Skip to content
Permalink
Browse files
Added test for key rotation, and fixed the bugs it turned up.
  • Loading branch information
mifosio-04-04-2018 committed Apr 11, 2017
1 parent 6920975 commit c918a3bb91f86ef0e1bdcdb7df6ee0620c885403
Showing 19 changed files with 654 additions and 156 deletions.
@@ -19,10 +19,12 @@
import io.mifos.anubis.api.v1.domain.PermittableEndpoint;
import io.mifos.anubis.api.v1.domain.Signature;
import io.mifos.anubis.api.v1.validation.ValidKeyTimestamp;
import io.mifos.core.api.util.InvalidTokenException;
import org.springframework.cloud.netflix.feign.FeignClient;
import org.springframework.http.MediaType;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import java.util.List;

@@ -37,33 +39,34 @@ public interface Anubis {
)
List<PermittableEndpoint> getPermittableEndpoints();

@RequestMapping(value = "/signatures", method = RequestMethod.GET,
consumes = {MediaType.APPLICATION_JSON_VALUE},
produces = {MediaType.ALL_VALUE})
List<String> getAllSignatureSets();

@RequestMapping(value = "/signatures/{timestamp}", method = RequestMethod.POST,
consumes = {MediaType.APPLICATION_JSON_VALUE},
produces = {MediaType.ALL_VALUE})
ApplicationSignatureSet createSignatureSet(@PathVariable("timestamp") @ValidKeyTimestamp String timestamp,
@RequestBody Signature identityManagerSignature)
throws InvalidTokenException, TenantNotFoundException;
@RequestBody Signature identityManagerSignature);

@RequestMapping(value = "/signatures/{timestamp}", method = RequestMethod.GET,
consumes = {MediaType.APPLICATION_JSON_VALUE},
produces = {MediaType.ALL_VALUE})
ApplicationSignatureSet getSignatureSet(@PathVariable("timestamp") String timestamp)
throws InvalidTokenException, TenantNotFoundException;
ApplicationSignatureSet getSignatureSet(@PathVariable("timestamp") String timestamp);

@RequestMapping(value = "/signatures/{timestamp}", method = RequestMethod.DELETE,
consumes = {MediaType.APPLICATION_JSON_VALUE},
produces = {MediaType.ALL_VALUE})
void deleteSignatureSet(@PathVariable("timestamp") String timestamp)
throws InvalidTokenException, TenantNotFoundException;
void deleteSignatureSet(@PathVariable("timestamp") String timestamp);

@RequestMapping(value = "/signatures/{timestamp}/application", method = RequestMethod.GET,
consumes = {MediaType.APPLICATION_JSON_VALUE},
produces = {MediaType.ALL_VALUE})
Signature getApplicationSignature(@PathVariable("timestamp") String timestamp)
throws InvalidTokenException, TenantNotFoundException;
Signature getApplicationSignature(@PathVariable("timestamp") String timestamp);

@RequestMapping(value = "/initialize", method = RequestMethod.POST,
consumes = {MediaType.APPLICATION_JSON_VALUE},
produces = {MediaType.ALL_VALUE})
void initializeResources() throws InvalidTokenException, TenantNotFoundException;
void initializeResources();
}
@@ -18,21 +18,23 @@
import feign.Feign;
import feign.gson.GsonDecoder;
import feign.gson.GsonEncoder;
import io.mifos.core.api.util.AnnotatedErrorDecoder;
import io.mifos.core.api.util.TenantedTargetInterceptor;
import io.mifos.core.api.util.TokenedTargetInterceptor;
import org.slf4j.Logger;
import org.springframework.cloud.netflix.feign.support.SpringMvcContract;

@SuppressWarnings("unused")
public interface AnubisApiFactory {

static Anubis create(final String target) {
static Anubis create(final String target, final Logger logger) {
return Feign.builder()
.contract(new SpringMvcContract())
.errorDecoder(new InitializeErrorDecoder())
.requestInterceptor(new TenantedTargetInterceptor())
.requestInterceptor(new TokenedTargetInterceptor())
.decoder(new GsonDecoder())
.encoder(new GsonEncoder())
.target(Anubis.class, target);
.contract(new SpringMvcContract())
.errorDecoder(new AnnotatedErrorDecoder(logger, Anubis.class))
.requestInterceptor(new TenantedTargetInterceptor())
.requestInterceptor(new TokenedTargetInterceptor())
.decoder(new GsonDecoder())
.encoder(new GsonEncoder())
.target(Anubis.class, target);
}
}

This file was deleted.

@@ -16,14 +16,14 @@

import io.mifos.anubis.api.v1.client.Anubis;
import io.mifos.anubis.api.v1.client.AnubisApiFactory;
import io.mifos.anubis.api.v1.client.TenantNotFoundException;
import io.mifos.anubis.api.v1.domain.Signature;
import io.mifos.anubis.example.simple.Example;
import io.mifos.anubis.example.simple.ExampleConfiguration;
import io.mifos.anubis.test.v1.TenantApplicationSecurityEnvironmentTestRule;
import io.mifos.core.api.context.AutoSeshat;
import io.mifos.core.api.context.AutoUserContext;
import io.mifos.core.api.util.InvalidTokenException;
import io.mifos.core.api.util.NotFoundException;
import io.mifos.core.lang.AutoTenantContext;
import io.mifos.core.test.env.TestEnvironment;
import io.mifos.core.test.fixture.TenantDataStoreTestContext;
@@ -35,6 +35,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.cloud.netflix.feign.EnableFeignClients;
import org.springframework.cloud.netflix.ribbon.RibbonClient;
@@ -52,6 +53,7 @@
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
public class TestAnubisInitialize {
private static final String APP_NAME = "anubis-v1";
private static final String LOGGER_QUALIFIER = "test-logger";

@Configuration
@EnableFeignClients(basePackages = {"io.mifos.anubis.example.simple"})
@@ -62,7 +64,7 @@ public TestConfiguration() {
super();
}

@Bean()
@Bean(name = LOGGER_QUALIFIER)
public Logger logger() {
return LoggerFactory.getLogger(APP_NAME + "-logger");
}
@@ -78,6 +80,11 @@ public Logger logger() {
@Autowired
Example example;

@SuppressWarnings("SpringAutowiredFieldsWarningInspection")
@Autowired
@Qualifier(value = LOGGER_QUALIFIER)
Logger logger;

@Test
public void testBrokenToken()
{
@@ -88,7 +95,7 @@ public void testBrokenToken()

try {

final Anubis anubis = AnubisApiFactory.create(testEnvironment.serverURI());
final Anubis anubis = AnubisApiFactory.create(testEnvironment.serverURI(), logger);

try (final AutoSeshat ignored2 = new AutoSeshat(brokenSeshatToken)) {
final TenantApplicationSecurityEnvironmentTestRule securityMock = new TenantApplicationSecurityEnvironmentTestRule(testEnvironment);
@@ -144,7 +151,7 @@ public void testNoTenant() {
}
}

@Test(expected = TenantNotFoundException.class)
@Test(expected = NotFoundException.class)
public void testNonExistentTenant() {
try (final AutoTenantContext ignored = new AutoTenantContext("monster_under_your_bed")) {
initialize();
@@ -0,0 +1,91 @@
/*
* Copyright 2017 The Mifos Initiative.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import io.mifos.anubis.example.nokeystorage.Example;
import io.mifos.anubis.example.nokeystorage.ExampleConfiguration;
import io.mifos.anubis.test.v1.SystemSecurityEnvironment;
import io.mifos.core.api.context.AutoSeshat;
import io.mifos.core.lang.AutoTenantContext;
import io.mifos.core.lang.TenantContextHolder;
import io.mifos.core.test.env.TestEnvironment;
import io.mifos.core.test.fixture.TenantDataStoreContextTestRule;
import io.mifos.core.test.fixture.cassandra.CassandraInitializer;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.cloud.netflix.feign.EnableFeignClients;
import org.springframework.cloud.netflix.ribbon.RibbonClient;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.test.context.junit4.SpringRunner;

/**
* @author Myrle Krantz
*/
@RunWith(SpringRunner.class)
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
public class TestAnubisInitializeWithSpecialTenantSignatureRepository {
private static final String APP_NAME = "anubis-v1";

@Configuration
@EnableFeignClients(basePackages = {"io.mifos.anubis.example.nokeystorage"})
@RibbonClient(name = APP_NAME)
@Import({ExampleConfiguration.class})
static public class TestConfiguration {
public TestConfiguration() {
super();
}

@Bean()
public Logger logger() {
return LoggerFactory.getLogger("initialize-with-special-tenant-signature-repository-test-logger");
}
}

@ClassRule
public final static TestEnvironment testEnvironment = new TestEnvironment(APP_NAME);

@ClassRule
public final static CassandraInitializer cassandraInitializer = new CassandraInitializer();

@Rule
public final TenantDataStoreContextTestRule tenantDataStoreContext = TenantDataStoreContextTestRule.forRandomTenantName(cassandraInitializer);

@SuppressWarnings({"SpringAutowiredFieldsWarningInspection", "SpringJavaAutowiredMembersInspection"})
@Autowired
protected Example example;

@Test
public void test()
{
final SystemSecurityEnvironment systemSecurityEnvironment = new SystemSecurityEnvironment(
testEnvironment.getSystemKeyTimestamp(),
testEnvironment.getSystemPublicKey(),
testEnvironment.getSystemPrivateKey());

final String systemToken = systemSecurityEnvironment.systemToken(APP_NAME);

try (final AutoTenantContext ignored = new AutoTenantContext(TenantContextHolder.checkedGetIdentifier())) {
try (final AutoSeshat ignored2 = new AutoSeshat(systemToken)) {
example.initialize();
}}
}
}

0 comments on commit c918a3b

Please sign in to comment.