From 4235422798e5fe48351dad9ff697211701b692e4 Mon Sep 17 00:00:00 2001 From: Martin Kanis Date: Fri, 6 Sep 2019 14:16:14 +0200 Subject: [PATCH] KEYCLOAK-11246 Use the transcription object for SMTP password --- .../keycloak/email/DefaultEmailSenderProvider.java | 5 ++++- .../jboss/common/vault/master_smtp__password | 1 + .../servers/auth-server/jboss/pom.xml | 1 + .../testsuite/admin/SMTPConnectionTest.java | 10 ++++++++-- .../testsuite/admin/SMTPConnectionVaultTest.java | 14 ++++++++++++++ .../src/test/resources/vault/master_smtp__password | 1 + 6 files changed, 29 insertions(+), 3 deletions(-) create mode 100644 testsuite/integration-arquillian/servers/auth-server/jboss/common/vault/master_smtp__password create mode 100644 testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/SMTPConnectionVaultTest.java create mode 100644 testsuite/integration-arquillian/tests/base/src/test/resources/vault/master_smtp__password diff --git a/services/src/main/java/org/keycloak/email/DefaultEmailSenderProvider.java b/services/src/main/java/org/keycloak/email/DefaultEmailSenderProvider.java index 23efd9048c..74da6f0cbb 100644 --- a/services/src/main/java/org/keycloak/email/DefaultEmailSenderProvider.java +++ b/services/src/main/java/org/keycloak/email/DefaultEmailSenderProvider.java @@ -24,6 +24,7 @@ import org.keycloak.models.UserModel; import org.keycloak.services.ServicesLogger; import org.keycloak.truststore.HostnameVerificationPolicy; import org.keycloak.truststore.JSSETruststoreConfigurator; +import org.keycloak.vault.VaultStringSecret; import javax.mail.Address; import javax.mail.MessagingException; @@ -135,7 +136,9 @@ public class DefaultEmailSenderProvider implements EmailSenderProvider { transport = session.getTransport("smtp"); if (auth) { - transport.connect(config.get("user"), config.get("password")); + try (VaultStringSecret vaultStringSecret = this.session.vault().getStringSecret(config.get("password"))) { + transport.connect(config.get("user"), vaultStringSecret.get().orElse(config.get("password"))); + } } else { transport.connect(); } diff --git a/testsuite/integration-arquillian/servers/auth-server/jboss/common/vault/master_smtp__password b/testsuite/integration-arquillian/servers/auth-server/jboss/common/vault/master_smtp__password new file mode 100644 index 0000000000..f77b00407e --- /dev/null +++ b/testsuite/integration-arquillian/servers/auth-server/jboss/common/vault/master_smtp__password @@ -0,0 +1 @@ +admin \ No newline at end of file diff --git a/testsuite/integration-arquillian/servers/auth-server/jboss/pom.xml b/testsuite/integration-arquillian/servers/auth-server/jboss/pom.xml index c3336d4c98..64c85eb344 100644 --- a/testsuite/integration-arquillian/servers/auth-server/jboss/pom.xml +++ b/testsuite/integration-arquillian/servers/auth-server/jboss/pom.xml @@ -221,6 +221,7 @@ master_smtp__key test_smtp__key consumer_oidc__idp + master_smtp__password diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/SMTPConnectionTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/SMTPConnectionTest.java index d06679f905..d54f72e312 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/SMTPConnectionTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/SMTPConnectionTest.java @@ -43,6 +43,8 @@ import static org.keycloak.util.JsonSerialization.writeValueAsPrettyString; */ public class SMTPConnectionTest extends AbstractKeycloakTest { + public final String SMTP_PASSWORD = setSmtpPassword(); + @Rule public GreenMailRule greenMailRule = new GreenMailRule(); private RealmResource realm; @@ -51,6 +53,10 @@ public class SMTPConnectionTest extends AbstractKeycloakTest { public void addTestRealms(List testRealms) { } + public String setSmtpPassword() { + return "admin"; + } + @Before public void before() { realm = adminClient.realm("master"); @@ -107,7 +113,7 @@ public class SMTPConnectionTest extends AbstractKeycloakTest { public void testWithAuthEnabledValidCredentials() throws Exception { greenMailRule.credentials("admin@localhost", "admin"); Response response = realm.testSMTPConnection(settings("127.0.0.1", "3025", "auto@keycloak.org", "true", null, null, - "admin@localhost", "admin")); + "admin@localhost", SMTP_PASSWORD)); assertStatus(response, 204); } @@ -117,7 +123,7 @@ public class SMTPConnectionTest extends AbstractKeycloakTest { Map oldSmtp = realmRep.getSmtpServer(); try { realmRep.setSmtpServer(smtpMap("127.0.0.1", "3025", "auto@keycloak.org", "true", null, null, - "admin@localhost", "admin", null, null)); + "admin@localhost", SMTP_PASSWORD, null, null)); realm.update(realmRep); greenMailRule.credentials("admin@localhost", "admin"); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/SMTPConnectionVaultTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/SMTPConnectionVaultTest.java new file mode 100644 index 0000000000..999dc7a367 --- /dev/null +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/SMTPConnectionVaultTest.java @@ -0,0 +1,14 @@ +package org.keycloak.testsuite.admin; + +/** + * @author Martin Kanis + */ +public class SMTPConnectionVaultTest extends SMTPConnectionTest { + + public final String SMTP_PASSWORD = setSmtpPassword(); + + @Override + public String setSmtpPassword() { + return "${vault.smtp_password}"; + } +} \ No newline at end of file diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/vault/master_smtp__password b/testsuite/integration-arquillian/tests/base/src/test/resources/vault/master_smtp__password new file mode 100644 index 0000000000..f77b00407e --- /dev/null +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/vault/master_smtp__password @@ -0,0 +1 @@ +admin \ No newline at end of file