use of org.wso2.carbon.identity.secret.mgt.core.model.Secrets in project carbon-apimgt by wso2.
the class ServiceDiscovererKubernetesTestCase method testInitWhileExternalTokenFileNameNotGiven.
@Test(description = "Test init method when external service account token file name is NOT given")
public void testInitWhileExternalTokenFileNameNotGiven() throws Exception {
OpenShiftClient openShiftClient = Mockito.mock(OpenShiftClient.class);
ServiceDiscovererKubernetes sdKubernetes = new ServiceDiscovererKubernetes();
sdKubernetes.setClient(openShiftClient);
try {
sdKubernetes.initImpl(createImplParametersMap(""));
} catch (ServiceDiscoveryException e) {
// since pod's token is then searched, this is exception msg we get
Assert.assertEquals(e.getCause().getMessage(), "Error while reading file /var/run/secrets/kubernetes.io/serviceaccount/token");
}
}
use of org.wso2.carbon.identity.secret.mgt.core.model.Secrets in project kubernetes by ballerinax.
the class KubernetesAnnotationProcessor method processSecureSocketAnnotation.
/**
* Extract key-store/trust-store file location from endpoint.
*
* @param endpointName Endpoint name
* @param secureSocketKeyValues secureSocket annotation struct
* @return List of @{@link SecretModel} objects
*/
Set<SecretModel> processSecureSocketAnnotation(String endpointName, List<BLangRecordLiteral.BLangRecordKeyValue> secureSocketKeyValues) throws KubernetesPluginException {
Set<SecretModel> secrets = new HashSet<>();
String keyStoreFile = null;
String trustStoreFile = null;
for (BLangRecordLiteral.BLangRecordKeyValue keyValue : secureSocketKeyValues) {
// extract file paths.
String key = keyValue.getKey().toString();
if ("keyStore".equals(key)) {
keyStoreFile = extractFilePath(keyValue);
} else if ("trustStore".equals(key)) {
trustStoreFile = extractFilePath(keyValue);
}
}
if (keyStoreFile != null && trustStoreFile != null) {
if (getMountPath(keyStoreFile).equals(getMountPath(trustStoreFile))) {
// trust-store and key-store mount to same path
String keyStoreContent = readSecretFile(keyStoreFile);
String trustStoreContent = readSecretFile(trustStoreFile);
SecretModel secretModel = new SecretModel();
secretModel.setName(getValidName(endpointName) + "-secure-socket");
secretModel.setMountPath(getMountPath(keyStoreFile));
Map<String, String> dataMap = new HashMap<>();
dataMap.put(String.valueOf(Paths.get(keyStoreFile).getFileName()), keyStoreContent);
dataMap.put(String.valueOf(Paths.get(trustStoreFile).getFileName()), trustStoreContent);
secretModel.setData(dataMap);
secrets.add(secretModel);
return secrets;
}
}
if (keyStoreFile != null) {
String keyStoreContent = readSecretFile(keyStoreFile);
SecretModel secretModel = new SecretModel();
secretModel.setName(getValidName(endpointName) + "-keystore");
secretModel.setMountPath(getMountPath(keyStoreFile));
Map<String, String> dataMap = new HashMap<>();
dataMap.put(String.valueOf(Paths.get(keyStoreFile).getFileName()), keyStoreContent);
secretModel.setData(dataMap);
secrets.add(secretModel);
}
if (trustStoreFile != null) {
String trustStoreContent = readSecretFile(trustStoreFile);
SecretModel secretModel = new SecretModel();
secretModel.setName(getValidName(endpointName) + "-truststore");
secretModel.setMountPath(getMountPath(trustStoreFile));
Map<String, String> dataMap = new HashMap<>();
dataMap.put(String.valueOf(Paths.get(trustStoreFile).getFileName()), trustStoreContent);
secretModel.setData(dataMap);
secrets.add(secretModel);
}
return secrets;
}
use of org.wso2.carbon.identity.secret.mgt.core.model.Secrets in project carbon-identity-framework by wso2.
the class SecretManagerTest method testGetSecrets.
@Test(priority = 22)
public void testGetSecrets() throws Exception {
SecretType secretType = secretManager.addSecretType(getSampleSecretTypeAdd(SAMPLE_SECRET_TYPE_NAME1, SAMPLE_SECRET_TYPE_DESCRIPTION1));
Secret secretAdd1 = getSampleSecretAdd(SAMPLE_SECRET_NAME1, SAMPLE_SECRET_VALUE1);
encryptSecret(secretAdd1.getSecretValue());
Secret secret1 = secretManager.addSecret(secretType.getName(), secretAdd1);
Secret secretAdd2 = getSampleSecretAdd(SAMPLE_SECRET_NAME2, SAMPLE_SECRET_VALUE2);
encryptSecret(secretAdd2.getSecretValue());
Secret secret2 = secretManager.addSecret(secretType.getName(), secretAdd2);
Secrets secrets = secretManager.getSecrets(secretType.getName());
Assert.assertEquals(2, secrets.getSecrets().size(), "Retrieved secret count should be equal to the " + "added value");
Assert.assertEquals(secret1.getSecretName(), secrets.getSecrets().get(0).getSecretName(), "Created secret name should be equal to the retrieved secret name");
Assert.assertEquals(secret2.getSecretName(), secrets.getSecrets().get(1).getSecretName(), "Created secret name should be equal to the retrieved secret name");
}
use of org.wso2.carbon.identity.secret.mgt.core.model.Secrets in project carbon-identity-framework by wso2.
the class SecretManagerImpl method getSecrets.
@Override
public Secrets getSecrets(String secretTypeName) throws SecretManagementException {
validateSecretManagerEnabled();
validateSecretsRetrieveRequest(secretTypeName);
SecretType secretType = getSecretType(secretTypeName);
List secretList = this.getSecretDAO().getSecrets(secretType, getTenantId());
if (secretList == null) {
if (log.isDebugEnabled()) {
log.debug("No secret found for the secretTypeName: " + secretTypeName + "for the tenant: " + getTenantDomain());
}
throw handleClientException(ERROR_CODE_SECRETS_DOES_NOT_EXISTS, null);
}
if (log.isDebugEnabled()) {
log.debug("All secrets of tenant: " + getTenantDomain() + " are retrieved successfully.");
}
return new Secrets(secretList);
}
use of org.wso2.carbon.identity.secret.mgt.core.model.Secrets in project identity-api-server by wso2.
the class SecretManagementService method getSecretsList.
/**
* Retrieve all the secrets of the tenant.
*
* @param secretType Secret type name.
* @return Secrets of the tenant.
*/
public List<SecretResponse> getSecretsList(String secretType) {
try {
Secrets secrets = SecretManagementServiceHolder.getSecretConfigManager().getSecrets(secretType);
List<Secret> secretsList = secrets.getSecrets();
return secretsList.stream().map(secret -> buildSecretResponseFromResponseDTO(secret)).collect(Collectors.toList());
} catch (SecretManagementException e) {
throw handleSecretMgtException(e, SecretManagementConstants.ErrorMessage.ERROR_CODE_ERROR_GETTING_SECRET, null);
}
}
Aggregations