use of com.quorum.tessera.config.KeyVaultConfig in project tessera by ConsenSys.
the class HashicorpKeyVaultServiceFactoryUtilTest method configureClientAuthenticationIfNoEnvVarSetThenException.
@Test
public void configureClientAuthenticationIfNoEnvVarSetThenException() {
KeyVaultConfig keyVaultConfig = mock(KeyVaultConfig.class);
EnvironmentVariableProvider envProvider = mock(EnvironmentVariableProvider.class);
ClientHttpRequestFactory clientHttpRequestFactory = mock(ClientHttpRequestFactory.class);
VaultEndpoint vaultEndpoint = mock(VaultEndpoint.class);
when(envProvider.getEnv(HASHICORP_ROLE_ID)).thenReturn(null);
when(envProvider.getEnv(HASHICORP_SECRET_ID)).thenReturn(null);
when(envProvider.getEnv(HASHICORP_TOKEN)).thenReturn(null);
Throwable ex = catchThrowable(() -> util.configureClientAuthentication(keyVaultConfig, envProvider, clientHttpRequestFactory, vaultEndpoint));
assertThat(ex).isExactlyInstanceOf(HashicorpCredentialNotSetException.class);
assertThat(ex.getMessage()).isEqualTo("Both " + HASHICORP_ROLE_ID + " and " + HASHICORP_SECRET_ID + " environment variables must be set to use the AppRole authentication method. Alternatively set " + HASHICORP_TOKEN + " to authenticate using the Token method");
}
use of com.quorum.tessera.config.KeyVaultConfig in project tessera by ConsenSys.
the class HashicorpKeyVaultServiceFactoryUtilTest method configureSslUsesKeyStoreAndTrustStoreIfBothProvided.
@Test
public void configureSslUsesKeyStoreAndTrustStoreIfBothProvided() throws Exception {
KeyVaultConfig keyVaultConfig = mock(KeyVaultConfig.class);
EnvironmentVariableProvider envProvider = mock(EnvironmentVariableProvider.class);
Path path = Files.createTempFile(UUID.randomUUID().toString(), ".tmp");
path.toFile().deleteOnExit();
when(keyVaultConfig.hasProperty("tlsKeyStorePath", "tlsTrustStorePath")).thenReturn(true);
when(keyVaultConfig.getProperty("tlsKeyStorePath")).thenReturn(Optional.of(path.toString()));
when(keyVaultConfig.getProperty("tlsTrustStorePath")).thenReturn(Optional.of(path.toString()));
SslConfiguration result = util.configureSsl(keyVaultConfig, envProvider);
assertThat(result.getKeyStoreConfiguration().isPresent()).isTrue();
assertThat(result.getTrustStoreConfiguration().isPresent()).isTrue();
}
use of com.quorum.tessera.config.KeyVaultConfig in project tessera by ConsenSys.
the class HashicorpKeyVaultServiceFactoryUtilTest method configureSslUsesTrustStoreOnlyIfProvided.
@Test
public void configureSslUsesTrustStoreOnlyIfProvided() throws Exception {
KeyVaultConfig keyVaultConfig = mock(KeyVaultConfig.class);
EnvironmentVariableProvider envProvider = mock(EnvironmentVariableProvider.class);
Path path = Files.createTempFile(UUID.randomUUID().toString(), ".tmp");
path.toFile().deleteOnExit();
when(keyVaultConfig.hasProperty("tlsTrustStorePath")).thenReturn(true);
when(keyVaultConfig.hasProperty("tlsKeyStorePath")).thenReturn(false);
when(keyVaultConfig.getProperty("tlsKeyStorePath")).thenReturn(Optional.empty());
when(keyVaultConfig.getProperty("tlsTrustStorePath")).thenReturn(Optional.of(path.toString()));
SslConfiguration result = util.configureSsl(keyVaultConfig, envProvider);
assertThat(result.getKeyStoreConfiguration().isPresent()).isFalse();
assertThat(result.getTrustStoreConfiguration().isPresent()).isTrue();
}
use of com.quorum.tessera.config.KeyVaultConfig in project tessera by ConsenSys.
the class HashicorpKeyVaultServiceFactoryUtilTest method configureClientAuthenticationIfOnlyRoleIdSetThenException.
@Test
public void configureClientAuthenticationIfOnlyRoleIdSetThenException() {
KeyVaultConfig keyVaultConfig = mock(KeyVaultConfig.class);
EnvironmentVariableProvider envProvider = mock(EnvironmentVariableProvider.class);
ClientHttpRequestFactory clientHttpRequestFactory = mock(ClientHttpRequestFactory.class);
VaultEndpoint vaultEndpoint = mock(VaultEndpoint.class);
when(envProvider.getEnv(HASHICORP_ROLE_ID)).thenReturn("role-id");
when(envProvider.getEnv(HASHICORP_SECRET_ID)).thenReturn(null);
when(envProvider.getEnv(HASHICORP_TOKEN)).thenReturn(null);
Throwable ex = catchThrowable(() -> util.configureClientAuthentication(keyVaultConfig, envProvider, clientHttpRequestFactory, vaultEndpoint));
assertThat(ex).isExactlyInstanceOf(HashicorpCredentialNotSetException.class);
assertThat(ex.getMessage()).isEqualTo("Both " + HASHICORP_ROLE_ID + " and " + HASHICORP_SECRET_ID + " environment variables must be set to use the AppRole authentication method");
}
use of com.quorum.tessera.config.KeyVaultConfig in project tessera by ConsenSys.
the class DefaultKeyVaultConfigValidationsTest method validCase.
@Test
public void validCase() {
KeyConfiguration keyConfiguration = mock(KeyConfiguration.class);
// Not ideal. Having to use config object in tests to apply validation rules.
KeyVaultConfig keyVaultConfig = new DefaultKeyVaultConfig() {
{
setKeyVaultType(KeyVaultType.AZURE);
}
};
List<KeyVaultConfig> keyVaultConfigList = Arrays.asList(mock(KeyVaultConfig.class));
when(keyConfiguration.getKeyVaultConfigs()).thenReturn(keyVaultConfigList);
ConfigKeyPair keyPair = new AzureVaultKeyPair("publicKeyId", "privateKeyId", null, null);
List<ConfigKeyPair> keyPairs = Arrays.asList(keyPair);
Set<ConstraintViolation<?>> results = validator.validate(keyConfiguration, keyPairs);
assertThat(results).isEmpty();
}
Aggregations