use of org.cloudfoundry.credhub.domain.PasswordCredentialVersion in project credhub by cloudfoundry-incubator.
the class InterpolationHandlerTest method interpolateCredHubReferences_whenAReferencedCredentialIsNotJsonType_itThrowsAnException.
@Test
public void interpolateCredHubReferences_whenAReferencedCredentialIsNotJsonType_itThrowsAnException() throws Exception {
// lang=JSON
String inputJson = "{" + " \"pp-config-server\": [" + " {" + " \"credentials\": {" + " \"credhub-ref\": \"((/password_cred))\"" + " }," + " \"label\": \"pp-config-server\"" + " }" + " ]" + "}";
PasswordCredentialVersion passwordCredential = mock(PasswordCredentialVersion.class);
when(passwordCredential.getName()).thenReturn("/password_cred");
doReturn(singletonList(passwordCredential)).when(credentialService).findNByName("/password_cred", 1, eventAuditRecordParameters);
try {
subject.interpolateCredHubReferences(deserialize(inputJson, Map.class), eventAuditRecordParameters);
} catch (ParameterizedValidationException exception) {
assertThat(exception.getMessage(), equalTo("error.interpolation.invalid_type"));
}
}
use of org.cloudfoundry.credhub.domain.PasswordCredentialVersion in project credhub by cloudfoundry-incubator.
the class PermissionedCredentialServiceTest method save_whenWritingCredential_savesANewVersion.
@Test
public void save_whenWritingCredential_savesANewVersion() {
when(request.getType()).thenReturn("password");
when(request.getOverwriteMode()).thenReturn(CredentialWriteMode.OVERWRITE.mode);
when(credentialVersionDataService.save(any(CredentialVersion.class))).thenReturn(new PasswordCredentialVersion().setEncryptor(encryptor));
final PasswordCredentialVersion newVersion = new PasswordCredentialVersion();
when(credentialFactory.makeNewCredentialVersion(CredentialType.valueOf("password"), CREDENTIAL_NAME, credentialValue, null, generationParameters)).thenReturn(newVersion);
subject.save(null, credentialValue, request, auditRecordParameters);
verify(credentialVersionDataService).save(newVersion);
}
use of org.cloudfoundry.credhub.domain.PasswordCredentialVersion in project credhub by cloudfoundry-incubator.
the class PermissionedCredentialServiceTest method save_whenThereIsANewCredentialAndSelfUpdatingAcls_throwsException.
@Test
public void save_whenThereIsANewCredentialAndSelfUpdatingAcls_throwsException() {
when(request.getType()).thenReturn("password");
when(request.getOverwriteMode()).thenReturn(CredentialWriteMode.OVERWRITE.mode);
when(credentialVersionDataService.findMostRecent(CREDENTIAL_NAME)).thenReturn(null);
when(credentialVersionDataService.save(any(CredentialVersion.class))).thenReturn(new PasswordCredentialVersion().setEncryptor(encryptor));
when(permissionCheckingService.userAllowedToOperateOnActor("test-user")).thenReturn(true);
when(permissionCheckingService.hasPermission(userContext.getActor(), CREDENTIAL_NAME, WRITE_ACL)).thenReturn(true);
accessControlEntries.add(new PermissionEntry("test-user", Arrays.asList(WRITE, WRITE_ACL)));
try {
subject.save(existingCredentialVersion, credentialValue, request, auditRecordParameters);
} catch (InvalidPermissionOperationException e) {
assertThat(e.getMessage(), equalTo("error.permission.invalid_update_operation"));
}
}
use of org.cloudfoundry.credhub.domain.PasswordCredentialVersion in project credhub by cloudfoundry-incubator.
the class PasswordCredentialRegeneratable method createGenerateRequest.
@Override
public BaseCredentialGenerateRequest createGenerateRequest(CredentialVersion credentialVersion, List<EventAuditRecordParameters> auditRecordParameters) {
PasswordCredentialVersion passwordCredential = (PasswordCredentialVersion) credentialVersion;
PasswordGenerateRequest generateRequest = new PasswordGenerateRequest();
generateRequest.setName(passwordCredential.getName());
generateRequest.setType(passwordCredential.getCredentialType());
generateRequest.setOverwrite(true);
StringGenerationParameters generationParameters;
generationParameters = passwordCredential.getGenerationParameters();
if (generationParameters == null) {
auditRecordParameters.add(new EventAuditRecordParameters(CREDENTIAL_UPDATE, credentialVersion.getName()));
throw new ParameterizedValidationException("error.cannot_regenerate_non_generated_password");
}
generateRequest.setGenerationParameters(generationParameters);
return generateRequest;
}
use of org.cloudfoundry.credhub.domain.PasswordCredentialVersion in project credhub by cloudfoundry-incubator.
the class CredentialsControllerGenerateTest method generatingACredential_whenAnotherThreadWinsARaceToWriteANewValue_retriesAndFindsTheValueWrittenByTheOtherThread.
@Test
public void generatingACredential_whenAnotherThreadWinsARaceToWriteANewValue_retriesAndFindsTheValueWrittenByTheOtherThread() throws Exception {
final PasswordCredentialVersion expectedCredential = new PasswordCredentialVersion(CREDENTIAL_NAME);
final UUID uuid = UUID.randomUUID();
expectedCredential.setEncryptor(encryptor);
expectedCredential.setPasswordAndGenerationParameters(FAKE_PASSWORD_NAME, null);
Mockito.reset(credentialVersionDataService);
doReturn(null).doReturn(expectedCredential.setUuid(uuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1))).when(credentialVersionDataService).findMostRecent(anyString());
doThrow(new DataIntegrityViolationException("we already have one of those")).when(credentialVersionDataService).save(any(CredentialVersion.class));
final MockHttpServletRequestBuilder postRequest = post("/api/v1/data").header("Authorization", "Bearer " + AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content("{\"type\":\"password\",\"name\":\"" + CREDENTIAL_NAME + "\"}");
ResultActions response = mockMvc.perform(postRequest);
verify(credentialVersionDataService).save(any(CredentialVersion.class));
response.andExpect(status().isOk()).andExpect(content().contentTypeCompatibleWith(APPLICATION_JSON)).andExpect(jsonPath("$.type").value("password")).andExpect(jsonPath("$.value").value(FAKE_PASSWORD_NAME)).andExpect(jsonPath("$.id").value(uuid.toString())).andExpect(jsonPath("$.version_created_at").value(FROZEN_TIME.minusSeconds(1).toString()));
}
Aggregations