Search in sources :

Example 1 with HostKeytabRequest

use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest in project cloudbreak by hortonworks.

the class FreeIpaUpgradeTests method generateHostKeyTab.

private void generateHostKeyTab(com.sequenceiq.freeipa.api.client.FreeIpaClient ipaClient, String environmentCrn) {
    try {
        HostKeytabRequest hostKeytabRequest = new HostKeytabRequest();
        hostKeytabRequest.setEnvironmentCrn(environmentCrn);
        hostKeytabRequest.setServerHostName("test.local");
        hostKeytabRequest.setDoNotRecreateKeytab(Boolean.FALSE);
        ipaClient.getKerberosMgmtV1Endpoint().generateHostKeytab(hostKeytabRequest);
    } catch (Exception e) {
        logger.error("Generate Host keytab test failed during upgrade", e);
        throw new TestFailException("Generate Host keytab test failed during upgrade with: " + e.getMessage(), e);
    }
}
Also used : HostKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest) TestFailException(com.sequenceiq.it.cloudbreak.exception.TestFailException) WebApplicationException(javax.ws.rs.WebApplicationException) TestFailException(com.sequenceiq.it.cloudbreak.exception.TestFailException)

Example 2 with HostKeytabRequest

use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest in project cloudbreak by hortonworks.

the class KerberosMgmtVaultComponentV1Test method testGetSecretResponseForKeytabWithHost.

@Test
public void testGetSecretResponseForKeytabWithHost() throws Exception {
    String expectedPath = "account1/HostKeytab/keytab/12345-6789/54321-9876/host1";
    SecretResponse expectedSecretResponse = new SecretResponse();
    expectedSecretResponse.setEnginePath(ENGINE_PATH);
    expectedSecretResponse.setSecretPath(expectedPath);
    HostKeytabRequest hostKeytabRequest = new HostKeytabRequest();
    hostKeytabRequest.setEnvironmentCrn(ENVIRONMENT_ID);
    hostKeytabRequest.setClusterCrn(CLUSTER_ID);
    hostKeytabRequest.setServerHostName(HOST);
    Mockito.when(secretService.put(anyString(), anyString())).thenReturn(SECRET);
    Mockito.when(stringToSecretResponseConverter.convert(anyString())).thenReturn(expectedSecretResponse);
    Assertions.assertEquals(expectedSecretResponse, underTest.getSecretResponseForKeytab(hostKeytabRequest, ACCOUNT, KEYTAB));
    Mockito.verify(secretService).put(expectedPath, KEYTAB);
    Mockito.verify(stringToSecretResponseConverter).convert(SECRET);
}
Also used : SecretResponse(com.sequenceiq.cloudbreak.service.secret.model.SecretResponse) HostKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Test(org.junit.jupiter.api.Test)

Example 3 with HostKeytabRequest

use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest in project cloudbreak by hortonworks.

the class HostKeytabServiceTest method testGenerateHostKeytabPrivilegeDoesntExist.

@Test
public void testGenerateHostKeytabPrivilegeDoesntExist() throws FreeIpaClientException {
    HostKeytabRequest request = new HostKeytabRequest();
    request.setEnvironmentCrn(ENVIRONMENT_CRN);
    request.setRoleRequest(new RoleRequest());
    Stack stack = new Stack();
    when(keytabCommonService.getFreeIpaStackWithMdcContext(request.getEnvironmentCrn(), ACCOUNT_ID)).thenReturn(stack);
    FreeIpaClient freeIpaClient = mock(FreeIpaClient.class);
    when(freeIpaClientFactory.getFreeIpaClientForStack(stack)).thenReturn(freeIpaClient);
    when(roleComponent.privilegesExist(request.getRoleRequest(), freeIpaClient)).thenReturn(Boolean.FALSE);
    assertThrows(BadRequestException.class, () -> underTest.generateHostKeytab(request, ACCOUNT_ID));
}
Also used : HostKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest) FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest) Stack(com.sequenceiq.freeipa.entity.Stack) Test(org.junit.jupiter.api.Test)

Example 4 with HostKeytabRequest

use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest in project cloudbreak by hortonworks.

the class HostKeytabServiceTest method testGetExistingHostKeytabRoleRequestSet.

@Test
public void testGetExistingHostKeytabRoleRequestSet() {
    HostKeytabRequest request = new HostKeytabRequest();
    request.setEnvironmentCrn(ENVIRONMENT_CRN);
    request.setRoleRequest(new RoleRequest());
    assertThrows(BadRequestException.class, () -> underTest.getExistingHostKeytab(request, ACCOUNT_ID));
}
Also used : HostKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest) RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest) Test(org.junit.jupiter.api.Test)

Example 5 with HostKeytabRequest

use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest in project cloudbreak by hortonworks.

the class HostKeytabServiceTest method testGenerateHostKeytabHostDontHaveKeytab.

@Test
public void testGenerateHostKeytabHostDontHaveKeytab() throws FreeIpaClientException {
    HostKeytabRequest request = new HostKeytabRequest();
    request.setEnvironmentCrn(ENVIRONMENT_CRN);
    request.setRoleRequest(new RoleRequest());
    request.setDoNotRecreateKeytab(Boolean.TRUE);
    request.setServerHostName("asdf");
    Stack stack = new Stack();
    when(keytabCommonService.getFreeIpaStackWithMdcContext(request.getEnvironmentCrn(), ACCOUNT_ID)).thenReturn(stack);
    FreeIpaClient freeIpaClient = mock(FreeIpaClient.class);
    when(freeIpaClientFactory.getFreeIpaClientForStack(stack)).thenReturn(freeIpaClient);
    when(roleComponent.privilegesExist(request.getRoleRequest(), freeIpaClient)).thenReturn(Boolean.TRUE);
    Host host = new Host();
    host.setHasKeytab(Boolean.FALSE);
    host.setKrbprincipalname("dfdf");
    when(keytabCommonService.addHost(request.getServerHostName(), request.getRoleRequest(), freeIpaClient)).thenReturn(host);
    KeytabCache keytabCache = mock(KeytabCache.class);
    Secret keytabSecret = new Secret("keytab", "keytabSecret");
    Secret principalSecret = new Secret("principal", "principalSecret");
    when(keytabCache.getKeytab()).thenReturn(keytabSecret);
    when(keytabCache.getPrincipal()).thenReturn(principalSecret);
    when(keytabCommonService.getKeytab(request.getEnvironmentCrn(), host.getKrbprincipalname(), request.getServerHostName(), freeIpaClient)).thenReturn(keytabCache);
    SecretResponse keytabResponse = new SecretResponse();
    keytabResponse.setSecretPath("keytabPath");
    when(secretResponseConverter.convert(keytabCache.getKeytab().getSecret())).thenReturn(keytabResponse);
    SecretResponse principalResponse = new SecretResponse();
    principalResponse.setSecretPath("principalPath");
    when(secretResponseConverter.convert(keytabCache.getPrincipal().getSecret())).thenReturn(principalResponse);
    HostKeytabResponse response = underTest.generateHostKeytab(request, ACCOUNT_ID);
    assertEquals(keytabResponse, response.getKeytab());
    assertEquals(principalResponse, response.getHostPrincipal());
}
Also used : Secret(com.sequenceiq.cloudbreak.service.secret.domain.Secret) SecretResponse(com.sequenceiq.cloudbreak.service.secret.model.SecretResponse) HostKeytabResponse(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabResponse) KeytabCache(com.sequenceiq.freeipa.entity.KeytabCache) HostKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest) FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) Host(com.sequenceiq.freeipa.client.model.Host) RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest) Stack(com.sequenceiq.freeipa.entity.Stack) Test(org.junit.jupiter.api.Test)

Aggregations

HostKeytabRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest)9 Test (org.junit.jupiter.api.Test)8 SecretResponse (com.sequenceiq.cloudbreak.service.secret.model.SecretResponse)6 RoleRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)5 FreeIpaClient (com.sequenceiq.freeipa.client.FreeIpaClient)5 Stack (com.sequenceiq.freeipa.entity.Stack)5 Secret (com.sequenceiq.cloudbreak.service.secret.domain.Secret)4 HostKeytabResponse (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabResponse)4 Host (com.sequenceiq.freeipa.client.model.Host)4 KeytabCache (com.sequenceiq.freeipa.entity.KeytabCache)4 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)2 TestFailException (com.sequenceiq.it.cloudbreak.exception.TestFailException)1 WebApplicationException (javax.ws.rs.WebApplicationException)1