diff --git a/CHANGELOG.md b/CHANGELOG.md index 04a923c..3d260aa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,8 @@ ### Removal * Remove deprecated `VaultConnectorFactory` in favor of `VaultConnectorBuilder` with identical API +* Remove deprecated `AppRoleBuilder` and `TokenBuilder` in favor of `AppRole.Builder` and `Token.Builder` +* Remove deprecated `Period`, `Policy` and `Policies` methods from `AppRole` in favor of `Token`-prefixed versions ### Improvements * Use pre-sized map objects for fixed-size payloads diff --git a/src/main/java/de/stklcode/jvault/connector/model/AppRole.java b/src/main/java/de/stklcode/jvault/connector/model/AppRole.java index f0674b9..bec4779 100644 --- a/src/main/java/de/stklcode/jvault/connector/model/AppRole.java +++ b/src/main/java/de/stklcode/jvault/connector/model/AppRole.java @@ -105,53 +105,6 @@ public final class AppRole { public AppRole() { } - /** - * Construct complete {@link AppRole} object. - *

- * This constructor is used for transition from {@code bound_cidr_list} to {@code secret_id_bound_cidrs} only. - * - * @param name Role name (required) - * @param id Role ID (optional) - * @param bindSecretId Bind secret ID (optional) - * @param secretIdBoundCidrs Whitelist of subnets in CIDR notation (optional) - * @param secretIdNumUses Maximum number of uses per secret (optional) - * @param secretIdTtl Maximum TTL in seconds for secrets (optional) - * @param enableLocalSecretIds Enable local secret IDs (optional) - * @param tokenTtl Token TTL in seconds (optional) - * @param tokenMaxTtl Maximum token TTL in seconds, including renewals (optional) - * @param tokenPolicies List of token policies (optional) - * @param tokenBoundCidrs Whitelist of subnets in CIDR notation for associated tokens (optional) - * @param tokenExplicitMaxTtl Explicit maximum TTL for associated tokens (optional) - * @param tokenNoDefaultPolicy Enable or disable default policy for associated tokens (optional) - * @param tokenNumUses Number of uses for tokens (optional) - * @param tokenPeriod Duration in seconds, if set the token is a periodic token (optional) - * @param tokenType Token type (optional) - * @deprecated As of 0.9 in favor of {@link #builder(String)}. Will be removed with next major release. - */ - @Deprecated - AppRole(final String name, final String id, final Boolean bindSecretId, final List secretIdBoundCidrs, - final Integer secretIdNumUses, final Integer secretIdTtl, final Boolean enableLocalSecretIds, - final Integer tokenTtl, final Integer tokenMaxTtl, final List tokenPolicies, - final List tokenBoundCidrs, final Integer tokenExplicitMaxTtl, final Boolean tokenNoDefaultPolicy, - final Integer tokenNumUses, final Integer tokenPeriod, final String tokenType) { - this.name = name; - this.id = id; - this.bindSecretId = bindSecretId; - this.secretIdBoundCidrs = secretIdBoundCidrs; - this.tokenPolicies = tokenPolicies; - this.secretIdNumUses = secretIdNumUses; - this.secretIdTtl = secretIdTtl; - this.enableLocalSecretIds = enableLocalSecretIds; - this.tokenTtl = tokenTtl; - this.tokenMaxTtl = tokenMaxTtl; - this.tokenBoundCidrs = tokenBoundCidrs; - this.tokenExplicitMaxTtl = tokenExplicitMaxTtl; - this.tokenNoDefaultPolicy = tokenNoDefaultPolicy; - this.tokenNumUses = tokenNumUses; - this.tokenPeriod = tokenPeriod; - this.tokenType = tokenType; - } - /** * Construct {@link AppRole} object from {@link AppRole.Builder}. * @@ -265,16 +218,6 @@ public final class AppRole { return tokenPolicies; } - /** - * @return list of token policies - * @deprecated Use {@link #getTokenPolicies()} instead. - */ - @Deprecated - @JsonIgnore - public List getPolicies() { - return getTokenPolicies(); - } - /** * @param tokenPolicies list of token policies * @since 0.9 @@ -284,16 +227,6 @@ public final class AppRole { this.tokenPolicies = tokenPolicies; } - /** - * @param policies list of policies - * @deprecated Use {@link #setTokenPolicies(List)} instead. - */ - @Deprecated - @JsonIgnore - public void setPolicies(final List policies) { - setTokenPolicies(policies); - } - /** * @return list of policies as comma-separated {@link String} * @since 0.9 @@ -307,16 +240,6 @@ public final class AppRole { return String.join(",", tokenPolicies); } - /** - * @return list of policies as comma-separated {@link String} - * @deprecated Use {@link #getTokenPoliciesString()} instead. - */ - @Deprecated - @JsonIgnore - public String getPoliciesString() { - return getTokenPoliciesString(); - } - /** * @return maximum number of uses per secret */ @@ -385,16 +308,6 @@ public final class AppRole { return tokenPeriod; } - /** - * @return duration in seconds, if specified - * @deprecated Use {@link #getTokenPeriod()} instead. - */ - @Deprecated - @JsonIgnore - public Integer getPeriod() { - return getTokenPeriod(); - } - /** * @return duration in seconds, if specified * @since 0.9 @@ -536,18 +449,6 @@ public final class AppRole { return this; } - /** - * Add given policies. - * - * @param policies the policies - * @return self - * @deprecated Use {@link #withTokenPolicies(List)} instead. - */ - @Deprecated - public Builder withPolicies(final List policies) { - return withTokenPolicies(policies); - } - /** * Add a single policy. * @@ -563,18 +464,6 @@ public final class AppRole { return this; } - /** - * Add a single policy. - * - * @param policy the policy - * @return self - * @deprecated Use {@link #withTokenPolicy(String)} instead. - */ - @Deprecated - public Builder withPolicy(final String policy) { - return withTokenPolicy(policy); - } - /** * Set number of uses for sectet IDs. * @@ -708,31 +597,6 @@ public final class AppRole { return this; } - /** - * Set renewal period for generated token in seconds. - * - * @param tokenPeriod period in seconds - * @return self - * @since 0.9 - * @deprecated Use {@link #withTokenPeriod(Integer)} instead. - */ - @Deprecated - public Builder wit0hTokenPeriod(final Integer tokenPeriod) { - return withTokenPeriod(tokenPeriod); - } - - /** - * Set renewal period for generated token in seconds. - * - * @param period period in seconds - * @return self - * @deprecated Use {@link #withTokenPeriod(Integer)} instead. - */ - @Deprecated - public Builder withPeriod(final Integer period) { - return withTokenPeriod(period); - } - /** * Set type of generated token. * diff --git a/src/main/java/de/stklcode/jvault/connector/model/AppRoleBuilder.java b/src/main/java/de/stklcode/jvault/connector/model/AppRoleBuilder.java deleted file mode 100644 index e09e056..0000000 --- a/src/main/java/de/stklcode/jvault/connector/model/AppRoleBuilder.java +++ /dev/null @@ -1,378 +0,0 @@ -/* - * Copyright 2016-2021 Stefan Kalscheuer - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package de.stklcode.jvault.connector.model; - -import java.util.ArrayList; -import java.util.List; - -/** - * A builder for vault AppRole roles.. - * - * @author Stefan Kalscheuer - * @since 0.4.0 - * @deprecated As of 0.9 in favor of {@link AppRole.Builder}. - */ -@Deprecated -public final class AppRoleBuilder { - private String name; - private String id; - private Boolean bindSecretId; - private List secretIdBoundCidrs; - private List tokenPolicies; - private Integer secretIdNumUses; - private Integer secretIdTtl; - private Boolean enableLocalSecretIds; - private Integer tokenTtl; - private Integer tokenMaxTtl; - private List tokenBoundCidrs; - private Integer tokenExplicitMaxTtl; - private Boolean tokenNoDefaultPolicy; - private Integer tokenNumUses; - private Integer tokenPeriod; - private Token.Type tokenType; - - /** - * Construct {@link AppRoleBuilder} with only the role name set. - * - * @param name Role name - */ - public AppRoleBuilder(final String name) { - this.name = name; - } - - /** - * Add custom role ID. (optional) - * - * @param id the ID - * @return self - */ - public AppRoleBuilder withId(final String id) { - this.id = id; - return this; - } - - /** - * Set if role is bound to secret ID. - * - * @param bindSecretId the display name - * @return self - */ - public AppRoleBuilder withBindSecretID(final Boolean bindSecretId) { - this.bindSecretId = bindSecretId; - return this; - } - - /** - * Bind role to secret ID. - * Convenience method for {@link #withBindSecretID(Boolean)} - * - * @return self - */ - public AppRoleBuilder withBindSecretID() { - return withBindSecretID(true); - } - - /** - * Do not bind role to secret ID. - * Convenience method for {@link #withBindSecretID(Boolean)} - * - * @return self - */ - public AppRoleBuilder withoutBindSecretID() { - return withBindSecretID(false); - } - - /** - * Set bound CIDR blocks. - * - * @param secretIdBoundCidrs List of CIDR blocks which can perform login - * @return self - * @since 0.8 replaces {@code withBoundCidrList(List)} - */ - public AppRoleBuilder withSecretIdBoundCidrs(final List secretIdBoundCidrs) { - if (this.secretIdBoundCidrs == null) { - this.secretIdBoundCidrs = new ArrayList<>(); - } - this.secretIdBoundCidrs.addAll(secretIdBoundCidrs); - return this; - } - - /** - * Add a CIDR block to list of bound blocks for secret. - * - * @param secretBoundCidr the CIDR block - * @return self - * @since 0.9 - */ - public AppRoleBuilder withSecretBoundCidr(final String secretBoundCidr) { - if (secretIdBoundCidrs == null) { - secretIdBoundCidrs = new ArrayList<>(); - } - secretIdBoundCidrs.add(secretBoundCidr); - return this; - } - - /** - * Add given policies. - * - * @param tokenPolicies the token policies - * @return self - * @since 0.9 - */ - public AppRoleBuilder withTokenPolicies(final List tokenPolicies) { - if (this.tokenPolicies == null) { - this.tokenPolicies = new ArrayList<>(); - } - this.tokenPolicies.addAll(tokenPolicies); - return this; - } - - /** - * Add given policies. - * - * @param policies the policies - * @return self - * @deprecated Use {@link #withTokenPolicies(List)} instead. - */ - @Deprecated - public AppRoleBuilder withPolicies(final List policies) { - return withTokenPolicies(policies); - } - - /** - * Add a single policy. - * - * @param tokenPolicy the token policy - * @return self - * @since 0.9 - */ - public AppRoleBuilder withTokenPolicy(final String tokenPolicy) { - if (this.tokenPolicies == null) { - this.tokenPolicies = new ArrayList<>(); - } - tokenPolicies.add(tokenPolicy); - return this; - } - - /** - * Add a single policy. - * - * @param policy the policy - * @return self - * @deprecated Use {@link #withTokenPolicy(String)} instead. - */ - @Deprecated - public AppRoleBuilder withPolicy(final String policy) { - return withTokenPolicy(policy); - } - - /** - * Set number of uses for secret IDs. - * - * @param secretIdNumUses the number of uses - * @return self - */ - public AppRoleBuilder withSecretIdNumUses(final Integer secretIdNumUses) { - this.secretIdNumUses = secretIdNumUses; - return this; - } - - /** - * Set default secret ID TTL in seconds. - * - * @param secretIdTtl the TTL - * @return self - */ - public AppRoleBuilder withSecretIdTtl(final Integer secretIdTtl) { - this.secretIdTtl = secretIdTtl; - return this; - } - - /** - * Enable or disable local secret IDs. - * - * @param enableLocalSecretIds Enable local secret IDs? - * @return self - * @since 0.9 - */ - public AppRoleBuilder withEnableLocalSecretIds(final Boolean enableLocalSecretIds) { - this.enableLocalSecretIds = enableLocalSecretIds; - return this; - } - - /** - * Set default token TTL in seconds. - * - * @param tokenTtl the TTL - * @return self - */ - public AppRoleBuilder withTokenTtl(final Integer tokenTtl) { - this.tokenTtl = tokenTtl; - return this; - } - - /** - * Set maximum token TTL in seconds. - * - * @param tokenMaxTtl the TTL - * @return self - */ - public AppRoleBuilder withTokenMaxTtl(final Integer tokenMaxTtl) { - this.tokenMaxTtl = tokenMaxTtl; - return this; - } - - /** - * Set bound CIDR blocks for associated tokens. - * - * @param tokenBoundCidrs List of CIDR blocks which can perform login - * @return self - * @since 0.9 - */ - public AppRoleBuilder withTokenBoundCidrs(final List tokenBoundCidrs) { - if (this.tokenBoundCidrs == null) { - this.tokenBoundCidrs = new ArrayList<>(); - } - this.tokenBoundCidrs.addAll(tokenBoundCidrs); - return this; - } - - /** - * Add a CIDR block to list of bound blocks for token. - * - * @param tokenBoundCidr the CIDR block - * @return self - * @since 0.9 - */ - public AppRoleBuilder withTokenBoundCidr(final String tokenBoundCidr) { - if (tokenBoundCidrs == null) { - tokenBoundCidrs = new ArrayList<>(); - } - tokenBoundCidrs.add(tokenBoundCidr); - return this; - } - - /** - * Set explicit maximum token TTL in seconds. - * - * @param tokenExplicitMaxTtl the TTL - * @return self - */ - public AppRoleBuilder withTokenExplicitMaxTtl(final Integer tokenExplicitMaxTtl) { - this.tokenExplicitMaxTtl = tokenExplicitMaxTtl; - return this; - } - - /** - * Enable or disable default policy for generated token. - * - * @param tokenNoDefaultPolicy Enable default policy for token? - * @return self - * @since 0.9 - */ - public AppRoleBuilder withTokenNoDefaultPolicy(final Boolean tokenNoDefaultPolicy) { - this.tokenNoDefaultPolicy = tokenNoDefaultPolicy; - return this; - } - - /** - * Set number of uses for generated tokens. - * - * @param tokenNumUses number of uses for tokens - * @return self - * @since 0.9 - */ - public AppRoleBuilder withTokenNumUses(final Integer tokenNumUses) { - this.tokenNumUses = tokenNumUses; - return this; - } - - /** - * Set renewal period for generated token in seconds. - * - * @param tokenPeriod period in seconds - * @return self - * @since 0.9 - */ - public AppRoleBuilder withTokenPeriod(final Integer tokenPeriod) { - this.tokenPeriod = tokenPeriod; - return this; - } - - /** - * Set renewal period for generated token in seconds. - * - * @param tokenPeriod period in seconds - * @return self - * @since 0.9 - * @deprecated Use {@link #withTokenPeriod(Integer)} instead. - */ - @Deprecated - public AppRoleBuilder wit0hTokenPeriod(final Integer tokenPeriod) { - return withTokenPeriod(tokenPeriod); - } - - /** - * Set renewal period for generated token in seconds. - * - * @param period period in seconds - * @return self - * @deprecated Use {@link #withTokenPeriod(Integer)} instead. - */ - @Deprecated - public AppRoleBuilder withPeriod(final Integer period) { - return withTokenPeriod(period); - } - - /** - * Set type of generated token. - * - * @param tokenType token type - * @return self - * @since 0.9 - */ - public AppRoleBuilder withTokenType(final Token.Type tokenType) { - this.tokenType = tokenType; - return this; - } - - /** - * Build the AppRole role based on given parameters. - * - * @return the role - */ - public AppRole build() { - return new AppRole( - name, - id, - bindSecretId, - secretIdBoundCidrs, - secretIdNumUses, - secretIdTtl, - enableLocalSecretIds, - tokenTtl, - tokenMaxTtl, - tokenPolicies, - tokenBoundCidrs, - tokenExplicitMaxTtl, - tokenNoDefaultPolicy, - tokenNumUses, - tokenPeriod, - tokenType != null ? tokenType.value() : null - ); - } -} diff --git a/src/main/java/de/stklcode/jvault/connector/model/Token.java b/src/main/java/de/stklcode/jvault/connector/model/Token.java index 9844583..383b013 100644 --- a/src/main/java/de/stklcode/jvault/connector/model/Token.java +++ b/src/main/java/de/stklcode/jvault/connector/model/Token.java @@ -98,71 +98,6 @@ public final class Token { public Token() { } - /** - * Construct complete {@link Token} object with default type. - * - * @param id Token ID (optional) - * @param displayName Token display name (optional) - * @param noParent Token has no parent (optional) - * @param noDefaultPolicy Do not add default policy (optional) - * @param ttl Token TTL in seconds (optional) - * @param numUses Number of uses (optional) - * @param policies List of policies (optional) - * @param meta Metadata (optional) - * @param renewable Is the token renewable (optional) - * @deprecated As of 0.9 in favor of {@link #builder()}. Will be removed with next major release. - */ - @Deprecated - public Token(final String id, - final String displayName, - final Boolean noParent, - final Boolean noDefaultPolicy, - final Integer ttl, - final Integer numUses, - final List policies, - final Map meta, - final Boolean renewable) { - this(id, Type.DEFAULT.value(), displayName, noParent, noDefaultPolicy, ttl, numUses, policies, meta, renewable); - } - - /** - * Construct complete {@link Token} object. - * - * @param id Token ID (optional) - * @param type Token type (optional) - * @param displayName Token display name (optional) - * @param noParent Token has no parent (optional) - * @param noDefaultPolicy Do not add default policy (optional) - * @param ttl Token TTL in seconds (optional) - * @param numUses Number of uses (optional) - * @param policies List of policies (optional) - * @param meta Metadata (optional) - * @param renewable Is the token renewable (optional) - * @deprecated As of 0.9 in favor of {@link #builder()}. Will be removed with next major release. - */ - @Deprecated - public Token(final String id, - final String type, - final String displayName, - final Boolean noParent, - final Boolean noDefaultPolicy, - final Integer ttl, - final Integer numUses, - final List policies, - final Map meta, - final Boolean renewable) { - this.id = id; - this.type = type; - this.displayName = displayName; - this.ttl = ttl; - this.numUses = numUses; - this.noParent = noParent; - this.noDefaultPolicy = noDefaultPolicy; - this.policies = policies; - this.meta = meta; - this.renewable = renewable; - } - /** * Construct {@link Token} object from {@link Builder}. * diff --git a/src/main/java/de/stklcode/jvault/connector/model/TokenBuilder.java b/src/main/java/de/stklcode/jvault/connector/model/TokenBuilder.java deleted file mode 100644 index 987d557..0000000 --- a/src/main/java/de/stklcode/jvault/connector/model/TokenBuilder.java +++ /dev/null @@ -1,275 +0,0 @@ -/* - * Copyright 2016-2021 Stefan Kalscheuer - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package de.stklcode.jvault.connector.model; - -import java.util.*; - -/** - * A builder for vault tokens. - * - * @author Stefan Kalscheuer - * @since 0.4.0 - * @deprecated As of 0.9 in favor of {@link Token.Builder}. - */ -@Deprecated -public final class TokenBuilder { - private String id; - private Token.Type type; - private String displayName; - private Boolean noParent; - private Boolean noDefaultPolicy; - private Integer ttl; - private Integer numUses; - private List policies; - private Map meta; - private Boolean renewable; - - /** - * Add token ID. (optional) - * - * @param id the ID - * @return self - */ - public TokenBuilder withId(final String id) { - this.id = id; - return this; - } - - /** - * Specify token type. - * - * @param type the type - * @return self - * @since 0.9 - */ - public TokenBuilder withType(final Token.Type type) { - this.type = type; - return this; - } - - /** - * Add display name. - * - * @param displayName the display name - * @return self - */ - public TokenBuilder withDisplayName(final String displayName) { - this.displayName = displayName; - return this; - } - - /** - * Set desired time to live. - * - * @param ttl the ttl - * @return self - */ - public TokenBuilder withTtl(final Integer ttl) { - this.ttl = ttl; - return this; - } - - /** - * Set desired number of uses. - * - * @param numUses the number of uses - * @return self - */ - public TokenBuilder withNumUses(final Integer numUses) { - this.numUses = numUses; - return this; - } - - /** - * Set TRUE if the token should be created without parent. - * - * @param noParent if TRUE, token is created as orphan - * @return self - */ - public TokenBuilder withNoParent(final boolean noParent) { - this.noParent = noParent; - return this; - } - - /** - * Create token without parent. - * Convenience method for withNoParent() - * - * @return self - */ - public TokenBuilder asOrphan() { - return withNoParent(true); - } - - /** - * Create token with parent. - * Convenience method for withNoParent() - * - * @return self - */ - public TokenBuilder withParent() { - return withNoParent(false); - } - - /** - * Set TRUE if the default policy should not be part of this token. - * - * @param noDefaultPolicy if TRUE, default policy is not attached - * @return self - */ - public TokenBuilder withNoDefaultPolicy(final boolean noDefaultPolicy) { - this.noDefaultPolicy = noDefaultPolicy; - return this; - } - - /** - * Attach default policy to token. - * Convenience method for withNoDefaultPolicy() - * - * @return self - */ - public TokenBuilder withDefaultPolicy() { - return withNoDefaultPolicy(false); - } - - /** - * Do not attach default policy to token. - * Convenience method for withNoDefaultPolicy() - * - * @return self - */ - public TokenBuilder withoutDefaultPolicy() { - return withNoDefaultPolicy(true); - } - - /** - * Add given policies. - * - * @param policies the policies - * @return self - * @since 0.5.0 - */ - public TokenBuilder withPolicies(final String... policies) { - return withPolicies(Arrays.asList(policies)); - } - - /** - * Add given policies. - * - * @param policies the policies - * @return self - */ - public TokenBuilder withPolicies(final List policies) { - if (this.policies == null) { - this.policies = new ArrayList<>(); - } - this.policies.addAll(policies); - return this; - } - - /** - * Add a single policy. - * - * @param policy the policy - * @return self - */ - public TokenBuilder withPolicy(final String policy) { - if (this.policies == null) { - this.policies = new ArrayList<>(); - } - policies.add(policy); - return this; - } - - /** - * Add meta data. - * - * @param meta the metadata - * @return self - */ - public TokenBuilder withMeta(final Map meta) { - if (this.meta == null) { - this.meta = new HashMap<>(); - } - this.meta.putAll(meta); - return this; - } - - /** - * Add meta data. - * - * @param key the key - * @param value the value - * @return self - */ - public TokenBuilder withMeta(final String key, final String value) { - if (this.meta == null) { - this.meta = new HashMap<>(); - } - this.meta.put(key, value); - return this; - } - - /** - * Set if token is renewable. - * - * @param renewable TRUE, if renewable - * @return self - */ - public TokenBuilder withRenewable(final Boolean renewable) { - this.renewable = renewable; - return this; - } - - /** - * Set token to be renewable. - * Convenience method for withRenewable() - * - * @return self - */ - public TokenBuilder renewable() { - return withRenewable(true); - } - - /** - * Set token to be not renewable. - * Convenience method for withRenewable() - * - * @return self - */ - public TokenBuilder notRenewable() { - return withRenewable(false); - } - - /** - * Build the token based on given parameters. - * - * @return the token - */ - public Token build() { - return new Token(id, - type != null ? type.value() : null, - displayName, - noParent, - noDefaultPolicy, - ttl, - numUses, - policies, - meta, - renewable); - } -} diff --git a/src/test/java/de/stklcode/jvault/connector/model/AppRoleBuilderTest.java b/src/test/java/de/stklcode/jvault/connector/model/AppRoleTest.java similarity index 57% rename from src/test/java/de/stklcode/jvault/connector/model/AppRoleBuilderTest.java rename to src/test/java/de/stklcode/jvault/connector/model/AppRoleTest.java index 45e1bce..50a0296 100644 --- a/src/test/java/de/stklcode/jvault/connector/model/AppRoleBuilderTest.java +++ b/src/test/java/de/stklcode/jvault/connector/model/AppRoleTest.java @@ -28,12 +28,12 @@ import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.*; /** - * JUnit Test for AppRole Builder. + * JUnit Test for {@link AppRole} and {@link AppRole.Builder}. * * @author Stefan Kalscheuer * @since 0.4.0 */ -class AppRoleBuilderTest { +class AppRoleTest { private static final String NAME = "TestRole"; private static final String ID = "test-id"; private static final Boolean BIND_SECRET_ID = true; @@ -73,7 +73,6 @@ class AppRoleBuilderTest { assertThat(role.getBindSecretId(), is(nullValue())); assertThat(role.getSecretIdBoundCidrs(), is(nullValue())); assertThat(role.getTokenPolicies(), is(nullValue())); - assertThat(role.getPolicies(), is(nullValue())); assertThat(role.getSecretIdNumUses(), is(nullValue())); assertThat(role.getSecretIdTtl(), is(nullValue())); assertThat(role.getEnableLocalSecretIds(), is(nullValue())); @@ -84,35 +83,6 @@ class AppRoleBuilderTest { assertThat(role.getTokenNoDefaultPolicy(), is(nullValue())); assertThat(role.getTokenNumUses(), is(nullValue())); assertThat(role.getTokenPeriod(), is(nullValue())); - assertThat(role.getPeriod(), is(nullValue())); - assertThat(role.getTokenType(), is(nullValue())); - - /* optional fields should be ignored, so JSON string should only contain role_name */ - assertThat(new ObjectMapper().writeValueAsString(role), is(JSON_MIN)); - } - - /** - * Build role with only a name. - */ - @Test - void legacyBuildDefaultTest() throws JsonProcessingException { - AppRole role = new AppRoleBuilder(NAME).build(); - assertThat(role.getId(), is(nullValue())); - assertThat(role.getBindSecretId(), is(nullValue())); - assertThat(role.getSecretIdBoundCidrs(), is(nullValue())); - assertThat(role.getTokenPolicies(), is(nullValue())); - assertThat(role.getPolicies(), is(nullValue())); - assertThat(role.getSecretIdNumUses(), is(nullValue())); - assertThat(role.getSecretIdTtl(), is(nullValue())); - assertThat(role.getEnableLocalSecretIds(), is(nullValue())); - assertThat(role.getTokenTtl(), is(nullValue())); - assertThat(role.getTokenMaxTtl(), is(nullValue())); - assertThat(role.getTokenBoundCidrs(), is(nullValue())); - assertThat(role.getTokenExplicitMaxTtl(), is(nullValue())); - assertThat(role.getTokenNoDefaultPolicy(), is(nullValue())); - assertThat(role.getTokenNumUses(), is(nullValue())); - assertThat(role.getTokenPeriod(), is(nullValue())); - assertThat(role.getPeriod(), is(nullValue())); assertThat(role.getTokenType(), is(nullValue())); /* optional fields should be ignored, so JSON string should only contain role_name */ @@ -146,7 +116,6 @@ class AppRoleBuilderTest { assertThat(role.getBindSecretId(), is(BIND_SECRET_ID)); assertThat(role.getSecretIdBoundCidrs(), is(BOUND_CIDR_LIST)); assertThat(role.getTokenPolicies(), is(POLICIES)); - assertThat(role.getPolicies(), is(role.getTokenPolicies())); assertThat(role.getSecretIdNumUses(), is(SECRET_ID_NUM_USES)); assertThat(role.getSecretIdTtl(), is(SECRET_ID_TTL)); assertThat(role.getEnableLocalSecretIds(), is(ENABLE_LOCAL_SECRET_IDS)); @@ -157,52 +126,6 @@ class AppRoleBuilderTest { assertThat(role.getTokenNoDefaultPolicy(), is(TOKEN_NO_DEFAULT_POLICY)); assertThat(role.getTokenNumUses(), is(TOKEN_NUM_USES)); assertThat(role.getTokenPeriod(), is(TOKEN_PERIOD)); - assertThat(role.getPeriod(), is(TOKEN_PERIOD)); - assertThat(role.getTokenType(), is(TOKEN_TYPE.value())); - - /* Verify that all parameters are included in JSON string */ - assertThat(new ObjectMapper().writeValueAsString(role), is(JSON_FULL)); - } - - /** - * Build token without all parameters set. - */ - @Test - void legacyBuildFullTest() throws JsonProcessingException { - AppRole role = new AppRoleBuilder(NAME) - .withId(ID) - .withBindSecretID(BIND_SECRET_ID) - .withSecretIdBoundCidrs(BOUND_CIDR_LIST) - .withTokenPolicies(POLICIES) - .withSecretIdNumUses(SECRET_ID_NUM_USES) - .withSecretIdTtl(SECRET_ID_TTL) - .withEnableLocalSecretIds(ENABLE_LOCAL_SECRET_IDS) - .withTokenTtl(TOKEN_TTL) - .withTokenMaxTtl(TOKEN_MAX_TTL) - .withTokenBoundCidrs(BOUND_CIDR_LIST) - .withTokenExplicitMaxTtl(TOKEN_EXPLICIT_MAX_TTL) - .withTokenNoDefaultPolicy(TOKEN_NO_DEFAULT_POLICY) - .withTokenNumUses(TOKEN_NUM_USES) - .withTokenPeriod(TOKEN_PERIOD) - .withTokenType(TOKEN_TYPE) - .build(); - assertThat(role.getName(), is(NAME)); - assertThat(role.getId(), is(ID)); - assertThat(role.getBindSecretId(), is(BIND_SECRET_ID)); - assertThat(role.getSecretIdBoundCidrs(), is(BOUND_CIDR_LIST)); - assertThat(role.getTokenPolicies(), is(POLICIES)); - assertThat(role.getPolicies(), is(role.getTokenPolicies())); - assertThat(role.getSecretIdNumUses(), is(SECRET_ID_NUM_USES)); - assertThat(role.getSecretIdTtl(), is(SECRET_ID_TTL)); - assertThat(role.getEnableLocalSecretIds(), is(ENABLE_LOCAL_SECRET_IDS)); - assertThat(role.getTokenTtl(), is(TOKEN_TTL)); - assertThat(role.getTokenMaxTtl(), is(TOKEN_MAX_TTL)); - assertThat(role.getTokenBoundCidrs(), is(BOUND_CIDR_LIST)); - assertThat(role.getTokenExplicitMaxTtl(), is(TOKEN_EXPLICIT_MAX_TTL)); - assertThat(role.getTokenNoDefaultPolicy(), is(TOKEN_NO_DEFAULT_POLICY)); - assertThat(role.getTokenNumUses(), is(TOKEN_NUM_USES)); - assertThat(role.getTokenPeriod(), is(TOKEN_PERIOD)); - assertThat(role.getPeriod(), is(TOKEN_PERIOD)); assertThat(role.getTokenType(), is(TOKEN_TYPE.value())); /* Verify that all parameters are included in JSON string */ @@ -243,57 +166,11 @@ class AppRoleBuilderTest { role = AppRole.builder(NAME).withTokenPolicy(POLICY_2).build(); assertThat(role.getTokenPolicies(), hasSize(1)); assertThat(role.getTokenPolicies(), contains(POLICY_2)); - assertThat(role.getPolicies(), is(role.getTokenPolicies())); role = AppRole.builder(NAME) .withTokenPolicies(POLICIES) .withTokenPolicy(POLICY_2) .build(); assertThat(role.getTokenPolicies(), hasSize(2)); assertThat(role.getTokenPolicies(), contains(POLICY, POLICY_2)); - assertThat(role.getPolicies(), is(role.getTokenPolicies())); - } - - /** - * Test convenience methods - */ - @Test - void legacyConvenienceMethodsTest() { - /* bind_secret_id */ - AppRole role = new AppRoleBuilder(NAME).build(); - assertThat(role.getBindSecretId(), is(nullValue())); - role = new AppRoleBuilder(NAME).withBindSecretID().build(); - assertThat(role.getBindSecretId(), is(true)); - role = new AppRoleBuilder(NAME).withoutBindSecretID().build(); - assertThat(role.getBindSecretId(), is(false)); - - /* Add single CIDR subnet */ - role = new AppRoleBuilder(NAME).withSecretBoundCidr(CIDR_2).withTokenBoundCidr(CIDR_2).build(); - assertThat(role.getSecretIdBoundCidrs(), hasSize(1)); - assertThat(role.getSecretIdBoundCidrs(), contains(CIDR_2)); - assertThat(role.getTokenBoundCidrs(), hasSize(1)); - assertThat(role.getTokenBoundCidrs(), contains(CIDR_2)); - role = new AppRoleBuilder(NAME) - .withSecretIdBoundCidrs(BOUND_CIDR_LIST) - .withSecretBoundCidr(CIDR_2) - .withTokenBoundCidrs(BOUND_CIDR_LIST) - .withTokenBoundCidr(CIDR_2) - .build(); - assertThat(role.getSecretIdBoundCidrs(), hasSize(2)); - assertThat(role.getSecretIdBoundCidrs(), contains(CIDR_1, CIDR_2)); - assertThat(role.getTokenBoundCidrs(), hasSize(2)); - assertThat(role.getSecretIdBoundCidrs(), contains(CIDR_1, CIDR_2)); - - /* Add single policy */ - role = new AppRoleBuilder(NAME).withTokenPolicy(POLICY_2).build(); - assertThat(role.getTokenPolicies(), hasSize(1)); - assertThat(role.getTokenPolicies(), contains(POLICY_2)); - assertThat(role.getPolicies(), is(role.getTokenPolicies())); - role = new AppRoleBuilder(NAME) - .withTokenPolicies(POLICIES) - .withTokenPolicy(POLICY_2) - .build(); - assertThat(role.getTokenPolicies(), hasSize(2)); - assertThat(role.getTokenPolicies(), contains(POLICY, POLICY_2)); - assertThat(role.getPolicies(), is(role.getTokenPolicies())); } } diff --git a/src/test/java/de/stklcode/jvault/connector/model/TokenBuilderTest.java b/src/test/java/de/stklcode/jvault/connector/model/TokenTest.java similarity index 63% rename from src/test/java/de/stklcode/jvault/connector/model/TokenBuilderTest.java rename to src/test/java/de/stklcode/jvault/connector/model/TokenTest.java index bee4cdb..ae592d4 100644 --- a/src/test/java/de/stklcode/jvault/connector/model/TokenBuilderTest.java +++ b/src/test/java/de/stklcode/jvault/connector/model/TokenTest.java @@ -30,12 +30,12 @@ import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.*; /** - * JUnit Test for Token Builder. + * JUnit Test for {@link Token} and {@link Token.Builder}. * * @author Stefan Kalscheuer * @since 0.4.0 */ -class TokenBuilderTest { +class TokenTest { private static final String ID = "test-id"; private static final String DISPLAY_NAME = "display-name"; private static final Boolean NO_PARENT = false; @@ -88,27 +88,6 @@ class TokenBuilderTest { assertThat(new ObjectMapper().writeValueAsString(token), is("{}")); } - /** - * Build token without any parameters. - */ - @Test - void legacyBuildDefaultTest() throws JsonProcessingException { - Token token = new TokenBuilder().build(); - assertThat(token.getId(), is(nullValue())); - assertThat(token.getType(), is(nullValue())); - assertThat(token.getDisplayName(), is(nullValue())); - assertThat(token.getNoParent(), is(nullValue())); - assertThat(token.getNoDefaultPolicy(), is(nullValue())); - assertThat(token.getTtl(), is(nullValue())); - assertThat(token.getNumUses(), is(nullValue())); - assertThat(token.getPolicies(), is(nullValue())); - assertThat(token.getMeta(), is(nullValue())); - assertThat(token.isRenewable(), is(nullValue())); - - /* optional fields should be ignored, so JSON string should be empty */ - assertThat(new ObjectMapper().writeValueAsString(token), is("{}")); - } - /** * Build token without all parameters set. */ @@ -146,38 +125,6 @@ class TokenBuilderTest { assertThat(new ObjectMapper().writeValueAsString(token), is(JSON_FULL)); } - /** - * Build token without all parameters set. - */ - @Test - void legacyBuildFullTest() throws JsonProcessingException { - Token token = new TokenBuilder() - .withId(ID) - .withType(Token.Type.SERVICE) - .withDisplayName(DISPLAY_NAME) - .withNoParent(NO_PARENT) - .withNoDefaultPolicy(NO_DEFAULT_POLICY) - .withTtl(TTL) - .withNumUses(NUM_USES) - .withPolicies(POLICIES) - .withMeta(META) - .withRenewable(RENEWABLE) - .build(); - assertThat(token.getId(), is(ID)); - assertThat(token.getType(), is(Token.Type.SERVICE.value())); - assertThat(token.getDisplayName(), is(DISPLAY_NAME)); - assertThat(token.getNoParent(), is(NO_PARENT)); - assertThat(token.getNoDefaultPolicy(), is(NO_DEFAULT_POLICY)); - assertThat(token.getTtl(), is(TTL)); - assertThat(token.getNumUses(), is(NUM_USES)); - assertThat(token.getPolicies(), is(POLICIES)); - assertThat(token.getMeta(), is(META)); - assertThat(token.isRenewable(), is(RENEWABLE)); - - /* Verify that all parameters are included in JSON string */ - assertThat(new ObjectMapper().writeValueAsString(token), is(LEGACY_JSON_FULL)); - } - /** * Test convenience methods */ @@ -225,52 +172,4 @@ class TokenBuilderTest { assertThat(token.getMeta().get(META_KEY), is(META_VALUE)); assertThat(token.getMeta().get(META_KEY_2), is(META_VALUE_2)); } - - /** - * Test convenience methods - */ - @Test - void legacyConvenienceMethodsTest() { - /* Parent */ - Token token = new TokenBuilder().asOrphan().build(); - assertThat(token.getNoParent(), is(true)); - token = new TokenBuilder().withParent().build(); - assertThat(token.getNoParent(), is(false)); - - /* Default policy */ - token = new TokenBuilder().withDefaultPolicy().build(); - assertThat(token.getNoDefaultPolicy(), is(false)); - token = new TokenBuilder().withoutDefaultPolicy().build(); - assertThat(token.getNoDefaultPolicy(), is(true)); - - /* Renewability */ - token = new TokenBuilder().renewable().build(); - assertThat(token.isRenewable(), is(true)); - token = new TokenBuilder().notRenewable().build(); - assertThat(token.isRenewable(), is(false)); - - /* Add single policy */ - token = new TokenBuilder().withPolicy(POLICY_2).build(); - assertThat(token.getPolicies(), hasSize(1)); - assertThat(token.getPolicies(), contains(POLICY_2)); - token = new TokenBuilder() - .withPolicies(POLICY, POLICY_2) - .withPolicy(POLICY_3) - .build(); - assertThat(token.getPolicies(), hasSize(3)); - assertThat(token.getPolicies(), contains(POLICY, POLICY_2, POLICY_3)); - - /* Add single metadata */ - token = new TokenBuilder().withMeta(META_KEY_2, META_VALUE_2).build(); - assertThat(token.getMeta().size(), is(1)); - assertThat(token.getMeta().keySet(), contains(META_KEY_2)); - assertThat(token.getMeta().get(META_KEY_2), is(META_VALUE_2)); - token = new TokenBuilder() - .withMeta(META) - .withMeta(META_KEY_2, META_VALUE_2) - .build(); - assertThat(token.getMeta().size(), is(2)); - assertThat(token.getMeta().get(META_KEY), is(META_VALUE)); - assertThat(token.getMeta().get(META_KEY_2), is(META_VALUE_2)); - } } diff --git a/src/test/java/de/stklcode/jvault/connector/model/response/AppRoleResponseTest.java b/src/test/java/de/stklcode/jvault/connector/model/response/AppRoleResponseTest.java index 02f10c3..74f6175 100644 --- a/src/test/java/de/stklcode/jvault/connector/model/response/AppRoleResponseTest.java +++ b/src/test/java/de/stklcode/jvault/connector/model/response/AppRoleResponseTest.java @@ -107,10 +107,7 @@ class AppRoleResponseTest { assertThat("Incorrect secret ID umber of uses", role.getSecretIdNumUses(), is(ROLE_SECRET_NUM_USES)); assertThat("Incorrect number of policies", role.getTokenPolicies(), hasSize(1)); assertThat("Incorrect role policies", role.getTokenPolicies(), contains(ROLE_POLICY)); - assertThat("Incorrect number of policies", role.getPolicies(), hasSize(1)); - assertThat("Incorrect role policies", role.getPolicies(), contains(ROLE_POLICY)); assertThat("Incorrect role period", role.getTokenPeriod(), is(ROLE_PERIOD)); - assertThat("Incorrect role period", role.getPeriod(), is(ROLE_PERIOD)); assertThat("Incorrect role bind secret ID flag", role.getBindSecretId(), is(ROLE_BIND_SECRET)); assertThat("Incorrect bound CIDR list", role.getTokenBoundCidrs(), is(nullValue())); assertThat("Incorrect bound CIDR list string", role.getTokenBoundCidrsString(), is(emptyString()));