use of org.cloudfoundry.credhub.entity.PasswordCredentialVersionData in project credhub by cloudfoundry-incubator.
the class CredentialRegenerateTest method regeneratingAPasswordWithParametersThatCannotBeDecrypted_returnsAnError.
@Test
public void regeneratingAPasswordWithParametersThatCannotBeDecrypted_returnsAnError() throws Exception {
EncryptionKeyCanary encryptionKeyCanary = new EncryptionKeyCanary();
canaryDataService.save(encryptionKeyCanary);
PasswordCredentialVersionData passwordCredentialData = new PasswordCredentialVersionData("/my-password");
PasswordCredentialVersion originalCredential = new PasswordCredentialVersion(passwordCredentialData);
originalCredential.setEncryptor(encryptor);
originalCredential.setPasswordAndGenerationParameters("abcde", new StringGenerationParameters());
passwordCredentialData.getEncryptedValueData().setEncryptionKeyUuid(encryptionKeyCanary.getUuid());
credentialVersionDataService.save(originalCredential);
// language=JSON
String cannotRegenerate = "{\n" + " \"error\": \"The credential could not be accessed with the provided encryption keys. You must update your deployment configuration to continue" + ".\"\n" + "}";
MockHttpServletRequestBuilder request = post("/api/v1/data").header("Authorization", "Bearer " + AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content("{\"regenerate\":true,\"name\":\"my-password\"}");
mockMvc.perform(request).andDo(print()).andExpect(status().isInternalServerError()).andExpect(content().json(cannotRegenerate));
}
use of org.cloudfoundry.credhub.entity.PasswordCredentialVersionData in project credhub by cloudfoundry-incubator.
the class CredentialVersionDataServiceTest method findByUuid_givenAUuid_findsTheCredential.
@Test
public void findByUuid_givenAUuid_findsTheCredential() {
PasswordCredentialVersionData passwordCredentialData = new PasswordCredentialVersionData("/my-credential");
passwordCredentialData.setEncryptedValueData(new EncryptedValue().setEncryptionKeyUuid(activeCanaryUuid).setEncryptedValue("credential-password".getBytes()).setNonce("nonce".getBytes()));
PasswordCredentialVersion credential = new PasswordCredentialVersion(passwordCredentialData);
PasswordCredentialVersion savedCredential = subject.save(credential);
assertNotNull(savedCredential.getUuid());
PasswordCredentialVersion oneByUuid = (PasswordCredentialVersion) subject.findByUuid(savedCredential.getUuid().toString());
assertThat(oneByUuid.getName(), equalTo("/my-credential"));
assertThat(passwordCredentialData.getEncryptedValueData().getEncryptedValue(), equalTo("credential-password".getBytes()));
}
use of org.cloudfoundry.credhub.entity.PasswordCredentialVersionData in project credhub by cloudfoundry-incubator.
the class CredentialVersionDataServiceTest method delete_givenACredentialNameCasedDifferentlyFromTheActual_shouldBeCaseInsensitive.
@Test
public void delete_givenACredentialNameCasedDifferentlyFromTheActual_shouldBeCaseInsensitive() {
Credential credentialName = credentialDataService.save(new Credential("/my-credential"));
PasswordCredentialVersionData credential = new PasswordCredentialVersionData();
credential.setCredential(credentialName);
credential.setEncryptedValueData(new EncryptedValue().setEncryptionKeyUuid(activeCanaryUuid).setEncryptedValue("credential-password".getBytes()).setNonce(new byte[] {}));
subject.save(credential);
credential = new PasswordCredentialVersionData();
credential.setCredential(credentialName);
credential.setEncryptedValueData(new EncryptedValue().setEncryptionKeyUuid(activeCanaryUuid).setEncryptedValue("another password".getBytes()).setNonce(new byte[] {}));
subject.save(credential);
assertThat(subject.findAllByName("/my-credential"), hasSize(2));
subject.delete("/MY-CREDENTIAL");
assertThat(subject.findAllByName("/my-credential"), empty());
}
use of org.cloudfoundry.credhub.entity.PasswordCredentialVersionData in project credhub by cloudfoundry-incubator.
the class CredentialVersionDataServiceTest method save_givenAnExistingCredential_updatesTheCredential.
@Test
public void save_givenAnExistingCredential_updatesTheCredential() {
PasswordCredentialVersionData passwordCredentialData = new PasswordCredentialVersionData("/my-credential-2");
passwordCredentialData.setEncryptedValueData(new EncryptedValue(activeCanaryUuid, "credential-password", "nonce"));
PasswordCredentialVersion credential = new PasswordCredentialVersion(passwordCredentialData);
subject.save(credential);
passwordCredentialData.getEncryptedValueData().setEncryptedValue("irynas-ninja-skills".getBytes());
subject.save(credential);
PasswordCredentialVersion savedPasswordCredential = (PasswordCredentialVersion) subject.findMostRecent("/my-credential-2");
CredentialVersionData credentialVersionData = credentialVersionRepository.findOneByUuid(savedPasswordCredential.getUuid());
assertThat(credentialVersionData.getCredential().getName(), equalTo("/my-credential-2"));
assertThat(credentialVersionData.getEncryptedValueData().getEncryptedValue(), equalTo("irynas-ninja-skills".getBytes()));
assertThat(credentialVersionData.getUuid(), equalTo(credential.getUuid()));
}
use of org.cloudfoundry.credhub.entity.PasswordCredentialVersionData in project credhub by cloudfoundry-incubator.
the class CredentialVersionDataServiceTest method savePassword.
private PasswordCredentialVersion savePassword(long timeMillis, String name, UUID canaryUuid) {
fakeTimeSetter.accept(timeMillis);
Credential credential = credentialDataService.find(name);
if (credential == null) {
credential = credentialDataService.save(new Credential(name));
}
PasswordCredentialVersionData credentialObject = new PasswordCredentialVersionData();
credentialObject.setCredential(credential);
credentialObject.setEncryptedValueData(new EncryptedValue().setEncryptionKeyUuid(canaryUuid).setEncryptedValue(new byte[] {}).setNonce(new byte[] {}));
return subject.save(credentialObject);
}
Aggregations