From e48eff433d697895b504b1da44a1252afdecdcf0 Mon Sep 17 00:00:00 2001 From: Brian Upton Date: Wed, 28 Jul 2021 14:44:56 -0700 Subject: [PATCH] Update certificate API docs w/ minimum duration The previous docs for /api/v1/certificates/:id/regenerate were using the wrong view and thus the docs did not reflect what the endpoint actually returned. Authored-by: Preethi Varambally Authored-by: Brian Upton Authored-by: Pablo Rodas --- .../asciidoc/snippets/certificates-v1.adoc | 5 +- .../CertificatesControllerTest.kt | 46 ++++++------------- .../CredentialsControllerGenerateTest.kt | 10 ++-- 3 files changed, 23 insertions(+), 38 deletions(-) diff --git a/backends/credhub/src/docs/asciidoc/snippets/certificates-v1.adoc b/backends/credhub/src/docs/asciidoc/snippets/certificates-v1.adoc index 28b5110b3..6cbe44887 100644 --- a/backends/credhub/src/docs/asciidoc/snippets/certificates-v1.adoc +++ b/backends/credhub/src/docs/asciidoc/snippets/certificates-v1.adoc @@ -24,7 +24,10 @@ Note: The certificate versions will be sorted in descending order of their creat === Regenerate a Certificate operation::POST__certificates_uuid_regenerate__returns_certificate[] -Note: If a certificate credential only has one version and it is marked as transitional the credential cannot be regenerated using this endpoint. +Note: + +* If a certificate credential only has one version and it is marked as transitional the credential cannot be regenerated using this endpoint. +* If the duration used to generate the currently active version of the certificate is lower than the minimum duration, the regenerated certificate will use the minimum duration instead and the response will contain the duration_overridden flag set to true. --- diff --git a/backends/credhub/src/test/kotlin/org/cloudfoundry/credhub/controllers/v1/certificates/CertificatesControllerTest.kt b/backends/credhub/src/test/kotlin/org/cloudfoundry/credhub/controllers/v1/certificates/CertificatesControllerTest.kt index 7a2ab309f..6c8c46125 100644 --- a/backends/credhub/src/test/kotlin/org/cloudfoundry/credhub/controllers/v1/certificates/CertificatesControllerTest.kt +++ b/backends/credhub/src/test/kotlin/org/cloudfoundry/credhub/controllers/v1/certificates/CertificatesControllerTest.kt @@ -20,7 +20,6 @@ import org.cloudfoundry.credhub.views.CertificateCredentialView import org.cloudfoundry.credhub.views.CertificateCredentialsView import org.cloudfoundry.credhub.views.CertificateVersionView import org.cloudfoundry.credhub.views.CertificateView -import org.cloudfoundry.credhub.views.CredentialView import org.junit.Before import org.junit.Rule import org.junit.Test @@ -54,7 +53,6 @@ class CertificatesControllerTest { lateinit var mockMvc: MockMvc private lateinit var spyCertificatesHandler: SpyCertificatesHandler private lateinit var certificateCredentialValue: CertificateCredentialValue - private lateinit var credentialViewResponse: CredentialView private lateinit var certificateId: UUID private lateinit var name: String @@ -95,15 +93,6 @@ class CertificatesControllerTest { true ) - credentialViewResponse = CredentialView( - createdAt, - certificateId, - name, - CredentialType.CERTIFICATE.type.toLowerCase(), - metadata, - certificateCredentialValue - ) - certificateCredentialVersion = CertificateCredentialVersion(certificateCredentialValue, name, SpyEncryptor()) certificateCredentialVersion.versionCreatedAt = createdAt certificateCredentialVersion.uuid = certificateId @@ -121,7 +110,8 @@ class CertificatesControllerTest { {"set_as_transitional": true, "allow_transitional_parent_to_sign": true, "metadata": {"description": "example metadata"}} """.trimIndent() - spyCertificatesHandler.handleRegenerate__returns_credentialView = credentialViewResponse + certificateView.durationOverridden = true + spyCertificatesHandler.handleRegenerate__returns_credentialView = certificateView val mvcResult = mockMvc .perform( @@ -166,19 +156,20 @@ class CertificatesControllerTest { """ { "type": "${CredentialType.CERTIFICATE.type.toLowerCase()}", - "version_created_at": "${credentialViewResponse.versionCreatedAt}", + "version_created_at": "${certificateView.versionCreatedAt}", "id": "$certificateId", "name": "$name", "metadata": { "description": "example metadata"}, + "transitional": true, + "generated": true, + "expiry_date": "${certificateCredentialValue.expiryDate}", + "certificate_authority": false, + "self_signed": false, + "duration_overridden": true, "value": { "ca": "${TestConstants.TEST_CA}", "certificate": "${TestConstants.TEST_CERTIFICATE}", - "private_key": "${TestConstants.TEST_PRIVATE_KEY}", - "transitional": true, - "generated": true, - "expiry_date": "${certificateCredentialValue.expiryDate}", - "certificate_authority": false, - "self_signed": false + "private_key": "${TestConstants.TEST_PRIVATE_KEY}" } } """.trimIndent() @@ -569,7 +560,7 @@ class CertificatesControllerTest { """ [{ "type": "${CredentialType.CERTIFICATE.type.toLowerCase()}", - "version_created_at": "${credentialViewResponse.versionCreatedAt}", + "version_created_at": "${certificateView.versionCreatedAt}", "id": "$certificateId", "name": "$name", "transitional": true, @@ -628,7 +619,7 @@ class CertificatesControllerTest { """ [{ "type": "${CredentialType.CERTIFICATE.type.toLowerCase()}", - "version_created_at": "${credentialViewResponse.versionCreatedAt}", + "version_created_at": "${certificateView.versionCreatedAt}", "id": "$certificateId", "name": "$name", "transitional": true, @@ -661,15 +652,6 @@ class CertificatesControllerTest { true ) - val expectedCredentialViewResponse = CredentialView( - createdAt, - certificateId, - name, - CredentialType.CERTIFICATE.type.toLowerCase(), - null, - expectedCertificateCredentialValue - ) - val expectedCertificateCredentialVersion = CertificateCredentialVersion(expectedCertificateCredentialValue, name, SpyEncryptor()) expectedCertificateCredentialVersion.versionCreatedAt = createdAt expectedCertificateCredentialVersion.uuid = certificateId @@ -716,7 +698,7 @@ class CertificatesControllerTest { """ { "type": "${CredentialType.CERTIFICATE.type.toLowerCase()}", - "version_created_at": "${expectedCredentialViewResponse.versionCreatedAt}", + "version_created_at": "$createdAt", "id": "$certificateId", "name": "$name", "transitional": true, @@ -765,7 +747,7 @@ class CertificatesControllerTest { """ { "type": "${CredentialType.CERTIFICATE.type.toLowerCase()}", - "version_created_at": "${credentialViewResponse.versionCreatedAt}", + "version_created_at": "${certificateView.versionCreatedAt}", "id": "$certificateId", "name": "$name", "transitional": true, diff --git a/backends/credhub/src/test/kotlin/org/cloudfoundry/credhub/controllers/v1/credentials/CredentialsControllerGenerateTest.kt b/backends/credhub/src/test/kotlin/org/cloudfoundry/credhub/controllers/v1/credentials/CredentialsControllerGenerateTest.kt index 850a363e2..5d6f3283c 100644 --- a/backends/credhub/src/test/kotlin/org/cloudfoundry/credhub/controllers/v1/credentials/CredentialsControllerGenerateTest.kt +++ b/backends/credhub/src/test/kotlin/org/cloudfoundry/credhub/controllers/v1/credentials/CredentialsControllerGenerateTest.kt @@ -274,17 +274,17 @@ class CredentialsControllerGenerateTest { Mockito.doReturn(TestConstants.TEST_PRIVATE_KEY).`when`(encryptor).decrypt(ArgumentMatchers.any()) val certificateCredentialVersion = CertificateCredentialVersion( - certificateCredentialValue, - "/some-certificate-name", - encryptor + certificateCredentialValue, + "/some-certificate-name", + encryptor ) certificateCredentialVersion.versionCreatedAt = Instant.ofEpochSecond(1549053472L) certificateCredentialVersion.uuid = uuid certificateCredentialVersion.metadata = metadata spyCredentialsHandler.generateCredential__returns_credentialView = CertificateView( - certificateCredentialVersion, - true + certificateCredentialVersion, + true ) // language=json