Examples with CommonCredential org.eclipse.hono.service.management.credentials.CommonCredential used on opensource projects

Example 1 with CommonCredential

use of org.eclipse.hono.service.management.credentials.CommonCredential in project hono by eclipse.

the class AbstractCredentialsManagementService method updateCredentials.

@Override
public final Future<OperationResult<Void>> updateCredentials(final String tenantId, final String deviceId, final List<CommonCredential> credentials, final Optional<String> resourceVersion, final Span span) {
    Objects.requireNonNull(tenantId);
    Objects.requireNonNull(deviceId);
    Objects.requireNonNull(credentials);
    Objects.requireNonNull(resourceVersion);
    Objects.requireNonNull(span);
    return this.tenantInformationService.getTenant(tenantId, span).compose(tenant -> tenant.checkCredentialsLimitExceeded(tenantId, credentials)).compose(ok -> verifyAndEncodePasswords(credentials)).compose(encodedCredentials -> processUpdateCredentials(DeviceKey.from(tenantId, deviceId), encodedCredentials, resourceVersion, span)).onSuccess(result -> NotificationEventBusSupport.sendNotification(vertx, new CredentialsChangeNotification(tenantId, deviceId, Instant.now()))).recover(t -> DeviceRegistryUtils.mapError(t, tenantId));
}

Example 2 with CommonCredential

use of org.eclipse.hono.service.management.credentials.CommonCredential in project hono by eclipse.

the class RegistryServiceTest method testGetDisabledCredentials.

@Test
void testGetDisabledCredentials(final VertxTestContext context) {
    Future.succeededFuture().flatMap(x -> {
        final var device = new Device();
        return this.registrationManagement.createDevice(DEFAULT_TENANT, Optional.of("d1"), device, SPAN).onComplete(context.succeeding(result -> {
            context.verify(() -> {
                assertThat(result.getStatus()).isEqualTo(HttpURLConnection.HTTP_CREATED);
            });
        }));
    }).flatMap(x -> {
        final var credentials = new LinkedList<CommonCredential>();
        final var psk = new PskCredential("a1", List.of(new PskSecret().setKey(new byte[] { 1, 2, 3, 4 })));
        psk.setEnabled(false);
        credentials.add(psk);
        return this.credentialsManagement.updateCredentials(DEFAULT_TENANT, "d1", credentials, Optional.empty(), SPAN).onFailure(context::failNow);
    }).flatMap(x -> {
        return this.credentialsAdapter.get(DEFAULT_TENANT, CredentialsConstants.SECRETS_TYPE_PRESHARED_KEY, "d1").onComplete(context.succeeding(result -> {
            context.verify(() -> {
                assertThat(result.getStatus()).isEqualTo(HttpURLConnection.HTTP_NOT_FOUND);
            });
        }));
    }).onComplete(context.succeedingThenComplete());
}

Example 3 with CommonCredential

use of org.eclipse.hono.service.management.credentials.CommonCredential in project hono by eclipse.

the class CredentialsApiTests method testGetCredentialsFailsForNonMatchingClientContext.

/**
 * Verifies that a request for credentials using a client context that does not match
 * the credentials on record fails with a 404.
 *
 * @param ctx The vert.x test context.
 */
@Timeout(value = 5, timeUnit = TimeUnit.SECONDS)
@Test
public void testGetCredentialsFailsForNonMatchingClientContext(final VertxTestContext ctx) {
    final String deviceId = getHelper().getRandomDeviceId(tenantId);
    final String authId = UUID.randomUUID().toString();
    final CommonCredential credentials = getRandomHashedPasswordCredential(authId).putExtension("client-id", UUID.randomUUID().toString());
    final JsonObject clientContext = new JsonObject().put("client-id", "non-matching");
    getHelper().registry.registerDevice(tenantId, deviceId).compose(httpResponse -> getHelper().registry.addCredentials(tenantId, deviceId, List.of(credentials))).compose(ok -> getClient().get(tenantId, CredentialsConstants.SECRETS_TYPE_HASHED_PASSWORD, authId, clientContext, spanContext)).onComplete(ctx.failing(t -> {
        ctx.verify(() -> assertErrorCode(t, HttpURLConnection.HTTP_NOT_FOUND));
        ctx.completeNow();
    }));
}

Example 4 with CommonCredential

use of org.eclipse.hono.service.management.credentials.CommonCredential in project hono by eclipse.

the class CredentialsApiTests method testGetCredentialsSucceedsForNonExistingClientContext.

/**
 * Verifies that a request for credentials using a client context succeeds if the credentials on record
 * do not have any extension properties with keys matching the provided client context.
 *
 * @param ctx The vert.x test context.
 */
@Timeout(value = 5, timeUnit = TimeUnit.SECONDS)
@Test
public void testGetCredentialsSucceedsForNonExistingClientContext(final VertxTestContext ctx) {
    final String deviceId = getHelper().getRandomDeviceId(tenantId);
    final String authId = UUID.randomUUID().toString();
    final CommonCredential credentials = getRandomHashedPasswordCredential(authId).putExtension("other", "property");
    final JsonObject clientContext = new JsonObject().put("client-id", "gateway-one");
    getHelper().registry.registerDevice(tenantId, deviceId).compose(httpResponse -> getHelper().registry.addCredentials(tenantId, deviceId, List.of(credentials))).compose(httpResponse -> getClient().get(tenantId, CredentialsConstants.SECRETS_TYPE_HASHED_PASSWORD, authId, clientContext, spanContext)).onComplete(ctx.succeeding(credentialsObject -> {
        ctx.verify(() -> {
            assertThat(credentialsObject.getSecrets()).isNotEmpty();
        });
        ctx.completeNow();
    }));
}

Example 5 with CommonCredential

use of org.eclipse.hono.service.management.credentials.CommonCredential in project hono by eclipse.

the class CredentialsManagementIT method testAddCredentialsSucceeds.

/**
 * Verifies that a newly added device has an empty set of credentials and that the
 * service successfully adds arbitrary types of credentials.
 *
 * @param context The vert.x test context.
 */
@Test
public void testAddCredentialsSucceeds(final VertxTestContext context) {
    final PasswordCredential pwdCredential = IntegrationTestSupport.createPasswordCredential(authId, "thePassword");
    pwdCredential.getExtensions().put("client-id", "MQTT-client-2384236854");
    final PskCredential pskCredential = IntegrationTestSupport.createPskCredentials("psk-id", "psk-key");
    final var x509Credential = X509CertificateCredential.fromSubjectDn("emailAddress=foo@bar.com, CN=foo, O=bar", List.of(new X509CertificateSecret()));
    x509Credential.setComment("non-standard attribute type");
    final List<CommonCredential> credentials = List.of(pwdCredential, pskCredential, x509Credential);
    registry.getCredentials(tenantId, deviceId).compose(httpResponse -> {
        context.verify(() -> {
            assertResourceVersionHasChanged(resourceVersion, httpResponse.headers());
            assertThat(httpResponse.bodyAsJsonArray()).isEmpty();
        });
        return registry.addCredentials(tenantId, deviceId, credentials);
    }).compose(httpResponse -> {
        context.verify(() -> assertResourceVersionHasChanged(resourceVersion, httpResponse.headers()));
        return registry.getCredentials(tenantId, deviceId);
    }).onComplete(context.succeeding(httpResponse -> {
        context.verify(() -> {
            final CommonCredential[] credsOnRecord = httpResponse.bodyAsJson(CommonCredential[].class);
            assertThat(credsOnRecord).hasLength(3);
            Arrays.stream(credsOnRecord).forEach(creds -> {
                assertThat(creds.getExtensions().get("device-id")).isNull();
                if (creds instanceof PasswordCredential) {
                    assertThat(creds.getExtensions().get("client-id")).isEqualTo("MQTT-client-2384236854");
                } else if (creds instanceof X509CertificateCredential) {
                    assertThat(creds.getComment()).isEqualTo("non-standard attribute type");
                }
                creds.getSecrets().forEach(secret -> {
                    assertThat(secret.isEnabled()).isTrue();
                    assertThat(secret.getId()).isNotNull();
                });
            });
        });
        context.completeNow();
    }));
}