Move capifcore code to separate folder
[nonrtric/plt/sme.git] / capifcore / internal / security / security_test.go
1 // -
2 //   ========================LICENSE_START=================================
3 //   O-RAN-SC
4 //   %%
5 //   Copyright (C) 2022: Nordix Foundation
6 //   %%
7 //   Licensed under the Apache License, Version 2.0 (the "License");
8 //   you may not use this file except in compliance with the License.
9 //   You may obtain a copy of the License at
10 //
11 //        http://www.apache.org/licenses/LICENSE-2.0
12 //
13 //   Unless required by applicable law or agreed to in writing, software
14 //   distributed under the License is distributed on an "AS IS" BASIS,
15 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 //   See the License for the specific language governing permissions and
17 //   limitations under the License.
18 //   ========================LICENSE_END===================================
19 //
20
21 package security
22
23 import (
24         "fmt"
25         "net/http"
26         "net/url"
27         "os"
28         "testing"
29
30         "oransc.org/nonrtric/capifcore/internal/securityapi"
31
32         "oransc.org/nonrtric/capifcore/internal/invokermanagement"
33         "oransc.org/nonrtric/capifcore/internal/providermanagement"
34         "oransc.org/nonrtric/capifcore/internal/publishservice"
35
36         "github.com/labstack/echo/v4"
37
38         "oransc.org/nonrtric/capifcore/internal/common29122"
39
40         invokermocks "oransc.org/nonrtric/capifcore/internal/invokermanagement/mocks"
41         servicemocks "oransc.org/nonrtric/capifcore/internal/providermanagement/mocks"
42         publishmocks "oransc.org/nonrtric/capifcore/internal/publishservice/mocks"
43
44         "github.com/deepmap/oapi-codegen/pkg/middleware"
45         "github.com/deepmap/oapi-codegen/pkg/testutil"
46         echomiddleware "github.com/labstack/echo/v4/middleware"
47         "github.com/stretchr/testify/assert"
48         "github.com/stretchr/testify/mock"
49 )
50
51 func TestPostSecurityIdToken(t *testing.T) {
52         invokerRegisterMock := invokermocks.InvokerRegister{}
53         invokerRegisterMock.On("IsInvokerRegistered", mock.AnythingOfType("string")).Return(true)
54         invokerRegisterMock.On("VerifyInvokerSecret", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(true)
55         serviceRegisterMock := servicemocks.ServiceRegister{}
56         serviceRegisterMock.On("IsFunctionRegistered", mock.AnythingOfType("string")).Return(true)
57         apiRegisterMock := publishmocks.APIRegister{}
58         apiRegisterMock.On("IsAPIRegistered", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(true)
59
60         requestHandler := getEcho(&serviceRegisterMock, &apiRegisterMock, &invokerRegisterMock)
61
62         data := url.Values{}
63         data.Set("client_id", "id")
64         data.Add("client_secret", "secret")
65         data.Add("grant_type", "client_credentials")
66         data.Add("scope", "scope#aefId:path")
67         encodedData := data.Encode()
68
69         result := testutil.NewRequest().Post("/securities/invokerId/token").WithContentType("application/x-www-form-urlencoded").WithBody([]byte(encodedData)).Go(t, requestHandler)
70
71         assert.Equal(t, http.StatusCreated, result.Code())
72         var resultResponse securityapi.AccessTokenRsp
73         err := result.UnmarshalBodyToObject(&resultResponse)
74         assert.NoError(t, err, "error unmarshaling response")
75         assert.NotEmpty(t, resultResponse.AccessToken)
76         assert.Equal(t, "scope#aefId:path", *resultResponse.Scope)
77         assert.Equal(t, securityapi.AccessTokenRspTokenTypeBearer, resultResponse.TokenType)
78         assert.Equal(t, common29122.DurationSec(0), resultResponse.ExpiresIn)
79         invokerRegisterMock.AssertCalled(t, "IsInvokerRegistered", "id")
80         invokerRegisterMock.AssertCalled(t, "VerifyInvokerSecret", "id", "secret")
81         serviceRegisterMock.AssertCalled(t, "IsFunctionRegistered", "aefId")
82         apiRegisterMock.AssertCalled(t, "IsAPIRegistered", "aefId", "path")
83 }
84
85 func getEcho(serviceRegister providermanagement.ServiceRegister, apiRegister publishservice.APIRegister, invokerRegister invokermanagement.InvokerRegister) *echo.Echo {
86         swagger, err := securityapi.GetSwagger()
87         if err != nil {
88                 fmt.Fprintf(os.Stderr, "Error loading swagger spec\n: %s", err)
89                 os.Exit(1)
90         }
91
92         swagger.Servers = nil
93
94         s := NewSecurity(serviceRegister, apiRegister, invokerRegister)
95
96         e := echo.New()
97         e.Use(echomiddleware.Logger())
98         e.Use(middleware.OapiRequestValidator(swagger))
99
100         securityapi.RegisterHandlers(e, s)
101         return e
102 }