diff --git a/README.md b/README.md index b1d364ab..292c13bd 100644 --- a/README.md +++ b/README.md @@ -12,6 +12,7 @@ Table of Contents ----------------- * [Installing the Driver](#installing-the-driver) * [Initializing a Driver Instance](#initializing-a-driver-instance) +* [Key/Value Secret Engine Config](#key-value-secret-engine-config) * [SSL Config](#ssl-config) * [General Options](#general-options) * [Java Keystore (JKS) based config](#java-keystore-jks-based-config) @@ -30,7 +31,7 @@ The driver is available from Maven Central, for all modern Java build systems. Gradle: ``` dependencies { - compile('com.bettercloud:vault-java-driver:3.1.0') + compile('com.bettercloud:vault-java-driver:4.1.0') } ``` @@ -39,7 +40,7 @@ Maven: com.bettercloud vault-java-driver - 3.1.0 + 4.0.0 ``` @@ -81,6 +82,32 @@ driver class: final Vault vault = new Vault(config); ``` +Key Value Secret Engine Config +------------------------------ +Shortly before its `1.0` release, Vault added a Version 2 of its [Key/Value Secrets Engine](https://www.vaultproject.io/docs/secrets/kv/index.html). This +supports some addition features beyond the Version 1 that was the default in earlier Vault builds (e.g. secret rotation, soft deletes, etc). + +Unfortunately, K/V V2 introduces some breaking changes, in terms of both request/response payloads as well as how URL's are constructed +for Vault's REST API. Therefore, version `4.0.0` of this Vault Driver likewise had to introduce some breaking changes, to allow support +for both K/V versions. + +* **If you are using the new K/V V2 across the board**, then no action is needed. The Vault Driver now assumes this by default. + +* **If you are still using the old K/V V1 across the board**, then you can use the `Vault` class constructor: + `public Vault(final VaultConfig vaultConfig, final Integer engineVersion)`, supplying a `1` as the engine version parameter. + constructor, then you can declare whether to use Version 1 or 2 across the board. + +* **If you are using a mix, of some secret paths mounted with V1 and others mounted with V2**, then you have two options: + + * You can explicitly specify your Vault secret paths, and which K/V version each one is using. Construct your `Vault` objects + with the constructor `public Vault(final VaultConfig vaultConfig, final Boolean useSecretsEnginePathMap, final Integer globalFallbackVersion)`. + Within the `VaultConfig` object, supply a map of Vault secret paths to their associated K/V version (`1` or `2`). + + * You can rely on the Vault Driver to auto-detect your mounts and K/V versions upon instantiation. Use the same constructor as above, + but leave the map `null`. Note that this option requires your authentication credentials to have access to read Vault's `/v1/sys/mounts` + path. + + SSL Config ---------- If your Vault server uses a SSL certificate, then you must supply that certificate to establish connections. Also, if @@ -222,6 +249,15 @@ Note that changes to the major version (i.e. the first number) represent possibl may require modifications in your code to migrate. Changes to the minor version (i.e. the second number) should represent non-breaking changes. The third number represents any very minor bugfix patches. +* **4.1.0**: New health code support: + * Adds support for the new [Vault health codes](https://www.vaultproject.io/api/system/health.html#parameters) + +* **4.0.0**: This is a breaking-change release, with two primary updates: + * Adds support for Version 2 of the Key/Value Secrets Engine. The driver now assumes that your Vault instance uses Version 2 of the + Key/Value Secrets Engine across the board. To configure this, see the [Key/Value Secret Engine Config](#key-value-secret-engine-config) + section above. + * Adds support for the namespaces feature of Vault Enterprise. + * **3.1.0**: Several updates. * Adds support for seal-related operations (i.e. `/sys/seal`, `/sys/unseal`, `/sys/seal-status`). * Adds support for the AWS auth backend. @@ -330,7 +366,7 @@ License ------- The MIT License (MIT) -Copyright (c) 2016-2018 BetterCloud +Copyright (c) 2016-2019 BetterCloud Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the diff --git a/build.gradle b/build.gradle index 40c961aa..e7f95ac3 100644 --- a/build.gradle +++ b/build.gradle @@ -4,7 +4,7 @@ apply plugin: 'signing' group 'com.bettercloud' archivesBaseName = 'vault-java-driver' -version '3.1.0' +version '4.1.0' ext.isReleaseVersion = !version.endsWith('SNAPSHOT') compileJava { @@ -171,6 +171,11 @@ uploadArchives { id 'steve-perkins-bc' name 'Steve Perkins' email 'steve.perkins@bettercloud.com' + }, + developer { + id 'jarrodcodes' + name 'Jarrod Young' + email 'jarrodsy@gmail.com' } ]} } diff --git a/src/main/java/com/bettercloud/vault/SslConfig.java b/src/main/java/com/bettercloud/vault/SslConfig.java index e2349ba3..36544227 100644 --- a/src/main/java/com/bettercloud/vault/SslConfig.java +++ b/src/main/java/com/bettercloud/vault/SslConfig.java @@ -452,7 +452,7 @@ public SslConfig build() throws VaultException { } else { this.verify = true; } - if (this.verify == true && this.pemUTF8 == null && environmentLoader.loadVariable(VAULT_SSL_CERT) != null) { + if (this.verify && this.pemUTF8 == null && environmentLoader.loadVariable(VAULT_SSL_CERT) != null) { final File pemFile = new File(environmentLoader.loadVariable(VAULT_SSL_CERT)); try (final InputStream input = new FileInputStream(pemFile)) { this.pemUTF8 = inputStreamToUTF8(input); @@ -477,7 +477,7 @@ public SslConfig build() throws VaultException { * @throws VaultException */ private void buildSsl() throws VaultException { - if (verify == true) { + if (verify) { if (keyStore != null || trustStore != null) { this.sslContext = buildSslContextFromJks(); } else if (pemUTF8 != null || clientPemUTF8 != null || clientKeyPemUTF8 != null) { diff --git a/src/main/java/com/bettercloud/vault/Vault.java b/src/main/java/com/bettercloud/vault/Vault.java index 2d58aca2..cd308324 100644 --- a/src/main/java/com/bettercloud/vault/Vault.java +++ b/src/main/java/com/bettercloud/vault/Vault.java @@ -76,6 +76,9 @@ public Vault(final VaultConfig vaultConfig) { /** * Construct a Vault driver instance with the provided config settings, and use the provided global KV Engine version for all secrets. + * + * @param vaultConfig Configuration settings for Vault interaction (e.g. server address, token, etc) + * @param engineVersion Which version of the Key/Value Secret Engine to use globally (i.e. 1 or 2) */ public Vault(final VaultConfig vaultConfig, final Integer engineVersion) { if (engineVersion < 1 || engineVersion > 2) { @@ -99,6 +102,8 @@ public Vault(final VaultConfig vaultConfig, final Integer engineVersion) { * If a secrets KV Engine version map is not supplied, use Vault APIs to determine the * KV Engine version for each secret. This call requires admin rights. * @param globalFallbackVersion The Integer version of the KV Engine to use as a global fallback. + * + * @throws VaultException If any error occurs */ public Vault(final VaultConfig vaultConfig, final Boolean useSecretsEnginePathMap, final Integer globalFallbackVersion) throws VaultException { diff --git a/src/main/java/com/bettercloud/vault/VaultConfig.java b/src/main/java/com/bettercloud/vault/VaultConfig.java index c3cc929b..d34990c6 100644 --- a/src/main/java/com/bettercloud/vault/VaultConfig.java +++ b/src/main/java/com/bettercloud/vault/VaultConfig.java @@ -83,6 +83,8 @@ public VaultConfig environmentLoader(final EnvironmentLoader environmentLoader) * @param nameSpace The namespace to use globally in this VaultConfig instance. * @return This object, with the namespace populated, ready for additional builder-pattern method calls or else * finalization with the build() method + * + * @throws VaultException If any error occurs */ public VaultConfig nameSpace(final String nameSpace) throws VaultException { if (nameSpace != null && !nameSpace.isEmpty()) { diff --git a/src/main/java/com/bettercloud/vault/api/Debug.java b/src/main/java/com/bettercloud/vault/api/Debug.java index 50ed7e27..bffd35fa 100644 --- a/src/main/java/com/bettercloud/vault/api/Debug.java +++ b/src/main/java/com/bettercloud/vault/api/Debug.java @@ -43,7 +43,8 @@ public Debug withNameSpace(final String nameSpace) { * health check and provides a simple way to monitor the health of a Vault instance.

* * @return The response information returned from Vault - * @throws VaultException If any errors occurs with the REST request (e.g. non-200 status code, invalid JSON payload, etc), and the maximum number of retries is exceeded. + * @throws VaultException If any errors occurs with the REST request (e.g. non-200 status code, invalid JSON payload, etc), + * and the maximum number of retries is exceeded. * @see https://www.vaultproject.io/docs/http/sys-health.html * *
@@ -58,7 +59,21 @@ public Debug withNameSpace(final String nameSpace) { *
*/ public HealthResponse health() throws VaultException { - return health(null, null, null, null); + return health(null, null, null, null, null, + null, null, null); + } + + /** + *

A deprecated, overloaded version of {@link Debug#health()} that allows for passing one or more of the previous four optional parameters.

+ * Please consider using the new constructor that adds support for perfStandbyOk, drSecondaryCode, etc/ + */ + @Deprecated + public HealthResponse health( + final Boolean standbyOk, + final Integer activeCode, + final Integer standbyCode, + final Integer sealedCode) throws VaultException { + return health(standbyOk, activeCode, standbyCode, sealedCode, null, null, null, null); } /** @@ -71,10 +86,14 @@ public HealthResponse health() throws VaultException { * will need to check HealthReponse.getRestResponse().getStatus() to determine the result of * the operation.

* - * @param standbyOk (optional) Indicates that being a standby should still return the active status code instead of the standby code - * @param activeCode (optional) Indicates the status code that should be returned for an active node instead of the default of 200 - * @param standbyCode (optional) Indicates the status code that should be returned for a standby node instead of the default of 429 - * @param sealedCode (optional) Indicates the status code that should be returned for a sealed node instead of the default of 500 + * @param standbyOk (optional) Indicates that being a standby should still return the active status code instead of the standby code + * @param activeCode (optional) Indicates the status code that should be returned for an active node instead of the default of 200 + * @param standbyCode (optional) Indicates the status code that should be returned for a standby node instead of the default of 429 + * @param sealedCode (optional) Indicates the status code that should be returned for a sealed node instead of the default of 500 + * @param perfStandbyOk (optional) Specifies if being a performance standby should still return the active status code instead of the performance standby status code + * @param drSecondaryCode (optional) Indicates the status code that should be returned for a DR secondary node instead of the default of 472 + * @param performanceStandbyCode (optional) Indicates the status code that should be returned for a performance standby node instead of the default of 473 + * @param unInitCode (optional) Indicates the status code that should be returned for an uninitialized node instead of the default of 501 * @return The response information returned from Vault * @throws VaultException If an error occurs or unexpected response received from Vault */ @@ -82,7 +101,11 @@ public HealthResponse health( final Boolean standbyOk, final Integer activeCode, final Integer standbyCode, - final Integer sealedCode + final Integer sealedCode, + final Boolean perfStandbyOk, + final Integer drSecondaryCode, + final Integer performanceStandbyCode, + final Integer unInitCode ) throws VaultException { final String path = "sys/health"; int retryCount = 0; @@ -105,6 +128,11 @@ public HealthResponse health( if (activeCode != null) rest.parameter("activecode", activeCode.toString()); if (standbyCode != null) rest.parameter("standbycode", standbyCode.toString()); if (sealedCode != null) rest.parameter("sealedcode", sealedCode.toString()); + if (perfStandbyOk != null) rest.parameter("perfstandbyok", perfStandbyOk.toString()); + if (drSecondaryCode != null) rest.parameter("drsecondarycode", drSecondaryCode.toString()); + if (performanceStandbyCode != null) + rest.parameter("performancestandbycode", performanceStandbyCode.toString()); + if (unInitCode != null) rest.parameter("uninitcode", unInitCode.toString()); // Execute request final RestResponse restResponse = rest.get(); @@ -112,12 +140,20 @@ public HealthResponse health( final Set validCodes = new HashSet<>();//NOPMD validCodes.add(200); validCodes.add(429); + validCodes.add(472); + validCodes.add(473); validCodes.add(500); + validCodes.add(501); + validCodes.add(503); if (activeCode != null) validCodes.add(activeCode); if (standbyCode != null) validCodes.add(standbyCode); if (sealedCode != null) validCodes.add(sealedCode); + if (drSecondaryCode != null) validCodes.add(drSecondaryCode); + if (performanceStandbyCode != null) validCodes.add(performanceStandbyCode); + if (unInitCode != null) validCodes.add(unInitCode); if (!validCodes.contains(restResponse.getStatus())) { - throw new VaultException("Vault responded with HTTP status code: " + restResponse.getStatus(), restResponse.getStatus()); + throw new VaultException("Vault responded with HTTP status code: " + restResponse.getStatus(), + restResponse.getStatus()); } return new HealthResponse(restResponse, retryCount); } catch (RuntimeException | VaultException | RestException e) { diff --git a/src/main/java/com/bettercloud/vault/api/Leases.java b/src/main/java/com/bettercloud/vault/api/Leases.java index 99a54ee8..87c822ac 100644 --- a/src/main/java/com/bettercloud/vault/api/Leases.java +++ b/src/main/java/com/bettercloud/vault/api/Leases.java @@ -239,7 +239,7 @@ public VaultResponse renew(final String leaseId, final long increment) throws Va .readTimeoutSeconds(config.getReadTimeout()) .sslVerification(config.getSslConfig().isVerify()) .sslContext(config.getSslConfig().getSslContext()) - .post(); + .put(); // Validate response if (restResponse.getStatus() != 200) { diff --git a/src/main/java/com/bettercloud/vault/api/Logical.java b/src/main/java/com/bettercloud/vault/api/Logical.java index 35844282..e4fd89f1 100644 --- a/src/main/java/com/bettercloud/vault/api/Logical.java +++ b/src/main/java/com/bettercloud/vault/api/Logical.java @@ -649,7 +649,6 @@ private Integer engineVersionForSecretPath(final String secretPath) { * * @param path The Vault secret path to check (e.g. secret/). * @return The response information received from Vault - * @throws VaultException If any error occurs, or unexpected response received from Vault */ public Integer getEngineVersionForSecretPath(final String path) { return this.engineVersionForSecretPath(path); diff --git a/src/main/java/com/bettercloud/vault/api/LogicalUtilities.java b/src/main/java/com/bettercloud/vault/api/LogicalUtilities.java index d9057dc4..305bf364 100644 --- a/src/main/java/com/bettercloud/vault/api/LogicalUtilities.java +++ b/src/main/java/com/bettercloud/vault/api/LogicalUtilities.java @@ -100,6 +100,8 @@ public static String adjustPathForList(final String path, final Logical.logicalO * * @param path The Vault path to check or mutate, based on the operation. * @param operation The operation being performed, e.g. readV2 or writeV1. + * + * @return The modified path */ public static String adjustPathForDelete(final String path, final Logical.logicalOperations operation) { final List pathSegments = getPathSegments(path); @@ -118,6 +120,8 @@ public static String adjustPathForDelete(final String path, final Logical.logica * When deleting secret versions, you must inject the path segment "delete" right after the lowest-level path segment. * * @param path The Vault path to check or mutate, based on the operation. + * + * @return The modified path */ public static String adjustPathForVersionDelete(final String path) { final List pathSegments = getPathSegments(path); diff --git a/src/main/java/com/bettercloud/vault/json/JsonObject.java b/src/main/java/com/bettercloud/vault/json/JsonObject.java index 73d03576..a5a28fee 100644 --- a/src/main/java/com/bettercloud/vault/json/JsonObject.java +++ b/src/main/java/com/bettercloud/vault/json/JsonObject.java @@ -23,7 +23,6 @@ import java.io.IOException; import java.io.ObjectInputStream; -import java.io.Reader; import java.util.ArrayList; import java.util.Collections; import java.util.Iterator; diff --git a/src/main/java/com/bettercloud/vault/response/AuthResponse.java b/src/main/java/com/bettercloud/vault/response/AuthResponse.java index 0c3449ae..3c4243f5 100644 --- a/src/main/java/com/bettercloud/vault/response/AuthResponse.java +++ b/src/main/java/com/bettercloud/vault/response/AuthResponse.java @@ -54,7 +54,7 @@ public AuthResponse(final RestResponse restResponse, final int retries) { for (final JsonValue authPolicy : authPoliciesJsonArray) { authPolicies.add(authPolicy.asString()); } - } catch (ParseException e) { + } catch (ParseException ignored) { } } diff --git a/src/main/java/com/bettercloud/vault/response/HealthResponse.java b/src/main/java/com/bettercloud/vault/response/HealthResponse.java index 87fe0ab4..24eecf14 100644 --- a/src/main/java/com/bettercloud/vault/response/HealthResponse.java +++ b/src/main/java/com/bettercloud/vault/response/HealthResponse.java @@ -3,6 +3,7 @@ import com.bettercloud.vault.VaultException; import com.bettercloud.vault.json.Json; import com.bettercloud.vault.json.JsonObject; +import com.bettercloud.vault.json.JsonValue; import com.bettercloud.vault.rest.RestResponse; import java.io.Serializable; @@ -21,6 +22,9 @@ public class HealthResponse implements Serializable { private Boolean sealed; private Boolean standby; private Long serverTimeUTC; + private Boolean performanceStandby; + private String replicationPerformanceMode; + private String replicationDrMode; /** *

Constructs a HealthResponse object from the data received in a health @@ -34,7 +38,7 @@ public class HealthResponse implements Serializable { * {@link com.bettercloud.vault.api.Debug#health(Boolean, Integer, Integer, Integer)}.

* * @param restResponse The raw HTTP response from Vault - * @param retries The number of retry attempts that occurred during the API call (can be zero) + * @param retries The number of retry attempts that occurred during the API call (can be zero) * @throws VaultException If any error occurs or unexpected response is received from Vault */ public HealthResponse(final RestResponse restResponse, final int retries) throws VaultException { @@ -59,7 +63,14 @@ public HealthResponse(final RestResponse restResponse, final int retries) throws this.sealed = jsonObject.get("sealed") == null ? null : jsonObject.get("sealed").asBoolean(); this.standby = jsonObject.get("standby") == null ? null : jsonObject.get("standby").asBoolean(); this.serverTimeUTC = jsonObject.get("server_time_utc") == null ? null : jsonObject.get("server_time_utc").asLong(); - } catch(final Exception e) { + this.performanceStandby = jsonObject.get("performance_standby") == null ? null : + jsonObject.get("performance_standby").asBoolean(); + this.replicationPerformanceMode = jsonObject.get("replication_performance_mode") == null ? null : + jsonObject.get("replication_performance_mode").asString(); + this.replicationDrMode = jsonObject.get("replication_dr_mode") == null ? null : + jsonObject.get("replication_dr_mode").asString(); + + } catch (final Exception e) { throw new VaultException("Unable to parse JSON payload: " + e, restResponse.getStatus()); } } @@ -93,4 +104,15 @@ public Long getServerTimeUTC() { return serverTimeUTC; } + public Boolean getPerformanceStandby() { + return performanceStandby; + } + + public String getReplicationPerformanceMode() { + return replicationPerformanceMode; + } + + public String getReplicationDrMode() { + return replicationDrMode; + } } diff --git a/src/test-integration/java/com/bettercloud/vault/api/DebugTests.java b/src/test-integration/java/com/bettercloud/vault/api/DebugTests.java index 3c01bca5..e17af939 100644 --- a/src/test-integration/java/com/bettercloud/vault/api/DebugTests.java +++ b/src/test-integration/java/com/bettercloud/vault/api/DebugTests.java @@ -4,6 +4,7 @@ import com.bettercloud.vault.VaultException; import com.bettercloud.vault.response.HealthResponse; import com.bettercloud.vault.util.VaultContainer; +import junit.framework.TestCase; import org.junit.Before; import org.junit.BeforeClass; import org.junit.ClassRule; @@ -12,6 +13,7 @@ import java.io.IOException; import static junit.framework.TestCase.*; +import static org.junit.Assert.assertNotEquals; /** *

Integration tests for the debug-related operations on the Vault HTTP API's.

@@ -44,12 +46,29 @@ public void testHealth_Plain() throws VaultException { assertEquals(200, response.getRestResponse().getStatus()); } + @Test + public void testHealth_Sealed() throws VaultException { + vault.seal().seal(); + final HealthResponse response = vault.debug().health(); + + assertTrue(response.getInitialized()); + assertTrue(response.getSealed()); + assertTrue(response.getStandby()); + assertNotNull(response.getServerTimeUTC()); + assertEquals(503, response.getRestResponse().getStatus()); + assertFalse(response.getPerformanceStandby()); + assertNotEquals("disabled", response.getReplicationPerformanceMode()); + assertNotEquals("disabled", response.getReplicationDrMode()); + container.getRootVault().seal().unseal(container.getUnsealKey()); + } + @Test public void testHealth_WithParams() throws VaultException { - final HealthResponse response = vault.debug().health(null, 212, null, null); + final HealthResponse response = vault.debug().health(null, 212, null, null, null, null, null, null); assertTrue(response.getInitialized()); assertFalse(response.getSealed()); assertFalse(response.getStandby()); + assertFalse(response.getPerformanceStandby()); assertNotNull(response.getServerTimeUTC()); assertEquals(212, response.getRestResponse().getStatus()); } @@ -66,11 +85,30 @@ public void testHealth_WithParams() throws VaultException { @Test public void testHealth_WonkyActiveCode() throws VaultException { final HealthResponse response = vault.debug().health(null, 204, null, - null); + null, null, null, null, null); assertNull(response.getInitialized()); assertNull(response.getSealed()); assertNull(response.getStandby()); assertNull(response.getServerTimeUTC()); + assertNull(response.getPerformanceStandby()); + assertNull(response.getReplicationDrMode()); + assertNull(response.getReplicationPerformanceMode()); assertEquals(204, response.getRestResponse().getStatus()); } + + @Test + public void testHealth_WonkySealedCode() throws VaultException { + vault.seal().seal(); + final HealthResponse response = vault.debug().health(null, null, null, + 900, null, null, null, null); + assertTrue(response.getInitialized()); + assertTrue(response.getSealed()); + assertTrue(response.getStandby()); + assertNotNull(response.getServerTimeUTC()); + assertFalse(response.getPerformanceStandby()); + assertNotNull(response.getReplicationDrMode()); + assertNotNull(response.getReplicationPerformanceMode()); + assertEquals(900, response.getRestResponse().getStatus()); + container.getRootVault().seal().unseal(container.getUnsealKey()); + } } diff --git a/src/test/java/com/bettercloud/vault/RetryTests.java b/src/test/java/com/bettercloud/vault/RetryTests.java index 8779ed6f..4e7cd0b1 100644 --- a/src/test/java/com/bettercloud/vault/RetryTests.java +++ b/src/test/java/com/bettercloud/vault/RetryTests.java @@ -9,7 +9,6 @@ import java.util.HashMap; import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertTrue; /** *

Unit tests for the Vault driver, having no dependency on an actual Vault server instance being available. The diff --git a/src/test/java/com/bettercloud/vault/VaultConfigTests.java b/src/test/java/com/bettercloud/vault/VaultConfigTests.java index a4cec99e..3e159941 100644 --- a/src/test/java/com/bettercloud/vault/VaultConfigTests.java +++ b/src/test/java/com/bettercloud/vault/VaultConfigTests.java @@ -72,7 +72,7 @@ public String loadVariable(final String name) { try { final byte[] bytes = Files.readAllBytes(Paths.get(mockHomeDirectory).resolve(".vault-token")); value = new String(bytes, StandardCharsets.UTF_8).trim(); - } catch (IOException e) { + } catch (IOException ignored) { } } } else { @@ -154,8 +154,8 @@ public void testConfigBuilder_LoadFromEnv() throws VaultException { assertEquals("http://127.0.0.1:8200", config.getAddress()); assertEquals("c24e2469-298a-6c64-6a71-5b47c9ba459a", config.getToken()); assertTrue(config.getSslConfig().isVerify()); - assertTrue(30 == config.getOpenTimeout()); - assertTrue(30 == config.getReadTimeout()); + assertEquals(30, (int) config.getOpenTimeout()); + assertEquals(30, (int) config.getReadTimeout()); } @Test diff --git a/src/test/java/com/bettercloud/vault/api/pki/CredentialTests.java b/src/test/java/com/bettercloud/vault/api/pki/CredentialTests.java index 4cc2486a..4b947c36 100644 --- a/src/test/java/com/bettercloud/vault/api/pki/CredentialTests.java +++ b/src/test/java/com/bettercloud/vault/api/pki/CredentialTests.java @@ -1,6 +1,5 @@ package com.bettercloud.vault.api.pki; -import com.bettercloud.vault.api.pki.Credential; import org.junit.Assert; import org.junit.Test; diff --git a/src/test/java/com/bettercloud/vault/api/pki/RoleOptionsTests.java b/src/test/java/com/bettercloud/vault/api/pki/RoleOptionsTests.java index 44560bfb..02ab478a 100644 --- a/src/test/java/com/bettercloud/vault/api/pki/RoleOptionsTests.java +++ b/src/test/java/com/bettercloud/vault/api/pki/RoleOptionsTests.java @@ -12,7 +12,7 @@ public void RoleOptionsTests() { RoleOptions roleOptions = new RoleOptions(); Assert.assertNotNull(roleOptions); - Assert.assertEquals(roleOptions.getAllowedDomains(), null); + Assert.assertNull(roleOptions.getAllowedDomains()); roleOptions.allowAnyName(true); roleOptions.allowBareDomains(true); diff --git a/src/test/java/com/bettercloud/vault/json/JsonArray_Test.java b/src/test/java/com/bettercloud/vault/json/JsonArray_Test.java index f1e51033..e834e08f 100644 --- a/src/test/java/com/bettercloud/vault/json/JsonArray_Test.java +++ b/src/test/java/com/bettercloud/vault/json/JsonArray_Test.java @@ -21,13 +21,11 @@ ******************************************************************************/ package com.bettercloud.vault.json; -import static com.bettercloud.vault.json.TestUtil.assertException; import static org.junit.Assert.*; import static org.mockito.Mockito.inOrder; import static org.mockito.Mockito.mock; import java.io.IOException; -import java.io.StringReader; import java.util.ConcurrentModificationException; import java.util.Iterator; import java.util.List; diff --git a/src/test/java/com/bettercloud/vault/json/JsonNumber_Test.java b/src/test/java/com/bettercloud/vault/json/JsonNumber_Test.java index 04f578ba..9978fe90 100644 --- a/src/test/java/com/bettercloud/vault/json/JsonNumber_Test.java +++ b/src/test/java/com/bettercloud/vault/json/JsonNumber_Test.java @@ -45,11 +45,7 @@ public void setUp() { @Test public void constructor_failsWithNull() { - TestUtil.assertException(NullPointerException.class, "string is null", new Runnable() { - public void run() { - new JsonNumber(null); - } - }); + TestUtil.assertException(NullPointerException.class, "string is null", (Runnable) () -> new JsonNumber(null)); } @Test diff --git a/src/test/java/com/bettercloud/vault/json/Json_Test.java b/src/test/java/com/bettercloud/vault/json/Json_Test.java index d8455f83..67fe3afa 100644 --- a/src/test/java/com/bettercloud/vault/json/Json_Test.java +++ b/src/test/java/com/bettercloud/vault/json/Json_Test.java @@ -54,7 +54,7 @@ public void value_int() { @Test public void value_long() { - assertEquals("0", Json.value(0l).toString()); + assertEquals("0", Json.value(0L).toString()); assertEquals("9223372036854775807", Json.value(Long.MAX_VALUE).toString()); assertEquals("-9223372036854775808", Json.value(Long.MIN_VALUE).toString()); } @@ -77,21 +77,13 @@ public void value_float_cutsOffPointZero() { @Test public void value_float_failsWithInfinity() { String message = "Infinite and NaN values not permitted in JSON"; - assertException(IllegalArgumentException.class, message, new Runnable() { - public void run() { - Json.value(Float.POSITIVE_INFINITY); - } - }); + assertException(IllegalArgumentException.class, message, (Runnable) () -> Json.value(Float.POSITIVE_INFINITY)); } @Test public void value_float_failsWithNaN() { String message = "Infinite and NaN values not permitted in JSON"; - assertException(IllegalArgumentException.class, message, new Runnable() { - public void run() { - Json.value(Float.NaN); - } - }); + assertException(IllegalArgumentException.class, message, (Runnable) () -> Json.value(Float.NaN)); } @Test @@ -112,21 +104,13 @@ public void value_double_cutsOffPointZero() { @Test public void value_double_failsWithInfinity() { String message = "Infinite and NaN values not permitted in JSON"; - assertException(IllegalArgumentException.class, message, new Runnable() { - public void run() { - Json.value(Double.POSITIVE_INFINITY); - } - }); + assertException(IllegalArgumentException.class, message, (Runnable) () -> Json.value(Double.POSITIVE_INFINITY)); } @Test public void value_double_failsWithNaN() { String message = "Infinite and NaN values not permitted in JSON"; - assertException(IllegalArgumentException.class, message, new Runnable() { - public void run() { - Json.value(Double.NaN); - } - }); + assertException(IllegalArgumentException.class, message, (Runnable) () -> Json.value(Double.NaN)); } @Test @@ -160,26 +144,18 @@ public void array_int() { @Test public void array_int_failsWithNull() { - TestUtil.assertException(NullPointerException.class, "values is null", new Runnable() { - public void run() { - Json.array((int[]) null); - } - }); + TestUtil.assertException(NullPointerException.class, "values is null", (Runnable) () -> Json.array((int[]) null)); } @Test public void array_long() { - assertEquals(new JsonArray().add(23l), Json.array(23l)); - assertEquals(new JsonArray().add(23l).add(42l), Json.array(23l, 42l)); + assertEquals(new JsonArray().add(23L), Json.array(23L)); + assertEquals(new JsonArray().add(23L).add(42L), Json.array(23L, 42L)); } @Test public void array_long_failsWithNull() { - TestUtil.assertException(NullPointerException.class, "values is null", new Runnable() { - public void run() { - Json.array((long[]) null); - } - }); + TestUtil.assertException(NullPointerException.class, "values is null", (Runnable) () -> Json.array((long[]) null)); } @Test @@ -190,11 +166,7 @@ public void array_float() { @Test public void array_float_failsWithNull() { - TestUtil.assertException(NullPointerException.class, "values is null", new Runnable() { - public void run() { - Json.array((float[]) null); - } - }); + TestUtil.assertException(NullPointerException.class, "values is null", (Runnable) () -> Json.array((float[]) null)); } @Test @@ -205,11 +177,7 @@ public void array_double() { @Test public void array_double_failsWithNull() { - TestUtil.assertException(NullPointerException.class, "values is null", new Runnable() { - public void run() { - Json.array((double[]) null); - } - }); + TestUtil.assertException(NullPointerException.class, "values is null", (Runnable) () -> Json.array((double[]) null)); } @Test @@ -220,11 +188,7 @@ public void array_boolean() { @Test public void array_boolean_failsWithNull() { - TestUtil.assertException(NullPointerException.class, "values is null", new Runnable() { - public void run() { - Json.array((boolean[]) null); - } - }); + TestUtil.assertException(NullPointerException.class, "values is null", (Runnable) () -> Json.array((boolean[]) null)); } @Test @@ -235,11 +199,7 @@ public void array_string() { @Test public void array_string_failsWithNull() { - TestUtil.assertException(NullPointerException.class, "values is null", new Runnable() { - public void run() { - Json.array((String[]) null); - } - }); + TestUtil.assertException(NullPointerException.class, "values is null", (Runnable) () -> Json.array((String[]) null)); } @Test @@ -254,11 +214,7 @@ public void parse_string() { @Test public void parse_string_failsWithNull() { - TestUtil.assertException(NullPointerException.class, "string is null", new Runnable() { - public void run() { - Json.parse((String) null); - } - }); + TestUtil.assertException(NullPointerException.class, "string is null", (Runnable) () -> Json.parse((String) null)); } @Test @@ -270,11 +226,7 @@ public void parse_reader() throws IOException { @Test public void parse_reader_failsWithNull() { - TestUtil.assertException(NullPointerException.class, "reader is null", new RunnableEx() { - public void run() throws IOException { - Json.parse((Reader) null); - } - }); + TestUtil.assertException(NullPointerException.class, "reader is null", (RunnableEx) () -> Json.parse((Reader) null)); } } diff --git a/src/test/java/com/bettercloud/vault/vault/mock/AuthRequestValidatingMockVault.java b/src/test/java/com/bettercloud/vault/vault/mock/AuthRequestValidatingMockVault.java index e3d5cb95..2c0b3cfb 100644 --- a/src/test/java/com/bettercloud/vault/vault/mock/AuthRequestValidatingMockVault.java +++ b/src/test/java/com/bettercloud/vault/vault/mock/AuthRequestValidatingMockVault.java @@ -10,26 +10,6 @@ public class AuthRequestValidatingMockVault extends MockVault { private Predicate validator; - private final String validResponse = "{\n" + - " \"renewable\": true,\n" + - " \"auth\": {\n" + - " \"lease_duration\": 1800000,\n" + - " \"metadata\": {\n" + - " \"role_tag_max_ttl\": \"0\",\n" + - " \"instance_id\": \"i-de0f1344\",\n" + - " \"ami_id\": \"ami-fce36983\",\n" + - " \"role\": \"dev-role\",\n" + - " \"auth_type\": \"ec2\"\n" + - " },\n" + - " \"policies\": [\n" + - " \"default\",\n" + - " \"dev\"\n" + - " ],\n" + - " \"accessor\": \"20b89871-e6f2-1160-fb29-31c2f6d4645e\",\n" + - " \"client_token\": \"c9368254-3f21-aded-8a6f-7c818e81b17a\"\n" + - " }\n" + - "}"; - public AuthRequestValidatingMockVault(Predicate validator) { this.validator = validator; @@ -44,6 +24,25 @@ public void handle(String target, baseRequest.setHandled(true); if (validator.test(request)) { response.setStatus(200); + String validResponse = "{\n" + + " \"renewable\": true,\n" + + " \"auth\": {\n" + + " \"lease_duration\": 1800000,\n" + + " \"metadata\": {\n" + + " \"role_tag_max_ttl\": \"0\",\n" + + " \"instance_id\": \"i-de0f1344\",\n" + + " \"ami_id\": \"ami-fce36983\",\n" + + " \"role\": \"dev-role\",\n" + + " \"auth_type\": \"ec2\"\n" + + " },\n" + + " \"policies\": [\n" + + " \"default\",\n" + + " \"dev\"\n" + + " ],\n" + + " \"accessor\": \"20b89871-e6f2-1160-fb29-31c2f6d4645e\",\n" + + " \"client_token\": \"c9368254-3f21-aded-8a6f-7c818e81b17a\"\n" + + " }\n" + + "}"; response.getWriter().println(validResponse); } else { response.setStatus(400); diff --git a/src/test/java/com/bettercloud/vault/vault/mock/EchoInputMockVault.java b/src/test/java/com/bettercloud/vault/vault/mock/EchoInputMockVault.java index 42f8573d..d91347e6 100644 --- a/src/test/java/com/bettercloud/vault/vault/mock/EchoInputMockVault.java +++ b/src/test/java/com/bettercloud/vault/vault/mock/EchoInputMockVault.java @@ -46,16 +46,16 @@ public void handle( headers.add(name, value); } - final StringBuilder url = new StringBuilder(request.getScheme()) - .append("://") - .append(request.getServerName()) - .append(request.getServerPort() == 0 ? "" : ":" + request.getServerPort()) - .append(request.getRequestURI()) - .append(request.getQueryString() == null || request.getQueryString().isEmpty() ? "" : "?" + + String url = request.getScheme() + + "://" + + request.getServerName() + + (request.getServerPort() == 0 ? "" : ":" + request.getServerPort()) + + request.getRequestURI() + + (request.getQueryString() == null || request.getQueryString().isEmpty() ? "" : "?" + request.getQueryString()); final String mockResponse = Json.object() .add("method", request.getMethod()) - .add("URL", url.toString()) + .add("URL", url) .add("headers", headers) .toString(); diff --git a/src/test/java/com/bettercloud/vault/vault/mock/RetriesMockVault.java b/src/test/java/com/bettercloud/vault/vault/mock/RetriesMockVault.java index 54bc3d13..fff8e537 100644 --- a/src/test/java/com/bettercloud/vault/vault/mock/RetriesMockVault.java +++ b/src/test/java/com/bettercloud/vault/vault/mock/RetriesMockVault.java @@ -2,7 +2,6 @@ import org.eclipse.jetty.server.Request; -import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException;