use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.
the class NotificationServiceTest method getAlertsGlobalConfCheckThrowsRuntimeException.
@Test
public void getAlertsGlobalConfCheckThrowsRuntimeException() {
notificationService.resetBackupRestoreRunningSince();
assertEquals(null, notificationService.getBackupRestoreRunningSince());
doThrow(new RuntimeException("")).when(globalConfFacade).verifyValidity();
TokenInfo tokenInfo = new TokenTestUtils.TokenInfoBuilder().id(SignerProxy.SSL_TOKEN_ID).active(true).build();
List<TokenInfo> allTokens = Collections.singletonList(tokenInfo);
when(tokenService.getAllTokens()).thenReturn(allTokens);
AlertStatus alertStatus = notificationService.getAlerts();
assertEquals(null, alertStatus.getBackupRestoreRunningSince());
assertEquals(null, alertStatus.getCurrentTime());
assertEquals(false, alertStatus.getGlobalConfValid());
assertEquals(false, alertStatus.getGlobalConfValidCheckSuccess());
assertEquals(true, alertStatus.getSoftTokenPinEntered());
assertEquals(true, alertStatus.getSoftTokenPinEnteredCheckSuccess());
}
use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.
the class NotificationServiceTest method getAlertsAllOkNoBackupRestore.
@Test
public void getAlertsAllOkNoBackupRestore() {
notificationService.resetBackupRestoreRunningSince();
assertEquals(null, notificationService.getBackupRestoreRunningSince());
doAnswer(answer -> null).when(globalConfFacade).verifyValidity();
TokenInfo tokenInfo = new TokenTestUtils.TokenInfoBuilder().id(SignerProxy.SSL_TOKEN_ID).active(true).build();
List<TokenInfo> allTokens = Collections.singletonList(tokenInfo);
when(tokenService.getAllTokens()).thenReturn(allTokens);
AlertStatus alertStatus = notificationService.getAlerts();
assertEquals(null, alertStatus.getBackupRestoreRunningSince());
assertEquals(null, alertStatus.getCurrentTime());
assertEquals(true, alertStatus.getGlobalConfValid());
assertEquals(true, alertStatus.getGlobalConfValidCheckSuccess());
assertEquals(true, alertStatus.getSoftTokenPinEntered());
assertEquals(true, alertStatus.getSoftTokenPinEnteredCheckSuccess());
}
use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.
the class OrphanRemovalServiceTest method setup.
@Before
public void setup() throws Exception {
KeyInfo key01 = new TokenTestUtils.KeyInfoBuilder().id(KEY_01_ID).keyUsageInfo(KeyUsageInfo.SIGNING).csr(new CertificateTestUtils.CertRequestInfoBuilder().clientId(NON_DELETED_CLIENT_ID_O1).id(ORPHAN_CSR_01_ID).build()).build();
KeyInfo key05 = new TokenTestUtils.KeyInfoBuilder().id(KEY_05_ID).keyUsageInfo(KeyUsageInfo.SIGNING).csr(new CertificateTestUtils.CertRequestInfoBuilder().clientId(DELETED_CLIENT_ID_WITH_ORPHAN_CSR_O5).id(ORPHAN_CSR_05_ID).build()).build();
KeyInfo key06 = new TokenTestUtils.KeyInfoBuilder().id(KEY_06_ID).keyUsageInfo(KeyUsageInfo.SIGNING).cert(new CertificateTestUtils.CertificateInfoBuilder().clientId(DELETED_CLIENT_ID_WITH_ORPHAN_CERT_O6).id(ORPHAN_CERT_06_HASH).build()).build();
KeyInfo key071 = new TokenTestUtils.KeyInfoBuilder().id(KEY_07_SIGN_ORPHAN_1_ID).keyUsageInfo(KeyUsageInfo.SIGNING).cert(new CertificateTestUtils.CertificateInfoBuilder().clientId(DELETED_CLIENT_ID_WITH_MULTIPLE_KEYS_07).id(ORPHAN_CERT_07_1_HASH).build()).build();
KeyInfo key072 = new TokenTestUtils.KeyInfoBuilder().id(KEY_07_SIGN_ORPHAN_2_ID).keyUsageInfo(KeyUsageInfo.SIGNING).cert(new CertificateTestUtils.CertificateInfoBuilder().clientId(DELETED_CLIENT_ID_WITH_MULTIPLE_KEYS_07).id(ORPHAN_CERT_07_2_HASH).build()).csr(new CertificateTestUtils.CertRequestInfoBuilder().clientId(DELETED_CLIENT_ID_WITH_MULTIPLE_KEYS_07).id(ORPHAN_CSR_07_2_ID).build()).build();
KeyInfo key073 = new TokenTestUtils.KeyInfoBuilder().id(KEY_07_SIGN_SHARED_ID).keyUsageInfo(KeyUsageInfo.SIGNING).cert(new CertificateTestUtils.CertificateInfoBuilder().clientId(DELETED_CLIENT_ID_WITH_MULTIPLE_KEYS_07).id(SHARED_KEY_CERT_07_1_HASH).build()).cert(new CertificateTestUtils.CertificateInfoBuilder().clientId(DELETED_CLIENT_ID_WITH_MULTIPLE_KEYS_07).id(SHARED_KEY_CERT_07_2_HASH).build()).csr(new CertificateTestUtils.CertRequestInfoBuilder().clientId(DELETED_CLIENT_ID_WITH_MULTIPLE_KEYS_07).id(SHARED_KEY_CSR_07_ID).build()).csr(new CertificateTestUtils.CertRequestInfoBuilder().clientId(KEY_SHARING_CLIENT_07_08).id(SHARED_KEY_CSR_08_ID).build()).build();
KeyInfo key074 = new TokenTestUtils.KeyInfoBuilder().id(KEY_07_AUTH_ID).keyUsageInfo(KeyUsageInfo.AUTHENTICATION).cert(new CertificateTestUtils.CertificateInfoBuilder().id(AUTH_CERT_07_HASH).build()).build();
TokenInfo tokenInfo = new TokenTestUtils.TokenInfoBuilder().friendlyName("fubar").key(key01).key(key05).key(key06).key(key071).key(key072).key(key073).key(key074).build();
Map<String, KeyInfo> certCsrIdentifierToKey = new HashMap<>();
// certs and csrs should not have duplicate ids/hashes
tokenInfo.getKeyInfo().forEach(key -> key.getCerts().forEach(cert -> {
if (certCsrIdentifierToKey.containsKey(cert.getId()))
throw new RuntimeException("duplicate");
certCsrIdentifierToKey.put(cert.getId(), key);
}));
tokenInfo.getKeyInfo().forEach(key -> key.getCertRequests().forEach(csr -> {
if (certCsrIdentifierToKey.containsKey(csr.getId()))
throw new RuntimeException("duplicate");
certCsrIdentifierToKey.put(csr.getId(), key);
}));
doReturn(Collections.singletonList(tokenInfo)).when(signerProxyFacade).getTokens();
Map<ClientId, ClientType> localClients = new HashMap<>();
ALL_LOCAL_CLIENTS.forEach(id -> {
ClientType clientType = new ClientType();
clientType.setIdentifier(id);
localClients.put(id, clientType);
});
doReturn(new ArrayList(localClients.values())).when(clientRepository).getAllLocalClients();
doAnswer(invocation -> {
ClientId clientId = (ClientId) invocation.getArguments()[0];
return localClients.get(clientId);
}).when(clientRepository).getClient(any());
doReturn(tokenInfo).when(signerProxyFacade).getTokenForKeyId(any());
doAnswer(invocation -> {
String certHash = (String) invocation.getArguments()[0];
return new TokenInfoAndKeyId(tokenInfo, certCsrIdentifierToKey.get(certHash).getId());
}).when(signerProxyFacade).getTokenAndKeyIdForCertHash(any());
doAnswer(invocation -> {
String csrId = (String) invocation.getArguments()[0];
return new TokenInfoAndKeyId(tokenInfo, certCsrIdentifierToKey.get(csrId).getId());
}).when(signerProxyFacade).getTokenAndKeyIdForCertRequestId(any());
}
use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.
the class PossibleActionsRuleEngineTest method getPossibleKeyActionGenerateAuthCsr.
@Test
public void getPossibleKeyActionGenerateAuthCsr() {
TokenInfo tokenInfo;
EnumSet<PossibleActionEnum> actions;
// basic happy case
tokenInfo = new TokenTestUtils.TokenInfoBuilder().id(PossibleActionsRuleEngine.SOFTWARE_TOKEN_ID).active(true).key(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.AUTHENTICATION).available(true).build()).build();
actions = getPossibleKeyActions(tokenInfo);
assertTrue(actions.contains(PossibleActionEnum.GENERATE_AUTH_CSR));
assertFalse(actions.contains(PossibleActionEnum.GENERATE_SIGN_CSR));
// generate is possible is usage = null (undefined)
tokenInfo = new TokenTestUtils.TokenInfoBuilder().id(PossibleActionsRuleEngine.SOFTWARE_TOKEN_ID).active(true).key(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(null).available(true).build()).build();
actions = getPossibleKeyActions(tokenInfo);
assertTrue(actions.contains(PossibleActionEnum.GENERATE_AUTH_CSR));
assertTrue(actions.contains(PossibleActionEnum.GENERATE_SIGN_CSR));
// not possible if token is not softtoken
tokenInfo = new TokenTestUtils.TokenInfoBuilder().id(PossibleActionsRuleEngine.SOFTWARE_TOKEN_ID + 1).active(true).key(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.AUTHENTICATION).available(true).build()).build();
actions = getPossibleKeyActions(tokenInfo);
assertFalse(actions.contains(PossibleActionEnum.GENERATE_AUTH_CSR));
assertFalse(actions.contains(PossibleActionEnum.GENERATE_SIGN_CSR));
// not possible if usage = signing
tokenInfo = new TokenTestUtils.TokenInfoBuilder().id(PossibleActionsRuleEngine.SOFTWARE_TOKEN_ID).active(true).key(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.SIGNING).available(true).build()).build();
actions = getPossibleKeyActions(tokenInfo);
assertFalse(actions.contains(PossibleActionEnum.GENERATE_AUTH_CSR));
// not possible if key unavailable
tokenInfo = new TokenTestUtils.TokenInfoBuilder().id(PossibleActionsRuleEngine.SOFTWARE_TOKEN_ID).active(true).key(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.AUTHENTICATION).available(false).build()).build();
actions = getPossibleKeyActions(tokenInfo);
assertFalse(actions.contains(PossibleActionEnum.GENERATE_AUTH_CSR));
// not possible if token inactive
tokenInfo = new TokenTestUtils.TokenInfoBuilder().id(PossibleActionsRuleEngine.SOFTWARE_TOKEN_ID).active(false).key(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.AUTHENTICATION).available(true).build()).build();
actions = getPossibleKeyActions(tokenInfo);
assertFalse(actions.contains(PossibleActionEnum.GENERATE_AUTH_CSR));
}
use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.
the class PossibleActionsRuleEngineTest method getPossibleTokenActionEditFriendlyName.
@Test
public void getPossibleTokenActionEditFriendlyName() {
TokenInfo unsaved = new TokenTestUtils.TokenInfoBuilder().key(new TokenTestUtils.KeyInfoBuilder().cert(new CertificateTestUtils.CertificateInfoBuilder().savedToConfiguration(false).build()).build()).build();
TokenInfo saved = new TokenTestUtils.TokenInfoBuilder().key(new TokenTestUtils.KeyInfoBuilder().cert(new CertificateTestUtils.CertificateInfoBuilder().savedToConfiguration(true).build()).build()).build();
// just check we created test data successfully....
assertEquals(true, saved.isSavedToConfiguration());
assertEquals(false, unsaved.isSavedToConfiguration());
// actual test
assertTrue(possibleActionsRuleEngine.getPossibleTokenActions(saved).contains(PossibleActionEnum.EDIT_FRIENDLY_NAME));
assertFalse(possibleActionsRuleEngine.getPossibleTokenActions(unsaved).contains(PossibleActionEnum.EDIT_FRIENDLY_NAME));
}
Aggregations