Skip to content

Commit

Permalink
1. Make KeyVaultJcaProvider can work when keyvault-uri is not set. (#…
Browse files Browse the repository at this point in the history 
…22488)

2. Delete unused property: azure.keyvault.aad-authentication-url
3. Reuse the code in test.
4. Rename KeyVaultProperties to AzureKeyVaultProperties.
5. Add AzureCertPathProperties.
  • Loading branch information
Rujun Chen authored Jun 29, 2021
1 parent bff806b commit 3921af0
Show file tree
Hide file tree
Showing 4 changed files with 65 additions and 45 deletions.
59 changes: 21 additions & 38 deletions ...curity-keyvault-jca/src/test/java/com/azure/security/keyvault/jca/KeyVaultClientTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,81 +28,64 @@ public class KeyVaultClientTest {
private static final String KEY_VAULT_TEST_URI_US = "https://fake.vault.usgovcloudapi.net/";
private static final String KEY_VAULT_TEST_URI_DE = "https://fake.vault.microsoftazure.de/";

private KeyVaultClient kvClient;
private KeyVaultClient keyVaultClient;

/**
* Test initialization of keyVaultBaseUri and aadAuthenticationUrl.
*
*/
@Test
public void testInitializationOfGlobalURI() {
kvClient = new KeyVaultClient(KEY_VAULT_TEST_URI_GLOBAL, null);
Assertions.assertEquals(kvClient.getKeyVaultBaseUri(), KEY_VAULT_BASE_URI_GLOBAL);
Assertions.assertEquals(kvClient.getAadAuthenticationUrl(), AAD_LOGIN_URI_GLOBAL);
keyVaultClient = new KeyVaultClient(KEY_VAULT_TEST_URI_GLOBAL, null);
Assertions.assertEquals(keyVaultClient.getKeyVaultBaseUri(), KEY_VAULT_BASE_URI_GLOBAL);
Assertions.assertEquals(keyVaultClient.getAadAuthenticationUrl(), AAD_LOGIN_URI_GLOBAL);
}

@Test
public void testInitializationOfCNURI() {
kvClient = new KeyVaultClient(KEY_VAULT_TEST_URI_CN, null);
Assertions.assertEquals(kvClient.getKeyVaultBaseUri(), KEY_VAULT_BASE_URI_CN);
Assertions.assertEquals(kvClient.getAadAuthenticationUrl(), AAD_LOGIN_URI_CN);
keyVaultClient = new KeyVaultClient(KEY_VAULT_TEST_URI_CN, null);
Assertions.assertEquals(keyVaultClient.getKeyVaultBaseUri(), KEY_VAULT_BASE_URI_CN);
Assertions.assertEquals(keyVaultClient.getAadAuthenticationUrl(), AAD_LOGIN_URI_CN);
}

@Test
public void testInitializationOfUSURI() {
kvClient = new KeyVaultClient(KEY_VAULT_TEST_URI_US, null);
Assertions.assertEquals(kvClient.getKeyVaultBaseUri(), KEY_VAULT_BASE_URI_US);
Assertions.assertEquals(kvClient.getAadAuthenticationUrl(), AAD_LOGIN_URI_US);
keyVaultClient = new KeyVaultClient(KEY_VAULT_TEST_URI_US, null);
Assertions.assertEquals(keyVaultClient.getKeyVaultBaseUri(), KEY_VAULT_BASE_URI_US);
Assertions.assertEquals(keyVaultClient.getAadAuthenticationUrl(), AAD_LOGIN_URI_US);
}

@Test
public void testInitializationOfDEURI() {
kvClient = new KeyVaultClient(KEY_VAULT_TEST_URI_DE, null);
Assertions.assertEquals(kvClient.getKeyVaultBaseUri(), KEY_VAULT_BASE_URI_DE);
Assertions.assertEquals(kvClient.getAadAuthenticationUrl(), AAD_LOGIN_URI_DE);
keyVaultClient = new KeyVaultClient(KEY_VAULT_TEST_URI_DE, null);
Assertions.assertEquals(keyVaultClient.getKeyVaultBaseUri(), KEY_VAULT_BASE_URI_DE);
Assertions.assertEquals(keyVaultClient.getAadAuthenticationUrl(), AAD_LOGIN_URI_DE);
}

@Test
@Disabled
public void testGetAliases() {
String tenantId = System.getProperty("azure.keyvault.tenant-id");
String clientId = System.getProperty("azure.keyvault.client-id");
String clientSecret = System.getProperty("azure.keyvault.client-secret");
String keyVaultUri = System.getProperty("azure.keyvault.uri");
KeyVaultClient keyVaultClient = new KeyVaultClient(
keyVaultUri, System.getProperty("azure.keyvault.aad-authentication-url"),
tenantId,
clientId,
clientSecret);
List<String> result = keyVaultClient.getAliases();
List<String> result = getKeyVaultClient().getAliases();
assertNotNull(result);
}

@Test
@Disabled
public void testGetCertificate() {
String tenantId = System.getProperty("azure.keyvault.tenant-id");
String clientId = System.getProperty("azure.keyvault.client-id");
String clientSecret = System.getProperty("azure.keyvault.client-secret");
String keyVaultUri = System.getProperty("azure.keyvault.uri");
KeyVaultClient keyVaultClient = new KeyVaultClient(
keyVaultUri, System.getProperty("azure.keyvault.aad-authentication-url"),
tenantId,
clientId,
clientSecret);
Certificate certificate = keyVaultClient.getCertificate("myalias");
Certificate certificate = getKeyVaultClient().getCertificate("myalias");
assertNotNull(certificate);
}

@Test
@Disabled
public void testGetKey() {
assertNull(getKeyVaultClient().getKey("myalias", null));
}

private KeyVaultClient getKeyVaultClient() {
String keyVaultUri = System.getProperty("azure.keyvault.uri");
String tenantId = System.getProperty("azure.keyvault.tenant-id");
String clientId = System.getProperty("azure.keyvault.client-id");
String clientSecret = System.getProperty("azure.keyvault.client-secret");
String keyVaultUri = System.getProperty("azure.keyvault.uri");
KeyVaultClient keyVaultClient = new KeyVaultClient(
keyVaultUri, System.getProperty("azure.keyvault.aad-authentication-url"), tenantId, clientId, clientSecret);
assertNull(keyVaultClient.getKey("myalias", null));
return new KeyVaultClient(keyVaultUri, tenantId, clientId, clientSecret);
}
}
42 changes: 42 additions & 0 deletions ...java/com/azure/spring/security/keyvault/certificates/starter/AzureCertPathProperties.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
package com.azure.spring.security.keyvault.certificates.starter;

import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.boot.context.properties.EnableConfigurationProperties;

/**
* This is used to generate spring-configuration-metadata.json
*
* @see <a href="https://docs.spring.io/spring-boot/docs/current/reference/html/appendix-configuration-metadata.html">Metadata</a>
*/
@EnableConfigurationProperties({ AzureCertPathProperties.class })
@ConfigurationProperties("azure.cert-path")
public class AzureCertPathProperties {

/**
* The path to put custom certificates
*/
private String custom;

/**
* The path to put well-known certificates
*/
private String wellKnown;

public String getCustom() {
return custom;
}

public String getWellKnown() {
return wellKnown;
}

public void setCustom(String custom) {
this.custom = custom;
}

public void setWellKnown(String wellKnown) {
this.wellKnown = wellKnown;
}
}
4 changes: 2 additions & 2 deletions ...tificates/starter/KeyVaultProperties.java → ...ates/starter/AzureKeyVaultProperties.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,9 @@
*
* @see <a href="https://docs.spring.io/spring-boot/docs/current/reference/html/appendix-configuration-metadata.html">Metadata</a>
*/
@EnableConfigurationProperties({ KeyVaultProperties.class })
@EnableConfigurationProperties({ AzureKeyVaultProperties.class })
@ConfigurationProperties("azure.keyvault")
public class KeyVaultProperties {
public class AzureKeyVaultProperties {
/**
* The URI to the Azure Key Vault used
*/
Expand Down
5 changes: 0 additions & 5 deletions .../security/keyvault/certificates/starter/KeyVaultCertificatesEnvironmentPostProcessor.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,11 +27,6 @@ public class KeyVaultCertificatesEnvironmentPostProcessor implements Environment
@Override
public void postProcessEnvironment(ConfigurableEnvironment environment, SpringApplication application) {

if (environment.getProperty("azure.keyvault.uri") == null) {
return;
}

putEnvironmentPropertyToSystemProperty(environment, "azure.keyvault.aad-authentication-url");
putEnvironmentPropertyToSystemProperty(environment, "azure.keyvault.uri");
putEnvironmentPropertyToSystemProperty(environment, "azure.keyvault.tenant-id");
putEnvironmentPropertyToSystemProperty(environment, "azure.keyvault.client-id");
Expand Down

0 comments on commit 3921af0

Please sign in to comment.