diff --git a/src/main/java/de/ozgcloud/operator/keycloak/user/KeycloakUserService.java b/src/main/java/de/ozgcloud/operator/keycloak/user/KeycloakUserService.java
index cbd0038e67fb69cedc2d9269677aab26b870dd05..a45f6b333265d3acca4531b11ce34fd8950a00d4 100644
--- a/src/main/java/de/ozgcloud/operator/keycloak/user/KeycloakUserService.java
+++ b/src/main/java/de/ozgcloud/operator/keycloak/user/KeycloakUserService.java
@@ -26,6 +26,8 @@ package de.ozgcloud.operator.keycloak.user;
import java.util.Optional;
import java.util.logging.Level;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
@@ -46,11 +48,13 @@ class KeycloakUserService {
public void createOrUpdateUser(OzgKeycloakUserSpec userSpec, String namespace) {
if (!userSecretService.exists(userSpec, namespace)) {
- userSecretService.create(userSpec, namespace);
-
log.log(Level.INFO, "Update password...");
- var password = userSecretService.getPassword(userSpec, namespace);
+ var userPassword = userSpec.getKeycloakUser().getPassword();
+ var password = StringUtils.isEmpty(userPassword) ? generatePassword() : userPassword;
userSpec.getKeycloakUser().setPassword(password);
+
+ log.log(Level.INFO, "Create secret for user: " + userSpec.getKeycloakUser().getUsername());
+ userSecretService.create(userSpec, namespace);
}
remoteService.getUserByName(userSpec.getKeycloakUser().getUsername(), namespace)
@@ -58,6 +62,12 @@ class KeycloakUserService {
() -> remoteService.createUser(userMapper.map(userSpec), namespace));
}
+ String generatePassword() {
+ var upperCaseCharacter = RandomStringUtils.randomAlphabetic(1).toUpperCase();
+ var randomString = RandomStringUtils.randomAlphanumeric(7);
+ return upperCaseCharacter + randomString;
+ }
+
public void deleteUser(OzgKeycloakUserSpec userSpec, String namespace) {
Optional.of(userSpec)
.map(userMapper::map)
diff --git a/src/main/java/de/ozgcloud/operator/keycloak/user/UserNameConverter.java b/src/main/java/de/ozgcloud/operator/keycloak/user/UserNameConverter.java
new file mode 100644
index 0000000000000000000000000000000000000000..fee155b2ba5aa1807138d43338786a46780bd3d2
--- /dev/null
+++ b/src/main/java/de/ozgcloud/operator/keycloak/user/UserNameConverter.java
@@ -0,0 +1,20 @@
+package de.ozgcloud.operator.keycloak.user;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.stereotype.Component;
+
+import de.ozgcloud.operator.keycloak.user.OzgKeycloakUserSpec.KeycloakUserSpecUser;
+
+@Component
+class UserNameConverter {
+
+ private static final String USER_NAME_VALIDITY_REGEX = "[^a-zA-Z0-9]";
+
+ public String toSecretName(KeycloakUserSpecUser userSpec) {
+ return clarifyName(userSpec.getUsername().toLowerCase()) + "-credentials";
+ }
+
+ String clarifyName(String userName) {
+ return userName.replaceAll(USER_NAME_VALIDITY_REGEX, StringUtils.EMPTY);
+ }
+}
diff --git a/src/main/java/de/ozgcloud/operator/keycloak/user/UserSecretBuilder.java b/src/main/java/de/ozgcloud/operator/keycloak/user/UserSecretBuilder.java
new file mode 100644
index 0000000000000000000000000000000000000000..6306aeaca5d216dc94ec28c096c036defc850bd2
--- /dev/null
+++ b/src/main/java/de/ozgcloud/operator/keycloak/user/UserSecretBuilder.java
@@ -0,0 +1,33 @@
+package de.ozgcloud.operator.keycloak.user;
+
+import org.springframework.stereotype.Component;
+
+import de.ozgcloud.operator.keycloak.user.OzgKeycloakUserSpec.KeycloakUserSpecUser;
+import io.fabric8.kubernetes.api.model.ObjectMeta;
+import io.fabric8.kubernetes.api.model.Secret;
+import io.fabric8.kubernetes.api.model.SecretBuilder;
+
+@Component
+class UserSecretBuilder {
+
+ static final String SECRET_TYPE = "Opaque";
+ static final String SECRET_PASSWORD_FIELD = "password";
+ static final String SECRET_NAME_FIELD = "name";
+
+ public Secret build(String name, KeycloakUserSpecUser userSpec, String namespace) {
+ return new SecretBuilder()
+ .withType(SECRET_TYPE)
+ .withMetadata(createMetaData(name, namespace))
+ .addToStringData(SECRET_NAME_FIELD, userSpec.getUsername())
+ .addToStringData(SECRET_PASSWORD_FIELD, userSpec.getPassword())
+ .build();
+ }
+
+ private ObjectMeta createMetaData(String name, String namespace) {
+ var metadata = new ObjectMeta();
+ metadata.setName(name);
+ metadata.setNamespace(namespace);
+
+ return metadata;
+ }
+}
\ No newline at end of file
diff --git a/src/main/java/de/ozgcloud/operator/keycloak/user/UserSecretService.java b/src/main/java/de/ozgcloud/operator/keycloak/user/UserSecretService.java
index 3b2543e269eef25c243c2455f55787d32f8a0a78..3997b4a80c99da0ec5b39ba469d1e2147cc05d31 100644
--- a/src/main/java/de/ozgcloud/operator/keycloak/user/UserSecretService.java
+++ b/src/main/java/de/ozgcloud/operator/keycloak/user/UserSecretService.java
@@ -1,33 +1,21 @@
package de.ozgcloud.operator.keycloak.user;
-import java.util.Base64;
import java.util.Objects;
-import java.util.logging.Level;
-import org.apache.commons.collections.MapUtils;
-import org.apache.commons.lang3.RandomStringUtils;
-import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
-import de.ozgcloud.operator.keycloak.user.OzgKeycloakUserSpec.KeycloakUserSpecUser;
-import io.fabric8.kubernetes.api.model.ObjectMeta;
import io.fabric8.kubernetes.api.model.Secret;
-import io.fabric8.kubernetes.api.model.SecretBuilder;
import io.fabric8.kubernetes.client.dsl.Resource;
import io.fabric8.kubernetes.client.extension.ResourceAdapter;
-import lombok.extern.java.Log;
-@Log
@Component
class UserSecretService {
- static final String SECRET_PASSWORD_FIELD = "password";
- static final String SECRET_NAME_FIELD = "name";
-
- private static final String SECRET_TYPE = "Opaque";
- private static final String USER_NAME_VALIDITY_REGEX = "[^a-zA-Z0-9]";
-
+ @Autowired
+ private UserNameConverter userNameMapper;
+ @Autowired
+ private UserSecretBuilder secretBuilder;
@Autowired
private KubernetesRemoteService kubernetesRemoteService;
@@ -36,8 +24,9 @@ class UserSecretService {
}
public void create(OzgKeycloakUserSpec userSpec, String namespace) {
- log.log(Level.INFO, "Create secret for user: " + userSpec.getKeycloakUser().getUsername());
- var credentialsSecret = createUserSecret(userSpec.getKeycloakUser(), namespace);
+ var secretName = userNameMapper.toSecretName(userSpec.getKeycloakUser());
+
+ var credentialsSecret = secretBuilder.build(secretName, userSpec.getKeycloakUser(), namespace);
var adapter = createResourceAdpater(getUserSecret(userSpec, namespace));
adapter.create(credentialsSecret);
@@ -47,56 +36,9 @@ class UserSecretService {
return new ResourceAdapter<>(secretResource);
}
- Secret createUserSecret(KeycloakUserSpecUser userSpec, String namespace) {
- return new SecretBuilder()
- .withType(SECRET_TYPE)
- .withMetadata(createMetaData(userSpec, namespace))
- .addToStringData(SECRET_NAME_FIELD, userSpec.getUsername())
- .addToStringData(SECRET_PASSWORD_FIELD, getPassword(userSpec.getPassword()))
- .build();
- }
-
- private ObjectMeta createMetaData(KeycloakUserSpecUser userSpec, String namespace) {
- var name = buildCredentialSecretName(userSpec);
- var metadata = new ObjectMeta();
- metadata.setName(name);
- metadata.setNamespace(namespace);
- return metadata;
- }
-
- String getPassword(String userPassword) {
- return StringUtils.isEmpty(userPassword) ? generateRandomPasswordForKeycloak() : userPassword;
- }
-
- String generateRandomPasswordForKeycloak() {
- log.log(Level.INFO, "Generate password...");
- var upperCaseCharacter = RandomStringUtils.randomAlphabetic(1).toUpperCase();
- var randomString = RandomStringUtils.randomAlphanumeric(7);
- return upperCaseCharacter + randomString;
- }
-
- public String getPassword(OzgKeycloakUserSpec userSpec, String namespace) {
- return getPassword(getUserSecret(userSpec, namespace));
- }
-
Resource<Secret> getUserSecret(OzgKeycloakUserSpec userSpec, String namespace) {
- var secretName = buildCredentialSecretName(userSpec.getKeycloakUser());
- return kubernetesRemoteService.getSecret(namespace, secretName);
- }
-
- private String buildCredentialSecretName(KeycloakUserSpecUser userSpec) {
- return clarifyName(userSpec.getUsername().toLowerCase()) + "-credentials";
- }
-
- String clarifyName(String userName) {
- return userName.replaceAll(USER_NAME_VALIDITY_REGEX, StringUtils.EMPTY);
- }
+ var secretName = userNameMapper.toSecretName(userSpec.getKeycloakUser());
- private String getPassword(Resource<Secret> secret) {
- return decodeBase64(MapUtils.getString(secret.get().getData(), SECRET_PASSWORD_FIELD));
- }
-
- private String decodeBase64(String base64String) {
- return new String(Base64.getDecoder().decode(base64String));
+ return kubernetesRemoteService.getSecret(namespace, secretName);
}
}
diff --git a/src/test/java/de/ozgcloud/operator/keycloak/user/KeycloakUserServiceTest.java b/src/test/java/de/ozgcloud/operator/keycloak/user/KeycloakUserServiceTest.java
index aa3585c71f3fe6ef7913d589afcf265b93cd4e17..ef41f004f2d0d7b1195107d4c55cc6dfcfda255e 100644
--- a/src/test/java/de/ozgcloud/operator/keycloak/user/KeycloakUserServiceTest.java
+++ b/src/test/java/de/ozgcloud/operator/keycloak/user/KeycloakUserServiceTest.java
@@ -49,7 +49,6 @@ class KeycloakUserServiceTest {
private static final String TEST_NAMESPACE = "TestNamespace";
private static final String TEST_USERID = "TestUserId";
- private static final String PASSWORD = "CreatedDummyPassword";
@Spy
@InjectMocks
@@ -81,7 +80,6 @@ class KeycloakUserServiceTest {
@BeforeEach
void mock() {
- when(userSecretService.getPassword(any(), any())).thenReturn(PASSWORD);
when(userSecretService.exists(any(), any())).thenReturn(false);
}
@@ -93,21 +91,40 @@ class KeycloakUserServiceTest {
}
@Test
- void shouldGetPasswordFromSecret() {
- service.createOrUpdateUser(userSpec, TEST_NAMESPACE);
-
- verify(userSecretService).getPassword(userSpec, TEST_NAMESPACE);
- }
-
- @Test
- void shouldSetPasswortFromSecret() {
+ void shouldUpdatePasswordIfNoExists() {
var userWithoutPassword = OzgKeycloakUserSpecTestFactory.createBuilder()
.keycloakUser(KeycloakUserSpecUserTestFactory.createBuiler().password(StringUtils.EMPTY).build()).build();
service.createOrUpdateUser(userWithoutPassword, TEST_NAMESPACE);
verify(userMapper).map(ozgKeycloakUserSpecCaptor.capture());
- assertThat(ozgKeycloakUserSpecCaptor.getValue().getKeycloakUser().getPassword()).isEqualTo(PASSWORD);
+ assertThat(ozgKeycloakUserSpecCaptor.getValue().getKeycloakUser().getPassword()).isNotEmpty();
+ }
+ }
+
+ @DisplayName("generate password")
+ @Nested
+ class TestGeneratePassword {
+
+ @Test
+ void shouldHaveSize() {
+ var password = service.generatePassword();
+
+ assertThat(password).hasSize(8);
+ }
+
+ @Test
+ void shouldHaveUpperCaseLetterAtFirst() {
+ var password = service.generatePassword();
+
+ assertThat(StringUtils.substring(password, 0, 1)).isUpperCase();
+ }
+
+ @Test
+ void shouldContainsAlphanumericOnly() {
+ var password = service.generatePassword();
+
+ assertThat(password).isAlphanumeric();
}
}
diff --git a/src/test/java/de/ozgcloud/operator/keycloak/user/UserNameConverterTest.java b/src/test/java/de/ozgcloud/operator/keycloak/user/UserNameConverterTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..91ceb5745de5dc574a59293717462937319ac9ae
--- /dev/null
+++ b/src/test/java/de/ozgcloud/operator/keycloak/user/UserNameConverterTest.java
@@ -0,0 +1,49 @@
+package de.ozgcloud.operator.keycloak.user;
+
+import static org.assertj.core.api.Assertions.*;
+import static org.mockito.Mockito.*;
+
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Nested;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.ValueSource;
+import org.mockito.Spy;
+
+class UserNameConverterTest {
+
+ @Spy
+ private UserNameConverter converter = new UserNameConverter();
+
+ @DisplayName("To secretName")
+ @Nested
+ class TestToSecretName {
+
+ @Test
+ void shouldReturnName() {
+ var secretName = converter.toSecretName(KeycloakUserSpecUserTestFactory.create());
+
+ assertThat(secretName).isEqualTo(KeycloakUserSpecUserTestFactory.USERNAME.toLowerCase() + "-credentials");
+ }
+
+ @Test
+ void shouldClarifyUserName() {
+ converter.toSecretName(KeycloakUserSpecUserTestFactory.create());
+
+ verify(converter).clarifyName(KeycloakUserSpecUserTestFactory.USERNAME.toLowerCase());
+ }
+
+ @DisplayName("clarify name")
+ @Nested
+ class TestClarifyName {
+
+ @ValueSource(strings = { "_user_name_", ".user.name.", "-user-name-" })
+ @ParameterizedTest
+ void shouldReplaceForbiddenCharacter(String userName) {
+ var clarifiedName = converter.clarifyName(userName);
+
+ assertThat(clarifiedName).isEqualTo("username");
+ }
+ }
+ }
+}
\ No newline at end of file
diff --git a/src/test/java/de/ozgcloud/operator/keycloak/user/UserSecretBuilderTest.java b/src/test/java/de/ozgcloud/operator/keycloak/user/UserSecretBuilderTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..1770592461d15be5dc562da0e73d2ac4026fdcaa
--- /dev/null
+++ b/src/test/java/de/ozgcloud/operator/keycloak/user/UserSecretBuilderTest.java
@@ -0,0 +1,65 @@
+package de.ozgcloud.operator.keycloak.user;
+
+import static org.assertj.core.api.Assertions.*;
+
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Nested;
+import org.junit.jupiter.api.Test;
+
+import de.ozgcloud.operator.keycloak.user.OzgKeycloakUserSpec.KeycloakUserSpecUser;
+
+public class UserSecretBuilderTest {
+
+ private final static String NAME = "dummyName";
+ private final static String NAMESPACE = "dummyNamespace";
+
+ private UserSecretBuilder builder = new UserSecretBuilder();
+
+ @DisplayName("Build")
+ @Nested
+ class TestBuild {
+
+ private final KeycloakUserSpecUser userSpec = KeycloakUserSpecUserTestFactory.create();
+
+ @Test
+ void shouldHaveType() {
+ var secret = builder.build(NAME, userSpec, NAMESPACE);
+
+ assertThat(secret.getType()).isEqualTo(UserSecretBuilder.SECRET_TYPE);
+ }
+
+ @Test
+ void shouldHaveUserName() {
+ var secret = builder.build(NAME, userSpec, NAMESPACE);
+
+ assertThat(secret.getStringData()).containsEntry(UserSecretBuilder.SECRET_NAME_FIELD, KeycloakUserSpecUserTestFactory.USERNAME);
+ }
+
+ @Test
+ void shouldHavePassword() {
+ var secret = builder.build(NAME, userSpec, NAMESPACE);
+
+ assertThat(secret.getStringData()).containsEntry(UserSecretBuilder.SECRET_PASSWORD_FIELD,
+ KeycloakUserSpecUserTestFactory.PASSWORD);
+ }
+
+ @DisplayName("metadata")
+ @Nested
+ class TestMetaData {
+
+ @Test
+ void shouldHaveName() {
+ var secret = builder.build(NAME, userSpec, NAMESPACE);
+
+ assertThat(secret.getMetadata().getName()).isEqualTo(NAME);
+ }
+
+ @Test
+ void shouldHaveNamespace() {
+ var secret = builder.build(NAME, userSpec, NAMESPACE);
+
+ assertThat(secret.getMetadata().getNamespace()).isEqualTo(NAMESPACE);
+ }
+ }
+ }
+}
diff --git a/src/test/java/de/ozgcloud/operator/keycloak/user/UserSecretServiceTest.java b/src/test/java/de/ozgcloud/operator/keycloak/user/UserSecretServiceTest.java
index 48014e1f90fb6195106d81d8294f7c89bce266ee..a69b46d4508d4da9049c60b57770f6af7b5586df 100644
--- a/src/test/java/de/ozgcloud/operator/keycloak/user/UserSecretServiceTest.java
+++ b/src/test/java/de/ozgcloud/operator/keycloak/user/UserSecretServiceTest.java
@@ -4,22 +4,15 @@ import static org.assertj.core.api.Assertions.*;
import static org.mockito.ArgumentMatchers.*;
import static org.mockito.Mockito.*;
-import java.util.Base64;
-
-import org.apache.commons.lang3.StringUtils;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
-import org.junit.jupiter.params.ParameterizedTest;
-import org.junit.jupiter.params.provider.ValueSource;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Spy;
-import de.ozgcloud.operator.keycloak.user.OzgKeycloakUserSpec.KeycloakUserSpecUser;
import io.fabric8.kubernetes.api.model.Secret;
-import io.fabric8.kubernetes.api.model.SecretBuilder;
import io.fabric8.kubernetes.client.dsl.Resource;
import io.fabric8.kubernetes.client.extension.ResourceAdapter;
@@ -31,6 +24,10 @@ class UserSecretServiceTest {
@InjectMocks
private UserSecretService userSecretService;
@Mock
+ private UserNameConverter userNameConverter;
+ @Mock
+ private UserSecretBuilder secretBuilder;
+ @Mock
private KubernetesRemoteService kubernetesRemoteService;
@DisplayName("Exists secret")
@@ -41,6 +38,8 @@ class UserSecretServiceTest {
@Mock
private Resource<Secret> resourceMock;
+ @Mock
+ private Secret secret;
@BeforeEach
void mock() {
@@ -49,7 +48,7 @@ class UserSecretServiceTest {
@Test
void shouldGetUserSecret() {
- when(resourceMock.get()).thenReturn(new Secret());
+ when(resourceMock.get()).thenReturn(secret);
userSecretService.exists(userSpec, NAMESPACE);
@@ -58,7 +57,7 @@ class UserSecretServiceTest {
@Test
void shouldReturnTrueIfExists() {
- when(resourceMock.get()).thenReturn(new Secret());
+ when(resourceMock.get()).thenReturn(secret);
var exists = userSecretService.exists(userSpec, NAMESPACE);
@@ -90,16 +89,23 @@ class UserSecretServiceTest {
@BeforeEach
void mock() {
- doReturn(secret).when(userSecretService).createUserSecret(any(), any());
+ doReturn(secret).when(secretBuilder).build(any(), any(), any());
doReturn(secretResource).when(userSecretService).getUserSecret(any(), any());
doReturn(resourceAdapter).when(userSecretService).createResourceAdpater(any());
}
+ @Test
+ void shouldConvertName() {
+ userSecretService.create(userSpec, NAMESPACE);
+
+ verify(userNameConverter).toSecretName(userSpec.getKeycloakUser());
+ }
+
@Test
void shouldBuildUserSecret() {
userSecretService.create(userSpec, NAMESPACE);
- verify(userSecretService).createUserSecret(userSpec.getKeycloakUser(), NAMESPACE);
+ verify(secretBuilder).build(any(), eq(userSpec.getKeycloakUser()), eq(NAMESPACE));
}
@Test
@@ -124,162 +130,31 @@ class UserSecretServiceTest {
}
}
- @DisplayName("Create user secret")
- @Nested
- class TestCreateUserSecret {
-
- private final KeycloakUserSpecUser userSpec = KeycloakUserSpecUserTestFactory.create();
-
- @Test
- void shouldHaveType() {
- var secret = userSecretService.createUserSecret(userSpec, NAMESPACE);
-
- assertThat(secret.getType()).isEqualTo("Opaque");
- }
-
- @Test
- void shouldHaveUserName() {
- var secret = userSecretService.createUserSecret(userSpec, NAMESPACE);
-
- assertThat(secret.getStringData()).containsEntry(UserSecretService.SECRET_NAME_FIELD, KeycloakUserSpecUserTestFactory.USERNAME);
- }
-
- @Test
- void shouldHavePassword() {
- doReturn(KeycloakUserSpecUserTestFactory.PASSWORD).when(userSecretService).getPassword(any());
-
- var secret = userSecretService.createUserSecret(userSpec, NAMESPACE);
-
- assertThat(secret.getStringData()).containsEntry(UserSecretService.SECRET_PASSWORD_FIELD,
- KeycloakUserSpecUserTestFactory.PASSWORD);
- }
-
- @DisplayName("metadata")
- @Nested
- class TestMetaData {
-
- @Test
- void shouldHaveName() {
- var secret = userSecretService.createUserSecret(userSpec, NAMESPACE);
-
- assertThat(secret.getMetadata().getName()).isEqualTo(userSpec.getUsername() + "-credentials");
- }
-
- @Test
- void shouldHaveNamespace() {
- var secret = userSecretService.createUserSecret(userSpec, NAMESPACE);
-
- assertThat(secret.getMetadata().getNamespace()).isEqualTo(NAMESPACE);
- }
- }
- }
-
- @DisplayName("Get password")
- @Nested
- class TestGetPassword {
-
- @Test
- void shouldReturnPasswordIfExists() {
- var password = userSecretService.getPassword(KeycloakUserSpecUserTestFactory.PASSWORD);
-
- assertThat(password).isEqualTo(KeycloakUserSpecUserTestFactory.PASSWORD);
- }
-
- @Test
- void shouldGeneratePasswordIfNotExists() {
- userSecretService.getPassword(StringUtils.EMPTY);
-
- verify(userSecretService).generateRandomPasswordForKeycloak();
- }
-
- @DisplayName("generate random password for keycloak")
- @Nested
- class TestGenerateRandomPasswordForKeycloak {
-
- @Test
- void shouldHaveSize() {
- var password = userSecretService.getPassword(StringUtils.EMPTY);
-
- assertThat(password).hasSize(8);
- }
-
- @Test
- void shouldHaveUpperCaseLetterAtFirst() {
- var password = userSecretService.getPassword(StringUtils.EMPTY);
-
- assertThat(StringUtils.substring(password, 0, 1)).isUpperCase();
- }
-
- @Test
- void shouldContainsAlphanumericOnly() {
- var password = userSecretService.getPassword(StringUtils.EMPTY);
-
- assertThat(password).isAlphanumeric();
- }
- }
- }
-
- @DisplayName("Get password from secret")
+ @DisplayName("Get user secret")
@Nested
- class TestGetPasswordFromSecret {
-
- @Mock
- private Resource<Secret> resource;
- private OzgKeycloakUserSpec userSpec = OzgKeycloakUserSpecTestFactory.create();
- private Secret secret = new SecretBuilder()
- .addToData(UserSecretService.SECRET_PASSWORD_FIELD, Base64.getEncoder().encodeToString("dummyPassword".getBytes()))
- .build();
+ class TestGetUserSecret {
- @Test
- void shouldGetUserSecret() {
- doReturn(resource).when(userSecretService).getUserSecret(any(), any());
- when(resource.get()).thenReturn(secret);
+ private final OzgKeycloakUserSpec userSpec = OzgKeycloakUserSpecTestFactory.create();
- userSecretService.getPassword(userSpec, NAMESPACE);
+ private final static String CONVERTED_NAME = "SecretConformName";
- verify(userSecretService).getUserSecret(userSpec, NAMESPACE);
+ @BeforeEach
+ void mockConverter() {
+ when(userNameConverter.toSecretName(any())).thenReturn(CONVERTED_NAME);
}
@Test
- void shouldReturnDecodedPassword() {
- doReturn(resource).when(userSecretService).getUserSecret(any(), any());
- when(resource.get()).thenReturn(secret);
+ void shouldConvertToSecretName() {
+ userSecretService.getUserSecret(userSpec, NAMESPACE);
- var password = userSecretService.getPassword(userSpec, NAMESPACE);
-
- assertThat(password).isEqualTo("dummyPassword");
+ verify(userNameConverter).toSecretName(userSpec.getKeycloakUser());
}
- }
-
- @DisplayName("Get user secret")
- @Nested
- class TestGetUserSecret {
@Test
void shouldGetSecret() {
- userSecretService.getUserSecret(OzgKeycloakUserSpecTestFactory.create(), NAMESPACE);
-
- verify(kubernetesRemoteService).getSecret(NAMESPACE, KeycloakUserSpecUserTestFactory.USERNAME + "-credentials");
- }
-
- @Test
- void shouldClarifyUserName() {
- userSecretService.getUserSecret(OzgKeycloakUserSpecTestFactory.create(), NAMESPACE);
-
- verify(userSecretService).clarifyName(KeycloakUserSpecUserTestFactory.USERNAME.toLowerCase());
- }
- }
-
- @DisplayName("Clarify name")
- @Nested
- class TestClarifyName {
-
- @ValueSource(strings = { "_user_name_", ".user.name.", "-user-name-" })
- @ParameterizedTest
- void shouldReplaceForbiddenCharacter(String userName) {
- var clarifiedName = userSecretService.clarifyName(userName);
+ userSecretService.getUserSecret(userSpec, NAMESPACE);
- assertThat(clarifiedName).isEqualTo("username");
+ verify(kubernetesRemoteService).getSecret(NAMESPACE, CONVERTED_NAME);
}
}
-}
+}
\ No newline at end of file