wip: add tests

marceljk · marceljk · commit bec9223aaf12 · 2025-08-01T17:31:06.000+02:00
diff --git a/core/src/main/java/cloud/stackit/sdk/core/KeyFlowAuthenticator.java b/core/src/main/java/cloud/stackit/sdk/core/KeyFlowAuthenticator.java
@@ -178,7 +178,7 @@ private String generateSelfSignedJWT() throws InvalidKeySpecException, NoSuchAlg
 
         return JWT.create()
                 .withIssuer(saKey.getCredentials().getIss())
-                .withSubject(saKey.getCredentials().getSub().toString())
+                .withSubject(saKey.getCredentials().getSub())
                 .withJWTId(UUID.randomUUID().toString())
                 .withAudience(saKey.getCredentials().getAud())
                 .withIssuedAt(new Date())
diff --git a/core/src/main/java/cloud/stackit/sdk/core/auth/SetupAuth.java b/core/src/main/java/cloud/stackit/sdk/core/auth/SetupAuth.java
@@ -36,11 +36,11 @@ public class SetupAuth {
      * Set up the KeyFlow Authentication and can be integrated in an OkHttp client, by adding `SetupAuth().getAuthHandler()` as interceptor.
      * This relies on the configuration methods via ENVs or the credentials file in `$HOME/.stackit/credentials.json`
      * @throws IOException when a file can be found
-     * @throws CredentialNotFoundException when no configuration is set or can be found
+     * @throws CredentialsInFileNotFoundException when no configuration is set or can be found
      * @throws InvalidKeySpecException when the private key can not be parsed
      * @throws ApiException when access token creation failed
      */
-    public SetupAuth() throws IOException, InvalidKeySpecException, CredentialNotFoundException, ApiException {
+    public SetupAuth() throws IOException, InvalidKeySpecException, CredentialsInFileNotFoundException, ApiException {
         this(new CoreConfiguration.Builder().build());
     }
 
diff --git a/core/src/main/java/cloud/stackit/sdk/core/model/ServiceAccountCredentials.java b/core/src/main/java/cloud/stackit/sdk/core/model/ServiceAccountCredentials.java
@@ -13,9 +13,9 @@ public class ServiceAccountCredentials {
     private final String iss;
     private final String kid;
     private String privateKey;
-    private final UUID sub;
+    private final String sub;
 
-    public ServiceAccountCredentials(String aud, String iss, String kid, String privateKey, UUID sub) {
+    public ServiceAccountCredentials(String aud, String iss, String kid, String privateKey, String sub) {
         this.aud = aud;
         this.iss = iss;
         this.kid = kid;
@@ -47,7 +47,7 @@ public boolean isPrivateKeySet() {
         return privateKey != null && !privateKey.trim().isEmpty();
     }
 
-    public UUID getSub() {
+    public String getSub() {
         return sub;
     }
 
diff --git a/core/src/main/java/cloud/stackit/sdk/core/model/ServiceAccountKey.java b/core/src/main/java/cloud/stackit/sdk/core/model/ServiceAccountKey.java
@@ -3,12 +3,6 @@
 import com.google.gson.Gson;
 import com.google.gson.JsonSyntaxException;
 
-import java.security.KeyFactory;
-import java.security.NoSuchAlgorithmException;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.Base64;
 import java.util.Date;
 
 public class ServiceAccountKey {
@@ -70,17 +64,6 @@ public ServiceAccountCredentials getCredentials() {
         return credentials;
     }
 
-    public RSAPublicKey getPublicKeyParsed() throws NoSuchAlgorithmException, InvalidKeySpecException {
-        String trimmedKey = publicKey.replaceFirst("-----BEGIN PUBLIC KEY-----", "");
-        trimmedKey = trimmedKey.replaceFirst("-----END PUBLIC KEY-----", "");
-        trimmedKey = trimmedKey.replaceAll("\n","");
-
-        byte[] publicBytes = Base64.getDecoder().decode(trimmedKey);
-        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicBytes);
-        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
-        return (RSAPublicKey) keyFactory.generatePublic(keySpec);
-    }
-
     public static ServiceAccountKey loadFromJson(String json) throws JsonSyntaxException {
         ServiceAccountKey saKey = new Gson().fromJson(json, ServiceAccountKey.class);
         if (!saKey.isCredentialsSet()) {
diff --git a/core/src/test/java/cloud/stackit/sdk/core/config/CoreConfigurationTest.java b/core/src/test/java/cloud/stackit/sdk/core/config/CoreConfigurationTest.java
@@ -0,0 +1,200 @@
+package cloud.stackit.sdk.core.config;
+
+import org.junit.jupiter.api.Test;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+class CoreConfigurationTest {
+
+    @Test
+    void getDefaultHeader() {
+        HashMap<String, String> map = new HashMap<String, String>();
+        map.put("key", "value");
+        CoreConfiguration cfg =
+                new CoreConfiguration.Builder().
+                        defaultHeader(map).
+                        build();
+        Map<String, String> cfgHeader = cfg.getDefaultHeader();
+
+        assertEquals(map, cfgHeader);
+    }
+
+    @Test
+    void getServiceAccountKey() {
+        final String saKey = "<sa-key>";
+
+        CoreConfiguration cfg = new CoreConfiguration.Builder()
+                .serviceAccountKey(saKey)
+                .build();
+
+        String cfgSaKey = cfg.getServiceAccountKey();
+
+        assertEquals(saKey, cfgSaKey);
+    }
+
+    @Test
+    void getServiceAccountKeyPath() {
+        final String saKeyPath = "<sa-key-path>";
+
+        CoreConfiguration cfg = new CoreConfiguration.Builder()
+                .serviceAccountKeyPath(saKeyPath)
+                .build();
+
+        String cfgSaKeyPath = cfg.getServiceAccountKeyPath();
+
+        assertEquals(saKeyPath, cfgSaKeyPath);
+    }
+
+    @Test
+    void getPrivateKeyPath() {
+        final String privateKeyPath = "<private-key-path>";
+
+        CoreConfiguration cfg = new CoreConfiguration.Builder()
+                .privateKeyPath(privateKeyPath)
+                .build();
+
+        String cfgPrivateKeyPath = cfg.getPrivateKeyPath();
+
+        assertEquals(privateKeyPath, cfgPrivateKeyPath);
+    }
+
+    @Test
+    void getPrivateKey() {
+        final String privateKey = "<private-key>";
+
+        CoreConfiguration cfg = new CoreConfiguration.Builder()
+                .privateKey(privateKey)
+                .build();
+
+        String cfgPrivateKey = cfg.getPrivateKey();
+
+        assertEquals(privateKey, cfgPrivateKey);
+    }
+
+    @Test
+    void getCustomEndpoint() {
+        final String customEndpoint = "<custom-endpoint>";
+
+        CoreConfiguration cfg = new CoreConfiguration.Builder()
+                .customEndpoint(customEndpoint)
+                .build();
+
+        String cfgCustomEndpoint = cfg.getCustomEndpoint();
+
+        assertEquals(customEndpoint, cfgCustomEndpoint);
+    }
+
+    @Test
+    void getCredentialsFilePath() {
+        final String credFilePath = "<cred-file-path>";
+
+        CoreConfiguration cfg = new CoreConfiguration.Builder()
+                .credentialsFilePath(credFilePath)
+                .build();
+
+        String cfgCredentialsFilePath = cfg.getCredentialsFilePath();
+
+        assertEquals(credFilePath, cfgCredentialsFilePath);
+    }
+
+    @Test
+    void getTokenCustomUrl() {
+        final String tokenCustomUrl = "<token-custom-url>";
+
+        CoreConfiguration cfg = new CoreConfiguration.Builder()
+                .tokenCustomUrl(tokenCustomUrl)
+                .build();
+
+        String cfgTokenUrl = cfg.getTokenCustomUrl();
+
+        assertEquals(tokenCustomUrl, cfgTokenUrl);
+    }
+
+    @Test
+    void getTokenExpirationLeeway() {
+        final long tokenExpireLeeway = 100;
+
+        CoreConfiguration cfg = new CoreConfiguration.Builder()
+                .tokenExpirationLeeway(tokenExpireLeeway)
+                .build();
+
+        Long cfgTokenExpirationLeeway = cfg.getTokenExpirationLeeway();
+
+        assertEquals(tokenExpireLeeway, cfgTokenExpirationLeeway);
+    }
+
+    @Test
+    void getDefaultHeader_not_set() {
+        CoreConfiguration cfg = new CoreConfiguration.Builder().build();
+        Map<String, String> defaultHeader = cfg.getDefaultHeader();
+
+        assertNull(defaultHeader);
+    }
+
+    @Test
+    void getServiceAccountKey_not_set() {
+        CoreConfiguration cfg = new CoreConfiguration.Builder().build();
+        String serviceAccountKey = cfg.getServiceAccountKey();
+
+        assertNull(serviceAccountKey);
+    }
+
+    @Test
+    void getServiceAccountKeyPath_not_set() {
+        CoreConfiguration cfg = new CoreConfiguration.Builder().build();
+        String serviceAccountKeyPath = cfg.getServiceAccountKeyPath();
+
+        assertNull(serviceAccountKeyPath);
+    }
+
+    @Test
+    void getPrivateKeyPath_not_set() {
+        CoreConfiguration cfg = new CoreConfiguration.Builder().build();
+        String privateKeyPath = cfg.getPrivateKeyPath();
+
+        assertNull(privateKeyPath);
+    }
+
+    @Test
+    void getPrivateKey_not_set() {
+        CoreConfiguration cfg = new CoreConfiguration.Builder().build();
+        String privateKey = cfg.getPrivateKey();
+
+        assertNull(privateKey);
+    }
+
+    @Test
+    void getCustomEndpoint_not_set() {
+        CoreConfiguration cfg = new CoreConfiguration.Builder().build();
+        String customEndpoint = cfg.getCustomEndpoint();
+
+        assertNull(customEndpoint);
+    }
+
+    @Test
+    void getCredentialsFilePath_not_set() {
+        CoreConfiguration cfg = new CoreConfiguration.Builder().build();
+        String credentialsFilePath = cfg.getCredentialsFilePath();
+
+        assertNull(credentialsFilePath);
+    }
+
+    @Test
+    void getTokenCustomUrl_not_set() {
+        CoreConfiguration cfg = new CoreConfiguration.Builder().build();
+        String tokenCustomUrl = cfg.getTokenCustomUrl();
+
+        assertNull(tokenCustomUrl);
+    }
+
+    @Test
+    void getTokenExpirationLeeway_not_set() {
+        CoreConfiguration cfg = new CoreConfiguration.Builder().build();
+        Long tokenExpirationLeeway = cfg.getTokenExpirationLeeway();
+
+        assertNull(tokenExpirationLeeway);
+    }
+}
diff --git a/core/src/test/java/cloud/stackit/sdk/core/model/ServiceAccountCredentialsTest.java b/core/src/test/java/cloud/stackit/sdk/core/model/ServiceAccountCredentialsTest.java
@@ -0,0 +1,84 @@
+package cloud.stackit.sdk.core.model;
+
+import org.junit.jupiter.api.Test;
+
+import java.security.spec.InvalidKeySpecException;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+class ServiceAccountCredentialsTest {
+
+    @Test
+    void isPrivateKeySet_null_returnsFalse() {
+        ServiceAccountCredentials saCreds = new ServiceAccountCredentials(null, null, null, null, null);
+
+        assertFalse(
+                saCreds.isPrivateKeySet()
+        );
+    }
+
+    @Test
+    void isPrivateKeySet_emptyString_returnsFalse() {
+        ServiceAccountCredentials saCreds = new ServiceAccountCredentials(null, null, null, "", null);
+
+        assertFalse(
+                saCreds.isPrivateKeySet()
+        );
+    }
+
+    @Test
+    void isPrivateKeySet_emptyStringWhitespaces_returnsFalse() {
+        ServiceAccountCredentials saCreds = new ServiceAccountCredentials(null, null, null, "  ", null);
+
+        assertFalse(
+                saCreds.isPrivateKeySet()
+        );
+    }
+
+    @Test
+    void isPrivateKeySet_string_returnsFalse() {
+        ServiceAccountCredentials saCreds = new ServiceAccountCredentials(null, null, null, "my-private-key", null);
+
+        assertTrue(
+                saCreds.isPrivateKeySet()
+        );
+    }
+
+    @Test
+    void getPrivateKeyParsed_notBase64Key_throwsException() {
+        ServiceAccountCredentials saCreds = new ServiceAccountCredentials(null, null, null, "my-private-key", null);
+
+        assertThrows(
+                IllegalArgumentException.class,
+                saCreds::getPrivateKeyParsed
+        );
+    }
+
+    @Test
+    void getPrivateKeyParsed_invalidKey_throwsException() {
+        ServiceAccountCredentials saCreds = new ServiceAccountCredentials(null, null, null, "bXktcHJpdmF0ZS1rZXk=", null);
+
+        assertThrows(
+                InvalidKeySpecException.class,
+                saCreds::getPrivateKeyParsed
+        );
+    }
+
+    @Test
+    void getPrivateKeyParsed_validKey_returnsRsaKey() {
+        final String privateKey = "-----BEGIN PRIVATE KEY-----\n" +
+                "MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAqPfgaTEWEP3S9w0t\n" +
+                "gsicURfo+nLW09/0KfOPinhYZ4ouzU+3xC4pSlEp8Ut9FgL0AgqNslNaK34Kq+NZ\n" +
+                "jO9DAQIDAQABAkAgkuLEHLaqkWhLgNKagSajeobLS3rPT0Agm0f7k55FXVt743hw\n" +
+                "Ngkp98bMNrzy9AQ1mJGbQZGrpr4c8ZAx3aRNAiEAoxK/MgGeeLui385KJ7ZOYktj\n" +
+                "hLBNAB69fKwTZFsUNh0CIQEJQRpFCcydunv2bENcN/oBTRw39E8GNv2pIcNxZkcb\n" +
+                "NQIgbYSzn3Py6AasNj6nEtCfB+i1p3F35TK/87DlPSrmAgkCIQDJLhFoj1gbwRbH\n" +
+                "/bDRPrtlRUDDx44wHoEhSDRdy77eiQIgE6z/k6I+ChN1LLttwX0galITxmAYrOBh\n" +
+                "BVl433tgTTQ=\n" +
+                "-----END PRIVATE KEY-----";
+
+        ServiceAccountCredentials saCreds = new ServiceAccountCredentials(null, null, null, privateKey, null);
+
+        assertDoesNotThrow(saCreds::getPrivateKeyParsed);
+    }
+}
diff --git a/core/src/test/java/cloud/stackit/sdk/core/model/ServiceAccountKeyTest.java b/core/src/test/java/cloud/stackit/sdk/core/model/ServiceAccountKeyTest.java
