From 9867c032cfcd3bd001b6eafc053888f008fe8472 Mon Sep 17 00:00:00 2001
From: Max Lambrecht <maxlambrecht@gmail.com>
Date: Thu, 7 May 2020 09:03:42 -0300
Subject: [PATCH] Move examples to a folder in tests. Add details to README.
 Make constants public.

Signed-off-by: Max Lambrecht <maxlambrecht@gmail.com>
---
 java-spiffe-provider/README.md                | 14 +++++-----
 .../provider/SpiffeProviderConstants.java     | 27 ++++++++++++-------
 .../provider/examples/mtls}/HttpsClient.java  | 16 ++++-------
 .../provider/examples/mtls}/HttpsServer.java  |  2 +-
 .../examples/mtls}/WorkloadThread.java        |  2 +-
 .../provider/examples/mtls}/spiffeIds.txt     |  0
 6 files changed, 30 insertions(+), 31 deletions(-)
 rename java-spiffe-provider/src/{main/java/spiffe/provider/examples => test/java/spiffe/provider/examples/mtls}/HttpsClient.java (86%)
 rename java-spiffe-provider/src/{main/java/spiffe/provider/examples => test/java/spiffe/provider/examples/mtls}/HttpsServer.java (98%)
 rename java-spiffe-provider/src/{main/java/spiffe/provider/examples => test/java/spiffe/provider/examples/mtls}/WorkloadThread.java (98%)
 rename java-spiffe-provider/src/{main/java/spiffe/provider/examples => test/java/spiffe/provider/examples/mtls}/spiffeIds.txt (100%)

diff --git a/java-spiffe-provider/README.md b/java-spiffe-provider/README.md
index 3900878..13a5746 100644
--- a/java-spiffe-provider/README.md
+++ b/java-spiffe-provider/README.md
@@ -38,7 +38,7 @@ Supplier of accepted SPIFFE IDs list can be provided as part of the `SslContextO
     SSLContext sslContext = SpiffeSslContextFactory.getSslContext(sslContextOptions);
 ```
 
-See [HttpsClient example](src/main/java/spiffe/provider/examples/HttpsClient.java) that defines a Supplier for providing
+See [HttpsClient example](src/test/java/spiffe/provider/examples/mtls/HttpsClient.java) that defines a Supplier for providing
 the list of SPIFFE IDs from a file.
 
 ## Plug Java SPIFFE Provider into Java Security
@@ -53,6 +53,11 @@ security.provider.<n>=<className>
 
 This declares a provider, and specifies its preference order n.
 
+### Copy the JAR to the JVM extensions
+
+For installing the JAR file containing the provider classes as a bundled extension in the java platform, 
+copy build/libs/spiffe-provider-<version>-all.jar to <java-home>/jre/lib/ext
+
 #### Register the SPIFFE Provider
 
 You can extend and override the master security properties file. 
@@ -84,13 +89,6 @@ To pass your custom security properties file through the command line via system
 -Djava.security.properties=<path to java.security>
 ```
 
-For example, it can be passed in the `JAVA_OPTS` used by the Tomcat's startup script: 
-
-```
-$ export JAVA_OPTS="$JAVA_OPTS -Djava.security.properties=java.security"
-$ ./catalina.sh run
-```
-
 The properties defined in your custom properties file will override the properties in the master file. 
 
 ### Configure Workload API Socket Endpoint
diff --git a/java-spiffe-provider/src/main/java/spiffe/provider/SpiffeProviderConstants.java b/java-spiffe-provider/src/main/java/spiffe/provider/SpiffeProviderConstants.java
index 63d15ed..4910e7c 100644
--- a/java-spiffe-provider/src/main/java/spiffe/provider/SpiffeProviderConstants.java
+++ b/java-spiffe-provider/src/main/java/spiffe/provider/SpiffeProviderConstants.java
@@ -1,24 +1,31 @@
 package spiffe.provider;
 
 /**
- * Constants to be used in the context of the SPIFFE Provider
+ * SPIFFE Provider constants
  */
-class SpiffeProviderConstants {
+public class SpiffeProviderConstants {
 
     /**
      * Security property to get the list of accepted SPIFFE IDs.
      * This property is read in the java.security file
      */
-    static final String SSL_SPIFFE_ACCEPT_PROPERTY = "ssl.spiffe.accept";
+    public static final String SSL_SPIFFE_ACCEPT_PROPERTY = "ssl.spiffe.accept";
 
-    // the name of this Provider implementation
-    static final String PROVIDER_NAME = "Spiffe";
+    /**
+     * The name of this Provider implementation
+     */
+    public static final String PROVIDER_NAME = "Spiffe";
 
-    // the algorithm name for the KeyStore and TrustStore
-    static final String ALGORITHM = "Spiffe";
+    /**
+     * The algorithm name for the KeyStore and TrustStore
+     */
+    public static final String ALGORITHM = "Spiffe";
 
-    // alias used by the SpiffeKeyStore
-    static final String DEFAULT_ALIAS = "Spiffe";
+    /**
+     * Alias used by the SpiffeKeyStore
+     */
+    public static final String DEFAULT_ALIAS = "Spiffe";
 
-    private SpiffeProviderConstants() {}
+    private SpiffeProviderConstants() {
+    }
 }
diff --git a/java-spiffe-provider/src/main/java/spiffe/provider/examples/HttpsClient.java b/java-spiffe-provider/src/test/java/spiffe/provider/examples/mtls/HttpsClient.java
similarity index 86%
rename from java-spiffe-provider/src/main/java/spiffe/provider/examples/HttpsClient.java
rename to java-spiffe-provider/src/test/java/spiffe/provider/examples/mtls/HttpsClient.java
index 9537749..9a14f1b 100644
--- a/java-spiffe-provider/src/main/java/spiffe/provider/examples/HttpsClient.java
+++ b/java-spiffe-provider/src/test/java/spiffe/provider/examples/mtls/HttpsClient.java
@@ -1,4 +1,4 @@
-package spiffe.provider.examples;
+package spiffe.provider.examples.mtls;
 
 import lombok.val;
 import spiffe.exception.SocketEndpointAddressException;
@@ -6,6 +6,7 @@ import spiffe.exception.X509SourceException;
 import spiffe.provider.SpiffeSslContextFactory;
 import spiffe.provider.SpiffeSslContextFactory.SslContextOptions;
 import spiffe.spiffeid.SpiffeId;
+import spiffe.spiffeid.SpiffeIdUtils;
 import spiffe.workloadapi.X509Source;
 import spiffe.workloadapi.X509Source.X509SourceOptions;
 
@@ -13,15 +14,11 @@ import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSocket;
 import javax.net.ssl.SSLSocketFactory;
 import java.io.IOException;
-import java.nio.file.Files;
-import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
 import java.util.List;
 import java.util.function.Supplier;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
 
 /**
  * Example of a simple HTTPS Client backed by the Workload API to get the X.509 Certificates
@@ -76,12 +73,9 @@ public class HttpsClient {
     }
 
     static List<SpiffeId> listOfSpiffeIds() {
-        Path path = Paths.get("java-spiffe-provider/src/main/java/spiffe/provider/examples/spiffeIds.txt");
-        try (Stream<String> lines = Files.lines(path)) {
-            return lines
-                    .map(SpiffeId::parse)
-                    .collect(Collectors.toList());
-        } catch (Exception e) {
+        try {
+            return SpiffeIdUtils.getSpiffeIdListFromFile(Paths.get("java-spiffe-provider/src/test/java/spiffe/provider/examples/mtls/spiffeIds.txt"));
+        } catch (IOException e) {
             throw new RuntimeException("Error getting list of spiffeIds", e);
         }
     }
diff --git a/java-spiffe-provider/src/main/java/spiffe/provider/examples/HttpsServer.java b/java-spiffe-provider/src/test/java/spiffe/provider/examples/mtls/HttpsServer.java
similarity index 98%
rename from java-spiffe-provider/src/main/java/spiffe/provider/examples/HttpsServer.java
rename to java-spiffe-provider/src/test/java/spiffe/provider/examples/mtls/HttpsServer.java
index 1efc7e1..f2adf59 100644
--- a/java-spiffe-provider/src/main/java/spiffe/provider/examples/HttpsServer.java
+++ b/java-spiffe-provider/src/test/java/spiffe/provider/examples/mtls/HttpsServer.java
@@ -1,4 +1,4 @@
-package spiffe.provider.examples;
+package spiffe.provider.examples.mtls;
 
 import lombok.val;
 import spiffe.exception.SocketEndpointAddressException;
diff --git a/java-spiffe-provider/src/main/java/spiffe/provider/examples/WorkloadThread.java b/java-spiffe-provider/src/test/java/spiffe/provider/examples/mtls/WorkloadThread.java
similarity index 98%
rename from java-spiffe-provider/src/main/java/spiffe/provider/examples/WorkloadThread.java
rename to java-spiffe-provider/src/test/java/spiffe/provider/examples/mtls/WorkloadThread.java
index f8fbb49..5d30c01 100644
--- a/java-spiffe-provider/src/main/java/spiffe/provider/examples/WorkloadThread.java
+++ b/java-spiffe-provider/src/test/java/spiffe/provider/examples/mtls/WorkloadThread.java
@@ -1,4 +1,4 @@
-package spiffe.provider.examples;
+package spiffe.provider.examples.mtls;
 
 import lombok.extern.java.Log;
 import spiffe.internal.CertificateUtils;
diff --git a/java-spiffe-provider/src/main/java/spiffe/provider/examples/spiffeIds.txt b/java-spiffe-provider/src/test/java/spiffe/provider/examples/mtls/spiffeIds.txt
similarity index 100%
rename from java-spiffe-provider/src/main/java/spiffe/provider/examples/spiffeIds.txt
rename to java-spiffe-provider/src/test/java/spiffe/provider/examples/mtls/spiffeIds.txt