mindol1004/spring-boot-rest
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

BAEL-1784 Spring Vault - Bhargava.Kotharu@gmail.com (#5094)

Browse Source 
* BAEL-1784 Spring Vault Initial Commit

* Added Vault Process initalizer and integration tests

* Added comments and code clean up

* Skip IntegrationTest in pom file

* Fixed failing integration test

* Code indentation
This commit is contained in:
Bhargava-Kotharu
2018-09-07 12:33:13 +05:30
committed by Predrag Maric
parent 5a09cee678
commit a575f7b763
11 changed files with 436 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

113
spring-vault/src/test/java/org/baeldung/springvault/VaultInitializer.java Normal file
View File

@@ -0,0 +1,113 @@
package org.baeldung.springvault;
import java.io.BufferedReader;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.Map;
/**
*
* This is a test class to initialize Vault.
*/
public class VaultInitializer implements Closeable {
private static final String UNSEAL_KEY = "Unseal Key:";
private static final String ROOT_TOKEN = "Root Token:";
private Process vaultProcess;
private String unSealKey;
private String rootToken;
public String getRootToken() {
return rootToken;
}
public String getUnSealKey() {
return unSealKey;
}
public static final VaultInitializer initializeValut() {
VaultInitializer vaultProcess = new VaultInitializer();
vaultProcess.start();
// Secrets is by default enabled.
vaultProcess.enableSecrets();
return vaultProcess;
}
@SuppressWarnings("unused")
private void enableSecrets() {
System.out.println("Enabling Secrets at path credentials/myapp...");
ProcessBuilder pb = new ProcessBuilder("vault", "secrets", "enable", "-path=credentials/myapp", "kv");
Map<String, String> map = pb.environment();
map.put("VAULT_ADDR", "http://127.0.0.1:8200");
try {
Process p = pb.inheritIO()
.start();
p.waitFor();
} catch (IOException e) {
System.out.println("unable to enableSecrets" + e);
} catch (InterruptedException e) {
e.printStackTrace();
}
}
public void start() {
System.out.println("starting vault");
// This starts the vault server.
ProcessBuilder pb = new ProcessBuilder("vault", "server", "-dev");
try {
vaultProcess = pb.start();
// wait for initialization to complete.
Thread.sleep(5000);
} catch (IOException e) {
System.out.println("unable to start vault in new process" + e);
} catch (InterruptedException e) {
System.out.println("Thread interrupted " + e);
}
extractUnsealKeyAndToken();
}
/**
* To get the root token which is generated every time server is initialized.
*/
private void extractUnsealKeyAndToken() {
BufferedReader reader = new BufferedReader(new InputStreamReader(vaultProcess.getInputStream()));
StringBuilder builder = new StringBuilder();
String line = null;
boolean tokenExtracted = false;
try {
while ((line = reader.readLine()) != null) {
builder.append(line);
builder.append(System.getProperty("line.separator"));
if (line.contains(UNSEAL_KEY)) {
String tmp = line.replace(UNSEAL_KEY, "");
unSealKey = tmp.trim();
} else if (line.contains(ROOT_TOKEN)) {
String tmp = line.replace(ROOT_TOKEN, "");
rootToken = tmp.trim();
tokenExtracted = true;
}
if (tokenExtracted)
break;
System.out.println(line);
}
} catch (IOException e) {
System.out.println("unable to read vault output" + e);
}
String result = builder.toString();
System.out.println("Unseal Key {}" + unSealKey);
System.out.println("Root Token {}" + rootToken);
System.out.println(result);
}
@Override
public void close() throws IOException {
System.out.println("stoping vault");
vaultProcess.destroy();
}
}

80
spring-vault/src/test/java/org/baeldung/springvault/VaultIntegrationTest.java Normal file
View File

@@ -0,0 +1,80 @@
package org.baeldung.springvault;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.FixMethodOrder;
import org.junit.Ignore;
import org.junit.Test;
import org.junit.jupiter.api.condition.EnabledIfEnvironmentVariable;
import org.junit.runner.RunWith;
import org.junit.runners.MethodSorters;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.core.annotation.Order;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.annotation.DirtiesContext.ClassMode;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.context.support.AnnotationConfigContextLoader;
import org.springframework.vault.authentication.TokenAuthentication;
import org.springframework.vault.client.VaultEndpoint;
import org.springframework.vault.core.VaultTemplate;
import org.springframework.vault.support.VaultResponse;
@RunWith(SpringRunner.class)
@SpringBootTest(classes = CredentialsService.class, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
@ContextConfiguration(classes = VaultTestConfiguration.class, loader = AnnotationConfigContextLoader.class)
@FixMethodOrder(MethodSorters.NAME_ASCENDING)
@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
public class VaultIntegrationTest {
@Autowired
private CredentialsService credentialsService;
/**
* Test to secure credentials.
*
* @throws URISyntaxException
*/
@Test
public void givenCredentials_whenSecureCredentials_thenCredentialsSecured() throws URISyntaxException {
try {
// Given
Credentials credentials = new Credentials("username", "password");
// When
credentialsService.secureCredentials(credentials);
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* Test to access credentials
* @throws URISyntaxException
*/
@Test
public void whenAccessCredentials_thenCredentialsRetrieved() throws URISyntaxException {
// Given
Credentials credentials = credentialsService.accessCredentials();
// Then
assertNotNull(credentials);
assertEquals("username", credentials.getUsername());
assertEquals("password", credentials.getPassword());
}
}

29
spring-vault/src/test/java/org/baeldung/springvault/VaultTestConfiguration.java Normal file
View File

@@ -0,0 +1,29 @@
package org.baeldung.springvault;
import java.net.URI;
import java.net.URISyntaxException;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.vault.authentication.TokenAuthentication;
import org.springframework.vault.client.VaultEndpoint;
import org.springframework.vault.core.VaultTemplate;
@Configuration
public class VaultTestConfiguration {
@Bean
public VaultInitializer vaultInitializer() {
VaultInitializer vaultInitializer = VaultInitializer.initializeValut();
return vaultInitializer;
}
@Bean
public VaultTemplate vaultTemplate() throws URISyntaxException {
VaultInitializer vaultInitializer = vaultInitializer();
VaultTemplate vaultTemplate = new VaultTemplate(VaultEndpoint.from(new URI("http://localhost:8200")), new TokenAuthentication(vaultInitializer.getRootToken()));
return vaultTemplate;
}
}