From 6f0616d0d9b2e09b1d722ed6522b72c6950c23cf Mon Sep 17 00:00:00 2001 From: woody35545 Date: Mon, 15 Apr 2024 13:16:57 +0900 Subject: [PATCH 01/10] =?UTF-8?q?chore:=20#8=20`gitignore`=20-=20Secret=20?= =?UTF-8?q?Key=20Manager=EC=97=90=20=EC=82=AC=EC=9A=A9=ED=95=A0=20?= =?UTF-8?q?=EC=9D=B8=EC=A6=9D=ED=82=A4=20=ED=8C=8C=EC=9D=BC=20ignore?= =?UTF-8?q?=EC=97=90=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitignore | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.gitignore b/.gitignore index 549e00a..843d938 100644 --- a/.gitignore +++ b/.gitignore @@ -31,3 +31,9 @@ build/ ### VS Code ### .vscode/ + +### Key Files ### +*.p12 + +### yaml ### +application-local.yml \ No newline at end of file From 506c431f9359f003406de796747e711a27c8d128 Mon Sep 17 00:00:00 2001 From: woody35545 Date: Mon, 15 Apr 2024 13:17:34 +0900 Subject: [PATCH 02/10] =?UTF-8?q?feat:=20#8=20`SecretKeyProperties`=20-=20?= =?UTF-8?q?Secret=20Key=20Manager=20=EC=97=90=20=EB=93=B1=EB=A1=9D?= =?UTF-8?q?=EB=90=9C=20=EA=B8=B0=EB=B0=80=20=EB=8D=B0=EC=9D=B4=ED=84=B0?= =?UTF-8?q?=EC=9D=98=20key=20id=EB=A5=BC=20=EC=A0=80=EC=9E=A5=ED=95=98?= =?UTF-8?q?=EB=8A=94=20=ED=94=84=EB=A1=9C=ED=8D=BC=ED=8B=B0=20=ED=81=B4?= =?UTF-8?q?=EB=9E=98=EC=8A=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../properties/SecretKeyProperties.java | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 src/main/java/com/t3t/authenticationapi/keymanager/properties/SecretKeyProperties.java diff --git a/src/main/java/com/t3t/authenticationapi/keymanager/properties/SecretKeyProperties.java b/src/main/java/com/t3t/authenticationapi/keymanager/properties/SecretKeyProperties.java new file mode 100644 index 0000000..8b39d03 --- /dev/null +++ b/src/main/java/com/t3t/authenticationapi/keymanager/properties/SecretKeyProperties.java @@ -0,0 +1,34 @@ +package com.t3t.authenticationapi.keymanager.properties; + +import lombok.Getter; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Profile; +import org.springframework.stereotype.Component; + +/** + * Secret Key Manager 에 등록된 기밀 데이터의 key id를 저장하는 프로퍼티 클래스 + * @author woody35545(구건모) + */ +@Profile("!local") +@Getter +@Component +public class SecretKeyProperties { + @Value("${t3t.secretKeyManager.secrets.databaseServerIpAddress.keyId}") + private String databaseIpAddressKeyId; + @Value("${t3t.secretKeyManager.secrets.databaseServerPort.keyId}") + private String databasePortKeyId; + @Value("${t3t.secretKeyManager.secrets.databaseServerUsername.keyId}") + private String databaseNameKeyId; + @Value("${t3t.secretKeyManager.secrets.databaseName.keyId}") + private String databaseUsernameKeyId; + @Value("${t3t.secretKeyManager.secrets.databaseServerPassword.keyId}") + private String databasePasswordKeyId; + @Value("${t3t.secretKeyManager.secrets.jwtSecretKey.keyId}") + private String jwtSecretKeyId; + @Value("${t3t.secretKeyManager.secrets.redisServerIpAddress.keyId}") + private String redisIpAddressKeyId; + @Value("${t3t.secretKeyManager.secrets.redisServerPort.keyId}") + private String redisPortKeyId; + @Value("${t3t.secretKeyManager.secrets.redisServerPassword.keyId}") + private String redisPasswordKeyId; +} From 220617bf3d2c37c5d5ef79c2db6b4babdac23aaf Mon Sep 17 00:00:00 2001 From: woody35545 Date: Mon, 15 Apr 2024 13:18:38 +0900 Subject: [PATCH 03/10] =?UTF-8?q?feat:=20#8=20`SecretKeyManagerProperties`?= =?UTF-8?q?=20-=20Secret=20Key=20Manager=20=EC=97=90=EC=84=9C=20=EC=82=AC?= =?UTF-8?q?=EC=9A=A9=EB=90=A0=20=EC=86=8D=EC=84=B1=EC=9D=84=20=EC=A0=80?= =?UTF-8?q?=EC=9E=A5=ED=95=98=EB=8A=94=20=ED=94=84=EB=A1=9C=ED=8D=BC?= =?UTF-8?q?=ED=8B=B0=20=ED=81=B4=EB=9E=98=EC=8A=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../SecretKeyManagerProperties.java | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 src/main/java/com/t3t/authenticationapi/keymanager/properties/SecretKeyManagerProperties.java diff --git a/src/main/java/com/t3t/authenticationapi/keymanager/properties/SecretKeyManagerProperties.java b/src/main/java/com/t3t/authenticationapi/keymanager/properties/SecretKeyManagerProperties.java new file mode 100644 index 0000000..89329b9 --- /dev/null +++ b/src/main/java/com/t3t/authenticationapi/keymanager/properties/SecretKeyManagerProperties.java @@ -0,0 +1,25 @@ +package com.t3t.authenticationapi.keymanager.properties; + +import lombok.Getter; +import lombok.Setter; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Profile; +import org.springframework.core.io.Resource; + +/** + * Secret Key Manager 에서 사용될 속성을 저장하는 프로퍼티 클래스 + * @author woody35545(구건모) + */ +@Getter +@Setter +@Profile("!local") +@ConfigurationProperties(prefix = "t3t.secret-key-manager") +public class SecretKeyManagerProperties { + private String appKey; + private String password; + private String certKeyType; + private String certKeyPath; + @Value("${t3t.secretKeyManager.certKeyPath}") + private Resource certKey; +} \ No newline at end of file From 22acb0a8db25b6250a318e3524b3c1d3cbd5f5eb Mon Sep 17 00:00:00 2001 From: woody35545 Date: Mon, 15 Apr 2024 13:19:00 +0900 Subject: [PATCH 04/10] =?UTF-8?q?feat:=20#8=20`SecretKeyManagerResponse`?= =?UTF-8?q?=20-=20Secret=20Key=20Manager=20API=EC=9D=98=20=EC=9D=91?= =?UTF-8?q?=EB=8B=B5=20=ED=98=95=EC=8B=9D=EC=9D=84=20=EC=A0=95=EC=9D=98?= =?UTF-8?q?=ED=95=9C=20=ED=81=B4=EB=9E=98=EC=8A=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../response/SecretKeyManagerResponse.java | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 src/main/java/com/t3t/authenticationapi/keymanager/model/response/SecretKeyManagerResponse.java diff --git a/src/main/java/com/t3t/authenticationapi/keymanager/model/response/SecretKeyManagerResponse.java b/src/main/java/com/t3t/authenticationapi/keymanager/model/response/SecretKeyManagerResponse.java new file mode 100644 index 0000000..b6736f4 --- /dev/null +++ b/src/main/java/com/t3t/authenticationapi/keymanager/model/response/SecretKeyManagerResponse.java @@ -0,0 +1,25 @@ +package com.t3t.authenticationapi.keymanager.model.response; + +import lombok.Getter; + +/** + * Secret Key Manager API의 응답 형식을 정의한 클래스 + * @author woody35545(구건모) + */ +@Getter +public class SecretKeyManagerResponse { + private SecretKeyManagerResponseHeaderPartDto header; + private SecretKeyManagerResponseBodyPartDto body; + + @Getter + public static class SecretKeyManagerResponseHeaderPartDto { + private int resultCode; + private String resultMessage; + private String isSuccessful; + } + + @Getter + public static class SecretKeyManagerResponseBodyPartDto { + private String secret; + } +} From c159ba5ddaff17e16400e80fba2a96e2fa9cb9a7 Mon Sep 17 00:00:00 2001 From: woody35545 Date: Mon, 15 Apr 2024 13:19:21 +0900 Subject: [PATCH 05/10] =?UTF-8?q?feat:=20#8=20`SecretKeyManagerApiRequestF?= =?UTF-8?q?ailedException`=20-=20Secret=20Key=20Manager=20API=20=EC=9A=94?= =?UTF-8?q?=EC=B2=AD=EC=9D=B4=20=EC=8B=A4=ED=8C=A8=ED=95=9C=20=EA=B2=BD?= =?UTF-8?q?=EC=9A=B0=20=EB=B0=9C=EC=83=9D=ED=95=98=EB=8A=94=20=EC=98=88?= =?UTF-8?q?=EC=99=B8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../SecretKeyManagerApiRequestFailedException.java | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 src/main/java/com/t3t/authenticationapi/exception/SecretKeyManagerApiRequestFailedException.java diff --git a/src/main/java/com/t3t/authenticationapi/exception/SecretKeyManagerApiRequestFailedException.java b/src/main/java/com/t3t/authenticationapi/exception/SecretKeyManagerApiRequestFailedException.java new file mode 100644 index 0000000..a2d9aa7 --- /dev/null +++ b/src/main/java/com/t3t/authenticationapi/exception/SecretKeyManagerApiRequestFailedException.java @@ -0,0 +1,10 @@ +package com.t3t.authenticationapi.exception; + +/** + * Secret Key Manager API 요청이 실패한 경우 발생하는 예외 + */ +public class SecretKeyManagerApiRequestFailedException extends RuntimeException{ + public SecretKeyManagerApiRequestFailedException(String message) { + super(message); + } +} From 47a3b066bb1e5c3b083b3442067a766607559c57 Mon Sep 17 00:00:00 2001 From: woody35545 Date: Mon, 15 Apr 2024 13:19:45 +0900 Subject: [PATCH 06/10] =?UTF-8?q?feat:=20#8=20`RestTemplateConfig`=20-=20S?= =?UTF-8?q?ecret=20Key=20Manager=20=EC=9D=B8=EC=A6=9D=EC=84=9C=EB=A5=BC=20?= =?UTF-8?q?=EC=82=AC=EC=9A=A9=ED=95=98=EC=97=AC=20=EC=9A=94=EC=B2=AD?= =?UTF-8?q?=EC=9D=84=20=EB=B3=B4=EB=82=B4=EA=B8=B0=20=EC=9C=84=ED=95=9C=20?= =?UTF-8?q?RestTemplate=20=EB=B9=88=20=EB=93=B1=EB=A1=9D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../config/RestTemplateConfig.java | 52 +++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 src/main/java/com/t3t/authenticationapi/config/RestTemplateConfig.java diff --git a/src/main/java/com/t3t/authenticationapi/config/RestTemplateConfig.java b/src/main/java/com/t3t/authenticationapi/config/RestTemplateConfig.java new file mode 100644 index 0000000..a5dbf2a --- /dev/null +++ b/src/main/java/com/t3t/authenticationapi/config/RestTemplateConfig.java @@ -0,0 +1,52 @@ +package com.t3t.authenticationapi.config; + +import com.t3t.authenticationapi.keymanager.properties.SecretKeyManagerProperties; +import org.apache.http.conn.ssl.SSLConnectionSocketFactory; +import org.apache.http.impl.client.HttpClients; +import org.apache.http.ssl.SSLContextBuilder; +import org.springframework.boot.web.client.RestTemplateBuilder; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Profile; +import org.springframework.http.HttpHeaders; +import org.springframework.http.MediaType; +import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; +import org.springframework.web.client.RestTemplate; + +import java.io.IOException; +import java.security.*; +import java.security.cert.CertificateException; +import java.time.Duration; + + +@Configuration +public class RestTemplateConfig { + + /** + * Secret Key Manager 인증서를 사용하여 요청을 보내기 위한 RestTemplate 빈 등록 + * @author woody35545(구건모) + */ + @Bean + @Profile("!local") + public RestTemplate sslRestTemplate(SecretKeyManagerProperties secretKeyManagerProperties) + throws KeyStoreException, IOException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyManagementException, CertificateException { + + KeyStore keyStore = KeyStore.getInstance(secretKeyManagerProperties.getCertKeyType()); + + keyStore.load(secretKeyManagerProperties.getCertKey().getInputStream(), + secretKeyManagerProperties.getPassword().toCharArray()); + + RestTemplate sslRestTemplate = new RestTemplateBuilder() + .setConnectTimeout(Duration.ofSeconds(5)) + .setConnectTimeout(Duration.ofSeconds(5)) + .defaultHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE) + .defaultHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE) + .build(); + + sslRestTemplate.setRequestFactory(new HttpComponentsClientHttpRequestFactory(HttpClients.custom() + .setSSLSocketFactory(new SSLConnectionSocketFactory(SSLContextBuilder.create() + .loadKeyMaterial(keyStore, secretKeyManagerProperties.getPassword().toCharArray()).build())).build())); + + return sslRestTemplate; + } +} From bcf785b6fcdf4e73f2e2e7110b4f8ec36b03f3f7 Mon Sep 17 00:00:00 2001 From: woody35545 Date: Mon, 15 Apr 2024 13:20:09 +0900 Subject: [PATCH 07/10] =?UTF-8?q?feat:=20#8=20`AuthenticationApiApplicatio?= =?UTF-8?q?n`=20-=20ConfigurationPropertiesScan=20=ED=99=9C=EC=84=B1?= =?UTF-8?q?=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../t3t/authenticationapi/AuthenticationApiApplication.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/t3t/authenticationapi/AuthenticationApiApplication.java b/src/main/java/com/t3t/authenticationapi/AuthenticationApiApplication.java index cfcaebf..118386f 100644 --- a/src/main/java/com/t3t/authenticationapi/AuthenticationApiApplication.java +++ b/src/main/java/com/t3t/authenticationapi/AuthenticationApiApplication.java @@ -2,9 +2,10 @@ import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.boot.context.properties.ConfigurationPropertiesScan; import org.springframework.cloud.client.discovery.EnableDiscoveryClient; - +@ConfigurationPropertiesScan @SpringBootApplication @EnableDiscoveryClient public class AuthenticationApiApplication { From 82645faa87913448d720c05e6d40ceb167d4e8b3 Mon Sep 17 00:00:00 2001 From: woody35545 Date: Mon, 15 Apr 2024 13:20:52 +0900 Subject: [PATCH 08/10] =?UTF-8?q?feat:=20#8=20`application.yml`=20-=20Secr?= =?UTF-8?q?et=20Key=20Manager=20=EA=B4=80=EB=A0=A8=20=EC=84=A4=EC=A0=95=20?= =?UTF-8?q?=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/resources/application.yml | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 628f4d4..5beb8db 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -27,4 +27,31 @@ spring: logging: level: - org.hibernate.SQL: debug \ No newline at end of file + org.hibernate.SQL: debug + +t3t: + secretKeyManager: + certKeyPath: ${secretKeyManagerCertKeyPath} + certKeyType: ${secretKeyManagerCertKeyType} + appKey: ${secretKeyManagerAppKey} + password: ${secretKeyManagerPassword} + + secrets: + databaseName: + keyId: "e3203972cbf04433b90c752f695d5736" + databaseServerIpAddress: + keyId: "62911d2c30064812b2b2c97a8dd90782" + databaseServerPort: + keyId: "48e191996aa748938a1edb62652336f4" + databaseServerUsername: + keyId: "f008c1d3f87f4f88ae57bd03871eb10d" + databaseServerPassword: + keyId: "8a65684780224384a681c3e9035ca7d6" + jwtSecretKey: + keyId: "e4f4d4a87ccd49e594f03dffee9fa58d" + redisServerIpAddress: + keyId: "10ee8b6140cc49ffa9e7a7c8a2924a3e" + redisServerPort: + keyId: "0582f8b117604b7d86e9f3ff26931cde" + redisServerPassword: + keyId: "ec1eb8e0706e402cbec8487cbcb86564" From 376d63d60645b139b17629e70b97392aa37dfc8a Mon Sep 17 00:00:00 2001 From: woody35545 Date: Mon, 15 Apr 2024 13:21:54 +0900 Subject: [PATCH 09/10] =?UTF-8?q?feat:=20#8=20`SecretKeyManagerService`=20?= =?UTF-8?q?-=20=EA=B8=B0=EB=B0=80=20=EB=8D=B0=EC=9D=B4=ED=84=B0=20?= =?UTF-8?q?=EC=A1=B0=ED=9A=8C=20=EA=B8=B0=EB=8A=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../service/SecretKeyManagerService.java | 59 +++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 src/main/java/com/t3t/authenticationapi/keymanager/service/SecretKeyManagerService.java diff --git a/src/main/java/com/t3t/authenticationapi/keymanager/service/SecretKeyManagerService.java b/src/main/java/com/t3t/authenticationapi/keymanager/service/SecretKeyManagerService.java new file mode 100644 index 0000000..c54b0c7 --- /dev/null +++ b/src/main/java/com/t3t/authenticationapi/keymanager/service/SecretKeyManagerService.java @@ -0,0 +1,59 @@ +package com.t3t.authenticationapi.keymanager.service; + +import com.t3t.authenticationapi.exception.SecretKeyManagerApiRequestFailedException; +import com.t3t.authenticationapi.keymanager.model.response.SecretKeyManagerResponse; +import com.t3t.authenticationapi.keymanager.properties.SecretKeyManagerProperties; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.springframework.context.annotation.Profile; +import org.springframework.core.ParameterizedTypeReference; +import org.springframework.http.HttpEntity; +import org.springframework.http.HttpMethod; +import org.springframework.stereotype.Service; +import org.springframework.web.client.RestTemplate; + +/** + * Secret Key Manager 에 등록된 Secret 값을 가져오기 위한 서비스 클래스 + * + * @author woody35545(구건모) + */ +@Profile("!local") +@Slf4j +@Service +@RequiredArgsConstructor +public class SecretKeyManagerService { + private final RestTemplate sslRestTemplate; + private final SecretKeyManagerProperties secretKeyManagerProperties; + + private static final ParameterizedTypeReference secretKeyManagerResponseTypeReference + = new ParameterizedTypeReference() { + }; + + /** + * Secret Key Manager 에서 Secret 값 조회 + * + * @param keyId 조회할 Key ID(Secret Key Manager 에 등록된 기밀 데이터의 Key ID) + * @return Secret Key Manager 에서 조회한 Secret 값을 String 형태로 반환 + * @author woody35545(구건모) + */ + public String getSecretValue(String keyId) { + + HttpEntity response = + sslRestTemplate.exchange("https://api-keymanager.nhncloudservice.com/keymanager/v1.0/appkey/{appKey}/secrets/{keyId}", + HttpMethod.GET, null, SecretKeyManagerResponse.class, + secretKeyManagerProperties.getAppKey(), keyId); + + SecretKeyManagerResponse responseBody = response.getBody(); + + if (responseBody == null) { + throw new SecretKeyManagerApiRequestFailedException("Response body is null."); + } + + if (responseBody.getHeader() == null || responseBody.getBody() == null || !responseBody.getHeader().getIsSuccessful().equals("true") || responseBody.getBody().getSecret() == null) { + log.error("Secret Key Manager API response: {}", responseBody); + throw new SecretKeyManagerApiRequestFailedException(new StringBuilder().append("Fail to request Secret Key Manager API (Key ID:").append(keyId).append(")").toString()); + } + + return responseBody.getBody().getSecret(); + } +} From c4e2158c517fd9698d9e483a975a9a58a03f033f Mon Sep 17 00:00:00 2001 From: woody35545 Date: Mon, 15 Apr 2024 13:22:43 +0900 Subject: [PATCH 10/10] =?UTF-8?q?test:=20#8=20`SecretKeyManagerService`=20?= =?UTF-8?q?-=20=EA=B8=B0=EB=B0=80=20=EB=8D=B0=EC=9D=B4=ED=84=B0=20?= =?UTF-8?q?=EC=A1=B0=ED=9A=8C=20=EA=B8=B0=EB=8A=A5=20=ED=85=8C=EC=8A=A4?= =?UTF-8?q?=ED=8A=B8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pom.xml | 7 +- .../keymanager/SecretKeyManagerTest.java | 169 ++++++++++++++++++ src/test/resources/application.yml | 27 +++ 3 files changed, 202 insertions(+), 1 deletion(-) create mode 100644 src/test/java/com/t3t/authenticationapi/keymanager/SecretKeyManagerTest.java diff --git a/pom.xml b/pom.xml index 5514160..bafe3fc 100644 --- a/pom.xml +++ b/pom.xml @@ -104,7 +104,12 @@ org.springframework.cloud spring-cloud-starter-netflix-eureka-client - + + junit + junit + test + + diff --git a/src/test/java/com/t3t/authenticationapi/keymanager/SecretKeyManagerTest.java b/src/test/java/com/t3t/authenticationapi/keymanager/SecretKeyManagerTest.java new file mode 100644 index 0000000..c982a35 --- /dev/null +++ b/src/test/java/com/t3t/authenticationapi/keymanager/SecretKeyManagerTest.java @@ -0,0 +1,169 @@ +package com.t3t.authenticationapi.keymanager; + +import com.t3t.authenticationapi.keymanager.properties.SecretKeyProperties; +import com.t3t.authenticationapi.keymanager.service.SecretKeyManagerService; +import lombok.extern.slf4j.Slf4j; +import org.junit.jupiter.api.Assertions; +import org.junit.jupiter.api.Disabled; +import org.junit.jupiter.api.Test; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.test.context.TestPropertySource; + +/** + * Secret Key Manager API 를 통해 기밀 데이터를 정상적으로 가져오는지에 대한 통합 테스트한다.
+ * 해당 테스트는 가져온 기밀데이터가 실제값과 동일한지 확인하는 테스트가 아니라,
+ * Secret Key Manager API 를 통해 값이 조회되는지에 대한 테스트이다.
+ * Secret Key Manager 빈을 위한 실행 환경 변수를 설정하고, application.yml 파일을 통해 테스트에 사용할 key id 를 정의하여 테스트한다.
+ * @apiNote 확인이 필요한 경우에만 실행하도록 설정하기 위해 테스트를 하고자하는 항목을 제외하고는 @Disabled 어노테이션을 선언하여 테스트를 비활성화한다.
+ * @see SecretKeyManagerService + * @see SecretKeyProperties + * @author woody35545(구건모) + */ +@SpringBootTest +@TestPropertySource(locations = "classpath:application.yml") +@Slf4j +class SecretKeyManagerTest { + + @Autowired + private SecretKeyProperties secretKeyProperties; + + @Autowired + private SecretKeyManagerService secretKeyManagerService; + + + /** + * Secret Key Manager API를 통해 databaseIpAddress 값이 정상적으로 로드되는지 테스트 + * @author woody35545(구건모) + */ + @Test + @Disabled + void databaseIpAddressLoadTest () { + + // when & then + Assertions.assertDoesNotThrow(()-> secretKeyManagerService.getSecretValue(secretKeyProperties.getDatabaseIpAddressKeyId())); + String value = secretKeyManagerService.getSecretValue(secretKeyProperties.getDatabaseIpAddressKeyId()); + Assertions.assertNotNull(value); + + log.info("databaseIpAddress => {}", value); + } + + /** + * Secret Key Manager API를 통해 databasePort 값이 정상적으로 로드되는지 테스트 + * @author woody35545(구건모) + */ + @Test + @Disabled + void databasePortLoadTest () { + + // when & then + Assertions.assertDoesNotThrow(() -> secretKeyManagerService.getSecretValue(secretKeyProperties.getDatabasePortKeyId())); + String value = secretKeyManagerService.getSecretValue(secretKeyProperties.getDatabasePortKeyId()); + Assertions.assertNotNull(value); + + log.info("databasePort => {}", value); + } + + /** + * Secret Key Manager API를 통해 databaseName 값이 정상적으로 로드되는지 테스트 + * @author woody35545(구건모) + */ + @Test + @Disabled + void databaseNameLoadTest () { + + // when & then + Assertions.assertDoesNotThrow(() -> secretKeyManagerService.getSecretValue(secretKeyProperties.getDatabaseNameKeyId())); + String value = secretKeyManagerService.getSecretValue(secretKeyProperties.getDatabaseNameKeyId()); + Assertions.assertNotNull(value); + + log.info("databaseName => {}", value); + } + + /** + * Secret Key Manager API를 통해 databaseUsername 값이 정상적으로 로드되는지 테스트 + * @author woody35545(구건모) + */ + @Test + @Disabled + void databaseUsernameLoadTest () { + + // when & then + Assertions.assertDoesNotThrow(() -> secretKeyManagerService.getSecretValue(secretKeyProperties.getDatabaseUsernameKeyId())); + String value = secretKeyManagerService.getSecretValue(secretKeyProperties.getDatabaseUsernameKeyId()); + Assertions.assertNotNull(value); + + log.info("databaseUsername => {}", value); + } + + + /** + * Secret Key Manager API를 통해 databasePassword 값이 정상적으로 로드되는지 테스트 + * @author woody35545(구건모) + */ + @Test + @Disabled + void databasePasswordLoadTest () { + Assertions.assertDoesNotThrow(() -> secretKeyManagerService.getSecretValue(secretKeyProperties.getDatabasePasswordKeyId())); + String value = secretKeyManagerService.getSecretValue(secretKeyProperties.getDatabasePasswordKeyId()); + + Assertions.assertNotNull(value); + } + + + /** + * Secret Key Manager API를 통해 jwtSecretKey 값이 정상적으로 로드되는지 테스트 + * @author woody35545(구건모) + */ + @Test + @Disabled + void jwtSecretKeyLoadTest () { + Assertions.assertDoesNotThrow(() -> secretKeyManagerService.getSecretValue(secretKeyProperties.getJwtSecretKeyId())); + String value = secretKeyManagerService.getSecretValue(secretKeyProperties.getJwtSecretKeyId()); + + Assertions.assertNotNull(value); + } + + /** + * Secret Key Manager API 를 통해 redisIpAddress 값이 정상적으로 로드되는지 테스트 + * @author woody35545(구건모) + */ + @Test + @Disabled + void redisIpAddressLoadTest() { + Assertions.assertDoesNotThrow(() -> secretKeyManagerService.getSecretValue(secretKeyProperties.getRedisIpAddressKeyId())); + + String value = secretKeyManagerService.getSecretValue(secretKeyProperties.getRedisIpAddressKeyId()); + Assertions.assertNotNull(value); + + log.info("redisIpAddress => {}", value); + } + + /** + * Secret Key Manager API 를 통해 redisPort 값이 정상적으로 로드되는지 테스트 + * @author woody35545(구건모) + */ + @Test + @Disabled + void redisPortLoadTest() { + Assertions.assertDoesNotThrow(() -> secretKeyManagerService.getSecretValue(secretKeyProperties.getRedisPortKeyId())); + + String value = secretKeyManagerService.getSecretValue(secretKeyProperties.getRedisPortKeyId()); + Assertions.assertNotNull(value); + + log.info("redisPort => {}", value); + } + + /** + * Secret Key Manager API 를 통해 redisPassword 값이 정상적으로 로드되는지 테스트 + * @author woody35545(구건모) + */ + @Test + @Disabled + void redisPasswordLoadTest() { + Assertions.assertDoesNotThrow(() -> secretKeyManagerService.getSecretValue(secretKeyProperties.getRedisPasswordKeyId())); + + String value = secretKeyManagerService.getSecretValue(secretKeyProperties.getRedisPasswordKeyId()); + Assertions.assertNotNull(value); + } +} diff --git a/src/test/resources/application.yml b/src/test/resources/application.yml index 5e12484..ff6706f 100644 --- a/src/test/resources/application.yml +++ b/src/test/resources/application.yml @@ -31,3 +31,30 @@ eureka: service-url: defaultZone : http://127.0.0.1:8761/eureka + +t3t: + secretKeyManager: + certKeyPath: ${secretKeyManagerCertKeyPath} + certKeyType: ${secretKeyManagerCertKeyType} + appKey: ${secretKeyManagerAppKey} + password: ${secretKeyManagerPassword} + + secrets: + databaseName: + keyId: "e3203972cbf04433b90c752f695d5736" + databaseServerIpAddress: + keyId: "62911d2c30064812b2b2c97a8dd90782" + databaseServerPort: + keyId: "48e191996aa748938a1edb62652336f4" + databaseServerUsername: + keyId: "f008c1d3f87f4f88ae57bd03871eb10d" + databaseServerPassword: + keyId: "8a65684780224384a681c3e9035ca7d6" + jwtSecretKey: + keyId: "e4f4d4a87ccd49e594f03dffee9fa58d" + redisServerIpAddress: + keyId: "10ee8b6140cc49ffa9e7a7c8a2924a3e" + redisServerPort: + keyId: "0582f8b117604b7d86e9f3ff26931cde" + redisServerPassword: + keyId: "ec1eb8e0706e402cbec8487cbcb86564"