chore: add Beta annotation for new mtls functions (#1167)

arithmetic1728 · chingor13 · web-flow · commit 17bbfc1903f4 · 2020-10-30T16:27:56.000-07:00
* feat: support keystore in transport for mtls

* fix format

* update code

* add tests

* update test and doc

* update names

* create keystore from cert and key string

* change certAndKey from string to inputstream

* add mtls file

* Update google-http-client/src/main/java/com/google/api/client/http/javanet/NetHttpTransport.java

Co-authored-by: Jeff Ching &lt;chingor@google.com&gt;

* Update google-http-client/src/main/java/com/google/api/client/http/javanet/NetHttpTransport.java

Co-authored-by: Jeff Ching &lt;chingor@google.com&gt;

* Update google-http-client/src/main/java/com/google/api/client/util/SslUtils.java

Co-authored-by: Jeff Ching &lt;chingor@google.com&gt;

* Update google-http-client/src/main/java/com/google/api/client/util/SslUtils.java

Co-authored-by: Jeff Ching &lt;chingor@google.com&gt;

* Update google-http-client/src/test/java/com/google/api/client/util/SecurityUtilsTest.java

Co-authored-by: Jeff Ching &lt;chingor@google.com&gt;

* Update google-http-client/src/main/java/com/google/api/client/util/SslUtils.java

Co-authored-by: Jeff Ching &lt;chingor@google.com&gt;

* update the code

* fix name

* chore: add Beta annotation for new mtls functions

* update Beta

* add since tag

Co-authored-by: Jeff Ching &lt;chingor@google.com&gt;
diff --git a/google-http-client/src/main/java/com/google/api/client/http/HttpTransport.java b/google-http-client/src/main/java/com/google/api/client/http/HttpTransport.java
@@ -133,6 +133,7 @@ public boolean supportsMethod(String method) throws IOException {
    * Returns whether the transport is mTLS.
    *
    * @return boolean indicating if the transport is mTLS.
+   * @since 1.38
    */
   public boolean isMtls() {
     return false;
diff --git a/google-http-client/src/main/java/com/google/api/client/http/javanet/NetHttpTransport.java b/google-http-client/src/main/java/com/google/api/client/http/javanet/NetHttpTransport.java
@@ -108,6 +108,7 @@ public NetHttpTransport() {
    * @param sslSocketFactory SSL socket factory or {@code null} for the default
    * @param hostnameVerifier host name verifier or {@code null} for the default
    * @param isMtls Whether the transport is mTLS. Default value is {@code false}
+   * @since 1.38
    */
   NetHttpTransport(
       Proxy proxy,
@@ -123,7 +124,7 @@ public NetHttpTransport() {
    * @param sslSocketFactory SSL socket factory or {@code null} for the default
    * @param hostnameVerifier host name verifier or {@code null} for the default
    * @param isMtls Whether the transport is mTLS. Default value is {@code false}
-   * @since 1.20
+   * @since 1.38
    */
   NetHttpTransport(
       ConnectionFactory connectionFactory,
@@ -294,6 +295,7 @@ public Builder trustCertificates(KeyStore trustStore) throws GeneralSecurityExce
     }
 
     /**
+     * {@link Beta} <br>
      * Sets the SSL socket factory based on a root certificate trust store and a client certificate
      * key store. The client certificate key store will be used to establish mutual TLS.
      *
@@ -302,7 +304,9 @@ public Builder trustCertificates(KeyStore trustStore) throws GeneralSecurityExce
      * @param mtlsKeyStore key store for client certificate and key to establish mutual TLS. (use
      *     for example {@link SecurityUtils#createMtlsKeyStore(InputStream)})
      * @param mtlsKeyStorePassword password for mtlsKeyStore parameter
+     * @since 1.38
      */
+    @Beta
     public Builder trustCertificates(
         KeyStore trustStore, KeyStore mtlsKeyStore, String mtlsKeyStorePassword)
         throws GeneralSecurityException {
diff --git a/google-http-client/src/main/java/com/google/api/client/util/SecurityUtils.java b/google-http-client/src/main/java/com/google/api/client/util/SecurityUtils.java
@@ -261,13 +261,16 @@ public static void loadKeyStoreFromCertificates(
   }
 
   /**
+   * {@link Beta} <br>
    * Create a keystore for mutual TLS with the certificate and private key provided.
    *
    * @param certAndKey Certificate and private key input stream. The stream should contain one
    *     certificate and one unencrypted private key. If there are multiple certificates, only the
    *     first certificate will be used.
    * @return keystore for mutual TLS.
+   * @since 1.38
    */
+  @Beta
   public static KeyStore createMtlsKeyStore(InputStream certAndKey)
       throws GeneralSecurityException, IOException {
     KeyStore keystore = KeyStore.getInstance("JKS");
diff --git a/google-http-client/src/main/java/com/google/api/client/util/SslUtils.java b/google-http-client/src/main/java/com/google/api/client/util/SslUtils.java
@@ -110,6 +110,7 @@ public static SSLContext initSslContext(
   }
 
   /**
+   * {@link Beta} <br>
    * Initializes the SSL context to the trust managers supplied by the trust manager factory for the
    * given trust store, and to the key managers supplied by the key manager factory for the given
    * key store.
@@ -123,7 +124,9 @@ public static SSLContext initSslContext(
    * @param mtlsKeyStorePassword password for mtlsKeyStore parameter
    * @param keyManagerFactory key manager factory (for example {@link
    *     #getDefaultKeyManagerFactory()})
+   * @since 1.38
    */
+  @Beta
   public static SSLContext initSslContext(
       SSLContext sslContext,
       KeyStore trustStore,

Original file line number	Diff line number	Diff line change
`@@ -133,6 +133,7 @@ public boolean supportsMethod(String method) throws IOException {`
`133`	`133`	`* Returns whether the transport is mTLS.`
`134`	`134`	`*`
`135`	`135`	`* @return boolean indicating if the transport is mTLS.`
	`136`	`+ * @since 1.38`
`136`	`137`	`*/`
`137`	`138`	`public boolean isMtls() {`
`138`	`139`	`return false;`