diff --git a/.drone.yml b/.drone.yml index 8af04bb..9167eb3 100644 --- a/.drone.yml +++ b/.drone.yml @@ -25,12 +25,12 @@ steps: - name: unit-integration-tests image: maven:3-jdk-11 environment: - VAULT_VERSION: 1.10.0 + VAULT_VERSION: 1.10.1 commands: - - curl -s -o vault_1.10.0_linux_amd64.zip https://releases.hashicorp.com/vault/1.10.0/vault_1.10.0_linux_amd64.zip - - curl -s https://releases.hashicorp.com/vault/1.10.0/vault_1.10.0_SHA256SUMS | grep linux_amd64 | sha256sum -c - - unzip vault_1.10.0_linux_amd64.zip - - rm vault_1.10.0_linux_amd64.zip + - curl -s -o vault_1.10.1_linux_amd64.zip https://releases.hashicorp.com/vault/1.10.1/vault_1.10.1_linux_amd64.zip + - curl -s https://releases.hashicorp.com/vault/1.10.1/vault_1.10.1_SHA256SUMS | grep linux_amd64 | sha256sum -c + - unzip vault_1.10.1_linux_amd64.zip + - rm vault_1.10.1_linux_amd64.zip - mv vault /bin/ - mvn -B -P integration-test verify when: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9ef716d..5d05ec6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,10 +6,10 @@ jobs: strategy: matrix: jdk: [ 11, 17 ] - vault: [ '1.10.0' ] + vault: [ '1.10.1' ] include: - jdk: 11 - vault: '1.10.0' + vault: '1.10.1' analysis: true steps: - name: Checkout diff --git a/CHANGELOG.md b/CHANGELOG.md index 8f25399..e548494 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,11 +7,12 @@ * Add `migration`, `recovery_seal` and `storage_type` fields to `SealReponse` model * Add support for `wrap_info` in data response models * Dependency updates -* model and response classes implement `Serializable` (#57) -* split `SercretResponse` into `PlainSecretResponse` and `MetaSecretResponse` subclasses (common API unchanged) +* Model and response classes implement `Serializable` (#57) +* Split `SercretResponse` into `PlainSecretResponse` and `MetaSecretResponse` subclasses (common API unchanged) +* Add missing fields to `AuthMethod` model ### Test -* Tested against Vault 1.10.0 +* Tested against Vault 1.10.1 ## 1.0.1 (2021-11-21) diff --git a/src/main/java/de/stklcode/jvault/connector/model/response/embedded/AuthMethod.java b/src/main/java/de/stklcode/jvault/connector/model/response/embedded/AuthMethod.java index 1ad35ac..8bf0d45 100644 --- a/src/main/java/de/stklcode/jvault/connector/model/response/embedded/AuthMethod.java +++ b/src/main/java/de/stklcode/jvault/connector/model/response/embedded/AuthMethod.java @@ -34,20 +34,32 @@ import java.util.Objects; */ @JsonIgnoreProperties(ignoreUnknown = true) public final class AuthMethod implements Serializable { - private static final long serialVersionUID = -5241997986380823391L; + private static final long serialVersionUID = -2718660627880077335L; private AuthBackend type; private String rawType; + @JsonProperty("accessor") + private String accessor; + @JsonProperty("description") private String description; @JsonProperty("config") private Map config; + @JsonProperty("external_entropy_access") + private boolean externalEntropyAccess; + @JsonProperty("local") private boolean local; + @JsonProperty("seal_wrap") + private boolean sealWrap; + + @JsonProperty("uuid") + private String uuid; + /** * @param type Backend type, passed to {@link AuthBackend#forType(String)} */ @@ -71,6 +83,14 @@ public final class AuthMethod implements Serializable { return rawType; } + /** + * @return Accessor + * @since 1.1 + */ + public String getAccessor() { + return accessor; + } + /** * @return Description */ @@ -85,6 +105,14 @@ public final class AuthMethod implements Serializable { return config; } + /** + * @return Backend has access to external entropy source + * @since 1.1 + */ + public boolean isExternalEntropyAccess() { + return externalEntropyAccess; + } + /** * @return Is local backend */ @@ -92,6 +120,22 @@ public final class AuthMethod implements Serializable { return local; } + /** + * @return Seal wrapping enabled + * @since 1.1 + */ + public boolean isSealWrap() { + return sealWrap; + } + + /** + * @return Backend UUID + * @since 1.1 + */ + public String getUuid() { + return uuid; + } + @Override public boolean equals(Object o) { if (this == o) { @@ -102,13 +146,17 @@ public final class AuthMethod implements Serializable { AuthMethod that = (AuthMethod) o; return local == that.local && type == that.type && + externalEntropyAccess == that.externalEntropyAccess && + sealWrap == that.sealWrap && Objects.equals(rawType, that.rawType) && + Objects.equals(accessor, that.accessor) && Objects.equals(description, that.description) && - Objects.equals(config, that.config); + Objects.equals(config, that.config) && + Objects.equals(uuid, that.uuid); } @Override public int hashCode() { - return Objects.hash(type, rawType, description, config, local); + return Objects.hash(type, rawType, accessor, description, config, externalEntropyAccess, local, sealWrap, uuid); } } diff --git a/src/test/java/de/stklcode/jvault/connector/HTTPVaultConnectorIT.java b/src/test/java/de/stklcode/jvault/connector/HTTPVaultConnectorIT.java index 65cf422..d65fa98 100644 --- a/src/test/java/de/stklcode/jvault/connector/HTTPVaultConnectorIT.java +++ b/src/test/java/de/stklcode/jvault/connector/HTTPVaultConnectorIT.java @@ -49,7 +49,7 @@ import static org.junit.jupiter.api.Assumptions.assumeTrue; * @since 0.1 */ class HTTPVaultConnectorIT { - private static String VAULT_VERSION = "1.10.0"; // The vault version this test is supposed to run against. + private static String VAULT_VERSION = "1.10.1"; // The vault version this test is supposed to run against. private static final String KEY1 = "E38bkCm0VhUvpdCKGQpcohhD9XmcHJ/2hreOSY019Lho"; private static final String KEY2 = "O5OHwDleY3IiPdgw61cgHlhsrEm6tVJkrxhF6QAnILd1"; private static final String KEY3 = "mw7Bm3nbt/UWa/juDjjL2EPQ04kiJ0saC5JEXwJvXYsB"; diff --git a/src/test/java/de/stklcode/jvault/connector/model/response/AuthMethodsResponseTest.java b/src/test/java/de/stklcode/jvault/connector/model/response/AuthMethodsResponseTest.java index 781d2c3..7821db8 100644 --- a/src/test/java/de/stklcode/jvault/connector/model/response/AuthMethodsResponseTest.java +++ b/src/test/java/de/stklcode/jvault/connector/model/response/AuthMethodsResponseTest.java @@ -38,9 +38,13 @@ import static org.junit.jupiter.api.Assertions.*; class AuthMethodsResponseTest extends AbstractModelTest { private static final String GH_PATH = "github/"; private static final String GH_TYPE = "github"; + private static final String GH_UUID = "4b42d1a4-0a0d-3c88-ae90-997e0c8b41be"; + private static final String GH_ACCESSOR = "auth_github_badd7fd0"; private static final String GH_DESCR = "GitHub auth"; private static final String TK_PATH = "token/"; private static final String TK_TYPE = "token"; + private static final String TK_UUID = "32ea9681-6bd6-6cec-eec3-d11260ba9741"; + private static final String TK_ACCESSOR = "auth_token_ac0dd95a"; private static final String TK_DESCR = "token based credentials"; private static final Integer TK_LEASE_TTL = 0; private static final Integer TK_MAX_LEASE_TTL = 0; @@ -48,8 +52,13 @@ class AuthMethodsResponseTest extends AbstractModelTest { private static final String RES_JSON = "{\n" + " \"data\": {" + " \"" + GH_PATH + "\": {\n" + + " \"uuid\": \"" + GH_UUID + "\",\n" + " \"type\": \"" + GH_TYPE + "\",\n" + - " \"description\": \"" + GH_DESCR + "\"\n" + + " \"accessor\": \"" + GH_ACCESSOR + "\",\n" + + " \"description\": \"" + GH_DESCR + "\",\n" + + " \"external_entropy_access\": false,\n" + + " \"local\": false,\n" + + " \"seal_wrap\": false\n" + " },\n" + " \"" + TK_PATH + "\": {\n" + " \"config\": {\n" + @@ -57,7 +66,12 @@ class AuthMethodsResponseTest extends AbstractModelTest { " \"max_lease_ttl\": " + TK_MAX_LEASE_TTL + "\n" + " },\n" + " \"description\": \"" + TK_DESCR + "\",\n" + - " \"type\": \"" + TK_TYPE + "\"\n" + + " \"type\": \"" + TK_TYPE + "\",\n" + + " \"uuid\": \"" + TK_UUID + "\",\n" + + " \"accessor\": \"" + TK_ACCESSOR + "\",\n" + + " \"external_entropy_access\": false,\n" + + " \"local\": true,\n" + + " \"seal_wrap\": false\n" + " }\n" + " }\n" + "}"; @@ -108,15 +122,31 @@ class AuthMethodsResponseTest extends AbstractModelTest { assertEquals(AuthBackend.GITHUB, method.getType(), "Incorrect parsed type for GitHub"); assertEquals(GH_DESCR, method.getDescription(), "Incorrect description for GitHub"); assertNull(method.getConfig(), "Unexpected config for GitHub"); + assertEquals(GH_UUID, method.getUuid(), "Unexpected UUID for GitHub"); + assertEquals(GH_ACCESSOR, method.getAccessor(), "Unexpected accessor for GitHub"); + assertFalse(method.isLocal(), "Unexpected local flag for GitHub"); + assertFalse(method.isExternalEntropyAccess(), "Unexpected external entropy flag for GitHub"); + assertFalse(method.isSealWrap(), "Unexpected seal wrap flag for GitHub"); - // Verify first method. + // Verify second method. method = supported.get(TK_PATH); assertEquals(TK_TYPE, method.getRawType(), "Incorrect raw type for Token"); assertEquals(AuthBackend.TOKEN, method.getType(), "Incorrect parsed type for Token"); assertEquals(TK_DESCR, method.getDescription(), "Incorrect description for Token"); + assertEquals(TK_UUID, method.getUuid(), "Unexpected UUID for Token"); + assertEquals(TK_ACCESSOR, method.getAccessor(), "Unexpected accessor for Token"); + assertTrue(method.isLocal(), "Unexpected local flag for Token"); + assertFalse(method.isExternalEntropyAccess(), "Unexpected external entropy flag for Token"); + assertFalse(method.isSealWrap(), "Unexpected seal wrap flag for GitHub"); + assertNotNull(method.getConfig(), "Missing config for Token"); - assertEquals(2, method.getConfig().size(), "Unexpected config size for Token"); - assertEquals(TK_LEASE_TTL.toString(), method.getConfig().get("default_lease_ttl"), "Incorrect lease TTL config"); - assertEquals(TK_MAX_LEASE_TTL.toString(), method.getConfig().get("max_lease_ttl"), "Incorrect max lease TTL config"); + assertEquals( + Map.of( + "default_lease_ttl", TK_LEASE_TTL.toString(), + "max_lease_ttl", TK_MAX_LEASE_TTL.toString() + ), + method.getConfig(), + "Unexpected config for Token" + ); } }