Search in sources :

Example 1 with CredentialVersionData

use of org.cloudfoundry.credhub.entity.CredentialVersionData in project credhub by cloudfoundry-incubator.

the class CertificateVersionDataService method findActiveWithTransitional.

public List<CredentialVersion> findActiveWithTransitional(String certificateName) {
    ArrayList<CredentialVersion> result = new ArrayList<>();
    Credential credential = credentialDataService.find(certificateName);
    UUID uuid = credential.getUuid();
    if (credential == null) {
        return null;
    } else {
        CredentialVersionData active = credentialVersionRepository.findLatestNonTransitionalCertificateVersion(uuid);
        if (active != null) {
            result.add(credentialFactory.makeCredentialFromEntity(active));
        }
        CredentialVersionData transitional = credentialVersionRepository.findTransitionalCertificateVersion(uuid);
        if (transitional != null) {
            result.add(credentialFactory.makeCredentialFromEntity(transitional));
        }
        return result;
    }
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) ArrayList(java.util.ArrayList) CertificateCredentialVersionData(org.cloudfoundry.credhub.entity.CertificateCredentialVersionData) CredentialVersionData(org.cloudfoundry.credhub.entity.CredentialVersionData) UUID(java.util.UUID) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion) CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion)

Example 2 with CredentialVersionData

use of org.cloudfoundry.credhub.entity.CredentialVersionData in project credhub by cloudfoundry-incubator.

the class CredentialVersionDataServiceTest method save_givenANewCredential_savesTheCredential.

@Test
public void save_givenANewCredential_savesTheCredential() {
    PasswordCredentialVersionData passwordCredentialData = new PasswordCredentialVersionData("/my-credential");
    passwordCredentialData.setEncryptedValueData(new EncryptedValue(activeCanaryUuid, "credential-password", ""));
    PasswordCredentialVersion credential = new PasswordCredentialVersion(passwordCredentialData);
    credential.setEncryptor(encryptor);
    CredentialVersion savedCredentialVersion = subject.save(credential);
    assertNotNull(savedCredentialVersion);
    PasswordCredentialVersion savedPasswordCredential = (PasswordCredentialVersion) subject.findMostRecent("/my-credential");
    CredentialVersionData credentialVersionData = credentialVersionRepository.findOneByUuid(savedCredentialVersion.getUuid());
    assertThat(savedPasswordCredential.getName(), equalTo(credential.getName()));
    assertThat(savedPasswordCredential.getUuid(), equalTo(credential.getUuid()));
    assertThat(credentialVersionData.getCredential().getName(), equalTo("/my-credential"));
    assertThat(credentialVersionData.getEncryptedValueData().getEncryptedValue(), equalTo("credential-password".getBytes()));
}
Also used : PasswordCredentialVersionData(org.cloudfoundry.credhub.entity.PasswordCredentialVersionData) PasswordCredentialVersionData(org.cloudfoundry.credhub.entity.PasswordCredentialVersionData) CertificateCredentialVersionData(org.cloudfoundry.credhub.entity.CertificateCredentialVersionData) SshCredentialVersionData(org.cloudfoundry.credhub.entity.SshCredentialVersionData) ValueCredentialVersionData(org.cloudfoundry.credhub.entity.ValueCredentialVersionData) CredentialVersionData(org.cloudfoundry.credhub.entity.CredentialVersionData) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion) PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion) CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion) ValueCredentialVersion(org.cloudfoundry.credhub.domain.ValueCredentialVersion) SshCredentialVersion(org.cloudfoundry.credhub.domain.SshCredentialVersion) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) Test(org.junit.Test)

Example 3 with CredentialVersionData

use of org.cloudfoundry.credhub.entity.CredentialVersionData in project credhub by cloudfoundry-incubator.

the class CertificateVersionDataServiceTest method findActive_FindsMostRecentNonTransitionalCredentialVersion.

@Test
public void findActive_FindsMostRecentNonTransitionalCredentialVersion() throws Exception {
    Credential certificate = mock(Credential.class);
    when(dataService.find("/some-ca-name")).thenReturn(certificate);
    CredentialVersionData certificateEntity = mock(CredentialVersionData.class);
    when(versionRepository.findLatestNonTransitionalCertificateVersion(any())).thenReturn(certificateEntity);
    CredentialVersion expectedVersion = mock(CredentialVersion.class);
    when(factory.makeCredentialFromEntity(certificateEntity)).thenReturn(expectedVersion);
    CredentialVersion activeVersion = subject.findActive("/some-ca-name");
    assertThat(activeVersion, equalTo(expectedVersion));
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) CredentialVersionData(org.cloudfoundry.credhub.entity.CredentialVersionData) CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion) Test(org.junit.Test)

Example 4 with CredentialVersionData

use of org.cloudfoundry.credhub.entity.CredentialVersionData in project credhub by cloudfoundry-incubator.

the class EncryptionKeyRotatorTest method whenDataExistsThatIsEncryptedWithUnknownKey_itShouldRotateDataThatItCanDecrypt.

@Test
public void whenDataExistsThatIsEncryptedWithUnknownKey_itShouldRotateDataThatItCanDecrypt() throws Exception {
    setupInitialContext();
    List<CredentialVersionData> beforeRotation = credentialVersionRepository.findByEncryptedCredentialValueEncryptionKeyUuidIn(keySet.getInactiveUuids());
    int numberToRotate = beforeRotation.size();
    assertThat(credentialVersionRepository.findOneByUuid(credentialWithUnknownKey.getUuid()).getEncryptionKeyUuid(), equalTo(unknownCanary.getUuid()));
    encryptionKeyRotator.rotate();
    List<CredentialVersionData> afterRotation = credentialVersionRepository.findByEncryptedCredentialValueEncryptionKeyUuidIn(keySet.getInactiveUuids());
    int numberToRotateWhenDone = afterRotation.size();
    assertThat(numberToRotate, equalTo(2));
    assertThat(numberToRotateWhenDone, equalTo(0));
    List<UUID> uuids = beforeRotation.stream().map(CredentialVersionData::getUuid).collect(Collectors.toList());
    // Gets updated to use current key:
    assertThat(credentialVersionRepository.findOneByUuid(credentialVersionWithOldKey.getUuid()).getEncryptionKeyUuid(), equalTo(keySet.getActive().getUuid()));
    assertThat(uuids, hasItem(credentialVersionWithOldKey.getUuid()));
    assertThat(credentialVersionRepository.findOneByUuid(password.getUuid()).getEncryptionKeyUuid(), equalTo(keySet.getActive().getUuid()));
    assertThat(uuids, hasItem(password.getUuid()));
    // Unchanged because we don't have the key:
    assertThat(credentialVersionRepository.findOneByUuid(credentialWithUnknownKey.getUuid()).getEncryptionKeyUuid(), equalTo(unknownCanary.getUuid()));
    assertThat(uuids, not(hasItem(credentialWithUnknownKey.getUuid())));
    // Unchanged because it's already up to date:
    assertThat(credentialVersionRepository.findOneByUuid(credentialWithCurrentKey.getUuid()).getEncryptionKeyUuid(), equalTo(keySet.getActive().getUuid()));
    assertThat(uuids, not(hasItem(credentialWithCurrentKey.getUuid())));
    PasswordCredentialVersion rotatedPassword = (PasswordCredentialVersion) credentialVersionDataService.findMostRecent(passwordName);
    assertThat(rotatedPassword.getPassword(), equalTo("test-password-plaintext"));
    assertThat(rotatedPassword.getGenerationParameters(), samePropertyValuesAs(new StringGenerationParameters().setExcludeNumber(true).setLength(23)));
}
Also used : PasswordCredentialVersionData(org.cloudfoundry.credhub.entity.PasswordCredentialVersionData) CertificateCredentialVersionData(org.cloudfoundry.credhub.entity.CertificateCredentialVersionData) CredentialVersionData(org.cloudfoundry.credhub.entity.CredentialVersionData) UUID(java.util.UUID) PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion) MockMvcResultHandlers.print(org.springframework.test.web.servlet.result.MockMvcResultHandlers.print) StringGenerationParameters(org.cloudfoundry.credhub.request.StringGenerationParameters) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) Test(org.junit.Test)

Example 5 with CredentialVersionData

use of org.cloudfoundry.credhub.entity.CredentialVersionData in project credhub by cloudfoundry-incubator.

the class CredentialVersionDataService method findActiveByName.

public List<CredentialVersion> findActiveByName(String name) {
    Credential credential = credentialDataService.find(name);
    CredentialVersionData credentialVersionData;
    ArrayList<CredentialVersion> result = newArrayList();
    if (credential != null) {
        credentialVersionData = credentialVersionRepository.findFirstByCredentialUuidOrderByVersionCreatedAtDesc(credential.getUuid());
        if (credentialVersionData.getCredentialType().equals(CertificateCredentialVersionData.CREDENTIAL_TYPE)) {
            return certificateVersionDataService.findActiveWithTransitional(name);
        }
        result.add(credentialFactory.makeCredentialFromEntity(credentialVersionData));
        return result;
    } else {
        return newArrayList();
    }
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) CertificateCredentialVersionData(org.cloudfoundry.credhub.entity.CertificateCredentialVersionData) CredentialVersionData(org.cloudfoundry.credhub.entity.CredentialVersionData) CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion)

Aggregations

CredentialVersionData (org.cloudfoundry.credhub.entity.CredentialVersionData)7 CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)5 CertificateCredentialVersionData (org.cloudfoundry.credhub.entity.CertificateCredentialVersionData)5 Test (org.junit.Test)5 Credential (org.cloudfoundry.credhub.entity.Credential)4 PasswordCredentialVersion (org.cloudfoundry.credhub.domain.PasswordCredentialVersion)3 PasswordCredentialVersionData (org.cloudfoundry.credhub.entity.PasswordCredentialVersionData)3 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)3 UUID (java.util.UUID)2 CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)2 EncryptedValue (org.cloudfoundry.credhub.entity.EncryptedValue)2 SshCredentialVersionData (org.cloudfoundry.credhub.entity.SshCredentialVersionData)2 ValueCredentialVersionData (org.cloudfoundry.credhub.entity.ValueCredentialVersionData)2 ArrayList (java.util.ArrayList)1 SshCredentialVersion (org.cloudfoundry.credhub.domain.SshCredentialVersion)1 ValueCredentialVersion (org.cloudfoundry.credhub.domain.ValueCredentialVersion)1 StringGenerationParameters (org.cloudfoundry.credhub.request.StringGenerationParameters)1 MockMvcResultHandlers.print (org.springframework.test.web.servlet.result.MockMvcResultHandlers.print)1