use of org.eclipse.hono.service.management.credentials.CommonCredential in project hono by eclipse.
the class AbstractCredentialsManagementService method updateCredentials.
@Override
public final Future<OperationResult<Void>> updateCredentials(final String tenantId, final String deviceId, final List<CommonCredential> credentials, final Optional<String> resourceVersion, final Span span) {
Objects.requireNonNull(tenantId);
Objects.requireNonNull(deviceId);
Objects.requireNonNull(credentials);
Objects.requireNonNull(resourceVersion);
Objects.requireNonNull(span);
return this.tenantInformationService.getTenant(tenantId, span).compose(tenant -> tenant.checkCredentialsLimitExceeded(tenantId, credentials)).compose(ok -> verifyAndEncodePasswords(credentials)).compose(encodedCredentials -> processUpdateCredentials(DeviceKey.from(tenantId, deviceId), encodedCredentials, resourceVersion, span)).onSuccess(result -> NotificationEventBusSupport.sendNotification(vertx, new CredentialsChangeNotification(tenantId, deviceId, Instant.now()))).recover(t -> DeviceRegistryUtils.mapError(t, tenantId));
}
use of org.eclipse.hono.service.management.credentials.CommonCredential in project hono by eclipse.
the class RegistryServiceTest method testGetDisabledCredentials.
@Test
void testGetDisabledCredentials(final VertxTestContext context) {
Future.succeededFuture().flatMap(x -> {
final var device = new Device();
return this.registrationManagement.createDevice(DEFAULT_TENANT, Optional.of("d1"), device, SPAN).onComplete(context.succeeding(result -> {
context.verify(() -> {
assertThat(result.getStatus()).isEqualTo(HttpURLConnection.HTTP_CREATED);
});
}));
}).flatMap(x -> {
final var credentials = new LinkedList<CommonCredential>();
final var psk = new PskCredential("a1", List.of(new PskSecret().setKey(new byte[] { 1, 2, 3, 4 })));
psk.setEnabled(false);
credentials.add(psk);
return this.credentialsManagement.updateCredentials(DEFAULT_TENANT, "d1", credentials, Optional.empty(), SPAN).onFailure(context::failNow);
}).flatMap(x -> {
return this.credentialsAdapter.get(DEFAULT_TENANT, CredentialsConstants.SECRETS_TYPE_PRESHARED_KEY, "d1").onComplete(context.succeeding(result -> {
context.verify(() -> {
assertThat(result.getStatus()).isEqualTo(HttpURLConnection.HTTP_NOT_FOUND);
});
}));
}).onComplete(context.succeedingThenComplete());
}
use of org.eclipse.hono.service.management.credentials.CommonCredential in project hono by eclipse.
the class CredentialsApiTests method testGetCredentialsFailsForNonMatchingClientContext.
/**
* Verifies that a request for credentials using a client context that does not match
* the credentials on record fails with a 404.
*
* @param ctx The vert.x test context.
*/
@Timeout(value = 5, timeUnit = TimeUnit.SECONDS)
@Test
public void testGetCredentialsFailsForNonMatchingClientContext(final VertxTestContext ctx) {
final String deviceId = getHelper().getRandomDeviceId(tenantId);
final String authId = UUID.randomUUID().toString();
final CommonCredential credentials = getRandomHashedPasswordCredential(authId).putExtension("client-id", UUID.randomUUID().toString());
final JsonObject clientContext = new JsonObject().put("client-id", "non-matching");
getHelper().registry.registerDevice(tenantId, deviceId).compose(httpResponse -> getHelper().registry.addCredentials(tenantId, deviceId, List.of(credentials))).compose(ok -> getClient().get(tenantId, CredentialsConstants.SECRETS_TYPE_HASHED_PASSWORD, authId, clientContext, spanContext)).onComplete(ctx.failing(t -> {
ctx.verify(() -> assertErrorCode(t, HttpURLConnection.HTTP_NOT_FOUND));
ctx.completeNow();
}));
}
use of org.eclipse.hono.service.management.credentials.CommonCredential in project hono by eclipse.
the class CredentialsApiTests method testGetCredentialsSucceedsForNonExistingClientContext.
/**
* Verifies that a request for credentials using a client context succeeds if the credentials on record
* do not have any extension properties with keys matching the provided client context.
*
* @param ctx The vert.x test context.
*/
@Timeout(value = 5, timeUnit = TimeUnit.SECONDS)
@Test
public void testGetCredentialsSucceedsForNonExistingClientContext(final VertxTestContext ctx) {
final String deviceId = getHelper().getRandomDeviceId(tenantId);
final String authId = UUID.randomUUID().toString();
final CommonCredential credentials = getRandomHashedPasswordCredential(authId).putExtension("other", "property");
final JsonObject clientContext = new JsonObject().put("client-id", "gateway-one");
getHelper().registry.registerDevice(tenantId, deviceId).compose(httpResponse -> getHelper().registry.addCredentials(tenantId, deviceId, List.of(credentials))).compose(httpResponse -> getClient().get(tenantId, CredentialsConstants.SECRETS_TYPE_HASHED_PASSWORD, authId, clientContext, spanContext)).onComplete(ctx.succeeding(credentialsObject -> {
ctx.verify(() -> {
assertThat(credentialsObject.getSecrets()).isNotEmpty();
});
ctx.completeNow();
}));
}
use of org.eclipse.hono.service.management.credentials.CommonCredential in project hono by eclipse.
the class CredentialsManagementIT method testAddCredentialsSucceeds.
/**
* Verifies that a newly added device has an empty set of credentials and that the
* service successfully adds arbitrary types of credentials.
*
* @param context The vert.x test context.
*/
@Test
public void testAddCredentialsSucceeds(final VertxTestContext context) {
final PasswordCredential pwdCredential = IntegrationTestSupport.createPasswordCredential(authId, "thePassword");
pwdCredential.getExtensions().put("client-id", "MQTT-client-2384236854");
final PskCredential pskCredential = IntegrationTestSupport.createPskCredentials("psk-id", "psk-key");
final var x509Credential = X509CertificateCredential.fromSubjectDn("emailAddress=foo@bar.com, CN=foo, O=bar", List.of(new X509CertificateSecret()));
x509Credential.setComment("non-standard attribute type");
final List<CommonCredential> credentials = List.of(pwdCredential, pskCredential, x509Credential);
registry.getCredentials(tenantId, deviceId).compose(httpResponse -> {
context.verify(() -> {
assertResourceVersionHasChanged(resourceVersion, httpResponse.headers());
assertThat(httpResponse.bodyAsJsonArray()).isEmpty();
});
return registry.addCredentials(tenantId, deviceId, credentials);
}).compose(httpResponse -> {
context.verify(() -> assertResourceVersionHasChanged(resourceVersion, httpResponse.headers()));
return registry.getCredentials(tenantId, deviceId);
}).onComplete(context.succeeding(httpResponse -> {
context.verify(() -> {
final CommonCredential[] credsOnRecord = httpResponse.bodyAsJson(CommonCredential[].class);
assertThat(credsOnRecord).hasLength(3);
Arrays.stream(credsOnRecord).forEach(creds -> {
assertThat(creds.getExtensions().get("device-id")).isNull();
if (creds instanceof PasswordCredential) {
assertThat(creds.getExtensions().get("client-id")).isEqualTo("MQTT-client-2384236854");
} else if (creds instanceof X509CertificateCredential) {
assertThat(creds.getComment()).isEqualTo("non-standard attribute type");
}
creds.getSecrets().forEach(secret -> {
assertThat(secret.isEnabled()).isTrue();
assertThat(secret.getId()).isNotNull();
});
});
});
context.completeNow();
}));
}
Aggregations