org.jboss.as.clustering.jgroups.subsystem.EncryptProtocolResourceDefinition Maven / Gradle / Ivy
/*
* Copyright The WildFly Authors
* SPDX-License-Identifier: Apache-2.0
*/
package org.jboss.as.clustering.jgroups.subsystem;
import java.security.KeyStore;
import java.util.EnumSet;
import java.util.function.UnaryOperator;
import org.jboss.as.clustering.controller.CapabilityReference;
import org.jboss.as.clustering.controller.CommonUnaryRequirement;
import org.jboss.as.clustering.controller.ResourceDescriptor;
import org.jboss.as.clustering.controller.ResourceServiceConfigurator;
import org.jboss.as.clustering.controller.ResourceServiceConfiguratorFactory;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.registry.AttributeAccess;
import org.jboss.as.controller.security.CredentialReference;
import org.jboss.as.controller.security.CredentialReferenceWriteAttributeHandler;
import org.jboss.dmr.ModelType;
/**
* Resource definition override for protocols that require an encryption key.
* @author Paul Ferraro
*/
public class EncryptProtocolResourceDefinition extends ProtocolResourceDefinition {
enum Attribute implements org.jboss.as.clustering.controller.Attribute, UnaryOperator {
KEY_CREDENTIAL(CredentialReference.getAttributeBuilder("key-credential-reference", null, false, new CapabilityReference(Capability.PROTOCOL, CommonUnaryRequirement.CREDENTIAL_STORE)).build()),
KEY_ALIAS("key-alias", ModelType.STRING) {
@Override
public SimpleAttributeDefinitionBuilder apply(SimpleAttributeDefinitionBuilder builder) {
return builder.setAllowExpression(true);
}
},
KEY_STORE("key-store", ModelType.STRING) {
@Override
public SimpleAttributeDefinitionBuilder apply(SimpleAttributeDefinitionBuilder builder) {
return builder.setCapabilityReference(new CapabilityReference(Capability.PROTOCOL, CommonUnaryRequirement.KEY_STORE));
}
},
;
private final AttributeDefinition definition;
Attribute(String name, ModelType type) {
this.definition = this.apply(new SimpleAttributeDefinitionBuilder(name, type)
.setRequired(true)
.setFlags(AttributeAccess.Flag.RESTART_RESOURCE_SERVICES)
).build();
}
Attribute(AttributeDefinition definition) {
this.definition = definition;
}
@Override
public AttributeDefinition getDefinition() {
return this.definition;
}
@Override
public SimpleAttributeDefinitionBuilder apply(SimpleAttributeDefinitionBuilder builder) {
return builder;
}
}
private static class ResourceDescriptorConfigurator implements UnaryOperator {
private final UnaryOperator configurator;
ResourceDescriptorConfigurator(UnaryOperator configurator) {
this.configurator = configurator;
}
@Override
public ResourceDescriptor apply(ResourceDescriptor descriptor) {
return this.configurator.apply(descriptor)
.addAttributes(EnumSet.complementOf(EnumSet.of(Attribute.KEY_CREDENTIAL)))
.addAttribute(Attribute.KEY_CREDENTIAL, new CredentialReferenceWriteAttributeHandler(Attribute.KEY_CREDENTIAL.getDefinition()))
.setAddOperationTransformation(new LegacyAddOperationTransformation(Attribute.class))
.setOperationTransformation(LEGACY_OPERATION_TRANSFORMER)
;
}
}
private static class EncryptProtocolConfigurationConfiguratorFactory implements ResourceServiceConfiguratorFactory {
private final Class entryClass;
EncryptProtocolConfigurationConfiguratorFactory(Class entryClass) {
this.entryClass = entryClass;
}
@Override
public ResourceServiceConfigurator createServiceConfigurator(PathAddress address) {
return new EncryptProtocolConfigurationServiceConfigurator<>(address, this.entryClass);
}
}
public EncryptProtocolResourceDefinition(String name, Class entryClass, UnaryOperator configurator, ResourceServiceConfiguratorFactory parentServiceConfiguratorFactory) {
super(pathElement(name), new ResourceDescriptorConfigurator(configurator), new EncryptProtocolConfigurationConfiguratorFactory<>(entryClass), parentServiceConfiguratorFactory);
}
}