Examples with Credential org.cloudfoundry.credhub.entity.Credential used on opensource projects

Search in sources :

Example 21 with Credential

use of org.cloudfoundry.credhub.entity.Credential in project credhub by cloudfoundry-incubator.

the class PermissionedCertificateService method set.

public CertificateCredentialVersion set(UUID certificateUuid, CertificateCredentialValue value, List<EventAuditRecordParameters> auditRecordParameters) {
    Credential credential = findCertificateCredential(certificateUuid);
    EventAuditRecordParameters eventAuditRecordParameters = new EventAuditRecordParameters(AuditingOperationCode.CREDENTIAL_UPDATE, credential.getName());
    auditRecordParameters.add(eventAuditRecordParameters);
    if (!permissionCheckingService.hasPermission(userContextHolder.getUserContext().getActor(), credential.getName(), PermissionOperation.WRITE)) {
        throw new EntryNotFoundException("error.credential.invalid_access");
    }
    if (value.isTransitional()) {
        validateNoTransitionalVersionsAlreadyExist(credential.getName(), auditRecordParameters);
    }
    CertificateCredentialVersion certificateCredentialVersion = certificateCredentialFactory.makeNewCredentialVersion(credential, value);
    return credentialVersionDataService.save(certificateCredentialVersion);
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) EntryNotFoundException(org.cloudfoundry.credhub.exceptions.EntryNotFoundException) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)

Example 22 with Credential

use of org.cloudfoundry.credhub.entity.Credential in project credhub by cloudfoundry-incubator.

the class PermissionedCertificateService method getVersions.

public List<CredentialVersion> getVersions(UUID uuid, boolean current, List<EventAuditRecordParameters> auditRecordParameters) {
    List<CredentialVersion> list;
    String name;
    try {
        if (current) {
            Credential credential = findCertificateCredential(uuid);
            name = credential.getName();
            list = certificateVersionDataService.findActiveWithTransitional(name);
        } else {
            list = certificateVersionDataService.findAllVersions(uuid);
            name = !list.isEmpty() ? list.get(0).getName() : null;
        }
    } catch (IllegalArgumentException e) {
        auditRecordParameters.add(new EventAuditRecordParameters(AuditingOperationCode.CREDENTIAL_ACCESS, null));
        throw new InvalidQueryParameterException("error.bad_request", "uuid");
    }
    auditRecordParameters.add(new EventAuditRecordParameters(AuditingOperationCode.CREDENTIAL_ACCESS, name));
    if (list.isEmpty() || !permissionCheckingService.hasPermission(userContextHolder.getUserContext().getActor(), name, PermissionOperation.READ)) {
        throw new EntryNotFoundException("error.credential.invalid_access");
    }
    return list;
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) EntryNotFoundException(org.cloudfoundry.credhub.exceptions.EntryNotFoundException) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) InvalidQueryParameterException(org.cloudfoundry.credhub.exceptions.InvalidQueryParameterException) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion) CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion)

Example 23 with Credential

use of org.cloudfoundry.credhub.entity.Credential in project credhub by cloudfoundry-incubator.

the class PermissionedCredentialService method findByUuid.

public Credential findByUuid(UUID credentialUUID, List<EventAuditRecordParameters> auditRecordParameters) {
    EventAuditRecordParameters eventAuditRecordParameters = new EventAuditRecordParameters(AuditingOperationCode.CREDENTIAL_ACCESS);
    auditRecordParameters.add(eventAuditRecordParameters);
    Credential credential = credentialDataService.findByUUID(credentialUUID);
    if (credential == null) {
        throw new EntryNotFoundException("error.credential.invalid_access");
    }
    eventAuditRecordParameters.setCredentialName(credential.getName());
    if (!permissionCheckingService.hasPermission(userContextHolder.getUserContext().getActor(), credential.getName(), READ)) {
        throw new EntryNotFoundException("error.credential.invalid_access");
    }
    return credential;
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) EntryNotFoundException(org.cloudfoundry.credhub.exceptions.EntryNotFoundException) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters)

Example 24 with Credential

use of org.cloudfoundry.credhub.entity.Credential in project credhub by cloudfoundry-incubator.

the class EncryptionKeyRotatorTest method rotation_canRotatePasswordCredentials.

@Test
public void rotation_canRotatePasswordCredentials() throws Exception {
    String passwordName = name + "-password";
    MockHttpServletRequestBuilder post = post("/api/v1/data").header("Authorization", "Bearer " + UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content("{" + "  \"name\": \"" + passwordName + "\"," + "  \"type\": \"password\"" + "}");
    String content = this.mockMvc.perform(post).andDo(print()).andExpect(status().isOk()).andReturn().getResponse().getContentAsString();
    String originalPassword = parse(content).get("value").textValue();
    Credential credential = credentialDataService.find(passwordName);
    final PasswordCredentialVersionData firstEncryption = (PasswordCredentialVersionData) credentialVersionRepository.findAllByCredentialUuidOrderByVersionCreatedAtDesc(credential.getUuid()).get(0);
    final byte[] firstEncryptedValue = firstEncryption.getEncryptedValueData().getEncryptedValue();
    final byte[] firstEncryptedGenParams = firstEncryption.getEncryptedGenerationParameters().getEncryptedValue();
    setActiveKey(1);
    encryptionKeyRotator.rotate();
    final PasswordCredentialVersionData secondEncryption = (PasswordCredentialVersionData) credentialVersionRepository.findAllByCredentialUuidOrderByVersionCreatedAtDesc(credential.getUuid()).get(0);
    assertThat(firstEncryptedValue, not(equalTo(secondEncryption.getEncryptedValueData().getEncryptedValue())));
    assertThat(firstEncryptedGenParams, not(equalTo(secondEncryption.getEncryptedGenerationParameters())));
    final MockHttpServletRequestBuilder get = get("/api/v1/data?name=" + passwordName).header("Authorization", "Bearer " + UAA_OAUTH2_PASSWORD_GRANT_TOKEN);
    this.mockMvc.perform(get).andExpect(status().isOk()).andExpect(jsonPath(".data[0].value").value(originalPassword));
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) PasswordCredentialVersionData(org.cloudfoundry.credhub.entity.PasswordCredentialVersionData) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) Test(org.junit.Test)

Example 25 with Credential

use of org.cloudfoundry.credhub.entity.Credential in project credhub by cloudfoundry-incubator.

the class PermissionServiceTest method beforeEach.

@Before
public void beforeEach() {
    userContext = mock(UserContext.class);
    when(userContext.getActor()).thenReturn(USER_NAME);
    expectedCredential = new Credential(CREDENTIAL_NAME);
    expectedCredentialVersion = new PasswordCredentialVersion(CREDENTIAL_NAME);
    permissionDataService = mock(PermissionDataService.class);
    permissionCheckingService = mock(PermissionCheckingService.class);
    when(permissionCheckingService.hasPermission(anyString(), anyString(), any(PermissionOperation.class))).thenReturn(true);
    auditRecordParameters = newArrayList();
    UserContextHolder userContextHolder = new UserContextHolder();
    userContextHolder.setUserContext(userContext);
    subject = new PermissionService(permissionDataService, permissionCheckingService, userContextHolder);
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) PermissionOperation(org.cloudfoundry.credhub.request.PermissionOperation) UserContext(org.cloudfoundry.credhub.auth.UserContext) UserContextHolder(org.cloudfoundry.credhub.auth.UserContextHolder) PermissionDataService(org.cloudfoundry.credhub.data.PermissionDataService) PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion) Before(org.junit.Before)

Aggregations

Credential (org.cloudfoundry.credhub.entity.Credential)49 Test (org.junit.Test)30 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)15 UUID (java.util.UUID)13 UserContext (org.cloudfoundry.credhub.auth.UserContext)13 CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)13 EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)9 CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)9 EntryNotFoundException (org.cloudfoundry.credhub.exceptions.EntryNotFoundException)9 EncryptedValue (org.cloudfoundry.credhub.entity.EncryptedValue)7 CertificateCredentialVersionData (org.cloudfoundry.credhub.entity.CertificateCredentialVersionData)5 PasswordCredentialVersionData (org.cloudfoundry.credhub.entity.PasswordCredentialVersionData)5 CertificateCredentialValue (org.cloudfoundry.credhub.credential.CertificateCredentialValue)4 CredentialVersionData (org.cloudfoundry.credhub.entity.CredentialVersionData)4 List (java.util.List)3 Collectors (java.util.stream.Collectors)3 AuditingOperationCode (org.cloudfoundry.credhub.audit.AuditingOperationCode)3 UserContextHolder (org.cloudfoundry.credhub.auth.UserContextHolder)3 ValueCredentialVersionData (org.cloudfoundry.credhub.entity.ValueCredentialVersionData)3 ParameterizedValidationException (org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial