Skip to content

Commit

Permalink
Update certificate API docs w/ minimum duration
Browse files Browse the repository at this point in the history 
The previous docs for /api/v1/certificates/:id/regenerate were using the
wrong view and thus the docs did not reflect what the endpoint actually
returned.

Authored-by: Preethi Varambally <pvarambally@pivotal.io>
Authored-by: Brian Upton <bupton@vmware.com>
Authored-by: Pablo Rodas <prodas@vmware.com>
  • Loading branch information
@ystros
ystros authored and Ops Manager committed Jul 28, 2021
1 parent df85eb6 commit e48eff4
Show file tree
Hide file tree
Showing 3 changed files with 23 additions and 38 deletions.
5 changes: 4 additions & 1 deletion backends/credhub/src/docs/asciidoc/snippets/certificates-v1.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,10 @@ Note: The certificate versions will be sorted in descending order of their creat
=== Regenerate a Certificate
operation::POST__certificates_uuid_regenerate__returns_certificate[]

Note: If a certificate credential only has one version and it is marked as transitional the credential cannot be regenerated using this endpoint.
Note:

* If a certificate credential only has one version and it is marked as transitional the credential cannot be regenerated using this endpoint.
* If the duration used to generate the currently active version of the certificate is lower than the minimum duration, the regenerated certificate will use the minimum duration instead and the response will contain the duration_overridden flag set to true.

---

Expand Down
46 changes: 14 additions & 32 deletions ...kotlin/org/cloudfoundry/credhub/controllers/v1/certificates/CertificatesControllerTest.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ import org.cloudfoundry.credhub.views.CertificateCredentialView
import org.cloudfoundry.credhub.views.CertificateCredentialsView
import org.cloudfoundry.credhub.views.CertificateVersionView
import org.cloudfoundry.credhub.views.CertificateView
import org.cloudfoundry.credhub.views.CredentialView
import org.junit.Before
import org.junit.Rule
import org.junit.Test
Expand Down Expand Up @@ -54,7 +53,6 @@ class CertificatesControllerTest {
lateinit var mockMvc: MockMvc
private lateinit var spyCertificatesHandler: SpyCertificatesHandler
private lateinit var certificateCredentialValue: CertificateCredentialValue
private lateinit var credentialViewResponse: CredentialView

private lateinit var certificateId: UUID
private lateinit var name: String
Expand Down Expand Up @@ -95,15 +93,6 @@ class CertificatesControllerTest {
true
)

credentialViewResponse = CredentialView(
createdAt,
certificateId,
name,
CredentialType.CERTIFICATE.type.toLowerCase(),
metadata,
certificateCredentialValue
)

certificateCredentialVersion = CertificateCredentialVersion(certificateCredentialValue, name, SpyEncryptor())
certificateCredentialVersion.versionCreatedAt = createdAt
certificateCredentialVersion.uuid = certificateId
Expand All @@ -121,7 +110,8 @@ class CertificatesControllerTest {
{"set_as_transitional": true, "allow_transitional_parent_to_sign": true, "metadata": {"description": "example metadata"}}
""".trimIndent()

spyCertificatesHandler.handleRegenerate__returns_credentialView = credentialViewResponse
certificateView.durationOverridden = true
spyCertificatesHandler.handleRegenerate__returns_credentialView = certificateView

val mvcResult = mockMvc
.perform(
Expand Down Expand Up @@ -166,19 +156,20 @@ class CertificatesControllerTest {
"""
{
"type": "${CredentialType.CERTIFICATE.type.toLowerCase()}",
"version_created_at": "${credentialViewResponse.versionCreatedAt}",
"version_created_at": "${certificateView.versionCreatedAt}",
"id": "$certificateId",
"name": "$name",
"metadata": { "description": "example metadata"},
"transitional": true,
"generated": true,
"expiry_date": "${certificateCredentialValue.expiryDate}",
"certificate_authority": false,
"self_signed": false,
"duration_overridden": true,
"value": {
"ca": "${TestConstants.TEST_CA}",
"certificate": "${TestConstants.TEST_CERTIFICATE}",
"private_key": "${TestConstants.TEST_PRIVATE_KEY}",
"transitional": true,
"generated": true,
"expiry_date": "${certificateCredentialValue.expiryDate}",
"certificate_authority": false,
"self_signed": false
"private_key": "${TestConstants.TEST_PRIVATE_KEY}"
}
}
""".trimIndent()
Expand Down Expand Up @@ -569,7 +560,7 @@ class CertificatesControllerTest {
"""
[{
"type": "${CredentialType.CERTIFICATE.type.toLowerCase()}",
"version_created_at": "${credentialViewResponse.versionCreatedAt}",
"version_created_at": "${certificateView.versionCreatedAt}",
"id": "$certificateId",
"name": "$name",
"transitional": true,
Expand Down Expand Up @@ -628,7 +619,7 @@ class CertificatesControllerTest {
"""
[{
"type": "${CredentialType.CERTIFICATE.type.toLowerCase()}",
"version_created_at": "${credentialViewResponse.versionCreatedAt}",
"version_created_at": "${certificateView.versionCreatedAt}",
"id": "$certificateId",
"name": "$name",
"transitional": true,
Expand Down Expand Up @@ -661,15 +652,6 @@ class CertificatesControllerTest {
true
)

val expectedCredentialViewResponse = CredentialView(
createdAt,
certificateId,
name,
CredentialType.CERTIFICATE.type.toLowerCase(),
null,
expectedCertificateCredentialValue
)

val expectedCertificateCredentialVersion = CertificateCredentialVersion(expectedCertificateCredentialValue, name, SpyEncryptor())
expectedCertificateCredentialVersion.versionCreatedAt = createdAt
expectedCertificateCredentialVersion.uuid = certificateId
Expand Down Expand Up @@ -716,7 +698,7 @@ class CertificatesControllerTest {
"""
{
"type": "${CredentialType.CERTIFICATE.type.toLowerCase()}",
"version_created_at": "${expectedCredentialViewResponse.versionCreatedAt}",
"version_created_at": "$createdAt",
"id": "$certificateId",
"name": "$name",
"transitional": true,
Expand Down Expand Up @@ -765,7 +747,7 @@ class CertificatesControllerTest {
"""
{
"type": "${CredentialType.CERTIFICATE.type.toLowerCase()}",
"version_created_at": "${credentialViewResponse.versionCreatedAt}",
"version_created_at": "${certificateView.versionCreatedAt}",
"id": "$certificateId",
"name": "$name",
"transitional": true,
Expand Down
10 changes: 5 additions & 5 deletions .../org/cloudfoundry/credhub/controllers/v1/credentials/CredentialsControllerGenerateTest.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -274,17 +274,17 @@ class CredentialsControllerGenerateTest {
Mockito.doReturn(TestConstants.TEST_PRIVATE_KEY).`when`<Encryptor>(encryptor).decrypt(ArgumentMatchers.any())

val certificateCredentialVersion = CertificateCredentialVersion(
certificateCredentialValue,
"/some-certificate-name",
encryptor
certificateCredentialValue,
"/some-certificate-name",
encryptor
)
certificateCredentialVersion.versionCreatedAt = Instant.ofEpochSecond(1549053472L)
certificateCredentialVersion.uuid = uuid
certificateCredentialVersion.metadata = metadata

spyCredentialsHandler.generateCredential__returns_credentialView = CertificateView(
certificateCredentialVersion,
true
certificateCredentialVersion,
true
)

// language=json
Expand Down

0 comments on commit e48eff4

Please sign in to comment.