feat:support TSF certificate manager. (#1716)
parent
f3d5ded24d
commit
cfd769b701
@ -0,0 +1,64 @@
|
||||
/*
|
||||
* Tencent is pleased to support the open source community by making spring-cloud-tencent available.
|
||||
*
|
||||
* Copyright (C) 2021 Tencent. All rights reserved.
|
||||
*
|
||||
* Licensed under the BSD 3-Clause License (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://opensource.org/licenses/BSD-3-Clause
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software distributed
|
||||
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
||||
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations under the License.
|
||||
*/
|
||||
|
||||
package com.tencent.cloud.polaris.registry.tsf;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import com.tencent.cloud.common.util.ApplicationContextAwareUtils;
|
||||
import com.tencent.cloud.polaris.PolarisDiscoveryProperties;
|
||||
import com.tencent.cloud.polaris.context.config.extend.tsf.TsfCoreProperties;
|
||||
import com.tencent.cloud.polaris.registry.PolarisRegistration;
|
||||
import com.tencent.cloud.polaris.registry.PolarisRegistrationCustomizer;
|
||||
import com.tencent.polaris.api.utils.StringUtils;
|
||||
|
||||
import static com.tencent.polaris.plugins.connector.common.constant.ConsulConstant.MetadataMapKey.TAGS_KEY;
|
||||
|
||||
/**
|
||||
* @author Haotian Zhang
|
||||
*/
|
||||
public class TsfTagsRegistrationCustomizer implements PolarisRegistrationCustomizer {
|
||||
|
||||
private final TsfCoreProperties tsfCoreProperties;
|
||||
|
||||
private final PolarisDiscoveryProperties polarisDiscoveryProperties;
|
||||
|
||||
public TsfTagsRegistrationCustomizer(TsfCoreProperties tsfCoreProperties, PolarisDiscoveryProperties polarisDiscoveryProperties) {
|
||||
this.tsfCoreProperties = tsfCoreProperties;
|
||||
this.polarisDiscoveryProperties = polarisDiscoveryProperties;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void customize(PolarisRegistration registration) {
|
||||
if (tsfCoreProperties == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
String protocol = ApplicationContextAwareUtils.getProperties("tsf.discovery.scheme",
|
||||
ApplicationContextAwareUtils.getProperties("spring.cloud.polaris.discovery.protocol", "http"));
|
||||
if (StringUtils.isNotBlank(protocol)) {
|
||||
tsfCoreProperties.setScheme(protocol);
|
||||
polarisDiscoveryProperties.setProtocol(protocol);
|
||||
}
|
||||
Map<String, String> metadata = registration.getExtendedMetadata()
|
||||
.computeIfAbsent(TAGS_KEY, k -> new HashMap<>());
|
||||
for (String tag : tsfCoreProperties.getTsfTags()) {
|
||||
metadata.put(TAGS_KEY, tag);
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,20 @@
|
||||
<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||
<parent>
|
||||
<artifactId>spring-cloud-tencent-plugin-starters</artifactId>
|
||||
<groupId>com.tencent.cloud</groupId>
|
||||
<version>${revision}</version>
|
||||
<relativePath>../pom.xml</relativePath>
|
||||
</parent>
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<artifactId>spring-cloud-starter-tencent-tsf-tls-plugin</artifactId>
|
||||
<name>Spring Cloud Tencent TSF TLS Plugin</name>
|
||||
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>com.tencent.cloud</groupId>
|
||||
<artifactId>spring-cloud-tencent-rpc-enhancement</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
@ -0,0 +1,100 @@
|
||||
/*
|
||||
* Tencent is pleased to support the open source community by making spring-cloud-tencent available.
|
||||
*
|
||||
* Copyright (C) 2021 Tencent. All rights reserved.
|
||||
*
|
||||
* Licensed under the BSD 3-Clause License (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://opensource.org/licenses/BSD-3-Clause
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software distributed
|
||||
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
||||
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations under the License.
|
||||
*/
|
||||
|
||||
package com.tencent.cloud.plugin.tsf.tls;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import com.tencent.cloud.plugin.tsf.tls.utils.SyncUtils;
|
||||
import com.tencent.cloud.polaris.context.config.extend.tsf.TsfTlsProperties;
|
||||
import com.tencent.polaris.api.utils.ClassUtils;
|
||||
import com.tencent.polaris.api.utils.StringUtils;
|
||||
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.env.EnvironmentPostProcessor;
|
||||
import org.springframework.core.Ordered;
|
||||
import org.springframework.core.env.ConfigurableEnvironment;
|
||||
import org.springframework.core.env.MapPropertySource;
|
||||
|
||||
/**
|
||||
* Environment post processor for polaris tls.
|
||||
*
|
||||
* @author Haotian Zhang
|
||||
*/
|
||||
public class TlsEnvironmentPostProcessor implements EnvironmentPostProcessor, Ordered {
|
||||
@Override
|
||||
public void postProcessEnvironment(ConfigurableEnvironment environment, SpringApplication application) {
|
||||
String address = environment.getProperty("MESH_CITADEL_ADDR");
|
||||
if (StringUtils.isNotBlank(address)
|
||||
&& StringUtils.equals("tsf", environment.getProperty("server.ssl.bundle"))
|
||||
&& ClassUtils.isClassPresent("com.tencent.cloud.plugin.tsf.tls.utils.SyncUtils")
|
||||
&& !ClassUtils.isClassPresent("com.tencent.cloud.polaris.config.adapter.PolarisConfigFileLocator")) {
|
||||
// get common name
|
||||
String commonName = environment.getProperty("spring.cloud.polaris.service");
|
||||
if (StringUtils.isBlank(commonName)) {
|
||||
commonName = environment.getProperty("spring.cloud.polaris.discovery.service");
|
||||
}
|
||||
if (StringUtils.isBlank(commonName)) {
|
||||
commonName = environment.getProperty("spring.application.name");
|
||||
}
|
||||
// get certPath
|
||||
String certPath = environment.getProperty("MESH_CITADEL_CERT");
|
||||
// get token
|
||||
String token = environment.getProperty("tsf_token");
|
||||
// get validityDuration
|
||||
Long validityDuration = environment.getProperty("spring.cloud.polaris.tls.validityDuration", Long.class, TsfTlsProperties.DEFAULT_VALIDITY_DURATION);
|
||||
// get refreshBefore
|
||||
Long refreshBefore = environment.getProperty("spring.cloud.polaris.tls.refreshBefore", Long.class, TsfTlsProperties.DEFAULT_REFRESH_BEFORE);
|
||||
// get watchInterval
|
||||
Long watchInterval = environment.getProperty("spring.cloud.polaris.tls.watchInterval", Long.class, TsfTlsProperties.DEFAULT_WATCH_INTERVAL);
|
||||
SyncUtils.init(commonName, address, certPath, token, validityDuration, refreshBefore, watchInterval);
|
||||
System.setProperty("server.ssl.bundle", "tsf");
|
||||
if (SyncUtils.isVerified()) {
|
||||
Map<String, Object> tlsEnvProperties = new HashMap<>();
|
||||
// set ssl
|
||||
String clientAuth = environment.getProperty("server.ssl.client-auth", "want");
|
||||
tlsEnvProperties.put("server.ssl.client-auth", clientAuth);
|
||||
System.setProperty("server.ssl.client-auth", clientAuth);
|
||||
String protocol = environment.getProperty("spring.cloud.polaris.discovery.protocol", "https");
|
||||
tlsEnvProperties.put("spring.cloud.polaris.discovery.protocol", protocol);
|
||||
System.setProperty("spring.cloud.polaris.discovery.protocol", protocol);
|
||||
tlsEnvProperties.put("tsf.discovery.scheme", protocol);
|
||||
System.setProperty("tsf.discovery.scheme", protocol);
|
||||
|
||||
// set tsf spring ssl bundle
|
||||
tlsEnvProperties.put("spring.ssl.bundle.pem.tsf.reload-on-update", "true");
|
||||
if (StringUtils.isNotBlank(SyncUtils.getPemKeyStoreCertPath()) && StringUtils.isNotBlank(SyncUtils.getPemKeyStoreKeyPath())) {
|
||||
tlsEnvProperties.put("spring.ssl.bundle.pem.tsf.keystore.certificate", SyncUtils.getPemKeyStoreCertPath());
|
||||
tlsEnvProperties.put("spring.ssl.bundle.pem.tsf.keystore.private-key", SyncUtils.getPemKeyStoreKeyPath());
|
||||
}
|
||||
if (StringUtils.isNotBlank(SyncUtils.getPemTrustStoreCertPath())) {
|
||||
tlsEnvProperties.put("spring.ssl.bundle.pem.tsf.truststore.certificate", SyncUtils.getPemTrustStoreCertPath());
|
||||
}
|
||||
|
||||
// process environment
|
||||
MapPropertySource propertySource = new MapPropertySource("tsf-tls-properties", tlsEnvProperties);
|
||||
environment.getPropertySources().addFirst(propertySource);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public int getOrder() {
|
||||
return 0;
|
||||
}
|
||||
}
|
@ -0,0 +1,63 @@
|
||||
/*
|
||||
* Tencent is pleased to support the open source community by making spring-cloud-tencent available.
|
||||
*
|
||||
* Copyright (C) 2021 Tencent. All rights reserved.
|
||||
*
|
||||
* Licensed under the BSD 3-Clause License (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://opensource.org/licenses/BSD-3-Clause
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software distributed
|
||||
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
||||
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations under the License.
|
||||
*/
|
||||
|
||||
package com.tencent.cloud.plugin.tsf.tls;
|
||||
|
||||
import java.util.concurrent.atomic.AtomicBoolean;
|
||||
|
||||
import com.tencent.cloud.common.util.ApplicationContextAwareUtils;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import org.springframework.boot.context.event.ApplicationStartedEvent;
|
||||
import org.springframework.boot.ssl.NoSuchSslBundleException;
|
||||
import org.springframework.boot.ssl.SslBundles;
|
||||
import org.springframework.cloud.context.refresh.ContextRefresher;
|
||||
import org.springframework.context.ApplicationListener;
|
||||
|
||||
/**
|
||||
* Application listener for tls init.
|
||||
*
|
||||
* @author Haotian Zhang
|
||||
*/
|
||||
public class TlsReadyApplicationListener implements ApplicationListener<ApplicationStartedEvent> {
|
||||
|
||||
private static final Logger log = LoggerFactory.getLogger(TlsReadyApplicationListener.class);
|
||||
|
||||
private final AtomicBoolean isSet = new AtomicBoolean(false);
|
||||
|
||||
@Override
|
||||
public void onApplicationEvent(@NotNull ApplicationStartedEvent event) {
|
||||
SslBundles sslBundles = ApplicationContextAwareUtils.getBeanIfExists(SslBundles.class);
|
||||
ContextRefresher contextRefresher = ApplicationContextAwareUtils.getBeanIfExists(ContextRefresher.class);
|
||||
try {
|
||||
if (sslBundles != null && contextRefresher != null && isSet.compareAndSet(false, true)) {
|
||||
try {
|
||||
sslBundles.getBundle("tsf");
|
||||
sslBundles.addBundleUpdateHandler("tsf", sslBundle -> contextRefresher.refresh());
|
||||
}
|
||||
catch (NoSuchSslBundleException e) {
|
||||
log.warn("tsf ssl bundle is not registered.");
|
||||
}
|
||||
}
|
||||
}
|
||||
catch (Throwable throwable) {
|
||||
log.warn("tsf ssl bundle is not registered correctly.", throwable);
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
/*
|
||||
* Tencent is pleased to support the open source community by making spring-cloud-tencent available.
|
||||
*
|
||||
* Copyright (C) 2021 Tencent. All rights reserved.
|
||||
*
|
||||
* Licensed under the BSD 3-Clause License (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://opensource.org/licenses/BSD-3-Clause
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software distributed
|
||||
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
||||
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations under the License.
|
||||
*/
|
||||
|
||||
package com.tencent.cloud.plugin.tsf.tls.config;
|
||||
|
||||
import com.tencent.cloud.plugin.tsf.tls.TlsReadyApplicationListener;
|
||||
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
/**
|
||||
* Auto configuration for TSF TLS.
|
||||
*
|
||||
* @author Haotian Zhang
|
||||
*/
|
||||
@Configuration(proxyBeanMethods = false)
|
||||
@ConditionalOnProperty(value = "server.ssl.bundle", havingValue = "tsf")
|
||||
public class TsfTlsAutoConfiguration {
|
||||
|
||||
@Bean
|
||||
public TlsReadyApplicationListener tlsReadyApplicationListener() {
|
||||
return new TlsReadyApplicationListener();
|
||||
}
|
||||
}
|
@ -0,0 +1,147 @@
|
||||
/*
|
||||
* Tencent is pleased to support the open source community by making spring-cloud-tencent available.
|
||||
*
|
||||
* Copyright (C) 2021 Tencent. All rights reserved.
|
||||
*
|
||||
* Licensed under the BSD 3-Clause License (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://opensource.org/licenses/BSD-3-Clause
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software distributed
|
||||
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
||||
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations under the License.
|
||||
*/
|
||||
|
||||
package com.tencent.cloud.plugin.tsf.tls.utils;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.Objects;
|
||||
|
||||
import com.tencent.polaris.api.config.ConfigProvider;
|
||||
import com.tencent.polaris.api.config.consumer.OutlierDetectionConfig;
|
||||
import com.tencent.polaris.api.config.plugin.DefaultPlugins;
|
||||
import com.tencent.polaris.api.plugin.certificate.CertFile;
|
||||
import com.tencent.polaris.api.plugin.certificate.CertFileKey;
|
||||
import com.tencent.polaris.api.utils.CollectionUtils;
|
||||
import com.tencent.polaris.api.utils.StringUtils;
|
||||
import com.tencent.polaris.certificate.api.core.CertificateAPI;
|
||||
import com.tencent.polaris.certificate.factory.CertificateAPIFactory;
|
||||
import com.tencent.polaris.client.api.SDKContext;
|
||||
import com.tencent.polaris.factory.ConfigAPIFactory;
|
||||
import com.tencent.polaris.factory.config.ConfigurationImpl;
|
||||
import com.tencent.polaris.plugins.certificate.tsf.TsfCertificateManagerConfig;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
/**
|
||||
* Utils for sync.
|
||||
*
|
||||
* @author Haotian Zhang
|
||||
*/
|
||||
public final class SyncUtils {
|
||||
|
||||
private static final Logger log = LoggerFactory.getLogger(SyncUtils.class);
|
||||
private static final Map<CertFileKey, CertFile> pemFileMap = new HashMap<>();
|
||||
private volatile static SDKContext certificateSDKContext;
|
||||
private volatile static CertificateAPI certificateAPI;
|
||||
|
||||
private SyncUtils() {
|
||||
|
||||
}
|
||||
|
||||
public static void init(String commonName, String address, String certPath, String token, Long validityDuration,
|
||||
Long refreshBefore, Long watchInterval) {
|
||||
log.info("begin init SyncUtils with commonName: {}, address: {}, certPath: {}, token: {}", commonName, address, certPath, token);
|
||||
try {
|
||||
if (!isInitialized() && StringUtils.isNotBlank(commonName) && StringUtils.isNotBlank(address)) {
|
||||
initCertificateSDKContext(commonName, address, certPath, token, validityDuration, refreshBefore, watchInterval);
|
||||
log.info("init SyncUtils with commonName: {}, address: {}, certPath: {}, token: {} successfully", commonName, address, certPath, token);
|
||||
}
|
||||
}
|
||||
catch (Throwable throwable) {
|
||||
log.error("init SyncUtils with commonName: {}, address: {}, certPath: {}, token: {} failed.", commonName, address, certPath, token, throwable);
|
||||
}
|
||||
}
|
||||
|
||||
private static void initCertificateSDKContext(String commonName, String address, String certPath, String token,
|
||||
Long validityDuration, Long refreshBefore, Long watchInterval) {
|
||||
// 1. Read user-defined polaris.yml configuration
|
||||
ConfigurationImpl configuration = (ConfigurationImpl) ConfigAPIFactory
|
||||
.defaultConfig(ConfigProvider.DEFAULT_CONFIG);
|
||||
|
||||
// 2. Override user-defined polaris.yml configuration with SCT configuration
|
||||
configuration.getGlobal().getAPI().setReportEnable(false);
|
||||
configuration.getGlobal().getStatReporter().setEnable(false);
|
||||
configuration.getConsumer().getOutlierDetection().setWhen(OutlierDetectionConfig.When.never);
|
||||
configuration.getGlobal().getCertificate().setEnable(true);
|
||||
configuration.getGlobal().getCertificate().setCommonName(commonName);
|
||||
configuration.getGlobal().getCertificate().setPluginName(DefaultPlugins.TSF_CERTIFICATE_MANAGER);
|
||||
if (validityDuration != null) {
|
||||
configuration.getGlobal().getCertificate().setValidityDuration(validityDuration);
|
||||
}
|
||||
if (refreshBefore != null) {
|
||||
configuration.getGlobal().getCertificate().setRefreshBefore(refreshBefore);
|
||||
}
|
||||
if (watchInterval != null) {
|
||||
configuration.getGlobal().getCertificate().setWatchInterval(watchInterval);
|
||||
}
|
||||
TsfCertificateManagerConfig tsfCertificateManagerConfig = new TsfCertificateManagerConfig();
|
||||
tsfCertificateManagerConfig.setAddress(address);
|
||||
tsfCertificateManagerConfig.setCertPath(certPath);
|
||||
tsfCertificateManagerConfig.setToken(token);
|
||||
configuration.getGlobal().getCertificate()
|
||||
.setPluginConfig(DefaultPlugins.TSF_CERTIFICATE_MANAGER, tsfCertificateManagerConfig);
|
||||
|
||||
certificateSDKContext = SDKContext.initContextByConfig(configuration);
|
||||
certificateSDKContext.init();
|
||||
Runtime.getRuntime().addShutdownHook(new Thread(() -> {
|
||||
try {
|
||||
if (Objects.nonNull(certificateSDKContext)) {
|
||||
certificateSDKContext.destroy();
|
||||
certificateSDKContext = null;
|
||||
}
|
||||
log.info("Polaris SDK certificate context is destroyed.");
|
||||
}
|
||||
catch (Throwable throwable) {
|
||||
log.info("Polaris SDK certificate context is destroyed failed.", throwable);
|
||||
}
|
||||
}));
|
||||
log.info("create Polaris certificate SDK context successfully.");
|
||||
|
||||
certificateAPI = CertificateAPIFactory.createCertificateAPIByContext(certificateSDKContext);
|
||||
pemFileMap.putAll(certificateAPI.getPemFileMap());
|
||||
}
|
||||
|
||||
public static boolean isInitialized() {
|
||||
return certificateSDKContext != null && certificateAPI != null;
|
||||
}
|
||||
|
||||
public static boolean isVerified() {
|
||||
return isInitialized() && CollectionUtils.isNotEmpty(certificateAPI.getPemFileMap());
|
||||
}
|
||||
|
||||
public static String getPemKeyStoreCertPath() {
|
||||
if (pemFileMap.containsKey(CertFileKey.PemKeyStoreCertPath)) {
|
||||
return pemFileMap.get(CertFileKey.PemKeyStoreCertPath).getPath();
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public static String getPemKeyStoreKeyPath() {
|
||||
if (pemFileMap.containsKey(CertFileKey.PrivateKeyFile)) {
|
||||
return pemFileMap.get(CertFileKey.PrivateKeyFile).getPath();
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public static String getPemTrustStoreCertPath() {
|
||||
if (pemFileMap.containsKey(CertFileKey.PemTrustStoreCertPath)) {
|
||||
return pemFileMap.get(CertFileKey.PemTrustStoreCertPath).getPath();
|
||||
}
|
||||
return null;
|
||||
}
|
||||
}
|
@ -0,0 +1,2 @@
|
||||
org.springframework.boot.env.EnvironmentPostProcessor=\
|
||||
com.tencent.cloud.plugin.tsf.tls.TlsEnvironmentPostProcessor
|
@ -0,0 +1 @@
|
||||
com.tencent.cloud.plugin.tsf.tls.config.TsfTlsAutoConfiguration
|
@ -0,0 +1,112 @@
|
||||
/*
|
||||
* Tencent is pleased to support the open source community by making spring-cloud-tencent available.
|
||||
*
|
||||
* Copyright (C) 2021 Tencent. All rights reserved.
|
||||
*
|
||||
* Licensed under the BSD 3-Clause License (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://opensource.org/licenses/BSD-3-Clause
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software distributed
|
||||
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
||||
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations under the License.
|
||||
*/
|
||||
|
||||
package com.tencent.cloud.polaris.context.config.extend.tsf;
|
||||
|
||||
import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||
|
||||
/**
|
||||
* Properties for polaris tls.
|
||||
*
|
||||
* @author Haotian Zhang
|
||||
*/
|
||||
@ConfigurationProperties(prefix = "spring.cloud.polaris.tls")
|
||||
public class TsfTlsProperties {
|
||||
|
||||
/**
|
||||
* default validity duration.
|
||||
*/
|
||||
public static final long DEFAULT_VALIDITY_DURATION = 30 * 24 * 60 * 60 * 1000L;
|
||||
/**
|
||||
* default refresh before.
|
||||
*/
|
||||
public static final long DEFAULT_REFRESH_BEFORE = 24 * 60 * 60 * 1000L;
|
||||
/**
|
||||
* default watch interval.
|
||||
*/
|
||||
public static final long DEFAULT_WATCH_INTERVAL = 60 * 60 * 1000L;
|
||||
|
||||
private Long validityDuration = DEFAULT_VALIDITY_DURATION;
|
||||
|
||||
private Long refreshBefore = DEFAULT_REFRESH_BEFORE;
|
||||
|
||||
private Long watchInterval = DEFAULT_WATCH_INTERVAL;
|
||||
|
||||
private Tsf tsf = new Tsf();
|
||||
|
||||
public Long getValidityDuration() {
|
||||
return validityDuration;
|
||||
}
|
||||
|
||||
public void setValidityDuration(Long validityDuration) {
|
||||
this.validityDuration = validityDuration;
|
||||
}
|
||||
|
||||
public Long getRefreshBefore() {
|
||||
return refreshBefore;
|
||||
}
|
||||
|
||||
public void setRefreshBefore(Long refreshBefore) {
|
||||
this.refreshBefore = refreshBefore;
|
||||
}
|
||||
|
||||
public Long getWatchInterval() {
|
||||
return watchInterval;
|
||||
}
|
||||
|
||||
public void setWatchInterval(Long watchInterval) {
|
||||
this.watchInterval = watchInterval;
|
||||
}
|
||||
|
||||
public Tsf getTsf() {
|
||||
return tsf;
|
||||
}
|
||||
|
||||
public void setTsf(Tsf tsf) {
|
||||
this.tsf = tsf;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "TsfTlsProperties{" +
|
||||
"validityDuration=" + validityDuration +
|
||||
", refreshBefore=" + refreshBefore +
|
||||
", watchInterval=" + watchInterval +
|
||||
", tsf=" + tsf +
|
||||
'}';
|
||||
}
|
||||
|
||||
public static class Tsf {
|
||||
|
||||
private String address;
|
||||
|
||||
public String getAddress() {
|
||||
return address;
|
||||
}
|
||||
|
||||
void setAddress(String address) {
|
||||
this.address = address;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "Tsf{" +
|
||||
"address='" + address + '\'' +
|
||||
'}';
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in new issue