package com.quorum.tessera.config.constraints;
import com.quorum.tessera.config.keypairs.UnsupportedKeyPair;
import javax.validation.ConstraintValidator;
import javax.validation.ConstraintValidatorContext;
import java.util.Objects;
import java.util.stream.Stream;
public class UnsupportedKeyPairValidator implements ConstraintValidator<ValidUnsupportedKeyPair, UnsupportedKeyPair> {
@Override
public boolean isValid(UnsupportedKeyPair keyPair, ConstraintValidatorContext context) {
if (isIncompleteDirectKeyPair(keyPair)) {
context.disableDefaultConstraintViolation();
context.buildConstraintViolationWithTemplate("{UnsupportedKeyPair.bothDirectKeysRequired.message}")
.addConstraintViolation();
}
else if (isIncompleteInlineKeyPair(keyPair)) {
context.disableDefaultConstraintViolation();
context.buildConstraintViolationWithTemplate("{UnsupportedKeyPair.bothInlineKeysRequired.message}")
.addConstraintViolation();
}
else if (isIncompleteAzureVaultKeyPair(keyPair)) {
context.disableDefaultConstraintViolation();
context.buildConstraintViolationWithTemplate("{UnsupportedKeyPair.bothAzureKeysRequired.message}")
.addConstraintViolation();
}
else if (isIncompleteHashicorpVaultKeyPair(keyPair)) {
context.disableDefaultConstraintViolation();
context.buildConstraintViolationWithTemplate("{UnsupportedKeyPair.allHashicorpKeyDataRequired.message}")
.addConstraintViolation();
}
else if (isIncompleteAWSVaultKeyPair(keyPair)) {
context.disableDefaultConstraintViolation();
context.buildConstraintViolationWithTemplate("{UnsupportedKeyPair.bothAWSKeysRequired.message}")
.addConstraintViolation();
}
else if (isIncompleteFilesystemKeyPair(keyPair)) {
context.disableDefaultConstraintViolation();
context.buildConstraintViolationWithTemplate("{UnsupportedKeyPair.bothFilesystemKeysRequired.message}")
.addConstraintViolation();
}
return false;
}
private boolean isIncompleteDirectKeyPair(UnsupportedKeyPair keyPair) {
return isIncomplete(keyPair.getPublicKey(), keyPair.getPrivateKey());
}
private boolean isIncompleteInlineKeyPair(UnsupportedKeyPair keyPair) {
return isIncomplete(keyPair.getPublicKey(), keyPair.getConfig());
}
private boolean isIncompleteAzureVaultKeyPair(UnsupportedKeyPair keyPair) {
return isIncomplete(keyPair.getAzureVaultPublicKeyId(), keyPair.getAzureVaultPrivateKeyId());
}
private boolean isIncompleteHashicorpVaultKeyPair(UnsupportedKeyPair keyPair) {
return isIncomplete(keyPair.getHashicorpVaultPublicKeyId(), keyPair.getHashicorpVaultPrivateKeyId(), keyPair.getHashicorpVaultSecretEngineName(), keyPair.getHashicorpVaultSecretName());
}
private boolean isIncompleteAWSVaultKeyPair(UnsupportedKeyPair keyPair) {
return isIncomplete(keyPair.getAwsSecretsManagerPublicKeyId(), keyPair.getAwsSecretsManagerPrivateKeyId());
}
private boolean isIncompleteFilesystemKeyPair(UnsupportedKeyPair keyPair) {
return isIncomplete(keyPair.getPublicKeyPath(), keyPair.getPrivateKeyPath());
}
private boolean isIncomplete(Object... args) {
return areAnyNull(args) && areAnyNonNull(args);
}
private boolean areAnyNull(Object... args) {
return Stream.of(args).anyMatch(Objects::isNull);
}
private boolean areAnyNonNull(Object... args) {
return Stream.of(args).anyMatch(Objects::nonNull);
}
}
