Search in sources :

Example 1 with KeyVaultType

use of com.quorum.tessera.config.KeyVaultType in project tessera by ConsenSys.

the class KeyVaultConfigValidator method isValid.

@Override
public boolean isValid(DefaultKeyVaultConfig keyVaultConfig, ConstraintValidatorContext constraintValidatorContext) {
    if (keyVaultConfig == null || keyVaultConfig.getKeyVaultType() == null) {
        return true;
    }
    KeyVaultType keyVaultType = keyVaultConfig.getKeyVaultType();
    List<Boolean> outcomes = new ArrayList<>();
    if (keyVaultType == KeyVaultType.AZURE) {
        if (!keyVaultConfig.getProperties().containsKey("url")) {
            constraintValidatorContext.disableDefaultConstraintViolation();
            constraintValidatorContext.buildConstraintViolationWithTemplate(String.format("%s: is required", URL)).addConstraintViolation();
            outcomes.add(Boolean.FALSE);
        }
    }
    if (keyVaultType == KeyVaultType.HASHICORP) {
        if (!keyVaultConfig.getProperties().containsKey(URL)) {
            constraintValidatorContext.disableDefaultConstraintViolation();
            constraintValidatorContext.buildConstraintViolationWithTemplate(String.format("%s: is required", URL)).addConstraintViolation();
            outcomes.add(Boolean.FALSE);
        }
        final ValidPath validPath = this.getClass().getAnnotation(ValidPath.class);
        final PathValidator pathValidator = new PathValidator();
        pathValidator.initialize(validPath);
        Optional.ofNullable(keyVaultConfig.getProperties().get(TLS_KEY_STORE_PATH)).map(Paths::get).filter(path -> !pathValidator.isValid(path, constraintValidatorContext)).ifPresent(b -> {
            constraintValidatorContext.disableDefaultConstraintViolation();
            constraintValidatorContext.buildConstraintViolationWithTemplate(String.format("%s: %s", TLS_KEY_STORE_PATH, validPath.message())).addConstraintViolation();
            outcomes.add(Boolean.FALSE);
        });
        Optional.ofNullable(keyVaultConfig.getProperties().get(TLS_TRUST_STORE_PATH)).map(Paths::get).filter(path -> !pathValidator.isValid(path, constraintValidatorContext)).ifPresent(b -> {
            constraintValidatorContext.disableDefaultConstraintViolation();
            constraintValidatorContext.buildConstraintViolationWithTemplate(String.format("%s: %s", TLS_TRUST_STORE_PATH, validPath.message())).addConstraintViolation();
            outcomes.add(Boolean.FALSE);
        });
    }
    if (keyVaultType == KeyVaultType.AWS) {
        // we do not require endpoint to be provided as AWS client will fallback to alternate methods
        // (e.g. environment variables or properties files)
        Optional.ofNullable(keyVaultConfig.getProperties().get(ENDPOINT)).filter(endpoint -> !endpoint.matches("^https?://.+$")).ifPresent(b -> {
            constraintValidatorContext.disableDefaultConstraintViolation();
            constraintValidatorContext.buildConstraintViolationWithTemplate(String.format("%s: must be a valid AWS service endpoint URL with scheme", ENDPOINT)).addConstraintViolation();
            outcomes.add(Boolean.FALSE);
        });
    }
    return outcomes.stream().allMatch(Boolean::booleanValue);
}
Also used : KeyVaultType(com.quorum.tessera.config.KeyVaultType) List(java.util.List) DefaultKeyVaultConfig(com.quorum.tessera.config.DefaultKeyVaultConfig) Paths(java.nio.file.Paths) Optional(java.util.Optional) ConstraintValidator(jakarta.validation.ConstraintValidator) ConstraintValidatorContext(jakarta.validation.ConstraintValidatorContext) ArrayList(java.util.ArrayList) KeyVaultType(com.quorum.tessera.config.KeyVaultType) ArrayList(java.util.ArrayList) Paths(java.nio.file.Paths)

Example 2 with KeyVaultType

use of com.quorum.tessera.config.KeyVaultType in project tessera by ConsenSys.

the class KeyVaultServiceFactoryTest method getInstance.

@Test
public void getInstance() {
    for (KeyVaultType keyVaultType : KeyVaultType.values()) {
        KeyVaultServiceFactory otherKeyVaultServiceFactory = mock(KeyVaultServiceFactory.class);
        when(otherKeyVaultServiceFactory.getType()).thenReturn(Stream.of(KeyVaultType.values()).filter(k -> k != keyVaultType).findAny().get());
        KeyVaultServiceFactory expected = mock(KeyVaultServiceFactory.class);
        when(expected.getType()).thenReturn(keyVaultType);
        KeyVaultServiceFactory keyVaultServiceFactory;
        try (var mockedStaticServiceLoader = mockStatic(ServiceLoader.class)) {
            ServiceLoader<KeyVaultServiceFactory> serviceLoader = mock(ServiceLoader.class);
            ServiceLoader.Provider<KeyVaultServiceFactory> provider = mock(ServiceLoader.Provider.class);
            when(provider.get()).thenReturn(expected);
            ServiceLoader.Provider<KeyVaultServiceFactory> otherProvider = mock(ServiceLoader.Provider.class);
            when(otherProvider.get()).thenReturn(otherKeyVaultServiceFactory);
            when(serviceLoader.stream()).thenReturn(Stream.of(provider, otherProvider).unordered());
            mockedStaticServiceLoader.when(() -> ServiceLoader.load(KeyVaultServiceFactory.class)).thenReturn(serviceLoader);
            keyVaultServiceFactory = KeyVaultServiceFactory.getInstance(keyVaultType);
            verify(serviceLoader).stream();
            verifyNoMoreInteractions(serviceLoader);
            verify(provider).get();
            verifyNoMoreInteractions(provider);
            mockedStaticServiceLoader.verify(() -> ServiceLoader.load(KeyVaultServiceFactory.class));
            mockedStaticServiceLoader.verifyNoMoreInteractions();
        }
        assertThat(keyVaultServiceFactory).isSameAs(expected);
    }
}
Also used : Mockito(org.mockito.Mockito) KeyVaultType(com.quorum.tessera.config.KeyVaultType) Stream(java.util.stream.Stream) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) ServiceLoader(java.util.ServiceLoader) Test(org.junit.Test) Mockito.verify(org.mockito.Mockito.verify) ServiceLoader(java.util.ServiceLoader) KeyVaultType(com.quorum.tessera.config.KeyVaultType) Test(org.junit.Test)

Aggregations

KeyVaultType (com.quorum.tessera.config.KeyVaultType)2 DefaultKeyVaultConfig (com.quorum.tessera.config.DefaultKeyVaultConfig)1 ConstraintValidator (jakarta.validation.ConstraintValidator)1 ConstraintValidatorContext (jakarta.validation.ConstraintValidatorContext)1 Paths (java.nio.file.Paths)1 ArrayList (java.util.ArrayList)1 List (java.util.List)1 Optional (java.util.Optional)1 ServiceLoader (java.util.ServiceLoader)1 Stream (java.util.stream.Stream)1 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)1 Test (org.junit.Test)1 Mockito (org.mockito.Mockito)1 Mockito.verify (org.mockito.Mockito.verify)1