From 879aa0de679e473cf03847c3ee4a1ee0d1ca0545 Mon Sep 17 00:00:00 2001 From: Brent Shaffer Date: Tue, 7 Feb 2017 13:59:43 -0800 Subject: [PATCH] adds KMS region tags, Quickstart, and tests (#502) --- kms/pom.xml | 6 +- kms/src/main/java/com/example/CryptFile.java | 4 + .../java/com/example/CryptFileCommands.java | 4 +- kms/src/main/java/com/example/Quickstart.java | 87 +++++++++++++++++++ kms/src/main/java/com/example/Snippets.java | 22 +++++ .../test/java/com/example/QuickstartIT.java | 71 +++++++++++++++ 6 files changed, 188 insertions(+), 6 deletions(-) create mode 100644 kms/src/main/java/com/example/Quickstart.java create mode 100644 kms/src/test/java/com/example/QuickstartIT.java diff --git a/kms/pom.xml b/kms/pom.xml index 5d9c2453854..27b9b56e254 100644 --- a/kms/pom.xml +++ b/kms/pom.xml @@ -62,6 +62,8 @@ UTF-8 + 1.7 + 1.7 @@ -71,10 +73,6 @@ org.apache.maven.plugins maven-compiler-plugin 3.2 - - 5 - 5 - maven-assembly-plugin diff --git a/kms/src/main/java/com/example/CryptFile.java b/kms/src/main/java/com/example/CryptFile.java index 094aec04a55..f0c59d844ae 100644 --- a/kms/src/main/java/com/example/CryptFile.java +++ b/kms/src/main/java/com/example/CryptFile.java @@ -71,6 +71,7 @@ public static byte[] encrypt(String projectId, String ringId, String keyId, byte return encrypt(projectId, ringId, keyId, null, plaintext); } + // [START kms_encrypt] /** * Encrypts the given bytes, using the specified crypto key version. */ @@ -95,7 +96,9 @@ public static byte[] encrypt( return response.decodeCiphertext(); } + // [END kms_encrypt] + // [START kms_decrypt] /** * Decrypts the given encrypted bytes, using the specified crypto key. */ @@ -117,6 +120,7 @@ public static byte[] decrypt(String projectId, String ringId, String keyId, byte return response.decodePlaintext(); } + // [END kms_decrypt] public static void main(String[] args) throws IOException { CryptFileCommands commands = new CryptFileCommands(); diff --git a/kms/src/main/java/com/example/CryptFileCommands.java b/kms/src/main/java/com/example/CryptFileCommands.java index db3cfad674e..53e7c0a111e 100644 --- a/kms/src/main/java/com/example/CryptFileCommands.java +++ b/kms/src/main/java/com/example/CryptFileCommands.java @@ -45,9 +45,9 @@ static class Args { String ringId; @Argument(metaVar = "keyId", required = true, index = 1, usage = "The key id") String keyId; - @Argument(metaVar = "inFile", required = true, index = 1, usage = "The source file") + @Argument(metaVar = "inFile", required = true, index = 2, usage = "The source file") String inFile; - @Argument(metaVar = "outFile", required = true, index = 1, usage = "The destination file") + @Argument(metaVar = "outFile", required = true, index = 3, usage = "The destination file") String outFile; } diff --git a/kms/src/main/java/com/example/Quickstart.java b/kms/src/main/java/com/example/Quickstart.java new file mode 100644 index 00000000000..3148eb7345c --- /dev/null +++ b/kms/src/main/java/com/example/Quickstart.java @@ -0,0 +1,87 @@ +/* + Copyright 2016, Google, Inc. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +package com.example; + +// [START kms_quickstart] +// Imports the Google Cloud client library +import com.google.api.client.googleapis.auth.oauth2.GoogleCredential; +import com.google.api.client.http.HttpTransport; +import com.google.api.client.http.javanet.NetHttpTransport; +import com.google.api.client.json.JsonFactory; +import com.google.api.client.json.jackson2.JacksonFactory; +import com.google.api.services.cloudkms.v1beta1.CloudKMS; +import com.google.api.services.cloudkms.v1beta1.CloudKMSScopes; +import com.google.api.services.cloudkms.v1beta1.model.KeyRing; +import com.google.api.services.cloudkms.v1beta1.model.ListKeyRingsResponse; + +import java.io.IOException; + +public class Quickstart { + /** + * Creates an authorized CloudKMS client service using Application Default Credentials. + * + * @return an authorized CloudKMS client + * @throws IOException if there's an error getting the default credentials. + */ + public static CloudKMS createAuthorizedClient() throws IOException { + // Create the credential + HttpTransport transport = new NetHttpTransport(); + JsonFactory jsonFactory = new JacksonFactory(); + // Authorize the client using Application Default Credentials + // @see https://g.co/dv/identity/protocols/application-default-credentials + GoogleCredential credential = GoogleCredential.getApplicationDefault(transport, jsonFactory); + + // Depending on the environment that provides the default credentials (e.g. Compute Engine, App + // Engine), the credentials may require us to specify the scopes we need explicitly. + // Check for this case, and inject the scope if required. + if (credential.createScopedRequired()) { + credential = credential.createScoped(CloudKMSScopes.all()); + } + + return new CloudKMS.Builder(transport, jsonFactory, credential) + .setApplicationName("CloudKMS snippets") + .build(); + } + + public static void main(String... args) throws Exception { + String projectId = args[0]; + // The location of the Key Rings + String location = "global"; + + // Create the Cloud KMS client. + CloudKMS kms = createAuthorizedClient(); + + // The resource name of the cryptoKey + String keyRingPath = String.format( + "projects/%s/locations/%s", + projectId, location); + + // Make the RPC call + ListKeyRingsResponse response = kms.projects().locations() + .keyRings() + .list(keyRingPath) + .execute(); + + // Print the returned key rings + if (null != response.getKeyRings()) { + System.out.println("Key Rings: "); + for (KeyRing keyRing : response.getKeyRings()) { + System.out.println(keyRing.getName()); + } + } else { + System.out.println("No keyrings defined."); + } + } +} +// [END kms_quickstart] \ No newline at end of file diff --git a/kms/src/main/java/com/example/Snippets.java b/kms/src/main/java/com/example/Snippets.java index 42dd7329cd7..65e3bdc2c7e 100644 --- a/kms/src/main/java/com/example/Snippets.java +++ b/kms/src/main/java/com/example/Snippets.java @@ -67,6 +67,7 @@ public static CloudKMS createAuthorizedClient() throws IOException { .build(); } + // [START kms_create_keyring] /** * Creates a new key ring with the given id. */ @@ -86,7 +87,9 @@ public static KeyRing createKeyRing(String projectId, String ringId) throws IOEx System.out.println(keyring); return keyring; } + // [END kms_create_keyring] + // [START kms_create_cryptokey] /** * Creates a new crypto key with the given id. */ @@ -114,7 +117,9 @@ public static CryptoKey createCryptoKey(String projectId, String ringId, String System.out.println(createdKey); return createdKey; } + // [END kms_create_cryptokey] + // [START kms_create_cryptokey_version] /** * Creates a new crypto key version for the given id. */ @@ -138,7 +143,9 @@ public static void createCryptoKeyVersion( System.out.println(newVersion); } + // [END kms_create_cryptokey_version] + // [START kms_disable_cryptokey_version] /** * Disables the given version of the crypto key. */ @@ -166,7 +173,9 @@ public static CryptoKeyVersion disableCryptoKeyVersion( System.out.println(response); return response; } + // [END kms_disable_cryptokey_version] + // [START kms_destroy_cryptokey_version] /** * Marks the given version of a crypto key to be destroyed at a scheduled future point. */ @@ -192,7 +201,9 @@ public static CryptoKeyVersion destroyCryptoKeyVersion( System.out.println(destroyed); return destroyed; } + // [END kms_destroy_cryptokey_version] + // [START kms_get_cryptokey_policy] /** * Retrieves the IAM policy for the given crypto key. */ @@ -215,7 +226,9 @@ public static Policy getCryptoKeyPolicy(String projectId, String ringId, String System.out.println(iamPolicy.getBindings()); return iamPolicy; } + // [END kms_get_cryptokey_policy] + // [START kms_get_keyring_policy] /** * Retrieves the IAM policy for the given crypto key. */ @@ -237,7 +250,9 @@ public static Policy getKeyRingPolicy(String projectId, String ringId) throws IO System.out.println(iamPolicy.getBindings()); return iamPolicy; } + // [END kms_get_keyring_policy] + // [START kms_add_member_to_cryptokey_policy] /** * Adds the given member to the given key, with the given role. * @@ -296,7 +311,9 @@ public static Policy addMemberToCryptoKeyPolicy( System.out.println("Response: " + newIamPolicy); return newIamPolicy; } + // [END kms_add_member_to_cryptokey_policy] + // [START kms_add_member_to_keyring_policy] /** * Adds the given member to the given keyring, with the given role. * @@ -354,7 +371,9 @@ public static Policy addMemberToKeyRingPolicy( System.out.println("Response: " + newIamPolicy); return newIamPolicy; } + // [END kms_add_member_to_keyring_policy] + // [START kms_remove_member_from_cryptokey_policy] /** * Removes the given member from the given policy. */ @@ -395,7 +414,9 @@ public static Policy removeMemberFromCryptoKeyPolicy( System.out.println("Response: " + newIamPolicy); return newIamPolicy; } + // [END kms_remove_member_from_cryptokey_policy] + // [START kms_remove_member_from_keyring_policy] /** * Removes the given member from the given policy. */ @@ -431,6 +452,7 @@ public static Policy removeMemberFromKeyRingPolicy( System.out.println("Response: " + newIamPolicy); return newIamPolicy; } + // [END kms_remove_member_from_keyring_policy] /** * Prints all the keyrings in the given project. diff --git a/kms/src/test/java/com/example/QuickstartIT.java b/kms/src/test/java/com/example/QuickstartIT.java new file mode 100644 index 00000000000..35db9a9eace --- /dev/null +++ b/kms/src/test/java/com/example/QuickstartIT.java @@ -0,0 +1,71 @@ +/* + * Copyright (c) 2017 Google Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + */ + +package com.example; + +import static com.google.common.truth.Truth.assertThat; + +import org.junit.AfterClass; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.JUnit4; + +import java.io.ByteArrayOutputStream; +import java.io.PrintStream; + +/** + * Integration (system) tests for {@link Quickstart}. + */ +@RunWith(JUnit4.class) +@SuppressWarnings("checkstyle:abbreviationaswordinname") +public class QuickstartIT { + + private ByteArrayOutputStream bout; + private PrintStream out; + + @BeforeClass + public static void setUpClass() throws Exception { + SnippetsIT.setUpClass(); + ByteArrayOutputStream bout = new ByteArrayOutputStream(); + PrintStream out = new PrintStream(bout); + System.setOut(out); + } + + /** + * Destroys all the keys created during this test run. + */ + @AfterClass + public static void tearDownClass() throws Exception { + SnippetsIT.tearDownClass(); + } + + @Before + public void setUp() throws Exception { + bout = new ByteArrayOutputStream(); + out = new PrintStream(bout); + System.setOut(out); + + Snippets.createCryptoKeyVersion( + SnippetsIT.PROJECT_ID, SnippetsIT.KEY_RING_ID, SnippetsIT.CRYPTO_KEY_ID); + } + + @Test + public void listKeyRings_printsKeyRing() throws Exception { + Quickstart.main(SnippetsIT.PROJECT_ID); + + assertThat(bout.toString()).contains(String.format("keyRings/%s", SnippetsIT.KEY_RING_ID)); + } +}