Search in sources :

Example 6 with BatchSecretRequest

use of keywhiz.api.BatchSecretRequest in project keywhiz by square.

the class BatchSecretDeliveryResourceIntegrationTest method returnsMultipleSecretWhenAllowedOnlyUnique.

@Test
public void returnsMultipleSecretWhenAllowedOnlyUnique() throws Exception {
    BatchSecretRequest request = BatchSecretRequest.create(ImmutableList.of("Database_Password", "General_Password", "Database_Password", "General_Password"));
    String body = mapper.writeValueAsString(request);
    Request post = new Request.Builder().post(RequestBody.create(KeywhizClient.JSON, body)).url(testUrl("/batchsecret")).addHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON).addHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON).build();
    Response response = client.newCall(post).execute();
    assertThat(response.code()).isEqualTo(200);
    ImmutableList<SecretDeliveryResponse> parsedResponse = JsonHelpers.fromJson(response.body().string(), ImmutableList.<SecretDeliveryResponse>of().getClass());
    assertThat(parsedResponse.size() == 2);
    assertThat(parsedResponse.contains(generalPassword));
    assertThat(parsedResponse.contains(databasePassword));
}
Also used : SecretDeliveryResponse(keywhiz.api.SecretDeliveryResponse) Response(okhttp3.Response) BatchSecretRequest(keywhiz.api.BatchSecretRequest) Request(okhttp3.Request) BatchSecretRequest(keywhiz.api.BatchSecretRequest) SecretDeliveryResponse(keywhiz.api.SecretDeliveryResponse) Test(org.junit.Test)

Example 7 with BatchSecretRequest

use of keywhiz.api.BatchSecretRequest in project keywhiz by square.

the class BatchSecretDeliveryResourceIntegrationTest method returns500WhenSecretUnspecified.

@Test
public void returns500WhenSecretUnspecified() throws Exception {
    BatchSecretRequest request = BatchSecretRequest.create(ImmutableList.<String>of());
    String body = mapper.writeValueAsString(request);
    Request post = new Request.Builder().post(RequestBody.create(KeywhizClient.JSON, body)).url(testUrl("/batchsecret")).addHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON).addHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON).build();
    Response response = client.newCall(post).execute();
    assertThat(response.code()).isEqualTo(500);
}
Also used : SecretDeliveryResponse(keywhiz.api.SecretDeliveryResponse) Response(okhttp3.Response) BatchSecretRequest(keywhiz.api.BatchSecretRequest) Request(okhttp3.Request) BatchSecretRequest(keywhiz.api.BatchSecretRequest) Test(org.junit.Test)

Example 8 with BatchSecretRequest

use of keywhiz.api.BatchSecretRequest in project keywhiz by square.

the class BatchSecretDeliveryResourceIntegrationTest method returnsMultipleSecretWhenAllowed.

@Test
public void returnsMultipleSecretWhenAllowed() throws Exception {
    BatchSecretRequest request = BatchSecretRequest.create(ImmutableList.of("General_Password", "Database_Password"));
    String body = mapper.writeValueAsString(request);
    Request post = new Request.Builder().post(RequestBody.create(KeywhizClient.JSON, body)).url(testUrl("/batchsecret")).addHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON).addHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON).build();
    Response response = client.newCall(post).execute();
    assertThat(response.code()).isEqualTo(200);
    ImmutableList<SecretDeliveryResponse> parsedResponse = JsonHelpers.fromJson(response.body().string(), ImmutableList.<SecretDeliveryResponse>of().getClass());
    assertThat(parsedResponse.size() == 2);
    assertThat(parsedResponse.contains(generalPassword));
    assertThat(parsedResponse.contains(databasePassword));
}
Also used : SecretDeliveryResponse(keywhiz.api.SecretDeliveryResponse) Response(okhttp3.Response) BatchSecretRequest(keywhiz.api.BatchSecretRequest) Request(okhttp3.Request) BatchSecretRequest(keywhiz.api.BatchSecretRequest) SecretDeliveryResponse(keywhiz.api.SecretDeliveryResponse) Test(org.junit.Test)

Example 9 with BatchSecretRequest

use of keywhiz.api.BatchSecretRequest in project keywhiz by square.

the class BatchSecretDeliveryResourceTest method returnsNotFoundWhenOneOfSecretsDoesNotExistAndOneForbidden.

// One of the secrets doesn't exist AND one of the secrets not allowed => not found - to preserve compatibility
@Test(expected = NotFoundException.class)
public void returnsNotFoundWhenOneOfSecretsDoesNotExistAndOneForbidden() throws Exception {
    ImmutableList<String> secretnames = ImmutableList.of("secretthatdoesnotexist", secret.getName());
    BatchSecretRequest req = BatchSecretRequest.create(secretnames);
    when(aclDAO.getBatchSanitizedSecretsFor(client, secretnames)).thenReturn(List.of());
    when(clientDAO.getClientByName(client.getName())).thenReturn(Optional.of(client));
    when(secretController.getSecretsByName(secretnames)).thenReturn(List.of(secret));
    batchSecretDeliveryResource.getBatchSecret(client, req);
}
Also used : BatchSecretRequest(keywhiz.api.BatchSecretRequest) Test(org.junit.Test)

Example 10 with BatchSecretRequest

use of keywhiz.api.BatchSecretRequest in project keywhiz by square.

the class BatchSecretDeliveryResourceTest method returnsForbiddenWhenOneOfSecretsNotAllowed.

// All of the secrets exist AND client exists, but ANY of the secrets not allowed => Forbidden
@Test(expected = ForbiddenException.class)
public void returnsForbiddenWhenOneOfSecretsNotAllowed() throws Exception {
    SanitizedSecret sanitizedSecret = SanitizedSecret.fromSecret(secret);
    SanitizedSecret forbiddenSecret = SanitizedSecret.fromSecret(secret2);
    ImmutableList<String> secretnames = ImmutableList.of(sanitizedSecret.name(), forbiddenSecret.name());
    BatchSecretRequest req = BatchSecretRequest.create(secretnames);
    // Client can only access one out of two secrets
    when(aclDAO.getBatchSanitizedSecretsFor(client, secretnames)).thenReturn(List.of(sanitizedSecret));
    when(clientDAO.getClientByName(client.getName())).thenReturn(Optional.of(client));
    when(secretController.getSecretsByName(secretnames)).thenReturn(List.of(secret, secret2));
    batchSecretDeliveryResource.getBatchSecret(client, req);
}
Also used : SanitizedSecret(keywhiz.api.model.SanitizedSecret) BatchSecretRequest(keywhiz.api.BatchSecretRequest) Test(org.junit.Test)

Aggregations

BatchSecretRequest (keywhiz.api.BatchSecretRequest)11 Test (org.junit.Test)11 SecretDeliveryResponse (keywhiz.api.SecretDeliveryResponse)7 Request (okhttp3.Request)5 Response (okhttp3.Response)5 SanitizedSecret (keywhiz.api.model.SanitizedSecret)4