Example 1 with RsaCredentialVersion
use of org.cloudfoundry.credhub.domain.RsaCredentialVersion in project credhub by cloudfoundry-incubator.
the class CredentialRegenerateTest method regeneratingAnRsaKey_regeneratesTheRsaKey_andPersistsAnAuditEntry.
@Test
public void regeneratingAnRsaKey_regeneratesTheRsaKey_andPersistsAnAuditEntry() throws Exception {
RsaCredentialVersion originalCredential = new RsaCredentialVersion("/my-rsa");
originalCredential.setEncryptor(encryptor);
originalCredential.setPrivateKey("original value");
originalCredential.setVersionCreatedAt(FROZEN_TIME.plusSeconds(1));
credentialVersionDataService.save(originalCredential);
fakeTimeSetter.accept(FROZEN_TIME.plusSeconds(10).toEpochMilli());
MockHttpServletRequestBuilder request = post("/api/v1/data").header("Authorization", "Bearer " + AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content("{\"regenerate\":true,\"name\":\"my-rsa\"}");
mockMvc.perform(request).andExpect(status().isOk()).andExpect(content().contentTypeCompatibleWith(APPLICATION_JSON)).andExpect(jsonPath("$.type").value("rsa")).andExpect(jsonPath("$.version_created_at").value(FROZEN_TIME.plusSeconds(10).toString()));
RsaCredentialVersion newRsa = (RsaCredentialVersion) credentialVersionDataService.findMostRecent("/my-rsa");
assertTrue(newRsa.getPublicKey().contains("-----BEGIN PUBLIC KEY-----"));
assertTrue(newRsa.getPrivateKey().contains("-----BEGIN RSA PRIVATE KEY-----"));
assertThat(originalCredential.getPublicKey(), not(equalTo(newRsa.getPublicKey())));
assertThat(originalCredential.getPrivateKey(), not(equalTo(newRsa.getPrivateKey())));
auditingHelper.verifyAuditing(CREDENTIAL_UPDATE, "/my-rsa", AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/data", 200);
}
Also used :
RsaCredentialVersion(org.cloudfoundry.credhub.domain.RsaCredentialVersion)
MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Test(org.junit.Test)
Example 2 with RsaCredentialVersion
use of org.cloudfoundry.credhub.domain.RsaCredentialVersion in project credhub by cloudfoundry-incubator.
the class CertificateServiceTest method findByUuid_ThrowsEntryNotFoundIfUuidMatchesNonCertificateCredential.
@Test(expected = EntryNotFoundException.class)
public void findByUuid_ThrowsEntryNotFoundIfUuidMatchesNonCertificateCredential() {
CredentialVersion credentialVersion = new RsaCredentialVersion();
when(certificateVersionDataService.findByCredentialUUID("rsaUuid")).thenReturn(null);
subject.findByCredentialUuid("rsaUuid", auditRecordParameters);
}
Also used :
RsaCredentialVersion(org.cloudfoundry.credhub.domain.RsaCredentialVersion)
RsaCredentialVersion(org.cloudfoundry.credhub.domain.RsaCredentialVersion)
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion)
Test(org.junit.Test)
Example 3 with RsaCredentialVersion
use of org.cloudfoundry.credhub.domain.RsaCredentialVersion in project credhub by cloudfoundry-incubator.
the class RsaCredentialRegeneratable method createGenerateRequest.
@Override
public BaseCredentialGenerateRequest createGenerateRequest(CredentialVersion credentialVersion, List<EventAuditRecordParameters> auditRecordParameters) {
RsaCredentialVersion rsaCredential = (RsaCredentialVersion) credentialVersion;
RsaGenerateRequest generateRequest = new RsaGenerateRequest();
generateRequest.setName(rsaCredential.getName());
generateRequest.setType(rsaCredential.getCredentialType());
generateRequest.setOverwrite(true);
return generateRequest;
}
Also used :
RsaGenerateRequest(org.cloudfoundry.credhub.request.RsaGenerateRequest)
RsaCredentialVersion(org.cloudfoundry.credhub.domain.RsaCredentialVersion)
Example 4 with RsaCredentialVersion
use of org.cloudfoundry.credhub.domain.RsaCredentialVersion in project credhub by cloudfoundry-incubator.
the class CredentialsControllerTypeSpecificGenerateTest method parameters.
@Parameterized.Parameters(name = "{0}")
public static Collection<Object> parameters() {
credentialUuid = UUID.randomUUID();
Collection<Object> params = new ArrayList<>();
TestParameterizer passwordParameters = new TestParameterizer("password", "{\"exclude_number\": true}") {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value", FAKE_PASSWORD);
}
void credentialAssertions(CredentialVersion credential) {
PasswordCredentialVersion passwordCredential = (PasswordCredentialVersion) credential;
assertThat(passwordCredential.getGenerationParameters().isExcludeNumber(), equalTo(true));
assertThat(passwordCredential.getPassword(), equalTo(FAKE_PASSWORD));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new PasswordCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setPasswordAndGenerationParameters(FAKE_PASSWORD, new StringGenerationParameters().setExcludeNumber(true)).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParameterizer userParameterizer = new TestParameterizer("user", "null") {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value.username", USERNAME, "$.value.password", FAKE_PASSWORD);
}
void credentialAssertions(CredentialVersion credential) {
UserCredentialVersion userCredential = (UserCredentialVersion) credential;
assertThat(userCredential.getUsername(), equalTo(USERNAME));
assertThat(userCredential.getPassword(), equalTo(FAKE_PASSWORD));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new UserCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setPassword(FAKE_PASSWORD).setUsername(USERNAME).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParameterizer certificateParameterizer = new TestParameterizer("certificate", "{\"common_name\":\"my-common-name\",\"self_sign\":true}") {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value.certificate", "certificate", "$.value.private_key", "private_key", "$.value.ca", "ca");
}
void credentialAssertions(CredentialVersion credential) {
CertificateCredentialVersion certificateCredential = (CertificateCredentialVersion) credential;
assertThat(certificateCredential.getCa(), equalTo(CA));
assertThat(certificateCredential.getCertificate(), equalTo(CERTIFICATE));
assertThat(certificateCredential.getPrivateKey(), equalTo(PRIVATE_KEY));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new CertificateCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setCa(CA).setCertificate(CERTIFICATE).setPrivateKey(PRIVATE_KEY).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParameterizer sshParameterizer = new TestParameterizer("ssh", "null") {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value.public_key", "public_key", "$.value.private_key", "private_key", "$.value.public_key_fingerprint", null);
}
void credentialAssertions(CredentialVersion credential) {
SshCredentialVersion sshCredential = (SshCredentialVersion) credential;
assertThat(sshCredential.getPublicKey(), equalTo(PUBLIC_KEY));
assertThat(sshCredential.getPrivateKey(), equalTo(PRIVATE_KEY));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new SshCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setPrivateKey(PRIVATE_KEY).setPublicKey(PUBLIC_KEY).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParameterizer rsaParameterizer = new TestParameterizer("rsa", "null") {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value.public_key", "public_key", "$.value.private_key", "private_key");
}
void credentialAssertions(CredentialVersion credential) {
RsaCredentialVersion rsaCredential = (RsaCredentialVersion) credential;
assertThat(rsaCredential.getPublicKey(), equalTo(PUBLIC_KEY));
assertThat(rsaCredential.getPrivateKey(), equalTo(PRIVATE_KEY));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new RsaCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setPrivateKey(PRIVATE_KEY).setPublicKey(PUBLIC_KEY).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
params.add(passwordParameters);
params.add(userParameterizer);
params.add(certificateParameterizer);
params.add(sshParameterizer);
params.add(rsaParameterizer);
return params;
}
Also used :
RsaCredentialVersion(org.cloudfoundry.credhub.domain.RsaCredentialVersion)
Lists.newArrayList(com.google.common.collect.Lists.newArrayList)
ArrayList(java.util.ArrayList)
Encryptor(org.cloudfoundry.credhub.domain.Encryptor)
SshCredentialVersion(org.cloudfoundry.credhub.domain.SshCredentialVersion)
PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion)
UserCredentialVersion(org.cloudfoundry.credhub.domain.UserCredentialVersion)
PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion)
RsaCredentialVersion(org.cloudfoundry.credhub.domain.RsaCredentialVersion)
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion)
SshCredentialVersion(org.cloudfoundry.credhub.domain.SshCredentialVersion)
UserCredentialVersion(org.cloudfoundry.credhub.domain.UserCredentialVersion)
StringGenerationParameters(org.cloudfoundry.credhub.request.StringGenerationParameters)
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
Example 5 with RsaCredentialVersion
use of org.cloudfoundry.credhub.domain.RsaCredentialVersion in project credhub by cloudfoundry-incubator.
the class CredentialsControllerTypeSpecificSetTest method parameters.
@Parameterized.Parameters(name = "{0}")
public static Collection<Object> parameters() {
UUID credentialUuid = UUID.randomUUID();
Collection<Object> params = new ArrayList<>();
TestParametizer valueParameters = new TestParametizer("value", "\"" + VALUE_VALUE + "\"") {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value", VALUE_VALUE);
}
void credentialAssertions(CredentialVersion credential) {
assertThat(((ValueCredentialVersion) credential).getValue(), equalTo(VALUE_VALUE));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new ValueCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setValue(VALUE_VALUE).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParametizer passwordParameters = new TestParametizer("password", "\"" + PASSWORD_VALUE + "\"") {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value", PASSWORD_VALUE);
}
void credentialAssertions(CredentialVersion credential) {
assertThat(((PasswordCredentialVersion) credential).getPassword(), equalTo(PASSWORD_VALUE));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new PasswordCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setPasswordAndGenerationParameters(PASSWORD_VALUE, null).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParametizer certificateParameters = new TestParametizer("certificate", CERTIFICATE_VALUE_JSON_STRING) {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value.certificate", TestConstants.TEST_CERTIFICATE, "$.value.private_key", TestConstants.TEST_PRIVATE_KEY, "$.value.ca", TestConstants.TEST_CA);
}
void credentialAssertions(CredentialVersion credential) {
CertificateCredentialVersion certificateCredential = (CertificateCredentialVersion) credential;
assertThat(certificateCredential.getCa(), equalTo(TestConstants.TEST_CA));
assertThat(certificateCredential.getCertificate(), equalTo(TestConstants.TEST_CERTIFICATE));
assertThat(certificateCredential.getPrivateKey(), equalTo(TestConstants.TEST_PRIVATE_KEY));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new CertificateCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setCa(TestConstants.TEST_CA).setCertificate(TestConstants.TEST_CERTIFICATE).setPrivateKey(TestConstants.TEST_PRIVATE_KEY).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParametizer sshParameters = new TestParametizer("ssh", SSH_VALUE_JSON_STRING) {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value.public_key", TestConstants.SSH_PUBLIC_KEY_4096_WITH_COMMENT, "$.value.private_key", TestConstants.PRIVATE_KEY_4096, "$.value.public_key_fingerprint", "UmqxK9UJJR4Jrcw0DcwqJlCgkeQoKp8a+HY+0p0nOgc");
}
void credentialAssertions(CredentialVersion credential) {
SshCredentialVersion sshCredential = (SshCredentialVersion) credential;
assertThat(sshCredential.getPublicKey(), equalTo(TestConstants.SSH_PUBLIC_KEY_4096_WITH_COMMENT));
assertThat(sshCredential.getPrivateKey(), equalTo(TestConstants.PRIVATE_KEY_4096));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new SshCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setPrivateKey(TestConstants.PRIVATE_KEY_4096).setPublicKey(TestConstants.SSH_PUBLIC_KEY_4096_WITH_COMMENT).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParametizer rsaParameters = new TestParametizer("rsa", RSA_VALUE_JSON_STRING) {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value.public_key", TestConstants.RSA_PUBLIC_KEY_4096, "$.value.private_key", TestConstants.PRIVATE_KEY_4096);
}
void credentialAssertions(CredentialVersion credential) {
RsaCredentialVersion rsaCredential = (RsaCredentialVersion) credential;
assertThat(rsaCredential.getPublicKey(), equalTo(TestConstants.RSA_PUBLIC_KEY_4096));
assertThat(rsaCredential.getPrivateKey(), equalTo(TestConstants.PRIVATE_KEY_4096));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new RsaCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setPrivateKey(TestConstants.PRIVATE_KEY_4096).setPublicKey(TestConstants.RSA_PUBLIC_KEY_4096).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParametizer jsonParameters = new TestParametizer("json", JSON_VALUE_JSON_STRING) {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value", jsonValueMap);
}
void credentialAssertions(CredentialVersion credential) {
JsonCredentialVersion jsonCredential = (JsonCredentialVersion) credential;
assertThat(jsonCredential.getValue(), equalTo(jsonValueMap));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new JsonCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setValue(jsonValueMap).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParametizer userParameters = new TestParametizer("user", USER_VALUE_JSON_STRING) {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value.username", USERNAME_VALUE, "$.value.password", PASSWORD_VALUE);
}
void credentialAssertions(CredentialVersion credential) {
UserCredentialVersion userCredential = (UserCredentialVersion) credential;
assertThat(userCredential.getUsername(), equalTo(USERNAME_VALUE));
assertThat(userCredential.getPassword(), equalTo(PASSWORD_VALUE));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new UserCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setUsername(USERNAME_VALUE).setPassword(PASSWORD_VALUE).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
params.add(valueParameters);
params.add(passwordParameters);
params.add(certificateParameters);
params.add(sshParameters);
params.add(rsaParameters);
params.add(jsonParameters);
params.add(userParameters);
return params;
}
Also used :
JsonCredentialVersion(org.cloudfoundry.credhub.domain.JsonCredentialVersion)
ValueCredentialVersion(org.cloudfoundry.credhub.domain.ValueCredentialVersion)
RsaCredentialVersion(org.cloudfoundry.credhub.domain.RsaCredentialVersion)
Lists.newArrayList(com.google.common.collect.Lists.newArrayList)
ArrayList(java.util.ArrayList)
Encryptor(org.cloudfoundry.credhub.domain.Encryptor)
PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion)
JSONObject(net.minidev.json.JSONObject)
UUID(java.util.UUID)
SshCredentialVersion(org.cloudfoundry.credhub.domain.SshCredentialVersion)
UserCredentialVersion(org.cloudfoundry.credhub.domain.UserCredentialVersion)
PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion)
RsaCredentialVersion(org.cloudfoundry.credhub.domain.RsaCredentialVersion)
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion)
JsonCredentialVersion(org.cloudfoundry.credhub.domain.JsonCredentialVersion)
ValueCredentialVersion(org.cloudfoundry.credhub.domain.ValueCredentialVersion)
SshCredentialVersion(org.cloudfoundry.credhub.domain.SshCredentialVersion)
UserCredentialVersion(org.cloudfoundry.credhub.domain.UserCredentialVersion)
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
Aggregations
RsaCredentialVersion (org.cloudfoundry.credhub.domain.RsaCredentialVersion)5
CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)3
CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)3
Lists.newArrayList (com.google.common.collect.Lists.newArrayList)2
ArrayList (java.util.ArrayList)2
Encryptor (org.cloudfoundry.credhub.domain.Encryptor)2
PasswordCredentialVersion (org.cloudfoundry.credhub.domain.PasswordCredentialVersion)2
SshCredentialVersion (org.cloudfoundry.credhub.domain.SshCredentialVersion)2
UserCredentialVersion (org.cloudfoundry.credhub.domain.UserCredentialVersion)2
Test (org.junit.Test)2
UUID (java.util.UUID)1
JSONObject (net.minidev.json.JSONObject)1
JsonCredentialVersion (org.cloudfoundry.credhub.domain.JsonCredentialVersion)1
ValueCredentialVersion (org.cloudfoundry.credhub.domain.ValueCredentialVersion)1
RsaGenerateRequest (org.cloudfoundry.credhub.request.RsaGenerateRequest)1
StringGenerationParameters (org.cloudfoundry.credhub.request.StringGenerationParameters)1
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)1
MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)1
