Examples with SanitizedSecret keywhiz.api.model.SanitizedSecret used on opensource projects

Example 6 with SanitizedSecret

use of keywhiz.api.model.SanitizedSecret in project keywhiz by square.

the class AclDAOTest method getSanitizedSecretsForClient.

@Test
public void getSanitizedSecretsForClient() {
    assertThat(aclDAO.getSanitizedSecretsFor(client2)).isEmpty();
    aclDAO.enrollClient(jooqContext.configuration(), client2.getId(), group2.getId());
    aclDAO.allowAccess(jooqContext.configuration(), secret2.getId(), group2.getId());
    Set<SanitizedSecret> secrets = aclDAO.getSanitizedSecretsFor(client2);
    assertThat(Iterables.getOnlyElement(secrets)).isEqualToIgnoringGivenFields(SanitizedSecret.fromSecret(secret2), "id", "version");
    aclDAO.allowAccess(jooqContext.configuration(), secret1.getId(), group2.getId());
    secrets = aclDAO.getSanitizedSecretsFor(client2);
    assertThat(secrets).hasSize(2).doesNotHaveDuplicates();
    for (SanitizedSecret secret : secrets) {
        if (secret.name().equals(secret1.getName())) {
            assertThat(secret).isEqualToIgnoringGivenFields(SanitizedSecret.fromSecret(secret1), "id", "version");
        } else {
            assertThat(secret).isEqualToIgnoringGivenFields(SanitizedSecret.fromSecret(secret2), "id", "version");
        }
    }
    aclDAO.evictClient(jooqContext.configuration(), client2.getId(), group2.getId());
    assertThat(aclDAO.getSanitizedSecretsFor(client2)).isEmpty();
}

Example 7 with SanitizedSecret

use of keywhiz.api.model.SanitizedSecret in project keywhiz by square.

the class AclDAOTest method getsSanitizedSecretsForGroup.

@Test
public void getsSanitizedSecretsForGroup() {
    SanitizedSecret sanitizedSecret1 = SanitizedSecret.fromSecret(secret1);
    SanitizedSecret sanitizedSecret2 = SanitizedSecret.fromSecret(secret2);
    aclDAO.allowAccess(jooqContext.configuration(), secret2.getId(), group1.getId());
    Set<SanitizedSecret> secrets = aclDAO.getSanitizedSecretsFor(group1);
    assertThat(Iterables.getOnlyElement(secrets)).isEqualToIgnoringGivenFields(sanitizedSecret2, "id", "version");
    aclDAO.allowAccess(jooqContext.configuration(), secret1.getId(), group1.getId());
    secrets = aclDAO.getSanitizedSecretsFor(group1);
    assertThat(secrets).hasSize(2).doesNotHaveDuplicates();
    for (SanitizedSecret secret : secrets) {
        if (secret.name().equals(secret1.getName())) {
            assertThat(secret).isEqualToIgnoringGivenFields(sanitizedSecret1, "id", "version");
        } else {
            assertThat(secret).isEqualToIgnoringGivenFields(sanitizedSecret2, "id", "version");
        }
    }
}

Example 8 with SanitizedSecret

use of keywhiz.api.model.SanitizedSecret in project keywhiz by square.

the class SecretResourceTest method secretListing_success.

// ---------------------------------------------------------------------------------------
// secretListing
// ---------------------------------------------------------------------------------------
@Test
public void secretListing_success() throws Exception {
    // Listing without secret16
    assertThat(listing()).doesNotContain("secret16");
    // Sample secret
    create(CreateSecretRequestV2.builder().name("secret16").description("test secret 16").content(encoder.encodeToString("supa secret16".getBytes(UTF_8))).build());
    // Listing with secret16
    assertThat(listing()).contains("secret16");
    List<SanitizedSecret> secrets = listingV2();
    boolean found = false;
    for (SanitizedSecret s : secrets) {
        if (s.name().equals("secret16")) {
            found = true;
            assertThat(s.description()).isEqualTo("test secret 16");
        }
    }
    assertThat(found).isTrue();
}

Example 9 with SanitizedSecret

use of keywhiz.api.model.SanitizedSecret in project keywhiz by square.

the class AutomationGroupResourceTest method groupIncludesClientsAndSecrets.

@Test
public void groupIncludesClientsAndSecrets() {
    Group group = new Group(50, "testGroup", "testing group", now, "automation client", now, "automation client", ImmutableMap.of("app", "keywhiz"));
    Client groupClient = new Client(1, "firstClient", "Group client", null, now, "test", now, "test", null, null, true, true);
    SanitizedSecret firstGroupSecret = SanitizedSecret.of(1, "name1", null, "desc", "checksum", now, "test", now, "test", null, "", null, 1136214245, 125L, now, "test");
    SanitizedSecret secondGroupSecret = SanitizedSecret.of(2, "name2", null, "desc", "checksum", now, "test", now, "test", null, "", null, 1136214245, 250L, now, "test");
    when(groupDAO.getGroup("testGroup")).thenReturn(Optional.of(group));
    when(aclDAO.getClientsFor(group)).thenReturn(ImmutableSet.of(groupClient));
    when(aclDAO.getSanitizedSecretsFor(group)).thenReturn(ImmutableSet.of(firstGroupSecret, secondGroupSecret));
    GroupDetailResponse expectedResponse = GroupDetailResponse.fromGroup(group, ImmutableList.of(firstGroupSecret, secondGroupSecret), ImmutableList.of(groupClient));
    Response response = resource.getGroupByName(automation, Optional.of("testGroup"));
    assertThat(response.getEntity()).isEqualTo(expectedResponse);
}

Example 10 with SanitizedSecret

use of keywhiz.api.model.SanitizedSecret in project keywhiz by square.

the class SecretResourceTest method getSanitizedSecret_success.

@Test
public void getSanitizedSecret_success() throws Exception {
    // Sample secret
    create(CreateSecretRequestV2.builder().name("secret12455").content(encoder.encodeToString("supa secret12455".getBytes(UTF_8))).description("desc").metadata(ImmutableMap.of("owner", "root", "mode", "0440")).type("password").build());
    SanitizedSecret response = lookupSanitizedSecret("secret12455");
    assertThat(response.name()).isEqualTo("secret12455");
    assertThat(response.createdBy()).isEqualTo("client");
    assertThat(response.updatedBy()).isEqualTo("client");
    assertThat(response.contentCreatedBy()).isEqualTo("client");
    assertThat(response.description()).isEqualTo("desc");
    assertThat(response.type()).isEqualTo(Optional.of("password"));
    assertThat(response.metadata()).isEqualTo(ImmutableMap.of("owner", "root", "mode", "0440"));
}