diff --git a/src/test/java/de/stklcode/jvault/connector/exception/VaultConnectorExceptionTest.java b/src/test/java/de/stklcode/jvault/connector/exception/VaultConnectorExceptionTest.java index 4a45941..9653c49 100644 --- a/src/test/java/de/stklcode/jvault/connector/exception/VaultConnectorExceptionTest.java +++ b/src/test/java/de/stklcode/jvault/connector/exception/VaultConnectorExceptionTest.java @@ -27,6 +27,7 @@ import static org.junit.Assert.assertThat; * Common JUnit test for Exceptions extending {@link VaultConnectorException}. * * @author Stefan Kalscheuer + * @since 0.6.2 */ public class VaultConnectorExceptionTest { private static final String MSG = "This is a test exception!"; diff --git a/src/test/java/de/stklcode/jvault/connector/model/response/AppRoleResponseTest.java b/src/test/java/de/stklcode/jvault/connector/model/response/AppRoleResponseTest.java new file mode 100644 index 0000000..1397005 --- /dev/null +++ b/src/test/java/de/stklcode/jvault/connector/model/response/AppRoleResponseTest.java @@ -0,0 +1,101 @@ +package de.stklcode.jvault.connector.model.response; + +import com.fasterxml.jackson.databind.ObjectMapper; +import de.stklcode.jvault.connector.exception.InvalidResponseException; +import de.stklcode.jvault.connector.model.AppRole; +import org.junit.Test; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +import static org.hamcrest.Matchers.*; +import static org.junit.Assert.assertThat; +import static org.junit.Assert.fail; + +/** + * JUnit Test for {@link AppRoleResponse} model. + * + * @author Stefan Kalscheuer + * @since 0.6.2 + */ +public class AppRoleResponseTest { + private static final Integer ROLE_TOKEN_TTL = 1200; + private static final Integer ROLE_TOKEN_MAX_TTL = 1800; + private static final Integer ROLE_SECRET_TTL = 600; + private static final Integer ROLE_SECRET_NUM_USES = 40; + private static final String ROLE_POLICY = "default"; + private static final Integer ROLE_PERIOD = 0; + private static final Boolean ROLE_BIND_SECRET = true; + + private static final String RES_JSON = "{\n" + + " \"auth\": null,\n" + + " \"warnings\": null,\n" + + " \"wrap_info\": null,\n" + + " \"data\": {\n" + + " \"token_ttl\": " + ROLE_TOKEN_TTL + ",\n" + + " \"token_max_ttl\": " + ROLE_TOKEN_MAX_TTL + ",\n" + + " \"secret_id_ttl\": " + ROLE_SECRET_TTL + ",\n" + + " \"secret_id_num_uses\": " + ROLE_SECRET_NUM_USES + ",\n" + + " \"policies\": [\n" + + " \"" + ROLE_POLICY + "\"\n" + + " ],\n" + + " \"period\": " + ROLE_PERIOD + ",\n" + + " \"bind_secret_id\": " + ROLE_BIND_SECRET + ",\n" + + " \"bound_cidr_list\": \"\"\n" + + " },\n" + + " \"lease_duration\": 0,\n" + + " \"renewable\": false,\n" + + " \"lease_id\": \"\"\n" + + "}"; + + private static final Map INVALID_DATA = new HashMap<>(); + + static { + INVALID_DATA.put("policies", "fancy-policy"); + } + + /** + * Test getter, setter and get-methods for response data. + */ + @Test + public void getDataRoundtrip() { + // Create empty Object. + AppRoleResponse res = new AppRoleResponse(); + assertThat("Initial data should be empty", res.getRole(), is(nullValue())); + + // Parsing invalid auth data map should fail. + try { + res.setData(INVALID_DATA); + fail("Parsing invalid data succeeded"); + } catch (Exception e) { + assertThat(e, is(instanceOf(InvalidResponseException.class))); + } + } + + /** + * Test creation from JSON value as returned by Vault (JSON example copied from Vault documentation). + */ + @Test + public void jsonRoundtrip() { + try { + AppRoleResponse res = new ObjectMapper().readValue(RES_JSON, AppRoleResponse.class); + assertThat("Parsed response is NULL", res, is(notNullValue())); + // Extract role data. + AppRole role = res.getRole(); + assertThat("Role data is NULL", role, is(notNullValue())); + assertThat("Incorrect token TTL", role.getTokenTtl(), is(ROLE_TOKEN_TTL)); + assertThat("Incorrect token max TTL", role.getTokenMaxTtl(), is(ROLE_TOKEN_MAX_TTL)); + assertThat("Incorrect secret ID TTL", role.getSecretIdTtl(), is(ROLE_SECRET_TTL)); + assertThat("Incorrect secret ID umber of uses", role.getSecretIdNumUses(), is(ROLE_SECRET_NUM_USES)); + assertThat("Incorrect number of policies", role.getPolicies(), hasSize(1)); + assertThat("Incorrect role policies", role.getPolicies(), contains(ROLE_POLICY)); + assertThat("Incorrect role period", role.getPeriod(), is(ROLE_PERIOD)); + assertThat("Incorrect role bind secret ID flag", role.getBindSecretId(), is(ROLE_BIND_SECRET)); + assertThat("Incorrect biund CIDR list", role.getBoundCidrList(), is(nullValue())); + assertThat("Incorrect biund CIDR list string", role.getBoundCidrListString(), is(emptyString())); + } catch (IOException e) { + fail("AuthResponse deserialization failed: " + e.getMessage()); + } + } +} diff --git a/src/test/java/de/stklcode/jvault/connector/model/response/AuthResponseTest.java b/src/test/java/de/stklcode/jvault/connector/model/response/AuthResponseTest.java new file mode 100644 index 0000000..9ade219 --- /dev/null +++ b/src/test/java/de/stklcode/jvault/connector/model/response/AuthResponseTest.java @@ -0,0 +1,97 @@ +package de.stklcode.jvault.connector.model.response; + +import com.fasterxml.jackson.databind.ObjectMapper; +import de.stklcode.jvault.connector.exception.InvalidResponseException; +import de.stklcode.jvault.connector.model.response.embedded.AuthData; +import org.junit.Test; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +import static org.hamcrest.Matchers.*; +import static org.junit.Assert.assertThat; +import static org.junit.Assert.fail; + +/** + * JUnit Test for {@link AuthResponse} model. + * + * @author Stefan Kalscheuer + * @since 0.6.2 + */ +public class AuthResponseTest { + private static final String AUTH_ACCESSOR = "2c84f488-2133-4ced-87b0-570f93a76830"; + private static final String AUTH_CLIENT_TOKEN = "ABCD"; + private static final String AUTH_POLICY_1 = "web"; + private static final String AUTH_POLICY_2 = "stage"; + private static final String AUTH_META_KEY = "user"; + private static final String AUTH_META_VALUE = "armon"; + private static final Integer AUTH_LEASE_DURATION = 3600; + private static final Boolean AUTH_RENEWABLE = true; + + private static final String RES_JSON = "{\n" + + " \"auth\": {\n" + + " \"accessor\": \"" + AUTH_ACCESSOR + "\",\n" + + " \"client_token\": \"" + AUTH_CLIENT_TOKEN + "\",\n" + + " \"policies\": [\n" + + " \"" + AUTH_POLICY_1 + "\", \n" + + " \"" + AUTH_POLICY_2 + "\"\n" + + " ],\n" + + " \"metadata\": {\n" + + " \"" + AUTH_META_KEY + "\": \"" + AUTH_META_VALUE + "\"\n" + + " },\n" + + " \"lease_duration\": " + AUTH_LEASE_DURATION + ",\n" + + " \"renewable\": " + AUTH_RENEWABLE + "\n" + + " }\n" + + "}"; + + private static final Map INVALID_AUTH_DATA = new HashMap<>(); + + static { + INVALID_AUTH_DATA.put("policies", "fancy-policy"); + } + + /** + * Test getter, setter and get-methods for response data. + */ + @Test + public void getDataRoundtrip() { + // Create empty Object. + AuthResponse res = new AuthResponse(); + assertThat("Initial data should be empty", res.getData(), is(nullValue())); + + // Parsing invalid auth data map should fail. + try { + res.setAuth(INVALID_AUTH_DATA); + fail("Parsing invalid auth data succeeded"); + } catch (Exception e) { + assertThat(e, is(instanceOf(InvalidResponseException.class))); + } + + // Data method should be agnostic. + res.setData(INVALID_AUTH_DATA); + assertThat("Data not passed through", res.getData(), is(INVALID_AUTH_DATA)); + } + + /** + * Test creation from JSON value as returned by Vault (JSON example copied from Vault documentation). + */ + @Test + public void jsonRoundtrip() { + try { + AuthResponse res = new ObjectMapper().readValue(RES_JSON, AuthResponse.class); + assertThat("Parsed response is NULL", res, is(notNullValue())); + // Extract auth data. + AuthData data = res.getAuth(); + assertThat("Auth data is NULL", data, is(notNullValue())); + assertThat("Incorrect auth accessor", data.getAccessor(), is(AUTH_ACCESSOR)); + assertThat("Incorrect auth client token", data.getClientToken(), is(AUTH_CLIENT_TOKEN)); + assertThat("Incorrect auth lease duration", data.getLeaseDuration(), is(AUTH_LEASE_DURATION)); + assertThat("Incorrect auth renewable flag", data.isRenewable(), is(AUTH_RENEWABLE)); + assertThat("Incorrect number of policies", data.getPolicies(), hasSize(2)); + assertThat("Incorrect auth policies", data.getPolicies(), containsInAnyOrder(AUTH_POLICY_1, AUTH_POLICY_2)); + } catch (IOException e) { + fail("AuthResponse deserialization failed: " + e.getMessage()); + } + } +} diff --git a/src/test/java/de/stklcode/jvault/connector/model/response/SecretResponseTest.java b/src/test/java/de/stklcode/jvault/connector/model/response/SecretResponseTest.java new file mode 100644 index 0000000..6f46572 --- /dev/null +++ b/src/test/java/de/stklcode/jvault/connector/model/response/SecretResponseTest.java @@ -0,0 +1,117 @@ +package de.stklcode.jvault.connector.model.response; + +import com.fasterxml.jackson.databind.ObjectMapper; +import de.stklcode.jvault.connector.exception.InvalidResponseException; +import org.junit.Test; + +import java.io.IOException; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import static org.hamcrest.Matchers.*; +import static org.junit.Assert.assertThat; +import static org.junit.Assert.fail; + +/** + * JUnit Test for {@link SecretResponse} model. + * + * @author Stefan Kalscheuer + * @since 0.6.2 + */ +public class SecretResponseTest { + private static final Map DATA = new HashMap<>(); + private static final String KEY_UNKNOWN = "unknown"; + private static final String KEY_STRING = "test1"; + private static final String VAL_STRING = "testvalue"; + private static final String KEY_INTEGER = "test2"; + private static final Integer VAL_INTEGER = 42; + private static final String KEY_LIST = "list"; + private static final String VAL_LIST = "[\"first\",\"second\"]"; + + private static final String SECRET_REQUEST_ID = "68315073-6658-e3ff-2da7-67939fb91bbd"; + private static final String SECRET_LEASE_ID = ""; + private static final Integer SECRET_LEASE_DURATION = 2764800; + private static final boolean SECRET_RENEWABLE = false; + private static final String SECRET_DATA_K1 = "excited"; + private static final String SECRET_DATA_V1 = "yes"; + private static final String SECRET_DATA_K2 = "value"; + private static final String SECRET_DATA_V2 = "world"; + private static final List SECRET_WARNINGS = null; + private static final String SECRET_JSON = "{\n" + + " \"request_id\": \"" + SECRET_REQUEST_ID + "\",\n" + + " \"lease_id\": \"" + SECRET_LEASE_ID + "\",\n" + + " \"lease_duration\": " + SECRET_LEASE_DURATION + ",\n" + + " \"renewable\": " + SECRET_RENEWABLE + ",\n" + + " \"data\": {\n" + + " \"" + SECRET_DATA_K1 + "\": \"" + SECRET_DATA_V1 + "\",\n" + + " \"" + SECRET_DATA_K2 + "\": \"" + SECRET_DATA_V2 + "\"\n" + + " },\n" + + " \"warnings\": " + SECRET_WARNINGS + "\n" + + "}"; + + + static { + DATA.put(KEY_STRING, VAL_STRING); + DATA.put(KEY_INTEGER, VAL_INTEGER); + DATA.put(KEY_LIST, VAL_LIST); + } + + /** + * Test getter, setter and get-methods for response data. + * + * @throws InvalidResponseException Should not occur + */ + @Test + @SuppressWarnings("unchecked") + public void getDataRoundtrip() throws InvalidResponseException { + // Create empty Object. + SecretResponse res = new SecretResponse(); + assertThat("Initial data should be Map", res.getData(), is(instanceOf(Map.class))); + assertThat("Initial data should be empty", res.getData().entrySet(), empty()); + assertThat("Getter should return NULL on empty data map", res.get(KEY_STRING), is(nullValue())); + + // Fill data map. + res.setData(DATA); + assertThat("Data setter/getter not transparent", res.getData(), is(DATA)); + assertThat("Data size modified", res.getData().keySet(), hasSize(DATA.size())); + assertThat("Data keys not passed correctly", res.getData().keySet(), containsInAnyOrder(KEY_STRING, KEY_INTEGER, KEY_LIST)); + assertThat("Data values not passed correctly", res.get(KEY_STRING), is(VAL_STRING)); + assertThat("Data values not passed correctly", res.get(KEY_INTEGER), is(VAL_INTEGER)); + assertThat("Non-Null returned on unknown key", res.get(KEY_UNKNOWN), is(nullValue())); + + // Try explicit JSON conversion. + final List list = res.get(KEY_LIST, List.class); + assertThat("JSON parsing of list failed", list, is(notNullValue())); + assertThat("JSON parsing of list returned incorrect size", list.size(), is(2)); + assertThat("JSON parsing of list returned incorrect elements", (List)list, contains("first", "second")); + assertThat("Non-Null returned on unknown key", res.get(KEY_UNKNOWN, Object.class), is(nullValue())); + + // Requesting invalid class should result in Exception. + try { + res.get(KEY_LIST, Double.class); + fail("JSON parsing to incorrect type succeeded."); + } catch (Exception e) { + assertThat(e, is(instanceOf(InvalidResponseException.class))); + } + } + + /** + * Test creation from JSON value as returned by Vault (JSON example copied from Vault documentation). + */ + @Test + public void jsonRoundtrip() { + try { + SecretResponse res = new ObjectMapper().readValue(SECRET_JSON, SecretResponse.class); + assertThat("Parsed response is NULL", res, is(notNullValue())); + assertThat("Incorrect lease ID", res.getLeaseId(), is(SECRET_LEASE_ID)); + assertThat("Incorrect lease duration", res.getLeaseDuration(), is(SECRET_LEASE_DURATION)); + assertThat("Incorrect renewable status", res.isRenewable(), is(SECRET_RENEWABLE)); + assertThat("Incorrect warnings", res.getWarnings(), is(SECRET_WARNINGS)); + assertThat("Response does not contain correct data", res.get(SECRET_DATA_K1), is(SECRET_DATA_V1)); + assertThat("Response does not contain correct data", res.get(SECRET_DATA_K2), is(SECRET_DATA_V2)); + } catch (IOException e) { + fail("SecretResponse deserialization failed: " + e.getMessage()); + } + } +} diff --git a/src/test/java/de/stklcode/jvault/connector/model/response/TokenResponseTest.java b/src/test/java/de/stklcode/jvault/connector/model/response/TokenResponseTest.java new file mode 100644 index 0000000..62dda42 --- /dev/null +++ b/src/test/java/de/stklcode/jvault/connector/model/response/TokenResponseTest.java @@ -0,0 +1,107 @@ +package de.stklcode.jvault.connector.model.response; + +import com.fasterxml.jackson.databind.ObjectMapper; +import de.stklcode.jvault.connector.exception.InvalidResponseException; +import de.stklcode.jvault.connector.model.response.embedded.TokenData; +import org.junit.Test; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +import static org.hamcrest.Matchers.*; +import static org.junit.Assert.assertThat; +import static org.junit.Assert.fail; + +/** + * JUnit Test for {@link TokenResponse} model. + * + * @author Stefan Kalscheuer + * @since 0.6.2 + */ +public class TokenResponseTest { + private static final Integer TOKEN_CREATION_TIME = 1457533232; + private static final Integer TOKEN_TTL = 2764800; + private static final String TOKEN_DISPLAY_NAME = "token"; + private static final Integer TOKEN_NUM_USES = 0; + private static final Boolean TOKEN_ORPHAN = false; + private static final String TOKEN_PATH = "auth/token/create"; + private static final String TOKEN_POLICY_1 = "default"; + private static final String TOKEN_POLICY_2 = "web"; + private static final Boolean RES_RENEWABLE = false; + private static final Integer RES_TTL = 2591976; + private static final Integer RES_LEASE_DURATION = 0; + + private static final String RES_JSON = "{\n" + + " \"lease_id\": \"\",\n" + + " \"renewable\": " + RES_RENEWABLE + ",\n" + + " \"lease_duration\": " + RES_LEASE_DURATION + ",\n" + + " \"data\": {\n" + + " \"creation_time\": " + TOKEN_CREATION_TIME + ",\n" + + " \"creation_ttl\": " + TOKEN_TTL + ",\n" + + " \"display_name\": \"" + TOKEN_DISPLAY_NAME + "\",\n" + + " \"meta\": null,\n" + + " \"num_uses\": " + TOKEN_NUM_USES + ",\n" + + " \"orphan\": " + TOKEN_ORPHAN + ",\n" + + " \"path\": \"" + TOKEN_PATH + "\",\n" + + " \"policies\": [\n" + + " \"" + TOKEN_POLICY_1 + "\", \n" + + " \"" + TOKEN_POLICY_2 + "\"\n" + + " ],\n" + + " \"ttl\": " + RES_TTL + "\n" + + " },\n" + + " \"warnings\": null,\n" + + " \"auth\": null\n" + + "}"; + + private static final Map INVALID_TOKEN_DATA = new HashMap<>(); + + static { + INVALID_TOKEN_DATA.put("num_uses", "fourtytwo"); + } + + /** + * Test getter, setter and get-methods for response data. + */ + @Test + public void getDataRoundtrip() { + // Create empty Object. + TokenResponse res = new TokenResponse(); + assertThat("Initial data should be empty", res.getData(), is(nullValue())); + + // Parsing invalid data map should fail. + try { + res.setData(INVALID_TOKEN_DATA); + fail("Parsing invalid token data succeeded"); + } catch (Exception e) { + assertThat(e, is(instanceOf(InvalidResponseException.class))); + } + } + + /** + * Test creation from JSON value as returned by Vault (JSON example copied from Vault documentation). + */ + @Test + public void jsonRoundtrip() { + try { + TokenResponse res = new ObjectMapper().readValue(RES_JSON, TokenResponse.class); + assertThat("Parsed response is NULL", res, is(notNullValue())); + assertThat("Incorrect lease duration", res.getLeaseDuration(), is(RES_LEASE_DURATION)); + assertThat("Incorrect renewable status", res.isRenewable(), is(RES_RENEWABLE)); + // Extract token data. + TokenData data = res.getData(); + assertThat("Token data is NULL", data, is(notNullValue())); + assertThat("Incorrect token creation time", data.getCreationTime(), is(TOKEN_CREATION_TIME)); + assertThat("Incorrect token creation TTL", data.getCreationTtl(), is(TOKEN_TTL)); + assertThat("Incorrect token display name", data.getName(), is(TOKEN_DISPLAY_NAME)); + assertThat("Incorrect token number of uses", data.getNumUses(), is(TOKEN_NUM_USES)); + assertThat("Incorrect token orphan flag", data.isOrphan(), is(TOKEN_ORPHAN)); + assertThat("Incorrect token path", data.getPath(), is(TOKEN_PATH)); + assertThat("Incorrect response renewable flag", res.isRenewable(), is(RES_RENEWABLE)); + assertThat("Incorrect response TTL", data.getTtl(), is(RES_TTL)); + assertThat("Incorrect response lease duration", res.getLeaseDuration(), is(RES_LEASE_DURATION)); + } catch (IOException e) { + fail("TokenResponse deserialization failed: " + e.getMessage()); + } + } +}