/* * Copyright 2016-2020 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.springframework.credhub.demo; import java.io.IOException; import java.util.ArrayList; import java.util.Collections; import java.util.List; import java.util.Map; import java.util.UUID; import com.fasterxml.jackson.databind.ObjectMapper; import org.springframework.credhub.core.CredHubOperations; import org.springframework.credhub.core.credential.CredHubCredentialOperations; import org.springframework.credhub.core.interpolation.CredHubInterpolationOperations; import org.springframework.credhub.core.permission.CredHubPermissionOperations; import org.springframework.credhub.support.permissions.Permission; import org.springframework.credhub.support.CredentialDetails; import org.springframework.credhub.support.CredentialName; import org.springframework.credhub.support.CredentialSummary; import org.springframework.credhub.support.json.JsonCredential; import org.springframework.credhub.support.json.JsonCredentialRequest; import org.springframework.credhub.support.SimpleCredentialName; import org.springframework.credhub.support.ServicesData; import org.springframework.credhub.support.permissions.Operation; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; @RestController public class CredHubDemoController { private static final String APP_GUID_2 = UUID.randomUUID().toString(); private CredHubCredentialOperations credentialOperations; private final CredHubPermissionOperations permissionOperations; private final CredHubInterpolationOperations interpolationOperations; public CredHubDemoController(CredHubOperations credHubOperations) { this.credentialOperations = credHubOperations.credentials(); this.permissionOperations = credHubOperations.permissions(); this.interpolationOperations = credHubOperations.interpolation(); } @PostMapping("/test") public Results runTests(@RequestBody Map<String, Object> value) { Results results = new Results(); try { SimpleCredentialName credentialName = new SimpleCredentialName("spring-credhub", "demo", "credentials_json"); CredentialDetails<JsonCredential> credentialDetails = writeCredentials(credentialName, value, results); getCredentialsById(credentialDetails.getId(), results); getCredentialsByName(credentialName, results); findCredentialsByName(credentialName, results); findCredentialsByPath("/spring-credhub/demo", results); getCredentialPermissions(credentialName, results); addCredentialPermissions(credentialName, results); getCredentialPermissions(credentialName, results); interpolateServiceData(credentialName, results); deleteCredentials(credentialName, results); } catch (Exception e) { saveResults(results, "Exception caught: " + e.getMessage()); } return results; } private CredentialDetails<JsonCredential> writeCredentials(SimpleCredentialName name, Map<String, Object> value, Results results) { try { JsonCredentialRequest request = JsonCredentialRequest.builder() .name(name) .value(value) .build(); CredentialDetails<JsonCredential> credentialDetails = credentialOperations.write(request); saveResults(results, "Successfully wrote credentials: ", credentialDetails); return credentialDetails; } catch (Exception e) { saveResults(results, "Error writing credentials: ", e.getMessage()); return null; } } private void getCredentialsById(String id, Results results) { try { CredentialDetails<JsonCredential> retrievedDetails = credentialOperations.getById(id, JsonCredential.class); saveResults(results, "Successfully retrieved credentials by ID: ", retrievedDetails); } catch (Exception e) { saveResults(results, "Error retrieving credentials by ID: ", e.getMessage()); } } private void getCredentialsByName(CredentialName name, Results results) { try { CredentialDetails<JsonCredential> retrievedDetails = credentialOperations.getByName(name, JsonCredential.class); saveResults(results, "Successfully retrieved credentials by name: ", retrievedDetails); } catch (Exception e) { saveResults(results, "Error retrieving credentials by name: ", e.getMessage()); } } private void findCredentialsByName(CredentialName name, Results results) { try { List<CredentialSummary> retrievedDetails = credentialOperations.findByName(name); saveResults(results, "Successfully found credentials by name: ", retrievedDetails); } catch (Exception e) { saveResults(results, "Error finding credentials by name: ", e.getMessage()); } } private void findCredentialsByPath(String path, Results results) { try { List<CredentialSummary> retrievedDetails = credentialOperations.findByPath(path); saveResults(results, "Successfully found credentials by path: ", retrievedDetails); } catch (Exception e) { saveResults(results, "Error finding credentials by path: ", e.getMessage()); } } private void getCredentialPermissions(CredentialName name, Results results) { try { List<Permission> retrievedDetails = permissionOperations.getPermissions(name); saveResults(results, "Successfully retrieved credential permissions: ", retrievedDetails); } catch (Exception e) { saveResults(results, "Error retrieving credential permissions: ", e.getMessage()); } } private void addCredentialPermissions(CredentialName name, Results results) { try { Permission permission = Permission.builder() .app(APP_GUID_2) .operations(Operation.READ, Operation.WRITE, Operation.DELETE) .build(); permissionOperations.addPermissions(name, permission); saveResults(results, "Successfully added permissions"); } catch (Exception e) { saveResults(results, "Error adding permission: ", e.getMessage()); } } private void interpolateServiceData(CredentialName name, Results results) { try { ServicesData request = buildServicesData(name.getName()); ServicesData interpolatedServiceData = interpolationOperations.interpolateServiceData(request); saveResults(results, "Successfully interpolated service data: ", interpolatedServiceData); } catch (Exception e) { saveResults(results, "Error interpolating service data: ", e.getMessage()); } } private void deleteCredentials(CredentialName name, Results results) { try { credentialOperations.deleteByName(name); saveResults(results, "Successfully deleted credentials"); } catch (Exception e) { saveResults(results, "Error deleting credentials by name: ", e.getMessage()); } } private ServicesData buildServicesData(String credHubReferenceName) throws IOException { String vcapServices = "{" + " \"service-offering\": [" + " {" + " \"credentials\": {" + " \"credhub-ref\": \"((" + credHubReferenceName + "))\"" + " }," + " \"label\": \"service-offering\"," + " \"name\": \"service-instance\"," + " \"plan\": \"standard\"," + " \"tags\": [" + " \"cloud-service\"" + " ]," + " \"volume_mounts\": []" + " }" + " ]" + "}"; ObjectMapper mapper = new ObjectMapper(); return mapper.readValue(vcapServices, ServicesData.class); } private void saveResults(Results results, String message) { saveResults(results, message, null); } private void saveResults(Results results, String message, Object details) { results.add(Collections.singletonMap(message, details)); } private class Results extends ArrayList<Map<String, Object>> { } }