Example 1 with PasswordCredentialVersion
use of org.cloudfoundry.credhub.domain.PasswordCredentialVersion in project credhub by cloudfoundry-incubator.
the class InterpolationHandlerTest method interpolateCredHubReferences_whenAReferencedCredentialIsNotJsonType_itThrowsAnException.
@Test
public void interpolateCredHubReferences_whenAReferencedCredentialIsNotJsonType_itThrowsAnException() throws Exception {
// lang=JSON
String inputJson = "{" + " \"pp-config-server\": [" + " {" + " \"credentials\": {" + " \"credhub-ref\": \"((/password_cred))\"" + " }," + " \"label\": \"pp-config-server\"" + " }" + " ]" + "}";
PasswordCredentialVersion passwordCredential = mock(PasswordCredentialVersion.class);
when(passwordCredential.getName()).thenReturn("/password_cred");
doReturn(singletonList(passwordCredential)).when(credentialService).findNByName("/password_cred", 1, eventAuditRecordParameters);
try {
subject.interpolateCredHubReferences(deserialize(inputJson, Map.class), eventAuditRecordParameters);
} catch (ParameterizedValidationException exception) {
assertThat(exception.getMessage(), equalTo("error.interpolation.invalid_type"));
}
}
Also used :
PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion)
Map(java.util.Map)
ParameterizedValidationException(org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)
Test(org.junit.Test)
Example 2 with PasswordCredentialVersion
use of org.cloudfoundry.credhub.domain.PasswordCredentialVersion in project credhub by cloudfoundry-incubator.
the class PermissionedCredentialServiceTest method save_whenWritingCredential_savesANewVersion.
@Test
public void save_whenWritingCredential_savesANewVersion() {
when(request.getType()).thenReturn("password");
when(request.getOverwriteMode()).thenReturn(CredentialWriteMode.OVERWRITE.mode);
when(credentialVersionDataService.save(any(CredentialVersion.class))).thenReturn(new PasswordCredentialVersion().setEncryptor(encryptor));
final PasswordCredentialVersion newVersion = new PasswordCredentialVersion();
when(credentialFactory.makeNewCredentialVersion(CredentialType.valueOf("password"), CREDENTIAL_NAME, credentialValue, null, generationParameters)).thenReturn(newVersion);
subject.save(null, credentialValue, request, auditRecordParameters);
verify(credentialVersionDataService).save(newVersion);
}
Also used :
PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion)
PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion)
CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion)
Test(org.junit.Test)
Example 3 with PasswordCredentialVersion
use of org.cloudfoundry.credhub.domain.PasswordCredentialVersion in project credhub by cloudfoundry-incubator.
the class PermissionedCredentialServiceTest method save_whenThereIsANewCredentialAndSelfUpdatingAcls_throwsException.
@Test
public void save_whenThereIsANewCredentialAndSelfUpdatingAcls_throwsException() {
when(request.getType()).thenReturn("password");
when(request.getOverwriteMode()).thenReturn(CredentialWriteMode.OVERWRITE.mode);
when(credentialVersionDataService.findMostRecent(CREDENTIAL_NAME)).thenReturn(null);
when(credentialVersionDataService.save(any(CredentialVersion.class))).thenReturn(new PasswordCredentialVersion().setEncryptor(encryptor));
when(permissionCheckingService.userAllowedToOperateOnActor("test-user")).thenReturn(true);
when(permissionCheckingService.hasPermission(userContext.getActor(), CREDENTIAL_NAME, WRITE_ACL)).thenReturn(true);
accessControlEntries.add(new PermissionEntry("test-user", Arrays.asList(WRITE, WRITE_ACL)));
try {
subject.save(existingCredentialVersion, credentialValue, request, auditRecordParameters);
} catch (InvalidPermissionOperationException e) {
assertThat(e.getMessage(), equalTo("error.permission.invalid_update_operation"));
}
}
Also used :
PermissionEntry(org.cloudfoundry.credhub.request.PermissionEntry)
PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion)
InvalidPermissionOperationException(org.cloudfoundry.credhub.exceptions.InvalidPermissionOperationException)
PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion)
CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion)
Test(org.junit.Test)
Example 4 with PasswordCredentialVersion
use of org.cloudfoundry.credhub.domain.PasswordCredentialVersion in project credhub by cloudfoundry-incubator.
the class PasswordCredentialRegeneratable method createGenerateRequest.
@Override
public BaseCredentialGenerateRequest createGenerateRequest(CredentialVersion credentialVersion, List<EventAuditRecordParameters> auditRecordParameters) {
PasswordCredentialVersion passwordCredential = (PasswordCredentialVersion) credentialVersion;
PasswordGenerateRequest generateRequest = new PasswordGenerateRequest();
generateRequest.setName(passwordCredential.getName());
generateRequest.setType(passwordCredential.getCredentialType());
generateRequest.setOverwrite(true);
StringGenerationParameters generationParameters;
generationParameters = passwordCredential.getGenerationParameters();
if (generationParameters == null) {
auditRecordParameters.add(new EventAuditRecordParameters(CREDENTIAL_UPDATE, credentialVersion.getName()));
throw new ParameterizedValidationException("error.cannot_regenerate_non_generated_password");
}
generateRequest.setGenerationParameters(generationParameters);
return generateRequest;
}
Also used :
PasswordGenerateRequest(org.cloudfoundry.credhub.request.PasswordGenerateRequest)
EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters)
PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion)
ParameterizedValidationException(org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)
StringGenerationParameters(org.cloudfoundry.credhub.request.StringGenerationParameters)
Example 5 with PasswordCredentialVersion
use of org.cloudfoundry.credhub.domain.PasswordCredentialVersion in project credhub by cloudfoundry-incubator.
the class CredentialsControllerGenerateTest method generatingACredential_whenAnotherThreadWinsARaceToWriteANewValue_retriesAndFindsTheValueWrittenByTheOtherThread.
@Test
public void generatingACredential_whenAnotherThreadWinsARaceToWriteANewValue_retriesAndFindsTheValueWrittenByTheOtherThread() throws Exception {
final PasswordCredentialVersion expectedCredential = new PasswordCredentialVersion(CREDENTIAL_NAME);
final UUID uuid = UUID.randomUUID();
expectedCredential.setEncryptor(encryptor);
expectedCredential.setPasswordAndGenerationParameters(FAKE_PASSWORD_NAME, null);
Mockito.reset(credentialVersionDataService);
doReturn(null).doReturn(expectedCredential.setUuid(uuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1))).when(credentialVersionDataService).findMostRecent(anyString());
doThrow(new DataIntegrityViolationException("we already have one of those")).when(credentialVersionDataService).save(any(CredentialVersion.class));
final MockHttpServletRequestBuilder postRequest = post("/api/v1/data").header("Authorization", "Bearer " + AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content("{\"type\":\"password\",\"name\":\"" + CREDENTIAL_NAME + "\"}");
ResultActions response = mockMvc.perform(postRequest);
verify(credentialVersionDataService).save(any(CredentialVersion.class));
response.andExpect(status().isOk()).andExpect(content().contentTypeCompatibleWith(APPLICATION_JSON)).andExpect(jsonPath("$.type").value("password")).andExpect(jsonPath("$.value").value(FAKE_PASSWORD_NAME)).andExpect(jsonPath("$.id").value(uuid.toString())).andExpect(jsonPath("$.version_created_at").value(FROZEN_TIME.minusSeconds(1).toString()));
}
Also used :
MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)
ResultActions(org.springframework.test.web.servlet.ResultActions)
UUID(java.util.UUID)
PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion)
PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion)
CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion)
DataIntegrityViolationException(org.springframework.dao.DataIntegrityViolationException)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Test(org.junit.Test)
Aggregations
PasswordCredentialVersion (org.cloudfoundry.credhub.domain.PasswordCredentialVersion)34
Test (org.junit.Test)25
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)20
CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)15
CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)11
ValueCredentialVersion (org.cloudfoundry.credhub.domain.ValueCredentialVersion)11
PasswordCredentialVersionData (org.cloudfoundry.credhub.entity.PasswordCredentialVersionData)10
SshCredentialVersion (org.cloudfoundry.credhub.domain.SshCredentialVersion)9
StringGenerationParameters (org.cloudfoundry.credhub.request.StringGenerationParameters)7
EncryptedValue (org.cloudfoundry.credhub.entity.EncryptedValue)6
CertificateCredentialVersionData (org.cloudfoundry.credhub.entity.CertificateCredentialVersionData)5
ValueCredentialVersionData (org.cloudfoundry.credhub.entity.ValueCredentialVersionData)5
MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)4
UUID (java.util.UUID)3
Encryptor (org.cloudfoundry.credhub.domain.Encryptor)3
CredentialVersionData (org.cloudfoundry.credhub.entity.CredentialVersionData)3
CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)3
Before (org.junit.Before)3
Lists.newArrayList (com.google.common.collect.Lists.newArrayList)2
ArrayList (java.util.ArrayList)2
