use of com.yahoo.athenz.common.server.cert.X509CertRecord in project athenz by yahoo.
the class DynamoDBCertRecordStoreConnectionTest method testGetX509CertRecord.
@Test
public void testGetX509CertRecord() {
Date now = new Date();
long tstamp = mockNonNullableColumns(now, false);
Mockito.doReturn(tstamp).when(item).getLong("lastNotifiedTime");
Mockito.doReturn(tstamp).when(item).get("lastNotifiedTime");
Mockito.doReturn("last-notified-server").when(item).getString("lastNotifiedServer");
Mockito.doReturn(tstamp).when(item).getLong("expiryTime");
Mockito.doReturn(tstamp).when(item).get("expiryTime");
Mockito.doReturn("hostname").when(item).getString("hostName");
DynamoDBCertRecordStoreConnection dbConn = getDBConnection();
dbConn.setOperationTimeout(10);
X509CertRecord certRecord = dbConn.getX509CertRecord("athenz.provider", "1234", "cn");
assertNonNullableColumns(now, certRecord);
assertEquals(certRecord.getLastNotifiedTime(), now);
assertEquals(certRecord.getLastNotifiedServer(), "last-notified-server");
assertEquals(certRecord.getExpiryTime(), now);
assertEquals(certRecord.getHostName(), "hostname");
assertEquals(certRecord.getClientCert(), false);
dbConn.close();
}
use of com.yahoo.athenz.common.server.cert.X509CertRecord in project athenz by yahoo.
the class DynamoDBCertRecordStoreConnectionTest method testUpdateX509RecordNoHostName.
@Test
public void testUpdateX509RecordNoHostName() {
DynamoDBCertRecordStoreConnection dbConn = getDBConnection();
Date now = new Date();
X509CertRecord certRecord = getRecordNonNullableColumns(now);
certRecord.setLastNotifiedTime(now);
certRecord.setLastNotifiedServer("last-notified-server");
certRecord.setExpiryTime(now);
certRecord.setSvcDataUpdateTime(now);
UpdateItemSpec item = new UpdateItemSpec().withPrimaryKey("primaryKey", "athenz.provider:cn:1234").withAttributeUpdate(new AttributeUpdate("instanceId").put(certRecord.getInstanceId()), new AttributeUpdate("provider").put(certRecord.getProvider()), new AttributeUpdate("service").put(certRecord.getService()), new AttributeUpdate("currentSerial").put(certRecord.getCurrentSerial()), new AttributeUpdate("currentIP").put(certRecord.getCurrentIP()), new AttributeUpdate("currentTime").put(certRecord.getCurrentTime().getTime()), new AttributeUpdate("currentDate").put(DynamoDBUtils.getIso8601FromDate(certRecord.getCurrentTime())), new AttributeUpdate("prevSerial").put(certRecord.getPrevSerial()), new AttributeUpdate("prevIP").put(certRecord.getPrevIP()), new AttributeUpdate("prevTime").put(certRecord.getPrevTime().getTime()), new AttributeUpdate("clientCert").put(certRecord.getClientCert()), new AttributeUpdate("ttl").put(certRecord.getCurrentTime().getTime() / 1000L + 3660 * 720), new AttributeUpdate("svcDataUpdateTime").put(certRecord.getSvcDataUpdateTime().getTime()), new AttributeUpdate("expiryTime").put(certRecord.getExpiryTime().getTime()));
Mockito.doReturn(updateOutcome).when(table).updateItem(item);
boolean requestSuccess = dbConn.updateX509CertRecord(certRecord);
assertTrue(requestSuccess);
ArgumentCaptor<UpdateItemSpec> itemCaptor = ArgumentCaptor.forClass(UpdateItemSpec.class);
Mockito.verify(table, times(1)).updateItem(itemCaptor.capture());
List<UpdateItemSpec> allValues = itemCaptor.getAllValues();
assertEquals(1, allValues.size());
UpdateItemSpec capturedItem = allValues.get(0);
assertEquals(capturedItem.getKeyComponents().toArray()[0].toString(), item.getKeyComponents().toArray()[0].toString());
List<AttributeUpdate> capturedAttributes = capturedItem.getAttributeUpdate();
List<AttributeUpdate> expectedAttributes = item.getAttributeUpdate();
// Check everyone except the hostname (it will be filled with the primaryKey value as the hostName index doesn't allow nulls)
for (int i = 0; i < capturedAttributes.size() - 1; ++i) {
System.out.println("expected attr: " + expectedAttributes.get(i).getAttributeName() + ", value: " + expectedAttributes.get(i).getValue());
assertEquals(capturedAttributes.get(i).getAttributeName(), expectedAttributes.get(i).getAttributeName());
assertEquals(capturedAttributes.get(i).getValue(), expectedAttributes.get(i).getValue());
}
// Make sure hostName received the value of the primaryKey
System.out.println("expected attr: hostName, value: athenz.provider:cn:1234");
assertEquals(capturedAttributes.get(capturedAttributes.size() - 1).getAttributeName(), "hostName");
assertEquals(capturedAttributes.get(capturedAttributes.size() - 1).getValue(), "athenz.provider:cn:1234");
dbConn.close();
}
use of com.yahoo.athenz.common.server.cert.X509CertRecord in project athenz by yahoo.
the class DynamoDBCertRecordStoreConnectionTest method testUpdateUnrefreshedCertificatesNotificationTimestamp.
@Test
public void testUpdateUnrefreshedCertificatesNotificationTimestamp() {
DynamoDBCertRecordStoreConnection dbConn = getDBConnection();
Date now = new Date(1591706189000L);
long nowL = now.getTime();
long fiveDaysAgo = nowL - 5 * 24 * 60 * 60 * 1000;
long sevenDaysAgo = nowL - 7 * 24 * 60 * 60 * 1000;
Map<String, AttributeValue> unNotified = ZTSTestUtils.generateAttributeValues("home.test.service2", "unNotified", null, null, null, null, "testHost1");
Map<String, AttributeValue> reNotified = ZTSTestUtils.generateAttributeValues("home.test.service3", "reNotified", Long.toString(fiveDaysAgo), Long.toString(fiveDaysAgo), "testServer", null, "testHost2");
Map<String, AttributeValue> rebootstrapped = ZTSTestUtils.generateAttributeValues("home.test.service3", "rebootstrapped", Long.toString(sevenDaysAgo), Long.toString(sevenDaysAgo), "testServer", null, "testHost2");
Map<String, AttributeValue> willBeUpdatedByOtherZts = ZTSTestUtils.generateAttributeValues("home.test.service4", "willBeUpdatedByOtherZts", Long.toString(fiveDaysAgo), Long.toString(fiveDaysAgo), "testServer", null, "testHost3");
Item item1 = ItemUtils.toItem(unNotified);
Item item2 = ItemUtils.toItem(reNotified);
Item item3 = ItemUtils.toItem(willBeUpdatedByOtherZts);
Item item4 = ItemUtils.toItem(rebootstrapped);
ItemCollection<QueryOutcome> itemCollection = Mockito.mock(ItemCollection.class);
IteratorSupport<Item, QueryOutcome> iteratorSupport = Mockito.mock(IteratorSupport.class);
when(itemCollection.iterator()).thenReturn(iteratorSupport);
when(iteratorSupport.hasNext()).thenReturn(true, true, true, true, false);
when(iteratorSupport.next()).thenReturn(item1).thenReturn(item2).thenReturn(item3).thenReturn(item4);
Mockito.doReturn(itemCollection).when(currentTimeIndex).query(any(QuerySpec.class));
ItemCollection<QueryOutcome> itemCollection2 = Mockito.mock(ItemCollection.class);
IteratorSupport<Item, QueryOutcome> iteratorSupport2 = Mockito.mock(IteratorSupport.class);
when(itemCollection2.iterator()).thenReturn(iteratorSupport2);
when(iteratorSupport2.hasNext()).thenReturn(// One record with host testHost1
true, // One record with host testHost1
false, // Two records with host testHost2
true, // Two records with host testHost2
true, // Two records with host testHost2
false, // One record with host testHost3
true, // One record with host testHost3
false, true, true, // Two records with host testHost2
false);
when(iteratorSupport2.next()).thenReturn(item1).thenReturn(item2).thenReturn(item4).thenReturn(item3).thenReturn(item2).thenReturn(item4);
Mockito.doReturn(itemCollection2).when(hostNameIndex).query(any(QuerySpec.class));
AttributeValue lastNotifiedTimeAttrValue = new AttributeValue();
lastNotifiedTimeAttrValue.setN(Long.toString(nowL));
AttributeValue lastNotifiedServerAttrValue = new AttributeValue();
lastNotifiedServerAttrValue.setS("localhost");
AttributeValue lastNotifiedOtherServerAttrValue = new AttributeValue();
lastNotifiedOtherServerAttrValue.setS("SomeOtherZTS");
unNotified.put("lastNotifiedTime", lastNotifiedTimeAttrValue);
unNotified.put("lastNotifiedServer", lastNotifiedServerAttrValue);
reNotified.put("lastNotifiedTime", lastNotifiedTimeAttrValue);
reNotified.put("lastNotifiedServer", lastNotifiedServerAttrValue);
willBeUpdatedByOtherZts.put("lastNotifiedTime", lastNotifiedTimeAttrValue);
willBeUpdatedByOtherZts.put("lastNotifiedServer", lastNotifiedOtherServerAttrValue);
Item updatedItem1 = ItemUtils.toItem(unNotified);
Item updatedItem2 = ItemUtils.toItem(reNotified);
Item updatedItem3 = ItemUtils.toItem(willBeUpdatedByOtherZts);
UpdateItemOutcome updateItemOutcome1 = Mockito.mock(UpdateItemOutcome.class);
when(updateItemOutcome1.getItem()).thenReturn(updatedItem1);
UpdateItemOutcome updateItemOutcome2 = Mockito.mock(UpdateItemOutcome.class);
when(updateItemOutcome2.getItem()).thenReturn(updatedItem2);
UpdateItemOutcome updateItemOutcome3 = Mockito.mock(UpdateItemOutcome.class);
when(updateItemOutcome3.getItem()).thenReturn(updatedItem3);
when(table.updateItem(any(UpdateItemSpec.class))).thenReturn(updateItemOutcome1).thenReturn(updateItemOutcome2).thenReturn(updateItemOutcome3);
List<X509CertRecord> records = dbConn.updateUnrefreshedCertificatesNotificationTimestamp("localhost", nowL, "provider");
ArgumentCaptor<UpdateItemSpec> updateArguments = ArgumentCaptor.forClass(UpdateItemSpec.class);
Mockito.verify(table, Mockito.times(3)).updateItem(updateArguments.capture());
// Assert get filtered records
List<UpdateItemSpec> allUpdateArguments = updateArguments.getAllValues();
assertEquals(3, allUpdateArguments.size());
assertEquals("{primaryKey: provider:home.test.service2:unNotified}", allUpdateArguments.get(0).getKeyComponents().toArray()[0].toString());
assertEquals("{primaryKey: provider:home.test.service3:reNotified}", allUpdateArguments.get(1).getKeyComponents().toArray()[0].toString());
assertEquals("{primaryKey: provider:home.test.service4:willBeUpdatedByOtherZts}", allUpdateArguments.get(2).getKeyComponents().toArray()[0].toString());
// Assert Update
assertEquals(records.size(), 2);
assertNull(records.get(0).getCurrentTime());
assertEquals(records.get(0).getService(), "home.test.service2");
assertEquals(records.get(0).getLastNotifiedTime(), now);
assertEquals(records.get(1).getCurrentTime().getTime(), fiveDaysAgo);
assertEquals(records.get(1).getService(), "home.test.service3");
assertEquals(records.get(1).getLastNotifiedTime(), now);
}
use of com.yahoo.athenz.common.server.cert.X509CertRecord in project athenz by yahoo.
the class DynamoDBCertRecordStoreConnectionTest method testInsertX509RecordNoHostname.
@Test
public void testInsertX509RecordNoHostname() {
DynamoDBCertRecordStoreConnection dbConn = new DynamoDBCertRecordStoreConnection(dynamoDB, tableName, currentTimeIndexName, hostNameIndexName);
Date now = new Date();
String dateIsoFormat = DynamoDBUtils.getIso8601FromDate(now);
X509CertRecord certRecord = getRecordNonNullableColumns(now);
certRecord.setLastNotifiedTime(now);
certRecord.setLastNotifiedServer("last-notified-server");
certRecord.setExpiryTime(now);
Item item = new Item().withPrimaryKey("primaryKey", "athenz.provider:cn:1234").withString("instanceId", certRecord.getInstanceId()).withString("provider", certRecord.getProvider()).withString("service", certRecord.getService()).withString("currentSerial", certRecord.getCurrentSerial()).withString("currentIP", certRecord.getCurrentIP()).withLong("currentTime", certRecord.getCurrentTime().getTime()).withString("currentDate", dateIsoFormat).withString("prevSerial", certRecord.getPrevSerial()).withString("prevIP", certRecord.getPrevIP()).withLong("prevTime", certRecord.getPrevTime().getTime()).withBoolean("clientCert", certRecord.getClientCert()).withLong("ttl", certRecord.getCurrentTime().getTime() / 1000L + 3660 * 720).withLong("lastNotifiedTime", certRecord.getLastNotifiedTime().getTime()).withString("lastNotifiedServer", certRecord.getLastNotifiedServer()).withLong("expiryTime", certRecord.getExpiryTime().getTime());
Mockito.doReturn(putOutcome).when(table).putItem(item);
boolean requestSuccess = dbConn.insertX509CertRecord(certRecord);
assertTrue(requestSuccess);
ArgumentCaptor<Item> itemCaptor = ArgumentCaptor.forClass(Item.class);
Mockito.verify(table, times(1)).putItem(itemCaptor.capture());
List<Item> allValues = itemCaptor.getAllValues();
assertEquals(1, allValues.size());
assertEquals(allValues.get(0).get("primaryKey"), item.get("primaryKey"));
assertEquals(allValues.get(0).get("provider"), item.get("provider"));
assertEquals(allValues.get(0).get("instanceId"), item.get("instanceId"));
assertEquals(allValues.get(0).get("service"), item.get("service"));
assertEquals(allValues.get(0).get("expiryTime"), item.get("expiryTime"));
// When hostname is null, primaryKey will be used
assertEquals(allValues.get(0).get("hostName"), item.get("primaryKey"));
dbConn.close();
}
use of com.yahoo.athenz.common.server.cert.X509CertRecord in project athenz by yahoo.
the class DynamoDBCertRecordStoreConnectionTest method testUpdateUnrefreshedCertificatesNotificationTimestampHostException.
@Test
public void testUpdateUnrefreshedCertificatesNotificationTimestampHostException() {
DynamoDBCertRecordStoreConnection dbConn = getDBConnection();
Date now = new Date(1591706189000L);
long nowL = now.getTime();
long fiveDaysAgo = nowL - 5 * 24 * 60 * 60 * 1000;
Map<String, AttributeValue> reNotified = ZTSTestUtils.generateAttributeValues("home.test.service3", "reNotified", Long.toString(fiveDaysAgo), Long.toString(fiveDaysAgo), "testServer", null, "testHost2");
Item item1 = ItemUtils.toItem(reNotified);
ItemCollection<QueryOutcome> itemCollection = Mockito.mock(ItemCollection.class);
IteratorSupport<Item, QueryOutcome> iteratorSupport = Mockito.mock(IteratorSupport.class);
when(itemCollection.iterator()).thenReturn(iteratorSupport);
when(iteratorSupport.hasNext()).thenReturn(true, false);
when(iteratorSupport.next()).thenReturn(item1);
Mockito.doReturn(itemCollection).when(currentTimeIndex).query(any(QuerySpec.class));
Mockito.doThrow(new TransactionConflictException("error")).when(hostNameIndex).query(any(QuerySpec.class));
List<X509CertRecord> result = dbConn.updateUnrefreshedCertificatesNotificationTimestamp("serverTest", 1591706189000L, "providerTest");
assertEquals(result.size(), 0);
dbConn.close();
}
Aggregations