Search in sources :

Example 6 with UserCredentialVersion

use of org.cloudfoundry.credhub.domain.UserCredentialVersion in project credhub by cloudfoundry-incubator.

the class CredentialRegenerateTest method regeneratingANonGeneratedUser_returnsAnError_andPersistsAnAuditEntry.

@Test
public void regeneratingANonGeneratedUser_returnsAnError_andPersistsAnAuditEntry() throws Exception {
    UserCredentialVersion originalCredential = new UserCredentialVersion("/my-user");
    originalCredential.setEncryptor(encryptor);
    originalCredential.setPassword("abcde");
    originalCredential.setUsername("username");
    originalCredential.setSalt("so salty");
    credentialVersionDataService.save(originalCredential);
    String cannotRegenerateJson = "{" + "  \"error\": \"The user could not be regenerated because the value was" + " statically set. Only generated users may be regenerated.\"" + "}";
    MockHttpServletRequestBuilder request = post("/api/v1/data").header("Authorization", "Bearer " + AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content("{\"regenerate\":true,\"name\":\"my-user\"}");
    mockMvc.perform(request).andExpect(content().json(cannotRegenerateJson));
    auditingHelper.verifyAuditing(CREDENTIAL_UPDATE, "/my-user", AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/data", 400);
}
Also used : MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) UserCredentialVersion(org.cloudfoundry.credhub.domain.UserCredentialVersion) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) Test(org.junit.Test)

Example 7 with UserCredentialVersion

use of org.cloudfoundry.credhub.domain.UserCredentialVersion in project credhub by cloudfoundry-incubator.

the class UserSaltMigrationTest method migratingMultipleUsersWithoutSalts_generatesDifferentSalts.

@Test
public void migratingMultipleUsersWithoutSalts_generatesDifferentSalts() {
    final String credentialName1 = "/test-user-credential1";
    final String credentialName2 = "/test-user-credential2";
    final Object encryptionKeyUuid = UuidUtil.makeUuid(databaseName);
    final Object credentialNameUuid1 = UuidUtil.makeUuid(databaseName);
    final Object userCredentialUuid1 = UuidUtil.makeUuid(databaseName);
    final Object credentialNameUuid2 = UuidUtil.makeUuid(databaseName);
    final Object userCredentialUuid2 = UuidUtil.makeUuid(databaseName);
    createCanary(encryptionKeyUuid);
    createCredential(encryptionKeyUuid, credentialName1, credentialNameUuid1, userCredentialUuid1);
    createCredential(encryptionKeyUuid, credentialName2, credentialNameUuid2, userCredentialUuid2);
    flyway.setTarget(MigrationVersion.LATEST);
    flyway.migrate();
    final UserCredentialVersion migratedUser1 = (UserCredentialVersion) credentialVersionDataService.findMostRecent(credentialName1);
    final UserCredentialVersion migratedUser2 = (UserCredentialVersion) credentialVersionDataService.findMostRecent(credentialName2);
    assertThat(migratedUser1.getSalt(), not(equalTo(migratedUser2.getSalt())));
}
Also used : UserCredentialVersion(org.cloudfoundry.credhub.domain.UserCredentialVersion) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 8 with UserCredentialVersion

use of org.cloudfoundry.credhub.domain.UserCredentialVersion in project credhub by cloudfoundry-incubator.

the class UserSaltMigrationTest method migratingAUserWithoutASalt_generatesASalt.

@Test
public void migratingAUserWithoutASalt_generatesASalt() {
    final String credentialName = "/test-user-credential";
    final Object encryptionKeyUuid = UuidUtil.makeUuid(databaseName);
    final Object credentialNameUuid = UuidUtil.makeUuid(databaseName);
    final Object userCredentialUuid = UuidUtil.makeUuid(databaseName);
    createCanary(encryptionKeyUuid);
    createCredential(encryptionKeyUuid, credentialName, credentialNameUuid, userCredentialUuid);
    flyway.setTarget(MigrationVersion.LATEST);
    flyway.migrate();
    final UserCredentialVersion migratedUser = (UserCredentialVersion) credentialVersionDataService.findMostRecent(credentialName);
    assertThat(migratedUser.getSalt().matches("^\\$6\\$[a-zA-Z0-9/.]{8}$"), equalTo(true));
}
Also used : UserCredentialVersion(org.cloudfoundry.credhub.domain.UserCredentialVersion) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

UserCredentialVersion (org.cloudfoundry.credhub.domain.UserCredentialVersion)8 Test (org.junit.Test)5 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)4 StringGenerationParameters (org.cloudfoundry.credhub.request.StringGenerationParameters)3 Lists.newArrayList (com.google.common.collect.Lists.newArrayList)2 ArrayList (java.util.ArrayList)2 UUID (java.util.UUID)2 CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)2 CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)2 Encryptor (org.cloudfoundry.credhub.domain.Encryptor)2 PasswordCredentialVersion (org.cloudfoundry.credhub.domain.PasswordCredentialVersion)2 RsaCredentialVersion (org.cloudfoundry.credhub.domain.RsaCredentialVersion)2 SshCredentialVersion (org.cloudfoundry.credhub.domain.SshCredentialVersion)2 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)2 JSONObject (net.minidev.json.JSONObject)1 EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)1 CryptSaltFactory (org.cloudfoundry.credhub.credential.CryptSaltFactory)1 JsonCredentialVersion (org.cloudfoundry.credhub.domain.JsonCredentialVersion)1 ValueCredentialVersion (org.cloudfoundry.credhub.domain.ValueCredentialVersion)1 ParameterizedValidationException (org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)1