Search in sources :

Example 26 with GetSecretValueResult

use of com.amazonaws.services.secretsmanager.model.GetSecretValueResult in project spring-cloud-aws by awspring.

the class AwsSecretsManagerPropertySourceLocatorTest method contextExpectedToHave2Elements.

@Test
void contextExpectedToHave2Elements() {
    AwsSecretsManagerProperties properties = new AwsSecretsManagerPropertiesBuilder().withDefaultContext("application").withName("application").build();
    GetSecretValueResult secretValueResult = new GetSecretValueResult();
    secretValueResult.setSecretString("{\"key1\": \"value1\", \"key2\": \"value2\"}");
    when(smClient.getSecretValue(any(GetSecretValueRequest.class))).thenReturn(secretValueResult);
    AwsSecretsManagerPropertySourceLocator locator = new AwsSecretsManagerPropertySourceLocator(smClient, properties);
    env.setActiveProfiles("test");
    locator.locate(env);
    assertThat(locator.getContexts()).hasSize(2);
}
Also used : GetSecretValueResult(com.amazonaws.services.secretsmanager.model.GetSecretValueResult) GetSecretValueRequest(com.amazonaws.services.secretsmanager.model.GetSecretValueRequest) Test(org.junit.jupiter.api.Test)

Example 27 with GetSecretValueResult

use of com.amazonaws.services.secretsmanager.model.GetSecretValueResult in project kork by spinnaker.

the class SecretsManagerSecretEngineTest method decryptJsonUserSecret.

@Test
public void decryptJsonUserSecret() {
    OpaqueUserSecret userSecret = OpaqueUserSecret.builder().roles(List.of("a", "b", "c")).stringData(Map.of("password", "hunter2")).build();
    byte[] secretBytes = userSecretMapper.serialize(userSecret, "json");
    GetSecretValueResult stubResult = new GetSecretValueResult().withSecretBinary(ByteBuffer.wrap(secretBytes));
    doReturn(stubResult).when(secretsManagerSecretEngine).getSecretValue(any(), any());
    UserSecretReference reference = UserSecretReference.parse("secret://secrets-manager?r=us-west-2&s=private-key&e=json");
    assertEquals("hunter2", secretsManagerSecretEngine.decrypt(reference).getSecretString("password"));
}
Also used : GetSecretValueResult(com.amazonaws.services.secretsmanager.model.GetSecretValueResult) OpaqueUserSecret(com.netflix.spinnaker.kork.secrets.user.OpaqueUserSecret) UserSecretReference(com.netflix.spinnaker.kork.secrets.user.UserSecretReference) Test(org.junit.Test)

Example 28 with GetSecretValueResult

use of com.amazonaws.services.secretsmanager.model.GetSecretValueResult in project aws-appflow-custom-connector-java by awslabs.

the class CredentialsProvider method getCustomConnectorProfileCredentials.

/**
 * Builds the credentials by reading the data fetched from secret manager.
 *
 * @return- CustomConnectorProfileCredentials
 */
public static CustomConnectorProfileCredentials getCustomConnectorProfileCredentials(final CustomConnectorProfileConfiguration profileConfiguration) {
    CustomConnectorProfileCredentials customConnectorProfileCredentials = new CustomConnectorProfileCredentials();
    if (profileConfiguration.authenticationType().equals(AuthenticationType.NO_AUTH) || !profileConfiguration.secretsManagerArn().isPresent()) {
        return customConnectorProfileCredentials;
    }
    AWSSecretsManager secretsManager = ServiceProvider.getSecretsManager();
    GetSecretValueResult secretValueResult = secretsManager.getSecretValue(new GetSecretValueRequest().withSecretId(profileConfiguration.secretsManagerArn().get()));
    try {
        switch(profileConfiguration.authenticationType()) {
            case API_KEY:
                return customConnectorProfileCredentials.withAuthenticationType(com.amazonaws.services.appflow.model.AuthenticationType.APIKEY).withApiKey(OBJECT_MAPPER.readValue(secretValueResult.getSecretString(), ApiKeyCredentials.class));
            case BASIC:
                return customConnectorProfileCredentials.withAuthenticationType(com.amazonaws.services.appflow.model.AuthenticationType.BASIC).withBasic(OBJECT_MAPPER.readValue(secretValueResult.getSecretString(), BasicAuthCredentials.class));
            case OAUTH2:
                return customConnectorProfileCredentials.withAuthenticationType(com.amazonaws.services.appflow.model.AuthenticationType.OAUTH2).withOauth2(OBJECT_MAPPER.readValue(secretValueResult.getSecretString(), OAuth2Credentials.class));
            case CUSTOM:
                return customConnectorProfileCredentials.withAuthenticationType(com.amazonaws.services.appflow.model.AuthenticationType.CUSTOM).withCustom(OBJECT_MAPPER.readValue(secretValueResult.getSecretString(), CustomAuthCredentials.class));
            default:
                throw new IllegalStateException("AuthenticationType is not defined");
        }
    } catch (JsonProcessingException e) {
        throw new RuntimeException("Unable to Serialize secrets value. Secret String must be a valid json");
    }
}
Also used : ApiKeyCredentials(com.amazonaws.services.appflow.model.ApiKeyCredentials) GetSecretValueResult(com.amazonaws.services.secretsmanager.model.GetSecretValueResult) BasicAuthCredentials(com.amazonaws.services.appflow.model.BasicAuthCredentials) CustomAuthCredentials(com.amazonaws.services.appflow.model.CustomAuthCredentials) CustomConnectorProfileCredentials(com.amazonaws.services.appflow.model.CustomConnectorProfileCredentials) AWSSecretsManager(com.amazonaws.services.secretsmanager.AWSSecretsManager) GetSecretValueRequest(com.amazonaws.services.secretsmanager.model.GetSecretValueRequest) OAuth2Credentials(com.amazonaws.services.appflow.model.OAuth2Credentials) JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException)

Example 29 with GetSecretValueResult

use of com.amazonaws.services.secretsmanager.model.GetSecretValueResult in project fernet-java8 by l0s.

the class SecretsManagerTest method verifyGetSecretStageRetrievesBinary.

@Test
public final void verifyGetSecretStageRetrievesBinary() throws UnsupportedEncodingException {
    // given
    final GetSecretValueRequest request = new GetSecretValueRequest();
    request.setSecretId("secret");
    request.setVersionStage("AWSPENDING");
    final GetSecretValueResult response = new GetSecretValueResult();
    response.setSecretBinary(ByteBuffer.wrap("expected".getBytes("UTF-8")));
    given(delegate.getSecretValue(eq(request))).willReturn(response);
    // when
    final ByteBuffer result = manager.getSecretStage("secret", PENDING);
    // then
    final byte[] buffer = new byte[result.remaining()];
    result.get(buffer);
    assertEquals("expected", new String(buffer, "UTF-8"));
}
Also used : GetSecretValueResult(com.amazonaws.services.secretsmanager.model.GetSecretValueResult) GetSecretValueRequest(com.amazonaws.services.secretsmanager.model.GetSecretValueRequest) ByteBuffer(java.nio.ByteBuffer) Test(org.junit.Test)

Example 30 with GetSecretValueResult

use of com.amazonaws.services.secretsmanager.model.GetSecretValueResult in project fernet-java8 by l0s.

the class SecretsManager method getSecretVersion.

/**
 * Retrieve a specific version of the secret. This requires the permission <code>secretsmanager:GetSecretValue</code>
 *
 * @param secretId the ARN of the secret
 * @param clientRequestToken the version identifier of the secret
 * @return the Fernet key or keys in binary form
 */
public ByteBuffer getSecretVersion(final String secretId, final String clientRequestToken) {
    final GetSecretValueRequest getSecretValueRequest = new GetSecretValueRequest();
    getSecretValueRequest.setSecretId(secretId);
    getSecretValueRequest.setVersionId(clientRequestToken);
    final GetSecretValueResult result = getDelegate().getSecretValue(getSecretValueRequest);
    return result.getSecretBinary();
}
Also used : GetSecretValueResult(com.amazonaws.services.secretsmanager.model.GetSecretValueResult) GetSecretValueRequest(com.amazonaws.services.secretsmanager.model.GetSecretValueRequest)

Aggregations

GetSecretValueResult (com.amazonaws.services.secretsmanager.model.GetSecretValueResult)60 GetSecretValueRequest (com.amazonaws.services.secretsmanager.model.GetSecretValueRequest)51 AWSSecretsManager (com.amazonaws.services.secretsmanager.AWSSecretsManager)25 Before (org.junit.Before)21 JdbcConnectionFactory (com.amazonaws.athena.connectors.jdbc.connection.JdbcConnectionFactory)18 JdbcCredentialProvider (com.amazonaws.athena.connectors.jdbc.connection.JdbcCredentialProvider)18 AmazonAthena (com.amazonaws.services.athena.AmazonAthena)17 FederatedIdentity (com.amazonaws.athena.connector.lambda.security.FederatedIdentity)16 Connection (java.sql.Connection)13 Test (org.junit.jupiter.api.Test)10 Test (org.junit.Test)8 AmazonS3 (com.amazonaws.services.s3.AmazonS3)6 DatabaseConnectionConfig (com.amazonaws.athena.connectors.jdbc.connection.DatabaseConnectionConfig)5 InvocationOnMock (org.mockito.invocation.InvocationOnMock)5 Map (java.util.Map)4 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)4 QueryStatusChecker (com.amazonaws.athena.connector.lambda.QueryStatusChecker)3 JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)3 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)3 IOException (java.io.IOException)3