Examples with PasswordCredential org.eclipse.hono.service.management.credentials.PasswordCredential used on opensource projects

Example 1 with PasswordCredential

use of org.eclipse.hono.service.management.credentials.PasswordCredential in project hono by eclipse.

the class DeviceRegistryHttpClient method addDeviceForTenant.

/**
 * Creates a tenant and adds a device to it with a given password.
 * <p>
 * The password will be added as a hashed password using the device identifier as the authentication identifier.
 *
 * @param tenantId The ID of the tenant to create.
 * @param tenant The tenant payload as specified by the Tenant management API.
 * @param deviceId The identifier of the device to add.
 * @param device The data to register for the device.
 * @param password The password to use for the device's credentials.
 * @return A future indicating the outcome of the operation.
 * @throws NullPointerException if tenant is {@code null}.
 */
public Future<HttpResponse<Buffer>> addDeviceForTenant(final String tenantId, final Tenant tenant, final String deviceId, final Device device, final String password) {
    Objects.requireNonNull(tenant);
    final PasswordCredential secret = IntegrationTestSupport.createPasswordCredential(deviceId, password);
    return addTenant(tenantId, tenant).compose(ok -> registerDevice(tenantId, deviceId, device)).compose(ok -> addCredentials(tenantId, deviceId, Collections.singleton(secret)));
}

Example 2 with PasswordCredential

use of org.eclipse.hono.service.management.credentials.PasswordCredential in project hono by eclipse.

the class DeviceRegistryHttpClient method addDeviceToTenant.

/**
 * Adds a device with a given password to an existing tenant.
 * <p>
 * The password will be added as a hashed password using the device identifier as the authentication identifier.
 *
 * @param tenantId The identifier of the tenant to add the device to.
 * @param deviceId The identifier of the device to add.
 * @param data The data to register for the device.
 * @param password The password to use for the device's credentials.
 * @return A future indicating the outcome of the operation.
 * @throws NullPointerException if any of the parameters are {@code null}.
 */
public Future<HttpResponse<Buffer>> addDeviceToTenant(final String tenantId, final String deviceId, final Device data, final String password) {
    Objects.requireNonNull(tenantId);
    Objects.requireNonNull(deviceId);
    Objects.requireNonNull(data);
    Objects.requireNonNull(password);
    final PasswordCredential secret = IntegrationTestSupport.createPasswordCredential(deviceId, password);
    return registerDevice(tenantId, deviceId, data).compose(ok -> addCredentials(tenantId, deviceId, Collections.singletonList(secret)));
}

Example 3 with PasswordCredential

use of org.eclipse.hono.service.management.credentials.PasswordCredential in project hono by eclipse.

the class CredentialsManagementIT method testAddCredentialsSucceedsForAdditionalProperties.

/**
 * Verifies that the service accepts an add credentials request containing a clear text password.
 *
 * @param context The vert.x test context.
 */
@Test
public void testAddCredentialsSucceedsForAdditionalProperties(final VertxTestContext context) {
    final PasswordCredential credential = IntegrationTestSupport.createPasswordCredential(authId, "thePassword");
    credential.getExtensions().put("client-id", "MQTT-client-2384236854");
    registry.addCredentials(tenantId, deviceId, List.of(credential)).compose(httpResponse -> {
        context.verify(() -> assertResourceVersionHasChanged(resourceVersion, httpResponse.headers()));
        return registry.getCredentials(tenantId, deviceId);
    }).onComplete(context.succeeding(httpResponse -> {
        context.verify(() -> {
            final JsonArray response = httpResponse.bodyAsJsonArray();
            assertThat(response.size()).isEqualTo(1);
            final JsonObject credentialObject = response.getJsonObject(0);
            final var ext = credentialObject.getJsonObject(RegistryManagementConstants.FIELD_EXT);
            assertThat(ext).isNotNull();
            assertThat(ext.getString("client-id")).isEqualTo("MQTT-client-2384236854");
            // the device-id must not be part of the "ext" section
            assertThat(ext.getString("device-id")).isNull();
        });
        context.completeNow();
    }));
}

Example 4 with PasswordCredential

use of org.eclipse.hono.service.management.credentials.PasswordCredential in project hono by eclipse.

the class CredentialsManagementIT method testAddCredentialsSucceeds.

/**
 * Verifies that a newly added device has an empty set of credentials and that the
 * service successfully adds arbitrary types of credentials.
 *
 * @param context The vert.x test context.
 */
@Test
public void testAddCredentialsSucceeds(final VertxTestContext context) {
    final PasswordCredential pwdCredential = IntegrationTestSupport.createPasswordCredential(authId, "thePassword");
    pwdCredential.getExtensions().put("client-id", "MQTT-client-2384236854");
    final PskCredential pskCredential = IntegrationTestSupport.createPskCredentials("psk-id", "psk-key");
    final var x509Credential = X509CertificateCredential.fromSubjectDn("emailAddress=foo@bar.com, CN=foo, O=bar", List.of(new X509CertificateSecret()));
    x509Credential.setComment("non-standard attribute type");
    final List<CommonCredential> credentials = List.of(pwdCredential, pskCredential, x509Credential);
    registry.getCredentials(tenantId, deviceId).compose(httpResponse -> {
        context.verify(() -> {
            assertResourceVersionHasChanged(resourceVersion, httpResponse.headers());
            assertThat(httpResponse.bodyAsJsonArray()).isEmpty();
        });
        return registry.addCredentials(tenantId, deviceId, credentials);
    }).compose(httpResponse -> {
        context.verify(() -> assertResourceVersionHasChanged(resourceVersion, httpResponse.headers()));
        return registry.getCredentials(tenantId, deviceId);
    }).onComplete(context.succeeding(httpResponse -> {
        context.verify(() -> {
            final CommonCredential[] credsOnRecord = httpResponse.bodyAsJson(CommonCredential[].class);
            assertThat(credsOnRecord).hasLength(3);
            Arrays.stream(credsOnRecord).forEach(creds -> {
                assertThat(creds.getExtensions().get("device-id")).isNull();
                if (creds instanceof PasswordCredential) {
                    assertThat(creds.getExtensions().get("client-id")).isEqualTo("MQTT-client-2384236854");
                } else if (creds instanceof X509CertificateCredential) {
                    assertThat(creds.getComment()).isEqualTo("non-standard attribute type");
                }
                creds.getSecrets().forEach(secret -> {
                    assertThat(secret.isEnabled()).isTrue();
                    assertThat(secret.getId()).isNotNull();
                });
            });
        });
        context.completeNow();
    }));
}

Example 5 with PasswordCredential

use of org.eclipse.hono.service.management.credentials.PasswordCredential in project hono by eclipse.

the class CredentialsManagementIT method testAddCredentialsFailsForBCryptWithTooManyIterations.

/**
 * Verifies that the service returns a 400 status code for an add credentials request with hashed password
 * credentials that use a BCrypt hash with more than the configured max iterations.
 *
 * @param context The vert.x test context.
 */
@Test
public void testAddCredentialsFailsForBCryptWithTooManyIterations(final VertxTestContext context) {
    // GIVEN a hashed password using bcrypt with more than the configured max iterations
    final BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(IntegrationTestSupport.MAX_BCRYPT_COST_FACTOR + 1);
    final PasswordSecret secret = new PasswordSecret();
    secret.setHashFunction(CredentialsConstants.HASH_FUNCTION_BCRYPT);
    secret.setPasswordHash(encoder.encode("thePassword"));
    final PasswordCredential credential = new PasswordCredential(authId, List.of(secret));
    // WHEN adding the credentials
    testAddCredentialsWithErroneousPayload(context, new JsonArray().add(JsonObject.mapFrom(credential)), // THEN the request fails with 400
    HttpURLConnection.HTTP_BAD_REQUEST);
}