Move IdPSecretsProcessor class to the org.wso2.carbon.idp.mgt component

Thisara-Welmilla · Nov 3, 2024 · 16ccdd0 · 16ccdd0
1 parent c54d4bd
commit 16ccdd0
Show file tree

Hide file tree

Showing 7 changed files with 111 additions and 57 deletions.
diff --git a/components/action-mgt/org.wso2.carbon.identity.action.management/pom.xml b/components/action-mgt/org.wso2.carbon.identity.action.management/pom.xml
@@ -55,6 +55,10 @@
             <groupId>org.mockito</groupId>
             <artifactId>mockito-core</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.identity.framework</groupId>
+            <artifactId>org.wso2.carbon.identity.central.log.mgt</artifactId>
+        </dependency>
         <dependency>
             <groupId>com.h2database</groupId>
             <artifactId>h2</artifactId>

diff --git a/...t/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/IdPManagementDAO.java b/...t/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/IdPManagementDAO.java
@@ -123,16 +123,11 @@
 public class IdPManagementDAO {
 
     private static final Log log = LogFactory.getLog(IdPManagementDAO.class);
-    private SecretsProcessor<IdentityProvider> idpSecretsProcessorService;
+    private IdPSecretsProcessor idpSecretsProcessorService = new IdPSecretsProcessor();;
 
     private static final String OPENID_IDP_ENTITY_ID = "IdPEntityId";
     private static final String ENABLE_SMS_OTP_IF_RECOVERY_NOTIFICATION_ENABLED
             = "OnDemandConfig.OnInitialUse.EnableSMSOTPPasswordRecoveryIfConnectorEnabled";
-
-    public IdPManagementDAO() {
-
-        idpSecretsProcessorService = new IdPSecretsProcessor();
-    }
 
     /**
      * @param dbConnection

diff --git a/...g.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/util/IdPSecretsProcessor.java b/...g.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/util/IdPSecretsProcessor.java
@@ -39,14 +39,9 @@
  */
 public class IdPSecretsProcessor implements SecretsProcessor<IdentityProvider> {
 
-    private final SecretManager secretManager;
-    private final SecretResolveManager secretResolveManager;
     private final Gson gson;
 
     public IdPSecretsProcessor() {
-
-        this.secretManager = IdpMgtServiceComponentHolder.getInstance().getSecretManager();
-        this.secretResolveManager = IdpMgtServiceComponentHolder.getInstance().getSecretResolveManager();
         this.gson = new Gson();
     }
 
@@ -60,9 +55,11 @@ public IdentityProvider decryptAssociatedSecrets(IdentityProvider identityProvid
                     continue;
                 }
                 String secretName = buildSecretName(clonedIdP.getId(), fedAuthConfig.getName(), prop.getName());
-                if (secretManager.isSecretExist(IDN_SECRET_TYPE_IDP_SECRETS, secretName)) {
+                if (IdpMgtServiceComponentHolder.getInstance().getSecretManager()
+                        .isSecretExist(IDN_SECRET_TYPE_IDP_SECRETS, secretName)) {
                     ResolvedSecret resolvedSecret =
-                            secretResolveManager.getResolvedSecret(IDN_SECRET_TYPE_IDP_SECRETS, secretName);
+                            IdpMgtServiceComponentHolder.getInstance().getSecretResolveManager()
+                                    .getResolvedSecret(IDN_SECRET_TYPE_IDP_SECRETS, secretName);
                     // Replace secret reference with decrypted original secret.
                     prop.setValue(resolvedSecret.getResolvedSecretValue());
                 }
@@ -82,7 +79,8 @@ public IdentityProvider encryptAssociatedSecrets(IdentityProvider identityProvid
                     continue;
                 }
                 String secretName = buildSecretName(clonedIdP.getId(), fedAuthConfig.getName(), prop.getName());
-                if (secretManager.isSecretExist(IDN_SECRET_TYPE_IDP_SECRETS, secretName)) {
+                if (IdpMgtServiceComponentHolder.getInstance().getSecretManager()
+                        .isSecretExist(IDN_SECRET_TYPE_IDP_SECRETS, secretName)) {
                     // Update existing secret property.
                     updateExistingSecretProperty(secretName, prop);
                     prop.setValue(buildSecretReference(secretName));
@@ -109,8 +107,10 @@ public void deleteAssociatedSecrets(IdentityProvider identityProvider) throws Se
                     continue;
                 }
                 String secretName = buildSecretName(identityProvider.getId(), fedAuthConfig.getName(), prop.getName());
-                if (secretManager.isSecretExist(IDN_SECRET_TYPE_IDP_SECRETS, secretName)) {
-                    secretManager.deleteSecret(IDN_SECRET_TYPE_IDP_SECRETS, secretName);
+                if (IdpMgtServiceComponentHolder.getInstance().getSecretManager()
+                        .isSecretExist(IDN_SECRET_TYPE_IDP_SECRETS, secretName)) {
+                    IdpMgtServiceComponentHolder.getInstance().getSecretManager()
+                            .deleteSecret(IDN_SECRET_TYPE_IDP_SECRETS, secretName);
                 }
             }
         }
@@ -123,7 +123,8 @@ private String buildSecretName(String idpId, String fedAuthName, String propName
 
     private String buildSecretReference(String secretName) throws SecretManagementException {
 
-        SecretType secretType = secretManager.getSecretType(IDN_SECRET_TYPE_IDP_SECRETS);
+        SecretType secretType = IdpMgtServiceComponentHolder.getInstance().getSecretManager()
+                .getSecretType(IDN_SECRET_TYPE_IDP_SECRETS);
         return secretType.getId() + ":" + secretName;
     }
 
@@ -132,14 +133,17 @@ private void addNewIdpSecretProperty(String secretName, Property property) throw
         Secret secret = new Secret();
         secret.setSecretName(secretName);
         secret.setSecretValue(property.getValue());
-        secretManager.addSecret(IDN_SECRET_TYPE_IDP_SECRETS, secret);
+        IdpMgtServiceComponentHolder.getInstance().getSecretManager()
+                .addSecret(IDN_SECRET_TYPE_IDP_SECRETS, secret);
     }
 
     private void updateExistingSecretProperty(String secretName, Property property) throws SecretManagementException {
 
-        ResolvedSecret resolvedSecret = secretResolveManager.getResolvedSecret(IDN_SECRET_TYPE_IDP_SECRETS, secretName);
+        ResolvedSecret resolvedSecret = IdpMgtServiceComponentHolder.getInstance().getSecretResolveManager()
+                .getResolvedSecret(IDN_SECRET_TYPE_IDP_SECRETS, secretName);
         if (!resolvedSecret.getResolvedSecretValue().equals(property.getValue())) {
-            secretManager.updateSecretValue(IDN_SECRET_TYPE_IDP_SECRETS, secretName, property.getValue());
+            IdpMgtServiceComponentHolder.getInstance().getSecretManager()
+                    .updateSecretValue(IDN_SECRET_TYPE_IDP_SECRETS, secretName, property.getValue());
         }
     }
 }
diff --git a/....idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/IdentityProviderManagementServiceTest.java b/....idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/IdentityProviderManagementServiceTest.java
@@ -18,11 +18,15 @@
 
 package org.wso2.carbon.idp.mgt;
 
+import org.mockito.MockedStatic;
 import org.testng.Assert;
+import org.testng.annotations.AfterClass;
 import org.testng.annotations.AfterMethod;
+import org.testng.annotations.BeforeClass;
 import org.testng.annotations.BeforeMethod;
 import org.testng.annotations.DataProvider;
 import org.testng.annotations.Test;
+import org.wso2.carbon.core.util.CryptoUtil;
 import org.wso2.carbon.identity.application.common.ApplicationAuthenticatorService;
 import org.wso2.carbon.identity.application.common.ProvisioningConnectorService;
 import org.wso2.carbon.identity.application.common.model.Claim;
@@ -48,8 +52,8 @@
 import org.wso2.carbon.identity.common.testng.WithRealmService;
 import org.wso2.carbon.identity.common.testng.WithRegistry;
 import org.wso2.carbon.identity.core.util.IdentityDatabaseUtil;
-import org.wso2.carbon.identity.secret.mgt.core.SecretManager;
-import org.wso2.carbon.identity.secret.mgt.core.SecretResolveManager;
+import org.wso2.carbon.identity.secret.mgt.core.SecretManagerImpl;
+import org.wso2.carbon.identity.secret.mgt.core.model.SecretType;
 import org.wso2.carbon.idp.mgt.internal.IdpMgtServiceComponentHolder;
 import org.wso2.carbon.idp.mgt.util.IdPManagementConstants;
 import org.wso2.carbon.idp.mgt.util.MetadataConverter;
@@ -66,8 +70,8 @@
 
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.ArgumentMatchers.anyString;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
+import static org.mockito.Mockito.*;
+import static org.mockito.Mockito.mockStatic;
 import static org.testng.Assert.assertNull;
 import static org.testng.Assert.assertThrows;
 import static org.wso2.carbon.base.MultitenantConstants.SUPER_TENANT_ID;
@@ -87,6 +91,28 @@ public class IdentityProviderManagementServiceTest {
 
     MetadataConverter mockMetadataConverter;
     private IdentityProviderManagementService identityProviderManagementService;
+    private MockedStatic<CryptoUtil> cryptoUtil;
+
+    @BeforeClass
+    public void setUpClass() throws Exception {
+
+        SecretManagerImpl secretManager = mock(SecretManagerImpl.class);
+        SecretType secretType = mock(SecretType.class);
+        IdpMgtServiceComponentHolder.getInstance().setSecretManager(secretManager);
+        when(secretType.getId()).thenReturn("secretId");
+        doReturn(secretType).when(secretManager).getSecretType(any());
+        when(secretManager.isSecretExist(anyString(), anyString())).thenReturn(false);
+
+        cryptoUtil = mockStatic(CryptoUtil.class);
+        CryptoUtil mockCryptoUtil = mock(CryptoUtil.class);
+        cryptoUtil.when(CryptoUtil::getDefaultCryptoUtil).thenReturn(mockCryptoUtil);
+    }
+
+    @AfterClass
+    public void tearDownClass() throws Exception {
+        cryptoUtil.close();
+    }
+
 
     @BeforeMethod
     public void setUp() throws Exception {
@@ -95,11 +121,6 @@ public void setUp() throws Exception {
         identityProviderManagementService = new IdentityProviderManagementService();
         List<MetadataConverter> metadataConverterList = Arrays.asList(mockMetadataConverter);
         IdpMgtServiceComponentHolder.getInstance().setMetadataConverters(metadataConverterList);
-
-        SecretManager secretManager = mock(SecretManager.class);
-        SecretResolveManager secretResolveManager = mock(SecretResolveManager.class);
-        IdpMgtServiceComponentHolder.getInstance().setSecretManager(secretManager);
-        IdpMgtServiceComponentHolder.getInstance().setSecretResolveManager(secretResolveManager);
     }
 
     @AfterMethod

diff --git a/...o2.carbon.idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/dao/CacheBackedIdPMgtDAOTest.java b/...o2.carbon.idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/dao/CacheBackedIdPMgtDAOTest.java
@@ -60,7 +60,9 @@
 import org.wso2.carbon.idp.mgt.internal.IdpMgtServiceComponentHolder;
 import org.wso2.carbon.idp.mgt.model.ConnectedAppsResult;
 import org.wso2.carbon.idp.mgt.util.IdPManagementConstants;
+import org.wso2.carbon.idp.mgt.util.IdPSecretsProcessor;
 
+import java.lang.reflect.Field;
 import java.nio.file.Paths;
 import java.sql.Connection;
 import java.sql.PreparedStatement;
@@ -72,8 +74,7 @@
 import java.util.List;
 import java.util.Map;
 
-import static org.mockito.ArgumentMatchers.anyBoolean;
-import static org.mockito.ArgumentMatchers.anyInt;
+import static org.mockito.ArgumentMatchers.*;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.mockStatic;
 import static org.mockito.Mockito.when;
@@ -148,7 +149,17 @@ private static Connection getConnection(String database) throws SQLException {
     @BeforeMethod
     public void setup() throws Exception {
 
+        IdPSecretsProcessor idpSecretsProcessor = mock(IdPSecretsProcessor.class);
+        when(idpSecretsProcessor.decryptAssociatedSecrets(any())).thenAnswer(
+                invocation -> invocation.getArguments()[0]);
+        when(idpSecretsProcessor.encryptAssociatedSecrets(any())).thenAnswer(
+                invocation -> invocation.getArguments()[0]);
         idPManagementDAO = new IdPManagementDAO();
+
+        Field idpSecretsProcessorField = IdPManagementDAO.class.getDeclaredField("idpSecretsProcessorService");
+        idpSecretsProcessorField.setAccessible(true);
+        idpSecretsProcessorField.set(idPManagementDAO, idpSecretsProcessor);
+
         cacheBackedIdPMgtDAO = new CacheBackedIdPMgtDAO(idPManagementDAO);
         initiateH2Database(DB_NAME, getFilePath("h2.sql"));
 
@@ -158,11 +169,6 @@ public void setup() throws Exception {
         IdpMgtServiceComponentHolder mockIdpMgtServiceComponentHolder = mock(IdpMgtServiceComponentHolder.class);
         idpMgtServiceComponentHolder.when(
                 IdpMgtServiceComponentHolder::getInstance).thenReturn(mockIdpMgtServiceComponentHolder);
-
-        SecretManager secretManager = mock(SecretManager.class);
-        SecretResolveManager secretResolveManager = mock(SecretResolveManager.class);
-        when(mockIdpMgtServiceComponentHolder.getSecretManager()).thenReturn(secretManager);
-        when(mockIdpMgtServiceComponentHolder.getSecretResolveManager()).thenReturn(secretResolveManager);
     }
 
     @AfterMethod

diff --git a/...g.wso2.carbon.idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/dao/IdPManagementDAOTest.java b/...g.wso2.carbon.idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/dao/IdPManagementDAOTest.java
@@ -18,15 +18,14 @@
 
 package org.wso2.carbon.idp.mgt.dao;
 
+import org.apache.commons.codec.Charsets;
 import org.apache.commons.dbcp.BasicDataSource;
 import org.apache.commons.lang.StringUtils;
 import org.mockito.MockedStatic;
-import org.testng.annotations.AfterMethod;
-import org.testng.annotations.BeforeMethod;
-import org.testng.annotations.DataProvider;
-import org.testng.annotations.Test;
+import org.testng.annotations.*;
 
 import org.wso2.carbon.base.MultitenantConstants;
+import org.wso2.carbon.core.util.CryptoUtil;
 import org.wso2.carbon.identity.application.common.model.Claim;
 import org.wso2.carbon.identity.application.common.model.ClaimConfig;
 import org.wso2.carbon.identity.application.common.model.ClaimMapping;
@@ -46,14 +45,17 @@
 import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
 import org.wso2.carbon.identity.core.util.IdentityUtil;
 import org.wso2.carbon.identity.secret.mgt.core.SecretManager;
-import org.wso2.carbon.identity.secret.mgt.core.SecretResolveManager;
+import org.wso2.carbon.identity.secret.mgt.core.SecretManagerImpl;
+import org.wso2.carbon.identity.secret.mgt.core.model.SecretType;
 import org.wso2.carbon.idp.mgt.IdentityProviderManagementClientException;
 import org.wso2.carbon.idp.mgt.IdentityProviderManagementException;
 import org.wso2.carbon.idp.mgt.IdentityProviderManagementServerException;
 import org.wso2.carbon.idp.mgt.internal.IdpMgtServiceComponentHolder;
 import org.wso2.carbon.idp.mgt.model.ConnectedAppsResult;
 import org.wso2.carbon.idp.mgt.util.IdPManagementConstants;
+import org.wso2.carbon.idp.mgt.util.IdPSecretsProcessor;
 
+import java.lang.reflect.Field;
 import java.nio.file.Paths;
 import java.sql.Connection;
 import java.sql.PreparedStatement;
@@ -65,11 +67,11 @@
 import java.util.List;
 import java.util.Map;
 
+import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.ArgumentMatchers.anyBoolean;
 import static org.mockito.ArgumentMatchers.anyInt;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.mockStatic;
-import static org.mockito.Mockito.when;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.Mockito.*;
 import static org.testng.Assert.assertEquals;
 import static org.testng.Assert.assertNotEquals;
 import static org.testng.Assert.assertNull;
@@ -93,7 +95,9 @@ public class IdPManagementDAOTest {
     private static Map<String, BasicDataSource> dataSourceMap = new HashMap<>();
 
     MockedStatic<IdentityTenantUtil> identityTenantUtil;
-    MockedStatic<IdpMgtServiceComponentHolder> idpMgtServiceComponentHolder;
+    MockedStatic<CryptoUtil> cryptoUtil;
+    private SecretManagerImpl secretManager;
+    private CryptoUtil mockCryptoUtil;
 
     private IdPManagementDAO idPManagementDAO;
 
@@ -135,30 +139,52 @@ private void initiateH2Database(String databaseName, String scriptPath) throws E
         dataSourceMap.put(databaseName, dataSource);
     }
 
+    @BeforeClass
+    public void setUp() throws Exception {
+
+        secretManager = mock(SecretManagerImpl.class);
+        SecretType secretType = mock(SecretType.class);
+        IdpMgtServiceComponentHolder.getInstance().setSecretManager(secretManager);
+        when(secretType.getId()).thenReturn("secretId");
+        doReturn(secretType).when(secretManager).getSecretType(any());
+        when(secretManager.isSecretExist(anyString(), anyString())).thenReturn(false);
+
+        cryptoUtil = mockStatic(CryptoUtil.class);
+        mockCryptoUtil = mock(CryptoUtil.class);
+        cryptoUtil.when(CryptoUtil::getDefaultCryptoUtil).thenReturn(mockCryptoUtil);
+        when(mockCryptoUtil.encryptAndBase64Encode(any())).thenReturn("ENCRYPTED_VALUE2");
+        when(mockCryptoUtil.base64DecodeAndDecrypt(anyString())).thenReturn("ENCRYPTED_VALUE2".getBytes());
+    }
+
+    @AfterClass
+    public void tearDownClass() {
+
+        cryptoUtil.close();
+    }
+
     @BeforeMethod
     public void setup() throws Exception {
 
+        IdPSecretsProcessor idpSecretsProcessor = mock(IdPSecretsProcessor.class);
+        when(idpSecretsProcessor.decryptAssociatedSecrets(any())).thenAnswer(
+                invocation -> invocation.getArguments()[0]);
+        when(idpSecretsProcessor.encryptAssociatedSecrets(any())).thenAnswer(
+                invocation -> invocation.getArguments()[0]);
         idPManagementDAO = new IdPManagementDAO();
+        Field idpSecretsProcessorField = IdPManagementDAO.class.getDeclaredField("idpSecretsProcessorService");
+        idpSecretsProcessorField.setAccessible(true);
+        idpSecretsProcessorField.set(idPManagementDAO, idpSecretsProcessor);
+
         initiateH2Database(DB_NAME, getFilePath("h2.sql"));
         identityTenantUtil = mockStatic(IdentityTenantUtil.class);
         identityTenantUtil.when(() -> IdentityTenantUtil.getTenantDomain(anyInt())).thenReturn(TENANT_DOMAIN);
-        idpMgtServiceComponentHolder = mockStatic(IdpMgtServiceComponentHolder.class);
-        IdpMgtServiceComponentHolder mockIdpMgtServiceComponentHolder = mock(IdpMgtServiceComponentHolder.class);
-        idpMgtServiceComponentHolder.when(
-                IdpMgtServiceComponentHolder::getInstance).thenReturn(mockIdpMgtServiceComponentHolder);
-
-        SecretManager secretManager = mock(SecretManager.class);
-        SecretResolveManager secretResolveManager = mock(SecretResolveManager.class);
-        when(mockIdpMgtServiceComponentHolder.getSecretManager()).thenReturn(secretManager);
-        when(mockIdpMgtServiceComponentHolder.getSecretResolveManager()).thenReturn(secretResolveManager);
     }
 
     @AfterMethod
     public void tearDown() throws Exception {
 
         closeH2Database();
         identityTenantUtil.close();
-        idpMgtServiceComponentHolder.close();
     }
 
     @DataProvider

diff --git a/...o2.carbon.idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/util/IdPSecretsProcessorTest.java b/...o2.carbon.idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/util/IdPSecretsProcessorTest.java
@@ -1,7 +1,6 @@
 package org.wso2.carbon.idp.mgt.util;
 
 import java.util.ArrayList;
-import java.util.Arrays;
 import java.util.List;
 import org.apache.commons.codec.Charsets;
 import org.mockito.MockedStatic;
@@ -13,7 +12,6 @@
 import org.wso2.carbon.identity.application.common.model.Property;
 import org.wso2.carbon.identity.secret.mgt.core.SecretManagerImpl;
 import org.wso2.carbon.identity.secret.mgt.core.constant.SecretConstants;
-import org.wso2.carbon.identity.secret.mgt.core.model.Secret;
 import org.wso2.carbon.identity.secret.mgt.core.model.SecretType;
 import org.wso2.carbon.idp.mgt.internal.IdpMgtServiceComponentHolder;