslContextSecretVolumeSecretProvider.getProviderForClient( + SecretVolumeSslContextProvider.getProviderForClient( buildUpstreamTlsContext(getCommonTlsContext(tlsCert, certContext))); Assert.fail("no exception thrown"); } catch (IllegalArgumentException expected) { @@ -348,7 +348,7 @@ public class SslContextSecretVolumeSecretProviderTest { .setTrustedCa(DataSource.newBuilder().setFilename("foo")) .build(); try { - SslContextSecretVolumeSecretProvider.getProviderForClient( + SecretVolumeSslContextProvider.getProviderForClient( buildUpstreamTlsContext(getCommonTlsContext(tlsCert, certContext))); Assert.fail("no exception thrown"); } catch (IllegalArgumentException expected) { @@ -360,8 +360,8 @@ public class SslContextSecretVolumeSecretProviderTest { return TestUtils.loadCert(resFile).getAbsolutePath(); } - /** Helper method to build SslContextSecretVolumeSecretProvider from given files. */ - private static SslContextSecretVolumeSecretProvider getSslContextSecretVolumeSecretProvider( + /** Helper method to build SecretVolumeSslContextProvider from given files. */ + private static SecretVolumeSslContextProvider getSslContextSecretVolumeSecretProvider( boolean server, String certChainFilename, String privateKeyFilename, String trustedCaFilename) throws IOException { @@ -376,22 +376,22 @@ public class SslContextSecretVolumeSecretProviderTest { trustedCaFilename = getTempFileNameForResourcesFile(trustedCaFilename); } return server - ? SslContextSecretVolumeSecretProvider.getProviderForServer( + ? SecretVolumeSslContextProvider.getProviderForServer( buildDownstreamTlsContextFromFilenames( privateKeyFilename, certChainFilename, trustedCaFilename)) - : SslContextSecretVolumeSecretProvider.getProviderForClient( + : SecretVolumeSslContextProvider.getProviderForClient( buildUpstreamTlsContextFromFilenames( privateKeyFilename, certChainFilename, trustedCaFilename)); } /** - * Helper method to build SslContextSecretVolumeSecretProvider, call buildSslContext on it and + * Helper method to build SecretVolumeSslContextProvider, call buildSslContext on it and * check returned SslContext. */ private static void sslContextForEitherWithBothCertAndTrust( boolean server, String pemFile, String keyFile, String caFile) throws IOException, CertificateException, CertStoreException { - SslContextSecretVolumeSecretProvider provider = + SecretVolumeSslContextProvider provider = getSslContextSecretVolumeSecretProvider(server, pemFile, keyFile, caFile); SslContext sslContext = provider.buildSslContextFromSecrets(); @@ -511,14 +511,14 @@ public class SslContextSecretVolumeSecretProviderTest { } } - static class TestCallback implements SecretProvider.Callback { + static class TestCallback implements SslContextProvider.Callback { - T updatedSecret; + SslContext updatedSslContext; Throwable updatedThrowable; @Override - public void updateSecret(T secret) { - updatedSecret = secret; + public void updateSecret(SslContext sslContext) { + updatedSslContext = sslContext; } @Override @@ -531,41 +531,41 @@ public class SslContextSecretVolumeSecretProviderTest { * Helper method to get the value thru directExecutor callback. Because of directExecutor this is * a synchronous callback - so need to provide a listener. */ - private static TestCallback getValueThruCallback( - SecretProvider provider) { - TestCallback testCallback = new TestCallback<>(); + private static TestCallback getValueThruCallback( + SslContextProvider provider) { + TestCallback testCallback = new TestCallback(); provider.addCallback(testCallback, MoreExecutors.directExecutor()); return testCallback; } @Test public void getProviderForServer_both_callsback() throws IOException { - SslContextSecretVolumeSecretProvider provider = + SecretVolumeSslContextProvider provider = getSslContextSecretVolumeSecretProvider( true, SERVER_1_PEM_FILE, SERVER_1_KEY_FILE, CA_PEM_FILE); - TestCallback testCallback = getValueThruCallback(provider); - doChecksOnSslContext(true, testCallback.updatedSecret); + TestCallback testCallback = getValueThruCallback(provider); + doChecksOnSslContext(true, testCallback.updatedSslContext); } @Test public void getProviderForClient_both_callsback() throws IOException { - SslContextSecretVolumeSecretProvider provider = + SecretVolumeSslContextProvider provider = getSslContextSecretVolumeSecretProvider( false, CLIENT_PEM_FILE, CLIENT_KEY_FILE, CA_PEM_FILE); - TestCallback testCallback = getValueThruCallback(provider); - doChecksOnSslContext(false, testCallback.updatedSecret); + TestCallback testCallback = getValueThruCallback(provider); + doChecksOnSslContext(false, testCallback.updatedSslContext); } // note this test generates stack-trace but can be safely ignored @Test public void getProviderForClient_both_callsback_setException() throws IOException { - SslContextSecretVolumeSecretProvider provider = + SecretVolumeSslContextProvider provider = getSslContextSecretVolumeSecretProvider( false, CLIENT_PEM_FILE, CLIENT_PEM_FILE, CA_PEM_FILE); - TestCallback testCallback = getValueThruCallback(provider); - assertThat(testCallback.updatedSecret).isNull(); + TestCallback testCallback = getValueThruCallback(provider); + assertThat(testCallback.updatedSslContext).isNull(); assertThat(testCallback.updatedThrowable).isInstanceOf(IllegalArgumentException.class); assertThat(testCallback.updatedThrowable).hasMessageThat() .contains("File does not contain valid private key"); diff --git a/xds/src/test/java/io/grpc/xds/sds/TlsContextManagerTest.java b/xds/src/test/java/io/grpc/xds/sds/TlsContextManagerTest.java index 9adcd3bcd8..21c58aa375 100644 --- a/xds/src/test/java/io/grpc/xds/sds/TlsContextManagerTest.java +++ b/xds/src/test/java/io/grpc/xds/sds/TlsContextManagerTest.java @@ -20,7 +20,6 @@ import static com.google.common.truth.Truth.assertThat; import io.envoyproxy.envoy.api.v2.auth.DownstreamTlsContext; import io.envoyproxy.envoy.api.v2.auth.UpstreamTlsContext; -import io.netty.handler.ssl.SslContext; import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.JUnit4; @@ -36,10 +35,10 @@ public class TlsContextManagerTest { @Test public void createServerSslContextProvider() { DownstreamTlsContext downstreamTlsContext = - SslContextSecretVolumeSecretProviderTest.buildDownstreamTlsContextFromFilenames( + SecretVolumeSslContextProviderTest.buildDownstreamTlsContextFromFilenames( SERVER_1_KEY_FILE, SERVER_1_PEM_FILE, /* trustCa= */ null); - SecretProvider serverSecretProvider = + SslContextProvider serverSecretProvider = TlsContextManager.getInstance().findOrCreateServerSslContextProvider(downstreamTlsContext); assertThat(serverSecretProvider).isNotNull(); } @@ -47,10 +46,10 @@ public class TlsContextManagerTest { @Test public void createClientSslContextProvider() { UpstreamTlsContext upstreamTlsContext = - SslContextSecretVolumeSecretProviderTest.buildUpstreamTlsContextFromFilenames( + SecretVolumeSslContextProviderTest.buildUpstreamTlsContextFromFilenames( /* privateKey= */ null, /* certChain= */ null, CA_PEM_FILE); - SecretProvider serverSecretProvider = + SslContextProvider serverSecretProvider = TlsContextManager.getInstance().findOrCreateClientSslContextProvider(upstreamTlsContext); assertThat(serverSecretProvider).isNotNull(); }