Added test for key rotation, and fixed the bugs it turned up.

apache · Apr 11, 2017 · c918a3bb91f86ef0e1bdcdb7df6ee0620c885403 · c918a3b
1 parent 6920975
commit c918a3bb91f86ef0e1bdcdb7df6ee0620c885403
Showing 19 changed files with 654 additions and 156 deletions.
diff --git a/api/src/main/java/io/mifos/anubis/api/v1/client/Anubis.java b/api/src/main/java/io/mifos/anubis/api/v1/client/Anubis.java
@@ -19,10 +19,12 @@
 import io.mifos.anubis.api.v1.domain.PermittableEndpoint;
 import io.mifos.anubis.api.v1.domain.Signature;
 import io.mifos.anubis.api.v1.validation.ValidKeyTimestamp;
-import io.mifos.core.api.util.InvalidTokenException;
 import org.springframework.cloud.netflix.feign.FeignClient;
 import org.springframework.http.MediaType;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
 
 import java.util.List;
 
@@ -37,33 +39,34 @@ public interface Anubis {
   )
   List<PermittableEndpoint> getPermittableEndpoints();
 
+  @RequestMapping(value = "/signatures", method = RequestMethod.GET,
+          consumes = {MediaType.APPLICATION_JSON_VALUE},
+          produces = {MediaType.ALL_VALUE})
+  List<String> getAllSignatureSets();
+
   @RequestMapping(value = "/signatures/{timestamp}", method = RequestMethod.POST,
           consumes = {MediaType.APPLICATION_JSON_VALUE},
           produces = {MediaType.ALL_VALUE})
   ApplicationSignatureSet createSignatureSet(@PathVariable("timestamp") @ValidKeyTimestamp String timestamp,
-                                             @RequestBody Signature identityManagerSignature)
-          throws InvalidTokenException, TenantNotFoundException;
+                                             @RequestBody Signature identityManagerSignature);
 
   @RequestMapping(value = "/signatures/{timestamp}", method = RequestMethod.GET,
           consumes = {MediaType.APPLICATION_JSON_VALUE},
           produces = {MediaType.ALL_VALUE})
-  ApplicationSignatureSet getSignatureSet(@PathVariable("timestamp") String timestamp)
-          throws InvalidTokenException, TenantNotFoundException;
+  ApplicationSignatureSet getSignatureSet(@PathVariable("timestamp") String timestamp);
 
   @RequestMapping(value = "/signatures/{timestamp}", method = RequestMethod.DELETE,
           consumes = {MediaType.APPLICATION_JSON_VALUE},
           produces = {MediaType.ALL_VALUE})
-  void deleteSignatureSet(@PathVariable("timestamp") String timestamp)
-          throws InvalidTokenException, TenantNotFoundException;
+  void deleteSignatureSet(@PathVariable("timestamp") String timestamp);
 
   @RequestMapping(value = "/signatures/{timestamp}/application", method = RequestMethod.GET,
           consumes = {MediaType.APPLICATION_JSON_VALUE},
           produces = {MediaType.ALL_VALUE})
-  Signature getApplicationSignature(@PathVariable("timestamp") String timestamp)
-          throws InvalidTokenException, TenantNotFoundException;
+  Signature getApplicationSignature(@PathVariable("timestamp") String timestamp);
 
   @RequestMapping(value = "/initialize", method = RequestMethod.POST,
           consumes = {MediaType.APPLICATION_JSON_VALUE},
           produces = {MediaType.ALL_VALUE})
-  void initializeResources() throws InvalidTokenException, TenantNotFoundException;
+  void initializeResources();
 }
diff --git a/api/src/main/java/io/mifos/anubis/api/v1/client/AnubisApiFactory.java b/api/src/main/java/io/mifos/anubis/api/v1/client/AnubisApiFactory.java
@@ -18,21 +18,23 @@
 import feign.Feign;
 import feign.gson.GsonDecoder;
 import feign.gson.GsonEncoder;
+import io.mifos.core.api.util.AnnotatedErrorDecoder;
 import io.mifos.core.api.util.TenantedTargetInterceptor;
 import io.mifos.core.api.util.TokenedTargetInterceptor;
+import org.slf4j.Logger;
 import org.springframework.cloud.netflix.feign.support.SpringMvcContract;
 
 @SuppressWarnings("unused")
 public interface AnubisApiFactory {
 
-  static Anubis create(final String target) {
+  static Anubis create(final String target, final Logger logger) {
     return Feign.builder()
-        .contract(new SpringMvcContract())
-        .errorDecoder(new InitializeErrorDecoder())
-        .requestInterceptor(new TenantedTargetInterceptor())
-        .requestInterceptor(new TokenedTargetInterceptor())
-        .decoder(new GsonDecoder())
-        .encoder(new GsonEncoder())
-        .target(Anubis.class, target);
+            .contract(new SpringMvcContract())
+            .errorDecoder(new AnnotatedErrorDecoder(logger, Anubis.class))
+            .requestInterceptor(new TenantedTargetInterceptor())
+            .requestInterceptor(new TokenedTargetInterceptor())
+            .decoder(new GsonDecoder())
+            .encoder(new GsonEncoder())
+            .target(Anubis.class, target);
   }
 }
diff --git a/api/src/main/java/io/mifos/anubis/api/v1/client/InitializeErrorDecoder.java b/api/src/main/java/io/mifos/anubis/api/v1/client/InitializeErrorDecoder.java
diff --git a/component-test/src/main/java/TestAnubisInitialize.java b/component-test/src/main/java/TestAnubisInitialize.java
@@ -16,14 +16,14 @@
 
 import io.mifos.anubis.api.v1.client.Anubis;
 import io.mifos.anubis.api.v1.client.AnubisApiFactory;
-import io.mifos.anubis.api.v1.client.TenantNotFoundException;
 import io.mifos.anubis.api.v1.domain.Signature;
 import io.mifos.anubis.example.simple.Example;
 import io.mifos.anubis.example.simple.ExampleConfiguration;
 import io.mifos.anubis.test.v1.TenantApplicationSecurityEnvironmentTestRule;
 import io.mifos.core.api.context.AutoSeshat;
 import io.mifos.core.api.context.AutoUserContext;
 import io.mifos.core.api.util.InvalidTokenException;
+import io.mifos.core.api.util.NotFoundException;
 import io.mifos.core.lang.AutoTenantContext;
 import io.mifos.core.test.env.TestEnvironment;
 import io.mifos.core.test.fixture.TenantDataStoreTestContext;
@@ -35,6 +35,7 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.cloud.netflix.feign.EnableFeignClients;
 import org.springframework.cloud.netflix.ribbon.RibbonClient;
@@ -52,6 +53,7 @@
 @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
 public class TestAnubisInitialize {
   private static final String APP_NAME = "anubis-v1";
+  private static final String LOGGER_QUALIFIER = "test-logger";
 
   @Configuration
   @EnableFeignClients(basePackages = {"io.mifos.anubis.example.simple"})
@@ -62,7 +64,7 @@ public TestConfiguration() {
       super();
     }
 
-    @Bean()
+    @Bean(name = LOGGER_QUALIFIER)
     public Logger logger() {
       return LoggerFactory.getLogger(APP_NAME + "-logger");
     }
@@ -78,6 +80,11 @@ public Logger logger() {
   @Autowired
   Example example;
 
+  @SuppressWarnings("SpringAutowiredFieldsWarningInspection")
+  @Autowired
+  @Qualifier(value = LOGGER_QUALIFIER)
+  Logger logger;
+
   @Test
   public void testBrokenToken()
   {
@@ -88,7 +95,7 @@ public void testBrokenToken()
 
       try {
 
-        final Anubis anubis = AnubisApiFactory.create(testEnvironment.serverURI());
+        final Anubis anubis = AnubisApiFactory.create(testEnvironment.serverURI(), logger);
 
         try (final AutoSeshat ignored2 = new AutoSeshat(brokenSeshatToken)) {
           final TenantApplicationSecurityEnvironmentTestRule securityMock = new TenantApplicationSecurityEnvironmentTestRule(testEnvironment);
@@ -144,7 +151,7 @@ public void testNoTenant() {
     }
   }
 
-  @Test(expected = TenantNotFoundException.class)
+  @Test(expected = NotFoundException.class)
   public void testNonExistentTenant() {
     try (final AutoTenantContext ignored = new AutoTenantContext("monster_under_your_bed")) {
       initialize();

diff --git a/component-test/src/main/java/TestAnubisInitializeWithSpecialTenantSignatureRepository.java b/component-test/src/main/java/TestAnubisInitializeWithSpecialTenantSignatureRepository.java
@@ -0,0 +1,91 @@
+/*
+ * Copyright 2017 The Mifos Initiative.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import io.mifos.anubis.example.nokeystorage.Example;
+import io.mifos.anubis.example.nokeystorage.ExampleConfiguration;
+import io.mifos.anubis.test.v1.SystemSecurityEnvironment;
+import io.mifos.core.api.context.AutoSeshat;
+import io.mifos.core.lang.AutoTenantContext;
+import io.mifos.core.lang.TenantContextHolder;
+import io.mifos.core.test.env.TestEnvironment;
+import io.mifos.core.test.fixture.TenantDataStoreContextTestRule;
+import io.mifos.core.test.fixture.cassandra.CassandraInitializer;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.cloud.netflix.feign.EnableFeignClients;
+import org.springframework.cloud.netflix.ribbon.RibbonClient;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
+import org.springframework.test.context.junit4.SpringRunner;
+
+/**
+ * @author Myrle Krantz
+ */
+@RunWith(SpringRunner.class)
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
+public class TestAnubisInitializeWithSpecialTenantSignatureRepository {
+  private static final String APP_NAME = "anubis-v1";
+
+  @Configuration
+  @EnableFeignClients(basePackages = {"io.mifos.anubis.example.nokeystorage"})
+  @RibbonClient(name = APP_NAME)
+  @Import({ExampleConfiguration.class})
+  static public class TestConfiguration {
+    public TestConfiguration() {
+      super();
+    }
+
+    @Bean()
+    public Logger logger() {
+      return LoggerFactory.getLogger("initialize-with-special-tenant-signature-repository-test-logger");
+    }
+  }
+
+  @ClassRule
+  public final static TestEnvironment testEnvironment = new TestEnvironment(APP_NAME);
+
+  @ClassRule
+  public final static CassandraInitializer cassandraInitializer = new CassandraInitializer();
+
+  @Rule
+  public final TenantDataStoreContextTestRule tenantDataStoreContext = TenantDataStoreContextTestRule.forRandomTenantName(cassandraInitializer);
+
+  @SuppressWarnings({"SpringAutowiredFieldsWarningInspection", "SpringJavaAutowiredMembersInspection"})
+  @Autowired
+  protected Example example;
+
+  @Test
+  public void test()
+  {
+    final SystemSecurityEnvironment systemSecurityEnvironment = new SystemSecurityEnvironment(
+            testEnvironment.getSystemKeyTimestamp(),
+            testEnvironment.getSystemPublicKey(),
+            testEnvironment.getSystemPrivateKey());
+
+    final String systemToken = systemSecurityEnvironment.systemToken(APP_NAME);
+
+    try (final AutoTenantContext ignored = new AutoTenantContext(TenantContextHolder.checkedGetIdentifier())) {
+      try (final AutoSeshat ignored2 = new AutoSeshat(systemToken)) {
+        example.initialize();
+      }}
+  }
+}