Search in sources :

Example 6 with ServiceKeytabRequest

use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest in project cloudbreak by hortonworks.

the class ServiceKeytabServiceTest method testGetExistingCached.

@Test
public void testGetExistingCached() throws FreeIpaClientException {
    ServiceKeytabRequest request = new ServiceKeytabRequest();
    request.setEnvironmentCrn(ENVIRONMENT_CRN);
    request.setServiceName(SERVICE_NAME);
    request.setServerHostName(HOST);
    when(keytabCacheService.findByEnvironmentCrnAndPrincipal(ENVIRONMENT_CRN, PRINCIPAL)).thenReturn(Optional.of(keytabCache));
    ServiceKeytabResponse result = underTest.getExistingServiceKeytab(request, ACCOUNT_ID);
    assertEquals(keytabResponse, result.getKeytab());
    assertEquals(principalResponse, result.getServicePrincipal());
}
Also used : ServiceKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest) ServiceKeytabResponse(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse) Test(org.junit.jupiter.api.Test)

Example 7 with ServiceKeytabRequest

use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest in project cloudbreak by hortonworks.

the class ServiceKeytabServiceTest method testGenerateExistingCached.

@Test
public void testGenerateExistingCached() throws FreeIpaClientException {
    ServiceKeytabRequest request = new ServiceKeytabRequest();
    request.setEnvironmentCrn(ENVIRONMENT_CRN);
    request.setServiceName(SERVICE_NAME);
    request.setServerHostName(HOST);
    request.setDoNotRecreateKeytab(Boolean.TRUE);
    when(keytabCacheService.findByEnvironmentCrnAndPrincipal(ENVIRONMENT_CRN, PRINCIPAL)).thenReturn(Optional.of(keytabCache));
    ServiceKeytabResponse result = underTest.generateServiceKeytab(request, ACCOUNT_ID);
    assertEquals(keytabResponse, result.getKeytab());
    assertEquals(principalResponse, result.getServicePrincipal());
}
Also used : ServiceKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest) ServiceKeytabResponse(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse) Test(org.junit.jupiter.api.Test)

Example 8 with ServiceKeytabRequest

use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest in project cloudbreak by hortonworks.

the class ServiceKeytabServiceTest method testGenerateExistingNotCachedDoNotRecreateTrue.

@Test
public void testGenerateExistingNotCachedDoNotRecreateTrue() throws FreeIpaClientException {
    ServiceKeytabRequest request = new ServiceKeytabRequest();
    request.setEnvironmentCrn(ENVIRONMENT_CRN);
    request.setServiceName(SERVICE_NAME);
    request.setServerHostName(HOST);
    request.setDoNotRecreateKeytab(Boolean.TRUE);
    request.setServerHostNameAlias(ALIAS);
    RoleRequest roleRequest = new RoleRequest();
    request.setRoleRequest(roleRequest);
    when(keytabCacheService.findByEnvironmentCrnAndPrincipal(ENVIRONMENT_CRN, PRINCIPAL)).thenReturn(Optional.empty());
    FreeIpaClient ipaClient = mock(FreeIpaClient.class);
    when(freeIpaClientFactory.getFreeIpaClientForStack(stack)).thenReturn(ipaClient);
    when(roleComponent.privilegesExist(roleRequest, ipaClient)).thenReturn(Boolean.TRUE);
    Service service = new Service();
    service.setKrbcanonicalname(PRINCIPAL);
    service.setHasKeytab(Boolean.TRUE);
    when(ipaClient.showService(PRINCIPAL)).thenReturn(service);
    when(keytabCommonService.constructPrincipal(SERVICE_NAME, ALIAS, REALM)).thenReturn(ALIAS_PRINCIPAL);
    when(keytabCommonService.getExistingKeytab(ENVIRONMENT_CRN, PRINCIPAL, HOST, ipaClient)).thenReturn(keytabCache);
    ServiceKeytabResponse result = underTest.generateServiceKeytab(request, ACCOUNT_ID);
    verify(ipaClient).addServiceAlias(PRINCIPAL, ALIAS_PRINCIPAL);
    verify(roleComponent).addRoleAndPrivileges(Optional.of(service), Optional.empty(), roleRequest, ipaClient);
    assertEquals(keytabResponse, result.getKeytab());
    assertEquals(principalResponse, result.getServicePrincipal());
}
Also used : ServiceKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest) FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) Service(com.sequenceiq.freeipa.client.model.Service) ServiceKeytabResponse(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse) RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest) Test(org.junit.jupiter.api.Test)

Example 9 with ServiceKeytabRequest

use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest in project cloudbreak by hortonworks.

the class ServiceKeytabServiceTest method testGenerateExistingCachedDoNotRecreateFalse.

@Test
public void testGenerateExistingCachedDoNotRecreateFalse() throws FreeIpaClientException {
    ServiceKeytabRequest request = new ServiceKeytabRequest();
    request.setEnvironmentCrn(ENVIRONMENT_CRN);
    request.setServiceName(SERVICE_NAME);
    request.setServerHostName(HOST);
    request.setDoNotRecreateKeytab(Boolean.FALSE);
    request.setServerHostNameAlias(ALIAS);
    RoleRequest roleRequest = new RoleRequest();
    request.setRoleRequest(roleRequest);
    when(keytabCacheService.findByEnvironmentCrnAndPrincipal(ENVIRONMENT_CRN, PRINCIPAL)).thenReturn(Optional.of(keytabCache));
    FreeIpaClient ipaClient = mock(FreeIpaClient.class);
    when(freeIpaClientFactory.getFreeIpaClientForStack(stack)).thenReturn(ipaClient);
    when(roleComponent.privilegesExist(roleRequest, ipaClient)).thenReturn(Boolean.TRUE);
    Service service = new Service();
    service.setKrbcanonicalname(PRINCIPAL);
    when(ipaClient.showService(PRINCIPAL)).thenReturn(service);
    when(keytabCommonService.constructPrincipal(SERVICE_NAME, ALIAS, REALM)).thenReturn(ALIAS_PRINCIPAL);
    when(keytabCommonService.getKeytab(ENVIRONMENT_CRN, PRINCIPAL, HOST, ipaClient)).thenReturn(keytabCache);
    ServiceKeytabResponse result = underTest.generateServiceKeytab(request, ACCOUNT_ID);
    verify(keytabCommonService).addHost(eq(HOST), isNull(), eq(ipaClient));
    verify(ipaClient).addServiceAlias(PRINCIPAL, ALIAS_PRINCIPAL);
    verify(roleComponent).addRoleAndPrivileges(Optional.of(service), Optional.empty(), roleRequest, ipaClient);
    assertEquals(keytabResponse, result.getKeytab());
    assertEquals(principalResponse, result.getServicePrincipal());
}
Also used : ServiceKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest) FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) Service(com.sequenceiq.freeipa.client.model.Service) ServiceKeytabResponse(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse) RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest) Test(org.junit.jupiter.api.Test)

Example 10 with ServiceKeytabRequest

use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest in project cloudbreak by hortonworks.

the class ServiceKeytabServiceTest method testGenerateExistingNotCachedServiceMissingAddThrowDuplicate.

@Test
public void testGenerateExistingNotCachedServiceMissingAddThrowDuplicate() throws FreeIpaClientException {
    ServiceKeytabRequest request = new ServiceKeytabRequest();
    request.setEnvironmentCrn(ENVIRONMENT_CRN);
    request.setServiceName(SERVICE_NAME);
    request.setServerHostName(HOST);
    request.setDoNotRecreateKeytab(Boolean.TRUE);
    request.setServerHostNameAlias(ALIAS);
    RoleRequest roleRequest = new RoleRequest();
    request.setRoleRequest(roleRequest);
    when(keytabCacheService.findByEnvironmentCrnAndPrincipal(ENVIRONMENT_CRN, PRINCIPAL)).thenReturn(Optional.empty());
    FreeIpaClient ipaClient = mock(FreeIpaClient.class);
    when(freeIpaClientFactory.getFreeIpaClientForStack(stack)).thenReturn(ipaClient);
    when(roleComponent.privilegesExist(roleRequest, ipaClient)).thenReturn(Boolean.TRUE);
    Service service = new Service();
    service.setKrbcanonicalname(PRINCIPAL);
    service.setHasKeytab(Boolean.TRUE);
    when(ipaClient.showService(PRINCIPAL)).thenThrow(new FreeIpaClientException("notfound", new JsonRpcClientException(NOT_FOUND.getValue(), "notfound", null))).thenReturn(service);
    when(ipaClient.addService(PRINCIPAL)).thenThrow(new FreeIpaClientException("notfound", new JsonRpcClientException(DUPLICATE_ENTRY.getValue(), "notfound", null)));
    when(keytabCommonService.constructPrincipal(SERVICE_NAME, ALIAS, REALM)).thenReturn(ALIAS_PRINCIPAL);
    when(keytabCommonService.getExistingKeytab(ENVIRONMENT_CRN, PRINCIPAL, HOST, ipaClient)).thenReturn(keytabCache);
    ServiceKeytabResponse result = underTest.generateServiceKeytab(request, ACCOUNT_ID);
    verify(ipaClient).addServiceAlias(PRINCIPAL, ALIAS_PRINCIPAL);
    verify(roleComponent).addRoleAndPrivileges(Optional.of(service), Optional.empty(), roleRequest, ipaClient);
    assertEquals(keytabResponse, result.getKeytab());
    assertEquals(principalResponse, result.getServicePrincipal());
}
Also used : ServiceKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest) JsonRpcClientException(com.googlecode.jsonrpc4j.JsonRpcClientException) FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) Service(com.sequenceiq.freeipa.client.model.Service) FreeIpaClientException(com.sequenceiq.freeipa.client.FreeIpaClientException) ServiceKeytabResponse(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse) RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest) Test(org.junit.jupiter.api.Test)

Aggregations

ServiceKeytabRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest)16 Test (org.junit.jupiter.api.Test)12 RoleRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)8 ServiceKeytabResponse (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse)8 FreeIpaClient (com.sequenceiq.freeipa.client.FreeIpaClient)7 Service (com.sequenceiq.freeipa.client.model.Service)5 JsonRpcClientException (com.googlecode.jsonrpc4j.JsonRpcClientException)3 FreeIpaClientException (com.sequenceiq.freeipa.client.FreeIpaClientException)3 Stack (com.sequenceiq.cloudbreak.domain.stack.Stack)2 GatewayConfig (com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)2 SecretResponse (com.sequenceiq.cloudbreak.service.secret.model.SecretResponse)2 Test (org.junit.Test)2 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)2 TestFailException (com.sequenceiq.it.cloudbreak.exception.TestFailException)1 WebApplicationException (javax.ws.rs.WebApplicationException)1