Example 16 with Key
use of com.macasaet.fernet.Key in project fernet-java8 by l0s.
the class TokenHeaderUtilityTest method verifyGetXAuthorizationTokenDeserialisesToken.
@Test
public final void verifyGetXAuthorizationTokenDeserialisesToken() {
// given
final Key key = Key.generateKey(random);
final Token token = Token.generate(random, key, "hello");
final ContainerRequest request = mock(ContainerRequest.class);
given(request.getHeaderString("X-Authorization")).willReturn(token.serialise());
// when
final Token result = utility.getXAuthorizationToken(request);
// then
assertEquals(token.serialise(), result.serialise());
}
Also used :
Token(com.macasaet.fernet.Token)
ContainerRequest(org.glassfish.jersey.server.ContainerRequest)
Key(com.macasaet.fernet.Key)
Test(org.junit.Test)
Example 17 with Key
use of com.macasaet.fernet.Key in project fernet-java8 by l0s.
the class TokenHeaderUtilityTest method verifyGetXAuthorizationTokenIgnoresBearer.
@Test
public final void verifyGetXAuthorizationTokenIgnoresBearer() {
// given
final Key key = Key.generateKey(random);
final Token token = Token.generate(random, key, "hello");
final ContainerRequest request = mock(ContainerRequest.class);
given(request.getHeaderString("Authorization")).willReturn("Bearer " + token.serialise());
// when
final Token result = utility.getXAuthorizationToken(request);
// then
assertNull(result);
}
Also used :
Token(com.macasaet.fernet.Token)
ContainerRequest(org.glassfish.jersey.server.ContainerRequest)
Key(com.macasaet.fernet.Key)
Test(org.junit.Test)
Example 18 with Key
use of com.macasaet.fernet.Key in project fernet-java8 by l0s.
the class MultiFernetKeyRotatorTest method verifyCreateSecretAddsKeyAndRemovesOldest.
@Test
public final void verifyCreateSecretAddsKeyAndRemovesOldest() throws IOException {
// given
final Key key0 = Key.generateKey(random);
final Key key1 = Key.generateKey(random);
final Key key2 = Key.generateKey(random);
final DescribeSecretResult description = new DescribeSecretResult();
description.setRotationEnabled(true);
description.setVersionIdsToStages(ImmutableMap.of("version", Arrays.asList("AWSPENDING")));
final InputStream input = new StringInputStream("{\"Step\": \"createSecret\",\"ClientRequestToken\": \"version\",\"SecretId\":\"secret\"}");
final ByteArrayOutputStream output = new ByteArrayOutputStream();
final Context context = mock(Context.class);
try (ByteArrayOutputStream stream = new ByteArrayOutputStream()) {
// pending
key0.writeTo(stream);
// primary
key1.writeTo(stream);
// old key
key2.writeTo(stream);
given(secretsManager.getSecretStage("secret", CURRENT)).willReturn(ByteBuffer.wrap(stream.toByteArray()));
given(secretsManager.describeSecret("secret")).willReturn(description);
given(secretsManager.getSecretVersion("secret", "version")).willThrow(new ResourceNotFoundException(""));
// when
rotator.handleRequest(input, output, context);
// then
verify(secretsManager).putSecretValue(eq("secret"), eq("version"), keyCollector.capture(), eq(PENDING));
final Collection<? extends Key> keys = keyCollector.getValue();
assertEquals(3, keys.size());
// new pending key
assertTrue(keys.contains(key0));
// primary key (old pending)
assertTrue(keys.contains(key1));
// old key (old primary)
assertFalse(keys.contains(key2));
new ObjectMapper().readTree(output.toByteArray());
}
}
Also used :
Context(com.amazonaws.services.lambda.runtime.Context)
DescribeSecretResult(com.amazonaws.services.secretsmanager.model.DescribeSecretResult)
StringInputStream(com.amazonaws.util.StringInputStream)
StringInputStream(com.amazonaws.util.StringInputStream)
InputStream(java.io.InputStream)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
ResourceNotFoundException(com.amazonaws.services.secretsmanager.model.ResourceNotFoundException)
Key(com.macasaet.fernet.Key)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
Test(org.junit.Test)
Example 19 with Key
use of com.macasaet.fernet.Key in project fernet-java8 by l0s.
the class MultiFernetKeyRotatorTest method verifyTestAcceptsValidSecret.
@Test
public final void verifyTestAcceptsValidSecret() throws IOException {
// given
final Key key0 = Key.generateKey(random);
final Key key1 = Key.generateKey(random);
final Key key2 = Key.generateKey(random);
final DescribeSecretResult description = new DescribeSecretResult();
description.setRotationEnabled(true);
description.setVersionIdsToStages(ImmutableMap.of("version", Arrays.asList("AWSPENDING")));
final InputStream input = new StringInputStream("{\"Step\": \"testSecret\",\"ClientRequestToken\": \"version\",\"SecretId\":\"secret\"}");
final ByteArrayOutputStream output = new ByteArrayOutputStream();
final Context context = mock(Context.class);
try (ByteArrayOutputStream stream = new ByteArrayOutputStream()) {
key0.writeTo(stream);
key1.writeTo(stream);
key2.writeTo(stream);
given(secretsManager.getSecretVersion("secret", "version")).willReturn(ByteBuffer.wrap(stream.toByteArray()));
given(secretsManager.getSecretStage("secret", CURRENT)).willReturn(ByteBuffer.wrap(stream.toByteArray()));
given(secretsManager.describeSecret("secret")).willReturn(description);
// when
rotator.handleRequest(input, output, context);
// then
new ObjectMapper().readTree(output.toByteArray());
}
}
Also used :
Context(com.amazonaws.services.lambda.runtime.Context)
DescribeSecretResult(com.amazonaws.services.secretsmanager.model.DescribeSecretResult)
StringInputStream(com.amazonaws.util.StringInputStream)
StringInputStream(com.amazonaws.util.StringInputStream)
InputStream(java.io.InputStream)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
Key(com.macasaet.fernet.Key)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
Test(org.junit.Test)
Example 20 with Key
use of com.macasaet.fernet.Key in project fernet-java8 by l0s.
the class SecretsManagerTest method verifyPutSecretValueStoresKeys.
@Test
public final void verifyPutSecretValueStoresKeys() throws IOException {
// given
final String expected = "expected";
final Key key0 = mock(Key.class);
final Key key1 = mock(Key.class);
final Answer<?> answer = new Answer<Void>() {
public Void answer(final InvocationOnMock invocation) throws Throwable {
final OutputStream stream = invocation.getArgument(0);
stream.write(expected.getBytes("UTF-8"));
return null;
}
};
doAnswer(answer).when(key0).writeTo(any(OutputStream.class));
doAnswer(answer).when(key1).writeTo(any(OutputStream.class));
// when
manager.putSecretValue("secret", "version", asList(key0, key1), PREVIOUS);
// then
final PutSecretValueRequest request = new PutSecretValueRequest();
request.setSecretId("secret");
request.setClientRequestToken("version");
request.setVersionStages(singleton("AWSPREVIOUS"));
request.setSecretBinary(ByteBuffer.wrap((expected + expected).getBytes("UTF-8")));
verify(delegate).putSecretValue(eq(request));
}
Also used :
Answer(org.mockito.stubbing.Answer)
Mockito.doAnswer(org.mockito.Mockito.doAnswer)
PutSecretValueRequest(com.amazonaws.services.secretsmanager.model.PutSecretValueRequest)
InvocationOnMock(org.mockito.invocation.InvocationOnMock)
OutputStream(java.io.OutputStream)
Key(com.macasaet.fernet.Key)
Test(org.junit.Test)
Aggregations
Key (com.macasaet.fernet.Key)23
Test (org.junit.Test)12
Token (com.macasaet.fernet.Token)10
SecureRandom (java.security.SecureRandom)5
NotAuthorizedException (javax.ws.rs.NotAuthorizedException)5
ByteArrayOutputStream (java.io.ByteArrayOutputStream)4
ByteBuffer (java.nio.ByteBuffer)4
ContainerRequest (org.glassfish.jersey.server.ContainerRequest)4
Context (com.amazonaws.services.lambda.runtime.Context)3
DescribeSecretResult (com.amazonaws.services.secretsmanager.model.DescribeSecretResult)3
PutSecretValueRequest (com.amazonaws.services.secretsmanager.model.PutSecretValueRequest)3
InputStream (java.io.InputStream)3
OutputStream (java.io.OutputStream)3
JerseyTest (org.glassfish.jersey.test.JerseyTest)3
StringInputStream (com.amazonaws.util.StringInputStream)2
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2
FileOutputStream (java.io.FileOutputStream)2
Consumes (javax.ws.rs.Consumes)2
POST (javax.ws.rs.POST)2
Path (javax.ws.rs.Path)2
