Search in sources :

Example 6 with CertificateCredentialValue

use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.

the class SetHandler method handle.

public CredentialView handle(BaseCredentialSetRequest setRequest, List<EventAuditRecordParameters> auditRecordParameters) {
    if (setRequest instanceof CertificateSetRequest) {
        // fill in the ca value if it's one of ours
        CertificateCredentialValue certificateValue = ((CertificateSetRequest) setRequest).getCertificateValue();
        String caName = certificateValue.getCaName();
        if (caName != null) {
            final String caValue = certificateAuthorityService.findActiveVersion(caName).getCertificate();
            certificateValue.setCa(caValue);
            CertificateReader certificateReader = new CertificateReader(certificateValue.getCertificate());
            if (!certificateReader.isSignedByCa(caValue)) {
                throw new ParameterizedValidationException("error.certificate_was_not_signed_by_ca_name");
            }
        }
    }
    CredentialVersion existingCredentialVersion = credentialService.findMostRecent(setRequest.getName());
    final CredentialVersion credentialVersion = credentialService.save(existingCredentialVersion, setRequest.getCredentialValue(), setRequest, auditRecordParameters);
    final boolean isNewCredential = existingCredentialVersion == null;
    if (isNewCredential || setRequest.isOverwrite()) {
        permissionService.savePermissions(credentialVersion, setRequest.getAdditionalPermissions(), auditRecordParameters, isNewCredential, setRequest.getName());
    }
    return CredentialView.fromEntity(credentialVersion);
}
Also used : CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) CertificateSetRequest(org.cloudfoundry.credhub.request.CertificateSetRequest) ParameterizedValidationException(org.cloudfoundry.credhub.exceptions.ParameterizedValidationException) CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion) CertificateReader(org.cloudfoundry.credhub.util.CertificateReader)

Example 7 with CertificateCredentialValue

use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.

the class CertificatesHandler method handleRegenerate.

public CredentialView handleRegenerate(String credentialUuid, List<EventAuditRecordParameters> auditRecordParameters, CertificateRegenerateRequest request) {
    CertificateCredentialVersion existingCredentialVersion = certificateService.findByCredentialUuid(credentialUuid, auditRecordParameters);
    BaseCredentialGenerateRequest generateRequest = generationRequestGenerator.createGenerateRequest(existingCredentialVersion, existingCredentialVersion.getName(), auditRecordParameters);
    CertificateCredentialValue credentialValue = (CertificateCredentialValue) credentialGenerator.generate(generateRequest);
    credentialValue.setTransitional(request.isTransitional());
    final CertificateCredentialVersion credentialVersion = (CertificateCredentialVersion) permissionedCertificateService.save(existingCredentialVersion, credentialValue, generateRequest, auditRecordParameters);
    return new CertificateView(credentialVersion);
}
Also used : BaseCredentialGenerateRequest(org.cloudfoundry.credhub.request.BaseCredentialGenerateRequest) CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) CertificateView(org.cloudfoundry.credhub.view.CertificateView) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)

Example 8 with CertificateCredentialValue

use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.

the class CertificatesHandler method handleCreateVersionsRequest.

public CertificateView handleCreateVersionsRequest(String certificateId, CreateVersionRequest requestBody, List<EventAuditRecordParameters> auditRecordParameters) {
    CertificateCredentialValue certificateCredentialValue = requestBody.getValue();
    certificateCredentialValue.setTransitional(requestBody.isTransitional());
    final CertificateCredentialVersion credentialVersion = permissionedCertificateService.set(UUID.fromString(certificateId), certificateCredentialValue, auditRecordParameters);
    return new CertificateView(credentialVersion);
}
Also used : CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) CertificateView(org.cloudfoundry.credhub.view.CertificateView) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)

Example 9 with CertificateCredentialValue

use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.

the class CredentialsControllerGenerateTest method beforeEach.

@Before
public void beforeEach() {
    Consumer<Long> fakeTimeSetter = mockOutCurrentTimeProvider(mockCurrentTimeProvider);
    userContext = mock(UserContext.class);
    fakeTimeSetter.accept(FROZEN_TIME.toEpochMilli());
    mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext).apply(springSecurity()).build();
    when(credentialGenerator.generateCredential(any(StringGenerationParameters.class))).thenReturn(new StringCredentialValue(FAKE_PASSWORD_NAME));
    when(sshGenerator.generateCredential(any(SshGenerationParameters.class))).thenReturn(new SshCredentialValue(PUBLIC_KEY, PRIVATE_KEY, null));
    when(rsaGenerator.generateCredential(any(RsaGenerationParameters.class))).thenReturn(new RsaCredentialValue(PUBLIC_KEY, PRIVATE_KEY));
    when(certificateGenerator.generateCredential(any(CertificateGenerationParameters.class))).thenReturn(new CertificateCredentialValue("ca_cert", CERT, PRIVATE_KEY, null));
}
Also used : RsaGenerationParameters(org.cloudfoundry.credhub.request.RsaGenerationParameters) CertificateGenerationParameters(org.cloudfoundry.credhub.domain.CertificateGenerationParameters) UserContext(org.cloudfoundry.credhub.auth.UserContext) CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) StringCredentialValue(org.cloudfoundry.credhub.credential.StringCredentialValue) RsaCredentialValue(org.cloudfoundry.credhub.credential.RsaCredentialValue) SshGenerationParameters(org.cloudfoundry.credhub.request.SshGenerationParameters) SshCredentialValue(org.cloudfoundry.credhub.credential.SshCredentialValue) StringGenerationParameters(org.cloudfoundry.credhub.request.StringGenerationParameters) Before(org.junit.Before)

Example 10 with CertificateCredentialValue

use of org.cloudfoundry.credhub.credential.CertificateCredentialValue in project credhub by cloudfoundry-incubator.

the class CredentialsControllerTypeSpecificGenerateTest method setup.

@Before
public void setup() throws Exception {
    String fakeSalt = cryptSaltFactory.generateSalt(FAKE_PASSWORD);
    Consumer<Long> fakeTimeSetter = mockOutCurrentTimeProvider(mockCurrentTimeProvider);
    fakeTimeSetter.accept(FROZEN_TIME.toEpochMilli());
    mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext).apply(springSecurity()).build();
    when(passwordGenerator.generateCredential(any(GenerationParameters.class))).thenReturn(new StringCredentialValue(FAKE_PASSWORD));
    when(certificateGenerator.generateCredential(any(GenerationParameters.class))).thenReturn(new CertificateCredentialValue(CA, CERTIFICATE, PRIVATE_KEY, null));
    when(sshGenerator.generateCredential(any(GenerationParameters.class))).thenReturn(new SshCredentialValue(PUBLIC_KEY, PRIVATE_KEY, null));
    when(rsaGenerator.generateCredential(any(GenerationParameters.class))).thenReturn(new RsaCredentialValue(PUBLIC_KEY, PRIVATE_KEY));
    when(userGenerator.generateCredential(any(GenerationParameters.class))).thenReturn(new UserCredentialValue(USERNAME, FAKE_PASSWORD, fakeSalt));
    auditingHelper = new AuditingHelper(requestAuditRecordRepository, eventAuditRecordRepository);
}
Also used : CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) StringCredentialValue(org.cloudfoundry.credhub.credential.StringCredentialValue) RsaCredentialValue(org.cloudfoundry.credhub.credential.RsaCredentialValue) GenerationParameters(org.cloudfoundry.credhub.request.GenerationParameters) StringGenerationParameters(org.cloudfoundry.credhub.request.StringGenerationParameters) Matchers.anyString(org.mockito.Matchers.anyString) AuditingHelper(org.cloudfoundry.credhub.helper.AuditingHelper) UserCredentialValue(org.cloudfoundry.credhub.credential.UserCredentialValue) SshCredentialValue(org.cloudfoundry.credhub.credential.SshCredentialValue) Before(org.junit.Before)

Aggregations

CertificateCredentialValue (org.cloudfoundry.credhub.credential.CertificateCredentialValue)22 Test (org.junit.Test)13 CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)8 CertificateGenerationParameters (org.cloudfoundry.credhub.domain.CertificateGenerationParameters)6 CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)5 ParameterizedValidationException (org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)5 BaseCredentialGenerateRequest (org.cloudfoundry.credhub.request.BaseCredentialGenerateRequest)5 KeyPair (java.security.KeyPair)4 Before (org.junit.Before)4 X509Certificate (java.security.cert.X509Certificate)3 JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)3 UserContext (org.cloudfoundry.credhub.auth.UserContext)3 StringCredentialValue (org.cloudfoundry.credhub.credential.StringCredentialValue)3 CertificateSetRequest (org.cloudfoundry.credhub.request.CertificateSetRequest)3 ArrayList (java.util.ArrayList)2 X500Name (org.bouncycastle.asn1.x500.X500Name)2 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)2 EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)2 RsaCredentialValue (org.cloudfoundry.credhub.credential.RsaCredentialValue)2 SshCredentialValue (org.cloudfoundry.credhub.credential.SshCredentialValue)2