org.springframework.vault.authentication.AppRoleAuthenticationOptions.RoleId Java Examples
The following examples show how to use
org.springframework.vault.authentication.AppRoleAuthenticationOptions.RoleId.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: AppRoleClientAuthenticationProviderTests.java From spring-cloud-config with Apache License 2.0 | 6 votes |
|
@Test
public void appRoleRoleIdProvidedSecretIdPull() {
VaultEnvironmentProperties properties = new VaultEnvironmentProperties();
properties.setToken("token");
properties.getAppRole().setRoleId("foo");
properties.getAppRole().setRole("my-role");
AppRoleAuthenticationOptions options = AppRoleClientAuthenticationProvider
.getAppRoleAuthenticationOptions(properties);
assertThat(options.getAppRole()).isEqualTo("my-role");
assertThat(options.getRoleId()).isInstanceOf(RoleId.provided("foo").getClass());
assertThat(options.getSecretId())
.isInstanceOf(SecretId.pull(VaultToken.of("token")).getClass());
}
Example #2
| Source File: AppRoleAuthenticationStepsIntegrationTests.java From spring-vault with Apache License 2.0 | 6 votes |
|
@Test
void authenticationStepsShouldAuthenticatePushModeWithProvidedSecretId() {
String roleId = getRoleId("with-secret-id");
String secretId = "hello_world_two";
VaultResponse customSecretIdResponse = getVaultOperations().write(
"auth/approle/role/with-secret-id/custom-secret-id", Collections.singletonMap("secret_id", secretId));
AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided(roleId))
.secretId(SecretId.provided(secretId)).build();
AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(
AppRoleAuthentication.createAuthenticationSteps(options), prepare().getRestTemplate());
assertThat(executor.login()).isNotNull();
getVaultOperations().write("auth/approle/role/with-secret-id/secret-id-accessor/destroy",
customSecretIdResponse.getRequiredData());
}
Example #3
| Source File: ClientAuthenticationFactoryUnitTests.java From spring-cloud-vault with Apache License 2.0 | 6 votes |
|
@Test
public void shouldSupportAppRoleFullPull() {
VaultProperties properties = new VaultProperties();
properties.setToken("token");
properties.getAppRole().setRole("my-role");
AppRoleAuthenticationOptions options = ClientAuthenticationFactory
.getAppRoleAuthenticationOptions(properties);
assertThat(options.getAppRole()).isEqualTo("my-role");
assertThat(options.getRoleId())
.isInstanceOf(RoleId.pull(VaultToken.of("token")).getClass());
assertThat(options.getSecretId())
.isInstanceOf(SecretId.pull(VaultToken.of("token")).getClass());
}
Example #4
| Source File: AppRoleAuthenticationStepsIntegrationTests.java From spring-vault with Apache License 2.0 | 6 votes |
|
@Test
void authenticationStepsShouldAuthenticateWithPullRoleId() {
String secretId = (String) getVaultOperations()
.write(String.format("auth/approle/role/%s/secret-id", "with-secret-id"), null).getRequiredData()
.get("secret_id");
AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
.secretId(SecretId.provided(secretId)).appRole("with-secret-id").roleId(RoleId.pull(Settings.token()))
.build();
AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(
AppRoleAuthentication.createAuthenticationSteps(options), prepare().getRestTemplate());
assertThat(executor.login()).isNotNull();
}
Example #5
| Source File: ClientAuthenticationFactoryUnitTests.java From spring-cloud-vault with Apache License 2.0 | 6 votes |
|
@Test
public void shouldSupportAppRoleRoleIdProvidedSecretIdPull() {
VaultProperties properties = new VaultProperties();
properties.setToken("token");
properties.getAppRole().setRoleId("foo");
properties.getAppRole().setRole("my-role");
AppRoleAuthenticationOptions options = ClientAuthenticationFactory
.getAppRoleAuthenticationOptions(properties);
assertThat(options.getAppRole()).isEqualTo("my-role");
assertThat(options.getRoleId()).isInstanceOf(RoleId.provided("foo").getClass());
assertThat(options.getSecretId())
.isInstanceOf(SecretId.pull(VaultToken.of("token")).getClass());
}
Example #6
| Source File: AppRoleAuthenticationStepsIntegrationTests.java From spring-vault with Apache License 2.0 | 6 votes |
|
@Test
void authenticationStepsShouldAuthenticateWithWrappedRoleId() {
String secretId = (String) getVaultOperations()
.write(String.format("auth/approle/role/%s/secret-id", "with-secret-id"), null).getRequiredData()
.get("secret_id");
VaultToken roleIdToken = generateWrappedRoleIdResponse();
AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
.secretId(SecretId.provided(secretId)).roleId(RoleId.wrapped(roleIdToken))
.unwrappingEndpoints(getUnwrappingEndpoints()).build();
AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(
AppRoleAuthentication.createAuthenticationSteps(options), prepare().getRestTemplate());
assertThat(executor.login()).isNotNull();
}
Example #7
| Source File: ClientAuthenticationFactory.java From spring-cloud-vault with Apache License 2.0 | 6 votes |
|
private static RoleId getRoleId(VaultProperties vaultProperties,
AppRoleProperties appRole) {
if (StringUtils.hasText(appRole.getRoleId())) {
return RoleId.provided(appRole.getRoleId());
}
if (StringUtils.hasText(vaultProperties.getToken())
&& StringUtils.hasText(appRole.getRole())) {
return RoleId.pull(VaultToken.of(vaultProperties.getToken()));
}
if (StringUtils.hasText(vaultProperties.getToken())) {
return RoleId.wrapped(VaultToken.of(vaultProperties.getToken()));
}
throw new IllegalArgumentException(
"Cannot configure RoleId. Any of role-id, initial token, or initial toke and role name must be configured.");
}
Example #8
| Source File: AppRoleClientAuthenticationProviderTests.java From spring-cloud-config with Apache License 2.0 | 6 votes |
|
@Test
public void appRoleWithFullPull() {
VaultEnvironmentProperties properties = new VaultEnvironmentProperties();
properties.setToken("token");
properties.getAppRole().setRole("my-role");
AppRoleAuthenticationOptions options = AppRoleClientAuthenticationProvider
.getAppRoleAuthenticationOptions(properties);
assertThat(options.getAppRole()).isEqualTo("my-role");
assertThat(options.getRoleId())
.isInstanceOf(RoleId.pull(VaultToken.of("token")).getClass());
assertThat(options.getSecretId())
.isInstanceOf(SecretId.pull(VaultToken.of("token")).getClass());
}
Example #9
| Source File: AppRoleAuthenticationIntegrationTests.java From spring-vault with Apache License 2.0 | 6 votes |
|
@Test
void shouldAuthenticatePushModeWithProvidedSecretId() {
String roleId = getRoleId("with-secret-id");
String secretId = "hello_world";
VaultResponse customSecretIdResponse = getVaultOperations().write(
"auth/approle/role/with-secret-id/custom-secret-id", Collections.singletonMap("secret_id", secretId));
AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided(roleId))
.secretId(SecretId.provided(secretId)).build();
AppRoleAuthentication authentication = new AppRoleAuthentication(options, prepare().getRestTemplate());
assertThat(authentication.login()).isNotNull();
getVaultOperations().write("auth/approle/role/with-secret-id/secret-id-accessor/destroy",
customSecretIdResponse.getRequiredData());
}
Example #10
| Source File: AppRoleAuthenticationUnitTests.java From spring-vault with Apache License 2.0 | 6 votes |
|
@Test
void loginShouldObtainToken() {
AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided("hello")) //
.secretId(SecretId.provided("world")) //
.build();
this.mockRest.expect(requestTo("/auth/approle/login")).andExpect(method(HttpMethod.POST))
.andExpect(jsonPath("$.role_id").value("hello")).andExpect(jsonPath("$.secret_id").value("world"))
.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
AppRoleAuthentication sut = new AppRoleAuthentication(options, this.restTemplate);
VaultToken login = sut.login();
assertThat(login).isInstanceOf(LoginToken.class);
assertThat(login.getToken()).isEqualTo("my-token");
}
Example #11
| Source File: EnvironmentVaultConfiguration.java From spring-vault with Apache License 2.0 | 6 votes |
|
protected ClientAuthentication appRoleAuthentication() {
String roleId = getProperty("vault.app-role.role-id");
String secretId = getProperty("vault.app-role.secret-id");
String path = getProperty("vault.app-role.app-role-path",
AppRoleAuthenticationOptions.DEFAULT_APPROLE_AUTHENTICATION_PATH);
Assert.hasText(roleId, "Vault AppRole authentication: RoleId (vault.app-role.role-id) must not be empty");
AppRoleAuthenticationOptionsBuilder builder = AppRoleAuthenticationOptions.builder()
.roleId(RoleId.provided(roleId)).path(path);
if (StringUtils.hasText(secretId)) {
builder = builder.secretId(SecretId.provided(secretId));
}
return new AppRoleAuthentication(builder.build(), restOperations());
}
Example #12
| Source File: AppRoleAuthentication.java From spring-vault with Apache License 2.0 | 6 votes |
|
private static Node<String> getRoleIdSteps(AppRoleAuthenticationOptions options, RoleId roleId) {
if (roleId instanceof Provided) {
return AuthenticationSteps.fromSupplier(((Provided) roleId)::getValue);
}
if (roleId instanceof Pull) {
HttpHeaders headers = createHttpHeaders(((Pull) roleId).getInitialToken());
return AuthenticationSteps
.fromHttpRequest(get(getRoleIdIdPath(options)).with(headers).as(VaultResponse.class))
.map(vaultResponse -> (String) vaultResponse.getRequiredData().get("role_id"));
}
if (roleId instanceof Wrapped) {
return unwrapResponse(options.getUnwrappingEndpoints(), ((Wrapped) roleId).getInitialToken())
.map(vaultResponse -> (String) vaultResponse.getRequiredData().get("role_id"));
}
throw new IllegalArgumentException("Unknown RoleId configuration: " + roleId);
}
Example #13
| Source File: ClientAuthenticationFactoryUnitTests.java From spring-cloud-vault with Apache License 2.0 | 5 votes |
|
@Test
public void shouldSupportAppRoleRoleIdProvidedSecretIdWrapped() {
VaultProperties properties = new VaultProperties();
properties.setToken("token");
properties.getAppRole().setRoleId("foo");
AppRoleAuthenticationOptions options = ClientAuthenticationFactory
.getAppRoleAuthenticationOptions(properties);
assertThat(options.getRoleId()).isInstanceOf(RoleId.provided("foo").getClass());
assertThat(options.getSecretId())
.isInstanceOf(SecretId.wrapped(VaultToken.of("token")).getClass());
}
Example #14
| Source File: ClientAuthenticationFactoryUnitTests.java From spring-cloud-vault with Apache License 2.0 | 5 votes |
|
@Test
public void shouldSupportAppRoleRoleIdProvidedSecretIdProvided() {
VaultProperties properties = new VaultProperties();
properties.getAppRole().setRoleId("foo");
properties.getAppRole().setSecretId("bar");
AppRoleAuthenticationOptions options = ClientAuthenticationFactory
.getAppRoleAuthenticationOptions(properties);
assertThat(options.getRoleId()).isInstanceOf(RoleId.provided("foo").getClass());
assertThat(options.getSecretId())
.isInstanceOf(SecretId.provided("bar").getClass());
}
Example #15
| Source File: ClientAuthenticationFactoryUnitTests.java From spring-cloud-vault with Apache License 2.0 | 5 votes |
|
@Test
public void shouldSupportAppRoleRoleIdProvidedSecretIdAbsent() {
VaultProperties properties = new VaultProperties();
properties.getAppRole().setRoleId("foo");
AppRoleAuthenticationOptions options = ClientAuthenticationFactory
.getAppRoleAuthenticationOptions(properties);
assertThat(options.getRoleId()).isInstanceOf(RoleId.provided("foo").getClass());
assertThat(options.getSecretId()).isInstanceOf(SecretId.absent().getClass());
}
Example #16
| Source File: AppRoleAuthenticationIntegrationTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void shouldAuthenticatePullModeFailsWithWrongSecretId() {
String roleId = getRoleId("with-secret-id");
AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided(roleId))
.secretId(SecretId.provided("this-is-a-wrong-secret-id")).build();
AppRoleAuthentication authentication = new AppRoleAuthentication(options, prepare().getRestTemplate());
assertThatExceptionOfType(VaultException.class).isThrownBy(authentication::login);
}
Example #17
| Source File: AppRoleAuthenticationIntegrationTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void shouldAuthenticatePullModeFailsWithoutSecretId() {
String roleId = getRoleId("with-secret-id");
AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided(roleId))
.build();
AppRoleAuthentication authentication = new AppRoleAuthentication(options, prepare().getRestTemplate());
assertThatExceptionOfType(VaultException.class).isThrownBy(authentication::login);
}
Example #18
| Source File: ClientAuthenticationFactoryUnitTests.java From spring-cloud-vault with Apache License 2.0 | 5 votes |
|
@Test
public void shouldSupportAppRoleFullWrapped() {
VaultProperties properties = new VaultProperties();
properties.setToken("token");
AppRoleAuthenticationOptions options = ClientAuthenticationFactory
.getAppRoleAuthenticationOptions(properties);
assertThat(options.getRoleId())
.isInstanceOf(RoleId.wrapped(VaultToken.of("token")).getClass());
assertThat(options.getSecretId())
.isInstanceOf(SecretId.wrapped(VaultToken.of("token")).getClass());
}
Example #19
| Source File: ClientAuthenticationFactoryUnitTests.java From spring-cloud-vault with Apache License 2.0 | 5 votes |
|
@Test
public void shouldSupportAppRoleRoleIdWrappedSecretIdProvided() {
VaultProperties properties = new VaultProperties();
properties.setToken("token");
properties.getAppRole().setSecretId("bar");
AppRoleAuthenticationOptions options = ClientAuthenticationFactory
.getAppRoleAuthenticationOptions(properties);
assertThat(options.getRoleId())
.isInstanceOf(RoleId.wrapped(VaultToken.of("token")).getClass());
assertThat(options.getSecretId())
.isInstanceOf(SecretId.provided("bar").getClass());
}
Example #20
| Source File: AppRoleAuthenticationIntegrationTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void shouldAuthenticateWithWrappedSecretId() {
String roleId = getRoleId("with-secret-id");
VaultToken unwrappingToken = generateWrappedSecretIdResponse();
AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
.secretId(SecretId.wrapped(unwrappingToken)).roleId(RoleId.provided(roleId))
.unwrappingEndpoints(getUnwrappingEndpoints()).build();
AppRoleAuthentication authentication = new AppRoleAuthentication(options, prepare().getRestTemplate());
assertThat(authentication.login()).isNotNull();
}
Example #21
| Source File: AppRoleClientAuthenticationProviderTests.java From spring-cloud-config with Apache License 2.0 | 5 votes |
|
@Test
public void appRoleRoleIdProvidedSecretIdProvided() {
VaultEnvironmentProperties properties = new VaultEnvironmentProperties();
properties.getAppRole().setRoleId("foo");
properties.getAppRole().setSecretId("bar");
AppRoleAuthenticationOptions options = AppRoleClientAuthenticationProvider
.getAppRoleAuthenticationOptions(properties);
assertThat(options.getRoleId()).isInstanceOf(RoleId.provided("foo").getClass());
assertThat(options.getSecretId())
.isInstanceOf(SecretId.provided("bar").getClass());
}
Example #22
| Source File: AppRoleClientAuthenticationProviderTests.java From spring-cloud-config with Apache License 2.0 | 5 votes |
|
@Test
public void appRoleRoleIdProvidedSecretIdAbsent() {
VaultEnvironmentProperties properties = new VaultEnvironmentProperties();
properties.getAppRole().setRoleId("foo");
AppRoleAuthenticationOptions options = AppRoleClientAuthenticationProvider
.getAppRoleAuthenticationOptions(properties);
assertThat(options.getRoleId()).isInstanceOf(RoleId.provided("foo").getClass());
assertThat(options.getSecretId()).isInstanceOf(SecretId.absent().getClass());
}
Example #23
| Source File: AppRoleClientAuthenticationProviderTests.java From spring-cloud-config with Apache License 2.0 | 5 votes |
|
@Test
public void appRoleFullWrapped() {
VaultEnvironmentProperties properties = new VaultEnvironmentProperties();
properties.setToken("token");
AppRoleAuthenticationOptions options = AppRoleClientAuthenticationProvider
.getAppRoleAuthenticationOptions(properties);
assertThat(options.getRoleId())
.isInstanceOf(RoleId.wrapped(VaultToken.of("token")).getClass());
assertThat(options.getSecretId())
.isInstanceOf(SecretId.wrapped(VaultToken.of("token")).getClass());
}
Example #24
| Source File: AppRoleClientAuthenticationProviderTests.java From spring-cloud-config with Apache License 2.0 | 5 votes |
|
@Test
public void appRoleRoleIdWrappedSecretIdProvided() {
VaultEnvironmentProperties properties = new VaultEnvironmentProperties();
properties.setToken("token");
properties.getAppRole().setSecretId("bar");
AppRoleAuthenticationOptions options = AppRoleClientAuthenticationProvider
.getAppRoleAuthenticationOptions(properties);
assertThat(options.getRoleId())
.isInstanceOf(RoleId.wrapped(VaultToken.of("token")).getClass());
assertThat(options.getSecretId())
.isInstanceOf(SecretId.provided("bar").getClass());
}
Example #25
| Source File: AppRoleClientAuthenticationProviderTests.java From spring-cloud-config with Apache License 2.0 | 5 votes |
|
@Test
public void appRoleRoleIdProvidedSecretIdWrapped() {
VaultEnvironmentProperties properties = new VaultEnvironmentProperties();
properties.setToken("token");
properties.getAppRole().setRoleId("foo");
AppRoleAuthenticationOptions options = AppRoleClientAuthenticationProvider
.getAppRoleAuthenticationOptions(properties);
assertThat(options.getRoleId()).isInstanceOf(RoleId.provided("foo").getClass());
assertThat(options.getSecretId())
.isInstanceOf(SecretId.wrapped(VaultToken.of("token")).getClass());
}
Example #26
| Source File: AppRoleAuthenticationIntegrationTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void shouldAuthenticateWithWrappedRoleIdAndSecretId() {
VaultToken secretIdToken = generateWrappedSecretIdResponse();
VaultToken roleIdToken = generateWrappedRoleIdResponse();
AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
.secretId(SecretId.wrapped(secretIdToken)).roleId(RoleId.wrapped(roleIdToken))
.unwrappingEndpoints(getUnwrappingEndpoints()).build();
AppRoleAuthentication authentication = new AppRoleAuthentication(options, prepare().getRestTemplate());
assertThat(authentication.login()).isNotNull();
}
Example #27
| Source File: AppRoleAuthentication.java From spring-vault with Apache License 2.0 | 5 votes |
|
private static Node<Map<String, String>> getAuthenticationSteps(AppRoleAuthenticationOptions options, RoleId roleId,
SecretId secretId) {
Node<String> roleIdSteps = getRoleIdSteps(options, roleId);
Node<String> secretIdSteps = getSecretIdSteps(options, secretId);
return roleIdSteps.zipWith(secretIdSteps).map(it -> getAppRoleLoginBody(it.getLeft(), it.getRight()));
}
Example #28
| Source File: AppRoleAuthenticationUnitTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void loginShouldObtainTokenWithoutSecretId() {
AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided("hello")) //
.build();
this.mockRest.expect(requestTo("/auth/approle/login")).andExpect(method(HttpMethod.POST))
.andExpect(jsonPath("$.role_id").value("hello")).andExpect(jsonPath("$.secret_id").doesNotExist())
.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
"{" + "\"auth\":{\"client_token\":\"my-token\", \"lease_duration\": 10, \"renewable\": true}"
+ "}"));
AppRoleAuthentication sut = new AppRoleAuthentication(options, this.restTemplate);
VaultToken login = sut.login();
assertThat(login).isInstanceOf(LoginToken.class);
assertThat(login.getToken()).isEqualTo("my-token");
assertThat(((LoginToken) login).getLeaseDuration()).isEqualTo(Duration.ofSeconds(10));
assertThat(((LoginToken) login).isRenewable()).isTrue();
}
Example #29
| Source File: AppRoleAuthenticationUnitTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void loginShouldFail() {
AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided("hello")) //
.build();
this.mockRest.expect(requestTo("/auth/approle/login")) //
.andRespond(withServerError());
assertThatExceptionOfType(VaultException.class)
.isThrownBy(() -> new AppRoleAuthentication(options, this.restTemplate).login());
}
Example #30
| Source File: AppRoleAuthenticationUnitTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void loginShouldUnwrapCubbyholeSecretIdResponse() throws Exception {
AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
.roleId(RoleId.provided("my_role_id")).secretId(SecretId.wrapped(VaultToken.of("unwrapping_token")))
.unwrappingEndpoints(UnwrappingEndpoints.Cubbyhole).build();
String wrappedResponse = "{" + " \"request_id\": \"aad6a19b-a42b-b750-cafb-51087662f53e\","
+ " \"lease_id\": \"\"," + " \"renewable\": false," + " \"lease_duration\": 0," + " \"data\": {"
+ " \"secret_id\": \"my_secret_id\"," + " \"secret_id_accessor\": \"my_secret_id_accessor\""
+ " }," + " \"wrap_info\": null," + " \"warnings\": null," + " \"auth\": null" + "}";
// Expect a first request to unwrap the response
this.mockRest.expect(requestTo("/cubbyhole/response")).andExpect(header("X-Vault-Token", "unwrapping_token"))
.andExpect(method(HttpMethod.GET))
.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
"{\"data\":{\"response\":" + this.OBJECT_MAPPER.writeValueAsString(wrappedResponse) + "} }"));
// Also expect a second request to retrieve a token
this.mockRest.expect(requestTo("/auth/approle/login")).andExpect(method(HttpMethod.POST))
.andExpect(jsonPath("$.role_id").value("my_role_id"))
.andExpect(jsonPath("$.secret_id").value("my_secret_id"))
.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
"{" + "\"auth\":{\"client_token\":\"my-token\", \"lease_duration\": 10, \"renewable\": true}"
+ "}"));
AppRoleAuthentication auth = new AppRoleAuthentication(options, this.restTemplate);
VaultToken login = auth.login();
assertThat(login).isInstanceOf(LoginToken.class);
assertThat(login.getToken()).isEqualTo("my-token");
assertThat(((LoginToken) login).getLeaseDuration()).isEqualTo(Duration.ofSeconds(10));
assertThat(((LoginToken) login).isRenewable()).isTrue();
}
