Example 6 with CertificateCredentialValue
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class SetHandler method handle.
public CredentialView handle(BaseCredentialSetRequest setRequest, List<EventAuditRecordParameters> auditRecordParameters) {
if (setRequest instanceof CertificateSetRequest) {
// fill in the ca value if it's one of ours
CertificateCredentialValue certificateValue = ((CertificateSetRequest) setRequest).getCertificateValue();
String caName = certificateValue.getCaName();
if (caName != null) {
final String caValue = certificateAuthorityService.findActiveVersion(caName).getCertificate();
certificateValue.setCa(caValue);
CertificateReader certificateReader = new CertificateReader(certificateValue.getCertificate());
if (!certificateReader.isSignedByCa(caValue)) {
throw new ParameterizedValidationException("error.certificate_was_not_signed_by_ca_name");
}
}
}
CredentialVersion existingCredentialVersion = credentialService.findMostRecent(setRequest.getName());
final CredentialVersion credentialVersion = credentialService.save(existingCredentialVersion, setRequest.getCredentialValue(), setRequest, auditRecordParameters);
final boolean isNewCredential = existingCredentialVersion == null;
if (isNewCredential || setRequest.isOverwrite()) {
permissionService.savePermissions(credentialVersion, setRequest.getAdditionalPermissions(), auditRecordParameters, isNewCredential, setRequest.getName());
}
return CredentialView.fromEntity(credentialVersion);
}
Also used :
CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue)
CertificateSetRequest(org.cloudfoundry.credhub.request.CertificateSetRequest)
ParameterizedValidationException(org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)
CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion)
CertificateReader(org.cloudfoundry.credhub.util.CertificateReader)
Example 7 with CertificateCredentialValue
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class CertificatesHandler method handleRegenerate.
public CredentialView handleRegenerate(String credentialUuid, List<EventAuditRecordParameters> auditRecordParameters, CertificateRegenerateRequest request) {
CertificateCredentialVersion existingCredentialVersion = certificateService.findByCredentialUuid(credentialUuid, auditRecordParameters);
BaseCredentialGenerateRequest generateRequest = generationRequestGenerator.createGenerateRequest(existingCredentialVersion, existingCredentialVersion.getName(), auditRecordParameters);
CertificateCredentialValue credentialValue = (CertificateCredentialValue) credentialGenerator.generate(generateRequest);
credentialValue.setTransitional(request.isTransitional());
final CertificateCredentialVersion credentialVersion = (CertificateCredentialVersion) permissionedCertificateService.save(existingCredentialVersion, credentialValue, generateRequest, auditRecordParameters);
return new CertificateView(credentialVersion);
}
Also used :
BaseCredentialGenerateRequest(org.cloudfoundry.credhub.request.BaseCredentialGenerateRequest)
CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue)
CertificateView(org.cloudfoundry.credhub.view.CertificateView)
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
Example 8 with CertificateCredentialValue
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class CertificatesHandler method handleCreateVersionsRequest.
public CertificateView handleCreateVersionsRequest(String certificateId, CreateVersionRequest requestBody, List<EventAuditRecordParameters> auditRecordParameters) {
CertificateCredentialValue certificateCredentialValue = requestBody.getValue();
certificateCredentialValue.setTransitional(requestBody.isTransitional());
final CertificateCredentialVersion credentialVersion = permissionedCertificateService.set(UUID.fromString(certificateId), certificateCredentialValue, auditRecordParameters);
return new CertificateView(credentialVersion);
}
Also used :
CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue)
CertificateView(org.cloudfoundry.credhub.view.CertificateView)
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
Example 9 with CertificateCredentialValue
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class CredentialsControllerGenerateTest method beforeEach.
@Before
public void beforeEach() {
Consumer<Long> fakeTimeSetter = mockOutCurrentTimeProvider(mockCurrentTimeProvider);
userContext = mock(UserContext.class);
fakeTimeSetter.accept(FROZEN_TIME.toEpochMilli());
mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext).apply(springSecurity()).build();
when(credentialGenerator.generateCredential(any(StringGenerationParameters.class))).thenReturn(new StringCredentialValue(FAKE_PASSWORD_NAME));
when(sshGenerator.generateCredential(any(SshGenerationParameters.class))).thenReturn(new SshCredentialValue(PUBLIC_KEY, PRIVATE_KEY, null));
when(rsaGenerator.generateCredential(any(RsaGenerationParameters.class))).thenReturn(new RsaCredentialValue(PUBLIC_KEY, PRIVATE_KEY));
when(certificateGenerator.generateCredential(any(CertificateGenerationParameters.class))).thenReturn(new CertificateCredentialValue("ca_cert", CERT, PRIVATE_KEY, null));
}
Also used :
RsaGenerationParameters(org.cloudfoundry.credhub.request.RsaGenerationParameters)
CertificateGenerationParameters(org.cloudfoundry.credhub.domain.CertificateGenerationParameters)
UserContext(org.cloudfoundry.credhub.auth.UserContext)
CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue)
StringCredentialValue(org.cloudfoundry.credhub.credential.StringCredentialValue)
RsaCredentialValue(org.cloudfoundry.credhub.credential.RsaCredentialValue)
SshGenerationParameters(org.cloudfoundry.credhub.request.SshGenerationParameters)
SshCredentialValue(org.cloudfoundry.credhub.credential.SshCredentialValue)
StringGenerationParameters(org.cloudfoundry.credhub.request.StringGenerationParameters)
Before(org.junit.Before)
Example 10 with CertificateCredentialValue
use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.
the class CredentialsControllerTypeSpecificGenerateTest method setup.
@Before
public void setup() throws Exception {
String fakeSalt = cryptSaltFactory.generateSalt(FAKE_PASSWORD);
Consumer<Long> fakeTimeSetter = mockOutCurrentTimeProvider(mockCurrentTimeProvider);
fakeTimeSetter.accept(FROZEN_TIME.toEpochMilli());
mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext).apply(springSecurity()).build();
when(passwordGenerator.generateCredential(any(GenerationParameters.class))).thenReturn(new StringCredentialValue(FAKE_PASSWORD));
when(certificateGenerator.generateCredential(any(GenerationParameters.class))).thenReturn(new CertificateCredentialValue(CA, CERTIFICATE, PRIVATE_KEY, null));
when(sshGenerator.generateCredential(any(GenerationParameters.class))).thenReturn(new SshCredentialValue(PUBLIC_KEY, PRIVATE_KEY, null));
when(rsaGenerator.generateCredential(any(GenerationParameters.class))).thenReturn(new RsaCredentialValue(PUBLIC_KEY, PRIVATE_KEY));
when(userGenerator.generateCredential(any(GenerationParameters.class))).thenReturn(new UserCredentialValue(USERNAME, FAKE_PASSWORD, fakeSalt));
auditingHelper = new AuditingHelper(requestAuditRecordRepository, eventAuditRecordRepository);
}
Also used :
CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue)
StringCredentialValue(org.cloudfoundry.credhub.credential.StringCredentialValue)
RsaCredentialValue(org.cloudfoundry.credhub.credential.RsaCredentialValue)
GenerationParameters(org.cloudfoundry.credhub.request.GenerationParameters)
StringGenerationParameters(org.cloudfoundry.credhub.request.StringGenerationParameters)
Matchers.anyString(org.mockito.Matchers.anyString)
AuditingHelper(org.cloudfoundry.credhub.helper.AuditingHelper)
UserCredentialValue(org.cloudfoundry.credhub.credential.UserCredentialValue)
SshCredentialValue(org.cloudfoundry.credhub.credential.SshCredentialValue)
Before(org.junit.Before)
Aggregations
CertificateCredentialValue (org.cloudfoundry.credhub.credential.CertificateCredentialValue)22
Test (org.junit.Test)13
CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)8
CertificateGenerationParameters (org.cloudfoundry.credhub.domain.CertificateGenerationParameters)6
CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)5
ParameterizedValidationException (org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)5
BaseCredentialGenerateRequest (org.cloudfoundry.credhub.request.BaseCredentialGenerateRequest)5
KeyPair (java.security.KeyPair)4
Before (org.junit.Before)4
X509Certificate (java.security.cert.X509Certificate)3
JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)3
UserContext (org.cloudfoundry.credhub.auth.UserContext)3
StringCredentialValue (org.cloudfoundry.credhub.credential.StringCredentialValue)3
CertificateSetRequest (org.cloudfoundry.credhub.request.CertificateSetRequest)3
ArrayList (java.util.ArrayList)2
X500Name (org.bouncycastle.asn1.x500.X500Name)2
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)2
EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)2
RsaCredentialValue (org.cloudfoundry.credhub.credential.RsaCredentialValue)2
SshCredentialValue (org.cloudfoundry.credhub.credential.SshCredentialValue)2
