Search in sources :

Example 1 with CertificateSetRequest

use of org.cloudfoundry.credhub.request.CertificateSetRequest in project credhub by cloudfoundry-incubator.

the class SetHandlerTest method handleSetRequest_withACertificateSetRequest_andACaName_providesCaCertificate.

@Test
public void handleSetRequest_withACertificateSetRequest_andACaName_providesCaCertificate() {
    CertificateCredentialValue cerificateAuthority = new CertificateCredentialValue(null, TestConstants.TEST_CA, null, null);
    when(certificateAuthorityService.findActiveVersion("/test-ca-name")).thenReturn(cerificateAuthority);
    CertificateSetRequest setRequest = new CertificateSetRequest();
    final CertificateCredentialValue credentialValue = new CertificateCredentialValue(null, TestConstants.TEST_CERTIFICATE, "Enterprise", "test-ca-name");
    final ArrayList<EventAuditRecordParameters> eventAuditRecordParameters = new ArrayList<>();
    setRequest.setType("certificate");
    setRequest.setName("/captain");
    setRequest.setAdditionalPermissions(accessControlEntries);
    setRequest.setOverwrite(false);
    setRequest.setCertificateValue(credentialValue);
    CertificateCredentialValue expectedCredentialValue = new CertificateCredentialValue(TestConstants.TEST_CA, TestConstants.TEST_CERTIFICATE, "Enterprise", "/test-ca-name");
    ArgumentCaptor<CredentialValue> credentialValueArgumentCaptor = ArgumentCaptor.forClass(CredentialValue.class);
    subject.handle(setRequest, eventAuditRecordParameters);
    verify(credentialService).save(eq(null), credentialValueArgumentCaptor.capture(), eq(setRequest), eq(eventAuditRecordParameters));
    assertThat(credentialValueArgumentCaptor.getValue(), samePropertyValuesAs(expectedCredentialValue));
    verify(permissionService).savePermissions(credentialVersion, accessControlEntries, eventAuditRecordParameters, true, "/captain");
}
Also used : UserCredentialValue(org.cloudfoundry.credhub.credential.UserCredentialValue) CredentialValue(org.cloudfoundry.credhub.credential.CredentialValue) StringCredentialValue(org.cloudfoundry.credhub.credential.StringCredentialValue) CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) ArrayList(java.util.ArrayList) CertificateSetRequest(org.cloudfoundry.credhub.request.CertificateSetRequest) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) Test(org.junit.Test)

Example 2 with CertificateSetRequest

use of org.cloudfoundry.credhub.request.CertificateSetRequest in project credhub by cloudfoundry-incubator.

the class SetHandler method handle.

public CredentialView handle(BaseCredentialSetRequest setRequest, List<EventAuditRecordParameters> auditRecordParameters) {
    if (setRequest instanceof CertificateSetRequest) {
        // fill in the ca value if it's one of ours
        CertificateCredentialValue certificateValue = ((CertificateSetRequest) setRequest).getCertificateValue();
        String caName = certificateValue.getCaName();
        if (caName != null) {
            final String caValue = certificateAuthorityService.findActiveVersion(caName).getCertificate();
            certificateValue.setCa(caValue);
            CertificateReader certificateReader = new CertificateReader(certificateValue.getCertificate());
            if (!certificateReader.isSignedByCa(caValue)) {
                throw new ParameterizedValidationException("error.certificate_was_not_signed_by_ca_name");
            }
        }
    }
    CredentialVersion existingCredentialVersion = credentialService.findMostRecent(setRequest.getName());
    final CredentialVersion credentialVersion = credentialService.save(existingCredentialVersion, setRequest.getCredentialValue(), setRequest, auditRecordParameters);
    final boolean isNewCredential = existingCredentialVersion == null;
    if (isNewCredential || setRequest.isOverwrite()) {
        permissionService.savePermissions(credentialVersion, setRequest.getAdditionalPermissions(), auditRecordParameters, isNewCredential, setRequest.getName());
    }
    return CredentialView.fromEntity(credentialVersion);
}
Also used : CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) CertificateSetRequest(org.cloudfoundry.credhub.request.CertificateSetRequest) ParameterizedValidationException(org.cloudfoundry.credhub.exceptions.ParameterizedValidationException) CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion) CertificateReader(org.cloudfoundry.credhub.util.CertificateReader)

Example 3 with CertificateSetRequest

use of org.cloudfoundry.credhub.request.CertificateSetRequest in project credhub by cloudfoundry-incubator.

the class SetHandlerTest method handleSetRequest_withACertificateSetRequest_andNoCaName_usesCorrectParameters.

@Test
public void handleSetRequest_withACertificateSetRequest_andNoCaName_usesCorrectParameters() {
    CertificateSetRequest setRequest = new CertificateSetRequest();
    final CertificateCredentialValue certificateValue = new CertificateCredentialValue(null, "Picard", "Enterprise", null);
    final ArrayList<EventAuditRecordParameters> eventAuditRecordParameters = new ArrayList<>();
    setRequest.setType("certificate");
    setRequest.setName("/captain");
    setRequest.setAdditionalPermissions(accessControlEntries);
    setRequest.setOverwrite(false);
    setRequest.setCertificateValue(certificateValue);
    subject.handle(setRequest, eventAuditRecordParameters);
    verify(credentialService).save(null, certificateValue, setRequest, eventAuditRecordParameters);
    verify(permissionService).savePermissions(credentialVersion, accessControlEntries, eventAuditRecordParameters, true, "/captain");
}
Also used : CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) ArrayList(java.util.ArrayList) CertificateSetRequest(org.cloudfoundry.credhub.request.CertificateSetRequest) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) Test(org.junit.Test)

Aggregations

CertificateCredentialValue (org.cloudfoundry.credhub.credential.CertificateCredentialValue)3 CertificateSetRequest (org.cloudfoundry.credhub.request.CertificateSetRequest)3 ArrayList (java.util.ArrayList)2 EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)2 Test (org.junit.Test)2 CredentialValue (org.cloudfoundry.credhub.credential.CredentialValue)1 StringCredentialValue (org.cloudfoundry.credhub.credential.StringCredentialValue)1 UserCredentialValue (org.cloudfoundry.credhub.credential.UserCredentialValue)1 CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)1 ParameterizedValidationException (org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)1 CertificateReader (org.cloudfoundry.credhub.util.CertificateReader)1