java source code of EarlyCredentialMigrationTest

credhub-master
- .github
  - issue_template.md
- checkstyle-config.gradle
- ktlint.gradle
- gradle.properties
- gradle
  - wrapper
    - gradle-wrapper.properties
    - gradle-wrapper.jar
- spring-cloud-contract-config.gradle
- backends
  - credhub
    - src
      - main
        kotlin
        org
        cloudfoundry
        credhub
        health
        HealthController.kt
        versions
        VersionController.kt
        info
        InfoController.kt
        regenerate
        RegenerateHandler.kt
        RemoteRegenerateHandler.kt
        DefaultRegenerateHandler.kt
        RegenerateController.kt
        keyusage
        KeyUsageHandler.kt
        KeyUsageController.kt
        RemoteKeyUsageHandler.kt
        DefaultKeyUsageHandler.kt
        interpolation
        InterpolationHandler.kt
        RemoteInterpolationHandler.kt
        InterpolationController.kt
        DefaultInterpolationHandler.kt
        credentials
        CredentialsHandler.kt
        DefaultCredentialsHandler.kt
        CredentialsController.kt
        RemoteCredentialsHandler.kt
        permissions
        DefaultPermissionsV2Handler.kt
        PermissionsV2Handler.kt
        PermissionsV1Handler.kt
        PermissionsV2Controller.kt
        RemotePermissionsHandler.kt
        PermissionsV1Controller.kt
        DefaultPermissionsV1Handler.kt
        certificates
        DefaultCertificatesHandler.kt
        RemoteCertificatesHandler.kt
        CertificatesHandler.kt
        CertificatesController.kt
        management
        ManagementController.kt
      - test
        resources
        org
        springframework
        restdocs
        templates
        asciidoctor
        request-parameters.snippet
        request-fields.snippet
        kotlin
        org
        cloudfoundry
        credhub
        utils
        TestOAuth2IssuerService.kt
        TestPasswordKeyProxyFactory.kt
        MultiJsonPathMatcher.kt
        services
        SpyCredentialVersionDataService.kt
        endToEnd
        v1
        credentials
        CredentialSetEndToEndTest.kt
        concatenateCas
        ConcatenateCasDisabledEndToEndTest.kt
        ConcatenateCasEnabledEndToEndTest.kt
        integration
        v1
        regneration
        RegenerateEndpointConcatenateCasIntegrationTest.kt
        credentials
        CredentialsPostIntegrationTest.kt
        CredentialsGetConcatenateCasIntegrationTest.kt
        certificates
        CertificatesPostIntegrationTest.kt
        CertificatesGetConcatenateCasIntegrationTest.kt
        CertificatesGetIntegrationTest.kt
        helpers
        JsonHelpers.kt
        FakeOauthTokenFilter.kt
        MockMvcFactory.kt
        MockMvcRequestBuilderCredHubAuthHeaderExtension.kt
        CredHubRestDocs.kt
        RequestHelper.kt
        handlers
        DefaultPermissionsV1HandlerTest.kt
        RemoteCredentialsHandlerTest.kt
        DefaultKeyUsageHandlerTest.kt
        SpyPermissionService.kt
        RemotePermissionsHandlerTest.kt
        SpyCredentialService.kt
        DefaultPermissionsV2HandlerTest.kt
        controllers
        v2
        permissions
        PermissionsV2ControllerTest.kt
        SpyPermissionsV2Handler.kt
        v1
        health
        HealthControllerTest.kt
        versions
        VersionControllerTest.kt
        info
        InfoControllerTest.kt
        regenerate
        SpyRegenerateHandler.kt
        RegenerateControllerTest.kt
        keyusage
        KeyUsageControllerTest.kt
        SpyKeyUsageHandler.kt
        credentials
        CredentialsControllerGetTest.kt
        CredentialsControllerGenerateTest.kt
        SpyCredentialsHandler.kt
        CredentialsControllerSetTest.kt
        CredentialsControllerDeleteTest.kt
        permissions
        PermissionsV1ControllerTest.kt
        SpyPermissionsV1Handler.kt
        certificates
        SpyEncryptor.kt
        SpyCertificatesHandler.kt
        CertificatesControllerTest.kt
        interpolate
        SpyInterpolationHandler.kt
        InterpolateControllerTest.kt
        management
        SpyManagementService.kt
        ManagementControllerTest.kt
        java
        org
        cloudfoundry
        credhub
        db
        migration
        UserSaltMigrationTest.java
        endToEnd
        v2
        permissions
        UpdatePermissionsV2EndToEndTest.java
        DeletePermissionsV2EndToEndTest.java
        PermissionsV2EndToEndTestHelper.java
        AddPermissionsV2EndToEndTest.java
        GetPermissionsV2EndToEndTest.java
        integration
        UpdatingACredentialTest.java
        CertificateVersionDeleteTest.java
        CredentialDeleteTest.java
        CredentialRegenerateTest.java
        CertificateSetAndRegenerateTest.java
        UserGenerationTest.java
        PasswordRegenerationTest.java
        CredentialGetTest.java
        PermissionsEndpointWithoutEnforcementTest.java
        CertificateGetTest.java
        CertificateGenerateTest.java
        v1
        interpolation
        InterpolationIntegrationTest.java
        credentials
        CredentialsGetIntegrationTest.java
        CredentialsGenerateIntegrationTest.java
        CredentialsTypeSpecificGenerateIntegrationTest.java
        CredentialsTypeSpecificSetIntegrationTest.java
        management
        ManagementIntegrationTest.java
        CredentialModeSpecificGenerateTest.java
        RegenerationEndpointTest.java
        CredentialSetErrorHandlingTest.java
        UserRegenerationTest.java
        BulkRegenerateTest.java
        KeyUsageEndpointTest.java
        GenerateModeTest.java
        LegacyCredentialTest.java
        CredentialFindTestNoAcls.java
        PermissionInitializationTest.java
        CredentialAclEnforcementTest.java
        CertificateMigrationTest.java
        VersionEndpointTest.java
        CredentialFindTest.java
        SshGenerateTest.java
        PermissionsTest.java
        EncryptionKeyRotatorTest.java
        RsaGenerateTest.java
        CertificateGenerateWithoutAclEnforcementTest.java
        PermissionsEndpointTest.java
        CertificateUpdateTransitionalVersionTest.java
        handlers
        DefaultExceptionHandlerTest.java
        DefaultCredentialsHandlerTest.java
        DefaultRegenerateHandlerTest.java
        DefaultCertificatesHandlerTest.java
        DefaultInterpolationHandlerTest.java
      - docs
        asciidoc
        snippets
        credentials-v1.adoc
        certificates-v1.adoc
        authentication.adoc
        version-v1.adoc
        management-v1.adoc
        interpolate-v1.adoc
        introduction.adoc
        permissions-v2.adoc
        info-v1.adoc
        permissions-v1.adoc
        health-v1.adoc
        regenerate-v1.adoc
        encryption-key-usage-v1.adoc
        index-docinfo.html
        index.adoc
    - build.gradle
  - build.gradle
  - remote
    - src
      - main
        proto
        remote.proto
        kotlin
        org
        cloudfoundry
        credhub
        remote
        RemoteBackendClient.kt
    - build.gradle
  - shared-backend-configuration
    - src
      - main
        kotlin
        db
        migration
        common
        V47_2__insert_checksum_values_for_existing_credentials.kt
        V35_1__migrate_operation_audit_record_table.kt
        V20_1__set_uuid_in_encryption_key_canary.kt
        V41_1__set_salt_in_existing_user_credentials.kt
        V44_2__migrate_encypted_values_to_encryped_value_table.kt
        V25_1__add_secret_name_relation.kt
        V11_1__set_uuid_in_named_certificate_authority_where_null.kt
        org
        cloudfoundry
        credhub
        config
        WebMvcConfiguration.kt
    - build.gradle
- kotlin.gradle
- spotbugs.gradle
- hooks
  - pre-push
- spring-rest-docs-config.gradle
- applications
  - build.gradle
  - credhub-api
    - src
      - main
        resources
        application.yml
        application-dev.yml
        db
        migration
        h2
        V43__change_table_names.sql
        V39__rename_secret_name_to_credential_name.sql
        V34__extract_request_and_event_audit_record_tables.sql
        V20__add_uuid_to_named_canary.sql
        V51__add_certificate_authority_and_self_signed_to_certificate_credential_tabl.sql
        V41__add_salt_to_user_credential.sql
        V31__update_audit_tables.sql
        V41_2__make_user_salt_not_nullable.sql
        V23__prepend_slash_to_leading_slash.sql
        V49__add_path_to_permission_table.sql
        V12__make_uuid_binary.sql
        V37__add_user_secret_table.sql
        V44__create_encrypted_value_table.sql
        V44_3__drop_duplicated_columns.sql
        V29__add_salt_to_canary.sql
        V27__ensure_ca_name_starts_with_slash.sql
        V19__add_cascading_deletes_on_foreign_keys.sql
        V21__add_version_created_at_column_to_named_secret_and_named_certificate_authority.sql
        V6__add_query_params_to_audit_tables.sql
        V42__add_encrypted_generation_parameters_and_nonce_to_user_credential.sql
        V53__add_trusted_ca_to_certificate_credential_table.sql
        V7__add_rsa_secret_table.sql
        V50__add_expiry_date_to_certificate_credential_tabl.sql
        V15__allow_non_unique_ca_names.sql
        V47_3__modify_constraints_on_columns_with_credential_name.sql
        V4__add_canary_table.sql
        V54__rename_generated_to_certificate_generated.sql
        V26__remove_named_certificate_authority.sql
        V28__create_access_entry_table.sql
        V16__use_bigint_for_all_timestamps.sql
        V47_1__add_checksum_column_to_credential_table.sql
        V8__add_generation_parameters_column_to_passwords.sql
        V30__remove_value_secret_table.sql
        V1__initial.sql
        V24__copy_named_certificate_authorities_to_secrets.sql
        V13_1__make_secret_uuid_primary_key.sql
        V44_4__rename_credential_name_to_credential.sql
        V20_2__add_uuid_to_named_canary.sql
        V33__remove_operation_from_auth_failure_audit_record_table.sql
        V31_1__change_default_auth_method_to_unknown.sql
        V36__drop_event_audit_record_foreign_key_constraint.sql
        V3__log_status_and_method.sql
        V14__use_ca_binary_uuid_as_primary_key.sql
        V45__change_acl_table_names.sql
        V32__add_delete_read_acl_write_acl_columns_to_access_entry_table.sql
        V13__add_uuid_to_secret_tables.sql
        V2__add_user_columns_to_operation_audit_record_table.sql
        V40__rename_named_secret_to_credential.sql
        V35_2__drop_operation_audit_record_table.sql
        V25_2__relate_named_secrets_to_named_secret_table.sql
        V44_1__add_encrypted_value_uuid_to_type_specific_tables.sql
        V5__add_ssh_secret_table.sql
        V35__add_unknown_auth_method_to_request_audit_record.sql
        V18__add_credential_name_to_operation_audit_record.sql
        V52__add_generated_to_certificate_credential_table.sql
        V25__add_secret_name_table.sql
        V17__use_ms_accuracy_for_updated_at.sql
        V11__add_uuid_to_named_certificate_authority.sql
        V22__consolidate_password_encryption.sql
        V46__add_transitional_to_certificate_credential.sql
        V10__remove_unique_name_constraint.sql
        V38__add_ace_columns_to_event_audit_record_table.sql
        V9__add_ca_name_column_to_certificates.sql
        common
        V48__drop_audit_tables.sql
        V55__add_metadata_column_to_credential_table.sql
        mysql
        V43__change_table_names.sql
        V39__rename_secret_name_to_credential_name.sql
        V34__extract_request_and_event_audit_record_tables.sql
        V20__add_uuid_to_named_canary.sql
        V51__add_certificate_authority_and_self_signed_to_certificate_credential_tabl.sql
        V41__add_salt_to_user_credential.sql
        V31__update_audit_tables.sql
        V41_2__make_user_salt_not_nullable.sql
        V23__prepend_slash_to_leading_slash.sql
        V49__add_path_to_permission_table.sql
        V12__make_uuid_binary.sql
        V37__add_user_secret_table.sql
        V42__add_encrypted_generation_params_and_nonce_to_user_credential.sql
        V44__create_encrypted_value_table.sql
        V44_3__drop_duplicated_columns.sql
        V29__add_salt_to_canary.sql
        V27__ensure_ca_name_starts_with_slash.sql
        V19__add_cascading_deletes_on_foreign_keys.sql
        V21__add_version_created_at_column_to_named_secret_and_named_certificate_authority.sql
        V6__add_query_params_to_audit_tables.sql
        V53__add_trusted_ca_to_certificate_credential_table.sql
        V7__add_rsa_secret_table.sql
        V15__allow_non_unique_ca_names.sql
        V47_3__modify_constraints_on_columns_with_credential_name.sql
        V4__add_canary_table.sql
        V54__rename_generated_to_certificate_generated.sql
        V26__remove_named_certificate_authority.sql
        V28__create_access_entry_table.sql
        V16__use_bigint_for_all_timestamps.sql
        V47_1__add_checksum_column_to_credential_table.sql
        V8__add_generation_parameters_column_to_passwords.sql
        V30__remove_value_secret_table.sql
        V1__initial.sql
        V24__copy_named_certificate_authorities_to_secrets.sql
        V13_1__make_secret_uuid_primary_key.sql
        V44_4__rename_credential_name_to_credential.sql
        V20_2__add_uuid_to_named_canary.sql
        V33__remove_operation_from_auth_failure_audit_record_table.sql
        V31_1__change_default_auth_method_to_unknown.sql
        V36__drop_event_audit_record_foreign_key_constraint.sql
        V3__log_status_and_method.sql
        V14__use_ca_binary_uuid_as_primary_key.sql
        V50__add_expiry_date_to_certificate_credential_table.sql
        V45__change_acl_table_names.sql
        V32__add_delete_read_acl_write_acl_columns_to_access_entry_table.sql
        V13__add_uuid_to_secret_tables.sql
        V2__add_user_columns_to_operation_audit_record_table.sql
        V40__rename_named_secret_to_credential.sql
        V35_2__drop_operation_audit_record_table.sql
        V25_2__relate_named_secrets_to_named_secret_table.sql
        V44_1__add_encrypted_value_uuid_to_type_specific_tables.sql
        V5__add_ssh_secret_table.sql
        V18__add_credential_name_to_operation_audit_record.sql
        V52__add_generated_to_certificate_credential_table.sql
        V25__add_secret_name_table.sql
        V17__use_ms_accuracy_for_updated_at.sql
        V11__add_uuid_to_named_certificate_authority.sql
        V22__consolidate_password_encryption.sql
        V46__add_transitional_to_certificate_credential.sql
        V10__remove_unique_name_constraint.sql
        V38__add_ace_columns_to_event_audit_record_table.sql
        V9__add_ca_name_column_to_certificates.sql
        postgres
        V43__change_table_names.sql
        V39__rename_secret_name_to_credential_name.sql
        V34__extract_request_and_event_audit_record_tables.sql
        V20__add_uuid_to_named_canary.sql
        V51__add_certificate_authority_and_self_signed_to_certificate_credential_tabl.sql
        V41__add_salt_to_user_credential.sql
        V31__update_audit_tables.sql
        V41_2__make_user_salt_not_nullable.sql
        V23__prepend_slash_to_leading_slash.sql
        V49__add_path_to_permission_table.sql
        V12__make_uuid_binary.sql
        V37__add_user_secret_table.sql
        V42__add_encrypted_generation_params_and_nonce_to_user_credential.sql
        V44__create_encrypted_value_table.sql
        V44_3__drop_duplicated_columns.sql
        V29__add_salt_to_canary.sql
        V27__ensure_ca_name_starts_with_slash.sql
        V19__add_cascading_deletes_on_foreign_keys.sql
        V21__add_version_created_at_column_to_named_secret_and_named_certificate_authority.sql
        V6__add_query_params_to_audit_tables.sql
        V53__add_trusted_ca_to_certificate_credential_table.sql
        V7__add_rsa_secret_table.sql
        V50__add_expiry_date_to_certificate_credential_tabl.sql
        V15__allow_non_unique_ca_names.sql
        V47_3__modify_constraints_on_columns_with_credential_name.sql
        V4__add_canary_table.sql
        V54__rename_generated_to_certificate_generated.sql
        V26__remove_named_certificate_authority.sql
        V28__create_access_entry_table.sql
        V16__use_bigint_for_all_timestamps.sql
        V47_1__add_checksum_column_to_credential_table.sql
        V8__add_generation_parameters_column_to_passwords.sql
        V30__remove_value_secret_table.sql
        V1__initial.sql
        V24__copy_named_certificate_authorities_to_secrets.sql
        V13_1__make_secret_uuid_primary_key.sql
        V44_4__rename_credential_name_to_credential.sql
        V20_2__add_uuid_to_named_canary.sql
        V33__remove_operation_from_auth_failure_audit_record_table.sql
        V31_1__change_default_auth_method_to_unknown.sql
        V36__drop_event_audit_record_foreign_key_constraint.sql
        V3__log_status_and_method.sql
        V14__use_ca_binary_uuid_as_primary_key.sql
        V45__change_acl_table_names.sql
        V32__add_delete_read_acl_write_acl_columns_to_access_entry_table.sql
        V13__add_uuid_to_secret_tables.sql
        V2__add_user_columns_to_operation_audit_record_table.sql
        V40__rename_named_secret_to_credential.sql
        V35_2__drop_operation_audit_record_table.sql
        V25_2__relate_named_secrets_to_named_secret_table.sql
        V44_1__add_encrypted_value_uuid_to_type_specific_tables.sql
        V5__add_ssh_secret_table.sql
        V35__add_unknown_auth_method_to_request_audit_record.sql
        V18__add_credential_name_to_operation_audit_record.sql
        V52__add_generated_to_certificate_credential_table.sql
        V25__add_secret_name_table.sql
        V17__use_ms_accuracy_for_updated_at.sql
        V11__add_uuid_to_named_certificate_authority.sql
        V22__consolidate_password_encryption.sql
        V46__add_transitional_to_certificate_credential.sql
        V10__remove_unique_name_constraint.sql
        V38__add_ace_columns_to_event_audit_record_table.sql
        V9__add_ca_name_column_to_certificates.sql
        version
        application-dev-postgres.yml
        application-dev-h2.yml
        application-dev-local-uaa.yml
        application-dev-remote-uaa.yml
        application-dev-mysql.yml
        banner.txt
        log4j2.properties
        java
        org
        cloudfoundry
        credhub
        config
        TaskExecutorConfig.java
        LogConfiguration.java
        ApplicationStartup.java
        CredHubApp.java
      - test
        resources
        ca
        dev_uaa.pem
        application-unit-test-permissions.yml
        application-unit-test-h2.yml
        application-unit-test-mysql.yml
        application-unit-test-postgres.yml
        contracts
        v2
        permissions
        getUuidByActorAndPath.groovy
        external_provider
        ca.key
        application-unit-test.yml
        kotlin
        org
        cloudfoundry
        credhub
        CredhubAppSmokeTest.kt
        java
        org
        cloudfoundry
        credhub
        TestOAuth2IssuerService.java
        config
        ActuatorConfigurationTest.java
        StubRepositoryConfiguration.java
        AuthConfigurationTest.java
        CertificateStringConstants.java
        contracts
        ContractBaseTest.java
        TestPasswordKeyProxyFactory.java
    - build.gradle
- gradlew.bat
- LICENSE
- gradlew
- components
  - audit
    - src
      - main
        kotlin
        org
        cloudfoundry
        credhub
        interceptors
        AuditInterceptor.kt
        audit
        OperationDeviceAction.kt
        HttpUtils.kt
        Resource.kt
        AuditableCredential.kt
        Version.kt
        CEFAuditRecord.kt
        AuditablePermissionData.kt
        RequestDetails.kt
        AuditableCredentialVersion.kt
      - test
        kotlin
        org
        cloudfoundry
        credhub
        interceptors
        AuditInterceptorTest.kt
        audit
        CEFAuditRecordTest.kt
    - build.gradle
  - credentials
    - src
      - main
        kotlin
        org
        cloudfoundry
        credhub
        utils
        PrivateKeyReader.kt
        JsonNodeConverter.kt
        services
        CertificateDataService.kt
        DefaultCredentialVersionDataService.kt
        CertificateVersionDataService.kt
        DefaultCertificateService.kt
        DefaultCredentialService.kt
        CredentialVersionDataService.kt
        DefaultCertificateVersionDataService.kt
        CredentialService.kt
        RemoteCertificateAuthorityService.kt
        views
        DataResponse.kt
        CertificateView.kt
        RsaView.kt
        UserView.kt
        CredentialView.kt
        CertificateVersionView.kt
        CertificateCredentialsView.kt
        FindCredentialResults.kt
        FindCredentialResult.kt
        SshView.kt
        JsonView.kt
        CertificateCredentialView.kt
        PasswordView.kt
        FindCertificateResult.kt
        ValueView.kt
        CertificateValueView.kt
        entity
        RsaCredentialVersionData.kt
        PasswordCredentialVersionData.kt
        ValueCredentialVersionData.kt
        UserCredentialVersionData.kt
        Credential.kt
        CredentialVersionData.kt
        JsonCredentialVersionData.kt
        SshCredentialVersionData.kt
        CertificateCredentialVersionData.kt
        credential
        RsaCredentialValue.kt
        JsonCredentialValue.kt
        CertificateCredentialValue.kt
        CredentialValue.kt
        UserCredentialValue.kt
        SshCredentialValue.kt
        StringCredentialValue.kt
        audit
        entities
        BulkRegenerateCredential.kt
        GetCredentialById.kt
        DeleteCredential.kt
        RegenerateCredential.kt
        GetCertificateByName.kt
        GenerateCredential.kt
        RegenerateCertificate.kt
        FindCredential.kt
        GetAllCertificates.kt
        InterpolateCredentials.kt
        GetCredential.kt
        UpdateTransitionalVersion.kt
        SetCredential.kt
        validators
        CertificateMatchesPrivateKeyValidator.kt
        repositories
        CredentialRepository.kt
        CredentialVersionRepository.kt
        constants
        CredentialWriteMode.kt
        CredentialType.kt
        generate
        GenerationRequestGenerator.kt
        UniversalCredentialGenerator.kt
        data
        CertificateMigration.kt
        domain
        CertificateVersionMetadata.kt
        CredentialVersion.kt
        CertificateMetadata.kt
        CertificateCredentialFactory.kt
        CertificateCredentialVersion.kt
        CertificateGenerationParameters.kt
        CredentialFactory.kt
        requests
        StringGenerationParameters.kt
        BaseCredentialSetRequest.kt
        UserSetRequest.kt
        SshSetRequest.kt
        CertificateSetRequest.kt
        CertificateRegenerateRequest.kt
        UsernameValue.kt
        DefaultCredentialGenerateRequest.kt
        GenerationParameters.kt
        RsaSetRequest.kt
        CertificateGenerationRequestParameters.kt
        SetRequestTypeIdResolver.kt
        RsaGenerateRequest.kt
        PasswordSetRequest.kt
        PasswordGenerateRequest.kt
        CertificateGenerateRequest.kt
        BaseCredentialRequest.kt
        SshGenerateRequest.kt
        CredentialRegenerateRequest.kt
        UpdateTransitionalVersionRequest.kt
        CreateVersionRequest.kt
        ValueSetRequest.kt
        BaseCredentialGenerateRequest.kt
        RsaGenerationParameters.kt
        UserGenerateRequest.kt
        GenerateRequestTypeIdResolver.kt
        RsaSshGenerationParameters.kt
        SshGenerationParameters.kt
        JsonSetRequest.kt
        java
        org
        cloudfoundry
        credhub
        utils
        CertificateFormatter.java
        RsaCredentialHelper.java
        CertificateReader.java
        UuidUtil.java
        JsonObjectMapper.java
        SshPublicKeyParser.java
        services
        DefaultCertificateAuthorityService.java
        CredentialDataService.java
        DefaultDecryptableDataDetector.java
        CertificateAuthorityService.java
        validators
        RequireValidCertificate.java
        RequireAnyOf.java
        CertificateValidator.java
        ValidCertificateLength.java
        MutuallyExclusive.java
        MutuallyExclusiveValidator.java
        CertificateLengthValidator.java
        CAValidator.java
        RequireCertificateMatchesPrivateKey.java
        CertificateSignedByCAValidator.java
        RequireAnyOfValidator.java
        RequireValidCA.java
        RequireCertificateSignedByCA.java
        service
        regeneratables
        SshCredentialRegeneratable.java
        UserCredentialRegeneratable.java
        NotRegeneratable.java
        Regeneratable.java
        PasswordCredentialRegeneratable.java
        CertificateCredentialRegeneratable.java
        RsaCredentialRegeneratable.java
        generators
        PasswordCredentialGenerator.java
        SignedCertificateGenerator.java
        CredHubCharacterData.java
        CertificateGenerator.java
        UserGenerator.java
        RsaGenerator.java
        CharacterRuleProvider.java
        CredentialGenerator.java
        SshGenerator.java
        UsernameGenerator.java
        PassayStringCredentialGenerator.java
        domain
        JsonCredentialVersion.java
        ValueCredentialVersion.java
        UserCredentialVersion.java
        RsaCredentialVersion.java
        SshCredentialVersion.java
        PasswordCredentialVersion.java
      - test
        kotlin
        org
        cloudfoundry
        credhub
        utils
        PrivateKeyReaderTest.kt
        services
        DummyCredentialVersionDataService.kt
        RemoteCertificateAuthorityServiceTest.kt
        CertificateDataServiceTest.kt
        SpyCertificateVersionDataService.kt
        CredentialDataServiceTest.kt
        validators
        CertificateMatchesPrivateKeyValidatorTest.kt
        repositories
        CredentialRepositoryTest.kt
        CredentialVersionDataRepositoryTest.kt
        java
        org
        cloudfoundry
        credhub
        utils
        SshPublicKeyParserTest.java
        UuidUtilTest.java
        PseudoRandomNumberGenerator.java
        TestOAuth2IssuerService.java
        RsaCredentialHelperTest.java
        JsonObjectMapperTest.java
        CertificateFormatterTest.java
        CertificateReaderTest.java
        TestPasswordKeyProxyFactory.java
        services
        DefaultCertificateAuthorityServiceTest.java
        DefaultCertificateVersionDataServiceTest.java
        DefaultCertificateServiceTest.java
        DefaultCredentialVersionDataServiceTest.java
        DefaultDecryptableDataDetectorTest.java
        views
        UserViewTest.java
        CertificateViewTest.java
        SshViewTest.java
        ValueViewTest.java
        PasswordViewTest.java
        FindCredentialResultsTest.java
        JsonViewTest.java
        RsaViewTest.java
        credential
        UserCredentialValueTest.java
        generators
        CredHubCharacterDataTest.java
        UserGeneratorTest.java
        SignedCertificateGeneratorTest.java
        CharacterRuleProviderTest.java
        UsernameGeneratorTest.java
        PassayStringCredentialValueGeneratorTest.java
        RsaGeneratorTest.java
        RandomSerialNumberGeneratorTest.java
        SshGeneratorTest.java
        CertificateGeneratorTest.java
        PasswordGeneratorTest.java
        RsaKeyPairGeneratorTest.java
        FakeKeyPairGenerator.java
        domain
        JsonCredentialVersionTest.java
        ValueCredentialVersionTest.java
        CredentialFactoryTest.java
        CertificateCredentialVersionTest.java
        UserCredentialVersionTest.java
        PasswordCredentialVersionTest.java
        SshCredentialVersionTest.java
        RsaCredentialVersionTest.java
        CredentialRotationTest.java
        CertificateGenerationParametersTest.java
        entities
        CredentialVersionDataTest.java
        UuidGeneratorTest.java
        requests
        UserGenerateRequestTest.java
        BaseCredentialGenerateRequestTest.java
        RsaGenerationParametersTest.java
        SshSetRequestTest.java
        CertificateSetRequestTest.java
        BaseCredentialSetRequestTest.java
        SshGenerationParametersTest.java
        PasswordSetRequestTest.java
        ValueSetRequestTest.java
        StringGenerationParametersTest.java
        UserSetRequestTest.java
        CertificateGenerationRequestParametersTest.java
        RsaSshGenerationParametersTest.java
        RsaSetRequestTest.java
        JsonSetRequestTest.java
        BaseCredentialRequestTest.java
    - build.gradle
  - constants
    - src
      - main
        kotlin
        org
        cloudfoundry
        credhub
        constants
        EncryptionConstants.kt
        UuidConstants.kt
        PermissionOperation.kt
    - build.gradle
  - http-support
    - src
      - main
        kotlin
        org
        cloudfoundry
        credhub
        RestTemplateFactory.kt
    - build.gradle
  - build.gradle
  - generate
    - src
      - main
        kotlin
        org
        cloudfoundry
        credhub
        views
        BulkRegenerateResults.kt
        requests
        RegenerateRequest.kt
        BulkRegenerateRequest.kt
      - test
        kotlin
        org
        cloudfoundry
        credhub
        requests
        RegenerateRequestTest.kt
        BulkRegenerateRequestTest.kt
    - build.gradle
  - time-support
    - src
      - main
        kotlin
        org
        cloudfoundry
        credhub
        util
        TimeModuleFactory.kt
        CurrentTimeProvider.kt
        TimedRetry.kt
        InstantMillisecondsConverter.kt
        config
        TimeModuleFactoryConfig.kt
        CurrentTimeProviderConfig.kt
      - test
        kotlin
        org
        cloudfoundry
        credhub
        utils
        TimedRetryTest.kt
        InstantMillisecondsConverterTest.kt
    - build.gradle
  - permissions
    - src
      - main
        kotlin
        org
        cloudfoundry
        credhub
        services
        DefaultPermissionService.kt
        PermissionInitializer.kt
        DefaultPermissionCheckingService.kt
        PermissionService.kt
        PermissionCheckingService.kt
        views
        PermissionsV2View.kt
        PermissionsView.kt
        audit
        entities
        AddPermission.kt
        V2Permission.kt
        DeletePermissions.kt
        GetPermissions.kt
        repositories
        PermissionRepository.kt
        config
        AuthorizationConfig.kt
        data
        PermissionDataService.kt
        PermissionData.kt
        requests
        PermissionsRequest.kt
        PermissionsV2Request.kt
        PermissionsV2PatchRequest.kt
        PermissionEntry.kt
      - test
        kotlin
        org
        cloudfoundry
        credhub
        services
        DefaultPermissionCheckingServiceTest.kt
        TestOAuth2IssuerService.kt
        DefaultPermissionServiceTest.kt
        AlwaysTruePermissionCheckingService.kt
        DefaultCredentialServiceTest.kt
        TestPasswordKeyProxyFactory.kt
        PermissionDataServiceTest.kt
        entities
        PermissionDataTest.kt
        requests
        PermissionsRequestTest.kt
        PermissionEntryTest.kt
        PermissionsV2RequestTest.kt
    - build.gradle
  - string-utilities
    - src
      - main
        kotlin
        org
        cloudfoundry
        credhub
        utils
        ResourceReader.kt
        EmptyStringToNull.kt
        VersionProvider.kt
        ObjectMapperConfig.kt
      - test
        kotlin
        org
        cloudfoundry
        credhub
        config
        VersionProviderTest.kt
    - build.gradle
  - auth
    - src
      - main
        kotlin
        org
        cloudfoundry
        credhub
        interceptors
        UserContextInterceptor.kt
        config
        AuthWithoutOAuthConfiguration.kt
        AuthConfiguration.kt
        OAuth2Configuration.kt
        OAuthProperties.kt
        OAuth2ExtraValidationFilter.kt
        auth
        ActuatorPortFilter.kt
        UserContextHolder.kt
        UserContext.kt
        OAuthSignatureException.kt
        PreAuthenticationFailureFilter.kt
        OAuth2IssuerService.kt
        X509AuthenticationProvider.kt
        OAuth2AuthenticationExceptionHandler.kt
        DefaultOAuth2IssuerService.kt
        X509AuthenticationFailureHandler.kt
        UserContextFactory.kt
      - test
        kotlin
        org
        cloudfoundry
        credhub
        utils
        TestOAuth2IssuerService.kt
        interceptors
        UserContextInterceptorTest.kt
        auth
        UserContextFactoryTest.kt
        OAuth2AuthenticationExceptionHandlerTest.kt
        OAuth2ExtraValidationFilterTest.kt
        DefaultOAuth2IssuerServiceTest.kt
    - build.gradle
  - test-support
    - src
      - test
        kotlin
        org
        cloudfoundry
        credhub
        utils
        AuthConstants.kt
        TestConstants.kt
        FakeCurrentTimeProvider.kt
        DatabaseUtilities.kt
        DatabaseProfileResolver.kt
        SpringUtilities.kt
        CertificateStringConstants.kt
        TestHelper.kt
        helpers
        JsonTestHelper.kt
        config
        ParallelMysqlTestDataSourceConfiguration.kt
        ParallelPostgresTestDataSourceConfiguration.kt
        Oauth2TestConfiguration.kt
        CredhubTestApp.kt
    - build.gradle
  - errors
    - src
      - main
        kotlin
        org
        cloudfoundry
        credhub
        views
        ResponseError.kt
        config
        DefaultExceptionHandlerConfig.kt
        ErrorMessages.kt
        generate
        DefaultExceptionHandler.kt
        ExceptionHandlers.kt
        exceptions
        MissingCertificateException.kt
        PermissionAlreadyExistsException.kt
        InvalidQueryParameterException.kt
        UnreadableCertificateException.kt
        AccessTokenExpiredException.kt
        MalformedPrivateKeyException.kt
        ParameterizedValidationException.kt
        InvalidPermissionOperationException.kt
        MalformedCertificateException.kt
        IncorrectKeyException.kt
        InvalidPermissionException.kt
        MaximumSizeException.kt
        EntryNotFoundException.kt
        KeyNotFoundException.kt
        PermissionInvalidPathAndActorException.kt
        PermissionException.kt
        InvalidModeException.kt
        InvalidRemoteAddressException.kt
        PermissionDoesNotExistException.kt
        ReadOnlyException.kt
        java
        org
        cloudfoundry
        credhub
        utils
        ExceptionThrowingFunction.java
      - test
        kotlin
        org
        cloudfoundry
        credhub
        exceptions
        ParameterizedValidationExceptionTest.kt
    - build.gradle
  - encryption
    - src
      - main
        proto
        encryptionprovider.proto
        kotlin
        org
        cloudfoundry
        credhub
        services
        DecryptableDataDetector.kt
        config
        X509Config.kt
        domain
        Encryptor.kt
        java
        org
        cloudfoundry
        credhub
        utils
        CheckedConsumer.java
        services
        PasswordBasedKeyProxy.java
        RetryingEncryptionService.java
        LunaConnection.java
        EncryptionProvider.java
        PasswordKeyProxyFactory.java
        LunaKeyProxy.java
        EncryptionKeyCanaryMapper.java
        EncryptionKeyRotator.java
        KeyProxy.java
        LunaEncryptionService.java
        AsyncEncryptionKeyRotationScheduler.java
        DefaultPasswordKeyProxyFactory.java
        ExternalKeyProxy.java
        KMSEncryptionProvider.java
        EncryptionKeySet.java
        EncryptionKey.java
        RandomNumberGenerator.java
        PasswordEncryptionService.java
        EncryptionProviderFactory.java
        InternalEncryptionService.java
        repositories
        EncryptionKeyCanaryRepository.java
        EncryptedValueRepository.java
        config
        ProviderType.java
        EncryptionKeyMetadata.java
        EncryptionKeysConfiguration.java
        EncryptionKeyProvider.java
        BouncyCastleProviderConfiguration.java
        EncryptionConfiguration.java
        PassayConfiguration.java
        constants
        CipherTypes.java
        data
        EncryptionKeyCanaryDataService.java
        EncryptedValueDataService.java
        CryptSaltFactory.java
        generators
        RandomSerialNumberGenerator.java
        RsaKeyPairGenerator.java
        domain
        DefaultEncryptor.java
        entities
        EncryptionKeyCanary.java
        EncryptedValue.java
        UuidGenerator.java
      - test
        java
        org
        cloudfoundry
        credhub
        utils
        TestPasswordKeyProxyFactory.java
        services
        LunaEncryptionServiceTest.java
        RetryingEncryptionServiceTest.java
        ExternalKeyProxyTest.java
        EncryptionKeyCanaryMapperTest.java
        EncryptionProviderFactoryTest.java
        PasswordEncryptionServiceTest.java
        EncryptionKeyRotatorTest.java
        LunaKeyProxyTest.java
        PasswordBasedKeyProxyTest.java
        db
        migration
        EarlyCredentialMigrationTest.java
        credential
        CryptSaltFactoryTest.java
        helpers
        EncryptionCanaryHelper.java
        PseudoRandomNumberGenerator.java
        config
        EncryptionKeysConfigurationTest.java
        BouncyCastleProviderConfigurationTest.java
        EncryptionKeyProviderTest.java
        data
        EncryptionKeyCanaryDataServiceTest.java
        EncryptedValueDataServiceTest.java
        domain
        EncryptorTest.java
        entities
        EncryptionKeyCanaryTest.java
    - build.gradle
  - management
    - src
      - main
        kotlin
        org
        cloudfoundry
        credhub
        ManagementRegistryConfiguration.kt
        ManagementService.kt
        DefaultManagementService.kt
        ManagementServiceConfiguration.kt
        ManagementRegistry.kt
        Management.kt
        ManagementInterceptor.kt
      - test
        kotlin
        org
        cloudfoundry
        credhub
        interceptors
        ManagementInterceptorTest.kt
    - build.gradle
- config
  - uaa.yml
  - findbugs
    - exclude-filter.xml
  - checkstyle
    - checkstyle.xml
  - pmd
    - pmd.xml
- pmd-config.gradle
- build.gradle
- buildSrc
  - src
    - main
      - groovy
        org
        cloudfoundry
        credhub
        gradlebuild
        DependenciesGraphPlugin.groovy
  - build.gradle
- docker
  - start_server.sh
  - Docker_README.md
  - config
    - application.yml
  - dev_uaa.pem
  - setup_trust_store.sh
- README.md
- scripts
  - run_tests.sh
  - start_server.sh
  - success_ascii_art.txt
  - run_tests_h2.sh
  - run_tests_mysql.sh
  - run_tests_postgres.sh
  - setup_dev_grpc_certs.sh
  - start_server_grpc_backend.sh
  - ship-it.sh
  - generate-cert-rotation-acceptance-data.sh
  - setup_dev_mtls.sh
  - lint.sh
  - configure_hooks.sh
  - generate_documentation_snippets.sh
  - start_server_kms.sh
- kubernetes
  - application_config.lib.yml
  - credhub_service.yml
  - credhub_deployment.yml
  - database.functions.lib.star
  - values.yaml
  - secrets.yml
  - postgres.yml
  - README.md
  - credhub_config.yml
- Dockerfile
- settings.gradle
- NOTICE
- .gitignore
- docs
  - product-summary.md
  - images
  - spring-java-credhub-integration.md
  - performance-testing.md
  - credential-types.md
  - credhub-security-faq.md
  - authentication-identities.md
  - README.md
  - mutual-tls.md
  - authorization-phase1.md
  - operator-quick-start.md
  - secure-service-credentials.md
  - bosh-config-server.md
- .cf-extensions
- docker-compose.yml

package org.cloudfoundry.credhub.db.migration;

import java.util.List;
import java.util.UUID;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.core.env.Environment;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.namedparam.MapSqlParameterSource;
import org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.junit4.SpringRunner;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import org.cloudfoundry.credhub.CredhubTestApp;
import org.cloudfoundry.credhub.entities.EncryptionKeyCanary;
import org.cloudfoundry.credhub.repositories.EncryptionKeyCanaryRepository;
import org.cloudfoundry.credhub.utils.DatabaseProfileResolver;
import org.flywaydb.core.Flyway;
import org.flywaydb.core.api.MigrationVersion;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;

import static java.nio.charset.StandardCharsets.UTF_8;

@RunWith(SpringRunner.class)
@ActiveProfiles(value = "unit-test", resolver = DatabaseProfileResolver.class)
@SpringBootTest(classes = CredhubTestApp.class)
public class EarlyCredentialMigrationTest {

    @Autowired
    private Flyway flyway;
    @Autowired
    private Environment environment;
    @Autowired
    private NamedParameterJdbcTemplate namedParameterJdbcTemplate;
    @Autowired
    private JdbcTemplate jdbcTemplate;
    @Autowired
    private EncryptionKeyCanaryRepository encryptionKeyCanaryRepository;

    private long id = 0;
    private List<EncryptionKeyCanary> canaries;

    @Before
    public void beforeEach() {
        canaries = encryptionKeyCanaryRepository.findAll();

    Flyway flywayV4 = Flyway
      .configure()
      .target(MigrationVersion.fromVersion("4"))
      .dataSource(flyway.getConfiguration().getDataSource())
      .locations(flyway.getConfiguration().getLocations())
      .load();

    flywayV4.clean();
    flywayV4.migrate();
  }

  @After
  public void afterEach() {
    flyway.clean();
    flyway.migrate();

        encryptionKeyCanaryRepository.saveAll(canaries);
        encryptionKeyCanaryRepository.flush();
    }

    @Test
    public void successfullyAppliesLatestMigration() {
        jdbcTemplate.update(
                "insert into named_canary (id, name, encrypted_value, nonce) values (?, ?, ?, ?)",
                10, "canary", "encrypted-value".getBytes(UTF_8), "nonce".getBytes(UTF_8)
        );

        // we use raw sql because the entities assume the latest version
        storeValueSecret("test");
        storeValueSecret("/test");
        storeValueSecret("/deploy123/test");
    }

    @SuppressFBWarnings(
            value = "NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE",
            justification = "Ignore that JDBCTemplate might return a null"
    )
    private void storeValueSecret(final String credentialName) {
        final MapSqlParameterSource paramSource = new MapSqlParameterSource();
        final String uuid = UUID.randomUUID().toString().replace("-", "");

        paramSource.addValue("id", id++);
        paramSource.addValue("type", "value");
        paramSource.addValue("encrypted_value", new byte[29]);
        paramSource.addValue("name", credentialName);
        paramSource.addValue("nonce", new byte[16]);
        paramSource.addValue("updated_at", 0);
        paramSource.addValue("uuid", uuid);

        final boolean isPostgres = environment.acceptsProfiles("unit-test-postgres");
        final String sql = "INSERT INTO named_secret("
                + (isPostgres ? "id, " : "")
                + "type, encrypted_value, name, nonce, updated_at, uuid) values ("
                + (isPostgres ? ":id, " : "")
                + ":type, :encrypted_value, :name, :nonce, :updated_at, :uuid)";
        namedParameterJdbcTemplate.update(sql, paramSource);

        final long id = namedParameterJdbcTemplate
                .queryForObject("SELECT id FROM named_secret WHERE name = :name",
                        new MapSqlParameterSource("name", credentialName), Long.class);

        namedParameterJdbcTemplate.update("INSERT INTO value_secret"
                + "(id) values (:id)", new MapSqlParameterSource("id", id));
    }
}