Search in sources :

Example 1 with BatchSecretRequest

use of keywhiz.api.BatchSecretRequest in project keywhiz by square.

the class BatchSecretDeliveryResourceTest method returnsSingleSecretWhenAllowed.

@Test
public void returnsSingleSecretWhenAllowed() throws Exception {
    SanitizedSecret sanitizedSecret = SanitizedSecret.fromSecret(secret);
    ImmutableList<String> secretNames = ImmutableList.of(sanitizedSecret.name());
    BatchSecretRequest req = BatchSecretRequest.create(secretNames);
    when(aclDAO.getBatchSanitizedSecretsFor(client, secretNames)).thenReturn(List.of(sanitizedSecret));
    when(clientDAO.getClientByName(client.getName())).thenReturn(Optional.of(client));
    when(secretController.getSecretsByName(secretNames)).thenReturn(List.of(secret));
    List<SecretDeliveryResponse> response = batchSecretDeliveryResource.getBatchSecret(client, req);
    assertThat(response).isEqualTo(ImmutableList.of(SecretDeliveryResponse.fromSecret(secret)));
}
Also used : SanitizedSecret(keywhiz.api.model.SanitizedSecret) BatchSecretRequest(keywhiz.api.BatchSecretRequest) SecretDeliveryResponse(keywhiz.api.SecretDeliveryResponse) Test(org.junit.Test)

Example 2 with BatchSecretRequest

use of keywhiz.api.BatchSecretRequest in project keywhiz by square.

the class BatchSecretDeliveryResourceTest method returnsMultipleSecretsWhenAllowed.

@Test
public void returnsMultipleSecretsWhenAllowed() throws Exception {
    SanitizedSecret sanitizedSecret = SanitizedSecret.fromSecret(secret);
    SanitizedSecret sanitizedSecret2 = SanitizedSecret.fromSecret(secret2);
    ImmutableList<String> secretnames = ImmutableList.of(sanitizedSecret.name(), sanitizedSecret2.name());
    BatchSecretRequest req = BatchSecretRequest.create(secretnames);
    when(aclDAO.getBatchSanitizedSecretsFor(client, secretnames)).thenReturn(List.of(sanitizedSecret, sanitizedSecret2));
    when(clientDAO.getClientByName(client.getName())).thenReturn(Optional.of(client));
    when(secretController.getSecretsByName(secretnames)).thenReturn(List.of(secret, secret2));
    List<SecretDeliveryResponse> response = batchSecretDeliveryResource.getBatchSecret(client, req);
    assertThat(response).containsExactlyInAnyOrder(SecretDeliveryResponse.fromSecret(secret), SecretDeliveryResponse.fromSecret(secret2));
}
Also used : SanitizedSecret(keywhiz.api.model.SanitizedSecret) BatchSecretRequest(keywhiz.api.BatchSecretRequest) SecretDeliveryResponse(keywhiz.api.SecretDeliveryResponse) Test(org.junit.Test)

Example 3 with BatchSecretRequest

use of keywhiz.api.BatchSecretRequest in project keywhiz by square.

the class BatchSecretDeliveryResourceTest method returnsNotFoundWhenOneOfSecretsDoesNotExist.

@Test(expected = NotFoundException.class)
public void returnsNotFoundWhenOneOfSecretsDoesNotExist() throws Exception {
    SanitizedSecret sanitizedSecret = SanitizedSecret.fromSecret(secret);
    ImmutableList<String> secretnames = ImmutableList.of(sanitizedSecret.name(), "secretthatdoesnotexist");
    BatchSecretRequest req = BatchSecretRequest.create(secretnames);
    when(aclDAO.getBatchSanitizedSecretsFor(client, secretnames)).thenReturn(List.of(sanitizedSecret));
    when(clientDAO.getClientByName(client.getName())).thenReturn(Optional.of(client));
    when(secretController.getSecretsByName(secretnames)).thenReturn(List.of(secret));
    batchSecretDeliveryResource.getBatchSecret(client, req);
}
Also used : SanitizedSecret(keywhiz.api.model.SanitizedSecret) BatchSecretRequest(keywhiz.api.BatchSecretRequest) Test(org.junit.Test)

Example 4 with BatchSecretRequest

use of keywhiz.api.BatchSecretRequest in project keywhiz by square.

the class BatchSecretDeliveryResourceIntegrationTest method returnsSecretWhenAllowed.

@Test
public void returnsSecretWhenAllowed() throws Exception {
    BatchSecretRequest request = BatchSecretRequest.create(ImmutableList.of("General_Password"));
    String body = mapper.writeValueAsString(request);
    Request post = new Request.Builder().post(RequestBody.create(KeywhizClient.JSON, body)).url(testUrl("/batchsecret")).addHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON).addHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON).build();
    Response response = client.newCall(post).execute();
    assertThat(response.code()).isEqualTo(200);
}
Also used : SecretDeliveryResponse(keywhiz.api.SecretDeliveryResponse) Response(okhttp3.Response) BatchSecretRequest(keywhiz.api.BatchSecretRequest) Request(okhttp3.Request) BatchSecretRequest(keywhiz.api.BatchSecretRequest) Test(org.junit.Test)

Example 5 with BatchSecretRequest

use of keywhiz.api.BatchSecretRequest in project keywhiz by square.

the class BatchSecretDeliveryResourceIntegrationTest method returnsUnauthorizedWhenDenied.

@Test
public void returnsUnauthorizedWhenDenied() throws Exception {
    BatchSecretRequest request = BatchSecretRequest.create(ImmutableList.of("Hacking_Password"));
    String body = mapper.writeValueAsString(request);
    Request post = new Request.Builder().post(RequestBody.create(KeywhizClient.JSON, body)).url(testUrl("/batchsecret")).addHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON).addHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON).build();
    Response response = client.newCall(post).execute();
    assertThat(response.code()).isEqualTo(403);
}
Also used : SecretDeliveryResponse(keywhiz.api.SecretDeliveryResponse) Response(okhttp3.Response) BatchSecretRequest(keywhiz.api.BatchSecretRequest) Request(okhttp3.Request) BatchSecretRequest(keywhiz.api.BatchSecretRequest) Test(org.junit.Test)

Aggregations

BatchSecretRequest (keywhiz.api.BatchSecretRequest)11 Test (org.junit.Test)11 SecretDeliveryResponse (keywhiz.api.SecretDeliveryResponse)7 Request (okhttp3.Request)5 Response (okhttp3.Response)5 SanitizedSecret (keywhiz.api.model.SanitizedSecret)4