Examples with PutSecretValueRequest com.amazonaws.services.secretsmanager.model.PutSecretValueRequest used on opensource projects

Example 1 with PutSecretValueRequest

use of com.amazonaws.services.secretsmanager.model.PutSecretValueRequest in project fernet-java8 by l0s.

the class MemoryOverwritingRequestHandlerTest method verifyAfterErrorClearsSecret.

@Test
public void verifyAfterErrorClearsSecret() {
    // given
    final ByteBuffer secretBinary = ByteBuffer.wrap(new byte[] { 1, 1, 2, 3, 5, 8 });
    assertTrue(Arrays.equals(secretBinary.array(), new byte[] { 1, 1, 2, 3, 5, 8 }));
    final PutSecretValueRequest originalRequest = new PutSecretValueRequest();
    originalRequest.setSecretBinary(secretBinary);
    final Request<PutSecretValueRequest> request = new DefaultRequest<PutSecretValueRequest>(originalRequest, "AWSSecretsManager");
    final PutSecretValueResult result = mock(PutSecretValueResult.class);
    final HttpResponse httpResponse = mock(HttpResponse.class);
    final Response<PutSecretValueResult> response = new Response<PutSecretValueResult>(result, httpResponse);
    // when
    handler.afterError(request, response, new Exception());
    // then
    assertFalse(Arrays.equals(secretBinary.array(), new byte[] { 1, 1, 2, 3, 5, 8 }));
}

Example 2 with PutSecretValueRequest

use of com.amazonaws.services.secretsmanager.model.PutSecretValueRequest in project fernet-java8 by l0s.

the class MemoryOverwritingRequestHandlerTest method verifyAfterResponseClearsSecret.

@Test
public void verifyAfterResponseClearsSecret() {
    // given
    final ByteBuffer secretBinary = ByteBuffer.wrap(new byte[] { 1, 1, 2, 3, 5, 8 });
    assertTrue(Arrays.equals(secretBinary.array(), new byte[] { 1, 1, 2, 3, 5, 8 }));
    final PutSecretValueRequest originalRequest = new PutSecretValueRequest();
    originalRequest.setSecretBinary(secretBinary);
    final Request<PutSecretValueRequest> request = new DefaultRequest<PutSecretValueRequest>(originalRequest, "AWSSecretsManager");
    final PutSecretValueResult result = mock(PutSecretValueResult.class);
    final HttpResponse httpResponse = mock(HttpResponse.class);
    final Response<PutSecretValueResult> response = new Response<PutSecretValueResult>(result, httpResponse);
    // when
    handler.afterResponse(request, response);
    // then
    assertFalse(Arrays.equals(secretBinary.array(), new byte[] { 1, 1, 2, 3, 5, 8 }));
}

Example 3 with PutSecretValueRequest

use of com.amazonaws.services.secretsmanager.model.PutSecretValueRequest in project fernet-java8 by l0s.

the class SecretsManagerTest method verifyPutSecretValueStoresKey.

@Test
public final void verifyPutSecretValueStoresKey() throws IOException {
    // given
    final String expected = "expected";
    final Key key = mock(Key.class);
    final Answer<?> answer = new Answer<Void>() {

        public Void answer(final InvocationOnMock invocation) throws Throwable {
            final OutputStream stream = invocation.getArgument(0);
            stream.write(expected.getBytes("UTF-8"));
            return null;
        }
    };
    doAnswer(answer).when(key).writeTo(any(OutputStream.class));
    // when
    manager.putSecretValue("secret", "version", key, PREVIOUS);
    // then
    final PutSecretValueRequest request = new PutSecretValueRequest();
    request.setSecretId("secret");
    request.setClientRequestToken("version");
    request.setVersionStages(singleton("AWSPREVIOUS"));
    request.setSecretBinary(ByteBuffer.wrap(expected.getBytes("UTF-8")));
    verify(delegate).putSecretValue(eq(request));
}

Example 4 with PutSecretValueRequest

use of com.amazonaws.services.secretsmanager.model.PutSecretValueRequest in project fernet-java8 by l0s.

the class SecretsManager method putSecretValue.

/**
 * Store Fernet keys in the secret. This requires the permission <code>secretsmanager:PutSecretValue</code>
 *
 * @param secretId
 *            the ARN of the secret
 * @param clientRequestToken
 *            the secret version identifier
 * @param keys
 *            the keys to store in the secret
 * @param stage
 *            the stage with which to tag the version
 */
public void putSecretValue(final String secretId, final String clientRequestToken, final Collection<? extends Key> keys, final Stage stage) {
    final PutSecretValueRequest putSecretValueRequest = new PutSecretValueRequest();
    putSecretValueRequest.setSecretId(secretId);
    putSecretValueRequest.setClientRequestToken(clientRequestToken);
    putSecretValueRequest.setVersionStages(singletonList(stage.getAwsName()));
    try (ByteArrayOutputStream outputStream = new ByteArrayOutputStream(32 * keys.size())) {
        for (final Key key : keys) {
            key.writeTo(outputStream);
        }
        final ByteBuffer buffer = ByteBuffer.wrap(outputStream.toByteArray());
        putSecretValueRequest.setSecretBinary(buffer);
        outputStream.reset();
        for (int i = keys.size(); --i >= 0; outputStream.write(0)) ;
    } catch (final IOException ioe) {
        // this really should not happen as I/O is to memory only
        throw new IllegalStateException(ioe.getMessage(), ioe);
    }
    getDelegate().putSecretValue(putSecretValueRequest);
}

Example 5 with PutSecretValueRequest

use of com.amazonaws.services.secretsmanager.model.PutSecretValueRequest in project fernet-java8 by l0s.

the class MemoryOverwritingRequestHandler method afterResponse.

public void afterResponse(final Request<?> request, final Response<?> response) {
    final Object requestObject = request.getOriginalRequestObject();
    if (requestObject instanceof PutSecretValueRequest) {
        final PutSecretValueRequest putRequest = (PutSecretValueRequest) requestObject;
        overwriteSecret(putRequest);
    }
}