Search in sources :

Example 1 with TrustedCertificateAuthority

use of org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority in project hono by eclipse.

the class TenantManagementIT method testAddTenantFailsForConfigurationWithNonUniqueTrustAnchorIds.

/**
 * Verifies that the service returns a 400 status code for an add tenant request containing a malformed trust
 * configuration (i.e with non-unique trust anchor IDs).
 *
 * @param context The Vert.x test context.
 */
@Test
public void testAddTenantFailsForConfigurationWithNonUniqueTrustAnchorIds(final VertxTestContext context) {
    final PublicKey publicKey = TenantApiTests.getRandomPublicKey();
    final TrustedCertificateAuthority trustAnchor1 = Tenants.createTrustAnchor("test-ca", "CN=test-dn", publicKey.getEncoded(), publicKey.getAlgorithm(), Instant.now(), Instant.now().plus(365, ChronoUnit.DAYS));
    final TrustedCertificateAuthority trustAnchor2 = Tenants.createTrustAnchor("test-ca", "CN=test-dn", publicKey.getEncoded(), publicKey.getAlgorithm(), Instant.now().plus(366, ChronoUnit.DAYS), Instant.now().plus(730, ChronoUnit.DAYS));
    final Tenant tenant = new Tenant().setTrustedCertificateAuthorities(List.of(trustAnchor1, trustAnchor2));
    final String tenantId = getHelper().getRandomTenantId();
    getHelper().registry.addTenant(tenantId, tenant, HttpURLConnection.HTTP_BAD_REQUEST).onComplete(context.succeeding(response -> {
        context.verify(() -> IntegrationTestSupport.assertErrorPayload(response));
        context.completeNow();
    }));
}
Also used : HttpURLConnection(java.net.HttpURLConnection) VertxTestContext(io.vertx.junit5.VertxTestContext) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) Arrays(java.util.Arrays) TenantConstants(org.eclipse.hono.util.TenantConstants) LoggerFactory(org.slf4j.LoggerFactory) MultiMap(io.vertx.core.MultiMap) AtomicReference(java.util.concurrent.atomic.AtomicReference) Constants(org.eclipse.hono.util.Constants) Nested(org.junit.jupiter.api.Nested) Tenant(org.eclipse.hono.service.management.tenant.Tenant) Timeout(io.vertx.junit5.Timeout) CompositeFuture(io.vertx.core.CompositeFuture) Matcher(java.util.regex.Matcher) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) IntegrationTestSupport(org.eclipse.hono.tests.IntegrationTestSupport) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) SearchResult(org.eclipse.hono.service.management.SearchResult) TrustedCertificateAuthority(org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority) Map(java.util.Map) Assumptions.assumeTrue(org.junit.jupiter.api.Assumptions.assumeTrue) JsonObject(io.vertx.core.json.JsonObject) Tenants(org.eclipse.hono.tests.Tenants) TypeReference(com.fasterxml.jackson.core.type.TypeReference) RegistryManagementConstants(org.eclipse.hono.util.RegistryManagementConstants) EnabledIf(org.junit.jupiter.api.condition.EnabledIf) Device(org.eclipse.hono.service.management.device.Device) RegistrationLimits(org.eclipse.hono.service.management.tenant.RegistrationLimits) ResourceLimits(org.eclipse.hono.util.ResourceLimits) Logger(org.slf4j.Logger) JacksonCodec(io.vertx.core.json.jackson.JacksonCodec) TenantWithId(org.eclipse.hono.service.management.tenant.TenantWithId) HttpHeaders(io.vertx.core.http.HttpHeaders) PublicKey(java.security.PublicKey) Truth.assertThat(com.google.common.truth.Truth.assertThat) Instant(java.time.Instant) VertxExtension(io.vertx.junit5.VertxExtension) TimeUnit(java.util.concurrent.TimeUnit) Test(org.junit.jupiter.api.Test) JsonArray(io.vertx.core.json.JsonArray) List(java.util.List) Adapter(org.eclipse.hono.util.Adapter) ChronoUnit(java.time.temporal.ChronoUnit) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) Optional(java.util.Optional) Pattern(java.util.regex.Pattern) Tenant(org.eclipse.hono.service.management.tenant.Tenant) PublicKey(java.security.PublicKey) TrustedCertificateAuthority(org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority) Test(org.junit.jupiter.api.Test)

Example 2 with TrustedCertificateAuthority

use of org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority in project hono by eclipse.

the class TenantManagementIT method testAddTenantSucceedsForCaSharedWithinTrustAnchorGroup.

/**
 * Verifies that the service successfully creates a tenant containing a CA that is also used by
 * an existing tenant that belongs to the same trust anchor group.
 *
 * @param context The Vert.x test context.
 */
@Test
public void testAddTenantSucceedsForCaSharedWithinTrustAnchorGroup(final VertxTestContext context) {
    assumeTrue(IntegrationTestSupport.isTrustAnchorGroupsSupported(), "device registry does not support trust anchor groups");
    final PublicKey publicKey = TenantApiTests.getRandomPublicKey();
    final TrustedCertificateAuthority trustAnchor = Tenants.createTrustAnchor("test-ca", "CN=test-dn", publicKey.getEncoded(), publicKey.getAlgorithm(), Instant.now(), Instant.now().plus(365, ChronoUnit.DAYS));
    final Tenant tenant = new Tenant().setTrustAnchorGroup("test-group").setTrustedCertificateAuthorities(List.of(trustAnchor));
    final String tenantId = getHelper().getRandomTenantId();
    getHelper().registry.addTenant(tenantId, tenant).onFailure(context::failNow).compose(ok -> getHelper().registry.addTenant(getHelper().getRandomTenantId(), tenant)).onComplete(context.succeedingThenComplete());
}
Also used : HttpURLConnection(java.net.HttpURLConnection) VertxTestContext(io.vertx.junit5.VertxTestContext) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) Arrays(java.util.Arrays) TenantConstants(org.eclipse.hono.util.TenantConstants) LoggerFactory(org.slf4j.LoggerFactory) MultiMap(io.vertx.core.MultiMap) AtomicReference(java.util.concurrent.atomic.AtomicReference) Constants(org.eclipse.hono.util.Constants) Nested(org.junit.jupiter.api.Nested) Tenant(org.eclipse.hono.service.management.tenant.Tenant) Timeout(io.vertx.junit5.Timeout) CompositeFuture(io.vertx.core.CompositeFuture) Matcher(java.util.regex.Matcher) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) IntegrationTestSupport(org.eclipse.hono.tests.IntegrationTestSupport) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) SearchResult(org.eclipse.hono.service.management.SearchResult) TrustedCertificateAuthority(org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority) Map(java.util.Map) Assumptions.assumeTrue(org.junit.jupiter.api.Assumptions.assumeTrue) JsonObject(io.vertx.core.json.JsonObject) Tenants(org.eclipse.hono.tests.Tenants) TypeReference(com.fasterxml.jackson.core.type.TypeReference) RegistryManagementConstants(org.eclipse.hono.util.RegistryManagementConstants) EnabledIf(org.junit.jupiter.api.condition.EnabledIf) Device(org.eclipse.hono.service.management.device.Device) RegistrationLimits(org.eclipse.hono.service.management.tenant.RegistrationLimits) ResourceLimits(org.eclipse.hono.util.ResourceLimits) Logger(org.slf4j.Logger) JacksonCodec(io.vertx.core.json.jackson.JacksonCodec) TenantWithId(org.eclipse.hono.service.management.tenant.TenantWithId) HttpHeaders(io.vertx.core.http.HttpHeaders) PublicKey(java.security.PublicKey) Truth.assertThat(com.google.common.truth.Truth.assertThat) Instant(java.time.Instant) VertxExtension(io.vertx.junit5.VertxExtension) TimeUnit(java.util.concurrent.TimeUnit) Test(org.junit.jupiter.api.Test) JsonArray(io.vertx.core.json.JsonArray) List(java.util.List) Adapter(org.eclipse.hono.util.Adapter) ChronoUnit(java.time.temporal.ChronoUnit) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) Optional(java.util.Optional) Pattern(java.util.regex.Pattern) Tenant(org.eclipse.hono.service.management.tenant.Tenant) PublicKey(java.security.PublicKey) TrustedCertificateAuthority(org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority) Test(org.junit.jupiter.api.Test)

Example 3 with TrustedCertificateAuthority

use of org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority in project hono by eclipse.

the class TenantManagementIT method testUpdateTenantPreventsEmptyCaArray.

/**
 * Verifies that setting an empty list of trusted CAs on multiple tenants does not result in a unique key
 * violation.
 *
 * @param context The Vert.x test context.
 */
@Test
public void testUpdateTenantPreventsEmptyCaArray(final VertxTestContext context) {
    final String tenantId = getHelper().getRandomTenantId();
    final var tenantTwoId = getHelper().getRandomTenantId();
    final PublicKey publicKey = TenantApiTests.getRandomPublicKey();
    final TrustedCertificateAuthority trustAnchor1 = Tenants.createTrustAnchor("test-ca", "CN=test-dn-1", publicKey.getEncoded(), publicKey.getAlgorithm(), Instant.now(), Instant.now().plus(365, ChronoUnit.DAYS));
    final TrustedCertificateAuthority trustAnchor2 = Tenants.createTrustAnchor(null, "CN=test-dn-2", publicKey.getEncoded(), publicKey.getAlgorithm(), Instant.now(), Instant.now().plus(365, ChronoUnit.DAYS));
    getHelper().registry.addTenant(tenantId, new Tenant().setTrustedCertificateAuthorities(List.of(trustAnchor1))).compose(ok -> getHelper().registry.addTenant(tenantTwoId, new Tenant().setTrustedCertificateAuthorities(List.of(trustAnchor2)))).compose(ok -> getHelper().registry.updateTenant(tenantId, new Tenant().setTrustedCertificateAuthorities(List.of()), HttpURLConnection.HTTP_NO_CONTENT)).compose(ok -> getHelper().registry.updateTenant(tenantTwoId, new Tenant().setTrustedCertificateAuthorities(List.of()), HttpURLConnection.HTTP_NO_CONTENT)).onComplete(context.succeedingThenComplete());
}
Also used : HttpURLConnection(java.net.HttpURLConnection) VertxTestContext(io.vertx.junit5.VertxTestContext) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) Arrays(java.util.Arrays) TenantConstants(org.eclipse.hono.util.TenantConstants) LoggerFactory(org.slf4j.LoggerFactory) MultiMap(io.vertx.core.MultiMap) AtomicReference(java.util.concurrent.atomic.AtomicReference) Constants(org.eclipse.hono.util.Constants) Nested(org.junit.jupiter.api.Nested) Tenant(org.eclipse.hono.service.management.tenant.Tenant) Timeout(io.vertx.junit5.Timeout) CompositeFuture(io.vertx.core.CompositeFuture) Matcher(java.util.regex.Matcher) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) IntegrationTestSupport(org.eclipse.hono.tests.IntegrationTestSupport) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) SearchResult(org.eclipse.hono.service.management.SearchResult) TrustedCertificateAuthority(org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority) Map(java.util.Map) Assumptions.assumeTrue(org.junit.jupiter.api.Assumptions.assumeTrue) JsonObject(io.vertx.core.json.JsonObject) Tenants(org.eclipse.hono.tests.Tenants) TypeReference(com.fasterxml.jackson.core.type.TypeReference) RegistryManagementConstants(org.eclipse.hono.util.RegistryManagementConstants) EnabledIf(org.junit.jupiter.api.condition.EnabledIf) Device(org.eclipse.hono.service.management.device.Device) RegistrationLimits(org.eclipse.hono.service.management.tenant.RegistrationLimits) ResourceLimits(org.eclipse.hono.util.ResourceLimits) Logger(org.slf4j.Logger) JacksonCodec(io.vertx.core.json.jackson.JacksonCodec) TenantWithId(org.eclipse.hono.service.management.tenant.TenantWithId) HttpHeaders(io.vertx.core.http.HttpHeaders) PublicKey(java.security.PublicKey) Truth.assertThat(com.google.common.truth.Truth.assertThat) Instant(java.time.Instant) VertxExtension(io.vertx.junit5.VertxExtension) TimeUnit(java.util.concurrent.TimeUnit) Test(org.junit.jupiter.api.Test) JsonArray(io.vertx.core.json.JsonArray) List(java.util.List) Adapter(org.eclipse.hono.util.Adapter) ChronoUnit(java.time.temporal.ChronoUnit) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) Optional(java.util.Optional) Pattern(java.util.regex.Pattern) Tenant(org.eclipse.hono.service.management.tenant.Tenant) PublicKey(java.security.PublicKey) TrustedCertificateAuthority(org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority) Test(org.junit.jupiter.api.Test)

Example 4 with TrustedCertificateAuthority

use of org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority in project hono by eclipse.

the class TenantManagementIT method testAddTenantFailsForConfigurationWithDuplicateTrustAnchor.

/**
 * Verifies that the service returns a 409 status code for an add tenant request containing a
 * CA that is already in use by another tenant that does not belong to the same trust anchor group.
 *
 * @param context The Vert.x test context.
 */
@Test
public void testAddTenantFailsForConfigurationWithDuplicateTrustAnchor(final VertxTestContext context) {
    final PublicKey publicKey = TenantApiTests.getRandomPublicKey();
    final TrustedCertificateAuthority trustAnchor = Tenants.createTrustAnchor("test-ca", "CN=test-dn", publicKey.getEncoded(), publicKey.getAlgorithm(), Instant.now(), Instant.now().plus(365, ChronoUnit.DAYS));
    final Tenant tenant = new Tenant().setTrustedCertificateAuthorities(List.of(trustAnchor));
    final String tenantId = getHelper().getRandomTenantId();
    getHelper().registry.addTenant(tenantId, tenant).onFailure(context::failNow).compose(ok -> getHelper().registry.addTenant(getHelper().getRandomTenantId(), tenant, HttpURLConnection.HTTP_CONFLICT)).onComplete(context.succeeding(response -> {
        context.verify(() -> IntegrationTestSupport.assertErrorPayload(response));
        context.completeNow();
    }));
}
Also used : HttpURLConnection(java.net.HttpURLConnection) VertxTestContext(io.vertx.junit5.VertxTestContext) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) Arrays(java.util.Arrays) TenantConstants(org.eclipse.hono.util.TenantConstants) LoggerFactory(org.slf4j.LoggerFactory) MultiMap(io.vertx.core.MultiMap) AtomicReference(java.util.concurrent.atomic.AtomicReference) Constants(org.eclipse.hono.util.Constants) Nested(org.junit.jupiter.api.Nested) Tenant(org.eclipse.hono.service.management.tenant.Tenant) Timeout(io.vertx.junit5.Timeout) CompositeFuture(io.vertx.core.CompositeFuture) Matcher(java.util.regex.Matcher) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) IntegrationTestSupport(org.eclipse.hono.tests.IntegrationTestSupport) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) SearchResult(org.eclipse.hono.service.management.SearchResult) TrustedCertificateAuthority(org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority) Map(java.util.Map) Assumptions.assumeTrue(org.junit.jupiter.api.Assumptions.assumeTrue) JsonObject(io.vertx.core.json.JsonObject) Tenants(org.eclipse.hono.tests.Tenants) TypeReference(com.fasterxml.jackson.core.type.TypeReference) RegistryManagementConstants(org.eclipse.hono.util.RegistryManagementConstants) EnabledIf(org.junit.jupiter.api.condition.EnabledIf) Device(org.eclipse.hono.service.management.device.Device) RegistrationLimits(org.eclipse.hono.service.management.tenant.RegistrationLimits) ResourceLimits(org.eclipse.hono.util.ResourceLimits) Logger(org.slf4j.Logger) JacksonCodec(io.vertx.core.json.jackson.JacksonCodec) TenantWithId(org.eclipse.hono.service.management.tenant.TenantWithId) HttpHeaders(io.vertx.core.http.HttpHeaders) PublicKey(java.security.PublicKey) Truth.assertThat(com.google.common.truth.Truth.assertThat) Instant(java.time.Instant) VertxExtension(io.vertx.junit5.VertxExtension) TimeUnit(java.util.concurrent.TimeUnit) Test(org.junit.jupiter.api.Test) JsonArray(io.vertx.core.json.JsonArray) List(java.util.List) Adapter(org.eclipse.hono.util.Adapter) ChronoUnit(java.time.temporal.ChronoUnit) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) Optional(java.util.Optional) Pattern(java.util.regex.Pattern) Tenant(org.eclipse.hono.service.management.tenant.Tenant) PublicKey(java.security.PublicKey) TrustedCertificateAuthority(org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority) Test(org.junit.jupiter.api.Test)

Example 5 with TrustedCertificateAuthority

use of org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority in project hono by eclipse.

the class DeviceAndGatewayAutoProvisionerTest method configureTenant.

private void configureTenant(final boolean isGateway, final String deviceIdTemplate) {
    final TrustedCertificateAuthority trustedCA = tenant.getTrustedCertificateAuthorities().get(0);
    // GIVEN a tenant CA with auto-provisioning enabled
    trustedCA.setAutoProvisioningEnabled(true);
    if (isGateway) {
        // The property auto-provision-as-gateway is set to true
        trustedCA.setAutoProvisioningAsGatewayEnabled(true);
    }
    // Set the device id template if available
    Optional.ofNullable(deviceIdTemplate).ifPresent(trustedCA::setAutoProvisioningDeviceIdTemplate);
}
Also used : TrustedCertificateAuthority(org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority)

Aggregations

TrustedCertificateAuthority (org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority)12 Tenant (org.eclipse.hono.service.management.tenant.Tenant)11 JsonArray (io.vertx.core.json.JsonArray)10 JsonObject (io.vertx.core.json.JsonObject)10 Map (java.util.Map)10 TypeReference (com.fasterxml.jackson.core.type.TypeReference)9 Truth.assertThat (com.google.common.truth.Truth.assertThat)9 CompositeFuture (io.vertx.core.CompositeFuture)9 MultiMap (io.vertx.core.MultiMap)9 HttpHeaders (io.vertx.core.http.HttpHeaders)9 JacksonCodec (io.vertx.core.json.jackson.JacksonCodec)9 Timeout (io.vertx.junit5.Timeout)9 VertxExtension (io.vertx.junit5.VertxExtension)9 VertxTestContext (io.vertx.junit5.VertxTestContext)9 HttpURLConnection (java.net.HttpURLConnection)9 PublicKey (java.security.PublicKey)9 Instant (java.time.Instant)9 ChronoUnit (java.time.temporal.ChronoUnit)9 Arrays (java.util.Arrays)9 List (java.util.List)9