Skip to content

Commit fe39ff6

Browse files
coltfredcoltfred
authored
Add TenantSecurityErrorCode for KMS_ACCOUNT_ISSUE. (#135)
* Add TenantSecurityErrorCode for KMS_ACCOUNT_ISSUE. * Add changelog entry * Update wording on compatibility * Bump version to 7.2.0
1 parent bf09250 commit fe39ff6

File tree

6 files changed

+168
-138
lines changed

6 files changed

+168
-138
lines changed

CHANGELOG.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,13 @@
11
# Changelog
22

3+
## v7.2.0
4+
5+
- Support TSP error code for KMS_ACCOUNT_ISSUE.
6+
7+
### Compatibility
8+
9+
KMS_ACCOUNT_ISSUE requires TSP 4.13.0+. If using TSC < 7.2.0 and TSP >= 4.13.0, these errors will come through as UNKNOWN_ERROR.
10+
311
## v7.1.0
412

513
- Send TSC language/version as headers on requests to the TSP. This will allow the TSP to report TSC versions along with its [metrics](https://ironcorelabs.com/docs/saas-shield/tenant-security-proxy/deployment/#metrics).

pom.xml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
<groupId>com.ironcorelabs</groupId>
99
<artifactId>tenant-security-java</artifactId>
1010
<packaging>jar</packaging>
11-
<version>7.1.0</version>
11+
<version>7.2.0</version>
1212
<name>tenant-security-java</name>
1313
<url>https://ironcorelabs.com/docs</url>
1414
<description>Java client library for the IronCore Labs Tenant Security Proxy.</description>
@@ -253,4 +253,4 @@
253253
</plugin>
254254
</plugins>
255255
</build>
256-
</project>
256+
</project>

src/main/java/com/ironcorelabs/tenantsecurity/kms/v1/TenantSecurityErrorCodes.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ public enum TenantSecurityErrorCodes {
3030
"Request to KMS failed because the key configuration was invalid or the necessary permissions for the operation were missing/revoked."),
3131
KMS_UNREACHABLE(208, "Request to KMS failed because KMS was unreachable."),
3232
KMS_THROTTLED(209, "Request to KMS failed because KMS throttled the Tenant Security Proxy."),
33-
33+
KMS_ACCOUNT_ISSUE(210, "Request to KMS failed because of an issue with the KMS account."),
3434
// map to SecurityEventException
3535
SECURITY_EVENT_REJECTED(301, "Tenant Security Proxy could not accept the security event"),
3636

src/main/java/com/ironcorelabs/tenantsecurity/kms/v1/TenantSecurityRequest.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -55,7 +55,7 @@ final class TenantSecurityRequest implements Closeable {
5555
private final int timeout;
5656

5757
// TSC version that will be sent to the TSP.
58-
static final String sdkVersion = "7.1.0";
58+
static final String sdkVersion = "7.2.0";
5959

6060
TenantSecurityRequest(String tspDomain, String apiKey, int requestThreadSize, int timeout) {
6161
HttpHeaders headers = new HttpHeaders();

src/test/java/com/ironcorelabs/tenantsecurity/kms/v1/ErrorResponseTest.java

Lines changed: 156 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,156 @@
1+
package com.ironcorelabs.tenantsecurity.kms.v1;
2+
3+
import static org.testng.Assert.assertEquals;
4+
import static org.testng.Assert.assertTrue;
5+
import java.io.ByteArrayInputStream;
6+
import java.io.ByteArrayOutputStream;
7+
import java.nio.ByteBuffer;
8+
import java.security.SecureRandom;
9+
import java.util.Arrays;
10+
import java.util.stream.IntStream;
11+
import org.testng.annotations.Test;
12+
import com.ironcorelabs.tenantsecurity.kms.v1.exception.KmsException;
13+
import com.ironcorelabs.tenantsecurity.kms.v1.exception.SecurityEventException;
14+
import com.ironcorelabs.tenantsecurity.kms.v1.exception.TenantSecurityException;
15+
import com.ironcorelabs.tenantsecurity.kms.v1.exception.TspServiceException;
16+
17+
@Test(groups = {"unit"})
18+
public class ErrorResponseTest {
19+
20+
public void exceptionFromErrorResponseTspServiceException() throws Exception {
21+
final String staticMsg = "static message";
22+
final int staticHttpCode = 42;
23+
24+
// TspServiceException
25+
ErrorResponse unableToMakeReqError =
26+
new ErrorResponse(TenantSecurityErrorCodes.UNABLE_TO_MAKE_REQUEST.getCode(), staticMsg);
27+
TenantSecurityException unableToMakeReqException =
28+
unableToMakeReqError.toTenantSecurityException(staticHttpCode);
29+
assertTspServiceException(staticMsg, staticHttpCode, unableToMakeReqException,
30+
TenantSecurityErrorCodes.UNABLE_TO_MAKE_REQUEST);
31+
32+
ErrorResponse unknownErrResp =
33+
new ErrorResponse(TenantSecurityErrorCodes.UNKNOWN_ERROR.getCode(), staticMsg);
34+
TenantSecurityException unknownErrException =
35+
unknownErrResp.toTenantSecurityException(staticHttpCode);
36+
assertTspServiceException(staticMsg, staticHttpCode, unknownErrException,
37+
TenantSecurityErrorCodes.UNKNOWN_ERROR);
38+
39+
ErrorResponse invalidRequestBody =
40+
new ErrorResponse(TenantSecurityErrorCodes.INVALID_REQUEST_BODY.getCode(), staticMsg);
41+
TenantSecurityException invalidRequestException =
42+
invalidRequestBody.toTenantSecurityException(staticHttpCode);
43+
assertTspServiceException(staticMsg, staticHttpCode, invalidRequestException,
44+
TenantSecurityErrorCodes.INVALID_REQUEST_BODY);
45+
46+
ErrorResponse unauthorizedReqErrResp =
47+
new ErrorResponse(TenantSecurityErrorCodes.UNAUTHORIZED_REQUEST.getCode(), staticMsg);
48+
TenantSecurityException unauthorizedReqException =
49+
unauthorizedReqErrResp.toTenantSecurityException(staticHttpCode);
50+
assertTspServiceException(staticMsg, staticHttpCode, unauthorizedReqException,
51+
TenantSecurityErrorCodes.UNAUTHORIZED_REQUEST);
52+
53+
// KmsException
54+
ErrorResponse noPrimaryKmsResp = new ErrorResponse(
55+
TenantSecurityErrorCodes.NO_PRIMARY_KMS_CONFIGURATION.getCode(), staticMsg);
56+
TenantSecurityException noPrimaryKmsException =
57+
noPrimaryKmsResp.toTenantSecurityException(staticHttpCode);
58+
assertKmsException(staticMsg, staticHttpCode, noPrimaryKmsException,
59+
TenantSecurityErrorCodes.NO_PRIMARY_KMS_CONFIGURATION);
60+
61+
ErrorResponse unknownTenantError = new ErrorResponse(
62+
TenantSecurityErrorCodes.UNKNOWN_TENANT_OR_NO_ACTIVE_KMS_CONFIGURATIONS.getCode(),
63+
staticMsg);
64+
TenantSecurityException unknownTenantException =
65+
unknownTenantError.toTenantSecurityException(staticHttpCode);
66+
assertKmsException(staticMsg, staticHttpCode, unknownTenantException,
67+
TenantSecurityErrorCodes.UNKNOWN_TENANT_OR_NO_ACTIVE_KMS_CONFIGURATIONS);
68+
69+
ErrorResponse kmsCfgDisabledError =
70+
new ErrorResponse(TenantSecurityErrorCodes.KMS_CONFIGURATION_DISABLED.getCode(), staticMsg);
71+
TenantSecurityException kmsCfgDisabledException =
72+
kmsCfgDisabledError.toTenantSecurityException(staticHttpCode);
73+
assertKmsException(staticMsg, staticHttpCode, kmsCfgDisabledException,
74+
TenantSecurityErrorCodes.KMS_CONFIGURATION_DISABLED);
75+
76+
ErrorResponse invalidEdekErrResp =
77+
new ErrorResponse(TenantSecurityErrorCodes.INVALID_PROVIDED_EDEK.getCode(), staticMsg);
78+
TenantSecurityException invalidEdekException =
79+
invalidEdekErrResp.toTenantSecurityException(staticHttpCode);
80+
assertKmsException(staticMsg, staticHttpCode, invalidEdekException,
81+
TenantSecurityErrorCodes.INVALID_PROVIDED_EDEK);
82+
83+
ErrorResponse unwrapError =
84+
new ErrorResponse(TenantSecurityErrorCodes.KMS_UNWRAP_FAILED.getCode(), staticMsg);
85+
TenantSecurityException unwrapException = unwrapError.toTenantSecurityException(staticHttpCode);
86+
assertKmsException(staticMsg, staticHttpCode, unwrapException,
87+
TenantSecurityErrorCodes.KMS_UNWRAP_FAILED);
88+
89+
ErrorResponse wrapError =
90+
new ErrorResponse(TenantSecurityErrorCodes.KMS_WRAP_FAILED.getCode(), staticMsg);
91+
TenantSecurityException kmsWrapException = wrapError.toTenantSecurityException(staticHttpCode);
92+
assertKmsException(staticMsg, staticHttpCode, kmsWrapException,
93+
TenantSecurityErrorCodes.KMS_WRAP_FAILED);
94+
95+
ErrorResponse kmsAuthError =
96+
new ErrorResponse(TenantSecurityErrorCodes.KMS_AUTHORIZATION_FAILED.getCode(), staticMsg);
97+
TenantSecurityException kmsAuthException =
98+
kmsAuthError.toTenantSecurityException(staticHttpCode);
99+
assertKmsException(staticMsg, staticHttpCode, kmsAuthException,
100+
TenantSecurityErrorCodes.KMS_AUTHORIZATION_FAILED);
101+
102+
ErrorResponse kmsConfigInvalidError =
103+
new ErrorResponse(TenantSecurityErrorCodes.KMS_CONFIGURATION_INVALID.getCode(), staticMsg);
104+
TenantSecurityException kmsConfigInvalidException =
105+
kmsConfigInvalidError.toTenantSecurityException(staticHttpCode);
106+
assertKmsException(staticMsg, staticHttpCode, kmsConfigInvalidException,
107+
TenantSecurityErrorCodes.KMS_CONFIGURATION_INVALID);
108+
109+
ErrorResponse foo =
110+
new ErrorResponse(TenantSecurityErrorCodes.KMS_ACCOUNT_ISSUE.getCode(), staticMsg);
111+
TenantSecurityException fooException = foo.toTenantSecurityException(staticHttpCode);
112+
assertKmsException(staticMsg, staticHttpCode, fooException,
113+
TenantSecurityErrorCodes.KMS_ACCOUNT_ISSUE);
114+
115+
ErrorResponse kmsUnreachableError =
116+
new ErrorResponse(TenantSecurityErrorCodes.KMS_UNREACHABLE.getCode(), staticMsg);
117+
TenantSecurityException kmsUnreachableException =
118+
kmsUnreachableError.toTenantSecurityException(staticHttpCode);
119+
assertKmsException(staticMsg, staticHttpCode, kmsUnreachableException,
120+
TenantSecurityErrorCodes.KMS_UNREACHABLE);
121+
122+
// SecurityEventException
123+
ErrorResponse securityEventRejectedError =
124+
new ErrorResponse(TenantSecurityErrorCodes.SECURITY_EVENT_REJECTED.getCode(), staticMsg);
125+
TenantSecurityException securityEventRejectedException =
126+
securityEventRejectedError.toTenantSecurityException(staticHttpCode);
127+
assertSecurityEventException(staticMsg, staticHttpCode, securityEventRejectedException,
128+
TenantSecurityErrorCodes.SECURITY_EVENT_REJECTED);
129+
}
130+
131+
private void assertTspServiceException(String expectedMsg, int expectedHttpStatusCode,
132+
TenantSecurityException exception, TenantSecurityErrorCodes errorCode) {
133+
assertTenantSecurityException(expectedMsg, expectedHttpStatusCode, exception, errorCode);
134+
assertTrue(exception instanceof TspServiceException);
135+
}
136+
137+
private void assertSecurityEventException(String expectedMsg, int expectedHttpStatusCode,
138+
TenantSecurityException exception, TenantSecurityErrorCodes errorCode) {
139+
assertTenantSecurityException(expectedMsg, expectedHttpStatusCode, exception, errorCode);
140+
assertTrue(exception instanceof SecurityEventException);
141+
}
142+
143+
private void assertKmsException(String expectedMsg, int expectedHttpStatusCode,
144+
TenantSecurityException exception, TenantSecurityErrorCodes errorCode) {
145+
assertTenantSecurityException(expectedMsg, expectedHttpStatusCode, exception, errorCode);
146+
assertTrue(exception instanceof KmsException);
147+
}
148+
149+
private void assertTenantSecurityException(String expectedMsg, int expectedHttpStatusCode,
150+
TenantSecurityException exception, TenantSecurityErrorCodes errorCode) {
151+
assertEquals(errorCode, exception.getErrorCode());
152+
assertEquals(exception.getHttpResponseCode(), expectedHttpStatusCode);
153+
assertEquals(exception.getMessage(), expectedMsg);
154+
}
155+
156+
}

src/test/java/com/ironcorelabs/tenantsecurity/kms/v1/KMSRequestTest.java

Lines changed: 0 additions & 134 deletions
Original file line numberDiff line numberDiff line change
@@ -9,11 +9,7 @@
99
import java.util.Map;
1010
import java.util.concurrent.CompletableFuture;
1111
import java.util.concurrent.ExecutionException;
12-
13-
import com.ironcorelabs.tenantsecurity.kms.v1.exception.KmsException;
14-
import com.ironcorelabs.tenantsecurity.kms.v1.exception.SecurityEventException;
1512
import com.ironcorelabs.tenantsecurity.kms.v1.exception.TenantSecurityException;
16-
import com.ironcorelabs.tenantsecurity.kms.v1.exception.TspServiceException;
1713
import org.testng.annotations.Test;
1814

1915
@Test(groups = {"dev-integration"})
@@ -85,134 +81,4 @@ public void errorCodeWhenEdekFormatIsWrong() throws Exception {
8581
}
8682
}
8783

88-
public void exceptionFromErrorResponseTspServiceException() throws Exception {
89-
final String staticMsg = "static message";
90-
final int staticHttpCode = 42;
91-
92-
// TspServiceException
93-
ErrorResponse unableToMakeReqError =
94-
new ErrorResponse(TenantSecurityErrorCodes.UNABLE_TO_MAKE_REQUEST.getCode(), staticMsg);
95-
TenantSecurityException unableToMakeReqException =
96-
unableToMakeReqError.toTenantSecurityException(staticHttpCode);
97-
assertTspServiceException(staticMsg, staticHttpCode, unableToMakeReqException,
98-
TenantSecurityErrorCodes.UNABLE_TO_MAKE_REQUEST);
99-
100-
ErrorResponse unknownErrResp =
101-
new ErrorResponse(TenantSecurityErrorCodes.UNKNOWN_ERROR.getCode(), staticMsg);
102-
TenantSecurityException unknownErrException =
103-
unknownErrResp.toTenantSecurityException(staticHttpCode);
104-
assertTspServiceException(staticMsg, staticHttpCode, unknownErrException,
105-
TenantSecurityErrorCodes.UNKNOWN_ERROR);
106-
107-
ErrorResponse invalidRequestBody =
108-
new ErrorResponse(TenantSecurityErrorCodes.INVALID_REQUEST_BODY.getCode(), staticMsg);
109-
TenantSecurityException invalidRequestException =
110-
invalidRequestBody.toTenantSecurityException(staticHttpCode);
111-
assertTspServiceException(staticMsg, staticHttpCode, invalidRequestException,
112-
TenantSecurityErrorCodes.INVALID_REQUEST_BODY);
113-
114-
ErrorResponse unauthorizedReqErrResp =
115-
new ErrorResponse(TenantSecurityErrorCodes.UNAUTHORIZED_REQUEST.getCode(), staticMsg);
116-
TenantSecurityException unauthorizedReqException =
117-
unauthorizedReqErrResp.toTenantSecurityException(staticHttpCode);
118-
assertTspServiceException(staticMsg, staticHttpCode, unauthorizedReqException,
119-
TenantSecurityErrorCodes.UNAUTHORIZED_REQUEST);
120-
121-
// KmsException
122-
ErrorResponse noPrimaryKmsResp = new ErrorResponse(
123-
TenantSecurityErrorCodes.NO_PRIMARY_KMS_CONFIGURATION.getCode(), staticMsg);
124-
TenantSecurityException noPrimaryKmsException =
125-
noPrimaryKmsResp.toTenantSecurityException(staticHttpCode);
126-
assertKmsException(staticMsg, staticHttpCode, noPrimaryKmsException,
127-
TenantSecurityErrorCodes.NO_PRIMARY_KMS_CONFIGURATION);
128-
129-
ErrorResponse unknownTenantError = new ErrorResponse(
130-
TenantSecurityErrorCodes.UNKNOWN_TENANT_OR_NO_ACTIVE_KMS_CONFIGURATIONS.getCode(),
131-
staticMsg);
132-
TenantSecurityException unknownTenantException =
133-
unknownTenantError.toTenantSecurityException(staticHttpCode);
134-
assertKmsException(staticMsg, staticHttpCode, unknownTenantException,
135-
TenantSecurityErrorCodes.UNKNOWN_TENANT_OR_NO_ACTIVE_KMS_CONFIGURATIONS);
136-
137-
ErrorResponse kmsCfgDisabledError =
138-
new ErrorResponse(TenantSecurityErrorCodes.KMS_CONFIGURATION_DISABLED.getCode(), staticMsg);
139-
TenantSecurityException kmsCfgDisabledException =
140-
kmsCfgDisabledError.toTenantSecurityException(staticHttpCode);
141-
assertKmsException(staticMsg, staticHttpCode, kmsCfgDisabledException,
142-
TenantSecurityErrorCodes.KMS_CONFIGURATION_DISABLED);
143-
144-
ErrorResponse invalidEdekErrResp =
145-
new ErrorResponse(TenantSecurityErrorCodes.INVALID_PROVIDED_EDEK.getCode(), staticMsg);
146-
TenantSecurityException invalidEdekException =
147-
invalidEdekErrResp.toTenantSecurityException(staticHttpCode);
148-
assertKmsException(staticMsg, staticHttpCode, invalidEdekException,
149-
TenantSecurityErrorCodes.INVALID_PROVIDED_EDEK);
150-
151-
ErrorResponse unwrapError =
152-
new ErrorResponse(TenantSecurityErrorCodes.KMS_UNWRAP_FAILED.getCode(), staticMsg);
153-
TenantSecurityException unwrapException = unwrapError.toTenantSecurityException(staticHttpCode);
154-
assertKmsException(staticMsg, staticHttpCode, unwrapException,
155-
TenantSecurityErrorCodes.KMS_UNWRAP_FAILED);
156-
157-
ErrorResponse wrapError =
158-
new ErrorResponse(TenantSecurityErrorCodes.KMS_WRAP_FAILED.getCode(), staticMsg);
159-
TenantSecurityException kmsWrapException = wrapError.toTenantSecurityException(staticHttpCode);
160-
assertKmsException(staticMsg, staticHttpCode, kmsWrapException,
161-
TenantSecurityErrorCodes.KMS_WRAP_FAILED);
162-
163-
ErrorResponse kmsAuthError =
164-
new ErrorResponse(TenantSecurityErrorCodes.KMS_AUTHORIZATION_FAILED.getCode(), staticMsg);
165-
TenantSecurityException kmsAuthException =
166-
kmsAuthError.toTenantSecurityException(staticHttpCode);
167-
assertKmsException(staticMsg, staticHttpCode, kmsAuthException,
168-
TenantSecurityErrorCodes.KMS_AUTHORIZATION_FAILED);
169-
170-
ErrorResponse kmsConfigInvalidError =
171-
new ErrorResponse(TenantSecurityErrorCodes.KMS_CONFIGURATION_INVALID.getCode(), staticMsg);
172-
TenantSecurityException kmsConfigInvalidException =
173-
kmsConfigInvalidError.toTenantSecurityException(staticHttpCode);
174-
assertKmsException(staticMsg, staticHttpCode, kmsConfigInvalidException,
175-
TenantSecurityErrorCodes.KMS_CONFIGURATION_INVALID);
176-
177-
ErrorResponse kmsUnreachableError =
178-
new ErrorResponse(TenantSecurityErrorCodes.KMS_UNREACHABLE.getCode(), staticMsg);
179-
TenantSecurityException kmsUnreachableException =
180-
kmsUnreachableError.toTenantSecurityException(staticHttpCode);
181-
assertKmsException(staticMsg, staticHttpCode, kmsUnreachableException,
182-
TenantSecurityErrorCodes.KMS_UNREACHABLE);
183-
184-
// SecurityEventException
185-
ErrorResponse securityEventRejectedError =
186-
new ErrorResponse(TenantSecurityErrorCodes.SECURITY_EVENT_REJECTED.getCode(), staticMsg);
187-
TenantSecurityException securityEventRejectedException =
188-
securityEventRejectedError.toTenantSecurityException(staticHttpCode);
189-
assertSecurityEventException(staticMsg, staticHttpCode, securityEventRejectedException,
190-
TenantSecurityErrorCodes.SECURITY_EVENT_REJECTED);
191-
}
192-
193-
private void assertTspServiceException(String expectedMsg, int expectedHttpStatusCode,
194-
TenantSecurityException exception, TenantSecurityErrorCodes errorCode) {
195-
assertTenantSecurityException(expectedMsg, expectedHttpStatusCode, exception, errorCode);
196-
assertTrue(exception instanceof TspServiceException);
197-
}
198-
199-
private void assertSecurityEventException(String expectedMsg, int expectedHttpStatusCode,
200-
TenantSecurityException exception, TenantSecurityErrorCodes errorCode) {
201-
assertTenantSecurityException(expectedMsg, expectedHttpStatusCode, exception, errorCode);
202-
assertTrue(exception instanceof SecurityEventException);
203-
}
204-
205-
private void assertKmsException(String expectedMsg, int expectedHttpStatusCode,
206-
TenantSecurityException exception, TenantSecurityErrorCodes errorCode) {
207-
assertTenantSecurityException(expectedMsg, expectedHttpStatusCode, exception, errorCode);
208-
assertTrue(exception instanceof KmsException);
209-
}
210-
211-
private void assertTenantSecurityException(String expectedMsg, int expectedHttpStatusCode,
212-
TenantSecurityException exception, TenantSecurityErrorCodes errorCode) {
213-
assertEquals(errorCode, exception.getErrorCode());
214-
assertEquals(exception.getHttpResponseCode(), expectedHttpStatusCode);
215-
assertEquals(exception.getMessage(), expectedMsg);
216-
}
217-
21884
}

0 commit comments

Comments
 (0)