use of com.amazonaws.services.secretsmanager.model.PutSecretValueRequest in project fernet-java8 by l0s.
the class MemoryOverwritingRequestHandlerTest method verifyAfterErrorClearsSecret.
@Test
public void verifyAfterErrorClearsSecret() {
// given
final ByteBuffer secretBinary = ByteBuffer.wrap(new byte[] { 1, 1, 2, 3, 5, 8 });
assertTrue(Arrays.equals(secretBinary.array(), new byte[] { 1, 1, 2, 3, 5, 8 }));
final PutSecretValueRequest originalRequest = new PutSecretValueRequest();
originalRequest.setSecretBinary(secretBinary);
final Request<PutSecretValueRequest> request = new DefaultRequest<PutSecretValueRequest>(originalRequest, "AWSSecretsManager");
final PutSecretValueResult result = mock(PutSecretValueResult.class);
final HttpResponse httpResponse = mock(HttpResponse.class);
final Response<PutSecretValueResult> response = new Response<PutSecretValueResult>(result, httpResponse);
// when
handler.afterError(request, response, new Exception());
// then
assertFalse(Arrays.equals(secretBinary.array(), new byte[] { 1, 1, 2, 3, 5, 8 }));
}
use of com.amazonaws.services.secretsmanager.model.PutSecretValueRequest in project fernet-java8 by l0s.
the class MemoryOverwritingRequestHandlerTest method verifyAfterResponseClearsSecret.
@Test
public void verifyAfterResponseClearsSecret() {
// given
final ByteBuffer secretBinary = ByteBuffer.wrap(new byte[] { 1, 1, 2, 3, 5, 8 });
assertTrue(Arrays.equals(secretBinary.array(), new byte[] { 1, 1, 2, 3, 5, 8 }));
final PutSecretValueRequest originalRequest = new PutSecretValueRequest();
originalRequest.setSecretBinary(secretBinary);
final Request<PutSecretValueRequest> request = new DefaultRequest<PutSecretValueRequest>(originalRequest, "AWSSecretsManager");
final PutSecretValueResult result = mock(PutSecretValueResult.class);
final HttpResponse httpResponse = mock(HttpResponse.class);
final Response<PutSecretValueResult> response = new Response<PutSecretValueResult>(result, httpResponse);
// when
handler.afterResponse(request, response);
// then
assertFalse(Arrays.equals(secretBinary.array(), new byte[] { 1, 1, 2, 3, 5, 8 }));
}
use of com.amazonaws.services.secretsmanager.model.PutSecretValueRequest in project fernet-java8 by l0s.
the class SecretsManagerTest method verifyPutSecretValueStoresKey.
@Test
public final void verifyPutSecretValueStoresKey() throws IOException {
// given
final String expected = "expected";
final Key key = mock(Key.class);
final Answer<?> answer = new Answer<Void>() {
public Void answer(final InvocationOnMock invocation) throws Throwable {
final OutputStream stream = invocation.getArgument(0);
stream.write(expected.getBytes("UTF-8"));
return null;
}
};
doAnswer(answer).when(key).writeTo(any(OutputStream.class));
// when
manager.putSecretValue("secret", "version", key, PREVIOUS);
// then
final PutSecretValueRequest request = new PutSecretValueRequest();
request.setSecretId("secret");
request.setClientRequestToken("version");
request.setVersionStages(singleton("AWSPREVIOUS"));
request.setSecretBinary(ByteBuffer.wrap(expected.getBytes("UTF-8")));
verify(delegate).putSecretValue(eq(request));
}
use of com.amazonaws.services.secretsmanager.model.PutSecretValueRequest in project fernet-java8 by l0s.
the class SecretsManager method putSecretValue.
/**
* Store Fernet keys in the secret. This requires the permission <code>secretsmanager:PutSecretValue</code>
*
* @param secretId
* the ARN of the secret
* @param clientRequestToken
* the secret version identifier
* @param keys
* the keys to store in the secret
* @param stage
* the stage with which to tag the version
*/
public void putSecretValue(final String secretId, final String clientRequestToken, final Collection<? extends Key> keys, final Stage stage) {
final PutSecretValueRequest putSecretValueRequest = new PutSecretValueRequest();
putSecretValueRequest.setSecretId(secretId);
putSecretValueRequest.setClientRequestToken(clientRequestToken);
putSecretValueRequest.setVersionStages(singletonList(stage.getAwsName()));
try (ByteArrayOutputStream outputStream = new ByteArrayOutputStream(32 * keys.size())) {
for (final Key key : keys) {
key.writeTo(outputStream);
}
final ByteBuffer buffer = ByteBuffer.wrap(outputStream.toByteArray());
putSecretValueRequest.setSecretBinary(buffer);
outputStream.reset();
for (int i = keys.size(); --i >= 0; outputStream.write(0)) ;
} catch (final IOException ioe) {
// this really should not happen as I/O is to memory only
throw new IllegalStateException(ioe.getMessage(), ioe);
}
getDelegate().putSecretValue(putSecretValueRequest);
}
use of com.amazonaws.services.secretsmanager.model.PutSecretValueRequest in project fernet-java8 by l0s.
the class MemoryOverwritingRequestHandler method afterResponse.
public void afterResponse(final Request<?> request, final Response<?> response) {
final Object requestObject = request.getOriginalRequestObject();
if (requestObject instanceof PutSecretValueRequest) {
final PutSecretValueRequest putRequest = (PutSecretValueRequest) requestObject;
overwriteSecret(putRequest);
}
}
Aggregations