Examples with Credentials org.eclipse.hono.service.management.credentials.Credentials used on opensource projects

Example 6 with Credentials

use of org.eclipse.hono.service.management.credentials.Credentials in project hono by eclipse.

the class CredentialsApiTests method testGetCredentialsFailsForNonMatchingClientContext.

/**
 * Verifies that a request for credentials using a client context that does not match
 * the credentials on record fails with a 404.
 *
 * @param ctx The vert.x test context.
 */
@Timeout(value = 5, timeUnit = TimeUnit.SECONDS)
@Test
public void testGetCredentialsFailsForNonMatchingClientContext(final VertxTestContext ctx) {
    final String deviceId = getHelper().getRandomDeviceId(tenantId);
    final String authId = UUID.randomUUID().toString();
    final CommonCredential credentials = getRandomHashedPasswordCredential(authId).putExtension("client-id", UUID.randomUUID().toString());
    final JsonObject clientContext = new JsonObject().put("client-id", "non-matching");
    getHelper().registry.registerDevice(tenantId, deviceId).compose(httpResponse -> getHelper().registry.addCredentials(tenantId, deviceId, List.of(credentials))).compose(ok -> getClient().get(tenantId, CredentialsConstants.SECRETS_TYPE_HASHED_PASSWORD, authId, clientContext, spanContext)).onComplete(ctx.failing(t -> {
        ctx.verify(() -> assertErrorCode(t, HttpURLConnection.HTTP_NOT_FOUND));
        ctx.completeNow();
    }));
}

Example 7 with Credentials

use of org.eclipse.hono.service.management.credentials.Credentials in project hono by eclipse.

the class CredentialsApiTests method testAutoProvisioningSucceeds.

private void testAutoProvisioningSucceeds(final VertxTestContext ctx, final Tenant tenant, final X509Certificate cert, final boolean isGateway, final String expectedDeviceId) throws CertificateEncodingException {
    final Checkpoint autoProvisioningEventReceived = ctx.checkpoint(1);
    final Checkpoint autoProvisioningCompleted = ctx.checkpoint(1);
    // GIVEN a client context that contains a client certificate
    final JsonObject clientCtx = new JsonObject().put(CredentialsConstants.FIELD_CLIENT_CERT, cert.getEncoded());
    final String authId = cert.getSubjectX500Principal().getName(X500Principal.RFC2253);
    tenantId = getHelper().getRandomTenantId();
    getHelper().applicationClient.createEventConsumer(tenantId, msg -> ctx.verify(() -> {
        // VERIFY that the auto-provisioning event for the device has been received
        verifyAutoProvisioningEventNotification(tenantId, expectedDeviceId, msg);
        autoProvisioningEventReceived.flag();
    }), close -> {
    }).compose(ok -> getHelper().registry.addTenant(tenantId, tenant)).compose(ok -> getClient().get(tenantId, CredentialsConstants.SECRETS_TYPE_X509_CERT, authId, clientCtx, spanContext)).compose(result -> {
        if (LOG.isDebugEnabled()) {
            LOG.debug("received get Credentials result from Credentials service:{}{}", System.lineSeparator(), JsonObject.mapFrom(result).encodePrettily());
        }
        // VERIFY the newly created credentials
        ctx.verify(() -> {
            assertThat(result).isNotNull();
            assertThat(result.isEnabled()).isTrue();
            assertThat(result.getDeviceId()).isNotNull();
            assertThat(result.getAuthId()).isEqualTo(authId);
            assertThat(result.getType()).isEqualTo(CredentialsConstants.SECRETS_TYPE_X509_CERT);
            assertThat(result.getSecrets()).isNotNull();
            assertThat(result.getSecrets()).hasSize(1);
            if (expectedDeviceId != null) {
                // VERIFY the generated device-id
                assertThat(result.getDeviceId()).isEqualTo(expectedDeviceId);
            }
        });
        // WHEN getting device registration information
        return getHelper().registry.getRegistrationInfo(tenantId, result.getDeviceId());
    }).onComplete(ctx.succeeding(result -> {
        ctx.verify(() -> {
            final JsonObject resultBody = result.bodyAsJsonObject();
            if (LOG.isDebugEnabled()) {
                LOG.debug("received get Device result from Registry Management API:{}{}", System.lineSeparator(), resultBody.encodePrettily());
            }
            // VERIFY that the device/gateway has been registered as well
            final Device device = resultBody.mapTo(Device.class);
            assertThat(device.isEnabled()).isTrue();
            if (isGateway) {
                // VERIFY that the gateway related attributes are set
                assertThat(device.getAuthorities()).contains(RegistryManagementConstants.AUTHORITY_AUTO_PROVISIONING_ENABLED);
            }
            // VERIFY that the property "auto-provisioning-notification-sent" is updated to true.
            final DeviceStatus deviceStatus = resultBody.getJsonObject(RegistryManagementConstants.FIELD_STATUS).mapTo(DeviceStatus.class);
            assertWithMessage("device auto-provisioned").that(deviceStatus.isAutoProvisioned()).isTrue();
            assertWithMessage("auto-provisioning notification for device sent").that(deviceStatus.isAutoProvisioningNotificationSent()).isTrue();
        });
        autoProvisioningCompleted.flag();
    }));
}

Example 8 with Credentials

use of org.eclipse.hono.service.management.credentials.Credentials in project hono by eclipse.

the class CredentialsApiTests method testGetCredentialsSucceedsForNonExistingClientContext.

/**
 * Verifies that a request for credentials using a client context succeeds if the credentials on record
 * do not have any extension properties with keys matching the provided client context.
 *
 * @param ctx The vert.x test context.
 */
@Timeout(value = 5, timeUnit = TimeUnit.SECONDS)
@Test
public void testGetCredentialsSucceedsForNonExistingClientContext(final VertxTestContext ctx) {
    final String deviceId = getHelper().getRandomDeviceId(tenantId);
    final String authId = UUID.randomUUID().toString();
    final CommonCredential credentials = getRandomHashedPasswordCredential(authId).putExtension("other", "property");
    final JsonObject clientContext = new JsonObject().put("client-id", "gateway-one");
    getHelper().registry.registerDevice(tenantId, deviceId).compose(httpResponse -> getHelper().registry.addCredentials(tenantId, deviceId, List.of(credentials))).compose(httpResponse -> getClient().get(tenantId, CredentialsConstants.SECRETS_TYPE_HASHED_PASSWORD, authId, clientContext, spanContext)).onComplete(ctx.succeeding(credentialsObject -> {
        ctx.verify(() -> {
            assertThat(credentialsObject.getSecrets()).isNotEmpty();
        });
        ctx.completeNow();
    }));
}

Example 9 with Credentials

use of org.eclipse.hono.service.management.credentials.Credentials in project hono by eclipse.

the class MongoDbBasedCredentialServiceTest method testUpdateCredentialsFailsForExceededCredentialsPerDeviceLimit.

/**
 * Verifies that a request to update credentials of a device fails with a 403 status code
 * if the number of credentials exceeds the tenant's configured limit.
 *
 * @param ctx The vert.x test context.
 */
@Test
public void testUpdateCredentialsFailsForExceededCredentialsPerDeviceLimit(final VertxTestContext ctx) {
    final var tenantId = UUID.randomUUID().toString();
    final var deviceId = UUID.randomUUID().toString();
    when(tenantInformationService.getTenant(anyString(), any())).thenReturn(Future.succeededFuture(new Tenant().setRegistrationLimits(new RegistrationLimits().setMaxCredentialsPerDevice(1))));
    credentialsManagementService.updateCredentials(tenantId, deviceId, List.of(Credentials.createPasswordCredential("device1", "secret"), Credentials.createPasswordCredential("device2", "secret")), Optional.empty(), NoopSpan.INSTANCE).onComplete(ctx.failing(t -> {
        ctx.verify(() -> {
            Assertions.assertServiceInvocationException(t, HttpURLConnection.HTTP_FORBIDDEN);
        });
        ctx.completeNow();
    }));
}

Example 10 with Credentials

use of org.eclipse.hono.service.management.credentials.Credentials in project hono by eclipse.

the class JdbcBasedCredentialsServiceTest method testUpdateCredentialsFailsForExceededCredentialsPerDeviceLimit.

/**
 * Verifies that a request to update credentials of a device fails with a 403 status code
 * if the number of credentials exceeds the tenant's configured limit.
 *
 * @param ctx The vert.x test context.
 */
@Test
public void testUpdateCredentialsFailsForExceededCredentialsPerDeviceLimit(final VertxTestContext ctx) {
    final var tenantId = UUID.randomUUID().toString();
    final var deviceId = UUID.randomUUID().toString();
    when(tenantInformationService.getTenant(anyString(), any())).thenReturn(Future.succeededFuture(new Tenant().setRegistrationLimits(new RegistrationLimits().setMaxCredentialsPerDevice(1))));
    getDeviceManagementService().createDevice(tenantId, Optional.of(deviceId), new Device(), NoopSpan.INSTANCE).onFailure(ctx::failNow).compose(ok -> getCredentialsManagementService().updateCredentials(tenantId, deviceId, List.of(Credentials.createPasswordCredential("device1", "secret"), Credentials.createPasswordCredential("device2", "secret")), Optional.empty(), NoopSpan.INSTANCE)).onComplete(ctx.failing(t -> {
        ctx.verify(() -> {
            Assertions.assertServiceInvocationException(t, HttpURLConnection.HTTP_FORBIDDEN);
        });
        ctx.completeNow();
    }));
}