valitydev/adapter-common-lib
14
0
Fork 0
mirror of https://github.com/valitydev/adapter-common-lib.git synced 2024-11-06 02:05:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add writeSecret method in SecretService (#56)

Browse Source 
* add writeSecret method in SecretService

* fix typos

* fix checkstyle

* fix tests

* bump version

---------

Co-authored-by: ggmaleva <ggmaleva@yandex.ru>
This commit is contained in:
Gregory 2023-04-20 15:52:23 +03:00 committed by GitHub
parent 873515a8cb
commit e6f6b18ce9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 80 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pom.xml
View File

@ -12,7 +12,7 @@
</parent>
<artifactId>adapter-common-lib</artifactId>
<version>1.2.9</version>
<version>1.2.10</version>
<packaging>jar</packaging>
<name>adapter-common-lib</name>

26
src/main/java/dev/vality/adapter/common/secret/SecretObj.java Normal file
View File

@ -0,0 +1,26 @@
package dev.vality.adapter.common.secret;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.ToString;
import java.util.Map;
/**
* Объект с секретами для сохранения в vault
* path - путь, по которому в vault будут храниться секреты, передданые в объекте. Хранится в options платежа.
* value - значение ключа
* Например,
* SecretObj{
* 'tinkoff-merchant-882347345',
* {'secret-password','PASSWORD'}
* }
*/
@Data
@ToString
@AllArgsConstructor
public class SecretObj {
private String path;
private Map<String, String> values;
}

8
src/main/java/dev/vality/adapter/common/secret/SecretService.java
View File

@ -55,4 +55,12 @@ public interface SecretService {
String digest(String serviceName, String data, SecretRef secretRef, DigestAlgorithms digestAlgorithm)
throws SecretNotFoundException;
/**
* Сохраняет секреты для терминала
*
* @param serviceName - имя сервиса, для которого сохраняются секреты. Хранится в настройках сервиса.
* @param secretObj - объект с секретами, {@link SecretObj}
*/
void writeSecret(String serviceName, SecretObj secretObj);
}

5
src/main/java/dev/vality/adapter/common/secret/VaultSecretService.java
View File

@ -44,6 +44,11 @@ public class VaultSecretService implements SecretService {
return new DigestSigner().sign(data, secret, algorithm);
}
@Override
public void writeSecret(String serviceName, SecretObj secretObj) {
vaultTemplate.opsForVersionedKeyValue(serviceName).put(secretObj.getPath(), secretObj.getValues());
}
private String getSecretString(String serviceName, SecretRef secretRef) throws SecretNotFoundException {
var map = vaultTemplate.opsForVersionedKeyValue(serviceName).get(secretRef.getPath());
if (map == null || map.getData() == null || map.getData().get(secretRef.getKey()) == null) {

45
src/test/java/dev/vality/adapter/common/secret/VaultSecretServiceTest.java
View File

@ -10,7 +10,6 @@ import org.junit.jupiter.api.Test;
import org.springframework.vault.authentication.TokenAuthentication;
import org.springframework.vault.client.VaultEndpoint;
import org.springframework.vault.core.VaultTemplate;
import org.testcontainers.containers.Container;
import org.testcontainers.utility.DockerImageName;
import org.testcontainers.vault.VaultContainer;
import org.testcontainers.vault.VaultLogLevel;
@ -27,9 +26,14 @@ public class VaultSecretServiceTest {
public static final String HMAC_KEY = "hmacKey";
public static final String HMAC_SECRET = "6d6b6c6172657772";
public static final String SERVICE_NAME = "adapter-vtb";
public static final String TOKEN = "token";
public static final String TOKEN_VALUE = "token-value";
public static final String TOKEN_EXP_DATE = "token_exp_date";
public static final String TOKEN_EXP_DATE_VALUE = "2023-04-20T12:26:17.191286";
private static VaultSecretService vaultService;
private static final String TEST_PATH = "test-terminal-123";
private static final String TEST_TOKEN_PATH = "test-terminal-345";
@BeforeAll
public static void setUp() throws IOException, InterruptedException {
@ -49,13 +53,13 @@ public class VaultSecretServiceTest {
}
@Test
public void testGetSecrets() {
void testGetSecrets() {
assertNotNull(vaultService.getSecrets(SERVICE_NAME, TEST_PATH));
assertThrows(SecretPathNotFoundException.class, () -> vaultService.getSecrets(SERVICE_NAME, "kekek"));
}
@Test
public void testGetSecret() {
void testGetSecret() {
assertEquals(SIMPLE_SECRET,
vaultService.getSecret(SERVICE_NAME, new SecretRef(TEST_PATH, SIMPLE_KEY)).getValue());
assertThrows(SecretNotFoundException.class,
@ -63,7 +67,7 @@ public class VaultSecretServiceTest {
}
@Test
public void testHmac() {
void testHmac() {
String expected = HmacEncryption.calculateHMacSha256("some_dat", "6d6b6c6172657772");
SecretRef hmacRef = new SecretRef(TEST_PATH, HMAC_KEY);
String actual = vaultService.hmac(SERVICE_NAME, "some_dat", hmacRef, HmacAlgorithms.HMAC_SHA_256);
@ -74,10 +78,41 @@ public class VaultSecretServiceTest {
}
@Test
public void digest() {
void digest() {
String expected = DigestUtils.md5Hex("some_da" + SIMPLE_SECRET);
String actual = vaultService.digest(SERVICE_NAME, "some_da", new SecretRef(TEST_PATH, SIMPLE_KEY),
DigestAlgorithms.MD5);
assertEquals(expected, actual);
}
@Test
void writeSingleSecret() {
SecretObj secretObj = new SecretObj(TEST_TOKEN_PATH, Map.of(TOKEN, TOKEN_VALUE));
vaultService.writeSecret(SERVICE_NAME, secretObj);
SecretValue secret = vaultService.getSecret(SERVICE_NAME, new SecretRef(TEST_TOKEN_PATH, TOKEN));
assertNotNull(secret);
assertEquals(TOKEN_VALUE, secret.getValue());
}
@Test
void writeMultipleSecret() {
SecretObj secretObj = new SecretObj(
TEST_TOKEN_PATH,
Map.of(
TOKEN, TOKEN_VALUE,
TOKEN_EXP_DATE, TOKEN_EXP_DATE_VALUE
)
);
vaultService.writeSecret(SERVICE_NAME, secretObj);
Map<String, SecretValue> secret = vaultService.getSecrets(SERVICE_NAME, TEST_TOKEN_PATH);
assertNotNull(secret);
assertEquals(TOKEN_VALUE, secret.get(TOKEN).getValue());
assertEquals(TOKEN_EXP_DATE_VALUE, secret.get(TOKEN_EXP_DATE).getValue());
}
}