Examples with SSHCertRecord com.yahoo.athenz.common.server.ssh.SSHCertRecord used on opensource projects

Search in sources :

Example 21 with SSHCertRecord

use of com.yahoo.athenz.common.server.ssh.SSHCertRecord in project athenz by yahoo.

the class InstanceCertManagerTest method testUpdateSSHHostPrincipalWithCertRequest.

@Test
public void testUpdateSSHHostPrincipalWithCertRequest() {
    InstanceCertManager instance = new InstanceCertManager(null, null, null, true, null);
    SSHCertRecord record = new SSHCertRecord();
    SSHCertRequest sshCertRequest = new SSHCertRequest();
    instance.updateSSHHostPrincipals(sshCertRequest, record);
    assertEquals(record.getPrincipals(), "127.0.0.1");
    // reset and test with meta set to null
    record.setPrincipals(null);
    sshCertRequest.setCertRequestData(new SSHCertRequestData());
    sshCertRequest.setCertRequestMeta(null);
    instance.updateSSHHostPrincipals(sshCertRequest, record);
    assertEquals(record.getPrincipals(), "127.0.0.1");
    // reset and test with data set to null
    record.setPrincipals(null);
    sshCertRequest.setCertRequestData(null);
    sshCertRequest.setCertRequestMeta(new SSHCertRequestMeta());
    instance.updateSSHHostPrincipals(sshCertRequest, record);
    assertEquals(record.getPrincipals(), "127.0.0.1");
    // reset and test csr with principals and xprincipals
    record.setPrincipals(null);
    sshCertRequest.setCertRequestData(new SSHCertRequestData().setPrincipals(Arrays.asList("principal1", "principal2")));
    sshCertRequest.setCertRequestMeta(new SSHCertRequestMeta().setKeyIdPrincipals(Arrays.asList("principal2", "principal3")));
    instance.updateSSHHostPrincipals(sshCertRequest, record);
    Set<String> result = new HashSet<>(Arrays.asList(record.getPrincipals().split(",")));
    assertEquals(result.size(), 3);
    assertTrue(result.contains("principal1"));
    assertTrue(result.contains("principal2"));
    assertTrue(result.contains("principal3"));
}
Also used : SSHCertRecord(com.yahoo.athenz.common.server.ssh.SSHCertRecord) Test(org.testng.annotations.Test)

Example 22 with SSHCertRecord

use of com.yahoo.athenz.common.server.ssh.SSHCertRecord in project athenz by yahoo.

the class InstanceCertManagerTest method testUpdateSSHCertRecordException.

@Test
public void testUpdateSSHCertRecordException() {
    InstanceCertManager instance = new InstanceCertManager(null, null, null, true, null);
    SSHRecordStore certStore = Mockito.mock(SSHRecordStore.class);
    SSHRecordStoreConnection certConnection = Mockito.mock(SSHRecordStoreConnection.class);
    when(certStore.getConnection()).thenReturn(certConnection);
    when(certConnection.updateSSHCertRecord(any())).thenThrow(new RuntimeException("Fail to update"));
    instance.setSSHStore(certStore);
    SSHCertRecord sshCertRecord = new SSHCertRecord();
    assertFalse(instance.updateSSHCertRecord(sshCertRecord, true));
    instance.shutdown();
}
Also used : SSHRecordStoreConnection(com.yahoo.athenz.common.server.ssh.SSHRecordStoreConnection) SSHRecordStore(com.yahoo.athenz.common.server.ssh.SSHRecordStore) SSHCertRecord(com.yahoo.athenz.common.server.ssh.SSHCertRecord) Test(org.testng.annotations.Test)

Example 23 with SSHCertRecord

use of com.yahoo.athenz.common.server.ssh.SSHCertRecord in project athenz by yahoo.

the class InstanceCertManagerTest method getGenerateSSHCertificate.

@Test
public void getGenerateSSHCertificate() {
    SSHSigner sshSigner = Mockito.mock(SSHSigner.class);
    Principal principal = Mockito.mock(Principal.class);
    SSHCertRequest certRequest = new SSHCertRequest();
    SSHCertRequestMeta meta = new SSHCertRequestMeta();
    meta.setInstanceId("id");
    meta.setAthenzService("athenz.api");
    meta.setCertType("host");
    certRequest.setCertRequestMeta(meta);
    SSHCertificates sshCertificates = new SSHCertificates();
    InstanceCertManager instanceManager = new InstanceCertManager(null, null, null, false, null);
    // let's insert our ssh record first
    SSHCertRecord certRecord = new SSHCertRecord();
    certRecord.setInstanceId("id");
    certRecord.setService("athenz.api");
    certRecord.setPrincipals("127.0.0.1");
    instanceManager.updateSSHCertRecord(certRecord, false);
    // during the function call we'll add the principals
    // field so for mock we're going to remove that
    when(sshSigner.generateCertificate(any(), any(), any(), any())).thenReturn(sshCertificates);
    instanceManager.setSSHSigner(sshSigner);
    assertEquals(instanceManager.generateSSHCertificates(principal, certRequest), sshCertificates);
    instanceManager.shutdown();
}
Also used : SSHSigner(com.yahoo.athenz.common.server.ssh.SSHSigner) Principal(com.yahoo.athenz.auth.Principal) SSHCertRecord(com.yahoo.athenz.common.server.ssh.SSHCertRecord) Test(org.testng.annotations.Test)

Example 24 with SSHCertRecord

use of com.yahoo.athenz.common.server.ssh.SSHCertRecord in project athenz by yahoo.

the class InstanceCertManagerTest method testGenerateSshIdentityHostException.

@Test
public void testGenerateSshIdentityHostException() {
    String sshCsr = "{\"pubkey\":\"key\",\"certtype\":\"host\"}";
    SSHSigner sshSigner = Mockito.mock(SSHSigner.class);
    SSHCertRequest sshRequest = new SSHCertRequest();
    sshRequest.setCsr(sshCsr);
    SSHCertificate cert = new SSHCertificate();
    cert.setCertificate("ssh-cert");
    InstanceIdentity identity = new InstanceIdentity().setName("athenz.service");
    SSHCertRecord sshCertRecord = new SSHCertRecord();
    sshCertRecord.setPrincipals("127.0.0.1");
    when(sshSigner.generateCertificate(null, sshRequest, sshCertRecord, "host")).thenThrow(new ResourceException(400, "invalid request"));
    when(sshSigner.getSignerCertificate(ZTSConsts.ZTS_SSH_HOST)).thenReturn("ssh-host");
    when(sshSigner.getSignerCertificate(ZTSConsts.ZTS_SSH_USER)).thenReturn("ssh-user");
    InstanceCertManager instanceManager = new InstanceCertManager(null, null, null, true, null);
    instanceManager.setSSHSigner(sshSigner);
    assertFalse(instanceManager.generateSSHIdentity(null, identity, null, sshCsr, null, sshCertRecord, "host"));
    instanceManager.shutdown();
}
Also used : SSHSigner(com.yahoo.athenz.common.server.ssh.SSHSigner) SSHCertRecord(com.yahoo.athenz.common.server.ssh.SSHCertRecord) Test(org.testng.annotations.Test)

Example 25 with SSHCertRecord

use of com.yahoo.athenz.common.server.ssh.SSHCertRecord in project athenz by yahoo.

the class InstanceCertManagerTest method testGenerateSshIdentityExceptions.

@Test
public void testGenerateSshIdentityExceptions() {
    String sshCsr = "{\"csr\":\"csr\",\"certtype\":\"host\"}";
    SSHSigner sshSigner = Mockito.mock(com.yahoo.athenz.common.server.ssh.SSHSigner.class);
    SSHCertRequest sshRequest = new SSHCertRequest();
    sshRequest.setCsr(sshCsr);
    when(sshSigner.generateCertificate(null, sshRequest, null, "host")).thenThrow(new com.yahoo.athenz.common.server.rest.ResourceException(403, "Forbidden")).thenThrow(new RuntimeException("IO error"));
    InstanceCertManager instanceManager = new InstanceCertManager(null, null, null, true, null);
    instanceManager.setSSHSigner(sshSigner);
    InstanceIdentity identity = new InstanceIdentity().setName("athenz.service");
    // first we should get the resource exception
    boolean result = instanceManager.generateSSHIdentity(null, identity, "", sshCsr, null, new SSHCertRecord(), "host");
    assertFalse(result);
    // next we should get the io exception
    result = instanceManager.generateSSHIdentity(null, identity, "", sshCsr, null, new SSHCertRecord(), "host");
    assertFalse(result);
    instanceManager.shutdown();
}
Also used : SSHSigner(com.yahoo.athenz.common.server.ssh.SSHSigner) SSHCertRecord(com.yahoo.athenz.common.server.ssh.SSHCertRecord) Test(org.testng.annotations.Test)

Aggregations

SSHCertRecord (com.yahoo.athenz.common.server.ssh.SSHCertRecord)57 Test (org.testng.annotations.Test)51 SSHSigner (com.yahoo.athenz.common.server.ssh.SSHSigner)14 HostnameResolver (com.yahoo.athenz.common.server.dns.HostnameResolver)12 Path (java.nio.file.Path)5 File (java.io.File)4 AmazonDynamoDBException (com.amazonaws.services.dynamodbv2.model.AmazonDynamoDBException)3 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)3 SSHRecordStore (com.yahoo.athenz.common.server.ssh.SSHRecordStore)3 SSHRecordStoreConnection (com.yahoo.athenz.common.server.ssh.SSHRecordStoreConnection)3 IOException (java.io.IOException)3 UpdateItemSpec (com.amazonaws.services.dynamodbv2.document.spec.UpdateItemSpec)2 Principal (com.yahoo.athenz.auth.Principal)2 PrincipalToken (com.yahoo.athenz.auth.token.PrincipalToken)2 CryptoException (com.yahoo.athenz.auth.util.CryptoException)2 Priority (com.yahoo.athenz.common.server.cert.Priority)2 StatusCheckException (com.yahoo.athenz.common.server.status.StatusCheckException)2 InstanceConfirmation (com.yahoo.athenz.instance.provider.InstanceConfirmation)2 InstanceProvider (com.yahoo.athenz.instance.provider.InstanceProvider)2 ResourceException (com.yahoo.athenz.zts.ResourceException)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial