Redact KeyVault secret in response body of the playback file (Azure#2…

…3325)
AzureSDKAutomation · Aug 3, 2021 · fd6b9ab · fd6b9ab
1 parent 2f2b42f
commit fd6b9ab
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 13 deletions.
diff --git a/...e-keyvault/src/test/java/com/microsoft/azure/keyvault/test/CertificateOperationsTest.java b/...e-keyvault/src/test/java/com/microsoft/azure/keyvault/test/CertificateOperationsTest.java
@@ -580,17 +580,20 @@ public void importCertificatePkcs12ForCertificateOperationsTest() throws Excepti
         Assert.assertTrue(x509Certificate.getSubjectX500Principal().getName().equals("CN=KeyVaultTest"));
         Assert.assertTrue(x509Certificate.getIssuerX500Principal().getName().equals("CN=Root Agency"));
 
-        // Retrieve the secret backing the certificate
-        SecretIdentifier secretIdentifier = certificateBundle.secretIdentifier();
-        SecretBundle secret = keyVaultClient.getSecret(secretIdentifier.baseIdentifier());
-        Assert.assertTrue(secret.managed());
-
-        // Load the secret into a KeyStore
-        String secretPassword = "";
-        KeyStore keyStore = loadSecretToKeyStore(secret, secretPassword);
-
-        // Validate the certificate and key in the KeyStore
-        validateCertificateKeyInKeyStore(keyStore, x509Certificate, secretPassword);
+        // Skip retrieving secret in playback mode because the cert in response body is redacted in the playback file.
+        if (interceptorManager.isRecordMode()) {
+            // Retrieve the secret backing the certificate
+            SecretIdentifier secretIdentifier = certificateBundle.secretIdentifier();
+            SecretBundle secret = keyVaultClient.getSecret(secretIdentifier.baseIdentifier());
+            Assert.assertTrue(secret.managed());
+
+            // Load the secret into a KeyStore
+            String secretPassword = "";
+            KeyStore keyStore = loadSecretToKeyStore(secret, secretPassword);
+
+            // Validate the certificate and key in the KeyStore
+            validateCertificateKeyInKeyStore(keyStore, x509Certificate, secretPassword);
+        }
 
         CertificateBundle deletedCertificateBundle = keyVaultClient.deleteCertificate(getVaultUri(), certificateName);
         pollOnCertificateDeletion(getVaultUri(), certificateName);

diff --git a/...c/test/resources/session-records/importCertificatePkcs12ForCertificateOperationsTest.json b/...c/test/resources/session-records/importCertificatePkcs12ForCertificateOperationsTest.json
@@ -78,7 +78,7 @@
       "cache-control" : "no-cache",
       "x-ms-keyvault-service-version" : "1.1.0.859",
       "x-ms-request-id" : "5b886689-c4ee-4a64-9f8a-d8d8d0a07394",
-      "Body" : "{\"value\":\"MIIJKAIBAzCCCOgGCSqGSIb3DQEHAaCCCNkEggjVMIII0TCCBfoGCSqGSIb3DQEHAaCCBesEggXnMIIF4zCCBd8GCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAjHcCOHBv9sTgICB9AEggTYyuWdpgBmMbf9rbrvyyGe3HXVyXZgpepgNbQeGjS5eFypOSe1H1LZoV+zTltAOgpUJX85pm5CFXb8RmcE16ojQ8hEZkcuJXcRI+07ovGz6bbSNq7V9ljM62TwUMNemhUTsqs1IEy9VRCddrRzDwfUqMnrhJAyPZ+jMg7MjyHtEqdPRMMeaadYv5cuksr8I21GTFJBHwDPCqs6YGRWAZPk2wr1F08WoQ3usWOwXGPvUUB7C2jt1DQGF56cDo6kEDHAPWpHSz8Z7oZDMWCx6jWJ6tSMSAVkuH3mcmW71dbLOTGdG7yN0tw8NYW0/Rd3BsjQ/tCWrt/+KS3u5doremlw+3bEQR7mnx+4YDtvBH29shRCxUA3luDx1j1nQnT0Ua57VEfk15lVpcqlHb+Xoaw71AB7UaWjX4/fgqJfhpfj0eqsu1i8ogxq5kj2eEw23NzpnpwmLfTRXxrDN8PeAPv/L1Nz/ch9KVe6xSiuAZ4WWwi/UBtRoVRBuBC7Awv6NdweRn2GQOQ5LlmG/1upp348paZ9i1GNHOavH3PSAcVJdk4gmbbkxcHf+Wo/CJOVtcu1MIwe2tGInHfmnapMO/MetTR70LJ5AUN8kWIY9xDX1nF78rjyUHxQCL4Kho3JNDbvfR/p6nq5npiLZ+8TTVRdg4luH7YbwfkWVlpUKzYyCXbISe+LCTrktr7jODei2NiBMABd25AWLWftVTwX1sdhe5VBOw2W5IMXPi2KGZLOID+jOH9v5ZKTe0O+dCpmeRR+yzDBG2HVdJOapPGNXgAONagGBug9VsH1K6CUMRw/i9ciCesZmk/v9KTHyBhDjHQZwHEx4dP/Ujn8YWyDhXE1TFwkE2SBQ2OtZMa9/gkPGwi4KFssTwK8jyCbt5+nIsPsHs5qSB4Fd6bSEua/wZtuVf8fnpa5yIzsBs2LXoTdFp4/ljbQR+6W2ZV4JEeyVv42usNBDHVCcjQ5mY8s1Bgn1WrbMNRFxzwI2B96oZwAR7HEdr7yCmY2lSLaGujHQLxTrflxNfmp5f/xDCGFlcb4we+LKvoApnbrRzHDtGbihF2ChYFEkNQXD4mgX6MvgehOrnTHgyohj4Kgg7pJAS5UMl2lodLd5T0/W8PPJ+ravyt6LSQWlmx5hjqa6wUP779/Z+2EC7ft3gutA9yhx2NjIHhIb2Sw7DXz7gpbKJVAc0DkRHIeplrZfWKta6Cw4c2zAgh/fJGqwd9xQPWWq58vM99RgHbxern6sqkkmBAcls8CLFempIzdQn42QObzESpOMRO7U6nYlmpGtxDSnwPQfO6hzOzRvY9Ahs5UJaIogZ5D4WiFCw+re+2+NCehGlqOKPm6yGqvDCNRzhpuLQ2pz3T5MMui5CLBHKrtzG8JG1D4cFon9W4kyDZR81C7Bv2QKAA+6JTrFzkCptR/882mBPN8X98pDemzTDfxWEgsf8KXnQKOfjKtCQcBT3QUVcAzYGsx+UgRAIskVNDjPb6ntNeHZByovIzO432CIobHuzZPNY5RNRudlCr3chGi59+ZbO5/M13olPUaPpuZPl/bEMOg+FdszviveQOlayqqcWQNd2L8hZCUs6qTN7AGr6rsp6a0IOvnxNg95JpYp0fC2VbORlglviB0ihmdQmH1Z7CQ4+turlNKqTGBzTATBgkqhkiG9w0BCRUxBgQEAQAAADBXBgkqhkiG9w0BCRQxSh5IAGEAOAAwAGQAZgBmADgANgAtAGUAOQA2AGUALQA0ADIAMgA0AC0AYQBhADEAMQAtAGIAZAAxADkANABkADUAYQA2AGIANwA3MF0GCSsGAQQBgjcRATFQHk4ATQBpAGMAcgBvAHMAbwBmAHQAIABTAHQAcgBvAG4AZwAgAEMAcgB5AHAAdABvAGcAcgBhAHAAaABpAGMAIABQAHIAbwB2AGkAZABlAHIwggLPBgkqhkiG9w0BBwagggLAMIICvAIBADCCArUGCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEGMA4ECObcnoLV1D+3AgIH0ICCAohj2hLwzQOkqfax1OworHjXnFX7dtHAKtQJSWxkrkktg1EL2kmAMMlAdD65Q1nn5W1SSybq+kNcR6O00mXsXn7EnmF49/LFNRITL/BfF2qZ+ryAZEiKVikQoYwUypXo9tN5IwcZW60oKvnPrkc9ptj8IRo0DpTn4FYeLTxumVsyxDXcMnuE1XQut4SEjdHLULPMPMFsCFV/kxYRWKO38m34o61rX1+UUNoaiL1UEs/GpKMnZZuhrK8TzVgtjgEY9VgVE4QYdsf0079jhA1AKR+Jb47qlsRcFNLU59h/uXVkPUE6Ylj33YdQKTPGSoEMcRBP4mtBxzaNxgrJuNIQNZ65ikHtEiitck6OrIyK5ALBPL3Kzkc7596vm1//ldlkuvhY3fjBGrqf0Rv+PtuUllJ/kvra9K59lveiae5lw1oGrS+xxGBlEl+Uu152QECYRZoHDe90DfIUCo1faOR+c+ekJFZAesOdClxpvv0T5xVsZYS/jzODIxOOKtacqJa2nd1yXV7i3Z9FajoSdN2BIdxfTiMAKkLksWyaG4XXA7wU13vYTyLneUxaJt1AChT2C41wf8CjYxf1lG8rGskSXQuJWv3a9oF4YJJIA+pSskK5ReC790cwqccifQV3ORDKV+QpYD4SPri+N8NyUfO9/KpJDlWHjEKYgPL5imSsPFAfox7v0U7JbHKeem4cLllrlh9eFk5Pw0KH8mYTIIbrDMZpGe8yw1HOmqMTNYyjZMfwgGQxdJ2XehvdzqTqabMcUt2OSTJQCX4sJTsoI8JHoS18lz6DS45juzrKbQXGbzuf+m2io4OI3Zyhw6FO+3Naex38qXoQBPJjYWc1Sv3IFDsMyECNyMtSNFAwNzAfMAcGBSsOAwIaBBTKNA64YLrBB9L1vvU6qE7lvrZU8AQULbKXVgFE2m0EMrY7K0nf2ZtaYc0=\",\"contentType\":\"application/x-pkcs12\",\"id\":\"https://azure-keyvault-3.vault.azure.net/secrets/importCertPkcs/2b6aea9a1daf43cd86ee50ad058d2db6\",\"managed\":true,\"attributes\":{\"enabled\":true,\"nbf\":1430344421,\"exp\":2208988799,\"created\":1547150893,\"updated\":1547150893,\"recoveryLevel\":\"Recoverable+Purgeable\"},\"tags\":{},\"kid\":\"https://azure-keyvault-3.vault.azure.net/keys/importCertPkcs/2b6aea9a1daf43cd86ee50ad058d2db6\"}"
+      "Body" : "{\"value\":\"REDACTED\",\"contentType\":\"application/x-pkcs12\",\"id\":\"https://azure-keyvault-3.vault.azure.net/secrets/importCertPkcs/2b6aea9a1daf43cd86ee50ad058d2db6\",\"managed\":true,\"attributes\":{\"enabled\":true,\"nbf\":1430344421,\"exp\":2208988799,\"created\":1547150893,\"updated\":1547150893,\"recoveryLevel\":\"Recoverable+Purgeable\"},\"tags\":{},\"kid\":\"https://azure-keyvault-3.vault.azure.net/keys/importCertPkcs/2b6aea9a1daf43cd86ee50ad058d2db6\"}"
     }
   }, {
     "Method" : "DELETE",
@@ -242,4 +242,4 @@
     }
   } ],
   "variables" : [ ]
-}
+}