Search in sources :

Example 1 with PutSecretValueRequest

use of com.amazonaws.services.secretsmanager.model.PutSecretValueRequest in project fernet-java8 by l0s.

the class MemoryOverwritingRequestHandlerTest method verifyAfterErrorClearsSecret.

@Test
public void verifyAfterErrorClearsSecret() {
    // given
    final ByteBuffer secretBinary = ByteBuffer.wrap(new byte[] { 1, 1, 2, 3, 5, 8 });
    assertTrue(Arrays.equals(secretBinary.array(), new byte[] { 1, 1, 2, 3, 5, 8 }));
    final PutSecretValueRequest originalRequest = new PutSecretValueRequest();
    originalRequest.setSecretBinary(secretBinary);
    final Request<PutSecretValueRequest> request = new DefaultRequest<PutSecretValueRequest>(originalRequest, "AWSSecretsManager");
    final PutSecretValueResult result = mock(PutSecretValueResult.class);
    final HttpResponse httpResponse = mock(HttpResponse.class);
    final Response<PutSecretValueResult> response = new Response<PutSecretValueResult>(result, httpResponse);
    // when
    handler.afterError(request, response, new Exception());
    // then
    assertFalse(Arrays.equals(secretBinary.array(), new byte[] { 1, 1, 2, 3, 5, 8 }));
}
Also used : HttpResponse(com.amazonaws.http.HttpResponse) Response(com.amazonaws.Response) PutSecretValueRequest(com.amazonaws.services.secretsmanager.model.PutSecretValueRequest) DefaultRequest(com.amazonaws.DefaultRequest) HttpResponse(com.amazonaws.http.HttpResponse) ByteBuffer(java.nio.ByteBuffer) PutSecretValueResult(com.amazonaws.services.secretsmanager.model.PutSecretValueResult) Test(org.junit.Test)

Example 2 with PutSecretValueRequest

use of com.amazonaws.services.secretsmanager.model.PutSecretValueRequest in project fernet-java8 by l0s.

the class MemoryOverwritingRequestHandlerTest method verifyAfterResponseClearsSecret.

@Test
public void verifyAfterResponseClearsSecret() {
    // given
    final ByteBuffer secretBinary = ByteBuffer.wrap(new byte[] { 1, 1, 2, 3, 5, 8 });
    assertTrue(Arrays.equals(secretBinary.array(), new byte[] { 1, 1, 2, 3, 5, 8 }));
    final PutSecretValueRequest originalRequest = new PutSecretValueRequest();
    originalRequest.setSecretBinary(secretBinary);
    final Request<PutSecretValueRequest> request = new DefaultRequest<PutSecretValueRequest>(originalRequest, "AWSSecretsManager");
    final PutSecretValueResult result = mock(PutSecretValueResult.class);
    final HttpResponse httpResponse = mock(HttpResponse.class);
    final Response<PutSecretValueResult> response = new Response<PutSecretValueResult>(result, httpResponse);
    // when
    handler.afterResponse(request, response);
    // then
    assertFalse(Arrays.equals(secretBinary.array(), new byte[] { 1, 1, 2, 3, 5, 8 }));
}
Also used : HttpResponse(com.amazonaws.http.HttpResponse) Response(com.amazonaws.Response) PutSecretValueRequest(com.amazonaws.services.secretsmanager.model.PutSecretValueRequest) DefaultRequest(com.amazonaws.DefaultRequest) HttpResponse(com.amazonaws.http.HttpResponse) ByteBuffer(java.nio.ByteBuffer) PutSecretValueResult(com.amazonaws.services.secretsmanager.model.PutSecretValueResult) Test(org.junit.Test)

Example 3 with PutSecretValueRequest

use of com.amazonaws.services.secretsmanager.model.PutSecretValueRequest in project fernet-java8 by l0s.

the class SecretsManagerTest method verifyPutSecretValueStoresKey.

@Test
public final void verifyPutSecretValueStoresKey() throws IOException {
    // given
    final String expected = "expected";
    final Key key = mock(Key.class);
    final Answer<?> answer = new Answer<Void>() {

        public Void answer(final InvocationOnMock invocation) throws Throwable {
            final OutputStream stream = invocation.getArgument(0);
            stream.write(expected.getBytes("UTF-8"));
            return null;
        }
    };
    doAnswer(answer).when(key).writeTo(any(OutputStream.class));
    // when
    manager.putSecretValue("secret", "version", key, PREVIOUS);
    // then
    final PutSecretValueRequest request = new PutSecretValueRequest();
    request.setSecretId("secret");
    request.setClientRequestToken("version");
    request.setVersionStages(singleton("AWSPREVIOUS"));
    request.setSecretBinary(ByteBuffer.wrap(expected.getBytes("UTF-8")));
    verify(delegate).putSecretValue(eq(request));
}
Also used : Answer(org.mockito.stubbing.Answer) Mockito.doAnswer(org.mockito.Mockito.doAnswer) PutSecretValueRequest(com.amazonaws.services.secretsmanager.model.PutSecretValueRequest) InvocationOnMock(org.mockito.invocation.InvocationOnMock) OutputStream(java.io.OutputStream) Key(com.macasaet.fernet.Key) Test(org.junit.Test)

Example 4 with PutSecretValueRequest

use of com.amazonaws.services.secretsmanager.model.PutSecretValueRequest in project fernet-java8 by l0s.

the class SecretsManager method putSecretValue.

/**
 * Store Fernet keys in the secret. This requires the permission <code>secretsmanager:PutSecretValue</code>
 *
 * @param secretId
 *            the ARN of the secret
 * @param clientRequestToken
 *            the secret version identifier
 * @param keys
 *            the keys to store in the secret
 * @param stage
 *            the stage with which to tag the version
 */
public void putSecretValue(final String secretId, final String clientRequestToken, final Collection<? extends Key> keys, final Stage stage) {
    final PutSecretValueRequest putSecretValueRequest = new PutSecretValueRequest();
    putSecretValueRequest.setSecretId(secretId);
    putSecretValueRequest.setClientRequestToken(clientRequestToken);
    putSecretValueRequest.setVersionStages(singletonList(stage.getAwsName()));
    try (ByteArrayOutputStream outputStream = new ByteArrayOutputStream(32 * keys.size())) {
        for (final Key key : keys) {
            key.writeTo(outputStream);
        }
        final ByteBuffer buffer = ByteBuffer.wrap(outputStream.toByteArray());
        putSecretValueRequest.setSecretBinary(buffer);
        outputStream.reset();
        for (int i = keys.size(); --i >= 0; outputStream.write(0)) ;
    } catch (final IOException ioe) {
        // this really should not happen as I/O is to memory only
        throw new IllegalStateException(ioe.getMessage(), ioe);
    }
    getDelegate().putSecretValue(putSecretValueRequest);
}
Also used : PutSecretValueRequest(com.amazonaws.services.secretsmanager.model.PutSecretValueRequest) ByteArrayOutputStream(java.io.ByteArrayOutputStream) IOException(java.io.IOException) ByteBuffer(java.nio.ByteBuffer) Key(com.macasaet.fernet.Key)

Example 5 with PutSecretValueRequest

use of com.amazonaws.services.secretsmanager.model.PutSecretValueRequest in project fernet-java8 by l0s.

the class MemoryOverwritingRequestHandler method afterResponse.

public void afterResponse(final Request<?> request, final Response<?> response) {
    final Object requestObject = request.getOriginalRequestObject();
    if (requestObject instanceof PutSecretValueRequest) {
        final PutSecretValueRequest putRequest = (PutSecretValueRequest) requestObject;
        overwriteSecret(putRequest);
    }
}
Also used : PutSecretValueRequest(com.amazonaws.services.secretsmanager.model.PutSecretValueRequest)

Aggregations

PutSecretValueRequest (com.amazonaws.services.secretsmanager.model.PutSecretValueRequest)8 Test (org.junit.Test)4 Key (com.macasaet.fernet.Key)3 ByteBuffer (java.nio.ByteBuffer)3 DefaultRequest (com.amazonaws.DefaultRequest)2 Response (com.amazonaws.Response)2 HttpResponse (com.amazonaws.http.HttpResponse)2 PutSecretValueResult (com.amazonaws.services.secretsmanager.model.PutSecretValueResult)2 OutputStream (java.io.OutputStream)2 Mockito.doAnswer (org.mockito.Mockito.doAnswer)2 InvocationOnMock (org.mockito.invocation.InvocationOnMock)2 Answer (org.mockito.stubbing.Answer)2 AWSSecretsManager (com.amazonaws.services.secretsmanager.AWSSecretsManager)1 CreateSecretRequest (com.amazonaws.services.secretsmanager.model.CreateSecretRequest)1 ResourceExistsException (com.amazonaws.services.secretsmanager.model.ResourceExistsException)1 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 IOException (java.io.IOException)1 Arrays (java.util.Arrays)1 Map (java.util.Map)1