2 // ========================LICENSE_START=================================
5 // Copyright (C) 2022: Nordix Foundation
7 // Licensed under the Apache License, Version 2.0 (the "License");
8 // you may not use this file except in compliance with the License.
9 // You may obtain a copy of the License at
11 // http://www.apache.org/licenses/LICENSE-2.0
13 // Unless required by applicable law or agreed to in writing, software
14 // distributed under the License is distributed on an "AS IS" BASIS,
15 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 // See the License for the specific language governing permissions and
17 // limitations under the License.
18 // ========================LICENSE_END===================================
30 "oransc.org/nonrtric/capifcore/internal/securityapi"
32 "oransc.org/nonrtric/capifcore/internal/invokermanagement"
33 "oransc.org/nonrtric/capifcore/internal/providermanagement"
34 "oransc.org/nonrtric/capifcore/internal/publishservice"
36 "github.com/labstack/echo/v4"
38 "oransc.org/nonrtric/capifcore/internal/common29122"
40 invokermocks "oransc.org/nonrtric/capifcore/internal/invokermanagement/mocks"
41 servicemocks "oransc.org/nonrtric/capifcore/internal/providermanagement/mocks"
42 publishmocks "oransc.org/nonrtric/capifcore/internal/publishservice/mocks"
44 "github.com/deepmap/oapi-codegen/pkg/middleware"
45 "github.com/deepmap/oapi-codegen/pkg/testutil"
46 echomiddleware "github.com/labstack/echo/v4/middleware"
47 "github.com/stretchr/testify/assert"
48 "github.com/stretchr/testify/mock"
51 func TestPostSecurityIdTokenInvokerRegistered(t *testing.T) {
52 invokerRegisterMock := invokermocks.InvokerRegister{}
53 invokerRegisterMock.On("IsInvokerRegistered", mock.AnythingOfType("string")).Return(true)
54 invokerRegisterMock.On("VerifyInvokerSecret", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(true)
55 serviceRegisterMock := servicemocks.ServiceRegister{}
56 serviceRegisterMock.On("IsFunctionRegistered", mock.AnythingOfType("string")).Return(true)
57 apiRegisterMock := publishmocks.APIRegister{}
58 apiRegisterMock.On("IsAPIRegistered", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(true)
60 requestHandler := getEcho(&serviceRegisterMock, &apiRegisterMock, &invokerRegisterMock)
63 data.Set("client_id", "id")
64 data.Add("client_secret", "secret")
65 data.Add("grant_type", "client_credentials")
66 data.Add("scope", "scope#aefId:path")
67 encodedData := data.Encode()
69 result := testutil.NewRequest().Post("/securities/invokerId/token").WithContentType("application/x-www-form-urlencoded").WithBody([]byte(encodedData)).Go(t, requestHandler)
71 assert.Equal(t, http.StatusCreated, result.Code())
72 var resultResponse securityapi.AccessTokenRsp
73 err := result.UnmarshalBodyToObject(&resultResponse)
74 assert.NoError(t, err, "error unmarshaling response")
75 assert.NotEmpty(t, resultResponse.AccessToken)
76 assert.Equal(t, "scope#aefId:path", *resultResponse.Scope)
77 assert.Equal(t, securityapi.AccessTokenRspTokenTypeBearer, resultResponse.TokenType)
78 assert.Equal(t, common29122.DurationSec(0), resultResponse.ExpiresIn)
79 invokerRegisterMock.AssertCalled(t, "IsInvokerRegistered", "id")
80 invokerRegisterMock.AssertCalled(t, "VerifyInvokerSecret", "id", "secret")
81 serviceRegisterMock.AssertCalled(t, "IsFunctionRegistered", "aefId")
82 apiRegisterMock.AssertCalled(t, "IsAPIRegistered", "aefId", "path")
85 func TestPostSecurityIdTokenInvokerNotRegistered(t *testing.T) {
86 invokerRegisterMock := invokermocks.InvokerRegister{}
87 invokerRegisterMock.On("IsInvokerRegistered", mock.AnythingOfType("string")).Return(false)
89 requestHandler := getEcho(nil, nil, &invokerRegisterMock)
92 data.Set("client_id", "id")
93 data.Add("client_secret", "secret")
94 data.Add("grant_type", "client_credentials")
95 data.Add("scope", "scope#aefId:path")
96 encodedData := data.Encode()
98 result := testutil.NewRequest().Post("/securities/invokerId/token").WithContentType("application/x-www-form-urlencoded").WithBody([]byte(encodedData)).Go(t, requestHandler)
100 assert.Equal(t, http.StatusBadRequest, result.Code())
101 var problemDetails common29122.ProblemDetails
102 err := result.UnmarshalBodyToObject(&problemDetails)
103 assert.NoError(t, err, "error unmarshaling response")
104 badRequest := http.StatusBadRequest
105 assert.Equal(t, &badRequest, problemDetails.Status)
106 errMsg := "Invoker not registered"
107 assert.Equal(t, &errMsg, problemDetails.Cause)
110 func TestPostSecurityIdTokenInvokerSecretNotValid(t *testing.T) {
111 invokerRegisterMock := invokermocks.InvokerRegister{}
112 invokerRegisterMock.On("IsInvokerRegistered", mock.AnythingOfType("string")).Return(true)
113 invokerRegisterMock.On("VerifyInvokerSecret", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(false)
115 requestHandler := getEcho(nil, nil, &invokerRegisterMock)
118 data.Set("client_id", "id")
119 data.Add("client_secret", "secret")
120 data.Add("grant_type", "client_credentials")
121 data.Add("scope", "scope#aefId:path")
122 encodedData := data.Encode()
124 result := testutil.NewRequest().Post("/securities/invokerId/token").WithContentType("application/x-www-form-urlencoded").WithBody([]byte(encodedData)).Go(t, requestHandler)
126 assert.Equal(t, http.StatusBadRequest, result.Code())
127 var problemDetails common29122.ProblemDetails
128 err := result.UnmarshalBodyToObject(&problemDetails)
129 assert.NoError(t, err, "error unmarshaling response")
130 badRequest := http.StatusBadRequest
131 assert.Equal(t, &badRequest, problemDetails.Status)
132 errMsg := "Invoker secret not valid"
133 assert.Equal(t, &errMsg, problemDetails.Cause)
136 func TestPostSecurityIdTokenFunctionNotRegistered(t *testing.T) {
137 invokerRegisterMock := invokermocks.InvokerRegister{}
138 invokerRegisterMock.On("IsInvokerRegistered", mock.AnythingOfType("string")).Return(true)
139 invokerRegisterMock.On("VerifyInvokerSecret", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(true)
140 serviceRegisterMock := servicemocks.ServiceRegister{}
141 serviceRegisterMock.On("IsFunctionRegistered", mock.AnythingOfType("string")).Return(false)
143 requestHandler := getEcho(&serviceRegisterMock, nil, &invokerRegisterMock)
146 data.Set("client_id", "id")
147 data.Add("client_secret", "secret")
148 data.Add("grant_type", "client_credentials")
149 data.Add("scope", "scope#aefId:path")
150 encodedData := data.Encode()
152 result := testutil.NewRequest().Post("/securities/invokerId/token").WithContentType("application/x-www-form-urlencoded").WithBody([]byte(encodedData)).Go(t, requestHandler)
154 assert.Equal(t, http.StatusBadRequest, result.Code())
155 var problemDetails common29122.ProblemDetails
156 err := result.UnmarshalBodyToObject(&problemDetails)
157 assert.NoError(t, err, "error unmarshaling response")
158 badRequest := http.StatusBadRequest
159 assert.Equal(t, &badRequest, problemDetails.Status)
160 errMsg := "Function not registered"
161 assert.Equal(t, &errMsg, problemDetails.Cause)
164 func TestPostSecurityIdTokenAPINotPublished(t *testing.T) {
165 invokerRegisterMock := invokermocks.InvokerRegister{}
166 invokerRegisterMock.On("IsInvokerRegistered", mock.AnythingOfType("string")).Return(true)
167 invokerRegisterMock.On("VerifyInvokerSecret", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(true)
168 serviceRegisterMock := servicemocks.ServiceRegister{}
169 serviceRegisterMock.On("IsFunctionRegistered", mock.AnythingOfType("string")).Return(true)
170 apiRegisterMock := publishmocks.APIRegister{}
171 apiRegisterMock.On("IsAPIRegistered", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(false)
173 requestHandler := getEcho(&serviceRegisterMock, &apiRegisterMock, &invokerRegisterMock)
176 data.Set("client_id", "id")
177 data.Add("client_secret", "secret")
178 data.Add("grant_type", "client_credentials")
179 data.Add("scope", "scope#aefId:path")
180 encodedData := data.Encode()
182 result := testutil.NewRequest().Post("/securities/invokerId/token").WithContentType("application/x-www-form-urlencoded").WithBody([]byte(encodedData)).Go(t, requestHandler)
184 assert.Equal(t, http.StatusBadRequest, result.Code())
185 var problemDetails common29122.ProblemDetails
186 err := result.UnmarshalBodyToObject(&problemDetails)
187 assert.NoError(t, err, "error unmarshaling response")
188 badRequest := http.StatusBadRequest
189 assert.Equal(t, &badRequest, problemDetails.Status)
190 errMsg := "API not published"
191 assert.Equal(t, &errMsg, problemDetails.Cause)
194 func getEcho(serviceRegister providermanagement.ServiceRegister, apiRegister publishservice.APIRegister, invokerRegister invokermanagement.InvokerRegister) *echo.Echo {
195 swagger, err := securityapi.GetSwagger()
197 fmt.Fprintf(os.Stderr, "Error loading swagger spec\n: %s", err)
201 swagger.Servers = nil
203 s := NewSecurity(serviceRegister, apiRegister, invokerRegister)
206 e.Use(echomiddleware.Logger())
207 e.Use(middleware.OapiRequestValidator(swagger))
209 securityapi.RegisterHandlers(e, s)