use of keywhiz.api.BatchSecretRequest in project keywhiz by square.
the class BatchSecretDeliveryResourceTest method returnsSingleSecretWhenAllowed.
@Test
public void returnsSingleSecretWhenAllowed() throws Exception {
SanitizedSecret sanitizedSecret = SanitizedSecret.fromSecret(secret);
ImmutableList<String> secretNames = ImmutableList.of(sanitizedSecret.name());
BatchSecretRequest req = BatchSecretRequest.create(secretNames);
when(aclDAO.getBatchSanitizedSecretsFor(client, secretNames)).thenReturn(List.of(sanitizedSecret));
when(clientDAO.getClientByName(client.getName())).thenReturn(Optional.of(client));
when(secretController.getSecretsByName(secretNames)).thenReturn(List.of(secret));
List<SecretDeliveryResponse> response = batchSecretDeliveryResource.getBatchSecret(client, req);
assertThat(response).isEqualTo(ImmutableList.of(SecretDeliveryResponse.fromSecret(secret)));
}
use of keywhiz.api.BatchSecretRequest in project keywhiz by square.
the class BatchSecretDeliveryResourceTest method returnsMultipleSecretsWhenAllowed.
@Test
public void returnsMultipleSecretsWhenAllowed() throws Exception {
SanitizedSecret sanitizedSecret = SanitizedSecret.fromSecret(secret);
SanitizedSecret sanitizedSecret2 = SanitizedSecret.fromSecret(secret2);
ImmutableList<String> secretnames = ImmutableList.of(sanitizedSecret.name(), sanitizedSecret2.name());
BatchSecretRequest req = BatchSecretRequest.create(secretnames);
when(aclDAO.getBatchSanitizedSecretsFor(client, secretnames)).thenReturn(List.of(sanitizedSecret, sanitizedSecret2));
when(clientDAO.getClientByName(client.getName())).thenReturn(Optional.of(client));
when(secretController.getSecretsByName(secretnames)).thenReturn(List.of(secret, secret2));
List<SecretDeliveryResponse> response = batchSecretDeliveryResource.getBatchSecret(client, req);
assertThat(response).containsExactlyInAnyOrder(SecretDeliveryResponse.fromSecret(secret), SecretDeliveryResponse.fromSecret(secret2));
}
use of keywhiz.api.BatchSecretRequest in project keywhiz by square.
the class BatchSecretDeliveryResourceTest method returnsNotFoundWhenOneOfSecretsDoesNotExist.
@Test(expected = NotFoundException.class)
public void returnsNotFoundWhenOneOfSecretsDoesNotExist() throws Exception {
SanitizedSecret sanitizedSecret = SanitizedSecret.fromSecret(secret);
ImmutableList<String> secretnames = ImmutableList.of(sanitizedSecret.name(), "secretthatdoesnotexist");
BatchSecretRequest req = BatchSecretRequest.create(secretnames);
when(aclDAO.getBatchSanitizedSecretsFor(client, secretnames)).thenReturn(List.of(sanitizedSecret));
when(clientDAO.getClientByName(client.getName())).thenReturn(Optional.of(client));
when(secretController.getSecretsByName(secretnames)).thenReturn(List.of(secret));
batchSecretDeliveryResource.getBatchSecret(client, req);
}
use of keywhiz.api.BatchSecretRequest in project keywhiz by square.
the class BatchSecretDeliveryResourceIntegrationTest method returnsSecretWhenAllowed.
@Test
public void returnsSecretWhenAllowed() throws Exception {
BatchSecretRequest request = BatchSecretRequest.create(ImmutableList.of("General_Password"));
String body = mapper.writeValueAsString(request);
Request post = new Request.Builder().post(RequestBody.create(KeywhizClient.JSON, body)).url(testUrl("/batchsecret")).addHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON).addHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON).build();
Response response = client.newCall(post).execute();
assertThat(response.code()).isEqualTo(200);
}
use of keywhiz.api.BatchSecretRequest in project keywhiz by square.
the class BatchSecretDeliveryResourceIntegrationTest method returnsUnauthorizedWhenDenied.
@Test
public void returnsUnauthorizedWhenDenied() throws Exception {
BatchSecretRequest request = BatchSecretRequest.create(ImmutableList.of("Hacking_Password"));
String body = mapper.writeValueAsString(request);
Request post = new Request.Builder().post(RequestBody.create(KeywhizClient.JSON, body)).url(testUrl("/batchsecret")).addHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON).addHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON).build();
Response response = client.newCall(post).execute();
assertThat(response.code()).isEqualTo(403);
}
Aggregations