use of org.cloudfoundry.credhub.domain.UserCredentialVersion in project credhub by cloudfoundry-incubator.
the class CredentialRegenerateTest method regeneratingANonGeneratedUser_returnsAnError_andPersistsAnAuditEntry.
@Test
public void regeneratingANonGeneratedUser_returnsAnError_andPersistsAnAuditEntry() throws Exception {
UserCredentialVersion originalCredential = new UserCredentialVersion("/my-user");
originalCredential.setEncryptor(encryptor);
originalCredential.setPassword("abcde");
originalCredential.setUsername("username");
originalCredential.setSalt("so salty");
credentialVersionDataService.save(originalCredential);
String cannotRegenerateJson = "{" + " \"error\": \"The user could not be regenerated because the value was" + " statically set. Only generated users may be regenerated.\"" + "}";
MockHttpServletRequestBuilder request = post("/api/v1/data").header("Authorization", "Bearer " + AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content("{\"regenerate\":true,\"name\":\"my-user\"}");
mockMvc.perform(request).andExpect(content().json(cannotRegenerateJson));
auditingHelper.verifyAuditing(CREDENTIAL_UPDATE, "/my-user", AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/data", 400);
}
use of org.cloudfoundry.credhub.domain.UserCredentialVersion in project credhub by cloudfoundry-incubator.
the class UserSaltMigrationTest method migratingMultipleUsersWithoutSalts_generatesDifferentSalts.
@Test
public void migratingMultipleUsersWithoutSalts_generatesDifferentSalts() {
final String credentialName1 = "/test-user-credential1";
final String credentialName2 = "/test-user-credential2";
final Object encryptionKeyUuid = UuidUtil.makeUuid(databaseName);
final Object credentialNameUuid1 = UuidUtil.makeUuid(databaseName);
final Object userCredentialUuid1 = UuidUtil.makeUuid(databaseName);
final Object credentialNameUuid2 = UuidUtil.makeUuid(databaseName);
final Object userCredentialUuid2 = UuidUtil.makeUuid(databaseName);
createCanary(encryptionKeyUuid);
createCredential(encryptionKeyUuid, credentialName1, credentialNameUuid1, userCredentialUuid1);
createCredential(encryptionKeyUuid, credentialName2, credentialNameUuid2, userCredentialUuid2);
flyway.setTarget(MigrationVersion.LATEST);
flyway.migrate();
final UserCredentialVersion migratedUser1 = (UserCredentialVersion) credentialVersionDataService.findMostRecent(credentialName1);
final UserCredentialVersion migratedUser2 = (UserCredentialVersion) credentialVersionDataService.findMostRecent(credentialName2);
assertThat(migratedUser1.getSalt(), not(equalTo(migratedUser2.getSalt())));
}
use of org.cloudfoundry.credhub.domain.UserCredentialVersion in project credhub by cloudfoundry-incubator.
the class UserSaltMigrationTest method migratingAUserWithoutASalt_generatesASalt.
@Test
public void migratingAUserWithoutASalt_generatesASalt() {
final String credentialName = "/test-user-credential";
final Object encryptionKeyUuid = UuidUtil.makeUuid(databaseName);
final Object credentialNameUuid = UuidUtil.makeUuid(databaseName);
final Object userCredentialUuid = UuidUtil.makeUuid(databaseName);
createCanary(encryptionKeyUuid);
createCredential(encryptionKeyUuid, credentialName, credentialNameUuid, userCredentialUuid);
flyway.setTarget(MigrationVersion.LATEST);
flyway.migrate();
final UserCredentialVersion migratedUser = (UserCredentialVersion) credentialVersionDataService.findMostRecent(credentialName);
assertThat(migratedUser.getSalt().matches("^\\$6\\$[a-zA-Z0-9/.]{8}$"), equalTo(true));
}
Aggregations