Search in sources :

Example 11 with PasswordCredentialVersionData

use of org.cloudfoundry.credhub.entity.PasswordCredentialVersionData in project credhub by cloudfoundry-incubator.

the class CredentialRegenerateTest method regeneratingAPasswordWithParametersThatCannotBeDecrypted_returnsAnError.

@Test
public void regeneratingAPasswordWithParametersThatCannotBeDecrypted_returnsAnError() throws Exception {
    EncryptionKeyCanary encryptionKeyCanary = new EncryptionKeyCanary();
    canaryDataService.save(encryptionKeyCanary);
    PasswordCredentialVersionData passwordCredentialData = new PasswordCredentialVersionData("/my-password");
    PasswordCredentialVersion originalCredential = new PasswordCredentialVersion(passwordCredentialData);
    originalCredential.setEncryptor(encryptor);
    originalCredential.setPasswordAndGenerationParameters("abcde", new StringGenerationParameters());
    passwordCredentialData.getEncryptedValueData().setEncryptionKeyUuid(encryptionKeyCanary.getUuid());
    credentialVersionDataService.save(originalCredential);
    // language=JSON
    String cannotRegenerate = "{\n" + "  \"error\": \"The credential could not be accessed with the provided encryption keys. You must update your deployment configuration to continue" + ".\"\n" + "}";
    MockHttpServletRequestBuilder request = post("/api/v1/data").header("Authorization", "Bearer " + AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content("{\"regenerate\":true,\"name\":\"my-password\"}");
    mockMvc.perform(request).andDo(print()).andExpect(status().isInternalServerError()).andExpect(content().json(cannotRegenerate));
}
Also used : EncryptionKeyCanary(org.cloudfoundry.credhub.entity.EncryptionKeyCanary) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) PasswordCredentialVersionData(org.cloudfoundry.credhub.entity.PasswordCredentialVersionData) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion) StringGenerationParameters(org.cloudfoundry.credhub.request.StringGenerationParameters) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) Test(org.junit.Test)

Example 12 with PasswordCredentialVersionData

use of org.cloudfoundry.credhub.entity.PasswordCredentialVersionData in project credhub by cloudfoundry-incubator.

the class CredentialVersionDataServiceTest method findByUuid_givenAUuid_findsTheCredential.

@Test
public void findByUuid_givenAUuid_findsTheCredential() {
    PasswordCredentialVersionData passwordCredentialData = new PasswordCredentialVersionData("/my-credential");
    passwordCredentialData.setEncryptedValueData(new EncryptedValue().setEncryptionKeyUuid(activeCanaryUuid).setEncryptedValue("credential-password".getBytes()).setNonce("nonce".getBytes()));
    PasswordCredentialVersion credential = new PasswordCredentialVersion(passwordCredentialData);
    PasswordCredentialVersion savedCredential = subject.save(credential);
    assertNotNull(savedCredential.getUuid());
    PasswordCredentialVersion oneByUuid = (PasswordCredentialVersion) subject.findByUuid(savedCredential.getUuid().toString());
    assertThat(oneByUuid.getName(), equalTo("/my-credential"));
    assertThat(passwordCredentialData.getEncryptedValueData().getEncryptedValue(), equalTo("credential-password".getBytes()));
}
Also used : PasswordCredentialVersionData(org.cloudfoundry.credhub.entity.PasswordCredentialVersionData) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) Test(org.junit.Test)

Example 13 with PasswordCredentialVersionData

use of org.cloudfoundry.credhub.entity.PasswordCredentialVersionData in project credhub by cloudfoundry-incubator.

the class CredentialVersionDataServiceTest method delete_givenACredentialNameCasedDifferentlyFromTheActual_shouldBeCaseInsensitive.

@Test
public void delete_givenACredentialNameCasedDifferentlyFromTheActual_shouldBeCaseInsensitive() {
    Credential credentialName = credentialDataService.save(new Credential("/my-credential"));
    PasswordCredentialVersionData credential = new PasswordCredentialVersionData();
    credential.setCredential(credentialName);
    credential.setEncryptedValueData(new EncryptedValue().setEncryptionKeyUuid(activeCanaryUuid).setEncryptedValue("credential-password".getBytes()).setNonce(new byte[] {}));
    subject.save(credential);
    credential = new PasswordCredentialVersionData();
    credential.setCredential(credentialName);
    credential.setEncryptedValueData(new EncryptedValue().setEncryptionKeyUuid(activeCanaryUuid).setEncryptedValue("another password".getBytes()).setNonce(new byte[] {}));
    subject.save(credential);
    assertThat(subject.findAllByName("/my-credential"), hasSize(2));
    subject.delete("/MY-CREDENTIAL");
    assertThat(subject.findAllByName("/my-credential"), empty());
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) PasswordCredentialVersionData(org.cloudfoundry.credhub.entity.PasswordCredentialVersionData) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) Test(org.junit.Test)

Example 14 with PasswordCredentialVersionData

use of org.cloudfoundry.credhub.entity.PasswordCredentialVersionData in project credhub by cloudfoundry-incubator.

the class CredentialVersionDataServiceTest method save_givenAnExistingCredential_updatesTheCredential.

@Test
public void save_givenAnExistingCredential_updatesTheCredential() {
    PasswordCredentialVersionData passwordCredentialData = new PasswordCredentialVersionData("/my-credential-2");
    passwordCredentialData.setEncryptedValueData(new EncryptedValue(activeCanaryUuid, "credential-password", "nonce"));
    PasswordCredentialVersion credential = new PasswordCredentialVersion(passwordCredentialData);
    subject.save(credential);
    passwordCredentialData.getEncryptedValueData().setEncryptedValue("irynas-ninja-skills".getBytes());
    subject.save(credential);
    PasswordCredentialVersion savedPasswordCredential = (PasswordCredentialVersion) subject.findMostRecent("/my-credential-2");
    CredentialVersionData credentialVersionData = credentialVersionRepository.findOneByUuid(savedPasswordCredential.getUuid());
    assertThat(credentialVersionData.getCredential().getName(), equalTo("/my-credential-2"));
    assertThat(credentialVersionData.getEncryptedValueData().getEncryptedValue(), equalTo("irynas-ninja-skills".getBytes()));
    assertThat(credentialVersionData.getUuid(), equalTo(credential.getUuid()));
}
Also used : PasswordCredentialVersionData(org.cloudfoundry.credhub.entity.PasswordCredentialVersionData) PasswordCredentialVersionData(org.cloudfoundry.credhub.entity.PasswordCredentialVersionData) CertificateCredentialVersionData(org.cloudfoundry.credhub.entity.CertificateCredentialVersionData) SshCredentialVersionData(org.cloudfoundry.credhub.entity.SshCredentialVersionData) ValueCredentialVersionData(org.cloudfoundry.credhub.entity.ValueCredentialVersionData) CredentialVersionData(org.cloudfoundry.credhub.entity.CredentialVersionData) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) PasswordCredentialVersion(org.cloudfoundry.credhub.domain.PasswordCredentialVersion) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) Test(org.junit.Test)

Example 15 with PasswordCredentialVersionData

use of org.cloudfoundry.credhub.entity.PasswordCredentialVersionData in project credhub by cloudfoundry-incubator.

the class CredentialVersionDataServiceTest method savePassword.

private PasswordCredentialVersion savePassword(long timeMillis, String name, UUID canaryUuid) {
    fakeTimeSetter.accept(timeMillis);
    Credential credential = credentialDataService.find(name);
    if (credential == null) {
        credential = credentialDataService.save(new Credential(name));
    }
    PasswordCredentialVersionData credentialObject = new PasswordCredentialVersionData();
    credentialObject.setCredential(credential);
    credentialObject.setEncryptedValueData(new EncryptedValue().setEncryptionKeyUuid(canaryUuid).setEncryptedValue(new byte[] {}).setNonce(new byte[] {}));
    return subject.save(credentialObject);
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) PasswordCredentialVersionData(org.cloudfoundry.credhub.entity.PasswordCredentialVersionData) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue)

Aggregations

PasswordCredentialVersionData (org.cloudfoundry.credhub.entity.PasswordCredentialVersionData)16 EncryptedValue (org.cloudfoundry.credhub.entity.EncryptedValue)12 Test (org.junit.Test)11 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)10 PasswordCredentialVersion (org.cloudfoundry.credhub.domain.PasswordCredentialVersion)9 ValueCredentialVersion (org.cloudfoundry.credhub.domain.ValueCredentialVersion)5 Credential (org.cloudfoundry.credhub.entity.Credential)5 ValueCredentialVersionData (org.cloudfoundry.credhub.entity.ValueCredentialVersionData)5 CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)4 CertificateCredentialVersionData (org.cloudfoundry.credhub.entity.CertificateCredentialVersionData)4 StringGenerationParameters (org.cloudfoundry.credhub.request.StringGenerationParameters)4 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2 CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)2 SshCredentialVersion (org.cloudfoundry.credhub.domain.SshCredentialVersion)2 CredentialVersionData (org.cloudfoundry.credhub.entity.CredentialVersionData)2 SshCredentialVersionData (org.cloudfoundry.credhub.entity.SshCredentialVersionData)2 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)2 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)2 EncryptionKeyCanary (org.cloudfoundry.credhub.entity.EncryptionKeyCanary)1 JsonObjectMapper (org.cloudfoundry.credhub.util.JsonObjectMapper)1