Search in sources :

Example 1 with PasswordCredentialVersion

use of org.cloudfoundry.credhub.domain.PasswordCredentialVersion in project credhub by cloudfoundry-incubator.

the class InterpolationHandlerTest method interpolateCredHubReferences_whenAReferencedCredentialIsNotJsonType_itThrowsAnException.

@Test
public void interpolateCredHubReferences_whenAReferencedCredentialIsNotJsonType_itThrowsAnException() throws Exception {
    // lang=JSON
    String inputJson = "{" + "  \"pp-config-server\": [" + "    {" + "      \"credentials\": {" + "        \"credhub-ref\": \"((/password_cred))\"" + "      }," + "      \"label\": \"pp-config-server\"" + "    }" + "  ]" + "}";
    PasswordCredentialVersion passwordCredential = mock(PasswordCredentialVersion.class);
    when(passwordCredential.getName()).thenReturn("/password_cred");
    doReturn(singletonList(passwordCredential)).when(credentialService).findNByName("/password_cred", 1, eventAuditRecordParameters);
    try {
        subject.interpolateCredHubReferences(deserialize(inputJson, Map.class), eventAuditRecordParameters);
    } catch (ParameterizedValidationException exception) {
        assertThat(exception.getMessage(), equalTo("error.interpolation.invalid_type"));
    }
}
Also used : PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion) Map(java.util.Map) ParameterizedValidationException(org.cloudfoundry.credhub.exceptions.ParameterizedValidationException) Test(org.junit.Test)

Example 2 with PasswordCredentialVersion

use of org.cloudfoundry.credhub.domain.PasswordCredentialVersion in project credhub by cloudfoundry-incubator.

the class PermissionedCredentialServiceTest method save_whenWritingCredential_savesANewVersion.

@Test
public void save_whenWritingCredential_savesANewVersion() {
    when(request.getType()).thenReturn("password");
    when(request.getOverwriteMode()).thenReturn(CredentialWriteMode.OVERWRITE.mode);
    when(credentialVersionDataService.save(any(CredentialVersion.class))).thenReturn(new PasswordCredentialVersion().setEncryptor(encryptor));
    final PasswordCredentialVersion newVersion = new PasswordCredentialVersion();
    when(credentialFactory.makeNewCredentialVersion(CredentialType.valueOf("password"), CREDENTIAL_NAME, credentialValue, null, generationParameters)).thenReturn(newVersion);
    subject.save(null, credentialValue, request, auditRecordParameters);
    verify(credentialVersionDataService).save(newVersion);
}
Also used : PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion) PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion) CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion) Test(org.junit.Test)

Example 3 with PasswordCredentialVersion

use of org.cloudfoundry.credhub.domain.PasswordCredentialVersion in project credhub by cloudfoundry-incubator.

the class PermissionedCredentialServiceTest method save_whenThereIsANewCredentialAndSelfUpdatingAcls_throwsException.

@Test
public void save_whenThereIsANewCredentialAndSelfUpdatingAcls_throwsException() {
    when(request.getType()).thenReturn("password");
    when(request.getOverwriteMode()).thenReturn(CredentialWriteMode.OVERWRITE.mode);
    when(credentialVersionDataService.findMostRecent(CREDENTIAL_NAME)).thenReturn(null);
    when(credentialVersionDataService.save(any(CredentialVersion.class))).thenReturn(new PasswordCredentialVersion().setEncryptor(encryptor));
    when(permissionCheckingService.userAllowedToOperateOnActor("test-user")).thenReturn(true);
    when(permissionCheckingService.hasPermission(userContext.getActor(), CREDENTIAL_NAME, WRITE_ACL)).thenReturn(true);
    accessControlEntries.add(new PermissionEntry("test-user", Arrays.asList(WRITE, WRITE_ACL)));
    try {
        subject.save(existingCredentialVersion, credentialValue, request, auditRecordParameters);
    } catch (InvalidPermissionOperationException e) {
        assertThat(e.getMessage(), equalTo("error.permission.invalid_update_operation"));
    }
}
Also used : PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry) PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion) InvalidPermissionOperationException(org.cloudfoundry.credhub.exceptions.InvalidPermissionOperationException) PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion) CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion) Test(org.junit.Test)

Example 4 with PasswordCredentialVersion

use of org.cloudfoundry.credhub.domain.PasswordCredentialVersion in project credhub by cloudfoundry-incubator.

the class PasswordCredentialRegeneratable method createGenerateRequest.

@Override
public BaseCredentialGenerateRequest createGenerateRequest(CredentialVersion credentialVersion, List<EventAuditRecordParameters> auditRecordParameters) {
    PasswordCredentialVersion passwordCredential = (PasswordCredentialVersion) credentialVersion;
    PasswordGenerateRequest generateRequest = new PasswordGenerateRequest();
    generateRequest.setName(passwordCredential.getName());
    generateRequest.setType(passwordCredential.getCredentialType());
    generateRequest.setOverwrite(true);
    StringGenerationParameters generationParameters;
    generationParameters = passwordCredential.getGenerationParameters();
    if (generationParameters == null) {
        auditRecordParameters.add(new EventAuditRecordParameters(CREDENTIAL_UPDATE, credentialVersion.getName()));
        throw new ParameterizedValidationException("error.cannot_regenerate_non_generated_password");
    }
    generateRequest.setGenerationParameters(generationParameters);
    return generateRequest;
}
Also used : PasswordGenerateRequest(org.cloudfoundry.credhub.request.PasswordGenerateRequest) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion) ParameterizedValidationException(org.cloudfoundry.credhub.exceptions.ParameterizedValidationException) StringGenerationParameters(org.cloudfoundry.credhub.request.StringGenerationParameters)

Example 5 with PasswordCredentialVersion

use of org.cloudfoundry.credhub.domain.PasswordCredentialVersion in project credhub by cloudfoundry-incubator.

the class CredentialsControllerGenerateTest method generatingACredential_whenAnotherThreadWinsARaceToWriteANewValue_retriesAndFindsTheValueWrittenByTheOtherThread.

@Test
public void generatingACredential_whenAnotherThreadWinsARaceToWriteANewValue_retriesAndFindsTheValueWrittenByTheOtherThread() throws Exception {
    final PasswordCredentialVersion expectedCredential = new PasswordCredentialVersion(CREDENTIAL_NAME);
    final UUID uuid = UUID.randomUUID();
    expectedCredential.setEncryptor(encryptor);
    expectedCredential.setPasswordAndGenerationParameters(FAKE_PASSWORD_NAME, null);
    Mockito.reset(credentialVersionDataService);
    doReturn(null).doReturn(expectedCredential.setUuid(uuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1))).when(credentialVersionDataService).findMostRecent(anyString());
    doThrow(new DataIntegrityViolationException("we already have one of those")).when(credentialVersionDataService).save(any(CredentialVersion.class));
    final MockHttpServletRequestBuilder postRequest = post("/api/v1/data").header("Authorization", "Bearer " + AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content("{\"type\":\"password\",\"name\":\"" + CREDENTIAL_NAME + "\"}");
    ResultActions response = mockMvc.perform(postRequest);
    verify(credentialVersionDataService).save(any(CredentialVersion.class));
    response.andExpect(status().isOk()).andExpect(content().contentTypeCompatibleWith(APPLICATION_JSON)).andExpect(jsonPath("$.type").value("password")).andExpect(jsonPath("$.value").value(FAKE_PASSWORD_NAME)).andExpect(jsonPath("$.id").value(uuid.toString())).andExpect(jsonPath("$.version_created_at").value(FROZEN_TIME.minusSeconds(1).toString()));
}
Also used : MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) ResultActions(org.springframework.test.web.servlet.ResultActions) UUID(java.util.UUID) PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion) PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion) CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion) DataIntegrityViolationException(org.springframework.dao.DataIntegrityViolationException) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) Test(org.junit.Test)

Aggregations

PasswordCredentialVersion (org.cloudfoundry.credhub.domain.PasswordCredentialVersion)34 Test (org.junit.Test)25 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)20 CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)15 CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)11 ValueCredentialVersion (org.cloudfoundry.credhub.domain.ValueCredentialVersion)11 PasswordCredentialVersionData (org.cloudfoundry.credhub.entity.PasswordCredentialVersionData)10 SshCredentialVersion (org.cloudfoundry.credhub.domain.SshCredentialVersion)9 StringGenerationParameters (org.cloudfoundry.credhub.request.StringGenerationParameters)7 EncryptedValue (org.cloudfoundry.credhub.entity.EncryptedValue)6 CertificateCredentialVersionData (org.cloudfoundry.credhub.entity.CertificateCredentialVersionData)5 ValueCredentialVersionData (org.cloudfoundry.credhub.entity.ValueCredentialVersionData)5 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)4 UUID (java.util.UUID)3 Encryptor (org.cloudfoundry.credhub.domain.Encryptor)3 CredentialVersionData (org.cloudfoundry.credhub.entity.CredentialVersionData)3 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)3 Before (org.junit.Before)3 Lists.newArrayList (com.google.common.collect.Lists.newArrayList)2 ArrayList (java.util.ArrayList)2