[WFCORE-5279] Restored Service API, add test resources

[WFCORE-5279] Restored original Service API [WFCORE-5279] Add missing test resources, fix XML marshalling
wildfly-security-incubator · Oct 19, 2022 · 9cd89d4 · 9cd89d4
1 parent 988b171
commit 9cd89d4
Show file tree

Hide file tree

Showing 33 changed files with 710 additions and 707 deletions.
diff --git a/subsystem/src/main/java/org/wildfly/extension/elytron/tls/subsystem/AcmeAccountService.java b/subsystem/src/main/java/org/wildfly/extension/elytron/tls/subsystem/AcmeAccountService.java
@@ -25,15 +25,16 @@
 import java.security.PrivateKey;
 import java.security.cert.X509Certificate;
 import java.util.List;
-import java.util.function.Supplier;
 
 import org.jboss.as.controller.OperationContext;
 import org.jboss.as.controller.OperationFailedException;
-import org.jboss.msc.Service;
+import org.jboss.msc.inject.Injector;
+import org.jboss.msc.service.Service;
 import org.jboss.msc.service.ServiceRegistry;
 import org.jboss.msc.service.StartContext;
 import org.jboss.msc.service.StartException;
 import org.jboss.msc.service.StopContext;
+import org.jboss.msc.value.InjectedValue;
 import org.wildfly.common.function.ExceptionSupplier;
 import org.wildfly.security.credential.source.CredentialSource;
 import org.wildfly.security.x500.cert.acme.AcmeAccount;
@@ -44,10 +45,10 @@
  *
  * @author <a href="mailto:[email protected]">Farah Juma</a>
  */
-class AcmeAccountService implements Service {
+class AcmeAccountService implements Service<AcmeAccount> {
 
-    private Supplier<KeyStore> keyStoreSupplier;
-    private ExceptionSupplier<CredentialSource, Exception> credentialSourceSupplier;
+    private final InjectedValue<KeyStore> keyStoreInjector = new InjectedValue<>();
+    private final InjectedValue<ExceptionSupplier<CredentialSource, Exception>> credentialSourceSupplierInjector = new InjectedValue<>();
     private final String certificateAuthorityName;
     private final List<String> contactUrlsList;
     private final String alias;
@@ -67,7 +68,7 @@ public void start(StartContext startContext) throws StartException {
             final ServiceRegistry serviceRegistry = startContext.getController().getServiceContainer();
             final ModifiableKeyStoreService keyStoreService = CertificateAuthorityAccountDefinition.getModifiableKeyStoreService(serviceRegistry, keyStoreName);
             char[] keyPassword = resolveKeyPassword((KeyStoreService) keyStoreService);
-            KeyStore keyStore = keyStoreSupplier.get();
+            KeyStore keyStore = keyStoreInjector.getValue();
             CertificateAuthority certificateAuthority;
             if (certificateAuthorityName.equalsIgnoreCase(CertificateAuthority.LETS_ENCRYPT.getName())) {
                 certificateAuthority = CertificateAuthority.LETS_ENCRYPT;
@@ -112,21 +113,22 @@ public void stop(StopContext stopContext) {
         acmeAccount = null;
     }
 
+    @Override
     public AcmeAccount getValue() throws IllegalStateException, IllegalArgumentException {
         return acmeAccount;
     }
 
-    void setKeyStoreSupplier(Supplier<KeyStore> keyStoreSupplier) {
-        this.keyStoreSupplier = keyStoreSupplier;
+    Injector<KeyStore> getKeyStoreInjector() {
+        return keyStoreInjector;
     }
 
-    void setCredentialSourceSupplier(ExceptionSupplier<CredentialSource, Exception> credentialSourceSupplier) {
-        this.credentialSourceSupplier = credentialSourceSupplier;
+    Injector<ExceptionSupplier<CredentialSource, Exception>> getCredentialSourceSupplierInjector() {
+        return credentialSourceSupplierInjector;
     }
 
     char[] resolveKeyPassword(KeyStoreService keyStoreService) throws RuntimeException {
         try {
-            return keyStoreService.resolveKeyPassword(credentialSourceSupplier);
+            return keyStoreService.resolveKeyPassword(credentialSourceSupplierInjector.getOptionalValue());
         } catch (Exception e) {
             throw new RuntimeException(e);
         }

diff --git a/.../src/main/java/org/wildfly/extension/elytron/tls/subsystem/AggregateComponentService.java b/.../src/main/java/org/wildfly/extension/elytron/tls/subsystem/AggregateComponentService.java
@@ -25,6 +25,7 @@
 import org.jboss.msc.inject.Injector;
 import org.jboss.msc.service.Service;
 import org.jboss.msc.service.StartContext;
+import org.jboss.msc.service.StartException;
 import org.jboss.msc.service.StopContext;
 import org.jboss.msc.value.InjectedValue;
 
@@ -38,7 +39,7 @@ class AggregateComponentService<T> implements Service<T> {
     private final Class<T> aggregationType;
     private final Function<T[], T> aggregator;
 
-    private List<InjectedValue<T>> injections = new ArrayList<>();
+    private List<InjectedValue<T>> injections = new ArrayList<InjectedValue<T>>();
 
     private T aggregation;
 
@@ -52,7 +53,7 @@ class AggregateComponentService<T> implements Service<T> {
      */
     @SuppressWarnings("unchecked")
     @Override
-    public void start(StartContext context) {
+    public void start(StartContext context) throws StartException {
         ArrayList<T> toAggregate = new ArrayList<>(injections.size());
         for (InjectedValue<T> current : injections) {
             toAggregate.add(current.getValue());

diff --git a/...va/org/wildfly/extension/elytron/tls/subsystem/CertificateAuthorityAccountDefinition.java b/...va/org/wildfly/extension/elytron/tls/subsystem/CertificateAuthorityAccountDefinition.java
@@ -27,11 +27,11 @@
 import static org.wildfly.extension.elytron.tls.subsystem.Capabilities.CERTIFICATE_AUTHORITY_RUNTIME_CAPABILITY;
 import static org.wildfly.extension.elytron.tls.subsystem.Capabilities.KEY_STORE_CAPABILITY;
 import static org.wildfly.extension.elytron.tls.subsystem.Capabilities.KEY_STORE_RUNTIME_CAPABILITY;
+import static org.wildfly.extension.elytron.tls.subsystem.ElytronTlsExtension.getRequiredService;
+import static org.wildfly.extension.elytron.tls.subsystem.ElytronTlsExtension.isServerOrHostController;
 import static org.wildfly.extension.elytron.tls.subsystem.ElytronTlsSubsystemDefinition.commonRequirements;
 import static org.wildfly.extension.elytron.tls.subsystem.FileAttributeDefinitions.PATH;
 import static org.wildfly.extension.elytron.tls.subsystem.FileAttributeDefinitions.RELATIVE_TO;
-import static org.wildfly.extension.elytron.tls.subsystem.ElytronTlsExtension.getRequiredService;
-import static org.wildfly.extension.elytron.tls.subsystem.ElytronTlsExtension.isServerOrHostController;
 import static org.wildfly.extension.elytron.tls.subsystem._private.ElytronTLSLogger.LOGGER;
 
 import java.security.KeyStore;
@@ -60,7 +60,6 @@
 import org.jboss.as.controller.registry.OperationEntry;
 import org.jboss.as.controller.registry.Resource;
 import org.jboss.as.controller.security.CredentialReference;
-import org.jboss.as.domain.http.server.ConsoleAvailabilityService.LogAdminConsole;
 import org.jboss.dmr.ModelNode;
 import org.jboss.dmr.ModelType;
 import org.jboss.msc.service.ServiceBuilder;
@@ -228,19 +227,16 @@ protected void performRuntime(OperationContext context, ModelNode operation, Res
             ServiceTarget serviceTarget = context.getServiceTarget();
             RuntimeCapability<Void> certificateAuthorityAccountRuntimeCapability = CERTIFICATE_AUTHORITY_ACCOUNT_RUNTIME_CAPABILITY.fromBaseCapability(context.getCurrentAddressValue());
             ServiceName acmeAccountServiceName = certificateAuthorityAccountRuntimeCapability.getCapabilityServiceName(AcmeAccount.class);
-            ServiceBuilder<AcmeAccount> acmeAccountServiceBuilder = (ServiceBuilder<AcmeAccount>) serviceTarget.addService(acmeAccountServiceName).setInitialMode(ServiceController.Mode.ACTIVE);
-
-            acmeAccountService.setCredentialSourceSupplier(credentialSourceSupplier);
+            ServiceBuilder<AcmeAccount> acmeAccountServiceBuilder = serviceTarget.addService(acmeAccountServiceName, acmeAccountService).setInitialMode(ServiceController.Mode.ACTIVE);
+            acmeAccountService.getCredentialSourceSupplierInjector().inject(credentialSourceSupplier);
 
-            String keyStoreCapabilityName = RuntimeCapability.buildDynamicCapabilityName(KEY_STORE_CAPABILITY, finalKeyStoreName);
-            ServiceName keyStoreServiceName = context.getCapabilityServiceName(keyStoreCapabilityName, KeyStore.class);
-            acmeAccountService.setKeyStoreSupplier(acmeAccountServiceBuilder.requires(keyStoreServiceName));
-
+            String keyStoreCapabilityName = RuntimeCapability.buildDynamicCapabilityName(KEY_STORE_CAPABILITY, keyStoreName);
+            acmeAccountServiceBuilder.addDependency(context.getCapabilityServiceName(keyStoreCapabilityName, KeyStore.class), KeyStore.class, acmeAccountService.getKeyStoreInjector());
             if (certificateAuthorityName.equalsIgnoreCase(CertificateAuthority.LETS_ENCRYPT.getName())) {
-                commonRequirements(acmeAccountServiceBuilder, true, true).install();
+                commonRequirements(acmeAccountServiceBuilder).install();
             } else {
                 acmeAccountServiceBuilder.requires(CERTIFICATE_AUTHORITY_RUNTIME_CAPABILITY.getCapabilityServiceName(certificateAuthorityName));
-                commonRequirements(acmeAccountServiceBuilder, true, true).install();
+                commonRequirements(acmeAccountServiceBuilder).install();
             }
         }
 

diff --git a/...main/java/org/wildfly/extension/elytron/tls/subsystem/CertificateAuthorityDefinition.java b/...main/java/org/wildfly/extension/elytron/tls/subsystem/CertificateAuthorityDefinition.java
@@ -18,6 +18,14 @@
 
 package org.wildfly.extension.elytron.tls.subsystem;
 
+import static org.wildfly.extension.elytron.tls.subsystem.Capabilities.CERTIFICATE_AUTHORITY_RUNTIME_CAPABILITY;
+import static org.wildfly.extension.elytron.tls.subsystem.ElytronTlsExtension.getRequiredService;
+import static org.wildfly.extension.elytron.tls.subsystem.ElytronTlsSubsystemDefinition.commonRequirements;
+import static org.wildfly.extension.elytron.tls.subsystem._private.ElytronTLSLogger.LOGGER;
+
+import java.net.MalformedURLException;
+import java.net.URL;
+
 import org.jboss.as.controller.AbstractAddStepHandler;
 import org.jboss.as.controller.AttributeDefinition;
 import org.jboss.as.controller.OperationContext;
@@ -34,21 +42,14 @@
 import org.jboss.as.controller.registry.OperationEntry;
 import org.jboss.dmr.ModelNode;
 import org.jboss.dmr.ModelType;
+import org.jboss.msc.service.Service;
 import org.jboss.msc.service.ServiceBuilder;
 import org.jboss.msc.service.ServiceController;
+import org.jboss.msc.service.ServiceController.Mode;
 import org.jboss.msc.service.ServiceName;
 import org.jboss.msc.service.ServiceRegistry;
 import org.jboss.msc.service.ServiceTarget;
 import org.wildfly.security.x500.cert.acme.CertificateAuthority;
-import org.jboss.msc.service.ServiceController.Mode;
-
-import java.net.MalformedURLException;
-import java.net.URL;
-
-import static org.wildfly.extension.elytron.tls.subsystem.Capabilities.CERTIFICATE_AUTHORITY_RUNTIME_CAPABILITY;
-import static org.wildfly.extension.elytron.tls.subsystem.ElytronTlsSubsystemDefinition.commonRequirements;
-import static org.wildfly.extension.elytron.tls.subsystem.ElytronTlsExtension.getRequiredService;
-import static org.wildfly.extension.elytron.tls.subsystem._private.ElytronTLSLogger.LOGGER;
 
 /**
  * A {@link ResourceDefinition} for a single certificate authority.
@@ -124,7 +125,7 @@ protected void performRuntime(OperationContext context, ModelNode operation, Mod
             if (certificateAuthorityName.equalsIgnoreCase(CertificateAuthority.LETS_ENCRYPT.getName())) {
                 throw LOGGER.letsEncryptNameNotAllowed();
             }
-            commonRequirements(installService(context, model), true, true).setInitialMode(Mode.ACTIVE).install();
+            commonRequirements(installService(context, model)).setInitialMode(Mode.ACTIVE).install();
         }
 
         ServiceBuilder<CertificateAuthority> installService(OperationContext context, ModelNode model) {
@@ -143,7 +144,7 @@ protected TrivialService.ValueSupplier<CertificateAuthority> getValueSupplier(Op
         }
     }
 
-    static org.jboss.msc.service.Service<CertificateAuthority> getCertificateAuthorityService(ServiceRegistry serviceRegistry, String certificateAuthorityName) {
+    static Service<CertificateAuthority> getCertificateAuthorityService(ServiceRegistry serviceRegistry, String certificateAuthorityName) {
         RuntimeCapability<Void> runtimeCapability = CERTIFICATE_AUTHORITY_RUNTIME_CAPABILITY.fromBaseCapability(certificateAuthorityName);
         ServiceName serviceName = runtimeCapability.getCapabilityServiceName();
         ServiceController<CertificateAuthority> serviceContainer = getRequiredService(serviceRegistry, serviceName, CertificateAuthority.class);

diff --git a/...n/java/org/wildfly/extension/elytron/tls/subsystem/CredentialStoreResourceDefinition.java b/...n/java/org/wildfly/extension/elytron/tls/subsystem/CredentialStoreResourceDefinition.java
@@ -18,7 +18,6 @@
 
 package org.wildfly.extension.elytron.tls.subsystem;
 
-import static org.jboss.as.controller.AbstractControllerService.PATH_MANAGER_CAPABILITY;
 import static org.jboss.as.controller.security.CredentialReference.getCredentialSource;
 import static org.jboss.as.controller.security.CredentialReference.handleCredentialReferenceUpdate;
 import static org.jboss.as.controller.security.CredentialReference.rollbackCredentialStoreUpdate;
@@ -70,6 +69,7 @@
 import org.jboss.as.controller.registry.OperationEntry;
 import org.jboss.as.controller.registry.Resource;
 import org.jboss.as.controller.security.CredentialReference;
+import org.jboss.as.controller.services.path.PathManagerService;
 import org.jboss.dmr.ModelNode;
 import org.jboss.dmr.ModelType;
 import org.jboss.msc.service.ServiceName;
@@ -455,11 +455,12 @@ protected void resolveRuntime(ModelNode model, OperationContext context) throws
         protected ExceptionSupplier<CredentialStore, StartException> prepareServiceSupplier(OperationContext context,
                 CapabilityServiceBuilder<?> serviceBuilder) throws OperationFailedException {
 
+            final Supplier<PathManagerService> pathManager;
             if (relativeTo != null) {
-                pathManagerSupplier = serviceBuilder.requires(PATH_MANAGER_CAPABILITY.getCapabilityServiceName());
+                pathManager = serviceBuilder.requires(PathManagerService.SERVICE_NAME);
                 serviceBuilder.requires(pathName(relativeTo));
             } else {
-                pathManagerSupplier = null;
+                pathManager = null;
             }
 
             final Supplier<Provider[]> providerSupplier;
@@ -498,7 +499,7 @@ public CredentialStore get() throws StartException {
                             PathResolver pathResolver = pathResolver();
                             pathResolver.path(location);
                             if (relativeTo != null) {
-                                pathResolver.relativeTo(relativeTo, pathManagerSupplier.get());
+                                pathResolver.relativeTo(relativeTo, pathManager.get());
                             }
                             File resolved = pathResolver.resolve();
                             pathResolver.clear();

diff --git a/...m/src/main/java/org/wildfly/extension/elytron/tls/subsystem/DefaultSSLContextService.java b/...m/src/main/java/org/wildfly/extension/elytron/tls/subsystem/DefaultSSLContextService.java
@@ -16,8 +16,11 @@
 
 package org.wildfly.extension.elytron.tls.subsystem;
 
+import static org.wildfly.extension.elytron.tls.subsystem.ElytronTlsSubsystemDefinition.RESTORE_DEFAULT_SSL_CONTEXT;
 import static org.wildfly.extension.elytron.tls.subsystem.SecurityActions.doPrivileged;
+import static org.wildfly.extension.elytron.tls.subsystem._private.ElytronTLSLogger.LOGGER;
 
+import java.security.NoSuchAlgorithmException;
 import java.security.PrivilegedAction;
 import java.util.function.Consumer;
 import java.util.function.Supplier;
@@ -30,7 +33,6 @@
 import org.jboss.msc.service.StartException;
 import org.jboss.msc.service.StopContext;
 
-
 /**
  * A simple {@link Service} to take an {@link SSLContext} and register it as the process wide default.
  *
@@ -40,7 +42,7 @@ class DefaultSSLContextService implements Service {
 
     static final ServiceName SERVICE_NAME = ElytronTlsExtension.BASE_SERVICE_NAME.append(Constants.SSL_CONTEXT_REGISTRATION);
 
-    //private static final boolean RESTORE_SSL_CONTEXT = doPrivileged((PrivilegedAction<Boolean>) () -> Boolean.getBoolean(RESTORE_DEFAULT_SSL_CONTEXT));
+    private static final boolean RESTORE_SSL_CONTEXT = doPrivileged((PrivilegedAction<Boolean>) () -> Boolean.getBoolean(RESTORE_DEFAULT_SSL_CONTEXT));
 
     private final Supplier<SSLContext> defaultSSLContextSupplier;
     private final Consumer<SSLContext> valueConsumer;
@@ -64,7 +66,6 @@ public void start(StartContext context) throws StartException {
     public void stop(StopContext context) {
         // We can't set the default back to 'null' as that would cause a NullPointerException.
         // For the purpose of testing we may want to restore the default.
-        /*
         if (RESTORE_SSL_CONTEXT) {
             try {
                 final SSLContext defaultSSLContext = SSLContext.getInstance("Default");
@@ -75,7 +76,7 @@ public void stop(StopContext context) {
             } catch (NoSuchAlgorithmException e) {
                 LOGGER.debug(e);
             }
-        }*/
+        }
     }
 
 }
diff --git a/subsystem/src/main/java/org/wildfly/extension/elytron/tls/subsystem/ElytronDoohickey.java b/subsystem/src/main/java/org/wildfly/extension/elytron/tls/subsystem/ElytronDoohickey.java
@@ -26,7 +26,6 @@
 import java.util.Iterator;
 import java.util.concurrent.locks.Lock;
 import java.util.concurrent.locks.ReentrantLock;
-import java.util.function.Supplier;
 
 import org.jboss.as.controller.CapabilityServiceBuilder;
 import org.jboss.as.controller.OperationContext;
@@ -48,9 +47,12 @@
  */
 abstract class ElytronDoohickey<T> implements ExceptionFunction<OperationContext, T, OperationFailedException> {
 
-    private static final Supplier<Deque<PathAddress>> CALL_STACK_SUPPLIER = ArrayDeque::new;
-
-    private static final ThreadLocal<Deque<PathAddress>> CALL_STACK = ThreadLocal.withInitial(CALL_STACK_SUPPLIER);
+    private static final ThreadLocal<Deque<PathAddress>> CALL_STACK = new ThreadLocal() {
+        @Override
+        protected Deque<PathAddress> initialValue() {
+            return new ArrayDeque<>();
+        }
+    };
 
     /*
      * As each Thread tracks the addresses of the relevent resources we could likely implement some form of
@@ -63,7 +65,6 @@ abstract class ElytronDoohickey<T> implements ExceptionFunction<OperationContext
 
     private volatile boolean modelResolved = false;
     private volatile ExceptionSupplier<T, StartException> serviceValueSupplier;
-    protected volatile Supplier<PathManagerService> pathManagerSupplier;
 
     private volatile T value;
 
@@ -164,9 +165,8 @@ protected File resolveRelativeToImmediately(String path, String relativeTo, Oper
         PathResolver pathResolver = pathResolver();
         pathResolver.path(path);
         if (relativeTo != null) {
-//            PathManager pathManager = (PathManager) foreignContext.getServiceRegistry(false)
-//                    .getRequiredService(PATH_MANAGER_CAPABILITY.getCapabilityServiceName()).getValue();
-            PathManager pathManager = pathManagerSupplier.get();
+            PathManager pathManager = (PathManager) foreignContext.getServiceRegistry(false)
+                    .getRequiredService(PathManagerService.SERVICE_NAME).getValue();
             pathResolver.relativeTo(relativeTo, pathManager);
         }
         File resolved = pathResolver.resolve();