diff --git a/fidelius-sdk/pom.xml b/fidelius-sdk/pom.xml
index 594a636..0534744 100644
--- a/fidelius-sdk/pom.xml
+++ b/fidelius-sdk/pom.xml
@@ -78,44 +78,60 @@
- 1.11.767
+ 2.16.60
+
+
+
+ software.amazon.awssdk
+ bom
+ ${aws.version}
+ pom
+ import
+
+
+
+
- aws-java-sdk-core
- com.amazonaws
- ${aws.version}
+ software.amazon.awssdk
+ apache-client
+
+
+
+ software.amazon.awssdk
+ auth
+
+
+
+ software.amazon.awssdk
+ dynamodb
- com.amazonaws
- aws-java-sdk-dynamodb
- ${aws.version}
+ software.amazon.awssdk
+ ec2
- com.amazonaws
- aws-java-sdk-kms
- ${aws.version}
+ software.amazon.awssdk
+ kms
- com.amazonaws
- aws-java-sdk-ec2
- ${aws.version}
+ software.amazon.awssdk
+ lambda
- com.amazonaws
- aws-java-sdk-sts
- ${aws.version}
+ software.amazon.awssdk
+ rds
- com.amazonaws
- aws-java-sdk-lambda
- ${aws.version}
+ software.amazon.awssdk
+ sts
@@ -182,7 +198,7 @@
org.apache.maven.plugins
maven-compiler-plugin
- 3.6.1
+ 3.10.1
diff --git a/fidelius-sdk/src/main/java/org/finra/fidelius/CredModelMapper.java b/fidelius-sdk/src/main/java/org/finra/fidelius/CredModelMapper.java
index aa306e3..c93b453 100644
--- a/fidelius-sdk/src/main/java/org/finra/fidelius/CredModelMapper.java
+++ b/fidelius-sdk/src/main/java/org/finra/fidelius/CredModelMapper.java
@@ -17,7 +17,7 @@
package org.finra.fidelius;
-import com.amazonaws.services.dynamodbv2.model.AttributeValue;
+import software.amazon.awssdk.services.dynamodb.model.AttributeValue;
import java.util.HashMap;
import java.util.Map;
@@ -31,28 +31,28 @@ private enum DynamoAttributes{
public static Map toDynamo(EncryptedCredential encryptedCredential){
HashMap dynamoRow = new HashMap<>();
- dynamoRow.put(DynamoAttributes.name.name(), new AttributeValue(encryptedCredential.getFullName()));
- dynamoRow.put(DynamoAttributes.version.name(), new AttributeValue(encryptedCredential.getVersion()));
- dynamoRow.put(DynamoAttributes.key.name(), new AttributeValue(encryptedCredential.getDatakey()));
- dynamoRow.put(DynamoAttributes.contents.name(), new AttributeValue(encryptedCredential.getCredential()));
- dynamoRow.put(DynamoAttributes.hmac.name(), new AttributeValue(encryptedCredential.getHmac()));
+ dynamoRow.put(DynamoAttributes.name.name(), AttributeValue.builder().s(encryptedCredential.getFullName()).build());
+ dynamoRow.put(DynamoAttributes.version.name(), AttributeValue.builder().s(encryptedCredential.getVersion()).build());
+ dynamoRow.put(DynamoAttributes.key.name(), AttributeValue.builder().s(encryptedCredential.getDatakey()).build());
+ dynamoRow.put(DynamoAttributes.contents.name(), AttributeValue.builder().s(encryptedCredential.getCredential()).build());
+ dynamoRow.put(DynamoAttributes.hmac.name(), AttributeValue.builder().s(encryptedCredential.getHmac()).build());
if(encryptedCredential.getUpdateBy()!=null)
- dynamoRow.put(DynamoAttributes.updatedBy.name(), new AttributeValue(encryptedCredential.getUpdateBy()));
+ dynamoRow.put(DynamoAttributes.updatedBy.name(), AttributeValue.builder().s(encryptedCredential.getUpdateBy()).build());
if(encryptedCredential.getUpdateOn()!=null)
- dynamoRow.put(DynamoAttributes.updatedOn.name(), new AttributeValue(encryptedCredential.getUpdateOn()));
+ dynamoRow.put(DynamoAttributes.updatedOn.name(), AttributeValue.builder().s(encryptedCredential.getUpdateOn()).build());
if(encryptedCredential.getSdlc()!=null)
- dynamoRow.put(DynamoAttributes.sdlc.name(), new AttributeValue(encryptedCredential.getSdlc()));
+ dynamoRow.put(DynamoAttributes.sdlc.name(), AttributeValue.builder().s(encryptedCredential.getSdlc()).build());
if(encryptedCredential.getComponent()!= null)
- dynamoRow.put(DynamoAttributes.component.name(), new AttributeValue(encryptedCredential.getComponent()));
+ dynamoRow.put(DynamoAttributes.component.name(), AttributeValue.builder().s(encryptedCredential.getComponent()).build());
return dynamoRow;
}
- public static EncryptedCredential fromDynamo(Map dynamoCred){
+ public static EncryptedCredential fromDynamo(Map dynamoCred){
return new EncryptedCredential()
.setFullName(getAttributeValue(DynamoAttributes.name.name(), dynamoCred))
.setCredential(getAttributeValue(DynamoAttributes.contents.name(),dynamoCred))
@@ -68,7 +68,7 @@ public static EncryptedCredential fromDynamo(Map dynamoCr
private static String getAttributeValue(String name, Map dynamoCred){
AttributeValue attributeValue = dynamoCred.get(name);
if(attributeValue!=null){
- return attributeValue.getS();
+ return attributeValue.s();
}
return null;
}
diff --git a/fidelius-sdk/src/main/java/org/finra/fidelius/FideliusClient.java b/fidelius-sdk/src/main/java/org/finra/fidelius/FideliusClient.java
index 279ee06..ef47a40 100755
--- a/fidelius-sdk/src/main/java/org/finra/fidelius/FideliusClient.java
+++ b/fidelius-sdk/src/main/java/org/finra/fidelius/FideliusClient.java
@@ -17,34 +17,41 @@
package org.finra.fidelius;
-import java.util.Collections;
+import java.net.URI;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import com.amazonaws.ClientConfiguration;
-import com.amazonaws.auth.AWSCredentialsProvider;
-import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
-import com.amazonaws.regions.*;
-import com.amazonaws.retry.PredefinedRetryPolicies;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDB;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClientBuilder;
-import com.amazonaws.services.ec2.AmazonEC2;
-import com.amazonaws.services.ec2.AmazonEC2ClientBuilder;
-import com.amazonaws.services.ec2.model.*;
-import com.amazonaws.services.lambda.AWSLambda;
-import com.amazonaws.services.lambda.AWSLambdaClientBuilder;
-import com.amazonaws.services.lambda.model.*;
-import com.amazonaws.services.kms.AWSKMS;
-import com.amazonaws.services.kms.AWSKMSClientBuilder;
-import com.amazonaws.services.securitytoken.AWSSecurityTokenService;
-import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder;
-import com.amazonaws.services.securitytoken.model.GetCallerIdentityRequest;
-import com.amazonaws.util.EC2MetadataUtils;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider;
+import software.amazon.awssdk.auth.credentials.AwsCredentialsProviderChain;
+import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider;
+import software.amazon.awssdk.awscore.retry.AwsRetryPolicy;
+import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration;
+import software.amazon.awssdk.core.client.config.SdkClientConfiguration;
+import software.amazon.awssdk.core.internal.http.loader.DefaultSdkHttpClientBuilder;
+import software.amazon.awssdk.http.SdkHttpClient;
+import software.amazon.awssdk.http.apache.ApacheHttpClient;
+import software.amazon.awssdk.http.apache.ProxyConfiguration;
+import software.amazon.awssdk.http.apache.internal.impl.ApacheSdkHttpClient;
+import software.amazon.awssdk.regions.internal.util.EC2MetadataUtils;
+import software.amazon.awssdk.services.dynamodb.DynamoDbClient;
+import software.amazon.awssdk.services.dynamodb.DynamoDbClientBuilder;
+import software.amazon.awssdk.services.ec2.Ec2Client;
+import software.amazon.awssdk.services.ec2.Ec2ClientBuilder;
+import software.amazon.awssdk.services.ec2.model.*;
+import software.amazon.awssdk.services.kms.KmsClient;
+import software.amazon.awssdk.services.kms.KmsClientBuilder;
+import software.amazon.awssdk.services.lambda.LambdaClient;
+import software.amazon.awssdk.services.lambda.LambdaClientBuilder;
+import software.amazon.awssdk.services.sts.StsClient;
+import software.amazon.awssdk.services.sts.StsClientBuilder;
+import software.amazon.awssdk.services.sts.model.GetCallerIdentityRequest;
+
+import javax.swing.plaf.synth.Region;
public class FideliusClient {
@@ -52,79 +59,86 @@ public class FideliusClient {
private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
protected EnvConfig envConfig;
+ protected ProxyConfiguration proxyConfig;
protected JCredStash jCredStash;
- protected AWSSecurityTokenService awsSecurityTokenService;
+ protected StsClient stsClient;
- private final AmazonEC2 client;
- private final AWSLambda lambda;
+ private final Ec2Client ec2Client;
+ private final LambdaClient lambdaClient;
public FideliusClient() {
- this(null, new DefaultAWSCredentialsProviderChain());
+ this(null, AwsCredentialsProviderChain.builder().addCredentialsProvider(DefaultCredentialsProvider.create()).build());
}
public FideliusClient(String region) {
- this(null, new DefaultAWSCredentialsProviderChain(), region);
+ this(null, AwsCredentialsProviderChain.builder().addCredentialsProvider(DefaultCredentialsProvider.create()).build(), region);
}
- public FideliusClient(ClientConfiguration clientConf, AWSCredentialsProvider provider) {
+ public FideliusClient(ClientOverrideConfiguration clientConf, AwsCredentialsProvider provider) {
this(clientConf, provider, null);
}
- public FideliusClient(ClientConfiguration clientConf, AWSCredentialsProvider provider, String region) {
+ public FideliusClient(ClientOverrideConfiguration clientConf, AwsCredentialsProvider provider, String region) {
envConfig = new EnvConfig();
- ClientConfiguration kmsEc2ClientConfiguration = clientConf;
+ ClientOverrideConfiguration kmsEc2ClientConfiguration = clientConf;
if(clientConf==null){
clientConf = defaultClientConfiguration(envConfig);
- clientConf.setRetryPolicy(PredefinedRetryPolicies.DYNAMODB_DEFAULT);
kmsEc2ClientConfiguration = defaultClientConfiguration(envConfig);
- kmsEc2ClientConfiguration.setRetryPolicy(PredefinedRetryPolicies.getDefaultRetryPolicyWithCustomMaxRetries(5));
}
- AmazonDynamoDBClientBuilder ddbBuilder = AmazonDynamoDBClientBuilder.standard()
- .withCredentials(provider)
- .withClientConfiguration(clientConf);
+ DynamoDbClientBuilder dynamoDbBuilder = DynamoDbClient.builder()
+ .credentialsProvider(provider)
+ .overrideConfiguration(clientConf);
- AWSKMSClientBuilder kmsBuilder = AWSKMSClientBuilder.standard()
- .withCredentials(provider)
- .withClientConfiguration(kmsEc2ClientConfiguration);
+ KmsClientBuilder kmsBuilder = KmsClient.builder()
+ .credentialsProvider(provider)
+ .overrideConfiguration(kmsEc2ClientConfiguration);
- AWSSecurityTokenServiceClientBuilder stsBuilder = AWSSecurityTokenServiceClientBuilder.standard()
- .withClientConfiguration(clientConf)
- .withCredentials(provider);
+ StsClientBuilder stsBuilder = StsClient.builder()
+ .overrideConfiguration(clientConf)
+ .credentialsProvider(provider);
- AmazonEC2ClientBuilder clientBuilder = AmazonEC2ClientBuilder.standard()
- .withCredentials(provider)
- .withClientConfiguration(kmsEc2ClientConfiguration);
+ Ec2ClientBuilder clientBuilder = Ec2Client.builder()
+ .credentialsProvider(provider)
+ .overrideConfiguration(kmsEc2ClientConfiguration);
- AWSLambdaClientBuilder lambdaClientBuilder = AWSLambdaClientBuilder.standard()
- .withClientConfiguration(clientConf)
- .withCredentials(provider);
+ LambdaClientBuilder lambdaClientBuilder = LambdaClient.builder()
+ .credentialsProvider(provider)
+ .overrideConfiguration(clientConf);
if(region != null){
- Regions regionEnum = Regions.fromName(region);
- ddbBuilder.withRegion(regionEnum);
- kmsBuilder.withRegion(regionEnum);
- stsBuilder.withRegion(regionEnum);
- clientBuilder.withRegion(regionEnum);
- lambdaClientBuilder.withRegion(regionEnum);
+ software.amazon.awssdk.regions.Region awsRegion = software.amazon.awssdk.regions.Region.of(region);
+ dynamoDbBuilder = dynamoDbBuilder.region(awsRegion);
+ kmsBuilder = kmsBuilder.region(awsRegion);
+ stsBuilder = stsBuilder.region(awsRegion);
+ clientBuilder = clientBuilder.region(awsRegion);
+ lambdaClientBuilder = lambdaClientBuilder.region(awsRegion);
}
- lambda = lambdaClientBuilder.build();
- client = clientBuilder.build();
- awsSecurityTokenService = stsBuilder.build();
- jCredStash = new JCredStash(ddbBuilder.build(), kmsBuilder.build(), awsSecurityTokenService);
+ if(envConfig.hasProxyEnv()) {
+ SdkHttpClient sdkHttpClient = ApacheHttpClient.builder()
+ .proxyConfiguration(proxyConfig).build();
+ dynamoDbBuilder = dynamoDbBuilder.httpClient(sdkHttpClient);
+ kmsBuilder = kmsBuilder.httpClient(sdkHttpClient);
+ stsBuilder = stsBuilder.httpClient(sdkHttpClient);
+ clientBuilder = clientBuilder.httpClient(sdkHttpClient);
+ lambdaClientBuilder = lambdaClientBuilder.httpClient(sdkHttpClient);
+ }
+ lambdaClient = lambdaClientBuilder.build();
+ ec2Client = clientBuilder.build();
+ stsClient = stsBuilder.build();
+ jCredStash = new JCredStash(dynamoDbBuilder.build(), kmsBuilder.build(), stsClient);
}
- protected void setFideliusClient(AmazonDynamoDB ddb, AWSKMS kms) {
- jCredStash = new JCredStash(ddb, kms, awsSecurityTokenService);
+ protected void setFideliusClient(DynamoDbClient ddb, KmsClient kms) {
+ jCredStash = new JCredStash(ddb, kms, stsClient);
}
- protected ClientConfiguration defaultClientConfiguration(EnvConfig envConfig){
- ClientConfiguration clientConfiguration = new ClientConfiguration();
+ protected ClientOverrideConfiguration defaultClientConfiguration(EnvConfig envConfig){
+ ClientOverrideConfiguration clientConfiguration = ClientOverrideConfiguration.builder().retryPolicy(AwsRetryPolicy.defaultRetryPolicy()).build();
if(envConfig.hasProxyEnv()) {
- clientConfiguration.setProxyHost(envConfig.getProxy());
- clientConfiguration.setProxyPort(Integer.parseInt(envConfig.getPort()));
+ proxyConfig = ProxyConfiguration.builder().endpoint(URI.create(envConfig.getProxy() + ":" + envConfig.getPort())).build();
}
return clientConfiguration;
}
@@ -161,23 +175,23 @@ protected HashMap getEC2Tags() {
String instanceID = EC2MetadataUtils.getInstanceId();
- DescribeInstancesRequest instancesRequest = new DescribeInstancesRequest().withInstanceIds(instanceID);
- DescribeInstancesResult instancesResult = client.describeInstances(instancesRequest);
+ DescribeInstancesRequest instancesRequest = DescribeInstancesRequest.builder().instanceIds(instanceID).build();
+ DescribeInstancesResponse instancesResult = ec2Client.describeInstances(instancesRequest);
// There should only be one Instance with identical instanceID
- List reservations = instancesResult.getReservations();
+ List reservations = instancesResult.reservations();
if (reservations.size() > 1) {
return null;
}
Reservation reservation = reservations.get(0);
- Instance instance = reservation.getInstances().get(0);
- List tagList = instance.getTags();
+ Instance instance = reservation.instances().get(0);
+ List tagList = instance.tags();
HashMap tagMap = new HashMap();
for (Tag t : tagList) {
- if (t.getKey().equals(Constants.FID_CONTEXT_APPLICATION) || t.getKey().equals(Constants.FID_CONTEXT_SDLC) || t.getKey().equals(Constants.FID_CONTEXT_COMPONENT))
- tagMap.put(t.getKey(), t.getValue());
+ if (t.key().equals(Constants.FID_CONTEXT_APPLICATION) || t.key().equals(Constants.FID_CONTEXT_SDLC) || t.key().equals(Constants.FID_CONTEXT_COMPONENT))
+ tagMap.put(t.key(), t.value());
}
return tagMap;
}
@@ -245,7 +259,7 @@ protected String getUser() throws Exception {
}
protected String getUserIdentity() throws Exception {
- return awsSecurityTokenService.getCallerIdentity(new GetCallerIdentityRequest()).getArn();
+ return stsClient.getCallerIdentity(GetCallerIdentityRequest.builder().build()).arn();
}
/**
@@ -507,6 +521,9 @@ protected void deleteCredential(String name, String application, String sdlc,
logger.info("User "+ user + " deleted credential " + prefixedName);
} catch (RuntimeException e) { // Credential not found
logger.info("Credential " + prefixedName + " not found. [" + e.toString() + "] ");
+ for(StackTraceElement ste : e.getStackTrace()) {
+ logger.error(ste.toString());
+ }
throw new RuntimeException(e);
}
}
diff --git a/fidelius-sdk/src/main/java/org/finra/fidelius/JCredStash.java b/fidelius-sdk/src/main/java/org/finra/fidelius/JCredStash.java
index 5c3dea1..ac693ff 100644
--- a/fidelius-sdk/src/main/java/org/finra/fidelius/JCredStash.java
+++ b/fidelius-sdk/src/main/java/org/finra/fidelius/JCredStash.java
@@ -17,30 +17,19 @@
package org.finra.fidelius;
-import com.amazonaws.ClientConfiguration;
-import com.amazonaws.auth.AWSCredentialsProvider;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDB;
-
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClientBuilder;
-import com.amazonaws.services.dynamodbv2.document.*;
-import com.amazonaws.services.dynamodbv2.document.spec.QuerySpec;
-import com.amazonaws.services.dynamodbv2.document.utils.NameMap;
-import com.amazonaws.services.dynamodbv2.document.utils.ValueMap;
-import com.amazonaws.services.dynamodbv2.model.*;
-import com.amazonaws.services.kms.AWSKMS;
-import com.amazonaws.services.kms.AWSKMSClientBuilder;
-import com.amazonaws.services.kms.model.DecryptRequest;
-import com.amazonaws.services.kms.model.DecryptResult;
-import com.amazonaws.services.kms.model.GenerateDataKeyRequest;
-import com.amazonaws.services.kms.model.GenerateDataKeyResult;
-import com.amazonaws.services.securitytoken.AWSSecurityTokenService;
-import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient;
-import com.amazonaws.services.securitytoken.model.GetCallerIdentityRequest;
import org.apache.commons.codec.binary.Base64;
-import com.amazonaws.services.dynamodbv2.document.BatchWriteItemOutcome;
-import com.amazonaws.services.dynamodbv2.document.DynamoDB;
-import com.amazonaws.services.dynamodbv2.document.Item;
-import com.amazonaws.services.dynamodbv2.document.TableWriteItems;
+import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider;
+import software.amazon.awssdk.core.SdkBytes;
+import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration;
+import software.amazon.awssdk.services.dynamodb.DynamoDbClient;
+import software.amazon.awssdk.services.dynamodb.model.*;
+import software.amazon.awssdk.services.kms.KmsClient;
+import software.amazon.awssdk.services.kms.model.DecryptRequest;
+import software.amazon.awssdk.services.kms.model.DecryptResponse;
+import software.amazon.awssdk.services.kms.model.GenerateDataKeyRequest;
+import software.amazon.awssdk.services.kms.model.GenerateDataKeyResponse;
+import software.amazon.awssdk.services.sts.StsClient;
+import software.amazon.awssdk.services.sts.model.GetCallerIdentityRequest;
import java.io.UnsupportedEncodingException;
import java.nio.ByteBuffer;
@@ -49,87 +38,108 @@
import java.util.*;
public class JCredStash {
- protected AmazonDynamoDB amazonDynamoDBClient;
- protected AWSKMS awskmsClient;
+ protected DynamoDbClient dynamoDbClient;
+ protected KmsClient kmsClient;
protected CredStashCrypto cryptoImpl;
- protected AWSSecurityTokenService awsSecurityTokenService;
- protected DynamoDB dynamoDB;
+ protected StsClient stsClient;
protected JCredStash() {
- this.amazonDynamoDBClient = AmazonDynamoDBClientBuilder.defaultClient();
- this.awskmsClient = AWSKMSClientBuilder.defaultClient();
+ this.dynamoDbClient = DynamoDbClient.builder().build();
+ this.kmsClient = KmsClient.builder().build();
this.cryptoImpl = new CredStashBouncyCastleCrypto();
- this.awsSecurityTokenService = AWSSecurityTokenServiceClient.builder().withClientConfiguration(new ClientConfiguration()).build();
- this.dynamoDB = new DynamoDB(amazonDynamoDBClient);
+ this.stsClient = StsClient.builder().overrideConfiguration(ClientOverrideConfiguration.builder().build()).build();
}
- protected JCredStash(AWSCredentialsProvider awsCredentialsProvider) {
- this.amazonDynamoDBClient = AmazonDynamoDBClientBuilder.standard()
- .withCredentials(awsCredentialsProvider)
+ protected JCredStash(AwsCredentialsProvider awsCredentialsProvider) {
+ this.dynamoDbClient = DynamoDbClient.builder()
+ .credentialsProvider(awsCredentialsProvider)
.build();
- this.awskmsClient = AWSKMSClientBuilder.standard()
- .withCredentials(awsCredentialsProvider)
+ this.kmsClient = KmsClient.builder()
+ .credentialsProvider(awsCredentialsProvider)
.build();
this.cryptoImpl = new CredStashBouncyCastleCrypto();
- this.awsSecurityTokenService = AWSSecurityTokenServiceClient.builder().withClientConfiguration(new ClientConfiguration()).build();
- this.dynamoDB = new DynamoDB(amazonDynamoDBClient);
+ this.stsClient = StsClient.builder().overrideConfiguration(ClientOverrideConfiguration.builder().build()).build();
}
- protected JCredStash(AmazonDynamoDB amazonDynamoDBClient, AWSKMS awskmsClient) {
- this.amazonDynamoDBClient = amazonDynamoDBClient;
- this.awskmsClient = awskmsClient;
+ protected JCredStash(DynamoDbClient amazonDynamoDBClient, KmsClient awskmsClient) {
+ this.dynamoDbClient = amazonDynamoDBClient;
+ this.kmsClient = awskmsClient;
this.cryptoImpl = new CredStashBouncyCastleCrypto();
- this.awsSecurityTokenService = AWSSecurityTokenServiceClient.builder().withClientConfiguration(new ClientConfiguration()).build();
- this.dynamoDB = new DynamoDB(amazonDynamoDBClient);
+ this.stsClient = StsClient.builder().overrideConfiguration(ClientOverrideConfiguration.builder().build()).build();
}
- protected JCredStash(AmazonDynamoDB amazonDynamoDBClient, AWSKMS awskmsClient, AWSSecurityTokenService awsSecurityTokenService) {
- this.amazonDynamoDBClient = amazonDynamoDBClient;
- this.awskmsClient = awskmsClient;
+ protected JCredStash(DynamoDbClient dynamoDbClient, KmsClient kmsClient, StsClient stsClient) {
+ this.dynamoDbClient = dynamoDbClient;
+ this.kmsClient = kmsClient;
this.cryptoImpl = new CredStashBouncyCastleCrypto();
- this.awsSecurityTokenService = awsSecurityTokenService;
- this.dynamoDB = new DynamoDB(amazonDynamoDBClient);
+ this.stsClient = stsClient;
}
protected Map readDynamoItem(String tableName, String secret) {
// TODO: allow multiple secrets to be fetched by pattern or list
// TODO: allow specific version to be fetched
- QueryResult queryResult = amazonDynamoDBClient.query(new QueryRequest(tableName)
- .withLimit(1)
- .withScanIndexForward(false)
- .withConsistentRead(true)
- .addKeyConditionsEntry("name", new Condition()
- .withComparisonOperator(ComparisonOperator.EQ)
- .withAttributeValueList(new AttributeValue(secret)))
+ Map keyConditions = new HashMap<>();
+ keyConditions.put("name", Condition.builder()
+ .attributeValueList(
+ AttributeValue.builder().s(secret).build()
+ )
+ .comparisonOperator(ComparisonOperator.EQ)
+ .build());
+ keyConditions.put("version", Condition.builder()
+ .attributeValueList(
+ AttributeValue.builder().s("0").build()
+ )
+ .comparisonOperator(ComparisonOperator.BEGINS_WITH)
+ .build());
+ QueryResponse queryResponse = dynamoDbClient.query(QueryRequest.builder()
+ .tableName(tableName)
+ .limit(1)
+ .scanIndexForward(false)
+ .consistentRead(true)
+ .keyConditions(keyConditions)
+ .build()
);
- if(queryResult.getCount() == 0) {
+ if(queryResponse.count() == 0) {
throw new RuntimeException("Secret " + secret + " could not be found");
}
- Map item = queryResult.getItems().get(0);
+ Map item = queryResponse.items().get(0);
return item;
}
- protected QueryResult getCredentials(String tableName, String secret) {
- QueryRequest queryRequest = new QueryRequest(tableName)
- .withScanIndexForward(false)
- .withConsistentRead(true)
- .addKeyConditionsEntry("name", new Condition()
- .withComparisonOperator(ComparisonOperator.EQ)
- .withAttributeValueList(new AttributeValue(secret)));
+ protected QueryResponse getCredentials(String tableName, String secret) {
+ Map keyConditions = new HashMap<>();
+ keyConditions.put("name", Condition.builder()
+ .attributeValueList(
+ AttributeValue.builder().s(secret).build()
+ )
+ .comparisonOperator(ComparisonOperator.EQ)
+ .build());
+ keyConditions.put("version", Condition.builder()
+ .attributeValueList(
+ AttributeValue.builder().s("0").build()
+ )
+ .comparisonOperator(ComparisonOperator.BEGINS_WITH)
+ .build());
+ QueryRequest queryRequest = QueryRequest.builder()
+ .tableName(tableName)
+ .scanIndexForward(false)
+ .consistentRead(true)
+ .keyConditions(keyConditions)
+ .build();
- QueryResult queryResult = amazonDynamoDBClient.query(queryRequest);
+ QueryResponse queryResponse = dynamoDbClient.query(queryRequest);
- if(queryResult.getCount() == 0) {
+ if(queryResponse.count() == 0) {
throw new RuntimeException("Secret " + secret + " could not be found");
}
- return queryResult;
+ return queryResponse;
}
protected String getUpdatedBy() throws Exception {
try {
- return awsSecurityTokenService.getCallerIdentity(new GetCallerIdentityRequest()).getArn();
+ return stsClient.getCallerIdentity(GetCallerIdentityRequest.builder().build()).arn();
} catch(Exception e){
throw new RuntimeException("Error getting user");
}
@@ -138,37 +148,33 @@ protected String getUpdatedBy() throws Exception {
private ByteBuffer decryptKeyWithKMS(byte[] encryptedKeyBytes, Map context) {
ByteBuffer blob = ByteBuffer.wrap(encryptedKeyBytes);
- DecryptResult decryptResult = awskmsClient.decrypt(new DecryptRequest().withCiphertextBlob(blob).withEncryptionContext(context));
+ DecryptResponse decryptResponse = kmsClient.decrypt(DecryptRequest.builder().ciphertextBlob(SdkBytes.fromByteBuffer(blob)).encryptionContext(context).build());
- return decryptResult.getPlaintext();
+ return decryptResponse.plaintext().asByteBuffer();
}
protected int getHighestVersion(String name, String tableName) {
+ HashMap attributeName = new HashMap();
+ HashMap attributeValue = new HashMap();
+ attributeName.put("#n", "name");
+ attributeValue.put(":v_name", AttributeValue.builder().s(name).build());
+ QueryRequest spec = QueryRequest.builder()
+ .tableName(tableName)
+ .scanIndexForward(false)
+ .consistentRead(true)
+ .keyConditionExpression("#n = :v_name")
+ .expressionAttributeValues(attributeValue)
+ .expressionAttributeNames(attributeName)
+ .projectionExpression("version")
+ .build();
- DynamoDB dynamoDB = new DynamoDB(amazonDynamoDBClient);
- Table table = dynamoDB.getTable(tableName);
-
- QuerySpec spec = new QuerySpec()
- .withScanIndexForward(false)
- .withConsistentRead(true)
- .withKeyConditionExpression("#n = :v_name")
- .withValueMap(new ValueMap()
- .withString(":v_name", name)
- )
- .withNameMap(new NameMap()
- .with("#n", "name")
- )
- .withProjectionExpression("version");
-
- ItemCollection items = table.query(spec);
+ List> items = dynamoDbClient.query(spec).items();
- Integer maxVersion = 0;
- Iterator- iter = items.iterator();
- while (iter.hasNext()) {
- Item next = iter.next();
- Integer version = new Integer((String) next.get("version"));
- if (version.compareTo(maxVersion) > 0) {
- maxVersion = version.intValue();
+ int maxVersion = 0;
+ for(Map item : items) {
+ int version = Integer.parseInt(item.get("version").s());
+ if(version > maxVersion) {
+ maxVersion = version;
}
}
return maxVersion;
@@ -219,12 +225,13 @@ protected String decrypt(EncryptedCredential encryptedCredential, Map context){
// generate a 64 byte key with KMS
// half for data encryption, other half for HMAC
- GenerateDataKeyRequest dataKeyRequest = new GenerateDataKeyRequest()
- .withKeyId(kmsKey)
- .withEncryptionContext(context)
- .withNumberOfBytes(64);
- GenerateDataKeyResult dataKeyResult = awskmsClient.generateDataKey(dataKeyRequest);
- byte[] resultArray = dataKeyResult.getPlaintext().array();
+ GenerateDataKeyRequest dataKeyRequest = GenerateDataKeyRequest.builder()
+ .keyId(kmsKey)
+ .encryptionContext(context)
+ .numberOfBytes(64)
+ .build();
+ GenerateDataKeyResponse dataKeyResponse = kmsClient.generateDataKey(dataKeyRequest);
+ byte[] resultArray = dataKeyResponse.plaintext().asByteArray();
byte[] dataKey = Arrays.copyOfRange(resultArray, 0, 32);
byte[] hmacKey = Arrays.copyOfRange(resultArray, 32, resultArray.length);
@@ -234,7 +241,7 @@ protected EncryptedCredential encrypt(String name, String credential, String ver
CredStashBouncyCastleCrypto crypto = new CredStashBouncyCastleCrypto();
byte[] encryptedContents = crypto.encrypt(dataKey, credential.getBytes());
byte[] hmac = crypto.digest(hmacKey, encryptedContents);
- byte[] wrappedKey = dataKeyResult.getCiphertextBlob().array();
+ byte[] wrappedKey = dataKeyResponse.ciphertextBlob().asByteArray();
// format the hmac digest as a string containing only hexadecimal digits
// see:
@@ -314,10 +321,13 @@ protected void putSecret(String tableName, String secretName, String contents, S
HashMap cond = new HashMap<>();
cond.put("#n", "name");
- PutItemRequest request = new PutItemRequest(tableName, data)
- .withConditionExpression("attribute_not_exists(#n)")
- .withExpressionAttributeNames(cond);
- amazonDynamoDBClient.putItem(request);
+ PutItemRequest request = PutItemRequest.builder()
+ .tableName(tableName)
+ .item(data)
+ .conditionExpression("attribute_not_exists(#n)")
+ .expressionAttributeNames(cond)
+ .build();
+ dynamoDbClient.putItem(request);
}
protected void putMetadata(String tableName, String secretName, String version, String sourceType,
@@ -343,22 +353,29 @@ protected void putMetadata(String tableName, String secretName, String version,
HashMap cond = new HashMap<>();
cond.put("#n", "name");
- PutItemRequest request = new PutItemRequest(tableName, data)
- .withConditionExpression("attribute_not_exists(#n)")
- .withExpressionAttributeNames(cond);
- amazonDynamoDBClient.putItem(request);
+ PutItemRequest request = PutItemRequest.builder()
+ .tableName(tableName)
+ .item(data)
+ .conditionExpression("attribute_not_exists(#n)")
+ .expressionAttributeNames(cond)
+ .build();
+ dynamoDbClient.putItem(request);
}
protected void deleteSecret(String tableName, String secretName) throws InterruptedException {
- QueryResult queryResult = getCredentials(tableName, secretName);
-
- TableWriteItems itemsToDelete = new TableWriteItems(tableName);
- for ( Map item :queryResult.getItems()) {
- itemsToDelete.addHashAndRangePrimaryKeyToDelete(
- "name", item.get("name").getS(),
- "version", item.get("version").getS());
+ QueryResponse queryResponse = getCredentials(tableName, secretName);
+ Map> writeRequestMap = new HashMap<>();
+ List writeRequests = new ArrayList<>();
+ for (Map item : queryResponse.items()) {
+ Map preppedItemMap = filterItemMapForDeletion(item);
+ WriteRequest writeRequest = WriteRequest.builder()
+ .deleteRequest(DeleteRequest.builder().key(preppedItemMap).build()
+ ).build();
+ writeRequests.add(writeRequest);
}
+ writeRequestMap.put(tableName, writeRequests);
+ BatchWriteItemRequest batchWriteItemRequest = BatchWriteItemRequest.builder().requestItems(writeRequestMap).build();
Map> unprocessed = null ;
int attempts = 0;
@@ -368,18 +385,19 @@ protected void deleteSecret(String tableName, String secretName) throws Interrup
Thread.sleep((1 << attempts) * 1000);
}
attempts++;
- BatchWriteItemOutcome outcome;
- if (unprocessed == null || unprocessed.size() > 0) {
- // handle initial request
- outcome = dynamoDB.batchWriteItem(itemsToDelete);
- } else {
- // handle unprocessed items
- outcome = dynamoDB.batchWriteItemUnprocessed(unprocessed);
- }
- unprocessed = outcome.getUnprocessedItems();
+ BatchWriteItemResponse batchWriteItemResponse = dynamoDbClient.batchWriteItem(batchWriteItemRequest);
+ unprocessed = batchWriteItemResponse.unprocessedItems();
+ batchWriteItemRequest = BatchWriteItemRequest.builder().requestItems(unprocessed).build();
} while (unprocessed.size() > 0 && attempts < 6);
if(unprocessed.size() > 0)
throw new RuntimeException("Error deleting secret " + secretName + " with " + unprocessed.size() + " versions not deleted");
}
+
+ private Map filterItemMapForDeletion(Map items) {
+ HashMap populatedItem = new HashMap<>();
+ populatedItem.put("name", items.get("name"));
+ populatedItem.put("version", items.get("version"));
+ return populatedItem;
+ }
}
diff --git a/fidelius-sdk/src/main/java/org/finra/fidelius/MetadataModelMapper.java b/fidelius-sdk/src/main/java/org/finra/fidelius/MetadataModelMapper.java
index 8b723d3..60af831 100644
--- a/fidelius-sdk/src/main/java/org/finra/fidelius/MetadataModelMapper.java
+++ b/fidelius-sdk/src/main/java/org/finra/fidelius/MetadataModelMapper.java
@@ -17,7 +17,7 @@
package org.finra.fidelius;
-import com.amazonaws.services.dynamodbv2.model.AttributeValue;
+import software.amazon.awssdk.services.dynamodb.model.AttributeValue;
import java.util.HashMap;
import java.util.Map;
@@ -31,27 +31,27 @@ private enum DynamoAttributes{
public static Map toDynamo(MetadataParameters metadataParameters){
HashMap dynamoRow = new HashMap<>();
- dynamoRow.put(DynamoAttributes.name.name(), new AttributeValue(metadataParameters.getFullName()));
- dynamoRow.put(DynamoAttributes.version.name(), new AttributeValue(metadataParameters.getVersion()));
- dynamoRow.put(DynamoAttributes.sourceType.name(), new AttributeValue(metadataParameters.getSourceType()));
- dynamoRow.put(DynamoAttributes.source.name(), new AttributeValue(metadataParameters.getSource()));
+ dynamoRow.put(DynamoAttributes.name.name(), AttributeValue.builder().s(metadataParameters.getFullName()).build());
+ dynamoRow.put(DynamoAttributes.version.name(), AttributeValue.builder().s(metadataParameters.getVersion()).build());
+ dynamoRow.put(DynamoAttributes.sourceType.name(), AttributeValue.builder().s(metadataParameters.getSourceType()).build());
+ dynamoRow.put(DynamoAttributes.source.name(), AttributeValue.builder().s(metadataParameters.getSource()).build());
if(metadataParameters.getUpdateBy()!=null)
- dynamoRow.put(DynamoAttributes.updatedBy.name(), new AttributeValue(metadataParameters.getUpdateBy()));
+ dynamoRow.put(DynamoAttributes.updatedBy.name(), AttributeValue.builder().s(metadataParameters.getUpdateBy()).build());
if(metadataParameters.getUpdateOn()!=null)
- dynamoRow.put(DynamoAttributes.updatedOn.name(), new AttributeValue(metadataParameters.getUpdateOn()));
+ dynamoRow.put(DynamoAttributes.updatedOn.name(), AttributeValue.builder().s(metadataParameters.getUpdateOn()).build());
if(metadataParameters.getSdlc()!=null)
- dynamoRow.put(DynamoAttributes.sdlc.name(), new AttributeValue(metadataParameters.getSdlc()));
+ dynamoRow.put(DynamoAttributes.sdlc.name(), AttributeValue.builder().s(metadataParameters.getSdlc()).build());
if(metadataParameters.getComponent()!= null)
- dynamoRow.put(DynamoAttributes.component.name(), new AttributeValue(metadataParameters.getComponent()));
+ dynamoRow.put(DynamoAttributes.component.name(), AttributeValue.builder().s(metadataParameters.getComponent()).build());
return dynamoRow;
}
- public static MetadataParameters fromDynamo(Map dynamoCred){
+ public static MetadataParameters fromDynamo(Map dynamoCred){
return new MetadataParameters()
.setFullName(getAttributeValue(DynamoAttributes.name.name(), dynamoCred))
.setVersion(getAttributeValue(DynamoAttributes.version.name(),dynamoCred))
@@ -66,7 +66,7 @@ public static MetadataParameters fromDynamo(Map dynamoCre
private static String getAttributeValue(String name, Map dynamoCred){
AttributeValue attributeValue = dynamoCred.get(name);
if(attributeValue!=null){
- return attributeValue.getS();
+ return attributeValue.s();
}
return null;
}
diff --git a/fidelius-sdk/src/test/java/org/finra/fidelius/FideliusClientTests.java b/fidelius-sdk/src/test/java/org/finra/fidelius/FideliusClientTests.java
index 55564d9..80c7631 100644
--- a/fidelius-sdk/src/test/java/org/finra/fidelius/FideliusClientTests.java
+++ b/fidelius-sdk/src/test/java/org/finra/fidelius/FideliusClientTests.java
@@ -18,10 +18,8 @@
package org.finra.fidelius;
-import com.amazonaws.ClientConfiguration;
-import com.amazonaws.services.securitytoken.AWSSecurityTokenService;
-import com.amazonaws.services.securitytoken.model.GetCallerIdentityRequest;
import org.junit.Assert;
+import org.junit.Ignore;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.powermock.api.mockito.PowerMockito;
@@ -30,6 +28,10 @@
import org.powermock.modules.junit4.PowerMockRunner;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration;
+import software.amazon.awssdk.http.SdkHttpClient;
+import software.amazon.awssdk.services.sts.StsClient;
+import software.amazon.awssdk.services.sts.model.GetCallerIdentityRequest;
import java.util.HashMap;
@@ -389,65 +391,6 @@ public void testNoTagsNoEnvNoParms() throws Exception {
doThrow(new Exception("Application or SDLC not specified and cannot be retrieved from tags or environment.")).when(fideliusClient).putCredential("somecred","somepwd",null,null,null,"sometable","somekey");
- }
-
- @Test
- public void testProxyConfig() throws Exception {
-
- JCredStash jCredStashMock = mock(JCredStash.class);
-
- HashMap envMap = new HashMap();
- envMap.put("CRED_PROXY","someproxy");
- envMap.put("CRED_PORT","1000");
-
- EnvConfig envConfigMock = spy(new EnvConfig());
- when(envConfigMock.getEnvVars()).thenReturn(envMap);
- PowerMockito.whenNew(EnvConfig.class).withNoArguments().thenReturn(envConfigMock);
-
-
- ClientConfiguration clientConfigurationMock = spy(new ClientConfiguration());
- PowerMockito.whenNew(ClientConfiguration.class).withAnyArguments().thenReturn(clientConfigurationMock);
-
-
- FideliusClient jCredStashFx = spy(new FideliusClient());
-
- jCredStashFx.jCredStash = jCredStashMock;
-
- Assert.assertEquals(clientConfigurationMock.getProxyHost(), "someproxy");
- Assert.assertEquals(clientConfigurationMock.getProxyPort(), 1000);
-
-
-
- }
-
- @Test
- public void testNoProxyConfig() throws Exception {
-
- JCredStash jCredStashMock = mock(JCredStash.class);
-
- HashMap envMap = new HashMap();
-
- EnvConfig envConfigMock = spy(new EnvConfig());
- when(envConfigMock.getEnvVars()).thenReturn(envMap);
- PowerMockito.whenNew(EnvConfig.class).withNoArguments().thenReturn(envConfigMock);
-
-
- ClientConfiguration clientConfigurationMock = spy(new ClientConfiguration());
- PowerMockito.whenNew(ClientConfiguration.class).withAnyArguments().thenReturn(clientConfigurationMock);
-
-
- FideliusClient fideliusClient = spy(new FideliusClient());
-
- fideliusClient.jCredStash = jCredStashMock;
-
- Assert.assertEquals(clientConfigurationMock.getProxyHost(), null);
- Assert.assertEquals(clientConfigurationMock.getProxyPort(), -1);
-
- Assert.assertEquals(envConfigMock.getProxy(),null);
- Assert.assertEquals(envConfigMock.getPort(),null);
- Assert.assertFalse(envConfigMock.hasProxyEnv());
-
-
}
@Test(expected = RuntimeException.class)
@@ -612,12 +555,12 @@ public void usernameGetsLoggedOnGetCredentialWithoutUserNamePassed() throws Exce
public void errorWhenFailToGetUserOnGetCredential() throws Exception {
JCredStash jCredStashMock = spy(JCredStash.class);
FideliusClient fideliusClient = spy(FideliusClient.class);
- AWSSecurityTokenService awsSecurityTokenService = spy(AWSSecurityTokenService.class);
+ StsClient awsSecurityTokenService = spy(StsClient.class);
- doThrow(new RuntimeException("AWS Cannot get Identity Error")).when(awsSecurityTokenService).getCallerIdentity(new GetCallerIdentityRequest());
+ doThrow(new RuntimeException("AWS Cannot get Identity Error")).when(awsSecurityTokenService).getCallerIdentity(any(GetCallerIdentityRequest.class));
fideliusClient.jCredStash = jCredStashMock;
- fideliusClient.awsSecurityTokenService = awsSecurityTokenService;
+ fideliusClient.stsClient = awsSecurityTokenService;
String result = fideliusClient.getCredential("secret", "app", "dev", "component", "table");
@@ -630,7 +573,7 @@ public void errorWhenFailToGetUserOnGetCredential() throws Exception {
public void errorWhenFailToGetUserOnPutCredential() throws Exception {
JCredStash jCredStashMock = spy(JCredStash.class);
FideliusClient fideliusClient = spy(FideliusClient.class);
- AWSSecurityTokenService awsSecurityTokenService = spy(AWSSecurityTokenService.class);
+ StsClient awsSecurityTokenService = spy(StsClient.class);
HashMap context = new HashMap();
context.put("Application", "APP");
context.put("SDLC", "dev");
@@ -639,10 +582,10 @@ public void errorWhenFailToGetUserOnPutCredential() throws Exception {
doNothing().when(jCredStashMock).putSecret(anyString(), anyString(), anyString(), anyString(), anyString(), anyString(), anyMapOf(String.class, String.class));
doReturn(0).when(jCredStashMock).getHighestVersion(anyString(), anyString());
- doThrow(new RuntimeException("AWS Cannot get Identity Error")).when(awsSecurityTokenService).getCallerIdentity(new GetCallerIdentityRequest());
+ doThrow(new RuntimeException("AWS Cannot get Identity Error")).when(awsSecurityTokenService).getCallerIdentity(any(GetCallerIdentityRequest.class));
fideliusClient.jCredStash = jCredStashMock;
- fideliusClient.awsSecurityTokenService = awsSecurityTokenService;
+ fideliusClient.stsClient = awsSecurityTokenService;
fideliusClient.putCredential("somecred","somepwd","someapp","somesdlc",null,"sometable", null, "somekey");
}
@@ -653,13 +596,13 @@ public void errorWhenFailToGetUserOnPutCredential() throws Exception {
public void errorWhenFailToGetUserOnDeleteCredential() throws Exception {
JCredStash jCredStashMock = spy(JCredStash.class);
FideliusClient fideliusClient = spy(FideliusClient.class);
- AWSSecurityTokenService awsSecurityTokenService = spy(AWSSecurityTokenService.class);
+ StsClient awsSecurityTokenService = spy(StsClient.class);
- doThrow(new RuntimeException("AWS Cannot get Identity Error")).when(awsSecurityTokenService).getCallerIdentity(new GetCallerIdentityRequest());
+ doThrow(new RuntimeException("AWS Cannot get Identity Error")).when(awsSecurityTokenService).getCallerIdentity(any(GetCallerIdentityRequest.class));
doNothing().when(jCredStashMock).deleteSecret(anyString(), anyString());
fideliusClient.jCredStash = jCredStashMock;
- fideliusClient.awsSecurityTokenService = awsSecurityTokenService;
+ fideliusClient.stsClient = awsSecurityTokenService;
fideliusClient.deleteCredential("secret", "app", "dev", "component", "table", null);
}
diff --git a/fidelius-sdk/src/test/java/org/finra/fidelius/JCredStashTest.java b/fidelius-sdk/src/test/java/org/finra/fidelius/JCredStashTest.java
index b22105a..4a860e4 100644
--- a/fidelius-sdk/src/test/java/org/finra/fidelius/JCredStashTest.java
+++ b/fidelius-sdk/src/test/java/org/finra/fidelius/JCredStashTest.java
@@ -17,20 +17,17 @@
package org.finra.fidelius;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient;
-import com.amazonaws.services.dynamodbv2.document.BatchWriteItemOutcome;
-import com.amazonaws.services.dynamodbv2.document.DynamoDB;
-import com.amazonaws.services.dynamodbv2.document.TableWriteItems;
-import com.amazonaws.services.dynamodbv2.model.*;
-import com.amazonaws.services.securitytoken.AWSSecurityTokenService;
-import com.amazonaws.services.securitytoken.model.GetCallerIdentityResult;
import org.junit.Test;
import org.junit.runner.RunWith;
-import org.mockito.Mockito;
import org.powermock.api.mockito.PowerMockito;
import org.powermock.core.classloader.annotations.PowerMockIgnore;
import org.powermock.core.classloader.annotations.PrepareForTest;
import org.powermock.modules.junit4.PowerMockRunner;
+import software.amazon.awssdk.services.dynamodb.DynamoDbClient;
+import software.amazon.awssdk.services.dynamodb.model.*;
+import software.amazon.awssdk.services.sts.StsClient;
+import software.amazon.awssdk.services.sts.model.GetCallerIdentityRequest;
+import software.amazon.awssdk.services.sts.model.GetCallerIdentityResponse;
import java.util.*;
@@ -41,25 +38,26 @@
@PowerMockIgnore( {"javax.management.*","javax.net.ssl.*"})
public class JCredStashTest {
- private QueryResult getMockQueryResult(int numberOfResults){
+ private QueryResponse getMockQueryResult(int numberOfResults){
- Collection> collection = new ArrayList<>();
+ Collection> collection = new ArrayList<>();
for (int i = 0; i < numberOfResults; i++) {
Map map = new HashMap<>();
- map.put("updatedBy", new AttributeValue("arn:aws:sts::123456789876:assumed-role/private_aws_application_dev/L25000"));
- map.put("contents", new AttributeValue("BvmeuWljKK9oMFDSTKHW10HWyw=="));
- map.put("hmac", new AttributeValue("6416846cd12b6c45305fc3202092af143378809bf2c5378ab0a12a24d68ac19d=="));
- map.put("name", new AttributeValue("APP.dev.loadtesting3913=="));
- map.put("version", new AttributeValue("000000000000000000" + (i+1)));
- map.put("key", new AttributeValue("AQEBAHiR3vsV8dujB9GydJpKBtZhC3nKVikt90I4dcYRRv5e3wAAAKIwgZ8GCSqGSIb3DQEHBqCBkTCBjgIBADCBiAYJKoZIhvcNAQcBMB4GCWCGSAFlAwQBLjARBAw7QrBVksiA"));
+ map.put("updatedBy", AttributeValue.builder().s("arn:aws:sts::123456789876:assumed-role/private_aws_application_dev/L25000").build());
+ map.put("contents", AttributeValue.builder().s("BvmeuWljKK9oMFDSTKHW10HWyw==").build());
+ map.put("hmac", AttributeValue.builder().s("6416846cd12b6c45305fc3202092af143378809bf2c5378ab0a12a24d68ac19d==").build());
+ map.put("name", AttributeValue.builder().s("APP.dev.loadtesting3913==").build());
+ map.put("version", AttributeValue.builder().s("000000000000000000" + (i+1)).build());
+ map.put("key", AttributeValue.builder().s("AQEBAHiR3vsV8dujB9GydJpKBtZhC3nKVikt90I4dcYRRv5e3wAAAKIwgZ8GCSqGSIb3DQEHBqCBkTCBjgIBADCBiAYJKoZIhvcNAQcBMB4GCWCGSAFlAwQBLjARBAw7QrBVksiA").build());
collection.add(map);
}
- QueryResult queryResult = new QueryResult();
- queryResult.setItems(collection);
- queryResult.setCount(numberOfResults);
- queryResult.setScannedCount(numberOfResults);
+ QueryResponse queryResult = QueryResponse.builder()
+ .items(collection)
+ .count(numberOfResults)
+ .scannedCount(numberOfResults)
+ .build();
return queryResult;
}
@@ -67,81 +65,75 @@ private QueryResult getMockQueryResult(int numberOfResults){
@Test
public void testDeletingCredentialWith2Versions() throws Exception {
- QueryResult queryResult = getMockQueryResult(2);
- AmazonDynamoDBClient amazonDynamoDBClient = spy(AmazonDynamoDBClient.class);
- DynamoDB dynamoDB = mock(DynamoDB.class);
+ QueryResponse queryResult = getMockQueryResult(2);
+ DynamoDbClient amazonDynamoDBClient = spy(DynamoDbClient.class);
+ DynamoDbClient dynamoDB = mock(DynamoDbClient.class);
JCredStash jCredStash = new JCredStash();
- BatchWriteItemResult result = new BatchWriteItemResult().withUnprocessedItems(new HashMap<>());
- BatchWriteItemOutcome outcome = new BatchWriteItemOutcome(result);
+ BatchWriteItemResponse result = BatchWriteItemResponse.builder().unprocessedItems(new HashMap<>()).build();
- jCredStash.amazonDynamoDBClient = amazonDynamoDBClient;
- jCredStash.dynamoDB = dynamoDB;
+ jCredStash.dynamoDbClient = amazonDynamoDBClient;
- doReturn(queryResult).when(amazonDynamoDBClient).query(anyObject());
- doReturn(outcome).when(dynamoDB).batchWriteItem(any(TableWriteItems.class));
+ doReturn(queryResult).when(amazonDynamoDBClient).query(any(QueryRequest.class));
+ doReturn(result).when(amazonDynamoDBClient).batchWriteItem(any(BatchWriteItemRequest.class));
jCredStash.deleteSecret("test", "secret");
- verify(dynamoDB,times(1)).batchWriteItem(any(TableWriteItems.class));
+ verify(dynamoDB,times(1)).batchWriteItem(any(BatchWriteItemRequest.class));
}
@Test
public void testDeletingCredentialWith1Versions() throws Exception {
- QueryResult queryResult = getMockQueryResult(1);
- AmazonDynamoDBClient amazonDynamoDBClient = spy(AmazonDynamoDBClient.class);
- DynamoDB dynamoDB = mock(DynamoDB.class);
+ QueryResponse queryResult = getMockQueryResult(1);
+ DynamoDbClient amazonDynamoDBClient = spy(DynamoDbClient.class);
+ DynamoDbClient dynamoDB = mock(DynamoDbClient.class);
JCredStash jCredStash = new JCredStash();
- BatchWriteItemResult result = new BatchWriteItemResult().withUnprocessedItems(new HashMap<>());
- BatchWriteItemOutcome outcome = new BatchWriteItemOutcome(result);
+ BatchWriteItemResponse result = BatchWriteItemResponse.builder().unprocessedItems(new HashMap<>()).build();
- jCredStash.amazonDynamoDBClient = amazonDynamoDBClient;
- jCredStash.dynamoDB = dynamoDB;
+ jCredStash.dynamoDbClient = amazonDynamoDBClient;
- doReturn(queryResult).when(amazonDynamoDBClient).query(anyObject());
- doReturn(outcome).when(dynamoDB).batchWriteItem(any(TableWriteItems.class));
+ doReturn(queryResult).when(amazonDynamoDBClient).query(any(QueryRequest.class));
+ doReturn(result).when(amazonDynamoDBClient).batchWriteItem(any(BatchWriteItemRequest.class));
jCredStash.deleteSecret("test", "secret");
- verify(dynamoDB,times(1)).batchWriteItem(any(TableWriteItems.class));
+ verify(dynamoDB,times(1)).batchWriteItem(any(BatchWriteItemRequest.class));
}
@Test(expected = RuntimeException.class)
public void testDeletingCredentialFailed() throws Exception, InterruptedException {
- QueryResult queryResult = getMockQueryResult(1);
- AmazonDynamoDBClient amazonDynamoDBClient = spy(AmazonDynamoDBClient.class);
- DynamoDB dynamoDB = mock(DynamoDB.class);
+ QueryResponse queryResult = getMockQueryResult(1);
+ DynamoDbClient amazonDynamoDBClient = spy(DynamoDbClient.class);
+ DynamoDbClient dynamoDB = mock(DynamoDbClient.class);
JCredStash jCredStash = new JCredStash();
//Add unprocessed item
HashMap> unprocessedItem = new HashMap<>();
unprocessedItem.put("secret", new ArrayList<>());
- BatchWriteItemResult result = new BatchWriteItemResult().withUnprocessedItems(unprocessedItem);
- BatchWriteItemOutcome outcome = new BatchWriteItemOutcome(result);
+ BatchWriteItemResponse result = BatchWriteItemResponse.builder().unprocessedItems(unprocessedItem).build();
- jCredStash.amazonDynamoDBClient = amazonDynamoDBClient;
- jCredStash.dynamoDB = dynamoDB;
+ jCredStash.dynamoDbClient = amazonDynamoDBClient;
PowerMockito.mockStatic(Thread.class);
- doReturn(queryResult).when(amazonDynamoDBClient).query(anyObject());
- doReturn(outcome).when(dynamoDB).batchWriteItem(any(TableWriteItems.class));
+ doReturn(queryResult).when(amazonDynamoDBClient).query(any(QueryRequest.class));
+ doReturn(result).when(dynamoDB).batchWriteItem(any(BatchWriteItemRequest.class));
jCredStash.deleteSecret("test", "secret");
- verify(dynamoDB,times(1)).batchWriteItem(any(TableWriteItems.class));
+ verify(dynamoDB,times(1)).batchWriteItem(any(BatchWriteItemRequest.class));
}
@Test(expected = RuntimeException.class)
public void testDeletingCredentialNotFound() throws Exception {
- QueryResult queryResult = getMockQueryResult(0);
- AmazonDynamoDBClient amazonDynamoDBClient = spy(AmazonDynamoDBClient.class);
+ QueryResponse queryResult = getMockQueryResult(0);
+ DynamoDbClient amazonDynamoDBClient = spy(DynamoDbClient.class);
JCredStash jCredStash = new JCredStash();
- jCredStash.amazonDynamoDBClient = amazonDynamoDBClient;
+ jCredStash.dynamoDbClient = amazonDynamoDBClient;
- doReturn(queryResult).when(amazonDynamoDBClient).query(anyObject());
- doReturn(new DeleteItemResult()).when(amazonDynamoDBClient).deleteItem(anyObject());
+ doReturn(queryResult).when(amazonDynamoDBClient).query(any(QueryRequest.class));
+ doReturn(DeleteItemResponse.builder().build()).when(amazonDynamoDBClient).deleteItem(any(DeleteItemRequest.class));
jCredStash.deleteSecret("test", "secret");
}
@@ -150,12 +142,13 @@ public void testDeletingCredentialNotFound() throws Exception {
public void getUpdatedByShouldReturnCurrentIAMUser() throws Exception{
JCredStash jCredStash = new JCredStash();
- AWSSecurityTokenService awsSecurityTokenService = spy(AWSSecurityTokenService.class);
- GetCallerIdentityResult callerIdentityResult = new GetCallerIdentityResult();
- callerIdentityResult.setArn("arn:aws:sts::123456789876:assumed-role/private_aws_application_dev/L25000");
- jCredStash.awsSecurityTokenService = awsSecurityTokenService;
+ StsClient awsSecurityTokenService = spy(StsClient.class);
+ GetCallerIdentityResponse callerIdentityResult = GetCallerIdentityResponse.builder()
+ .arn("arn:aws:sts::123456789876:assumed-role/private_aws_application_dev/L25000")
+ .build();
+ jCredStash.stsClient = awsSecurityTokenService;
- doReturn(callerIdentityResult).when(awsSecurityTokenService).getCallerIdentity(anyObject());
+ doReturn(callerIdentityResult).when(awsSecurityTokenService).getCallerIdentity(any(GetCallerIdentityRequest.class));
String user = jCredStash.getUpdatedBy();
@@ -166,11 +159,12 @@ public void getUpdatedByShouldReturnCurrentIAMUser() throws Exception{
public void returnErrorGettingUser() throws Exception{
JCredStash jCredStash = new JCredStash();
- AWSSecurityTokenService awsSecurityTokenService = spy(AWSSecurityTokenService.class);
- GetCallerIdentityResult callerIdentityResult = new GetCallerIdentityResult();
- callerIdentityResult.setArn("arn:aws:sts::123456789876:assumed-role/private_aws_application_dev/L25000");
+ StsClient awsSecurityTokenService = spy(StsClient.class);
+ GetCallerIdentityResponse callerIdentityResult = GetCallerIdentityResponse.builder()
+ .arn("arn:aws:sts::123456789876:assumed-role/private_aws_application_dev/L25000")
+ .build();
- doReturn(callerIdentityResult).when(awsSecurityTokenService).getCallerIdentity(anyObject());
+ doReturn(callerIdentityResult).when(awsSecurityTokenService).getCallerIdentity(any(GetCallerIdentityRequest.class));
String user = jCredStash.getUpdatedBy();
diff --git a/fidelius-service/pom.xml b/fidelius-service/pom.xml
index 6a2e039..f26b6d4 100644
--- a/fidelius-service/pom.xml
+++ b/fidelius-service/pom.xml
@@ -40,12 +40,24 @@
1.7.12
2.0.1
1.0.6.RELEASE
- 1.11.767
+ 2.16.60
4.0.3.RELEASE
1.9.2
1.15
+
+
+
+ software.amazon.awssdk
+ bom
+ ${aws.sdk.version}
+ pom
+ import
+
+
+
+
@@ -105,21 +117,28 @@
- com.amazonaws
- aws-java-sdk-core
- ${aws.sdk.version}
+ software.amazon.awssdk
+ auth
+
+
+
+ software.amazon.awssdk
+ dynamodb
+
+
+
+ software.amazon.awssdk
+ kms
- com.amazonaws
- aws-java-sdk
- ${aws.sdk.version}
+ software.amazon.awssdk
+ rds
- com.amazonaws
- aws-java-sdk-sts
- ${aws.sdk.version}
+ software.amazon.awssdk
+ sts
diff --git a/fidelius-service/src/main/java/org/finra/fidelius/config/AppConfig.java b/fidelius-service/src/main/java/org/finra/fidelius/config/AppConfig.java
index cce4193..b5fed2c 100644
--- a/fidelius-service/src/main/java/org/finra/fidelius/config/AppConfig.java
+++ b/fidelius-service/src/main/java/org/finra/fidelius/config/AppConfig.java
@@ -17,9 +17,6 @@
package org.finra.fidelius.config;
-import com.amazonaws.ClientConfiguration;
-import com.amazonaws.retry.PredefinedRetryPolicies;
-import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient;
import org.finra.fidelius.authfilter.UserHeaderFilter;
import org.finra.fidelius.authfilter.parser.IFideliusUserProfile;
import org.finra.fidelius.authfilter.parser.SSOParser;
@@ -43,6 +40,9 @@
import org.springframework.ldap.core.support.LdapContextSource;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
+import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration;
+import software.amazon.awssdk.core.retry.RetryPolicy;
+import software.amazon.awssdk.services.sts.StsClient;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.spi.DocumentationType;
@@ -87,7 +87,7 @@ public class AppConfig {
private final FideliusAuthProperties fideliusAuthProperties;
@Autowired
- private ClientConfiguration clientConfiguration;
+ private ClientOverrideConfiguration clientConfiguration;
public AppConfig(FideliusAuthProperties fideliusAuthProperties){
//LDAP
@@ -102,20 +102,19 @@ public AppConfig(FideliusAuthProperties fideliusAuthProperties){
}
@Bean
- public ClientConfiguration clientConfiguration() {
- final ClientConfiguration clientConfiguration = new ClientConfiguration();
- clientConfiguration.setRetryPolicy(PredefinedRetryPolicies.DYNAMODB_DEFAULT);
- if (this.proxyHost.isPresent() && this.proxyPort.isPresent()) {
- clientConfiguration.setProxyHost(this.proxyHost.get());
- clientConfiguration.setProxyPort(this.proxyPort.get());
- }
+ public ClientOverrideConfiguration clientConfiguration() {
+ final ClientOverrideConfiguration clientConfiguration = ClientOverrideConfiguration.builder()
+ .retryPolicy(RetryPolicy.defaultRetryPolicy())
+ .build();
return clientConfiguration;
}
@Bean
- public AWSSecurityTokenServiceClient awsSecurityTokenServiceClient() {
- return new AWSSecurityTokenServiceClient(this.clientConfiguration);
+ public StsClient awsSecurityTokenServiceClient() {
+ return StsClient.builder()
+ .overrideConfiguration(this.clientConfiguration)
+ .build();
}
@Configuration
diff --git a/fidelius-service/src/main/java/org/finra/fidelius/factories/AWSSessionFactory.java b/fidelius-service/src/main/java/org/finra/fidelius/factories/AWSSessionFactory.java
index 6a826fe..26bdb81 100644
--- a/fidelius-service/src/main/java/org/finra/fidelius/factories/AWSSessionFactory.java
+++ b/fidelius-service/src/main/java/org/finra/fidelius/factories/AWSSessionFactory.java
@@ -17,11 +17,14 @@
package org.finra.fidelius.factories;
-import com.amazonaws.ClientConfiguration;
-import com.amazonaws.auth.BasicSessionCredentials;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient;
-import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient;
import org.springframework.stereotype.Component;
+import software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
+import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider;
+import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider;
+import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration;
+import software.amazon.awssdk.regions.Region;
+import software.amazon.awssdk.services.dynamodb.DynamoDbClient;
+import software.amazon.awssdk.services.sts.StsClient;
import javax.inject.Inject;
@@ -29,13 +32,19 @@
public class AWSSessionFactory {
@Inject
- private ClientConfiguration clientConfiguration;
+ private ClientOverrideConfiguration clientConfiguration;
- public AmazonDynamoDBClient createDynamoDBClient(BasicSessionCredentials basicSessionCredentials) {
- return new AmazonDynamoDBClient(basicSessionCredentials, clientConfiguration);
+ public DynamoDbClient createDynamoDBClient(AwsCredentialsProvider awsCredentialsProvider, Region region) {
+ return DynamoDbClient.builder()
+ .credentialsProvider(awsCredentialsProvider)
+ .region(region)
+ .overrideConfiguration(clientConfiguration)
+ .build();
}
- public AWSSecurityTokenServiceClient createSecurityTokenServiceClient() {
- return new AWSSecurityTokenServiceClient(clientConfiguration);
+ public StsClient createSecurityTokenServiceClient() {
+ return StsClient.builder()
+ .overrideConfiguration(clientConfiguration)
+ .build();
}
}
diff --git a/fidelius-service/src/main/java/org/finra/fidelius/model/Credential.java b/fidelius-service/src/main/java/org/finra/fidelius/model/Credential.java
index 72ce34f..0cb964c 100644
--- a/fidelius-service/src/main/java/org/finra/fidelius/model/Credential.java
+++ b/fidelius-service/src/main/java/org/finra/fidelius/model/Credential.java
@@ -20,6 +20,7 @@
import org.finra.fidelius.model.validators.IsValidActiveDirectoryPassword;
import org.hibernate.validator.constraints.NotBlank;
import org.jvnet.hk2.annotations.Optional;
+import software.amazon.awssdk.services.dynamodb.model.AttributeValue;
import javax.validation.constraints.NotNull;
import javax.validation.constraints.Pattern;
@@ -94,6 +95,32 @@ public Credential(String shortKey, String longKey, String account, String region
}
}
+ public Credential(String shortKey, AttributeValue longKey, String account, String region, String application, AttributeValue environment,
+ AttributeValue component, String lastUpdatedBy, AttributeValue lastUpdatedDate) {
+ this.shortKey = shortKey;
+ this.longKey = longKey.s();
+ this.account = account;
+ this.region = region;
+ this.application = application;
+ this.environment = environment.s();
+ if(component != null) {
+ this.component = component.s();
+ } else {
+ this.component = null;
+ }
+ if(lastUpdatedBy != null) {
+ this.lastUpdatedBy = lastUpdatedBy;
+ } else {
+ this.lastUpdatedBy = null;
+ }
+ if(lastUpdatedDate != null)
+ try {
+ this.lastUpdatedDate = ZonedDateTime.parse(lastUpdatedDate.s());
+ } catch(DateTimeParseException exception) {
+
+ }
+ }
+
public Credential(String shortKey, String longKey, String account, String region, String application, String environment,
String component, String lastUpdatedBy, String lastUpdatedDate, String source, String sourceType) {
this.shortKey = shortKey;
diff --git a/fidelius-service/src/main/java/org/finra/fidelius/model/aws/AWSEnvironment.java b/fidelius-service/src/main/java/org/finra/fidelius/model/aws/AWSEnvironment.java
index 681c6b4..a0e40f2 100644
--- a/fidelius-service/src/main/java/org/finra/fidelius/model/aws/AWSEnvironment.java
+++ b/fidelius-service/src/main/java/org/finra/fidelius/model/aws/AWSEnvironment.java
@@ -17,21 +17,23 @@
package org.finra.fidelius.model.aws;
+import software.amazon.awssdk.regions.Region;
+
public class AWSEnvironment {
private String account;
- private String region;
+ private Region region;
public AWSEnvironment(String account, String region) {
+ this.region = Region.of(region);
this.account = account;
- this.region = region;
}
public String getAccount() {
return account;
}
- public String getRegion() {
+ public Region getRegion() {
return region;
}
}
diff --git a/fidelius-service/src/main/java/org/finra/fidelius/model/db/DBCredential.java b/fidelius-service/src/main/java/org/finra/fidelius/model/db/DBCredential.java
index 0c87be7..2a14a04 100644
--- a/fidelius-service/src/main/java/org/finra/fidelius/model/db/DBCredential.java
+++ b/fidelius-service/src/main/java/org/finra/fidelius/model/db/DBCredential.java
@@ -17,11 +17,9 @@
package org.finra.fidelius.model.db;
-import com.amazonaws.services.dynamodbv2.datamodeling.*;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
-@DynamoDBTable(tableName = "")
public class DBCredential {
private String name;
@@ -31,7 +29,6 @@ public class DBCredential {
private String sdlc;
private String component;
- @DynamoDBHashKey(attributeName = "name")
public String getName() {
return name;
}
@@ -39,7 +36,6 @@ public void setName(String name) {
this.name = name;
}
- @DynamoDBRangeKey(attributeName = "version")
public String getVersion() {
return version;
}
@@ -47,7 +43,6 @@ public void setVersion(String version) {
this.version = version;
}
- @DynamoDBAttribute(attributeName = "updatedBy")
public String getUpdatedBy() {
return updatedBy;
}
@@ -55,7 +50,6 @@ public void setUpdatedBy(String updatedBy) {
this.updatedBy = updatedBy;
}
- @DynamoDBAttribute(attributeName = "updatedOn")
public String getUpdatedDate() {
return updatedDate;
}
@@ -63,7 +57,6 @@ public void setUpdatedDate(String updatedDate) {
this.updatedDate = updatedDate;
}
- @DynamoDBAttribute(attributeName = "sdlc")
public String getSdlc(){
if (sdlc != null && !sdlc.isEmpty()) {
return sdlc;
@@ -73,7 +66,6 @@ public String getSdlc(){
}
public void setSdlc(String sdlc){ this.sdlc = sdlc;}
- @DynamoDBAttribute(attributeName = "component")
public String getComponent() {
if (component != null && !component.isEmpty()) {
return component;
@@ -83,7 +75,7 @@ public String getComponent() {
}
public void setComponent(String component){ this.component = component;}
- @DynamoDBIgnore
+
public String getShortKey() {
if(component != null && !component.isEmpty())
return name.split("\\."+component+"\\."+sdlc+"\\.")[1];
@@ -96,7 +88,6 @@ public String getShortKey() {
}
}
- @DynamoDBIgnore
@Override
public String toString() {
return "DBCredential{" +
diff --git a/fidelius-service/src/main/java/org/finra/fidelius/services/CredentialsService.java b/fidelius-service/src/main/java/org/finra/fidelius/services/CredentialsService.java
index 91fc05c..32069a3 100644
--- a/fidelius-service/src/main/java/org/finra/fidelius/services/CredentialsService.java
+++ b/fidelius-service/src/main/java/org/finra/fidelius/services/CredentialsService.java
@@ -17,15 +17,6 @@
package org.finra.fidelius.services;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient;
-import com.amazonaws.services.dynamodbv2.datamodeling.DynamoDBMapper;
-import com.amazonaws.services.dynamodbv2.datamodeling.DynamoDBQueryExpression;
-import com.amazonaws.services.dynamodbv2.datamodeling.DynamoDBScanExpression;
-import com.amazonaws.services.dynamodbv2.model.AttributeValue;
-import com.amazonaws.services.kms.AWSKMSClient;
-import com.amazonaws.services.rds.AmazonRDSClient;
-import com.amazonaws.services.rds.model.*;
-import com.amazonaws.services.securitytoken.model.AWSSecurityTokenServiceException;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;
@@ -44,7 +35,6 @@
import org.finra.fidelius.model.Metadata;
import org.finra.fidelius.model.rotate.RotateRequest;
import org.finra.fidelius.model.aws.AWSEnvironment;
-import org.finra.fidelius.model.db.DBCredential;
import org.finra.fidelius.services.account.AccountsService;
import org.finra.fidelius.services.auth.FideliusRoleService;
import org.finra.fidelius.services.aws.AWSSessionService;
@@ -60,11 +50,21 @@
import org.springframework.stereotype.Service;
import org.springframework.web.client.HttpStatusCodeException;
import org.springframework.web.client.RestTemplate;
+import software.amazon.awssdk.services.dynamodb.DynamoDbClient;
+import software.amazon.awssdk.services.dynamodb.model.AttributeValue;
+import software.amazon.awssdk.services.dynamodb.model.QueryRequest;
+import software.amazon.awssdk.services.dynamodb.model.ScanRequest;
+import software.amazon.awssdk.services.kms.KmsClient;
+import software.amazon.awssdk.services.rds.RdsClient;
+import software.amazon.awssdk.services.rds.model.*;
+import software.amazon.awssdk.services.sts.model.StsException;
import javax.inject.Inject;
import java.net.URI;
import java.util.*;
import java.util.concurrent.TimeUnit;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
import java.util.stream.Collectors;
@Service
@@ -119,6 +119,13 @@ public class CredentialsService {
private final static String RDS = "rds";
private final static String AURORA = "aurora";
+ public final static String NAME = "name";
+ public final static String VERSION = "version";
+ public final static String UPDATED_BY = "updatedBy";
+ public final static String UPDATED_ON = "updatedOn";
+ public final static String SDLC = "sdlc";
+ public final static String COMPONENT = "component";
+
private Logger logger = LoggerFactory.getLogger(CredentialsService.class);
private RestTemplate restTemplate;
@@ -140,10 +147,10 @@ public Optional load(String user) throws Exception {
*/
protected void setFideliusEnvironment(String account, String region) {
AWSEnvironment awsEnvironment = new AWSEnvironment(account, region);
- AmazonDynamoDBClient dynamoDBClient;
+ DynamoDbClient dynamoDBClient;
try {
dynamoDBClient = awsSessionService.getDynamoDBClient(awsEnvironment);
- } catch (AWSSecurityTokenServiceException ex) {
+ } catch (StsException ex) {
String message = String.format("Not authorized to access credential table on account: %s in region: %s", account, region);
logger.error(message, ex);
throw new FideliusException(message, HttpStatus.FORBIDDEN);
@@ -152,8 +159,8 @@ protected void setFideliusEnvironment(String account, String region) {
logger.error(message, re);
throw new FideliusException(message, HttpStatus.INTERNAL_SERVER_ERROR);
}
- AWSKMSClient awskmsClient = awsSessionService.getKmsClient(awsEnvironment);
- fideliusService.setFideliusClient(dynamoDBClient, awskmsClient);
+ KmsClient kmsClient = awsSessionService.getKmsClient(awsEnvironment);
+ fideliusService.setFideliusClient(dynamoDBClient, kmsClient);
}
/**
@@ -162,12 +169,12 @@ protected void setFideliusEnvironment(String account, String region) {
* @param account AWS account
* @param region AWS Region
*/
- protected AmazonRDSClient setRDSClient(String account, String region) {
+ protected RdsClient setRDSClient(String account, String region) {
AWSEnvironment awsEnvironment = new AWSEnvironment(account, region);
- AmazonRDSClient amazonRDSClient;
+ RdsClient rdsClient;
try {
- amazonRDSClient = awsSessionService.getRdsClient(awsEnvironment);
- } catch (AWSSecurityTokenServiceException ex) {
+ rdsClient = awsSessionService.getRdsClient(awsEnvironment);
+ } catch (StsException ex) {
String message = String.format("Not authorized to access rds on account: %s in region: %s", account, region);
logger.error(message, ex);
throw new FideliusException(message, HttpStatus.FORBIDDEN);
@@ -176,52 +183,52 @@ protected AmazonRDSClient setRDSClient(String account, String region) {
logger.error(message, re);
throw new FideliusException(message, HttpStatus.INTERNAL_SERVER_ERROR);
}
- return amazonRDSClient;
+ return rdsClient;
}
@PreAuthorize("@fideliusRoleService.isAuthorized(#application, #account, \"LIST_CREDENTIALS\")")
public List getAllCredentials(String tableName, String account, String region, String application) throws FideliusException{
logger.info(String.format("Getting all credentials for app %s using account %s and region %s.", application, account, region));
+ AWSEnvironment awsEnvironment = new AWSEnvironment(account, region);
List results = new ArrayList<>();
+ DynamoDbClient dynamoDbClient = awsSessionService.getDynamoDBClient(awsEnvironment);
- DynamoDBMapper mapper = dynamoDBService.createMapper(account, region, tableName);
setFideliusEnvironment(account, region);
Map ean = new HashMap<>();
- ean.put("#tempname", "name");
+ ean.put("#tempname", NAME);
Map eav = new HashMap<>();
- eav.put(":key", new AttributeValue().withS(application + "."));
-
- StringBuilder sb = new StringBuilder();
- sb.append("begins_with (#tempname, :key)");
+ eav.put(":key", AttributeValue.builder().s(application + ".").build());
- DynamoDBScanExpression queryExp = new DynamoDBScanExpression()
- .withFilterExpression(sb.toString())
- .withExpressionAttributeValues(eav)
- .withExpressionAttributeNames(ean);
+ ScanRequest scanRequest = ScanRequest.builder()
+ .tableName(tableName)
+ .filterExpression("begins_with (#tempname, :key)")
+ .expressionAttributeNames(ean)
+ .expressionAttributeValues(eav)
+ .build();
- List queryResults = dynamoDBService.scanDynamoDB(queryExp, DBCredential.class, mapper);
+ List> queryResults = dynamoDBService.scanDynamoDB(scanRequest, dynamoDbClient);
// Gets only latest version of each credential
- Map credentials = getLatestCredentialVersion(queryResults);
+ Map> credentials = getLatestCredentialVersion(queryResults);
- for (DBCredential dbCredential : credentials.values()) {
- if(dbCredential.getSdlc() == null){
- logger.info(String.format("Credential %s missing attributes. Attempting to add missing attributes: ", dbCredential.getName()));
+ for (Map dbCredential : credentials.values()) {
+ if(dbCredential.get(SDLC) == null){
+ logger.info(String.format("Credential %s missing attributes. Attempting to add missing attributes: ", dbCredential.get(NAME)));
dbCredential = migrateService.guessCredentialProperties(dbCredential);
}
try {
- Credential credential = new Credential(dbCredential.getShortKey(), dbCredential.getName(), account, region, application,
- dbCredential.getSdlc(), dbCredential.getComponent(), splitRoleARN(dbCredential.getUpdatedBy()),
- dbCredential.getUpdatedDate());
+ Credential credential = new Credential(getShortKey(dbCredential), dbCredential.get(NAME), account, region, application,
+ dbCredential.get(SDLC), dbCredential.get(COMPONENT), splitRoleARN(dbCredential.get(UPDATED_BY)),
+ dbCredential.get(UPDATED_ON));
if(credential.getEnvironment() != null)
results.add(credential);
}catch (Exception e){
- logger.error("Error parsing key " + dbCredential.getName(), e);
+ logger.error("Error parsing key " + dbCredential.get(NAME), e);
}
}
logger.info(String.format("%2d credentials for application %s successfully retrieved.",results.size(), application));
@@ -235,36 +242,39 @@ public List getAllCredentials(String tableName, String account, Stri
@PreAuthorize("@fideliusRoleService.isAuthorized(#application, #account, \"LIST_CREDENTIALS\")")
public Credential getCredential(String account, String region, String application, String longKey) throws FideliusException {
- DynamoDBMapper mapper = dynamoDBService.createMapper(account, region, tableName);
+ AWSEnvironment awsEnvironment = new AWSEnvironment(account, region);
+ DynamoDbClient dynamoDbClient = awsSessionService.getDynamoDBClient(awsEnvironment);
setFideliusEnvironment(account, region);
Map ean = new HashMap<>();
- ean.put("#tempname", "name");
+ ean.put("#tempname", NAME);
Map eav = new HashMap<>();
- eav.put(":key", new AttributeValue().withS(longKey));
+ eav.put(":key", AttributeValue.builder().s(longKey).build());
- DynamoDBQueryExpression queryExpression = new DynamoDBQueryExpression()
- .withExpressionAttributeNames(ean)
- .withKeyConditionExpression("#tempname = :key")
- .withExpressionAttributeValues(eav);
- List queryResults = dynamoDBService.queryDynamoDB(queryExpression, DBCredential.class, mapper);
+ QueryRequest queryRequest = QueryRequest.builder()
+ .tableName(tableName)
+ .expressionAttributeNames(ean)
+ .keyConditionExpression("#tempname = :key")
+ .expressionAttributeValues(eav)
+ .build();
+ List> queryResults = dynamoDBService.queryDynamoDB(queryRequest, dynamoDbClient);
// Gets only latest version of each credential
- Map credentials = getLatestCredentialVersion(queryResults);
+ Map> credentials = getLatestCredentialVersion(queryResults);
try {
- DBCredential dbCredential = credentials.values().stream().findFirst().get();
- if(dbCredential.getSdlc() == null) {
+ Map dbCredential = credentials.values().stream().findFirst().get();
+ if(dbCredential.get(SDLC) == null) {
dbCredential = migrateService.migrateCredential(dbCredential, fideliusService);
}
try {
- return (new Credential(dbCredential.getShortKey(), dbCredential.getName(), account, region, application,
- dbCredential.getSdlc(), dbCredential.getComponent(), splitRoleARN(dbCredential.getUpdatedBy()),
- dbCredential.getUpdatedDate()));
+ return (new Credential(getShortKey(dbCredential), dbCredential.get(NAME), account, region, application,
+ dbCredential.get(CredentialsService.SDLC), dbCredential.get(CredentialsService.COMPONENT), splitRoleARN(dbCredential.get(CredentialsService.UPDATED_BY)),
+ dbCredential.get(CredentialsService.UPDATED_ON)));
}catch (Exception e){
- logger.error("Error parsing key " + dbCredential.getName(), e);
+ logger.error("Error parsing key " + dbCredential.get(CredentialsService.NAME).s(), e);
}
} catch (NoSuchElementException e) {
logger.error("Credential " + longKey + " not found" , e);
@@ -278,7 +288,8 @@ public Credential getCredential(String account, String region, String applicatio
public List getCredentialHistory(String tableName, String account, String region, String application,
String environment, String component, String key, boolean isMetadata) throws FideliusException {
List results = new ArrayList<>();
- DynamoDBMapper mapper = dynamoDBService.createMapper(account, region, tableName);
+ AWSEnvironment awsEnvironment = new AWSEnvironment(account, region);
+ DynamoDbClient dynamoDbClient = awsSessionService.getDynamoDBClient(awsEnvironment);
setFideliusEnvironment(account, region);
StringBuilder fullKeyBuilder = new StringBuilder();
@@ -293,21 +304,23 @@ public List getCredentialHistory(String tableName, String account,
fullKeyBuilder.append(String.format(".%s", key));
Map ean = new HashMap<>();
- ean.put("#tempname", "name");
+ ean.put("#tempname", NAME);
Map eav = new HashMap<>();
- eav.put(":key", new AttributeValue().withS(fullKeyBuilder.toString()));
+ eav.put(":key", AttributeValue.builder().s(fullKeyBuilder.toString()).build());
- DynamoDBQueryExpression queryExpression = new DynamoDBQueryExpression()
- .withExpressionAttributeNames(ean)
- .withKeyConditionExpression("#tempname = :key")
- .withExpressionAttributeValues(eav);
+ QueryRequest queryRequest = QueryRequest.builder()
+ .tableName(tableName)
+ .expressionAttributeNames(ean)
+ .keyConditionExpression("#tempname = :key")
+ .expressionAttributeValues(eav)
+ .build();
logger.info(String.format("Retrieving history of credential/metadata %s using account %s and region %s", fullKeyBuilder, account, region));
- List queryResults = dynamoDBService.queryDynamoDB(queryExpression, DBCredential.class, mapper);
+ List> queryResults = dynamoDBService.queryDynamoDB(queryRequest, dynamoDbClient);
- for (DBCredential dbCred : queryResults) {
- results.add(new HistoryEntry(new Integer(dbCred.getVersion()), splitRoleARN(dbCred.getUpdatedBy()), dbCred.getUpdatedDate()));
+ for (Map dbCred : queryResults) {
+ results.add(new HistoryEntry(Integer.parseInt(dbCred.get(VERSION).s()), splitRoleARN(dbCred.get(UPDATED_BY)), dbCred.get(UPDATED_ON).s()));
}
logger.info(String.format("Found %d entries for credential/metadata %s.", results.size(), fullKeyBuilder));
@@ -646,10 +659,10 @@ private String isValidMetadata(Metadata metadata){
return "";
}
- private String splitRoleARN(String roleARN) {
+ private String splitRoleARN(AttributeValue roleARN) {
if (roleARN == null) return null;
- String[] roleTokens = roleARN.split(":assumed-role/");
+ String[] roleTokens = roleARN.s().split(":assumed-role/");
if (roleTokens.length > 1){
return roleTokens[1];
} else {
@@ -657,14 +670,14 @@ private String splitRoleARN(String roleARN) {
}
}
- private Map getLatestCredentialVersion(List queryResults) {
- Map credentials = new HashMap<>();
- for (DBCredential dbCredential : queryResults) {
- if (!credentials.containsKey(dbCredential.getName())) {
- credentials.put(dbCredential.getName(), dbCredential);
+ private Map> getLatestCredentialVersion(List> queryResults) {
+ Map> credentials = new HashMap<>();
+ for (Map dbCredential : queryResults) {
+ if (!credentials.containsKey(dbCredential.get("name").s())) {
+ credentials.put(dbCredential.get("name").s(), dbCredential);
}
- else if (credentials.get(dbCredential.getName()).getVersion().compareTo(dbCredential.getVersion()) < 1) {
- credentials.replace(dbCredential.getName(), dbCredential);
+ else if (Integer.parseInt(credentials.get(dbCredential.get("name").s()).get("version").s()) < Integer.parseInt(dbCredential.get("version").s())) {
+ credentials.replace(dbCredential.get("name").s(), dbCredential);
}
}
@@ -676,32 +689,32 @@ private List getAllRDS(String account, String region, String application
logger.info(String.format("Getting all RDS for account %s and region %s.", account, region));
List results = new ArrayList<>();
- AmazonRDSClient amazonRDSClient = setRDSClient(account, region);
- Filter rdsEngineFilter = new Filter().withName("engine").withValues("postgres", "mysql", "oracle-se2", "oracle-ee", "custom-oracle-ee","oracle-ee-cdb", "oracle-se2-cdb");
- DescribeDBInstancesResult response = amazonRDSClient.describeDBInstances(new DescribeDBInstancesRequest().withFilters(rdsEngineFilter));
- List dbList = response.getDBInstances();
+ RdsClient rdsClient = setRDSClient(account, region);
+ Filter rdsEngineFilter = Filter.builder().name("engine").values("postgres", "mysql", "oracle-se2", "oracle-ee", "custom-oracle-ee","oracle-ee-cdb", "oracle-se2-cdb").build();
+ DescribeDbInstancesResponse response = rdsClient.describeDBInstances(DescribeDbInstancesRequest.builder().filters(rdsEngineFilter).build());
+ List dbList = response.dbInstances();
for(DBInstance db: dbList) {
- if(db.getDBInstanceIdentifier().startsWith(application.toLowerCase())){
- results.add(db.getDBInstanceIdentifier());
+ if(db.dbInstanceIdentifier().startsWith(application.toLowerCase())){
+ results.add(db.dbInstanceIdentifier());
}
}
- while(response.getMarker() != null){
- response = amazonRDSClient.describeDBInstances(new DescribeDBInstancesRequest().withMarker(response.getMarker()).withFilters(rdsEngineFilter));
- dbList = response.getDBInstances();
+ while(response.marker() != null){
+ response = rdsClient.describeDBInstances(DescribeDbInstancesRequest.builder().marker(response.marker()).filters(rdsEngineFilter).build());
+ dbList = response.dbInstances();
for(DBInstance db: dbList) {
- if(db.getDBInstanceIdentifier().startsWith(application.toLowerCase())){
- results.add(db.getDBInstanceIdentifier());
+ if(db.dbInstanceIdentifier().startsWith(application.toLowerCase())){
+ results.add(db.dbInstanceIdentifier());
}
}
}
- while(response.getMarker() != null){
- response = amazonRDSClient.describeDBInstances(new DescribeDBInstancesRequest().withMarker(response.getMarker()).withFilters(rdsEngineFilter));
- dbList = response.getDBInstances();
+ while(response.marker() != null){
+ response = rdsClient.describeDBInstances(DescribeDbInstancesRequest.builder().marker(response.marker()).filters(rdsEngineFilter).build());
+ dbList = response.dbInstances();
for(DBInstance db: dbList) {
- results.add(db.getDBInstanceIdentifier());
+ results.add(db.dbInstanceIdentifier());
}
}
@@ -713,52 +726,58 @@ private List getAllAuroraRegionalCluster(String account, String region,
logger.info(String.format("Getting all Aurora clusters for account %s and region %s.", account, region));
List results = new ArrayList<>();
- AmazonRDSClient amazonRDSClient = setRDSClient(account, region);
+ RdsClient amazonRDSClient = setRDSClient(account, region);
- DescribeDBClustersResult response = amazonRDSClient.describeDBClusters();
- List dbClusterList = response.getDBClusters();
+ DescribeDbClustersResponse response = amazonRDSClient.describeDBClusters();
+ List dbClusterList = response.dbClusters();
for(DBCluster cluster: dbClusterList) {
- if(cluster.getDBClusterIdentifier().startsWith(application.toLowerCase())){
- results.add(cluster.getDBClusterIdentifier());
+ if(cluster.dbClusterIdentifier().startsWith(application.toLowerCase())){
+ results.add(cluster.dbClusterIdentifier());
}
}
- while(response.getMarker() != null){
- response = amazonRDSClient.describeDBClusters(new DescribeDBClustersRequest().withMarker(response.getMarker()));
- dbClusterList = response.getDBClusters();
+ while(response.marker() != null){
+ response = amazonRDSClient.describeDBClusters(DescribeDbClustersRequest.builder().marker(response.marker()).build());
+ dbClusterList = response.dbClusters();
for(DBCluster cluster: dbClusterList) {
- if(cluster.getDBClusterIdentifier().startsWith(application.toLowerCase())){
- results.add(cluster.getDBClusterIdentifier());
+ if(cluster.dbClusterIdentifier().startsWith(application.toLowerCase())){
+ results.add(cluster.dbClusterIdentifier());
}
}
}
- while(response.getMarker() != null){
- response = amazonRDSClient.describeDBClusters(new DescribeDBClustersRequest().withMarker(response.getMarker()));
- dbClusterList = response.getDBClusters();
- for(DBCluster cluster: dbClusterList) {
- results.add(cluster.getDBClusterIdentifier());
- }
- }
-
return results;
}
public List getMetadataInfo(String account, String region, String sourceType, String application) throws Exception {
+ logger.info("Source type: " + sourceType);
switch (sourceType) {
case RDS:
return getAllRDS(account, region, application);
case AURORA:
return getAllAuroraRegionalCluster(account, region, application);
default:
- throw new Exception("Please pass supported values for sourceType");
+ logger.info("No source names to return for source type: " + sourceType);
+ return new ArrayList<>();
}
}
public List getSourceTypes(){
return Arrays.asList(sourceTypes.split(","));
}
+ public static String getShortKey(Map secret) {
+ if(secret.get("component") != null && !secret.get("component").s().isEmpty())
+ return secret.get("name").s().split("\\."+secret.get("component").s()+"\\."+secret.get("sdlc").s()+"\\.")[1];
+ else {
+ Pattern p = Pattern.compile("([-\\w]+)\\.([-\\w]+)\\.(\\S+)");
+ Matcher m = p.matcher(secret.get("name").s());
+ if(m.matches())
+ return m.group(3);
+ return secret.get("name").s();
+ }
+ }
+
private String getOAuth2Header(String username, String password) {
String token = getOAuth2Token(username, password);
if(token.isEmpty()) {
diff --git a/fidelius-service/src/main/java/org/finra/fidelius/services/FideliusService.java b/fidelius-service/src/main/java/org/finra/fidelius/services/FideliusService.java
index 72252a3..0b14efc 100644
--- a/fidelius-service/src/main/java/org/finra/fidelius/services/FideliusService.java
+++ b/fidelius-service/src/main/java/org/finra/fidelius/services/FideliusService.java
@@ -16,14 +16,13 @@
*/
package org.finra.fidelius.services;
-
-import com.amazonaws.ClientConfiguration;
-import com.amazonaws.auth.AWSCredentialsProvider;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient;
-import com.amazonaws.services.kms.AWSKMSClient;
import org.finra.fidelius.FideliusClient;
import org.finra.fidelius.MetadataParameters;
import org.springframework.stereotype.Service;
+import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider;
+import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration;
+import software.amazon.awssdk.services.dynamodb.DynamoDbClient;
+import software.amazon.awssdk.services.kms.KmsClient;
@Service
public class FideliusService extends FideliusClient {
@@ -36,11 +35,11 @@ public FideliusService(String region) {
super(region);
}
- public FideliusService(ClientConfiguration clientConfiguration, AWSCredentialsProvider provider, String region) {
+ public FideliusService(ClientOverrideConfiguration clientConfiguration, AwsCredentialsProvider provider, String region) {
super(clientConfiguration, provider, region);
}
- public void setFideliusClient(AmazonDynamoDBClient dynamoDBClient, AWSKMSClient awskmsClient){
+ public void setFideliusClient(DynamoDbClient dynamoDBClient, KmsClient awskmsClient){
super.setFideliusClient(dynamoDBClient, awskmsClient);
}
diff --git a/fidelius-service/src/main/java/org/finra/fidelius/services/MigrateService.java b/fidelius-service/src/main/java/org/finra/fidelius/services/MigrateService.java
index 3cf46bd..d17f691 100644
--- a/fidelius-service/src/main/java/org/finra/fidelius/services/MigrateService.java
+++ b/fidelius-service/src/main/java/org/finra/fidelius/services/MigrateService.java
@@ -17,12 +17,14 @@
package org.finra.fidelius.services;
-import com.amazonaws.services.dynamodbv2.datamodeling.DynamoDBMapper;
-import org.finra.fidelius.model.db.DBCredential;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
+import software.amazon.awssdk.services.dynamodb.model.AttributeValue;
+
+import java.util.HashMap;
+import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
@@ -54,44 +56,44 @@ public class MigrateService {
private Logger logger = LoggerFactory.getLogger(MigrateService.class);
- public DBCredential migrateCredential(DBCredential dbCredential, FideliusService fideliusService) {
+ public Map migrateCredential(Map dbCredential, FideliusService fideliusService) {
this.fideliusService = fideliusService;
- Matcher threeFieldsMatcher = threeFieldsPattern.matcher(dbCredential.getName());
- Matcher fourFieldsMatcher = fourFieldsPattern.matcher(dbCredential.getName());
- Matcher extraFieldsMatcher = extraFieldsPattern.matcher(dbCredential.getName());
+ Matcher threeFieldsMatcher = threeFieldsPattern.matcher(dbCredential.get(CredentialsService.NAME).s());
+ Matcher fourFieldsMatcher = fourFieldsPattern.matcher(dbCredential.get(CredentialsService.NAME).s());
+ Matcher extraFieldsMatcher = extraFieldsPattern.matcher(dbCredential.get(CredentialsService.NAME).s());
if (threeFieldsMatcher.matches()) {
- logger.info("3 Fields: " + dbCredential.getName());
+ logger.info("3 Fields: " + dbCredential.get(CredentialsService.NAME).s());
try {
String key = threeFieldsMatcher.group(3);
String ags = threeFieldsMatcher.group(1);
String sdlc = threeFieldsMatcher.group(2);
migrate(ags, sdlc, null, key, dbCredential);
} catch (Exception e) {
- logger.error("Error migrating " + dbCredential.getName());
+ logger.error("Error migrating " + dbCredential.get(CredentialsService.NAME).s());
}
}
- if (fourFieldsMatcher.matches() && dbCredential.getSdlc() == null) {
- logger.info("4 Fields: " + dbCredential.getName());
+ if (fourFieldsMatcher.matches() && dbCredential.get(CredentialsService.SDLC) == null) {
+ logger.info("4 Fields: " + dbCredential.get(CredentialsService.NAME).s());
migrate(fourFieldsMatcher, dbCredential);
}
- if (extraFieldsMatcher.matches() && dbCredential.getSdlc() == null) {
- logger.info("More than 4 Fields: " + dbCredential.getName());
+ if (extraFieldsMatcher.matches() && dbCredential.get(CredentialsService.SDLC) == null) {
+ logger.info("More than 4 Fields: " + dbCredential.get(CredentialsService.NAME).s());
migrate(extraFieldsMatcher, dbCredential);
}
- if(dbCredential.getSdlc() != null)
- logger.info("Successfully retrieved " + dbCredential.getName());
+ if(dbCredential.get(CredentialsService.SDLC) != null)
+ logger.info("Successfully retrieved " + dbCredential.get(CredentialsService.NAME).s());
else {
- logger.error("Failed to migrate: " + dbCredential.getName());
+ logger.error("Failed to migrate: " + dbCredential.get(CredentialsService.NAME).s());
}
return dbCredential;
}
- private void migrate(String ags, String sdlc, String component, String key, DBCredential dbCredential) throws Exception{
+ private void migrate(String ags, String sdlc, String component, String key, Map dbCredential) throws Exception{
String user = "FideliusMigrateTask";
String credentialSecret = fideliusService.getCredential(key,ags,sdlc,component, tableName, user);
@@ -99,14 +101,14 @@ private void migrate(String ags, String sdlc, String component, String key, DBCr
if(credentialSecret == null)
throw new Exception("Error retrieving key");
else {
- logger.info(dbCredential.getName() + " retrieved");
- dbCredential.setSdlc(sdlc);
+ logger.info(dbCredential.get(CredentialsService.NAME).s() + " retrieved");
+ dbCredential.put(CredentialsService.SDLC, AttributeValue.builder().s(sdlc).build());
if(component != null)
- dbCredential.setComponent(component);
+ dbCredential.put(CredentialsService.COMPONENT, AttributeValue.builder().s(component).build());
}
}
- private void migrate(Matcher matcher, DBCredential dbCredential){
+ private void migrate(Matcher matcher, Map dbCredential){
try {
String key = matcher.group(4);
String ags = matcher.group(1);
@@ -114,35 +116,36 @@ private void migrate(Matcher matcher, DBCredential dbCredential){
String component = matcher.group(2);
migrate(ags, sdlc, component, key, dbCredential);
} catch(Exception e){
- logger.error("Error retrieving " + dbCredential.getName(), e.getMessage());
+ logger.error("Error retrieving " + dbCredential.get(CredentialsService.NAME).s(), e.getMessage());
try {
String key = matcher.group(3)+"."+matcher.group(4);
String ags = matcher.group(1);
String sdlc = matcher.group(2);
migrate(ags, sdlc, null, key, dbCredential);
} catch(Exception e1){
- logger.error("Error retrieving " + dbCredential.getName(), e.getMessage());
+ logger.error("Error retrieving " + dbCredential.get(CredentialsService.NAME).s(), e.getMessage());
}
}
}
- public DBCredential guessCredentialProperties(DBCredential dbCredential) {
- Matcher threeFieldsMatcher = threeFieldsPattern.matcher(dbCredential.getName());
+ public Map guessCredentialProperties(Map dbCredential) {
+ Matcher threeFieldsMatcher = threeFieldsPattern.matcher(dbCredential.get("name").s());
+ Map updatedDbCredential = new HashMap<>(dbCredential);
if (threeFieldsMatcher.matches()) {
- logger.info("Parsing " + dbCredential.getName());
- String sdlc = threeFieldsMatcher.group(2);
- dbCredential.setSdlc(sdlc);
+ logger.info("Parsing " + dbCredential.get("name").s());
+ String sdlc = threeFieldsMatcher.group(2);
+ updatedDbCredential.put("sdlc", AttributeValue.builder().s(sdlc).build());
} else{
try {
- String sdlc = dbCredential.getName().split("\\.")[1];
- dbCredential.setSdlc(sdlc);
+ String sdlc = dbCredential.get("name").s().split("\\.")[1];
+ updatedDbCredential.put("sdlc", AttributeValue.builder().s(sdlc).build());
} catch (Exception e) {
- logger.error("Error parsing key " + dbCredential.getName());
+ logger.error("Error parsing key " + dbCredential.get("name").s());
}
}
- return dbCredential;
+ return updatedDbCredential;
}
}
diff --git a/fidelius-service/src/main/java/org/finra/fidelius/services/aws/AWSSessionService.java b/fidelius-service/src/main/java/org/finra/fidelius/services/aws/AWSSessionService.java
index 7e0b796..1838c3e 100644
--- a/fidelius-service/src/main/java/org/finra/fidelius/services/aws/AWSSessionService.java
+++ b/fidelius-service/src/main/java/org/finra/fidelius/services/aws/AWSSessionService.java
@@ -17,19 +17,6 @@
package org.finra.fidelius.services.aws;
-import com.amazonaws.auth.AWSStaticCredentialsProvider;
-import com.amazonaws.auth.BasicSessionCredentials;
-import com.amazonaws.client.builder.AwsClientBuilder;
-import com.amazonaws.regions.Region;
-import com.amazonaws.regions.Regions;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient;
-import com.amazonaws.services.kms.AWSKMSClient;
-import com.amazonaws.services.kms.AWSKMSClientBuilder;
-import com.amazonaws.services.rds.AmazonRDSClient;
-import com.amazonaws.services.rds.AmazonRDSClientBuilder;
-import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient;
-import com.amazonaws.services.securitytoken.model.AssumeRoleRequest;
-import com.amazonaws.services.securitytoken.model.AssumeRoleResult;
import com.google.common.base.Throwables;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
@@ -43,6 +30,18 @@
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
+import software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
+import software.amazon.awssdk.auth.credentials.AwsCredentials;
+import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider;
+import software.amazon.awssdk.services.dynamodb.DynamoDbClient;
+import software.amazon.awssdk.services.kms.KmsClient;
+import software.amazon.awssdk.services.kms.KmsClientBuilder;
+import software.amazon.awssdk.services.rds.RdsClient;
+import software.amazon.awssdk.services.sts.StsClient;
+import software.amazon.awssdk.services.sts.auth.StsAssumeRoleCredentialsProvider;
+import software.amazon.awssdk.services.sts.model.AssumeRoleRequest;
+import software.amazon.awssdk.services.sts.model.AssumeRoleResponse;
+import software.amazon.awssdk.services.sts.model.Credentials;
import javax.inject.Inject;
import java.util.concurrent.ExecutionException;
@@ -66,36 +65,57 @@ public class AWSSessionService {
private Logger logger = LoggerFactory.getLogger(AWSSessionService.class);
- private LoadingCache credentialCache = CacheBuilder.newBuilder()
+ private LoadingCache credentialCache = CacheBuilder.newBuilder()
.maximumSize(100)
.concurrencyLevel(10)
.refreshAfterWrite(360 * 1000, TimeUnit.MILLISECONDS)
- .build(new CacheLoader() {
+ .build(new CacheLoader() {
@Override
- public BasicSessionCredentials load(AWSEnvironment environment) throws Exception {
+ public Credentials load(AWSEnvironment environment) throws Exception {
return getFreshCredentials(environment);
}
});
- private BasicSessionCredentials getFreshCredentials(AWSEnvironment environment) throws Exception{
+ private Credentials getFreshCredentials(AWSEnvironment environment) throws Exception{
String roleArn = getRoleArn(environment.getAccount(), assumeRole);
logger.info("Assuming to role: " + roleArn + " for environment " + environment.getAccount() + " on region " + environment.getRegion()
+ " with timeout of " + (sessionTimeout / 1000) + " seconds (with " + (sessionTimeoutPad / 1000) + " padding.)");
- AssumeRoleRequest assumeRequest = new AssumeRoleRequest()
- .withRoleArn(roleArn)
- .withDurationSeconds((sessionTimeout + sessionTimeoutPad) / 1000)
- .withRoleSessionName("CREDSTSH_APP");
+ AssumeRoleRequest assumeRequest = AssumeRoleRequest.builder()
+ .roleArn(roleArn)
+ .durationSeconds((sessionTimeout + sessionTimeoutPad) / 1000)
+ .roleSessionName("CREDSTSH_APP")
+ .build();
+
+ AssumeRoleResponse assumeRoleResponse = awsSessionFactory.createSecurityTokenServiceClient().assumeRole(assumeRequest);
+
+ return assumeRoleResponse.credentials();
- AssumeRoleResult assumeResult = awsSessionFactory.createSecurityTokenServiceClient().assumeRole(assumeRequest);
+ }
- return new BasicSessionCredentials(
- assumeResult.getCredentials().getAccessKeyId(),
- assumeResult.getCredentials().getSecretAccessKey(),
- assumeResult.getCredentials().getSessionToken());
+ private StsAssumeRoleCredentialsProvider getStsAssumeRoleCredentialsProvider(AWSEnvironment environment){
+ try {
+ String roleArn = getRoleArn(environment.getAccount(), assumeRole);
+ StsClient stsClient = awsSessionFactory.createSecurityTokenServiceClient();
+ AssumeRoleRequest assumeRoleRequest = formAssumeRoleRequest(roleArn);
+ return StsAssumeRoleCredentialsProvider.builder()
+ .stsClient(stsClient)
+ .refreshRequest(assumeRoleRequest)
+ .build();
+ } catch (Exception e) {
+ Throwables.throwIfUnchecked(e.getCause());
+ }
+ return null;
+ }
+ private AssumeRoleRequest formAssumeRoleRequest(String roleArn) {
+ return AssumeRoleRequest.builder()
+ .roleArn(roleArn)
+ .durationSeconds((sessionTimeout + sessionTimeoutPad) / 1000)
+ .roleSessionName("CREDSTSH_APP")
+ .build();
}
private String getRoleArn(String alias, String role) throws Exception {
@@ -114,36 +134,26 @@ private String getRoleArn(String alias, String role) throws Exception {
return sb.toString();
}
- public AmazonDynamoDBClient getDynamoDBClient(AWSEnvironment env) {
- BasicSessionCredentials creds = null;
- try {
- creds = credentialCache.getUnchecked(env);
- } catch (UncheckedExecutionException ue) {
- Throwables.throwIfUnchecked(ue.getCause());
- }
- AmazonDynamoDBClient dynamoClient = awsSessionFactory.createDynamoDBClient(creds);
- dynamoClient.setRegion(Region.getRegion(Regions.fromName(env.getRegion())));
- return dynamoClient;
+ public DynamoDbClient getDynamoDBClient(AWSEnvironment env) {
+ StsAssumeRoleCredentialsProvider stsAssumeRoleCredentialsProvider = getStsAssumeRoleCredentialsProvider(env);
+ return awsSessionFactory.createDynamoDBClient(stsAssumeRoleCredentialsProvider, env.getRegion());
}
- public AWSKMSClient getKmsClient(AWSEnvironment environment) {
- BasicSessionCredentials credentials = credentialCache.getUnchecked(environment);
- AWSKMSClient awsKmsClient = (AWSKMSClient) AWSKMSClientBuilder
- .standard()
- .withCredentials(new AWSStaticCredentialsProvider(credentials))
- .withRegion(environment.getRegion())
+ public KmsClient getKmsClient(AWSEnvironment env) {
+ StsAssumeRoleCredentialsProvider stsAssumeRoleCredentialsProvider = getStsAssumeRoleCredentialsProvider(env);
+ return KmsClient
+ .builder()
+ .credentialsProvider(stsAssumeRoleCredentialsProvider)
+ .region(env.getRegion())
.build();
-
- return awsKmsClient;
}
- public AmazonRDSClient getRdsClient(AWSEnvironment environment){
- BasicSessionCredentials credentials = credentialCache.getUnchecked(environment);
-
- return (AmazonRDSClient) AmazonRDSClientBuilder
- .standard()
- .withCredentials(new AWSStaticCredentialsProvider(credentials))
- .withRegion(environment.getRegion())
+ public RdsClient getRdsClient(AWSEnvironment env){
+ StsAssumeRoleCredentialsProvider stsAssumeRoleCredentialsProvider = getStsAssumeRoleCredentialsProvider(env);
+ return RdsClient
+ .builder()
+ .credentialsProvider(stsAssumeRoleCredentialsProvider)
+ .region(env.getRegion())
.build();
}
diff --git a/fidelius-service/src/main/java/org/finra/fidelius/services/aws/DynamoDBService.java b/fidelius-service/src/main/java/org/finra/fidelius/services/aws/DynamoDBService.java
index 39596db..8a78e36 100644
--- a/fidelius-service/src/main/java/org/finra/fidelius/services/aws/DynamoDBService.java
+++ b/fidelius-service/src/main/java/org/finra/fidelius/services/aws/DynamoDBService.java
@@ -17,22 +17,20 @@
package org.finra.fidelius.services.aws;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient;
-import com.amazonaws.services.dynamodbv2.datamodeling.*;
-import com.amazonaws.services.dynamodbv2.model.ProvisionedThroughputExceededException;
-import com.amazonaws.services.dynamodbv2.datamodeling.DynamoDBQueryExpression;
-import com.amazonaws.services.dynamodbv2.model.ResourceNotFoundException;
-import com.amazonaws.services.securitytoken.model.AWSSecurityTokenServiceException;
import org.finra.fidelius.exceptions.FideliusException;
import org.finra.fidelius.model.aws.AWSEnvironment;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Component;
+import software.amazon.awssdk.services.dynamodb.DynamoDbClient;
+import software.amazon.awssdk.services.dynamodb.model.*;
+import software.amazon.awssdk.services.sts.model.StsException;
import javax.inject.Inject;
import java.util.ArrayList;
import java.util.List;
+import java.util.Map;
@Component
public class DynamoDBService {
@@ -42,19 +40,19 @@ public class DynamoDBService {
private Logger logger = LoggerFactory.getLogger(DynamoDBService.class);
- public List scanDynamoDB(DynamoDBScanExpression scanExp, Class clazz, DynamoDBMapper mapper) {
+ public List> scanDynamoDB(ScanRequest scanRequest, DynamoDbClient dynamoDbClient) {
logger.info("Scanning DynamoDB table...");
- List queryResults = null;
+ List> queryResults = null;
long startTime = System.currentTimeMillis();
try {
- PaginatedScanList scanResults = mapper.scan(clazz, scanExp);
- queryResults = new ArrayList<>(scanResults);
- } catch (ProvisionedThroughputExceededException pte) {
- logger.error("Provisioned Throughput Exceeded. ", pte);
- } catch (ResourceNotFoundException rnf) {
- String message = "Credential table not found!";
- logger.error(message, rnf);
- throw new FideliusException(message, HttpStatus.NOT_FOUND);
+ ScanResponse scanResponse = dynamoDbClient.scan(scanRequest);
+ queryResults = new ArrayList<>(scanResponse.items());
+ } catch (ProvisionedThroughputExceededException pte) {
+ logger.error("Provisioned Throughput Exceeded. ", pte);
+ } catch (ResourceNotFoundException rnf) {
+ String message = "Credential table not found!";
+ logger.error(message, rnf);
+ throw new FideliusException(message, HttpStatus.NOT_FOUND);
}
if (queryResults == null) {
@@ -67,12 +65,12 @@ public List scanDynamoDB(DynamoDBScanExpression scanExp, Class clazz,
return queryResults;
}
- public List queryDynamoDB(DynamoDBQueryExpression queryRequest, Class clazz, DynamoDBMapper dynamoDBMapper){
- List queryResults = null;
+ public List> queryDynamoDB(QueryRequest queryRequest, DynamoDbClient dynamoDbClient){
+ QueryResponse queryResults = null;
logger.info("Querying DynamoDB table...");
long startTime = System.currentTimeMillis();
try {
- queryResults = dynamoDBMapper.query(clazz, queryRequest);
+ queryResults = dynamoDbClient.query(queryRequest);
} catch (ProvisionedThroughputExceededException pte) {
logger.error("Provisioned Throughput Exceeded. ", pte);
} catch (ResourceNotFoundException rnf) {
@@ -88,29 +86,6 @@ public List queryDynamoDB(DynamoDBQueryExpression queryRequest, Class c
logger.info(String.format("Query completed in %.3f seconds", (System.currentTimeMillis() - startTime) / 1000.0));
}
- return queryResults;
- }
-
- // Creates a new DynamoDBMapper object
- public DynamoDBMapper createMapper(String account, String region, String tableName) {
- AWSEnvironment awsenv = new AWSEnvironment(account, region);
-
- AmazonDynamoDBClient dbclient;
- try {
- dbclient = awsSessionService.getDynamoDBClient(awsenv);
- } catch (AWSSecurityTokenServiceException ex) {
- String message = String.format("User not authorized to access credential table on account: %s in region: %s", account, region);
- logger.error(message, ex);
- throw new FideliusException(message, HttpStatus.FORBIDDEN);
- } catch (RuntimeException re) {
- String message = re.getMessage();
- logger.error(message, re);
- throw new FideliusException(message, HttpStatus.INTERNAL_SERVER_ERROR);
- }
-
- DynamoDBMapperConfig config = new DynamoDBMapperConfig.Builder()
- .withTableNameOverride(DynamoDBMapperConfig.TableNameOverride.withTableNameReplacement(tableName))
- .build();
- return new DynamoDBMapper(dbclient, config);
+ return queryResults.items();
}
}
diff --git a/fidelius-service/src/test/java/org/finra/fidelius/services/CredentialsServiceTest.java b/fidelius-service/src/test/java/org/finra/fidelius/services/CredentialsServiceTest.java
index 8fc293e..15706ef 100644
--- a/fidelius-service/src/test/java/org/finra/fidelius/services/CredentialsServiceTest.java
+++ b/fidelius-service/src/test/java/org/finra/fidelius/services/CredentialsServiceTest.java
@@ -17,8 +17,6 @@
package org.finra.fidelius.services;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient;
-import com.amazonaws.services.kms.AWSKMSClient;
import org.finra.fidelius.FideliusClient;
import org.finra.fidelius.authfilter.parser.FideliusUserProfile;
import org.finra.fidelius.exceptions.FideliusException;
@@ -44,11 +42,12 @@
import org.springframework.boot.test.mock.mockito.MockBeans;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.junit4.SpringRunner;
+import software.amazon.awssdk.services.dynamodb.DynamoDbClient;
+import software.amazon.awssdk.services.dynamodb.model.AttributeValue;
+import software.amazon.awssdk.services.kms.KmsClient;
import javax.inject.Inject;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.NoSuchElementException;
+import java.util.*;
import static org.junit.Assert.*;
@@ -85,8 +84,8 @@ public class CredentialsServiceTest {
public void setUp() throws Exception {
MockitoAnnotations.initMocks(this);
when(fideliusService.getCredential(anyString(), anyString(), anyString(), anyString(), anyString(), anyString())).thenReturn("Secret");
- when(awsSessionService.getDynamoDBClient(any())).thenReturn(new AmazonDynamoDBClient());
- when(awsSessionService.getKmsClient(any())).thenReturn(new AWSKMSClient());
+ when(awsSessionService.getDynamoDBClient(any())).thenReturn(DynamoDbClient.builder().build());
+ when(awsSessionService.getKmsClient(any())).thenReturn(KmsClient.builder().build());
FideliusUserEntry profile = new FideliusUserEntry("name", "test", "email@email.com", "John Johnson");
when(fideliusRoleService.getUserProfile()).thenReturn(profile);
@@ -94,29 +93,29 @@ public void setUp() throws Exception {
@Test
public void getAllCredentialsShouldBeAbleToObtainCredentialsWithAndWithoutComponents() {
- List fakeData = new ArrayList<>();
+ List> fakeData = new ArrayList<>();
- DBCredential fakeCred1 = new DBCredential();
- fakeCred1.setName("APP.TestComponent.dev.testKey");
- fakeCred1.setSdlc("dev");
- fakeCred1.setComponent("TestComponent");
- fakeCred1.setVersion("0001");
- fakeCred1.setUpdatedBy("Jon Snow");
- fakeCred1.setUpdatedDate("2018-04-04T12:51:37.803Z");
+ Map fakeCred1 = new HashMap<>();
+ fakeCred1.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred1.put(CredentialsService.SDLC, AttributeValue.builder().s("dev").build());
+ fakeCred1.put(CredentialsService.COMPONENT, AttributeValue.builder().s("TestComponent").build());
+ fakeCred1.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred1.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Jon Snow").build());
+ fakeCred1.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
- DBCredential fakeCred2 = new DBCredential();
- fakeCred2.setName("APP.dev.testKey2");
- fakeCred2.setVersion("0001");
- fakeCred2.setUpdatedBy("Ned Stark");
- fakeCred2.setUpdatedDate("2018-04-04T12:51:37.803Z");
+ Map fakeCred2 = new HashMap<>();
+ fakeCred2.put(CredentialsService.NAME, AttributeValue.builder().s("APP.dev.testKey2").build());
+ fakeCred2.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred2.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Ned Stark").build());
+ fakeCred2.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
- DBCredential fakeCred3 = fakeCred2;
- fakeCred3.setSdlc("dev");
+ Map fakeCred3 = fakeCred2;
+ fakeCred3.put(CredentialsService.SDLC, AttributeValue.builder().s("dev").build());
fakeData.add(fakeCred1);
fakeData.add(fakeCred2);
- when(dynamoDBService.scanDynamoDB(any(), eq(DBCredential.class), any())).thenReturn(fakeData);
+ when(dynamoDBService.scanDynamoDB(any(), any())).thenReturn(fakeData);
when(migrateService.migrateCredential(any(), any())).thenReturn(fakeCred3);
List expectedCreds = new ArrayList<>();
@@ -125,95 +124,96 @@ public void getAllCredentialsShouldBeAbleToObtainCredentialsWithAndWithoutCompon
expectedCreds.add(new Credential("testKey", "APP.TestComponent.dev.testKey", "some-account", "region", "APP", "dev",
"TestComponent", "Jon Snow", "2018-04-04T12:51:37.803Z"));
- assertTrue(credentialsService.getAllCredentials("table", "some-account", "region", "APP").equals(expectedCreds));
+ assertEquals(expectedCreds, credentialsService.getAllCredentials("table", "some-account", "region", "APP"));
}
@Test
public void getAllCredentialsShouldBeAbleToHandleLegacyCredentialEntries() {
- List fakeData = new ArrayList<>();
+ List> fakeData = new ArrayList<>();
- DBCredential fakeCred1 = new DBCredential();
- fakeCred1.setName("APP.TestComponent.dev.testKey");
- fakeCred1.setSdlc("dev");
- fakeCred1.setComponent("TestComponent");
- fakeCred1.setVersion("0001");
+ Map fakeCred1 = new HashMap<>();
+ fakeCred1.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred1.put(CredentialsService.SDLC, AttributeValue.builder().s("dev").build());
+ fakeCred1.put(CredentialsService.COMPONENT, AttributeValue.builder().s("TestComponent").build());
+ fakeCred1.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
fakeData.add(fakeCred1);
- when(dynamoDBService.scanDynamoDB(any(), eq(DBCredential.class), any())).thenReturn(fakeData);
+ when(dynamoDBService.scanDynamoDB(any(), any())).thenReturn(fakeData);
credentialsService.getAllCredentials("table", "dev", "us-east-1", "APP");
}
@Test
public void getCredentialHistoryShouldBeAbleToHandleLegacyCredentialEntries() {
- List fakeData = new ArrayList<>();
+ List> fakeData = new ArrayList<>();
- DBCredential fakeCred1 = new DBCredential();
- fakeCred1.setName("APP.TestComponent.dev.testKey");
- fakeCred1.setSdlc("dev");
- fakeCred1.setComponent("TestComponent");
- fakeCred1.setVersion("0001");
+ Map fakeCred1 = new HashMap<>();
+ fakeCred1.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred1.put(CredentialsService.SDLC, AttributeValue.builder().s("dev").build());
+ fakeCred1.put(CredentialsService.COMPONENT, AttributeValue.builder().s("TestComponent").build());
+ fakeCred1.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
fakeData.add(fakeCred1);
- when(dynamoDBService.scanDynamoDB(any(), eq(DBCredential.class), any())).thenReturn(fakeData);
+ when(dynamoDBService.scanDynamoDB(any(), any())).thenReturn(fakeData);
credentialsService.getCredentialHistory("table", "dev", "us-east-1", "APP",
"dev", "TestComponent", "testKey", false);
}
@Test
public void getAllCredentialsShouldBeAbleToMigrateCredentialsWithEmptyComponent() {
- List fakeData = new ArrayList<>();
-
- DBCredential fakeCred1 = new DBCredential();
- fakeCred1.setName("APP.TestComponent.dev.testKey");
- fakeCred1.setComponent("");
- fakeCred1.setVersion("0001");
- fakeCred1.setUpdatedBy("Jon Snow");
- fakeCred1.setUpdatedDate("2018-04-04T12:51:37.803Z");
-
- DBCredential fakeCred2 = new DBCredential();
- fakeCred2.setName("APP.dev.testKey2");
- fakeCred1.setComponent("");
- fakeCred1.setSdlc("");
- fakeCred2.setVersion("0001");
- fakeCred2.setUpdatedBy("Ned Stark");
- fakeCred2.setUpdatedDate("2018-04-04T12:51:37.803Z");
-
- DBCredential fakeCred3 = new DBCredential();
- fakeCred3.setName("APP.dev.testKey3.extra");
- fakeCred3.setVersion("0001");
- fakeCred3.setUpdatedBy("");
- fakeCred3.setUpdatedDate("");
-
- DBCredential fakeCred4 = new DBCredential();
- fakeCred4.setName("APP.TestComponent.dev.testKey");
- fakeCred4.setComponent("TestComponent");
- fakeCred4.setSdlc("dev");
- fakeCred4.setVersion("0001");
- fakeCred4.setUpdatedBy("Ned Stark");
- fakeCred4.setUpdatedDate("2018-04-04T12:51:37.803Z");
-
- DBCredential fakeCred5 = new DBCredential();
- fakeCred5.setName("APP.dev.testKey2");
- fakeCred5.setSdlc("dev");
- fakeCred5.setVersion("0001");
- fakeCred5.setUpdatedBy("Ned Stark");
- fakeCred5.setUpdatedDate("2018-04-04T12:51:37.803Z");
-
- DBCredential fakeCred6 = new DBCredential();
- fakeCred6.setName("APP.dev.testKey3.extra");
- fakeCred6.setSdlc("testKey3");
- fakeCred6.setComponent("dev");
- fakeCred6.setVersion("0001");
- fakeCred6.setUpdatedBy("Ned Stark");
- fakeCred6.setUpdatedDate("2018-04-04T12:51:37.803Z");
+ List> fakeData = new ArrayList<>();
+
+ Map fakeCred1 = new HashMap<>();
+ fakeCred1.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred1.put(CredentialsService.SDLC, AttributeValue.builder().s("dev").build());
+ fakeCred1.put(CredentialsService.COMPONENT, AttributeValue.builder().s("").build());
+ fakeCred1.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred1.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Jon Snow").build());
+ fakeCred1.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
+
+ Map fakeCred2 = new HashMap<>();
+ fakeCred2.put(CredentialsService.NAME, AttributeValue.builder().s("APP.dev.testKey2").build());
+ fakeCred2.put(CredentialsService.SDLC, AttributeValue.builder().s("").build());
+ fakeCred2.put(CredentialsService.COMPONENT, AttributeValue.builder().s("").build());
+ fakeCred2.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred2.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Ned Stark").build());
+ fakeCred2.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
+
+ Map fakeCred3 = new HashMap<>();
+ fakeCred3.put(CredentialsService.NAME, AttributeValue.builder().s("APP.dev.testKey3.extra").build());
+ fakeCred3.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred3.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("").build());
+ fakeCred3.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("").build());
+
+ Map fakeCred4 = new HashMap<>();
+ fakeCred4.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred4.put(CredentialsService.SDLC, AttributeValue.builder().s("dev").build());
+ fakeCred4.put(CredentialsService.COMPONENT, AttributeValue.builder().s("TestComponent").build());
+ fakeCred4.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred4.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Ned Stark").build());
+ fakeCred4.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
+
+ Map fakeCred5 = new HashMap<>();
+ fakeCred5.put(CredentialsService.NAME, AttributeValue.builder().s("APP.dev.testKey2").build());
+ fakeCred5.put(CredentialsService.SDLC, AttributeValue.builder().s("dev").build());
+ fakeCred5.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred5.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Ned Stark").build());
+ fakeCred5.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
+
+ Map fakeCred6 = new HashMap<>();
+ fakeCred6.put(CredentialsService.NAME, AttributeValue.builder().s("APP.dev.testKey3.extra").build());
+ fakeCred6.put(CredentialsService.SDLC, AttributeValue.builder().s("testKey3").build());
+ fakeCred6.put(CredentialsService.COMPONENT, AttributeValue.builder().s("dev").build());
+ fakeCred6.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred6.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Ned Stark").build());
+ fakeCred6.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
fakeData.add(fakeCred1);
fakeData.add(fakeCred2);
fakeData.add(fakeCred3);
- when(dynamoDBService.scanDynamoDB(any(), eq(DBCredential.class), any())).thenReturn(fakeData);
+ when(dynamoDBService.scanDynamoDB(any(), any())).thenReturn(fakeData);
when(migrateService.guessCredentialProperties(fakeCred1)).thenReturn(fakeCred4);
when(migrateService.guessCredentialProperties(fakeCred2)).thenReturn(fakeCred5);
when(migrateService.guessCredentialProperties(fakeCred3)).thenReturn(fakeCred6);
@@ -257,54 +257,54 @@ public void getAllCredentialsShouldBeAbleToMigrateCredentialsWithEmptyComponent(
@Test
public void getAllCredentialsShouldBeAbleToMigrateCredentialsWithoutSDLC() {
- List fakeData = new ArrayList<>();
-
- DBCredential fakeCred1 = new DBCredential();
- fakeCred1.setName("APP.TestComponent.dev.testKey");
- fakeCred1.setVersion("0001");
- fakeCred1.setUpdatedBy("Jon Snow");
- fakeCred1.setUpdatedDate("2018-04-04T12:51:37.803Z");
-
- DBCredential fakeCred2 = new DBCredential();
- fakeCred2.setName("APP.dev.testKey2");
- fakeCred2.setVersion("0001");
- fakeCred2.setUpdatedBy("Ned Stark");
- fakeCred2.setUpdatedDate("2018-04-04T12:51:37.803Z");
-
- DBCredential fakeCred3 = new DBCredential();
- fakeCred3.setName("APP.dev.testKey3.extra");
- fakeCred3.setVersion("0001");
- fakeCred3.setUpdatedBy("Ned Stark");
- fakeCred3.setUpdatedDate("2018-04-04T12:51:37.803Z");
-
- DBCredential fakeCred4 = new DBCredential();
- fakeCred4.setName("APP.TestComponent.dev.testKey");
- fakeCred4.setComponent("TestComponent");
- fakeCred4.setSdlc("dev");
- fakeCred4.setVersion("0001");
- fakeCred4.setUpdatedBy("Ned Stark");
- fakeCred4.setUpdatedDate("2018-04-04T12:51:37.803Z");
-
- DBCredential fakeCred5 = new DBCredential();
- fakeCred5.setName("APP.dev.testKey2");
- fakeCred5.setSdlc("dev");
- fakeCred5.setVersion("0001");
- fakeCred5.setUpdatedBy("Ned Stark");
- fakeCred5.setUpdatedDate("2018-04-04T12:51:37.803Z");
-
- DBCredential fakeCred6 = new DBCredential();
- fakeCred6.setName("APP.dev.testKey3.extra");
- fakeCred6.setSdlc("testKey3");
- fakeCred6.setComponent("dev");
- fakeCred6.setVersion("0001");
- fakeCred6.setUpdatedBy("Ned Stark");
- fakeCred6.setUpdatedDate("2018-04-04T12:51:37.803Z");
+ List> fakeData = new ArrayList<>();
+
+ Map fakeCred1 = new HashMap<>();
+ fakeCred1.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred1.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred1.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Jon Snow").build());
+ fakeCred1.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
+
+ Map fakeCred2 = new HashMap<>();
+ fakeCred2.put(CredentialsService.NAME, AttributeValue.builder().s("APP.dev.testKey2").build());
+ fakeCred2.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred2.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Ned Stark").build());
+ fakeCred2.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
+
+ Map fakeCred3 = new HashMap<>();
+ fakeCred3.put(CredentialsService.NAME, AttributeValue.builder().s("APP.dev.testKey3.extra").build());
+ fakeCred3.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred3.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Ned Stark").build());
+ fakeCred3.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
+
+ Map fakeCred4 = new HashMap<>();
+ fakeCred4.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred4.put(CredentialsService.SDLC, AttributeValue.builder().s("dev").build());
+ fakeCred4.put(CredentialsService.COMPONENT, AttributeValue.builder().s("").build());
+ fakeCred4.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred4.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Ned Stark").build());
+ fakeCred4.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
+
+ Map fakeCred5 = new HashMap<>();
+ fakeCred5.put(CredentialsService.NAME, AttributeValue.builder().s("APP.dev.testKey2").build());
+ fakeCred5.put(CredentialsService.SDLC, AttributeValue.builder().s("dev").build());
+ fakeCred5.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred5.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Ned Stark").build());
+ fakeCred5.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
+
+ Map fakeCred6 = new HashMap<>();
+ fakeCred6.put(CredentialsService.NAME, AttributeValue.builder().s("APP.dev.testKey3.extra").build());
+ fakeCred6.put(CredentialsService.SDLC, AttributeValue.builder().s("testKey3").build());
+ fakeCred6.put(CredentialsService.COMPONENT, AttributeValue.builder().s("dev").build());
+ fakeCred6.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred6.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Ned Stark").build());
+ fakeCred6.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
fakeData.add(fakeCred1);
fakeData.add(fakeCred2);
fakeData.add(fakeCred3);
- when(dynamoDBService.scanDynamoDB(any(), eq(DBCredential.class), any())).thenReturn(fakeData);
+ when(dynamoDBService.scanDynamoDB(any(), any())).thenReturn(fakeData);
when(migrateService.guessCredentialProperties(fakeCred1)).thenReturn(fakeCred4);
when(migrateService.guessCredentialProperties(fakeCred2)).thenReturn(fakeCred5);
when(migrateService.guessCredentialProperties(fakeCred3)).thenReturn(fakeCred6);
@@ -327,25 +327,25 @@ public void getAllCredentialsShouldBeAbleToMigrateCredentialsWithoutSDLC() {
@Test
public void getCredential() {
- List fakeData = new ArrayList<>();
-
- DBCredential fakeCred1 = new DBCredential();
- fakeCred1.setName("APP.TestComponent.dev.testKey");
- fakeCred1.setVersion("0001");
- fakeCred1.setUpdatedBy("Jon Snow");
- fakeCred1.setUpdatedDate("2018-04-04T12:51:37.803Z");
-
- DBCredential fakeCred4 = new DBCredential();
- fakeCred4.setName("APP.TestComponent.dev.testKey");
- fakeCred4.setComponent("TestComponent");
- fakeCred4.setSdlc("dev");
- fakeCred4.setVersion("0001");
- fakeCred4.setUpdatedBy("Ned Stark");
- fakeCred4.setUpdatedDate("2018-04-04T12:51:37.803Z");
+ List> fakeData = new ArrayList<>();
+
+ Map fakeCred1 = new HashMap<>();
+ fakeCred1.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred1.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred1.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Jon Snow").build());
+ fakeCred1.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
+
+ Map fakeCred4 = new HashMap<>();
+ fakeCred4.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred4.put(CredentialsService.SDLC, AttributeValue.builder().s("dev").build());
+ fakeCred4.put(CredentialsService.COMPONENT, AttributeValue.builder().s("TestComponent").build());
+ fakeCred4.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred4.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Ned Stark").build());
+ fakeCred4.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
fakeData.add(fakeCred1);
- when(dynamoDBService.queryDynamoDB(any(), eq(DBCredential.class), any())).thenReturn(fakeData);
+ when(dynamoDBService.queryDynamoDB(any(), any())).thenReturn(fakeData);
when(migrateService.migrateCredential(any(), any())).thenReturn(fakeCred4);
Credential expectedCreds = new Credential("testKey", "APP.TestComponent.dev.testKey", "some-account", "region", "APP", "dev",
@@ -358,23 +358,23 @@ public void getCredential() {
@Test(expected = Exception.class)
public void getCredentialFaliureToMigrate()throws Exception {
- List fakeData = new ArrayList<>();
+ List> fakeData = new ArrayList<>();
- DBCredential fakeCred1 = new DBCredential();
- fakeCred1.setName("APP.TestComponent.dev.testKey");
- fakeCred1.setVersion("0001");
- fakeCred1.setUpdatedBy("Jon Snow");
- fakeCred1.setUpdatedDate("2018-04-04T12:51:37.803Z");
+ Map fakeCred1 = new HashMap<>();
+ fakeCred1.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred1.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred1.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Jon Snow").build());
+ fakeCred1.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
- DBCredential fakeCred4 = new DBCredential();
- fakeCred4.setName("APP.TestComponent.dev.testKey");
- fakeCred4.setVersion("0001");
- fakeCred4.setUpdatedBy("Ned Stark");
- fakeCred4.setUpdatedDate("2018-04-04T12:51:37.803Z");
+ Map fakeCred4 = new HashMap<>();
+ fakeCred4.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred4.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred4.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Ned Stark").build());
+ fakeCred4.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
fakeData.add(fakeCred1);
- when(dynamoDBService.queryDynamoDB(any(), eq(DBCredential.class), any())).thenReturn(fakeData);
+ when(dynamoDBService.queryDynamoDB(any(), any())).thenReturn(fakeData);
when(migrateService.migrateCredential(any(), any())).thenReturn(null);
Credential expectedCreds = new Credential("testKey", "APP.TestComponent.dev.testKey", "some-account", "region", "APP", "dev",
@@ -388,23 +388,23 @@ public void getCredentialFaliureToMigrate()throws Exception {
@Test
public void getCredentialFaliureToFindCredential() {
- List fakeData = new ArrayList<>();
+ List> fakeData = new ArrayList<>();
- DBCredential fakeCred1 = new DBCredential();
- fakeCred1.setName("APP.TestComponent.dev.testKey");
- fakeCred1.setVersion("0001");
- fakeCred1.setUpdatedBy("Jon Snow");
- fakeCred1.setUpdatedDate("2018-04-04T12:51:37.803Z");
+ Map fakeCred1 = new HashMap<>();
+ fakeCred1.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred1.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred1.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Jon Snow").build());
+ fakeCred1.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
- DBCredential fakeCred4 = new DBCredential();
- fakeCred4.setName("APP.TestComponent.dev.testKey");
- fakeCred4.setVersion("0001");
- fakeCred4.setUpdatedBy("Ned Stark");
- fakeCred4.setUpdatedDate("2018-04-04T12:51:37.803Z");
+ Map fakeCred4 = new HashMap<>();
+ fakeCred4.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred4.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred4.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Ned Stark").build());
+ fakeCred4.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
fakeData.add(fakeCred1);
- when(dynamoDBService.scanDynamoDB(any(), eq(DBCredential.class), any())).thenReturn(fakeData);
+ when(dynamoDBService.scanDynamoDB(any(), any())).thenReturn(fakeData);
when(migrateService.migrateCredential(any(), any())).thenThrow(NoSuchElementException.class);
Credential expectedCreds = new Credential("testKey", "APP.TestComponent.dev.testKey", "some-account", "region", "APP", "dev",
@@ -419,28 +419,28 @@ public void getCredentialFaliureToFindCredential() {
@Test
public void getAllCredentialsShouldOnlyReturnLatestVersionOfCredentials() {
- List fakeData = new ArrayList<>();
+ List> fakeData = new ArrayList<>();
- DBCredential fakeCred1 = new DBCredential();
- fakeCred1.setName("APP.TestComponent.dev.testKey");
- fakeCred1.setVersion("0001");
- fakeCred1.setUpdatedBy("Jon Snow");
- fakeCred1.setUpdatedDate("2018-04-04T12:51:37.803Z");
+ Map fakeCred1 = new HashMap<>();
+ fakeCred1.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred1.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred1.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Jon Snow").build());
+ fakeCred1.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
- DBCredential fakeCred2 = new DBCredential();
- fakeCred2.setName("APP.TestComponent.dev.testKey");
- fakeCred2.setVersion("0002");
- fakeCred2.setUpdatedBy("Ned Stark");
- fakeCred2.setUpdatedDate("2018-04-04T12:51:37.803Z");
+ Map fakeCred2 = new HashMap<>();
+ fakeCred2.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred2.put(CredentialsService.VERSION, AttributeValue.builder().s("0002").build());
+ fakeCred2.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Ned Stark").build());
+ fakeCred2.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
- DBCredential fakeCred3 = fakeCred2;
- fakeCred3.setSdlc("dev");
- fakeCred3.setComponent("TestComponent");
+ Map fakeCred3 = fakeCred2;
+ fakeCred3.put(CredentialsService.SDLC, AttributeValue.builder().s("dev").build());
+ fakeCred3.put(CredentialsService.COMPONENT, AttributeValue.builder().s("TestComponent").build());
fakeData.add(fakeCred1);
fakeData.add(fakeCred2);
- when(dynamoDBService.scanDynamoDB(any(), eq(DBCredential.class), any())).thenReturn(fakeData);
+ when(dynamoDBService.scanDynamoDB(any(), any())).thenReturn(fakeData);
List expectedCreds = new ArrayList<>();
expectedCreds.add(new Credential("testKey", "APP.TestComponent.dev.testKey", "my_account","region", "APP","dev",
@@ -453,17 +453,17 @@ public void getAllCredentialsShouldOnlyReturnLatestVersionOfCredentials() {
@Test
public void getCredentialHistoryShouldBeAbleToCorrectlyCreateAHistoryObjectFromObtainedData() {
- List fakeData = new ArrayList<>();
+ List> fakeData = new ArrayList<>();
- DBCredential fakeCred = new DBCredential();
- fakeCred.setName("APP.dev.TestComponent.testKey");
- fakeCred.setVersion("0001");
- fakeCred.setUpdatedBy("Jon Snow");
- fakeCred.setUpdatedDate("2018-04-04T12:51:37.803Z");
+ Map fakeCred = new HashMap<>();
+ fakeCred.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Jon Snow").build());
+ fakeCred.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
fakeData.add(fakeCred);
- when(dynamoDBService.queryDynamoDB(any(), eq(DBCredential.class), any())).thenReturn(fakeData);
+ when(dynamoDBService.queryDynamoDB(any(), any())).thenReturn(fakeData);
List expectedHistory = new ArrayList<>();
HistoryEntry expectedEntry = new HistoryEntry(1, "Jon Snow", "2018-04-04T12:51:37.803Z");
@@ -580,13 +580,13 @@ public void putMetadata() throws Exception {
@Test(expected = FideliusException.class)
public void createCredentialShouldNotCreateDuplicateCredentials() throws FideliusException {
- List fakeData = new ArrayList<>();
+ List> fakeData = new ArrayList<>();
- DBCredential fakeCred = new DBCredential();
- fakeCred.setName("APP.dev.testComponent.testKey");
- fakeCred.setVersion("0001");
- fakeCred.setUpdatedBy("Jon Snow");
- fakeCred.setUpdatedDate("2018-04-04T12:51:37.803Z");
+ Map fakeCred = new HashMap<>();
+ fakeCred.put(CredentialsService.NAME, AttributeValue.builder().s("APP.dev.testComponent.testKey").build());
+ fakeCred.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Jon Snow").build());
+ fakeCred.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
fakeData.add(fakeCred);
@@ -599,7 +599,7 @@ public void createCredentialShouldNotCreateDuplicateCredentials() throws Fideliu
credential.setShortKey("testKey");
credential.setSecret("secretPassword");
- when(dynamoDBService.queryDynamoDB(any(), eq(DBCredential.class), any())).thenReturn(fakeData);
+ when(dynamoDBService.queryDynamoDB(any(), any())).thenReturn(fakeData);
Credential result = credentialsService.createCredential(credential);
}
@@ -672,27 +672,27 @@ public void deleteMetadata() throws Exception {
@Test
public void getAllCredentialsShortensFullIAMRoleARNs() {
- List fakeData = new ArrayList<>();
-
- DBCredential fakeCred1 = new DBCredential();
- fakeCred1.setName("APP.TestComponent.dev.testKey");
- fakeCred1.setSdlc("dev");
- fakeCred1.setComponent("TestComponent");
- fakeCred1.setVersion("0001");
- fakeCred1.setUpdatedBy("arn:aws:sts::1234567890:assumed-role/private_aws_somerole_d/L25000");
- fakeCred1.setUpdatedDate("2018-04-04T12:51:37.803Z");
-
- DBCredential fakeCred2 = new DBCredential();
- fakeCred2.setName("APP.dev.testKey2");
- fakeCred2.setSdlc("dev");
- fakeCred2.setVersion("0001");
- fakeCred2.setUpdatedBy("Ned Stark");
- fakeCred2.setUpdatedDate("2018-04-04T12:51:37.803Z");
+ List> fakeData = new ArrayList<>();
+
+ Map fakeCred1 = new HashMap<>();
+ fakeCred1.put(CredentialsService.NAME, AttributeValue.builder().s("APP.TestComponent.dev.testKey").build());
+ fakeCred1.put(CredentialsService.SDLC, AttributeValue.builder().s("dev").build());
+ fakeCred1.put(CredentialsService.COMPONENT, AttributeValue.builder().s("TestComponent").build());
+ fakeCred1.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred1.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("arn:aws:sts::1234567890:assumed-role/private_aws_somerole_d/L25000").build());
+ fakeCred1.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
+
+ Map fakeCred2 = new HashMap<>();
+ fakeCred1.put(CredentialsService.NAME, AttributeValue.builder().s("APP.dev.testKey2").build());
+ fakeCred1.put(CredentialsService.SDLC, AttributeValue.builder().s("dev").build());
+ fakeCred1.put(CredentialsService.VERSION, AttributeValue.builder().s("0001").build());
+ fakeCred1.put(CredentialsService.UPDATED_BY, AttributeValue.builder().s("Ned Stark").build());
+ fakeCred1.put(CredentialsService.UPDATED_ON, AttributeValue.builder().s("2018-04-04T12:51:37.803Z").build());
fakeData.add(fakeCred1);
fakeData.add(fakeCred2);
- when(dynamoDBService.scanDynamoDB(any(), eq(DBCredential.class), any())).thenReturn(fakeData);
+ when(dynamoDBService.scanDynamoDB(any(), any())).thenReturn(fakeData);
List expectedCreds = new ArrayList<>();
expectedCreds.add(new Credential("testKey2", "APP.dev.testKey2", "some-account","region", "APP", "dev",
diff --git a/fidelius-service/src/test/java/org/finra/fidelius/services/MigrateServiceTest.java b/fidelius-service/src/test/java/org/finra/fidelius/services/MigrateServiceTest.java
index af9d667..caad45a 100644
--- a/fidelius-service/src/test/java/org/finra/fidelius/services/MigrateServiceTest.java
+++ b/fidelius-service/src/test/java/org/finra/fidelius/services/MigrateServiceTest.java
@@ -17,10 +17,6 @@
package org.finra.fidelius.services;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient;
-import com.amazonaws.services.dynamodbv2.datamodeling.DynamoDBMapper;
-import com.amazonaws.services.kms.AWSKMSClient;
-import org.finra.fidelius.model.db.DBCredential;
import org.finra.fidelius.services.aws.AWSSessionService;
import org.finra.fidelius.services.aws.DynamoDBService;
import org.junit.Assert;
@@ -32,6 +28,12 @@
import org.mockito.MockitoAnnotations;
import org.mockito.runners.MockitoJUnitRunner;
import org.springframework.beans.factory.annotation.Value;
+import software.amazon.awssdk.services.dynamodb.DynamoDbClient;
+import software.amazon.awssdk.services.dynamodb.model.AttributeValue;
+import software.amazon.awssdk.services.kms.KmsClient;
+
+import java.util.HashMap;
+import java.util.Map;
import static org.mockito.Matchers.any;
import static org.mockito.Mockito.doReturn;
@@ -52,9 +54,6 @@ public class MigrateServiceTest {
@Mock
private DynamoDBService dynamoDBService;
- @Mock
- private DynamoDBMapper mapper;
-
/**
* Name of DynamoDb table that contains credentials
*/
@@ -64,224 +63,223 @@ public class MigrateServiceTest {
@Before
public void setUp() throws Exception {
MockitoAnnotations.initMocks(this);
- when(awsSessionService.getDynamoDBClient(any())).thenReturn(new AmazonDynamoDBClient());
- when(awsSessionService.getKmsClient(any())).thenReturn(new AWSKMSClient());
+ when(awsSessionService.getDynamoDBClient(any())).thenReturn(DynamoDbClient.builder().build());
+ when(awsSessionService.getKmsClient(any())).thenReturn(KmsClient.builder().build());
}
@Test
public void migrateCredentialWith3Fields() throws Exception {
- DBCredential dbCredential = new DBCredential();
- dbCredential.setName("APP.dev.key");
+ Map dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.dev.key").build());
doReturn("correct").when(fideliusService).getCredential("key", "APP", "dev", null, tableName, "FideliusMigrateTask");
- DBCredential result = migrateService.migrateCredential(dbCredential, fideliusService);
+ Map result = migrateService.migrateCredential(dbCredential, fideliusService);
- Assert.assertEquals("dev", result.getSdlc());
- Assert.assertEquals(null, result.getComponent());
+ Assert.assertEquals("dev", result.get("sdlc").s());
+ Assert.assertNull(result.get("component"));
}
@Test
public void migrateCredentialWith3FieldsAndSpecialCharacter() throws Exception {
- DBCredential dbCredential = new DBCredential();
- dbCredential.setName("APP.dev.");
+ Map dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.dev.").build());
doReturn("correct").when(fideliusService).getCredential("", "APP", "dev", null, tableName, "FideliusMigrateTask");
- DBCredential result = migrateService.migrateCredential(dbCredential, fideliusService);
+ Map result = migrateService.migrateCredential(dbCredential, fideliusService);
- Assert.assertEquals("dev", result.getSdlc());
- Assert.assertEquals(null, result.getComponent());
+ Assert.assertEquals("dev", result.get("sdlc").s());
+ Assert.assertNull(result.get("component"));
}
@Test
public void guessCredentialWith3Fields() throws Exception {
- DBCredential dbCredential = new DBCredential();
- dbCredential.setName("APP.dev.key");
+ Map dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.dev.key").build());
- DBCredential result = migrateService.guessCredentialProperties(dbCredential);
+ Map result = migrateService.guessCredentialProperties(dbCredential);
- Assert.assertEquals("dev", result.getSdlc());
- Assert.assertEquals(null, result.getComponent());
- Assert.assertEquals("key", result.getShortKey());
+ Assert.assertEquals("dev", result.get("sdlc").s());
+ Assert.assertNull(result.get("component"));
+ Assert.assertEquals("key", CredentialsService.getShortKey(result));
}
@Test
public void guessCredentialWith3FieldsAndSpecialCharacters() throws Exception {
- DBCredential dbCredential = new DBCredential();
- dbCredential.setName("APP.dev-int. dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.dev-int. result = migrateService.guessCredentialProperties(dbCredential);
- Assert.assertEquals("dev-int", result.getSdlc());
- Assert.assertEquals(null, result.getComponent());
- Assert.assertEquals(" dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.dev.key").build());
- DBCredential result = migrateService.migrateCredential(dbCredential, fideliusService);
+ Map result = migrateService.migrateCredential(dbCredential, fideliusService);
- Assert.assertEquals(null, result.getSdlc());
- Assert.assertEquals(null, result.getComponent());
+ Assert.assertNull(result.get("sdlc"));
+ Assert.assertNull(result.get("component"));
}
@Test
public void migrateCredentialWith4FieldsAndNoComponent() throws Exception {
- DBCredential dbCredential = new DBCredential();
- dbCredential.setName("APP.dev.secret.key");
+ Map dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.dev.secret.key").build());
doReturn("correct").when(fideliusService).getCredential("secret.key", "APP", "dev", null, tableName, "FideliusMigrateTask");
- DBCredential result = migrateService.migrateCredential(dbCredential, fideliusService);
+ Map result = migrateService.migrateCredential(dbCredential, fideliusService);
- Assert.assertEquals("dev", result.getSdlc());
- Assert.assertEquals(null, result.getComponent());
+ Assert.assertEquals("dev", result.get("sdlc").s());
+ Assert.assertNull(result.get("component"));
}
@Test
public void migrateCredentialWith4FieldsAndComponent() throws Exception {
- DBCredential dbCredential = new DBCredential();
- dbCredential.setName("APP.component.dev.key");
+ Map dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.component.dev.key").build());
doReturn("correct").when(fideliusService).getCredential("key", "APP", "dev", "component", tableName, "FideliusMigrateTask");
- DBCredential result = migrateService.migrateCredential(dbCredential, fideliusService);
+ Map result = migrateService.migrateCredential(dbCredential, fideliusService);
- Assert.assertEquals("dev", result.getSdlc());
- Assert.assertEquals("component", result.getComponent());
+ Assert.assertEquals("dev", result.get("sdlc").s());
+ Assert.assertEquals("component", result.get("component").s());
}
@Test
public void migrateCredentialWith4FieldsAndComponentShouldBeNull() throws Exception {
- DBCredential dbCredential = new DBCredential();
- dbCredential.setName("APP.component.dev.key");
+ Map dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.component.dev.key").build());
- DBCredential result = migrateService.migrateCredential(dbCredential, fideliusService);
+ Map result = migrateService.migrateCredential(dbCredential, fideliusService);
- Assert.assertEquals(null, result.getSdlc());
- Assert.assertEquals(null, result.getComponent());
+ Assert.assertNull(result.get("sdlc"));
+ Assert.assertNull(result.get("component"));
}
@Test
public void guessCredentialWith4Fields() throws Exception {
- DBCredential dbCredential = new DBCredential();
- dbCredential.setName("APP.component.dev.key");
+ Map dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.component.dev.key").build());
- DBCredential result = migrateService.guessCredentialProperties(dbCredential);
+ Map result = migrateService.guessCredentialProperties(dbCredential);
- Assert.assertEquals("component", result.getSdlc());
- Assert.assertEquals(null, result.getComponent());
- Assert.assertEquals("dev.key", result.getShortKey());
+ Assert.assertEquals("component", result.get("sdlc").s());
+ Assert.assertNull(result.get("component"));
+ Assert.assertEquals("dev.key", CredentialsService.getShortKey(result));
}
@Test
public void guessCredentialWith4FieldsAndSpecialCharacters() throws Exception {
- DBCredential dbCredential = new DBCredential();
- dbCredential.setName("APP.dev-int.component.");
-
- DBCredential result = migrateService.guessCredentialProperties(dbCredential);
+ Map dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.dev-int.component.").build());
- Assert.assertEquals("dev-int", result.getSdlc());
- Assert.assertEquals(null, result.getComponent());
- Assert.assertEquals("component.", result.getShortKey());
+ Map result = migrateService.guessCredentialProperties(dbCredential);
+ Assert.assertEquals("dev-int", result.get("sdlc").s());
+ Assert.assertNull(result.get("component"));
+ Assert.assertEquals("component.", CredentialsService.getShortKey(result));
}
@Test
public void migrateCredentialWithMoreThan4FieldsAndNoComponent() throws Exception {
- DBCredential dbCredential = new DBCredential();
- dbCredential.setName("APP.dev.secret.long.key");
+ Map dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.dev.secret.long.key").build());
doReturn("correct").when(fideliusService).getCredential("secret.long.key", "APP", "dev", null, tableName, "FideliusMigrateTask");
- DBCredential result = migrateService.migrateCredential(dbCredential, fideliusService);
+ Map result = migrateService.migrateCredential(dbCredential, fideliusService);
- Assert.assertEquals("dev", result.getSdlc());
- Assert.assertEquals(null, result.getComponent());
+ Assert.assertEquals("dev", result.get("sdlc").s());
+ Assert.assertNull(result.get("component"));
}
@Test
public void migrateCredentialWithMoreThan4FieldsAndNoComponentSpecialCharacters() throws Exception {
- DBCredential dbCredential = new DBCredential();
- dbCredential.setName("APP.dev-int.secret.'long. dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.dev-int.secret.'long. result = migrateService.migrateCredential(dbCredential, fideliusService);
- Assert.assertEquals("dev-int", result.getSdlc());
- Assert.assertEquals(null, result.getComponent());
+ Assert.assertEquals("dev-int", result.get("sdlc").s());
+ Assert.assertNull(result.get("component"));
}
@Test
public void migrateCredentialWithMoreThan4FieldsAndComponent() throws Exception {
- DBCredential dbCredential = new DBCredential();
- dbCredential.setName("APP.component.dev.secret.long.key");
+ Map dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.component.dev.secret.long.key").build());
doReturn("correct").when(fideliusService).getCredential("secret.long.key", "APP", "dev", "component", tableName, "FideliusMigrateTask");
- DBCredential result = migrateService.migrateCredential(dbCredential, fideliusService);
+ Map result = migrateService.migrateCredential(dbCredential, fideliusService);
- Assert.assertEquals("dev", result.getSdlc());
- Assert.assertEquals("component", result.getComponent());
+ Assert.assertEquals("dev", result.get("sdlc").s());
+ Assert.assertEquals("component", result.get("component").s());
}
@Test
public void migrateCredentialWithMoreThan4FieldsAndComponentSpecialCharacters() throws Exception {
- DBCredential dbCredential = new DBCredential();
- dbCredential.setName("APP.component.dev-int.secret.long.");
+ Map dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.component.dev-int.secret.long.").build());
doReturn("correct").when(fideliusService).getCredential("secret.long.", "APP", "dev-int", "component", tableName, "FideliusMigrateTask");
- DBCredential result = migrateService.migrateCredential(dbCredential, fideliusService);
+ Map result = migrateService.migrateCredential(dbCredential, fideliusService);
- Assert.assertEquals("dev-int", result.getSdlc());
- Assert.assertEquals("component", result.getComponent());
+ Assert.assertEquals("dev-int", result.get("sdlc").s());
+ Assert.assertEquals("component", result.get("component").s());
}
@Test
public void guessCredentialWithMoreThan4Fields() throws Exception {
- DBCredential dbCredential = new DBCredential();
- dbCredential.setName("APP.dev.secret.long.key");
+ Map dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.dev.secret.long.key").build());
- DBCredential result = migrateService.guessCredentialProperties(dbCredential);
+ Map result = migrateService.guessCredentialProperties(dbCredential);
- Assert.assertEquals("dev", result.getSdlc());
- Assert.assertEquals(null, result.getComponent());
- Assert.assertEquals("secret.long.key", result.getShortKey());
+ Assert.assertEquals("dev", result.get("sdlc").s());
+ Assert.assertNull(result.get("component"));
+ Assert.assertEquals("secret.long.key", CredentialsService.getShortKey(result));
}
@Test
public void guessCredentialWithMoreThan4FieldsAndCharacters() throws Exception {
- DBCredential dbCredential = new DBCredential();
- dbCredential.setName("APP.dev-int.secret.long. dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.dev-int.secret.long. result = migrateService.guessCredentialProperties(dbCredential);
- Assert.assertEquals("dev-int", result.getSdlc());
- Assert.assertEquals(null, result.getComponent());
- Assert.assertEquals("secret.long. dbCredential = new HashMap<>();
+ dbCredential.put("name", AttributeValue.builder().s("APP.dev-int*.secret").build());
- DBCredential result = migrateService.guessCredentialProperties(dbCredential);
+ Map result = migrateService.guessCredentialProperties(dbCredential);
- Assert.assertEquals("dev-int*", result.getSdlc());
- Assert.assertEquals(null, result.getComponent());
- Assert.assertEquals("APP.dev-int*.secret", result.getShortKey());
+ Assert.assertEquals("dev-int*", result.get("sdlc").s());
+ Assert.assertNull(result.get("component"));
+ Assert.assertEquals("APP.dev-int*.secret", CredentialsService.getShortKey(result));
}
-}
\ No newline at end of file
+}
diff --git a/fidelius-service/src/test/java/org/finra/fidelius/services/aws/DynamoDBServiceTest.java b/fidelius-service/src/test/java/org/finra/fidelius/services/aws/DynamoDBServiceTest.java
index 3889748..c973f76 100644
--- a/fidelius-service/src/test/java/org/finra/fidelius/services/aws/DynamoDBServiceTest.java
+++ b/fidelius-service/src/test/java/org/finra/fidelius/services/aws/DynamoDBServiceTest.java
@@ -17,15 +17,6 @@
package org.finra.fidelius.services.aws;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient;
-import com.amazonaws.services.dynamodbv2.datamodeling.DynamoDBMapper;
-import com.amazonaws.services.dynamodbv2.datamodeling.DynamoDBQueryExpression;
-import com.amazonaws.services.dynamodbv2.datamodeling.DynamoDBScanExpression;
-import com.amazonaws.services.dynamodbv2.datamodeling.PaginatedScanList;
-import com.amazonaws.services.dynamodbv2.model.ProvisionedThroughputExceededException;
-import com.amazonaws.services.dynamodbv2.model.ResourceNotFoundException;
-import com.amazonaws.services.securitytoken.model.AWSSecurityTokenServiceException;
-import org.finra.fidelius.FideliusClient;
import org.finra.fidelius.exceptions.FideliusException;
import org.junit.Before;
import org.junit.Test;
@@ -34,18 +25,11 @@
import org.mockito.Mock;
import org.mockito.MockitoAnnotations;
import org.mockito.runners.MockitoJUnitRunner;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.ActiveProfiles;
-import org.springframework.test.context.junit4.SpringRunner;
+import software.amazon.awssdk.services.dynamodb.DynamoDbClient;
+import software.amazon.awssdk.services.dynamodb.model.ProvisionedThroughputExceededException;
+import software.amazon.awssdk.services.dynamodb.model.QueryRequest;
+import software.amazon.awssdk.services.dynamodb.model.ScanRequest;
-import javax.inject.Inject;
-
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.List;
-
-import static org.junit.Assert.*;
import static org.mockito.Matchers.any;
import static org.mockito.Mockito.when;
@@ -59,7 +43,7 @@ public class DynamoDBServiceTest {
private DynamoDBService dynamoDBService;
@Mock
- private DynamoDBMapper fakeMapper;
+ private DynamoDbClient dynamoDbClient;
@Before
@@ -67,34 +51,16 @@ public void setUp() throws Exception {
MockitoAnnotations.initMocks(this);
}
- @Test(expected = Exception.class)
- public void createMapperShouldFailIfDBClientFailsToCreate() throws Exception {
- when(awsSessionService.getDynamoDBClient(any())).thenThrow(new Exception());
- dynamoDBService.createMapper("BAD_ACCOUNT_NAME", "bad_region", "table");
- }
-
- @Test
- public void createMapperShouldCompleteIfDBClientCreatesSuccessfully() throws Exception {
- when(awsSessionService.getDynamoDBClient(any())).thenReturn(new AmazonDynamoDBClient());
- dynamoDBService.createMapper("some_account", "some_region", "table");
- }
-
@Test(expected = FideliusException.class)
public void scanDynamoDBFailsAfterIntervalReaches60SecondsWhenRetryingOnThrottlingException() {
- when(fakeMapper.scan(any(), any())).thenThrow(new ProvisionedThroughputExceededException("test"));
- dynamoDBService.scanDynamoDB(new DynamoDBScanExpression(), Object.class, fakeMapper);
- }
-
- @Test(expected = FideliusException.class)
- public void createMapperShouldThrowFideliusExceptionIfCredentialAccessIsDenied() {
- when(awsSessionService.getDynamoDBClient(any())).thenThrow(new AWSSecurityTokenServiceException("Access Denied"));
- dynamoDBService.createMapper("some_account", "some_region", "table");
+ when(dynamoDbClient.scan(any(ScanRequest.class))).thenThrow(ProvisionedThroughputExceededException.builder().message("test").build());
+ dynamoDBService.scanDynamoDB(ScanRequest.builder().build(), dynamoDbClient);
}
@Test(expected = FideliusException.class)
public void queryDynamoDBFailsAfterIntervalReaches60SecondsWhenRetryingOnThrottlingException() {
- when(fakeMapper.query(any(), any())).thenThrow(new ProvisionedThroughputExceededException("test"));
- dynamoDBService.queryDynamoDB(new DynamoDBQueryExpression(), Object.class, fakeMapper);
+ when(dynamoDbClient.query(any(QueryRequest.class))).thenThrow(ProvisionedThroughputExceededException.builder().message("test").build());
+ dynamoDBService.queryDynamoDB(QueryRequest.builder().build(), dynamoDbClient);
}
-}
\ No newline at end of file
+}