Examples with Secret keywhiz.api.model.Secret used on opensource projects

Example 21 with Secret

use of keywhiz.api.model.Secret in project keywhiz by square.

the class SecretDetailResponseV2Test method formsCorrectlyFromSecret.

@Test
public void formsCorrectlyFromSecret() throws Exception {
    Secret secret = new Secret(1, "secret-name", "secret-description", () -> "", "checksum", ApiDate.parse("2013-03-28T21:23:04.159Z"), "creator-user", ApiDate.parse("2013-03-28T21:23:04.159Z"), "creator-user", ImmutableMap.of("owner", "root"), "text/plain", null, 1136214245, null);
    SecretDetailResponseV2 secretDetailResponse = SecretDetailResponseV2.builder().secret(secret).content("YXNkZGFz").version(1).build();
    assertThat(asJson(secretDetailResponse)).isEqualTo(jsonFixture("fixtures/v2/secretDetailResponse.json"));
}

Example 22 with Secret

use of keywhiz.api.model.Secret in project keywhiz by square.

the class SecretsResource method sanitizedSecretFromName.

private SanitizedSecret sanitizedSecretFromName(String name) {
    Optional<Secret> optionalSecret = secretController.getSecretByName(name);
    if (optionalSecret.isEmpty()) {
        throw new NotFoundException("Secret not found.");
    }
    Secret secret = optionalSecret.get();
    return SanitizedSecret.fromSecret(secret);
}

Example 23 with Secret

use of keywhiz.api.model.Secret in project keywhiz by square.

the class SecretsResource method deleteSecret.

/**
 * Delete Secret by ID
 *
 * @param user     the admin user performing this operation
 * @param secretId the ID of the Secret to be deleted
 * @return 200 if secret deleted, 404 if not found
 * <p>
 * description Deletes a single Secret if found. Used by Keywhiz CLI and the web ui.
 * <p>
 * responseMessage 200 Found and deleted Secret with given ID
 * <p>
 * responseMessage 404 Secret with given ID not Found
 */
@Path("{secretId}")
@Timed
@ExceptionMetered
@DELETE
public Response deleteSecret(@Auth User user, @PathParam("secretId") LongParam secretId) {
    Optional<Secret> secret = secretController.getSecretById(secretId.get());
    if (!secret.isPresent()) {
        logger.info("User '{}' tried deleting a secret which was not found (id={})", user, secretId.get());
        throw new NotFoundException("Secret not found.");
    }
    logger.info("User '{}' deleting secret id={}, name='{}'", user, secretId, secret.get().getName());
    // Get the groups for this secret, so they can be restored manually if necessary
    Set<String> groups = aclDAOReadOnly.getGroupsFor(secret.get()).stream().map(Group::getName).collect(toSet());
    secretDAOReadWrite.deleteSecretsByName(secret.get().getName());
    // Record the deletion
    Map<String, String> extraInfo = new HashMap<>();
    extraInfo.put("groups", groups.toString());
    extraInfo.put("current version", secret.get().getVersion().toString());
    auditLog.recordEvent(new Event(Instant.now(), EventTag.SECRET_DELETE, user.getName(), secret.get().getName(), extraInfo));
    return Response.noContent().build();
}

Example 24 with Secret

use of keywhiz.api.model.Secret in project keywhiz by square.

the class SecretsResource method renameSecret.

/**
 * Rename Secret by ID to the given name
 *
 * @param user     the admin user performing this operation
 * @param secretId the ID of the Secret to be deleted
 * @return 200 if secret deleted, 404 if not found
 * <p>
 * description Renames a single Secret to secertName if the given secretId is found.
 * Used by Keywhiz CLI and the web ui.
 * <p>
 * responseMessage 200 Found and renamed Secret with given ID
 * <p>
 * responseMessage 404 Secret with given ID not Found
 */
@Path("rename/{secretId}/{secretName}")
@Timed
@ExceptionMetered
@POST
public Response renameSecret(@Auth User user, @PathParam("secretId") LongParam secretId, @PathParam("secretName") String secretName) {
    Optional<Secret> secret = secretController.getSecretByName(secretName);
    if (secret.isPresent()) {
        logger.info("User '{}' tried renaming a secret, but another secret with that name " + "already exists (name={})", user, secretId.get());
        throw new ConflictException("That name is already taken by another secret");
    }
    logger.info("User '{}' renamed secret id={} to name='{}'", user, secretId, secretName);
    secretDAOReadWrite.renameSecretById(secretId.get(), secretName, user.getName());
    // Record the rename
    Map<String, String> extraInfo = new HashMap<>();
    auditLog.recordEvent(new Event(Instant.now(), EventTag.SECRET_RENAME, user.getName(), secretName, extraInfo));
    return Response.noContent().build();
}

Example 25 with Secret

use of keywhiz.api.model.Secret in project keywhiz by square.

the class SecretTransformer method transform.

/**
 * Transform DB content to a Secret model.
 * @param seriesAndContent a secret series and secret contents as stored in the database
 * @return the same information restructured as a Secret
 */
public Secret transform(SecretSeriesAndContent seriesAndContent) {
    checkNotNull(seriesAndContent);
    SecretSeries series = seriesAndContent.series();
    SecretContent content = seriesAndContent.content();
    return new Secret(series.id(), series.name(), series.owner(), series.description(), () -> cryptographer.decrypt(content.encryptedContent()), content.hmac(), series.createdAt(), series.createdBy(), series.updatedAt(), series.updatedBy(), content.metadata(), series.type().orElse(null), series.generationOptions(), content.expiry(), series.currentVersion().orElse(null), content.createdAt(), content.createdBy());
}