Example 1 with KeyVaultType
use of com.quorum.tessera.config.KeyVaultType in project tessera by ConsenSys.
the class KeyVaultConfigValidator method isValid.
@Override
public boolean isValid(DefaultKeyVaultConfig keyVaultConfig, ConstraintValidatorContext constraintValidatorContext) {
if (keyVaultConfig == null || keyVaultConfig.getKeyVaultType() == null) {
return true;
}
KeyVaultType keyVaultType = keyVaultConfig.getKeyVaultType();
List<Boolean> outcomes = new ArrayList<>();
if (keyVaultType == KeyVaultType.AZURE) {
if (!keyVaultConfig.getProperties().containsKey("url")) {
constraintValidatorContext.disableDefaultConstraintViolation();
constraintValidatorContext.buildConstraintViolationWithTemplate(String.format("%s: is required", URL)).addConstraintViolation();
outcomes.add(Boolean.FALSE);
}
}
if (keyVaultType == KeyVaultType.HASHICORP) {
if (!keyVaultConfig.getProperties().containsKey(URL)) {
constraintValidatorContext.disableDefaultConstraintViolation();
constraintValidatorContext.buildConstraintViolationWithTemplate(String.format("%s: is required", URL)).addConstraintViolation();
outcomes.add(Boolean.FALSE);
}
final ValidPath validPath = this.getClass().getAnnotation(ValidPath.class);
final PathValidator pathValidator = new PathValidator();
pathValidator.initialize(validPath);
Optional.ofNullable(keyVaultConfig.getProperties().get(TLS_KEY_STORE_PATH)).map(Paths::get).filter(path -> !pathValidator.isValid(path, constraintValidatorContext)).ifPresent(b -> {
constraintValidatorContext.disableDefaultConstraintViolation();
constraintValidatorContext.buildConstraintViolationWithTemplate(String.format("%s: %s", TLS_KEY_STORE_PATH, validPath.message())).addConstraintViolation();
outcomes.add(Boolean.FALSE);
});
Optional.ofNullable(keyVaultConfig.getProperties().get(TLS_TRUST_STORE_PATH)).map(Paths::get).filter(path -> !pathValidator.isValid(path, constraintValidatorContext)).ifPresent(b -> {
constraintValidatorContext.disableDefaultConstraintViolation();
constraintValidatorContext.buildConstraintViolationWithTemplate(String.format("%s: %s", TLS_TRUST_STORE_PATH, validPath.message())).addConstraintViolation();
outcomes.add(Boolean.FALSE);
});
}
if (keyVaultType == KeyVaultType.AWS) {
// we do not require endpoint to be provided as AWS client will fallback to alternate methods
// (e.g. environment variables or properties files)
Optional.ofNullable(keyVaultConfig.getProperties().get(ENDPOINT)).filter(endpoint -> !endpoint.matches("^https?://.+$")).ifPresent(b -> {
constraintValidatorContext.disableDefaultConstraintViolation();
constraintValidatorContext.buildConstraintViolationWithTemplate(String.format("%s: must be a valid AWS service endpoint URL with scheme", ENDPOINT)).addConstraintViolation();
outcomes.add(Boolean.FALSE);
});
}
return outcomes.stream().allMatch(Boolean::booleanValue);
}
Also used :
KeyVaultType(com.quorum.tessera.config.KeyVaultType)
List(java.util.List)
DefaultKeyVaultConfig(com.quorum.tessera.config.DefaultKeyVaultConfig)
Paths(java.nio.file.Paths)
Optional(java.util.Optional)
ConstraintValidator(jakarta.validation.ConstraintValidator)
ConstraintValidatorContext(jakarta.validation.ConstraintValidatorContext)
ArrayList(java.util.ArrayList)
KeyVaultType(com.quorum.tessera.config.KeyVaultType)
ArrayList(java.util.ArrayList)
Paths(java.nio.file.Paths)
Example 2 with KeyVaultType
use of com.quorum.tessera.config.KeyVaultType in project tessera by ConsenSys.
the class KeyVaultServiceFactoryTest method getInstance.
@Test
public void getInstance() {
for (KeyVaultType keyVaultType : KeyVaultType.values()) {
KeyVaultServiceFactory otherKeyVaultServiceFactory = mock(KeyVaultServiceFactory.class);
when(otherKeyVaultServiceFactory.getType()).thenReturn(Stream.of(KeyVaultType.values()).filter(k -> k != keyVaultType).findAny().get());
KeyVaultServiceFactory expected = mock(KeyVaultServiceFactory.class);
when(expected.getType()).thenReturn(keyVaultType);
KeyVaultServiceFactory keyVaultServiceFactory;
try (var mockedStaticServiceLoader = mockStatic(ServiceLoader.class)) {
ServiceLoader<KeyVaultServiceFactory> serviceLoader = mock(ServiceLoader.class);
ServiceLoader.Provider<KeyVaultServiceFactory> provider = mock(ServiceLoader.Provider.class);
when(provider.get()).thenReturn(expected);
ServiceLoader.Provider<KeyVaultServiceFactory> otherProvider = mock(ServiceLoader.Provider.class);
when(otherProvider.get()).thenReturn(otherKeyVaultServiceFactory);
when(serviceLoader.stream()).thenReturn(Stream.of(provider, otherProvider).unordered());
mockedStaticServiceLoader.when(() -> ServiceLoader.load(KeyVaultServiceFactory.class)).thenReturn(serviceLoader);
keyVaultServiceFactory = KeyVaultServiceFactory.getInstance(keyVaultType);
verify(serviceLoader).stream();
verifyNoMoreInteractions(serviceLoader);
verify(provider).get();
verifyNoMoreInteractions(provider);
mockedStaticServiceLoader.verify(() -> ServiceLoader.load(KeyVaultServiceFactory.class));
mockedStaticServiceLoader.verifyNoMoreInteractions();
}
assertThat(keyVaultServiceFactory).isSameAs(expected);
}
}
Also used :
Mockito(org.mockito.Mockito)
KeyVaultType(com.quorum.tessera.config.KeyVaultType)
Stream(java.util.stream.Stream)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
ServiceLoader(java.util.ServiceLoader)
Test(org.junit.Test)
Mockito.verify(org.mockito.Mockito.verify)
ServiceLoader(java.util.ServiceLoader)
KeyVaultType(com.quorum.tessera.config.KeyVaultType)
Test(org.junit.Test)
Aggregations
KeyVaultType (com.quorum.tessera.config.KeyVaultType)2
DefaultKeyVaultConfig (com.quorum.tessera.config.DefaultKeyVaultConfig)1
ConstraintValidator (jakarta.validation.ConstraintValidator)1
ConstraintValidatorContext (jakarta.validation.ConstraintValidatorContext)1
Paths (java.nio.file.Paths)1
ArrayList (java.util.ArrayList)1
List (java.util.List)1
Optional (java.util.Optional)1
ServiceLoader (java.util.ServiceLoader)1
Stream (java.util.stream.Stream)1
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)1
Test (org.junit.Test)1
Mockito (org.mockito.Mockito)1
Mockito.verify (org.mockito.Mockito.verify)1
