Example 11 with SecureKeyId
use of io.cdap.cdap.proto.id.SecureKeyId in project cdap by caskdata.
the class SecureStoreClientTest method testSecureKeys.
@Test
public void testSecureKeys() throws Exception {
// no secure keys to begin with
List<SecureStoreMetadata> secureKeys = client.listKeys(NamespaceId.DEFAULT);
Assert.assertTrue(secureKeys.isEmpty());
// create a key
String key = "securekey";
String desc = "SomeDesc";
String data = "secureData";
Map<String, String> properties = ImmutableMap.of("k1", "v1");
long creationTime = System.currentTimeMillis();
SecureKeyId secureKeyId = new SecureKeyId(NamespaceId.DEFAULT.getNamespace(), key);
client.createKey(secureKeyId, new SecureKeyCreateRequest(desc, data, properties));
Assert.assertEquals(data, client.getData(secureKeyId));
Assert.assertEquals(1, client.listKeys(NamespaceId.DEFAULT).size());
SecureStoreMetadata metadata = client.getKeyMetadata(secureKeyId);
Assert.assertEquals(desc, metadata.getDescription());
Assert.assertTrue(metadata.getLastModifiedTime() >= creationTime);
Assert.assertEquals(properties, metadata.getProperties());
client.createKey(secureKeyId, new SecureKeyCreateRequest(desc, "updatedSecureData", properties));
Assert.assertEquals("updatedSecureData", client.getData(secureKeyId));
Assert.assertEquals(1, client.listKeys(NamespaceId.DEFAULT).size());
metadata = client.getKeyMetadata(secureKeyId);
Assert.assertEquals(desc, metadata.getDescription());
Assert.assertTrue(metadata.getLastModifiedTime() >= creationTime);
Assert.assertEquals(properties, metadata.getProperties());
// delete the key
client.deleteKey(secureKeyId);
Assert.assertTrue(client.listKeys(NamespaceId.DEFAULT).isEmpty());
}
Also used :
SecureKeyCreateRequest(io.cdap.cdap.proto.security.SecureKeyCreateRequest)
SecureKeyId(io.cdap.cdap.proto.id.SecureKeyId)
SecureStoreMetadata(io.cdap.cdap.api.security.store.SecureStoreMetadata)
Test(org.junit.Test)
Example 12 with SecureKeyId
use of io.cdap.cdap.proto.id.SecureKeyId in project cdap by caskdata.
the class KMSSecureStoreService method get.
/**
* Returns the data stored in the secure store. Makes two calls to the provider, one to get the metadata and another
* to get the data.
* @param namespace The namespace this key belongs to.
* @param name Name of the key.
* @return An object representing the securely stored data associated with the name.
* @throws NamespaceNotFoundException If the specified namespace does not exist.
* @throws IOException If there was a problem getting the key or the metadata from the underlying key provider.
*/
// Unfortunately KeyProvider does not specify the underlying cause except in the message, so we can not throw a
// more specific exception.
@Override
public SecureStoreData get(String namespace, String name) throws Exception {
checkNamespaceExists(namespace);
String keyName = getKeyName(namespace, name);
KeyProvider.Metadata metadata = provider.getMetadata(keyName);
// Provider returns null if the key is not found.
if (metadata == null) {
throw new NotFoundException(new SecureKeyId(namespace, name));
}
SecureStoreMetadata meta = new SecureStoreMetadata(name, metadata.getDescription(), metadata.getCreated().getTime(), metadata.getAttributes());
KeyProvider.KeyVersion keyVersion = provider.getCurrentKey(keyName);
return new SecureStoreData(meta, keyVersion.getMaterial());
}
Also used :
KeyProvider(org.apache.hadoop.crypto.key.KeyProvider)
SecureStoreData(io.cdap.cdap.api.security.store.SecureStoreData)
SecureKeyId(io.cdap.cdap.proto.id.SecureKeyId)
SecureStoreMetadata(io.cdap.cdap.api.security.store.SecureStoreMetadata)
NamespaceNotFoundException(io.cdap.cdap.common.NamespaceNotFoundException)
NotFoundException(io.cdap.cdap.common.NotFoundException)
Example 13 with SecureKeyId
use of io.cdap.cdap.proto.id.SecureKeyId in project cdap by caskdata.
the class AuthorizableTest method testSecureKey.
@Test
public void testSecureKey() {
SecureKeyId secureKeyId = new SecureKeyId("ns", "test_secure");
Authorizable authorizable = Authorizable.fromEntityId(secureKeyId);
Assert.assertEquals(secureKeyId.toString(), authorizable.toString());
String widcardId = secureKeyId.toString().replace("est", "*es?t");
Assert.assertEquals(widcardId, Authorizable.fromString(widcardId).toString());
}
Also used :
SecureKeyId(io.cdap.cdap.proto.id.SecureKeyId)
Test(org.junit.Test)
Aggregations
SecureKeyId (io.cdap.cdap.proto.id.SecureKeyId)13
SecureStoreMetadata (io.cdap.cdap.api.security.store.SecureStoreMetadata)4
NamespaceNotFoundException (io.cdap.cdap.common.NamespaceNotFoundException)4
Test (org.junit.Test)4
NotFoundException (io.cdap.cdap.common.NotFoundException)3
Principal (io.cdap.cdap.proto.security.Principal)3
SecureKeyCreateRequest (io.cdap.cdap.proto.security.SecureKeyCreateRequest)3
IOException (java.io.IOException)3
SecureStoreData (io.cdap.cdap.api.security.store.SecureStoreData)2
SecureKeyNotFoundException (io.cdap.cdap.common.SecureKeyNotFoundException)2
NamespaceId (io.cdap.cdap.proto.id.NamespaceId)2
Key (java.security.Key)2
KeyStoreException (java.security.KeyStoreException)2
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2
UnrecoverableKeyException (java.security.UnrecoverableKeyException)2
Path (javax.ws.rs.Path)2
Predicate (com.google.common.base.Predicate)1
BadRequestException (io.cdap.cdap.common.BadRequestException)1
AuditPolicy (io.cdap.cdap.common.security.AuditPolicy)1
GrantedPermission (io.cdap.cdap.proto.security.GrantedPermission)1
