Search in sources :

Example 11 with EnvironmentVariableProvider

use of com.quorum.tessera.config.util.EnvironmentVariableProvider in project tessera by ConsenSys.

the class HashicorpKeyVaultServiceFactoryUtilTest method configureClientAuthenticationIfOnlyRoleIdAndSecretIdSetThenAppRoleMethod.

@Test
public void configureClientAuthenticationIfOnlyRoleIdAndSecretIdSetThenAppRoleMethod() {
    KeyVaultConfig keyVaultConfig = mock(KeyVaultConfig.class);
    EnvironmentVariableProvider envProvider = mock(EnvironmentVariableProvider.class);
    ClientHttpRequestFactory clientHttpRequestFactory = mock(ClientHttpRequestFactory.class);
    VaultEndpoint vaultEndpoint = mock(VaultEndpoint.class);
    when(envProvider.getEnv(HASHICORP_ROLE_ID)).thenReturn("role-id");
    when(envProvider.getEnv(HASHICORP_SECRET_ID)).thenReturn("secret-id");
    when(envProvider.getEnv(HASHICORP_TOKEN)).thenReturn(null);
    when(keyVaultConfig.getProperty("approlePath")).thenReturn(Optional.of("somepath"));
    ClientAuthentication result = util.configureClientAuthentication(keyVaultConfig, envProvider, clientHttpRequestFactory, vaultEndpoint);
    assertThat(result).isInstanceOf(AppRoleAuthentication.class);
}
Also used : EnvironmentVariableProvider(com.quorum.tessera.config.util.EnvironmentVariableProvider) KeyVaultConfig(com.quorum.tessera.config.KeyVaultConfig) ClientHttpRequestFactory(org.springframework.http.client.ClientHttpRequestFactory) OkHttp3ClientHttpRequestFactory(org.springframework.http.client.OkHttp3ClientHttpRequestFactory) ClientAuthentication(org.springframework.vault.authentication.ClientAuthentication) VaultEndpoint(org.springframework.vault.client.VaultEndpoint) Test(org.junit.Test)

Example 12 with EnvironmentVariableProvider

use of com.quorum.tessera.config.util.EnvironmentVariableProvider in project tessera by ConsenSys.

the class HashicorpKeyVaultServiceFactoryUtilTest method configureSslUsesNoKeyStoresIfNoneProvided.

@Test
public void configureSslUsesNoKeyStoresIfNoneProvided() {
    KeyVaultConfig keyVaultConfig = mock(KeyVaultConfig.class);
    EnvironmentVariableProvider envProvider = mock(EnvironmentVariableProvider.class);
    when(keyVaultConfig.getProperty("tlsKeyStorePath")).thenReturn(Optional.empty());
    when(keyVaultConfig.getProperty("tlsTrustStorePath")).thenReturn(Optional.empty());
    SslConfiguration result = util.configureSsl(keyVaultConfig, envProvider);
    assertThat(result.getKeyStoreConfiguration().isPresent()).isFalse();
    assertThat(result.getTrustStoreConfiguration().isPresent()).isFalse();
}
Also used : EnvironmentVariableProvider(com.quorum.tessera.config.util.EnvironmentVariableProvider) KeyVaultConfig(com.quorum.tessera.config.KeyVaultConfig) SslConfiguration(org.springframework.vault.support.SslConfiguration) Test(org.junit.Test)

Example 13 with EnvironmentVariableProvider

use of com.quorum.tessera.config.util.EnvironmentVariableProvider in project tessera by ConsenSys.

the class AzureKeyVaultServiceFactory method create.

@Override
public KeyVaultService create(Config config, EnvironmentVariableProvider envProvider) {
    Objects.requireNonNull(config);
    final KeyVaultConfig keyVaultConfig = Optional.ofNullable(config.getKeys()).flatMap(k -> k.getKeyVaultConfig(KeyVaultType.AZURE)).orElseThrow(() -> new ConfigException(new RuntimeException("Trying to create Azure key vault connection but no Azure configuration provided")));
    final String url = keyVaultConfig.getProperty("url").orElseThrow(() -> new ConfigException(new RuntimeException("No Azure Key Vault url provided")));
    final SecretClient secretClient = new SecretClientBuilder().vaultUrl(url).httpLogOptions(new HttpLogOptions().setLogLevel(HttpLogDetailLevel.BODY_AND_HEADERS)).credential(new DefaultAzureCredentialBuilder().build()).buildClient();
    return new AzureKeyVaultService(secretClient);
}
Also used : KeyVaultType(com.quorum.tessera.config.KeyVaultType) KeyVaultConfig(com.quorum.tessera.config.KeyVaultConfig) DefaultAzureCredentialBuilder(com.azure.identity.DefaultAzureCredentialBuilder) HttpLogOptions(com.azure.core.http.policy.HttpLogOptions) SecretClientBuilder(com.azure.security.keyvault.secrets.SecretClientBuilder) KeyVaultService(com.quorum.tessera.key.vault.KeyVaultService) KeyVaultServiceFactory(com.quorum.tessera.key.vault.KeyVaultServiceFactory) Objects(java.util.Objects) ConfigException(com.quorum.tessera.config.ConfigException) Optional(java.util.Optional) SecretClient(com.azure.security.keyvault.secrets.SecretClient) Config(com.quorum.tessera.config.Config) EnvironmentVariableProvider(com.quorum.tessera.config.util.EnvironmentVariableProvider) HttpLogDetailLevel(com.azure.core.http.policy.HttpLogDetailLevel) DefaultAzureCredentialBuilder(com.azure.identity.DefaultAzureCredentialBuilder) SecretClientBuilder(com.azure.security.keyvault.secrets.SecretClientBuilder) KeyVaultConfig(com.quorum.tessera.config.KeyVaultConfig) ConfigException(com.quorum.tessera.config.ConfigException) HttpLogOptions(com.azure.core.http.policy.HttpLogOptions) SecretClient(com.azure.security.keyvault.secrets.SecretClient)

Example 14 with EnvironmentVariableProvider

use of com.quorum.tessera.config.util.EnvironmentVariableProvider in project tessera by ConsenSys.

the class KeyGeneratorFactoryTest method fileKeyGeneratorWhenKeyVaultConfigNotProvided.

@Test
public void fileKeyGeneratorWhenKeyVaultConfigNotProvided() {
    final EnvironmentVariableProvider envProvider = mock(EnvironmentVariableProvider.class);
    EncryptorConfig encryptorConfig = mock(EncryptorConfig.class);
    when(encryptorConfig.getType()).thenReturn(EncryptorType.EC);
    when(encryptorConfig.getProperties()).thenReturn(Collections.EMPTY_MAP);
    final KeyGenerator keyGenerator = KeyGeneratorFactory.create().create(null, encryptorConfig);
    when(envProvider.getEnv(anyString())).thenReturn("env");
    assertThat(keyGenerator).isNotNull();
    assertThat(keyGenerator).isExactlyInstanceOf(FileKeyGenerator.class);
}
Also used : EnvironmentVariableProvider(com.quorum.tessera.config.util.EnvironmentVariableProvider) EncryptorConfig(com.quorum.tessera.config.EncryptorConfig) Test(org.junit.Test)

Aggregations

EnvironmentVariableProvider (com.quorum.tessera.config.util.EnvironmentVariableProvider)14 KeyVaultConfig (com.quorum.tessera.config.KeyVaultConfig)10 Test (org.junit.Test)10 ClientHttpRequestFactory (org.springframework.http.client.ClientHttpRequestFactory)7 VaultEndpoint (org.springframework.vault.client.VaultEndpoint)7 OkHttp3ClientHttpRequestFactory (org.springframework.http.client.OkHttp3ClientHttpRequestFactory)6 ClientAuthentication (org.springframework.vault.authentication.ClientAuthentication)4 SslConfiguration (org.springframework.vault.support.SslConfiguration)4 KeyVaultService (com.quorum.tessera.key.vault.KeyVaultService)3 KeyVaultServiceFactory (com.quorum.tessera.key.vault.KeyVaultServiceFactory)3 Assertions.catchThrowable (org.assertj.core.api.Assertions.catchThrowable)3 EncryptorConfig (com.quorum.tessera.config.EncryptorConfig)2 KeyEncryptor (com.quorum.tessera.config.keys.KeyEncryptor)2 KeyEncryptorFactory (com.quorum.tessera.config.keys.KeyEncryptorFactory)2 Path (java.nio.file.Path)2 Objects (java.util.Objects)2 Optional (java.util.Optional)2 HttpLogDetailLevel (com.azure.core.http.policy.HttpLogDetailLevel)1 HttpLogOptions (com.azure.core.http.policy.HttpLogOptions)1 DefaultAzureCredentialBuilder (com.azure.identity.DefaultAzureCredentialBuilder)1