Examples with StringGenerationParameters org.cloudfoundry.credhub.request.StringGenerationParameters used on opensource projects

Example 6 with StringGenerationParameters

use of org.cloudfoundry.credhub.request.StringGenerationParameters in project credhub by cloudfoundry-incubator.

the class GenerateHandlerTest method setUp.

@Before
public void setUp() throws Exception {
    credentialService = mock(PermissionedCredentialService.class);
    universalCredentialGenerator = mock(UniversalCredentialGenerator.class);
    permissionService = mock(PermissionService.class);
    subject = new GenerateHandler(credentialService, permissionService, universalCredentialGenerator);
    generationParameters = new StringGenerationParameters();
    accessControlEntries = new ArrayList<>();
    userContext = new UserContext();
    credentialVersion = mock(PasswordCredentialVersion.class);
    when(credentialService.save(anyObject(), anyObject(), anyObject(), anyList())).thenReturn(credentialVersion);
}

Example 7 with StringGenerationParameters

use of org.cloudfoundry.credhub.request.StringGenerationParameters in project credhub by cloudfoundry-incubator.

the class CredentialRegenerateTest method regeneratingAUser_regeneratesTheUser_andPersistsAnAuditEntry.

@Test
public void regeneratingAUser_regeneratesTheUser_andPersistsAnAuditEntry() throws Exception {
    UserCredentialVersion originalCredential = new UserCredentialVersion("/the-user");
    originalCredential.setEncryptor(encryptor);
    StringGenerationParameters generationParameters = new StringGenerationParameters();
    generationParameters.setExcludeNumber(true);
    generationParameters.setUsername("Darth Vader");
    originalCredential.setPassword("original-password");
    originalCredential.setUsername("Darth Vader");
    originalCredential.setSalt("pepper");
    originalCredential.setGenerationParameters(generationParameters);
    originalCredential.setVersionCreatedAt(FROZEN_TIME.plusSeconds(1));
    credentialVersionDataService.save(originalCredential);
    fakeTimeSetter.accept(FROZEN_TIME.plusSeconds(10).toEpochMilli());
    MockHttpServletRequestBuilder request = post("/api/v1/data").header("Authorization", "Bearer " + AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content("{\"regenerate\":true,\"name\":\"the-user\"}");
    mockMvc.perform(request).andExpect(status().isOk()).andExpect(content().contentTypeCompatibleWith(APPLICATION_JSON)).andExpect(jsonPath("$.type").value("user")).andExpect(jsonPath("$.version_created_at").value(FROZEN_TIME.plusSeconds(10).toString()));
    UserCredentialVersion newUser = (UserCredentialVersion) credentialVersionDataService.findMostRecent("/the-user");
    assertThat(newUser.getPassword(), not(equalTo(originalCredential.getPassword())));
    assertThat(newUser.getGenerationParameters().isExcludeNumber(), equalTo(true));
    assertThat(newUser.getUsername(), equalTo(originalCredential.getUsername()));
    auditingHelper.verifyAuditing(CREDENTIAL_UPDATE, "/the-user", AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID, "/api/v1/data", 200);
}

Example 8 with StringGenerationParameters

use of org.cloudfoundry.credhub.request.StringGenerationParameters in project credhub by cloudfoundry-incubator.

the class PasswordCredentialRegeneratable method createGenerateRequest.

@Override
public BaseCredentialGenerateRequest createGenerateRequest(CredentialVersion credentialVersion, List<EventAuditRecordParameters> auditRecordParameters) {
    PasswordCredentialVersion passwordCredential = (PasswordCredentialVersion) credentialVersion;
    PasswordGenerateRequest generateRequest = new PasswordGenerateRequest();
    generateRequest.setName(passwordCredential.getName());
    generateRequest.setType(passwordCredential.getCredentialType());
    generateRequest.setOverwrite(true);
    StringGenerationParameters generationParameters;
    generationParameters = passwordCredential.getGenerationParameters();
    if (generationParameters == null) {
        auditRecordParameters.add(new EventAuditRecordParameters(CREDENTIAL_UPDATE, credentialVersion.getName()));
        throw new ParameterizedValidationException("error.cannot_regenerate_non_generated_password");
    }
    generateRequest.setGenerationParameters(generationParameters);
    return generateRequest;
}

Example 9 with StringGenerationParameters

use of org.cloudfoundry.credhub.request.StringGenerationParameters in project credhub by cloudfoundry-incubator.

the class CredentialFactoryTest method setup.

@Before
public void setup() throws JsonProcessingException {
    Encryptor encryptor = mock(Encryptor.class);
    subject = new CredentialFactory(encryptor);
    objectMapper = new JsonObjectMapper();
    generationParameters = new StringGenerationParameters().setExcludeNumber(true).setLength(PLAINTEXT_VALUE.length());
    UUID encryptionKeyUuid = UUID.randomUUID();
    EncryptedValue encryption = new EncryptedValue(encryptionKeyUuid, PLAINTEXT_VALUE.getBytes(), "test-nonce".getBytes());
    when(encryptor.encrypt(PLAINTEXT_VALUE)).thenReturn(encryption);
    when(encryptor.decrypt(encryption)).thenReturn(PLAINTEXT_VALUE);
    String generationParametersJsonString = objectMapper.writeValueAsString(generationParameters);
    EncryptedValue parametersEncryption = new EncryptedValue(encryptionKeyUuid, "test-parameters".getBytes(), "test-parameters-nonce".getBytes());
    when(encryptor.encrypt(generationParametersJsonString)).thenReturn(parametersEncryption);
    when(encryptor.decrypt(parametersEncryption)).thenReturn(generationParametersJsonString);
    EncryptedValue jsonEncryption = new EncryptedValue(encryptionKeyUuid, jsonValueJsonString.getBytes(), "test-nonce".getBytes());
    when(encryptor.encrypt(jsonValueJsonString)).thenReturn(jsonEncryption);
    when(encryptor.decrypt(jsonEncryption)).thenReturn(jsonValueJsonString);
}

Example 10 with StringGenerationParameters

use of org.cloudfoundry.credhub.request.StringGenerationParameters in project credhub by cloudfoundry-incubator.

the class CredentialRotationTest method rotate_givenPasswordCredential_reEncryptsPasswordAndParametersWithActiveKey.

@Test
public void rotate_givenPasswordCredential_reEncryptsPasswordAndParametersWithActiveKey() throws Exception {
    PasswordCredentialVersionData passwordCredentialData = new PasswordCredentialVersionData("some-name");
    passwordCredentialData.setEncryptedValueData(new EncryptedValue().setEncryptionKeyUuid(oldEncryptionKeyUuid).setEncryptedValue("old-encrypted-value".getBytes()).setNonce("old-nonce".getBytes()));
    PasswordCredentialVersion password = new PasswordCredentialVersion(passwordCredentialData);
    password.setEncryptor(encryptor);
    EncryptedValue encryption = new EncryptedValue(oldEncryptionKeyUuid, "old-encrypted-parameters".getBytes(), "old-parameters-nonce".getBytes());
    passwordCredentialData.setEncryptedGenerationParameters(encryption);
    stringifiedParameters = new ObjectMapper().writeValueAsString(new StringGenerationParameters());
    when(encryptionService.decrypt(new EncryptedValue(oldEncryptionKeyUuid, "old-encrypted-parameters".getBytes(), "old-parameters-nonce".getBytes()))).thenReturn(stringifiedParameters);
    when(encryptionService.encrypt(stringifiedParameters)).thenReturn(new EncryptedValue(activeEncryptionKeyUuid, "new-encrypted-parameters".getBytes(), "new-nonce-parameters".getBytes()));
    password.rotate();
    assertThat(passwordCredentialData.getEncryptionKeyUuid(), equalTo(activeEncryptionKeyUuid));
    assertThat(passwordCredentialData.getEncryptedValueData().getEncryptedValue(), equalTo("new-encrypted-value".getBytes()));
    assertThat(passwordCredentialData.getNonce(), equalTo("new-nonce".getBytes()));
    assertThat(passwordCredentialData.getEncryptedGenerationParameters().getEncryptedValue(), equalTo("new-encrypted-parameters".getBytes()));
    assertThat(passwordCredentialData.getEncryptedGenerationParameters().getNonce(), equalTo("new-nonce-parameters".getBytes()));
}