use of org.cloudfoundry.credhub.entity.CredentialVersionData in project credhub by cloudfoundry-incubator.
the class CertificateVersionDataService method findActiveWithTransitional.
public List<CredentialVersion> findActiveWithTransitional(String certificateName) {
ArrayList<CredentialVersion> result = new ArrayList<>();
Credential credential = credentialDataService.find(certificateName);
UUID uuid = credential.getUuid();
if (credential == null) {
return null;
} else {
CredentialVersionData active = credentialVersionRepository.findLatestNonTransitionalCertificateVersion(uuid);
if (active != null) {
result.add(credentialFactory.makeCredentialFromEntity(active));
}
CredentialVersionData transitional = credentialVersionRepository.findTransitionalCertificateVersion(uuid);
if (transitional != null) {
result.add(credentialFactory.makeCredentialFromEntity(transitional));
}
return result;
}
}
use of org.cloudfoundry.credhub.entity.CredentialVersionData in project credhub by cloudfoundry-incubator.
the class CredentialVersionDataServiceTest method save_givenANewCredential_savesTheCredential.
@Test
public void save_givenANewCredential_savesTheCredential() {
PasswordCredentialVersionData passwordCredentialData = new PasswordCredentialVersionData("/my-credential");
passwordCredentialData.setEncryptedValueData(new EncryptedValue(activeCanaryUuid, "credential-password", ""));
PasswordCredentialVersion credential = new PasswordCredentialVersion(passwordCredentialData);
credential.setEncryptor(encryptor);
CredentialVersion savedCredentialVersion = subject.save(credential);
assertNotNull(savedCredentialVersion);
PasswordCredentialVersion savedPasswordCredential = (PasswordCredentialVersion) subject.findMostRecent("/my-credential");
CredentialVersionData credentialVersionData = credentialVersionRepository.findOneByUuid(savedCredentialVersion.getUuid());
assertThat(savedPasswordCredential.getName(), equalTo(credential.getName()));
assertThat(savedPasswordCredential.getUuid(), equalTo(credential.getUuid()));
assertThat(credentialVersionData.getCredential().getName(), equalTo("/my-credential"));
assertThat(credentialVersionData.getEncryptedValueData().getEncryptedValue(), equalTo("credential-password".getBytes()));
}
use of org.cloudfoundry.credhub.entity.CredentialVersionData in project credhub by cloudfoundry-incubator.
the class CertificateVersionDataServiceTest method findActive_FindsMostRecentNonTransitionalCredentialVersion.
@Test
public void findActive_FindsMostRecentNonTransitionalCredentialVersion() throws Exception {
Credential certificate = mock(Credential.class);
when(dataService.find("/some-ca-name")).thenReturn(certificate);
CredentialVersionData certificateEntity = mock(CredentialVersionData.class);
when(versionRepository.findLatestNonTransitionalCertificateVersion(any())).thenReturn(certificateEntity);
CredentialVersion expectedVersion = mock(CredentialVersion.class);
when(factory.makeCredentialFromEntity(certificateEntity)).thenReturn(expectedVersion);
CredentialVersion activeVersion = subject.findActive("/some-ca-name");
assertThat(activeVersion, equalTo(expectedVersion));
}
use of org.cloudfoundry.credhub.entity.CredentialVersionData in project credhub by cloudfoundry-incubator.
the class EncryptionKeyRotatorTest method whenDataExistsThatIsEncryptedWithUnknownKey_itShouldRotateDataThatItCanDecrypt.
@Test
public void whenDataExistsThatIsEncryptedWithUnknownKey_itShouldRotateDataThatItCanDecrypt() throws Exception {
setupInitialContext();
List<CredentialVersionData> beforeRotation = credentialVersionRepository.findByEncryptedCredentialValueEncryptionKeyUuidIn(keySet.getInactiveUuids());
int numberToRotate = beforeRotation.size();
assertThat(credentialVersionRepository.findOneByUuid(credentialWithUnknownKey.getUuid()).getEncryptionKeyUuid(), equalTo(unknownCanary.getUuid()));
encryptionKeyRotator.rotate();
List<CredentialVersionData> afterRotation = credentialVersionRepository.findByEncryptedCredentialValueEncryptionKeyUuidIn(keySet.getInactiveUuids());
int numberToRotateWhenDone = afterRotation.size();
assertThat(numberToRotate, equalTo(2));
assertThat(numberToRotateWhenDone, equalTo(0));
List<UUID> uuids = beforeRotation.stream().map(CredentialVersionData::getUuid).collect(Collectors.toList());
// Gets updated to use current key:
assertThat(credentialVersionRepository.findOneByUuid(credentialVersionWithOldKey.getUuid()).getEncryptionKeyUuid(), equalTo(keySet.getActive().getUuid()));
assertThat(uuids, hasItem(credentialVersionWithOldKey.getUuid()));
assertThat(credentialVersionRepository.findOneByUuid(password.getUuid()).getEncryptionKeyUuid(), equalTo(keySet.getActive().getUuid()));
assertThat(uuids, hasItem(password.getUuid()));
// Unchanged because we don't have the key:
assertThat(credentialVersionRepository.findOneByUuid(credentialWithUnknownKey.getUuid()).getEncryptionKeyUuid(), equalTo(unknownCanary.getUuid()));
assertThat(uuids, not(hasItem(credentialWithUnknownKey.getUuid())));
// Unchanged because it's already up to date:
assertThat(credentialVersionRepository.findOneByUuid(credentialWithCurrentKey.getUuid()).getEncryptionKeyUuid(), equalTo(keySet.getActive().getUuid()));
assertThat(uuids, not(hasItem(credentialWithCurrentKey.getUuid())));
PasswordCredentialVersion rotatedPassword = (PasswordCredentialVersion) credentialVersionDataService.findMostRecent(passwordName);
assertThat(rotatedPassword.getPassword(), equalTo("test-password-plaintext"));
assertThat(rotatedPassword.getGenerationParameters(), samePropertyValuesAs(new StringGenerationParameters().setExcludeNumber(true).setLength(23)));
}
use of org.cloudfoundry.credhub.entity.CredentialVersionData in project credhub by cloudfoundry-incubator.
the class CredentialVersionDataService method findActiveByName.
public List<CredentialVersion> findActiveByName(String name) {
Credential credential = credentialDataService.find(name);
CredentialVersionData credentialVersionData;
ArrayList<CredentialVersion> result = newArrayList();
if (credential != null) {
credentialVersionData = credentialVersionRepository.findFirstByCredentialUuidOrderByVersionCreatedAtDesc(credential.getUuid());
if (credentialVersionData.getCredentialType().equals(CertificateCredentialVersionData.CREDENTIAL_TYPE)) {
return certificateVersionDataService.findActiveWithTransitional(name);
}
result.add(credentialFactory.makeCredentialFromEntity(credentialVersionData));
return result;
} else {
return newArrayList();
}
}
Aggregations