Examples with CredStashGetCredentialFailedException org.finra.herd.dao.exception.CredStashGetCredentialFailedException used on opensource projects

Search in sources :

Example 1 with CredStashGetCredentialFailedException

use of org.finra.herd.dao.exception.CredStashGetCredentialFailedException in project herd by FINRAOS.

the class RelationalTableRegistrationHelperServiceImplTest method testGetPasswordCredStashException.

@Test
public void testGetPasswordCredStashException() throws Exception {
    // Mock the external calls.
    when(configurationHelper.getProperty(ConfigurationValue.CREDSTASH_RELATIONAL_STORAGE_ENCRYPTION_CONTEXT)).thenReturn(CREDSTASH_ENCRYPTION_CONTEXT);
    when(credStashHelper.getCredentialFromCredStash(CREDSTASH_ENCRYPTION_CONTEXT, USER_CREDENTIAL_NAME)).thenThrow(new CredStashGetCredentialFailedException(ERROR_MESSAGE));
    // Try to call the method under test.
    try {
        relationalTableRegistrationHelperServiceImpl.getPassword(new RelationalStorageAttributesDto(JDBC_URL, USERNAME, USER_CREDENTIAL_NAME));
        fail();
    } catch (IllegalStateException e) {
        assertEquals(String.format("%s: %s", CredStashGetCredentialFailedException.class.getName(), ERROR_MESSAGE), e.getMessage());
    }
    // Verify the external calls.
    verify(configurationHelper).getProperty(ConfigurationValue.CREDSTASH_RELATIONAL_STORAGE_ENCRYPTION_CONTEXT);
    verify(credStashHelper).getCredentialFromCredStash(CREDSTASH_ENCRYPTION_CONTEXT, USER_CREDENTIAL_NAME);
    verifyNoMoreInteractionsHelper();
}
Also used : RelationalStorageAttributesDto(org.finra.herd.model.dto.RelationalStorageAttributesDto) CredStashGetCredentialFailedException(org.finra.herd.dao.exception.CredStashGetCredentialFailedException) AbstractServiceTest(org.finra.herd.service.AbstractServiceTest) Test(org.junit.Test)

Example 2 with CredStashGetCredentialFailedException

use of org.finra.herd.dao.exception.CredStashGetCredentialFailedException in project herd by FINRAOS.

the class CredStashHelperTest method testGetCredentialFromCredStashEmptyPasswordValue.

@Test
public void testGetCredentialFromCredStashEmptyPasswordValue() throws Exception {
    // Build AWS parameters.
    AwsParamsDto awsParamsDto = new AwsParamsDto(NO_AWS_ACCESS_KEY, NO_AWS_SECRET_KEY, NO_SESSION_TOKEN, HTTP_PROXY_HOST, HTTP_PROXY_PORT);
    // Build AWS client configuration.
    ClientConfiguration clientConfiguration = new ClientConfiguration();
    // Create CredStash encryption context map.
    Map<String, String> credStashEncryptionContextMap = new HashMap<>();
    credStashEncryptionContextMap.put(KEY, VALUE);
    // Mock the CredStash.
    CredStash credStash = mock(CredStash.class);
    when(credStash.getCredential(USER_CREDENTIAL_NAME, credStashEncryptionContextMap)).thenReturn(EMPTY_STRING);
    // Mock the external calls.
    when(configurationHelper.getProperty(ConfigurationValue.CREDSTASH_AWS_REGION_NAME)).thenReturn(AWS_REGION_NAME);
    when(configurationHelper.getProperty(ConfigurationValue.CREDSTASH_TABLE_NAME)).thenReturn(TABLE_NAME);
    when(awsHelper.getAwsParamsDto()).thenReturn(awsParamsDto);
    when(awsHelper.getClientConfiguration(awsParamsDto)).thenReturn(clientConfiguration);
    when(credStashFactory.getCredStash(AWS_REGION_NAME, TABLE_NAME, clientConfiguration)).thenReturn(credStash);
    when(jsonHelper.unmarshallJsonToObject(Map.class, CREDSTASH_ENCRYPTION_CONTEXT)).thenReturn(credStashEncryptionContextMap);
    // Try to call the method under test.
    try {
        credStashHelper.getCredentialFromCredStash(CREDSTASH_ENCRYPTION_CONTEXT, USER_CREDENTIAL_NAME);
        fail();
    } catch (CredStashGetCredentialFailedException e) {
        assertEquals(String.format("Failed to obtain the keystore or truststore credential from credstash. " + "credStashAwsRegion=%s credStashTableName=%s credStashEncryptionContext=%s credentialName=%s", AWS_REGION_NAME, TABLE_NAME, CREDSTASH_ENCRYPTION_CONTEXT, USER_CREDENTIAL_NAME), e.getMessage());
    }
    // Verify the external calls.
    verify(configurationHelper).getProperty(ConfigurationValue.CREDSTASH_AWS_REGION_NAME);
    verify(configurationHelper).getProperty(ConfigurationValue.CREDSTASH_TABLE_NAME);
    verify(awsHelper).getAwsParamsDto();
    verify(awsHelper).getClientConfiguration(awsParamsDto);
    verify(credStashFactory).getCredStash(AWS_REGION_NAME, TABLE_NAME, clientConfiguration);
    verify(jsonHelper).unmarshallJsonToObject(Map.class, CREDSTASH_ENCRYPTION_CONTEXT);
    verify(credStash).getCredential(USER_CREDENTIAL_NAME, credStashEncryptionContextMap);
    verifyNoMoreInteractions(credStash);
    verifyNoMoreInteractionsHelper();
}
Also used : AwsParamsDto(org.finra.herd.model.dto.AwsParamsDto) HashMap(java.util.HashMap) CredStash(org.finra.herd.dao.credstash.CredStash) ClientConfiguration(com.amazonaws.ClientConfiguration) CredStashGetCredentialFailedException(org.finra.herd.dao.exception.CredStashGetCredentialFailedException) Test(org.junit.Test) AbstractDaoTest(org.finra.herd.dao.AbstractDaoTest)

Example 3 with CredStashGetCredentialFailedException

use of org.finra.herd.dao.exception.CredStashGetCredentialFailedException in project herd by FINRAOS.

the class CredStashHelperTest method testGetCredentialFromCredStashException.

@Test
public void testGetCredentialFromCredStashException() throws Exception {
    // Build AWS parameters.
    AwsParamsDto awsParamsDto = new AwsParamsDto(NO_AWS_ACCESS_KEY, NO_AWS_SECRET_KEY, NO_SESSION_TOKEN, HTTP_PROXY_HOST, HTTP_PROXY_PORT);
    // Build AWS client configuration.
    ClientConfiguration clientConfiguration = new ClientConfiguration();
    // Create CredStash encryption context map.
    Map<String, String> credStashEncryptionContextMap = new HashMap<>();
    credStashEncryptionContextMap.put(KEY, VALUE);
    // Mock the CredStash.
    CredStash credStash = mock(CredStash.class);
    when(credStash.getCredential(USER_CREDENTIAL_NAME, credStashEncryptionContextMap)).thenThrow(new Exception(ERROR_MESSAGE));
    // Mock the external calls.
    when(configurationHelper.getProperty(ConfigurationValue.CREDSTASH_AWS_REGION_NAME)).thenReturn(AWS_REGION_NAME);
    when(configurationHelper.getProperty(ConfigurationValue.CREDSTASH_TABLE_NAME)).thenReturn(TABLE_NAME);
    when(awsHelper.getAwsParamsDto()).thenReturn(awsParamsDto);
    when(awsHelper.getClientConfiguration(awsParamsDto)).thenReturn(clientConfiguration);
    when(credStashFactory.getCredStash(AWS_REGION_NAME, TABLE_NAME, clientConfiguration)).thenReturn(credStash);
    when(jsonHelper.unmarshallJsonToObject(Map.class, CREDSTASH_ENCRYPTION_CONTEXT)).thenReturn(credStashEncryptionContextMap);
    // Try to call the method under test.
    try {
        credStashHelper.getCredentialFromCredStash(CREDSTASH_ENCRYPTION_CONTEXT, USER_CREDENTIAL_NAME);
        fail();
    } catch (CredStashGetCredentialFailedException e) {
        assertEquals(String.format("Failed to obtain the keystore or truststore credential from credstash. Reason: %s " + "credStashAwsRegion=%s credStashTableName=%s credStashEncryptionContext=%s credentialName=%s", ERROR_MESSAGE, AWS_REGION_NAME, TABLE_NAME, CREDSTASH_ENCRYPTION_CONTEXT, USER_CREDENTIAL_NAME), e.getMessage());
    }
    // Verify the external calls.
    verify(configurationHelper).getProperty(ConfigurationValue.CREDSTASH_AWS_REGION_NAME);
    verify(configurationHelper).getProperty(ConfigurationValue.CREDSTASH_TABLE_NAME);
    verify(awsHelper).getAwsParamsDto();
    verify(awsHelper).getClientConfiguration(awsParamsDto);
    verify(credStashFactory).getCredStash(AWS_REGION_NAME, TABLE_NAME, clientConfiguration);
    verify(jsonHelper).unmarshallJsonToObject(Map.class, CREDSTASH_ENCRYPTION_CONTEXT);
    verify(credStash).getCredential(USER_CREDENTIAL_NAME, credStashEncryptionContextMap);
    verifyNoMoreInteractions(credStash);
    verifyNoMoreInteractionsHelper();
}
Also used : AwsParamsDto(org.finra.herd.model.dto.AwsParamsDto) HashMap(java.util.HashMap) CredStash(org.finra.herd.dao.credstash.CredStash) ClientConfiguration(com.amazonaws.ClientConfiguration) CredStashGetCredentialFailedException(org.finra.herd.dao.exception.CredStashGetCredentialFailedException) CredStashGetCredentialFailedException(org.finra.herd.dao.exception.CredStashGetCredentialFailedException) Test(org.junit.Test) AbstractDaoTest(org.finra.herd.dao.AbstractDaoTest)

Example 4 with CredStashGetCredentialFailedException

use of org.finra.herd.dao.exception.CredStashGetCredentialFailedException in project herd by FINRAOS.

the class JestClientFactoryTest method testGetJestClientCredStashException.

@Test
public void testGetJestClientCredStashException() throws Exception {
    // Mock the external calls.
    when(configurationHelper.getProperty(ConfigurationValue.ELASTICSEARCH_REST_CLIENT_HOSTNAME)).thenReturn(ELASTICSEARCH_HOSTNAME);
    when(configurationHelper.getProperty(ConfigurationValue.ELASTICSEARCH_REST_CLIENT_PORT, Integer.class)).thenReturn(ELASTICSEARCH_PORT);
    when(configurationHelper.getProperty(ConfigurationValue.ELASTICSEARCH_REST_CLIENT_SCHEME)).thenReturn("https");
    when(configurationHelper.getProperty(ConfigurationValue.ELASTICSEARCH_REST_CLIENT_READ_TIMEOUT, Integer.class)).thenReturn(READ_TIMEOUT);
    when(configurationHelper.getProperty(ConfigurationValue.ELASTICSEARCH_REST_CLIENT_CONNECTION_TIMEOUT, Integer.class)).thenReturn(CONNECTION_TIMEOUT);
    when(configurationHelper.getProperty(ConfigurationValue.ELASTICSEARCH_REST_CLIENT_USERNAME)).thenReturn(USERNAME);
    when(configurationHelper.getProperty(ConfigurationValue.ELASTICSEARCH_REST_CLIENT_USERCREDENTIALNAME)).thenReturn(USER_CREDENTIAL_NAME);
    when(configurationHelper.getProperty(ConfigurationValue.CREDSTASH_ENCRYPTION_CONTEXT)).thenReturn(CREDSTASH_ENCRYPTION_CONTEXT);
    when(credStashHelper.getCredentialFromCredStash(CREDSTASH_ENCRYPTION_CONTEXT, USER_CREDENTIAL_NAME)).thenThrow(new CredStashGetCredentialFailedException(ERROR_MESSAGE));
    // Try to call the method under test.
    try {
        jestClientFactory.getJestClient();
        fail();
    } catch (IllegalStateException e) {
        assertEquals(String.format("%s: %s", CredStashGetCredentialFailedException.class.getName(), ERROR_MESSAGE), e.getMessage());
    }
    // Verify the external calls.
    verify(configurationHelper).getProperty(ConfigurationValue.ELASTICSEARCH_REST_CLIENT_HOSTNAME);
    verify(configurationHelper).getProperty(ConfigurationValue.ELASTICSEARCH_REST_CLIENT_PORT, Integer.class);
    verify(configurationHelper).getProperty(ConfigurationValue.ELASTICSEARCH_REST_CLIENT_SCHEME);
    verify(configurationHelper).getProperty(ConfigurationValue.ELASTICSEARCH_REST_CLIENT_READ_TIMEOUT, Integer.class);
    verify(configurationHelper).getProperty(ConfigurationValue.ELASTICSEARCH_REST_CLIENT_CONNECTION_TIMEOUT, Integer.class);
    verify(configurationHelper).getProperty(ConfigurationValue.ELASTICSEARCH_REST_CLIENT_USERNAME);
    verify(configurationHelper).getProperty(ConfigurationValue.ELASTICSEARCH_REST_CLIENT_USERCREDENTIALNAME);
    verify(configurationHelper).getProperty(ConfigurationValue.CREDSTASH_ENCRYPTION_CONTEXT);
    verify(credStashHelper).getCredentialFromCredStash(CREDSTASH_ENCRYPTION_CONTEXT, USER_CREDENTIAL_NAME);
    verifyNoMoreInteractionsHelper();
}
Also used : CredStashGetCredentialFailedException(org.finra.herd.dao.exception.CredStashGetCredentialFailedException) Test(org.junit.Test)

Example 5 with CredStashGetCredentialFailedException

use of org.finra.herd.dao.exception.CredStashGetCredentialFailedException in project herd by FINRAOS.

the class CredStashHelper method getCredentialFromCredStash.

/**
 * Gets a password from the credstash.
 *
 * @param credStashEncryptionContext the encryption context
 * @param credentialName the credential name
 *
 * @return the password
 * @throws CredStashGetCredentialFailedException if CredStash fails to get a credential
 */
@Retryable(maxAttempts = 3, value = CredStashGetCredentialFailedException.class, backoff = @Backoff(delay = 5000, multiplier = 2))
public String getCredentialFromCredStash(String credStashEncryptionContext, String credentialName) throws CredStashGetCredentialFailedException {
    // Get the credstash table name and credential names for the keystore and truststore.
    String credStashAwsRegion = configurationHelper.getProperty(ConfigurationValue.CREDSTASH_AWS_REGION_NAME);
    String credStashTableName = configurationHelper.getProperty(ConfigurationValue.CREDSTASH_TABLE_NAME);
    // Log configuration values and input parameters.
    LOGGER.info("credStashAwsRegion={} credStashTableName={} credStashEncryptionContext={} credentialName={}", credStashAwsRegion, credStashTableName, credStashEncryptionContext, credentialName);
    // Get the AWS client configuration.
    ClientConfiguration clientConfiguration = awsHelper.getClientConfiguration(awsHelper.getAwsParamsDto());
    // Get the keystore and truststore passwords from Credstash.
    CredStash credstash = credStashFactory.getCredStash(credStashAwsRegion, credStashTableName, clientConfiguration);
    // Try to obtain the credentials from cred stash.
    String password = null;
    String errorMessage = null;
    try {
        // Convert the JSON config file version of the encryption context to a Java Map class.
        @SuppressWarnings("unchecked") Map<String, String> credstashEncryptionContextMap = jsonHelper.unmarshallJsonToObject(Map.class, credStashEncryptionContext);
        // Get the keystore and truststore passwords from credstash.
        password = credstash.getCredential(credentialName, credstashEncryptionContextMap);
    } catch (Exception exception) {
        LOGGER.error("Caught exception when attempting to get a credential value from CredStash.", exception);
        errorMessage = exception.getMessage();
    }
    // as credentials from cred stash, then throw a CredStashGetCredentialFailedException.
    if (StringUtils.isEmpty(password)) {
        throw new CredStashGetCredentialFailedException(String.format("Failed to obtain the keystore or truststore credential from credstash.%s " + "credStashAwsRegion=%s credStashTableName=%s credStashEncryptionContext=%s credentialName=%s", StringUtils.isNotBlank(errorMessage) ? " Reason: " + errorMessage : "", credStashAwsRegion, credStashTableName, credStashEncryptionContext, credentialName));
    }
    // Return the keystore and truststore passwords in a map.
    return password;
}
Also used : CredStash(org.finra.herd.dao.credstash.CredStash) ClientConfiguration(com.amazonaws.ClientConfiguration) CredStashGetCredentialFailedException(org.finra.herd.dao.exception.CredStashGetCredentialFailedException) CredStashGetCredentialFailedException(org.finra.herd.dao.exception.CredStashGetCredentialFailedException) Retryable(org.springframework.retry.annotation.Retryable)

Aggregations

CredStashGetCredentialFailedException (org.finra.herd.dao.exception.CredStashGetCredentialFailedException)6 Test (org.junit.Test)4 ClientConfiguration (com.amazonaws.ClientConfiguration)3 CredStash (org.finra.herd.dao.credstash.CredStash)3 HashMap (java.util.HashMap)2 AbstractDaoTest (org.finra.herd.dao.AbstractDaoTest)2 AwsParamsDto (org.finra.herd.model.dto.AwsParamsDto)2 HttpClientConfig (io.searchbox.client.config.HttpClientConfig)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 SSLConnectionSocketFactory (org.apache.http.conn.ssl.SSLConnectionSocketFactory)1 RelationalStorageAttributesDto (org.finra.herd.model.dto.RelationalStorageAttributesDto)1 AbstractServiceTest (org.finra.herd.service.AbstractServiceTest)1 Retryable (org.springframework.retry.annotation.Retryable)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial