com.amazonaws.services.secretsmanager.model.GetSecretValueRequest Java Examples
The following examples show how to use
com.amazonaws.services.secretsmanager.model.GetSecretValueRequest.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: CacheableSecretsManagerTest.java From aws-athena-query-federation with Apache License 2.0 | 6 votes |
@Test public void expirationTest() { cachableSecretsManager.addCacheEntry("test", "value", System.currentTimeMillis()); assertEquals("value", cachableSecretsManager.getSecret("test")); verifyNoMoreInteractions(mockSecretsManager); reset(mockSecretsManager); when(mockSecretsManager.getSecretValue(any(GetSecretValueRequest.class))) .thenAnswer((InvocationOnMock invocation) -> { GetSecretValueRequest request = invocation.getArgumentAt(0, GetSecretValueRequest.class); if (request.getSecretId().equalsIgnoreCase("test")) { return new GetSecretValueResult().withSecretString("value2"); } throw new RuntimeException(); }); cachableSecretsManager.addCacheEntry("test", "value", 0); assertEquals("value2", cachableSecretsManager.getSecret("test")); }
Example #2
Source File: AwsSecretsManagerPropertySourceLocatorTest.java From spring-cloud-aws with Apache License 2.0 | 6 votes |
@Test public void contextSpecificOrderExpected() { AwsSecretsManagerProperties properties = new AwsSecretsManagerPropertiesBuilder() .withDefaultContext("application").withName("messaging-service").build(); GetSecretValueResult secretValueResult = new GetSecretValueResult(); secretValueResult.setSecretString("{\"key1\": \"value1\", \"key2\": \"value2\"}"); when(smClient.getSecretValue(any(GetSecretValueRequest.class))) .thenReturn(secretValueResult); AwsSecretsManagerPropertySourceLocator locator = new AwsSecretsManagerPropertySourceLocator( smClient, properties); env.setActiveProfiles("test"); locator.locate(env); List<String> contextToBeTested = new ArrayList<>(locator.getContexts()); assertThat(contextToBeTested.get(0)).isEqualTo("/secret/messaging-service_test"); assertThat(contextToBeTested.get(1)).isEqualTo("/secret/messaging-service"); assertThat(contextToBeTested.get(2)).isEqualTo("/secret/application_test"); assertThat(contextToBeTested.get(3)).isEqualTo("/secret/application"); }
Example #3
Source File: AwsSecretsManagerPropertySourceLocatorTest.java From spring-cloud-aws with Apache License 2.0 | 6 votes |
@Test public void contextExpectedToHave4Elements() { AwsSecretsManagerProperties properties = new AwsSecretsManagerPropertiesBuilder() .withDefaultContext("application").withName("messaging-service").build(); GetSecretValueResult secretValueResult = new GetSecretValueResult(); secretValueResult.setSecretString("{\"key1\": \"value1\", \"key2\": \"value2\"}"); when(smClient.getSecretValue(any(GetSecretValueRequest.class))) .thenReturn(secretValueResult); AwsSecretsManagerPropertySourceLocator locator = new AwsSecretsManagerPropertySourceLocator( smClient, properties); env.setActiveProfiles("test"); locator.locate(env); assertThat(locator.getContexts()).hasSize(4); }
Example #4
Source File: AwsSecretsManagerPropertySourceLocatorTest.java From spring-cloud-aws with Apache License 2.0 | 6 votes |
@Test public void contextExpectedToHave2Elements() { AwsSecretsManagerProperties properties = new AwsSecretsManagerPropertiesBuilder() .withDefaultContext("application").withName("application").build(); GetSecretValueResult secretValueResult = new GetSecretValueResult(); secretValueResult.setSecretString("{\"key1\": \"value1\", \"key2\": \"value2\"}"); when(smClient.getSecretValue(any(GetSecretValueRequest.class))) .thenReturn(secretValueResult); AwsSecretsManagerPropertySourceLocator locator = new AwsSecretsManagerPropertySourceLocator( smClient, properties); env.setActiveProfiles("test"); locator.locate(env); assertThat(locator.getContexts()).hasSize(2); }
Example #5
Source File: SecretsManagerSecretEngine.java From kork with Apache License 2.0 | 6 votes |
protected GetSecretValueResult getSecretValue(String secretRegion, String secretName) { AWSSecretsManager client = AWSSecretsManagerClientBuilder.standard().withRegion(secretRegion).build(); GetSecretValueRequest getSecretValueRequest = new GetSecretValueRequest().withSecretId(secretName); try { return client.getSecretValue(getSecretValueRequest); } catch (AWSSecretsManagerException e) { throw new SecretException( String.format( "An error occurred when using AWS Secrets Manager to fetch: [secretName: %s, secretRegion: %s]", secretName, secretRegion), e); } }
Example #6
Source File: SecretsManagerTest.java From fernet-java8 with Apache License 2.0 | 6 votes |
@Test public final void verifyGetSecretStageRetrievesBinary() throws UnsupportedEncodingException { // given final GetSecretValueRequest request = new GetSecretValueRequest(); request.setSecretId("secret"); request.setVersionStage("AWSPENDING"); final GetSecretValueResult response = new GetSecretValueResult(); response.setSecretBinary(ByteBuffer.wrap("expected".getBytes("UTF-8"))); given(delegate.getSecretValue(eq(request))).willReturn(response); // when final ByteBuffer result = manager.getSecretStage("secret", PENDING); // then final byte[] buffer = new byte[result.remaining()]; result.get(buffer); assertEquals("expected", new String(buffer, "UTF-8")); }
Example #7
Source File: SecretsManagerTest.java From fernet-java8 with Apache License 2.0 | 6 votes |
@Test public final void verifyGetSecretVersionRetrievesBinary() throws UnsupportedEncodingException { // given final GetSecretValueRequest request = new GetSecretValueRequest(); request.setSecretId("secret"); request.setVersionId("version"); final GetSecretValueResult response = new GetSecretValueResult(); response.setSecretBinary(ByteBuffer.wrap("expected".getBytes("UTF-8"))); given(delegate.getSecretValue(eq(request))).willReturn(response); // when final ByteBuffer result = manager.getSecretVersion("secret", "version"); // then final byte[] buffer = new byte[result.remaining()]; result.get(buffer); assertEquals("expected", new String(buffer, "UTF-8")); }
Example #8
Source File: RedisMetadataHandlerTest.java From aws-athena-query-federation with Apache License 2.0 | 6 votes |
@Before public void setUp() throws Exception { logger.info("{}: enter", testName.getMethodName()); when(mockFactory.getOrCreateConn(eq(decodedEndpoint))).thenReturn(mockClient); handler = new RedisMetadataHandler(mockGlue, new LocalKeyFactory(), mockSecretsManager, mockAthena, mockFactory, "bucket", "prefix"); allocator = new BlockAllocatorImpl(); when(mockSecretsManager.getSecretValue(any(GetSecretValueRequest.class))) .thenAnswer((InvocationOnMock invocation) -> { GetSecretValueRequest request = invocation.getArgumentAt(0, GetSecretValueRequest.class); if ("endpoint".equalsIgnoreCase(request.getSecretId())) { return new GetSecretValueResult().withSecretString(decodedEndpoint); } throw new RuntimeException("Unknown secret " + request.getSecretId()); }); }
Example #9
Source File: CachableSecretsManager.java From aws-athena-query-federation with Apache License 2.0 | 6 votes |
/** * Retrieves a secret from SecretsManager, first checking the cache. Newly fetched secrets are added to the cache. * * @param secretName The name of the secret to retrieve. * @return The value of the secret, throws if no such secret is found. */ public String getSecret(String secretName) { CacheEntry cacheEntry = cache.get(secretName); if (cacheEntry == null || cacheEntry.getAge() > MAX_CACHE_AGE_MS) { logger.info("getSecret: Resolving secret[{}].", secretName); GetSecretValueResult secretValueResult = secretsManager.getSecretValue(new GetSecretValueRequest() .withSecretId(secretName)); cacheEntry = new CacheEntry(secretName, secretValueResult.getSecretString()); evictCache(cache.size() >= MAX_CACHE_SIZE); cache.put(secretName, cacheEntry); } return cacheEntry.getValue(); }
Example #10
Source File: CacheableSecretsManagerTest.java From aws-athena-query-federation with Apache License 2.0 | 6 votes |
@Test public void evictionTest() { for (int i = 0; i < CachableSecretsManager.MAX_CACHE_SIZE; i++) { cachableSecretsManager.addCacheEntry("test" + i, "value" + i, System.currentTimeMillis()); } when(mockSecretsManager.getSecretValue(any(GetSecretValueRequest.class))) .thenAnswer((InvocationOnMock invocation) -> { GetSecretValueRequest request = invocation.getArgumentAt(0, GetSecretValueRequest.class); return new GetSecretValueResult().withSecretString(request.getSecretId() + "_value"); }); assertEquals("test_value", cachableSecretsManager.getSecret("test")); assertEquals("test0_value", cachableSecretsManager.getSecret("test0")); verify(mockSecretsManager, times(2)).getSecretValue(any(GetSecretValueRequest.class)); }
Example #11
Source File: JdbcRecordHandlerTest.java From aws-athena-query-federation with Apache License 2.0 | 5 votes |
@Before public void setup() throws SQLException { this.connection = Mockito.mock(Connection.class, Mockito.RETURNS_DEEP_STUBS); this.jdbcConnectionFactory = Mockito.mock(JdbcConnectionFactory.class); Mockito.when(this.jdbcConnectionFactory.getConnection(Mockito.any(JdbcCredentialProvider.class))).thenReturn(this.connection); this.amazonS3 = Mockito.mock(AmazonS3.class); this.secretsManager = Mockito.mock(AWSSecretsManager.class); this.athena = Mockito.mock(AmazonAthena.class); this.queryStatusChecker = Mockito.mock(QueryStatusChecker.class); Mockito.when(this.secretsManager.getSecretValue(Mockito.eq(new GetSecretValueRequest().withSecretId("testSecret")))).thenReturn(new GetSecretValueResult().withSecretString("{\"username\": \"testUser\", \"password\": \"testPassword\"}")); this.preparedStatement = Mockito.mock(PreparedStatement.class); Mockito.when(this.connection.prepareStatement("someSql")).thenReturn(this.preparedStatement); DatabaseConnectionConfig databaseConnectionConfig = new DatabaseConnectionConfig("testCatalog", JdbcConnectionFactory.DatabaseEngine.MYSQL, "mysql://jdbc:mysql://hostname/${testSecret}", "testSecret"); this.jdbcRecordHandler = new JdbcRecordHandler(this.amazonS3, this.secretsManager, this.athena, databaseConnectionConfig, this.jdbcConnectionFactory) { @Override public PreparedStatement buildSplitSql(Connection jdbcConnection, String catalogName, TableName tableName, Schema schema, Constraints constraints, Split split) throws SQLException { return jdbcConnection.prepareStatement("someSql"); } }; this.federatedIdentity = Mockito.mock(FederatedIdentity.class); }
Example #12
Source File: CacheableSecretsManagerTest.java From aws-athena-query-federation with Apache License 2.0 | 5 votes |
@Test public void resolveSecrets() { when(mockSecretsManager.getSecretValue(any(GetSecretValueRequest.class))) .thenAnswer((InvocationOnMock invocation) -> { GetSecretValueRequest request = invocation.getArgumentAt(0, GetSecretValueRequest.class); String result = request.getSecretId(); if (result.equalsIgnoreCase("unknown")) { throw new RuntimeException("Unknown secret!"); } return new GetSecretValueResult().withSecretString(result); }); String oneSecret = "${OneSecret}"; String oneExpected = "OneSecret"; assertEquals(oneExpected, cachableSecretsManager.resolveSecrets(oneSecret)); String twoSecrets = "ThisIsMyStringWith${TwoSecret}SuperSecret${Secrets}"; String twoExpected = "ThisIsMyStringWithTwoSecretSuperSecretSecrets"; assertEquals(twoExpected, cachableSecretsManager.resolveSecrets(twoSecrets)); String noSecrets = "ThisIsMyStringWithTwoSecretSuperSecretSecrets"; String noSecretsExpected = "ThisIsMyStringWithTwoSecretSuperSecretSecrets"; assertEquals(noSecretsExpected, cachableSecretsManager.resolveSecrets(noSecrets)); String commonErrors = "ThisIsM}yStringWi${thTwoSecretS{uperSecretSecrets"; String commonErrorsExpected = "ThisIsM}yStringWi${thTwoSecretS{uperSecretSecrets"; assertEquals(commonErrorsExpected, cachableSecretsManager.resolveSecrets(commonErrors)); String unknownSecret = "This${Unknown}"; try { cachableSecretsManager.resolveSecrets(unknownSecret); fail("Should not see this!"); } catch (RuntimeException ex) {} }
Example #13
Source File: AwsSecretsManagerPropertySourceLocatorTest.java From spring-cloud-aws with Apache License 2.0 | 5 votes |
@Test void locate_nameNotSpecifiedInConstructor_returnsPropertySourceWithDefaultName() { GetSecretValueResult secretValueResult = new GetSecretValueResult(); secretValueResult.setSecretString("{\"key1\": \"value1\", \"key2\": \"value2\"}"); when(smClient.getSecretValue(any(GetSecretValueRequest.class))) .thenReturn(secretValueResult); AwsSecretsManagerProperties properties = new AwsSecretsManagerProperties(); AwsSecretsManagerPropertySourceLocator locator = new AwsSecretsManagerPropertySourceLocator( smClient, properties); PropertySource propertySource = locator.locate(env); assertThat(propertySource.getName()).isEqualTo("aws-secrets-manager"); }
Example #14
Source File: AwsSecretsManagerPropertySourceLocatorTest.java From spring-cloud-aws with Apache License 2.0 | 5 votes |
@Test void locate_nameSpecifiedInConstructor_returnsPropertySourceWithSpecifiedName() { GetSecretValueResult secretValueResult = new GetSecretValueResult(); secretValueResult.setSecretString("{\"key1\": \"value1\", \"key2\": \"value2\"}"); when(smClient.getSecretValue(any(GetSecretValueRequest.class))) .thenReturn(secretValueResult); AwsSecretsManagerProperties properties = new AwsSecretsManagerProperties(); AwsSecretsManagerPropertySourceLocator locator = new AwsSecretsManagerPropertySourceLocator( "my-name", smClient, properties); PropertySource propertySource = locator.locate(env); assertThat(propertySource.getName()).isEqualTo("my-name"); }
Example #15
Source File: AwsSecretsManagerPropertySourceTest.java From spring-cloud-aws with Apache License 2.0 | 5 votes |
@Test void shouldParseSecretValue() { GetSecretValueResult secretValueResult = new GetSecretValueResult(); secretValueResult.setSecretString("{\"key1\": \"value1\", \"key2\": \"value2\"}"); when(smClient.getSecretValue(any(GetSecretValueRequest.class))) .thenReturn(secretValueResult); propertySource.init(); assertThat(propertySource.getPropertyNames()).containsExactly("key1", "key2"); assertThat(propertySource.getProperty("key1")).isEqualTo("value1"); assertThat(propertySource.getProperty("key2")).isEqualTo("value2"); }
Example #16
Source File: JdbcMetadataHandlerTest.java From aws-athena-query-federation with Apache License 2.0 | 5 votes |
@Before public void setup() { this.jdbcConnectionFactory = Mockito.mock(JdbcConnectionFactory.class); this.connection = Mockito.mock(Connection.class, Mockito.RETURNS_DEEP_STUBS); Mockito.when(this.jdbcConnectionFactory.getConnection(Mockito.any(JdbcCredentialProvider.class))).thenReturn(this.connection); this.secretsManager = Mockito.mock(AWSSecretsManager.class); this.athena = Mockito.mock(AmazonAthena.class); Mockito.when(this.secretsManager.getSecretValue(Mockito.eq(new GetSecretValueRequest().withSecretId("testSecret")))).thenReturn(new GetSecretValueResult().withSecretString("{\"username\": \"testUser\", \"password\": \"testPassword\"}")); DatabaseConnectionConfig databaseConnectionConfig = new DatabaseConnectionConfig("testCatalog", JdbcConnectionFactory.DatabaseEngine.MYSQL, "mysql://jdbc:mysql://hostname/${testSecret}", "testSecret"); this.jdbcMetadataHandler = new JdbcMetadataHandler(databaseConnectionConfig, this.secretsManager, this.athena, jdbcConnectionFactory) { @Override public Schema getPartitionSchema(final String catalogName) { return PARTITION_SCHEMA; } @Override public void getPartitions(final BlockWriter blockWriter, final GetTableLayoutRequest getTableLayoutRequest, QueryStatusChecker queryStatusChecker) { } @Override public GetSplitsResponse doGetSplits(BlockAllocator blockAllocator, GetSplitsRequest getSplitsRequest) { return null; } }; this.federatedIdentity = Mockito.mock(FederatedIdentity.class); this.blockAllocator = Mockito.mock(BlockAllocator.class); }
Example #17
Source File: SecretsManagerSecretEngine.java From cerberus with Apache License 2.0 | 5 votes |
@Override public byte[] decrypt(EncryptedSecret encryptedSecret) { String secretName = encryptedSecret.getParams().get(SECRET_NAME); String secretRegion = encryptedSecret.getParams().get(SECRET_REGION); String secretKey = encryptedSecret.getParams().get(SECRET_KEY); AWSSecretsManager client = AWSSecretsManagerClientBuilder.standard().withRegion(secretRegion).build(); byte[] binarySecret = null; GetSecretValueRequest getSecretValueRequest = new GetSecretValueRequest().withSecretId(secretName); GetSecretValueResult getSecretValueResult = null; try { getSecretValueResult = client.getSecretValue(getSecretValueRequest); } catch (Exception e) { log.error( "An error occurred when trying to use AWS Secrets Manager to fetch: [secretName: {}, secretRegion: {}, secretKey: {}]", secretName, secretRegion, secretKey, e); throw new RuntimeException("Failed to fetch secret from AWS Secrets Manager", e); } if (getSecretValueResult.getSecretString() != null) { String secret = getSecretValueResult.getSecretString(); Gson gson = new Gson(); Type type = new TypeToken<Map<String, String>>() {}.getType(); Map<String, String> myMap = gson.fromJson(secret, type); binarySecret = myMap.get(secretKey).getBytes(StandardCharsets.UTF_8); } else { binarySecret = getSecretValueResult.getSecretBinary().array(); } return binarySecret; }
Example #18
Source File: MySqlMetadataHandlerTest.java From aws-athena-query-federation with Apache License 2.0 | 5 votes |
@Before public void setup() { this.jdbcConnectionFactory = Mockito.mock(JdbcConnectionFactory.class); this.connection = Mockito.mock(Connection.class, Mockito.RETURNS_DEEP_STUBS); Mockito.when(this.jdbcConnectionFactory.getConnection(Mockito.any(JdbcCredentialProvider.class))).thenReturn(this.connection); this.secretsManager = Mockito.mock(AWSSecretsManager.class); this.athena = Mockito.mock(AmazonAthena.class); Mockito.when(this.secretsManager.getSecretValue(Mockito.eq(new GetSecretValueRequest().withSecretId("testSecret")))).thenReturn(new GetSecretValueResult().withSecretString("{\"username\": \"testUser\", \"password\": \"testPassword\"}")); this.mySqlMetadataHandler = new MySqlMetadataHandler(databaseConnectionConfig, this.secretsManager, this.athena, this.jdbcConnectionFactory); this.federatedIdentity = Mockito.mock(FederatedIdentity.class); }
Example #19
Source File: PostGreSqlMetadataHandlerTest.java From aws-athena-query-federation with Apache License 2.0 | 5 votes |
@Before public void setup() { this.jdbcConnectionFactory = Mockito.mock(JdbcConnectionFactory.class); this.connection = Mockito.mock(Connection.class, Mockito.RETURNS_DEEP_STUBS); Mockito.when(this.jdbcConnectionFactory.getConnection(Mockito.any(JdbcCredentialProvider.class))).thenReturn(this.connection); this.secretsManager = Mockito.mock(AWSSecretsManager.class); Mockito.when(this.secretsManager.getSecretValue(Mockito.eq(new GetSecretValueRequest().withSecretId("testSecret")))).thenReturn(new GetSecretValueResult().withSecretString("{\"username\": \"testUser\", \"password\": \"testPassword\"}")); this.postGreSqlMetadataHandler = new PostGreSqlMetadataHandler(databaseConnectionConfig, this.secretsManager, this.athena, this.jdbcConnectionFactory); this.federatedIdentity = Mockito.mock(FederatedIdentity.class); }
Example #20
Source File: SecretsManagerTest.java From fernet-java8 with Apache License 2.0 | 5 votes |
@Test public final void verifyAssertDoesNothing() { // given final GetSecretValueRequest request = new GetSecretValueRequest(); request.setSecretId("secret"); request.setVersionStage("AWSCURRENT"); given(delegate.getSecretValue(eq(request))).willReturn(new GetSecretValueResult()); // when manager.assertCurrentStageExists("secret"); // then (nothing) }
Example #21
Source File: SecretsManagerTest.java From fernet-java8 with Apache License 2.0 | 5 votes |
@Test public final void verifyAssertCurrentStageExistsThrowsException() { // given final GetSecretValueRequest request = new GetSecretValueRequest(); request.setSecretId("secret"); request.setVersionStage("AWSCURRENT"); given(delegate.getSecretValue(eq(request))).willThrow(new ResourceNotFoundException("not found")); // when thrown.expect(ResourceNotFoundException.class); manager.assertCurrentStageExists("secret"); // then (exception thrown) }
Example #22
Source File: SecretsManager.java From fernet-java8 with Apache License 2.0 | 5 votes |
/** * Retrieve a specific stage of the secret. * * @param secretId the ARN of the secret * @param stage the stage of the secret to retrieve * @return the Fernet key or keys in binary form */ public ByteBuffer getSecretStage(final String secretId, final Stage stage) { final GetSecretValueRequest getSecretValueRequest = new GetSecretValueRequest(); getSecretValueRequest.setSecretId(secretId); getSecretValueRequest.setVersionStage(stage.getAwsName()); final GetSecretValueResult result = getDelegate().getSecretValue(getSecretValueRequest); return result.getSecretBinary(); }
Example #23
Source File: SecretsManager.java From fernet-java8 with Apache License 2.0 | 5 votes |
/** * Retrieve a specific version of the secret. This requires the permission <code>secretsmanager:GetSecretValue</code> * * @param secretId the ARN of the secret * @param clientRequestToken the version identifier of the secret * @return the Fernet key or keys in binary form */ public ByteBuffer getSecretVersion(final String secretId, final String clientRequestToken) { final GetSecretValueRequest getSecretValueRequest = new GetSecretValueRequest(); getSecretValueRequest.setSecretId(secretId); getSecretValueRequest.setVersionId(clientRequestToken); final GetSecretValueResult result = getDelegate().getSecretValue(getSecretValueRequest); return result.getSecretBinary(); }
Example #24
Source File: SecretCacheVersion.java From aws-secretsmanager-caching-java with Apache License 2.0 | 5 votes |
/** * Execute the logic to perform the actual refresh of the item. * * @return The result from AWS Secrets Manager for the refresh. */ @Override protected GetSecretValueResult executeRefresh() { return client.getSecretValue( updateUserAgent(new GetSecretValueRequest() .withSecretId(this.secretId).withVersionId(this.versionId))); }
Example #25
Source File: AwsSecretsManagerPropertySource.java From spring-cloud-aws with Apache License 2.0 | 4 votes |
public void init() { GetSecretValueRequest secretValueRequest = new GetSecretValueRequest(); secretValueRequest.setSecretId(context); readSecretValue(secretValueRequest); }
Example #26
Source File: TestClass.java From aws-secretsmanager-jdbc with Apache License 2.0 | 4 votes |
public GetSecretValueRequest requestWithName(String secretName) { return new GetSecretValueRequest().withSecretId(secretName); }
Example #27
Source File: SecretsManager.java From fernet-java8 with Apache License 2.0 | 3 votes |
/** * Ensure that the given secret has an AWSCURRENT value. This requires the permission * <code>secretsmanager:GetSecretValue</code> * * @param secretId * the ARN of the secret. * @throws ResourceNotFoundException if the secret doesn't exist or it has no AWSCURRENT stage */ public void assertCurrentStageExists(final String secretId) { final GetSecretValueRequest getSecretValueRequest = new GetSecretValueRequest(); getSecretValueRequest.setSecretId(secretId); getSecretValueRequest.setVersionStage(CURRENT.getAwsName()); getDelegate().getSecretValue(getSecretValueRequest); }