use of keywhiz.api.BatchSecretRequest in project keywhiz by square.
the class BatchSecretDeliveryResourceIntegrationTest method returnsMultipleSecretWhenAllowedOnlyUnique.
@Test
public void returnsMultipleSecretWhenAllowedOnlyUnique() throws Exception {
BatchSecretRequest request = BatchSecretRequest.create(ImmutableList.of("Database_Password", "General_Password", "Database_Password", "General_Password"));
String body = mapper.writeValueAsString(request);
Request post = new Request.Builder().post(RequestBody.create(KeywhizClient.JSON, body)).url(testUrl("/batchsecret")).addHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON).addHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON).build();
Response response = client.newCall(post).execute();
assertThat(response.code()).isEqualTo(200);
ImmutableList<SecretDeliveryResponse> parsedResponse = JsonHelpers.fromJson(response.body().string(), ImmutableList.<SecretDeliveryResponse>of().getClass());
assertThat(parsedResponse.size() == 2);
assertThat(parsedResponse.contains(generalPassword));
assertThat(parsedResponse.contains(databasePassword));
}
use of keywhiz.api.BatchSecretRequest in project keywhiz by square.
the class BatchSecretDeliveryResourceIntegrationTest method returns500WhenSecretUnspecified.
@Test
public void returns500WhenSecretUnspecified() throws Exception {
BatchSecretRequest request = BatchSecretRequest.create(ImmutableList.<String>of());
String body = mapper.writeValueAsString(request);
Request post = new Request.Builder().post(RequestBody.create(KeywhizClient.JSON, body)).url(testUrl("/batchsecret")).addHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON).addHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON).build();
Response response = client.newCall(post).execute();
assertThat(response.code()).isEqualTo(500);
}
use of keywhiz.api.BatchSecretRequest in project keywhiz by square.
the class BatchSecretDeliveryResourceIntegrationTest method returnsMultipleSecretWhenAllowed.
@Test
public void returnsMultipleSecretWhenAllowed() throws Exception {
BatchSecretRequest request = BatchSecretRequest.create(ImmutableList.of("General_Password", "Database_Password"));
String body = mapper.writeValueAsString(request);
Request post = new Request.Builder().post(RequestBody.create(KeywhizClient.JSON, body)).url(testUrl("/batchsecret")).addHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON).addHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON).build();
Response response = client.newCall(post).execute();
assertThat(response.code()).isEqualTo(200);
ImmutableList<SecretDeliveryResponse> parsedResponse = JsonHelpers.fromJson(response.body().string(), ImmutableList.<SecretDeliveryResponse>of().getClass());
assertThat(parsedResponse.size() == 2);
assertThat(parsedResponse.contains(generalPassword));
assertThat(parsedResponse.contains(databasePassword));
}
use of keywhiz.api.BatchSecretRequest in project keywhiz by square.
the class BatchSecretDeliveryResourceTest method returnsNotFoundWhenOneOfSecretsDoesNotExistAndOneForbidden.
// One of the secrets doesn't exist AND one of the secrets not allowed => not found - to preserve compatibility
@Test(expected = NotFoundException.class)
public void returnsNotFoundWhenOneOfSecretsDoesNotExistAndOneForbidden() throws Exception {
ImmutableList<String> secretnames = ImmutableList.of("secretthatdoesnotexist", secret.getName());
BatchSecretRequest req = BatchSecretRequest.create(secretnames);
when(aclDAO.getBatchSanitizedSecretsFor(client, secretnames)).thenReturn(List.of());
when(clientDAO.getClientByName(client.getName())).thenReturn(Optional.of(client));
when(secretController.getSecretsByName(secretnames)).thenReturn(List.of(secret));
batchSecretDeliveryResource.getBatchSecret(client, req);
}
use of keywhiz.api.BatchSecretRequest in project keywhiz by square.
the class BatchSecretDeliveryResourceTest method returnsForbiddenWhenOneOfSecretsNotAllowed.
// All of the secrets exist AND client exists, but ANY of the secrets not allowed => Forbidden
@Test(expected = ForbiddenException.class)
public void returnsForbiddenWhenOneOfSecretsNotAllowed() throws Exception {
SanitizedSecret sanitizedSecret = SanitizedSecret.fromSecret(secret);
SanitizedSecret forbiddenSecret = SanitizedSecret.fromSecret(secret2);
ImmutableList<String> secretnames = ImmutableList.of(sanitizedSecret.name(), forbiddenSecret.name());
BatchSecretRequest req = BatchSecretRequest.create(secretnames);
// Client can only access one out of two secrets
when(aclDAO.getBatchSanitizedSecretsFor(client, secretnames)).thenReturn(List.of(sanitizedSecret));
when(clientDAO.getClientByName(client.getName())).thenReturn(Optional.of(client));
when(secretController.getSecretsByName(secretnames)).thenReturn(List.of(secret, secret2));
batchSecretDeliveryResource.getBatchSecret(client, req);
}
Aggregations