use of org.cloudfoundry.credhub.domain.UserCredentialVersion in project credhub by cloudfoundry-incubator.
the class CredentialRegenerateTest method regeneratingAUser_regeneratesTheUser_andPersistsAnAuditEntry.
@Test
public void regeneratingAUser_regeneratesTheUser_andPersistsAnAuditEntry() throws Exception {
UserCredentialVersion originalCredential = new UserCredentialVersion("/the-user");
originalCredential.setEncryptor(encryptor);
StringGenerationParameters generationParameters = new StringGenerationParameters();
generationParameters.setExcludeNumber(true);
generationParameters.setUsername("Darth Vader");
originalCredential.setPassword("original-password");
originalCredential.setUsername("Darth Vader");
originalCredential.setSalt("pepper");
originalCredential.setGenerationParameters(generationParameters);
originalCredential.setVersionCreatedAt(FROZEN_TIME.plusSeconds(1));
credentialVersionDataService.save(originalCredential);
fakeTimeSetter.accept(FROZEN_TIME.plusSeconds(10).toEpochMilli());
MockHttpServletRequestBuilder request = post("/api/v1/data").header("Authorization", "Bearer " + AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content("{\"regenerate\":true,\"name\":\"the-user\"}");
mockMvc.perform(request).andExpect(status().isOk()).andExpect(content().contentTypeCompatibleWith(APPLICATION_JSON)).andExpect(jsonPath("$.type").value("user")).andExpect(jsonPath("$.version_created_at").value(FROZEN_TIME.plusSeconds(10).toString()));
UserCredentialVersion newUser = (UserCredentialVersion) credentialVersionDataService.findMostRecent("/the-user");
assertThat(newUser.getPassword(), not(equalTo(originalCredential.getPassword())));
assertThat(newUser.getGenerationParameters().isExcludeNumber(), equalTo(true));
assertThat(newUser.getUsername(), equalTo(originalCredential.getUsername()));
auditingHelper.verifyAuditing(CREDENTIAL_UPDATE, "/the-user", AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/data", 200);
}
use of org.cloudfoundry.credhub.domain.UserCredentialVersion in project credhub by cloudfoundry-incubator.
the class UserCredentialRegeneratable method createGenerateRequest.
@Override
public BaseCredentialGenerateRequest createGenerateRequest(CredentialVersion credentialVersion, List<EventAuditRecordParameters> auditRecordParameters) {
UserCredentialVersion userCredential = (UserCredentialVersion) credentialVersion;
UserGenerateRequest generateRequest = new UserGenerateRequest();
generateRequest.setName(userCredential.getName());
generateRequest.setType(userCredential.getCredentialType());
generateRequest.setOverwrite(true);
StringGenerationParameters generationParameters;
generationParameters = userCredential.getGenerationParameters();
if (generationParameters == null) {
auditRecordParameters.add(new EventAuditRecordParameters(CREDENTIAL_UPDATE, credentialVersion.getName()));
throw new ParameterizedValidationException("error.cannot_regenerate_non_generated_user");
}
generationParameters.setUsername(userCredential.getUsername());
generateRequest.setGenerationParameters(generationParameters);
return generateRequest;
}
use of org.cloudfoundry.credhub.domain.UserCredentialVersion in project credhub by cloudfoundry-incubator.
the class UserViewTest method canCreateViewFromEntity.
@Test
public void canCreateViewFromEntity() throws IOException {
final UUID uuid = UUID.randomUUID();
final String salt = new CryptSaltFactory().generateSalt("test-password");
final String passwordHash = Crypt.crypt("test-password", salt);
final UserCredentialVersion userCredential = mock(UserCredentialVersion.class);
when(userCredential.getName()).thenReturn("/foo");
when(userCredential.getUuid()).thenReturn(uuid);
when(userCredential.getCredentialType()).thenReturn("user");
when(userCredential.getPassword()).thenReturn("test-password");
when(userCredential.getUsername()).thenReturn("test-username");
when(userCredential.getSalt()).thenReturn(salt);
UserView actual = (UserView) UserView.fromEntity(userCredential);
assertThat(JsonTestHelper.serializeToString(actual), equalTo("{" + "\"type\":\"user\"," + "\"version_created_at\":null," + "\"id\":\"" + uuid.toString() + "\"," + "\"name\":\"/foo\"," + "\"value\":{" + "\"username\":\"test-username\"," + "\"password\":\"test-password\"," + "\"password_hash\":\"" + passwordHash + "\"" + "}}"));
}
use of org.cloudfoundry.credhub.domain.UserCredentialVersion in project credhub by cloudfoundry-incubator.
the class CredentialsControllerTypeSpecificGenerateTest method parameters.
@Parameterized.Parameters(name = "{0}")
public static Collection<Object> parameters() {
credentialUuid = UUID.randomUUID();
Collection<Object> params = new ArrayList<>();
TestParameterizer passwordParameters = new TestParameterizer("password", "{\"exclude_number\": true}") {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value", FAKE_PASSWORD);
}
void credentialAssertions(CredentialVersion credential) {
PasswordCredentialVersion passwordCredential = (PasswordCredentialVersion) credential;
assertThat(passwordCredential.getGenerationParameters().isExcludeNumber(), equalTo(true));
assertThat(passwordCredential.getPassword(), equalTo(FAKE_PASSWORD));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new PasswordCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setPasswordAndGenerationParameters(FAKE_PASSWORD, new StringGenerationParameters().setExcludeNumber(true)).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParameterizer userParameterizer = new TestParameterizer("user", "null") {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value.username", USERNAME, "$.value.password", FAKE_PASSWORD);
}
void credentialAssertions(CredentialVersion credential) {
UserCredentialVersion userCredential = (UserCredentialVersion) credential;
assertThat(userCredential.getUsername(), equalTo(USERNAME));
assertThat(userCredential.getPassword(), equalTo(FAKE_PASSWORD));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new UserCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setPassword(FAKE_PASSWORD).setUsername(USERNAME).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParameterizer certificateParameterizer = new TestParameterizer("certificate", "{\"common_name\":\"my-common-name\",\"self_sign\":true}") {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value.certificate", "certificate", "$.value.private_key", "private_key", "$.value.ca", "ca");
}
void credentialAssertions(CredentialVersion credential) {
CertificateCredentialVersion certificateCredential = (CertificateCredentialVersion) credential;
assertThat(certificateCredential.getCa(), equalTo(CA));
assertThat(certificateCredential.getCertificate(), equalTo(CERTIFICATE));
assertThat(certificateCredential.getPrivateKey(), equalTo(PRIVATE_KEY));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new CertificateCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setCa(CA).setCertificate(CERTIFICATE).setPrivateKey(PRIVATE_KEY).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParameterizer sshParameterizer = new TestParameterizer("ssh", "null") {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value.public_key", "public_key", "$.value.private_key", "private_key", "$.value.public_key_fingerprint", null);
}
void credentialAssertions(CredentialVersion credential) {
SshCredentialVersion sshCredential = (SshCredentialVersion) credential;
assertThat(sshCredential.getPublicKey(), equalTo(PUBLIC_KEY));
assertThat(sshCredential.getPrivateKey(), equalTo(PRIVATE_KEY));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new SshCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setPrivateKey(PRIVATE_KEY).setPublicKey(PUBLIC_KEY).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParameterizer rsaParameterizer = new TestParameterizer("rsa", "null") {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value.public_key", "public_key", "$.value.private_key", "private_key");
}
void credentialAssertions(CredentialVersion credential) {
RsaCredentialVersion rsaCredential = (RsaCredentialVersion) credential;
assertThat(rsaCredential.getPublicKey(), equalTo(PUBLIC_KEY));
assertThat(rsaCredential.getPrivateKey(), equalTo(PRIVATE_KEY));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new RsaCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setPrivateKey(PRIVATE_KEY).setPublicKey(PUBLIC_KEY).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
params.add(passwordParameters);
params.add(userParameterizer);
params.add(certificateParameterizer);
params.add(sshParameterizer);
params.add(rsaParameterizer);
return params;
}
use of org.cloudfoundry.credhub.domain.UserCredentialVersion in project credhub by cloudfoundry-incubator.
the class CredentialsControllerTypeSpecificSetTest method parameters.
@Parameterized.Parameters(name = "{0}")
public static Collection<Object> parameters() {
UUID credentialUuid = UUID.randomUUID();
Collection<Object> params = new ArrayList<>();
TestParametizer valueParameters = new TestParametizer("value", "\"" + VALUE_VALUE + "\"") {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value", VALUE_VALUE);
}
void credentialAssertions(CredentialVersion credential) {
assertThat(((ValueCredentialVersion) credential).getValue(), equalTo(VALUE_VALUE));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new ValueCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setValue(VALUE_VALUE).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParametizer passwordParameters = new TestParametizer("password", "\"" + PASSWORD_VALUE + "\"") {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value", PASSWORD_VALUE);
}
void credentialAssertions(CredentialVersion credential) {
assertThat(((PasswordCredentialVersion) credential).getPassword(), equalTo(PASSWORD_VALUE));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new PasswordCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setPasswordAndGenerationParameters(PASSWORD_VALUE, null).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParametizer certificateParameters = new TestParametizer("certificate", CERTIFICATE_VALUE_JSON_STRING) {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value.certificate", TestConstants.TEST_CERTIFICATE, "$.value.private_key", TestConstants.TEST_PRIVATE_KEY, "$.value.ca", TestConstants.TEST_CA);
}
void credentialAssertions(CredentialVersion credential) {
CertificateCredentialVersion certificateCredential = (CertificateCredentialVersion) credential;
assertThat(certificateCredential.getCa(), equalTo(TestConstants.TEST_CA));
assertThat(certificateCredential.getCertificate(), equalTo(TestConstants.TEST_CERTIFICATE));
assertThat(certificateCredential.getPrivateKey(), equalTo(TestConstants.TEST_PRIVATE_KEY));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new CertificateCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setCa(TestConstants.TEST_CA).setCertificate(TestConstants.TEST_CERTIFICATE).setPrivateKey(TestConstants.TEST_PRIVATE_KEY).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParametizer sshParameters = new TestParametizer("ssh", SSH_VALUE_JSON_STRING) {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value.public_key", TestConstants.SSH_PUBLIC_KEY_4096_WITH_COMMENT, "$.value.private_key", TestConstants.PRIVATE_KEY_4096, "$.value.public_key_fingerprint", "UmqxK9UJJR4Jrcw0DcwqJlCgkeQoKp8a+HY+0p0nOgc");
}
void credentialAssertions(CredentialVersion credential) {
SshCredentialVersion sshCredential = (SshCredentialVersion) credential;
assertThat(sshCredential.getPublicKey(), equalTo(TestConstants.SSH_PUBLIC_KEY_4096_WITH_COMMENT));
assertThat(sshCredential.getPrivateKey(), equalTo(TestConstants.PRIVATE_KEY_4096));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new SshCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setPrivateKey(TestConstants.PRIVATE_KEY_4096).setPublicKey(TestConstants.SSH_PUBLIC_KEY_4096_WITH_COMMENT).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParametizer rsaParameters = new TestParametizer("rsa", RSA_VALUE_JSON_STRING) {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value.public_key", TestConstants.RSA_PUBLIC_KEY_4096, "$.value.private_key", TestConstants.PRIVATE_KEY_4096);
}
void credentialAssertions(CredentialVersion credential) {
RsaCredentialVersion rsaCredential = (RsaCredentialVersion) credential;
assertThat(rsaCredential.getPublicKey(), equalTo(TestConstants.RSA_PUBLIC_KEY_4096));
assertThat(rsaCredential.getPrivateKey(), equalTo(TestConstants.PRIVATE_KEY_4096));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new RsaCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setPrivateKey(TestConstants.PRIVATE_KEY_4096).setPublicKey(TestConstants.RSA_PUBLIC_KEY_4096).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParametizer jsonParameters = new TestParametizer("json", JSON_VALUE_JSON_STRING) {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value", jsonValueMap);
}
void credentialAssertions(CredentialVersion credential) {
JsonCredentialVersion jsonCredential = (JsonCredentialVersion) credential;
assertThat(jsonCredential.getValue(), equalTo(jsonValueMap));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new JsonCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setValue(jsonValueMap).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
TestParametizer userParameters = new TestParametizer("user", USER_VALUE_JSON_STRING) {
ResultMatcher jsonAssertions() {
return multiJsonPath("$.value.username", USERNAME_VALUE, "$.value.password", PASSWORD_VALUE);
}
void credentialAssertions(CredentialVersion credential) {
UserCredentialVersion userCredential = (UserCredentialVersion) credential;
assertThat(userCredential.getUsername(), equalTo(USERNAME_VALUE));
assertThat(userCredential.getPassword(), equalTo(PASSWORD_VALUE));
}
CredentialVersion createCredential(Encryptor encryptor) {
return new UserCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setUsername(USERNAME_VALUE).setPassword(PASSWORD_VALUE).setUuid(credentialUuid).setVersionCreatedAt(FROZEN_TIME.minusSeconds(1));
}
};
params.add(valueParameters);
params.add(passwordParameters);
params.add(certificateParameters);
params.add(sshParameters);
params.add(rsaParameters);
params.add(jsonParameters);
params.add(userParameters);
return params;
}
Aggregations