Search in sources :

Example 1 with Secrets

use of org.wso2.carbon.identity.secret.mgt.core.model.Secrets in project carbon-apimgt by wso2.

the class ServiceDiscovererKubernetesTestCase method testInitWhileExternalTokenFileNameNotGiven.

@Test(description = "Test init method when external service account token file name is NOT given")
public void testInitWhileExternalTokenFileNameNotGiven() throws Exception {
    OpenShiftClient openShiftClient = Mockito.mock(OpenShiftClient.class);
    ServiceDiscovererKubernetes sdKubernetes = new ServiceDiscovererKubernetes();
    sdKubernetes.setClient(openShiftClient);
    try {
        sdKubernetes.initImpl(createImplParametersMap(""));
    } catch (ServiceDiscoveryException e) {
        // since pod's token is then searched, this is exception msg we get
        Assert.assertEquals(e.getCause().getMessage(), "Error while reading file /var/run/secrets/kubernetes.io/serviceaccount/token");
    }
}
Also used : OpenShiftClient(io.fabric8.openshift.client.OpenShiftClient) ServiceDiscoveryException(org.wso2.carbon.apimgt.core.exception.ServiceDiscoveryException) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 2 with Secrets

use of org.wso2.carbon.identity.secret.mgt.core.model.Secrets in project kubernetes by ballerinax.

the class KubernetesAnnotationProcessor method processSecureSocketAnnotation.

/**
 * Extract key-store/trust-store file location from endpoint.
 *
 * @param endpointName          Endpoint name
 * @param secureSocketKeyValues secureSocket annotation struct
 * @return List of @{@link SecretModel} objects
 */
Set<SecretModel> processSecureSocketAnnotation(String endpointName, List<BLangRecordLiteral.BLangRecordKeyValue> secureSocketKeyValues) throws KubernetesPluginException {
    Set<SecretModel> secrets = new HashSet<>();
    String keyStoreFile = null;
    String trustStoreFile = null;
    for (BLangRecordLiteral.BLangRecordKeyValue keyValue : secureSocketKeyValues) {
        // extract file paths.
        String key = keyValue.getKey().toString();
        if ("keyStore".equals(key)) {
            keyStoreFile = extractFilePath(keyValue);
        } else if ("trustStore".equals(key)) {
            trustStoreFile = extractFilePath(keyValue);
        }
    }
    if (keyStoreFile != null && trustStoreFile != null) {
        if (getMountPath(keyStoreFile).equals(getMountPath(trustStoreFile))) {
            // trust-store and key-store mount to same path
            String keyStoreContent = readSecretFile(keyStoreFile);
            String trustStoreContent = readSecretFile(trustStoreFile);
            SecretModel secretModel = new SecretModel();
            secretModel.setName(getValidName(endpointName) + "-secure-socket");
            secretModel.setMountPath(getMountPath(keyStoreFile));
            Map<String, String> dataMap = new HashMap<>();
            dataMap.put(String.valueOf(Paths.get(keyStoreFile).getFileName()), keyStoreContent);
            dataMap.put(String.valueOf(Paths.get(trustStoreFile).getFileName()), trustStoreContent);
            secretModel.setData(dataMap);
            secrets.add(secretModel);
            return secrets;
        }
    }
    if (keyStoreFile != null) {
        String keyStoreContent = readSecretFile(keyStoreFile);
        SecretModel secretModel = new SecretModel();
        secretModel.setName(getValidName(endpointName) + "-keystore");
        secretModel.setMountPath(getMountPath(keyStoreFile));
        Map<String, String> dataMap = new HashMap<>();
        dataMap.put(String.valueOf(Paths.get(keyStoreFile).getFileName()), keyStoreContent);
        secretModel.setData(dataMap);
        secrets.add(secretModel);
    }
    if (trustStoreFile != null) {
        String trustStoreContent = readSecretFile(trustStoreFile);
        SecretModel secretModel = new SecretModel();
        secretModel.setName(getValidName(endpointName) + "-truststore");
        secretModel.setMountPath(getMountPath(trustStoreFile));
        Map<String, String> dataMap = new HashMap<>();
        dataMap.put(String.valueOf(Paths.get(trustStoreFile).getFileName()), trustStoreContent);
        secretModel.setData(dataMap);
        secrets.add(secretModel);
    }
    return secrets;
}
Also used : HashMap(java.util.HashMap) SecretModel(org.ballerinax.kubernetes.models.SecretModel) BLangRecordLiteral(org.wso2.ballerinalang.compiler.tree.expressions.BLangRecordLiteral) HashSet(java.util.HashSet)

Example 3 with Secrets

use of org.wso2.carbon.identity.secret.mgt.core.model.Secrets in project carbon-identity-framework by wso2.

the class SecretManagerTest method testGetSecrets.

@Test(priority = 22)
public void testGetSecrets() throws Exception {
    SecretType secretType = secretManager.addSecretType(getSampleSecretTypeAdd(SAMPLE_SECRET_TYPE_NAME1, SAMPLE_SECRET_TYPE_DESCRIPTION1));
    Secret secretAdd1 = getSampleSecretAdd(SAMPLE_SECRET_NAME1, SAMPLE_SECRET_VALUE1);
    encryptSecret(secretAdd1.getSecretValue());
    Secret secret1 = secretManager.addSecret(secretType.getName(), secretAdd1);
    Secret secretAdd2 = getSampleSecretAdd(SAMPLE_SECRET_NAME2, SAMPLE_SECRET_VALUE2);
    encryptSecret(secretAdd2.getSecretValue());
    Secret secret2 = secretManager.addSecret(secretType.getName(), secretAdd2);
    Secrets secrets = secretManager.getSecrets(secretType.getName());
    Assert.assertEquals(2, secrets.getSecrets().size(), "Retrieved secret count should be equal to the " + "added value");
    Assert.assertEquals(secret1.getSecretName(), secrets.getSecrets().get(0).getSecretName(), "Created secret name should be equal to the retrieved secret name");
    Assert.assertEquals(secret2.getSecretName(), secrets.getSecrets().get(1).getSecretName(), "Created secret name should be equal to the retrieved secret name");
}
Also used : ResolvedSecret(org.wso2.carbon.identity.secret.mgt.core.model.ResolvedSecret) Secret(org.wso2.carbon.identity.secret.mgt.core.model.Secret) SecretType(org.wso2.carbon.identity.secret.mgt.core.model.SecretType) Secrets(org.wso2.carbon.identity.secret.mgt.core.model.Secrets) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 4 with Secrets

use of org.wso2.carbon.identity.secret.mgt.core.model.Secrets in project carbon-identity-framework by wso2.

the class SecretManagerImpl method getSecrets.

@Override
public Secrets getSecrets(String secretTypeName) throws SecretManagementException {
    validateSecretManagerEnabled();
    validateSecretsRetrieveRequest(secretTypeName);
    SecretType secretType = getSecretType(secretTypeName);
    List secretList = this.getSecretDAO().getSecrets(secretType, getTenantId());
    if (secretList == null) {
        if (log.isDebugEnabled()) {
            log.debug("No secret found for the secretTypeName: " + secretTypeName + "for the tenant: " + getTenantDomain());
        }
        throw handleClientException(ERROR_CODE_SECRETS_DOES_NOT_EXISTS, null);
    }
    if (log.isDebugEnabled()) {
        log.debug("All secrets of tenant: " + getTenantDomain() + " are retrieved successfully.");
    }
    return new Secrets(secretList);
}
Also used : SecretType(org.wso2.carbon.identity.secret.mgt.core.model.SecretType) Secrets(org.wso2.carbon.identity.secret.mgt.core.model.Secrets) List(java.util.List)

Example 5 with Secrets

use of org.wso2.carbon.identity.secret.mgt.core.model.Secrets in project identity-api-server by wso2.

the class SecretManagementService method getSecretsList.

/**
 * Retrieve all the secrets of the tenant.
 *
 * @param secretType Secret type name.
 * @return Secrets of the tenant.
 */
public List<SecretResponse> getSecretsList(String secretType) {
    try {
        Secrets secrets = SecretManagementServiceHolder.getSecretConfigManager().getSecrets(secretType);
        List<Secret> secretsList = secrets.getSecrets();
        return secretsList.stream().map(secret -> buildSecretResponseFromResponseDTO(secret)).collect(Collectors.toList());
    } catch (SecretManagementException e) {
        throw handleSecretMgtException(e, SecretManagementConstants.ErrorMessage.ERROR_CODE_ERROR_GETTING_SECRET, null);
    }
}
Also used : Secret(org.wso2.carbon.identity.secret.mgt.core.model.Secret) StringUtils(org.apache.commons.lang.StringUtils) ErrorResponse(org.wso2.carbon.identity.api.server.common.error.ErrorResponse) SecretAddRequest(org.wso2.carbon.identity.api.server.secret.management.v1.model.SecretAddRequest) SecretManagementConstants(org.wso2.carbon.identity.api.server.secret.management.common.SecretManagementConstants) SecretManagementException(org.wso2.carbon.identity.secret.mgt.core.exception.SecretManagementException) Secrets(org.wso2.carbon.identity.secret.mgt.core.model.Secrets) APIError(org.wso2.carbon.identity.api.server.common.error.APIError) SecretResponse(org.wso2.carbon.identity.api.server.secret.management.v1.model.SecretResponse) ERROR_CODE_SECRET_ALREADY_EXISTS(org.wso2.carbon.identity.secret.mgt.core.constant.SecretConstants.ErrorMessages.ERROR_CODE_SECRET_ALREADY_EXISTS) SecretUpdateRequest(org.wso2.carbon.identity.api.server.secret.management.v1.model.SecretUpdateRequest) Collectors(java.util.stream.Collectors) SecretManagementServerException(org.wso2.carbon.identity.secret.mgt.core.exception.SecretManagementServerException) Secret(org.wso2.carbon.identity.secret.mgt.core.model.Secret) List(java.util.List) ERROR_CODE_SECRET_DOES_NOT_EXISTS(org.wso2.carbon.identity.secret.mgt.core.constant.SecretConstants.ErrorMessages.ERROR_CODE_SECRET_DOES_NOT_EXISTS) SecretPatchRequest(org.wso2.carbon.identity.api.server.secret.management.v1.model.SecretPatchRequest) SecretManagementClientException(org.wso2.carbon.identity.secret.mgt.core.exception.SecretManagementClientException) Response(javax.ws.rs.core.Response) Log(org.apache.commons.logging.Log) LogFactory(org.apache.commons.logging.LogFactory) SecretManagementServiceHolder(org.wso2.carbon.identity.api.server.secret.management.common.SecretManagementServiceHolder) SecretManagementException(org.wso2.carbon.identity.secret.mgt.core.exception.SecretManagementException) Secrets(org.wso2.carbon.identity.secret.mgt.core.model.Secrets)

Aggregations

HashSet (java.util.HashSet)7 BLangExpression (org.wso2.ballerinalang.compiler.tree.expressions.BLangExpression)5 BLangRecordLiteral (org.wso2.ballerinalang.compiler.tree.expressions.BLangRecordLiteral)5 SecretModel (org.ballerinax.kubernetes.models.SecretModel)4 BLangListConstructorExpr (org.wso2.ballerinalang.compiler.tree.expressions.BLangListConstructorExpr)4 Secrets (org.wso2.carbon.identity.secret.mgt.core.model.Secrets)3 IOException (java.io.IOException)2 MalformedURLException (java.net.MalformedURLException)2 URL (java.net.URL)2 HashMap (java.util.HashMap)2 List (java.util.List)2 OMElement (org.apache.axiom.om.OMElement)2 Test (org.testng.annotations.Test)2 BLangAnnotationAttachment (org.wso2.ballerinalang.compiler.tree.BLangAnnotationAttachment)2 Secret (org.wso2.carbon.identity.secret.mgt.core.model.Secret)2 SecretType (org.wso2.carbon.identity.secret.mgt.core.model.SecretType)2 VaultException (com.bettercloud.vault.VaultException)1 OpenShiftClient (io.fabric8.openshift.client.OpenShiftClient)1 FileInputStream (java.io.FileInputStream)1 FileNotFoundException (java.io.FileNotFoundException)1