2 // ========================LICENSE_START=================================
5 // Copyright (C) 2022: Nordix Foundation
7 // Licensed under the Apache License, Version 2.0 (the "License");
8 // you may not use this file except in compliance with the License.
9 // You may obtain a copy of the License at
11 // http://www.apache.org/licenses/LICENSE-2.0
13 // Unless required by applicable law or agreed to in writing, software
14 // distributed under the License is distributed on an "AS IS" BASIS,
15 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 // See the License for the specific language governing permissions and
17 // limitations under the License.
18 // ========================LICENSE_END===================================
30 "oransc.org/nonrtric/capifcore/internal/securityapi"
32 "oransc.org/nonrtric/capifcore/internal/invokermanagement"
33 "oransc.org/nonrtric/capifcore/internal/providermanagement"
34 "oransc.org/nonrtric/capifcore/internal/publishservice"
36 "github.com/labstack/echo/v4"
38 "oransc.org/nonrtric/capifcore/internal/common29122"
40 invokermocks "oransc.org/nonrtric/capifcore/internal/invokermanagement/mocks"
41 servicemocks "oransc.org/nonrtric/capifcore/internal/providermanagement/mocks"
42 publishmocks "oransc.org/nonrtric/capifcore/internal/publishservice/mocks"
44 "github.com/deepmap/oapi-codegen/pkg/middleware"
45 "github.com/deepmap/oapi-codegen/pkg/testutil"
46 echomiddleware "github.com/labstack/echo/v4/middleware"
47 "github.com/stretchr/testify/assert"
48 "github.com/stretchr/testify/mock"
51 func TestPostSecurityIdTokenInvokerRegistered(t *testing.T) {
52 invokerRegisterMock := invokermocks.InvokerRegister{}
53 invokerRegisterMock.On("IsInvokerRegistered", mock.AnythingOfType("string")).Return(true)
54 invokerRegisterMock.On("VerifyInvokerSecret", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(true)
55 serviceRegisterMock := servicemocks.ServiceRegister{}
56 serviceRegisterMock.On("IsFunctionRegistered", mock.AnythingOfType("string")).Return(true)
57 publishRegisterMock := publishmocks.PublishRegister{}
58 publishRegisterMock.On("IsAPIPublished", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(true)
60 requestHandler := getEcho(&serviceRegisterMock, &publishRegisterMock, &invokerRegisterMock)
64 clientSecret := "secret"
67 data.Set("client_id", clientId)
68 data.Add("client_secret", clientSecret)
69 data.Add("grant_type", "client_credentials")
70 data.Add("scope", "scope#"+aefId+":"+path)
71 encodedData := data.Encode()
73 result := testutil.NewRequest().Post("/securities/invokerId/token").WithContentType("application/x-www-form-urlencoded").WithBody([]byte(encodedData)).Go(t, requestHandler)
75 assert.Equal(t, http.StatusCreated, result.Code())
76 var resultResponse securityapi.AccessTokenRsp
77 err := result.UnmarshalBodyToObject(&resultResponse)
78 assert.NoError(t, err, "error unmarshaling response")
79 assert.NotEmpty(t, resultResponse.AccessToken)
80 assert.Equal(t, "scope#"+aefId+":"+path, *resultResponse.Scope)
81 assert.Equal(t, securityapi.AccessTokenRspTokenTypeBearer, resultResponse.TokenType)
82 assert.Equal(t, common29122.DurationSec(0), resultResponse.ExpiresIn)
83 invokerRegisterMock.AssertCalled(t, "IsInvokerRegistered", clientId)
84 invokerRegisterMock.AssertCalled(t, "VerifyInvokerSecret", clientId, clientSecret)
85 serviceRegisterMock.AssertCalled(t, "IsFunctionRegistered", aefId)
86 publishRegisterMock.AssertCalled(t, "IsAPIPublished", aefId, path)
89 func TestPostSecurityIdTokenInvokerNotRegistered(t *testing.T) {
90 invokerRegisterMock := invokermocks.InvokerRegister{}
91 invokerRegisterMock.On("IsInvokerRegistered", mock.AnythingOfType("string")).Return(false)
93 requestHandler := getEcho(nil, nil, &invokerRegisterMock)
96 data.Set("client_id", "id")
97 data.Add("client_secret", "secret")
98 data.Add("grant_type", "client_credentials")
99 data.Add("scope", "scope#aefId:path")
100 encodedData := data.Encode()
102 result := testutil.NewRequest().Post("/securities/invokerId/token").WithContentType("application/x-www-form-urlencoded").WithBody([]byte(encodedData)).Go(t, requestHandler)
104 assert.Equal(t, http.StatusBadRequest, result.Code())
105 var problemDetails common29122.ProblemDetails
106 err := result.UnmarshalBodyToObject(&problemDetails)
107 assert.NoError(t, err, "error unmarshaling response")
108 badRequest := http.StatusBadRequest
109 assert.Equal(t, &badRequest, problemDetails.Status)
110 errMsg := "Invoker not registered"
111 assert.Equal(t, &errMsg, problemDetails.Cause)
114 func TestPostSecurityIdTokenInvokerSecretNotValid(t *testing.T) {
115 invokerRegisterMock := invokermocks.InvokerRegister{}
116 invokerRegisterMock.On("IsInvokerRegistered", mock.AnythingOfType("string")).Return(true)
117 invokerRegisterMock.On("VerifyInvokerSecret", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(false)
119 requestHandler := getEcho(nil, nil, &invokerRegisterMock)
122 data.Set("client_id", "id")
123 data.Add("client_secret", "secret")
124 data.Add("grant_type", "client_credentials")
125 data.Add("scope", "scope#aefId:path")
126 encodedData := data.Encode()
128 result := testutil.NewRequest().Post("/securities/invokerId/token").WithContentType("application/x-www-form-urlencoded").WithBody([]byte(encodedData)).Go(t, requestHandler)
130 assert.Equal(t, http.StatusBadRequest, result.Code())
131 var problemDetails common29122.ProblemDetails
132 err := result.UnmarshalBodyToObject(&problemDetails)
133 assert.NoError(t, err, "error unmarshaling response")
134 badRequest := http.StatusBadRequest
135 assert.Equal(t, &badRequest, problemDetails.Status)
136 errMsg := "Invoker secret not valid"
137 assert.Equal(t, &errMsg, problemDetails.Cause)
140 func TestPostSecurityIdTokenFunctionNotRegistered(t *testing.T) {
141 invokerRegisterMock := invokermocks.InvokerRegister{}
142 invokerRegisterMock.On("IsInvokerRegistered", mock.AnythingOfType("string")).Return(true)
143 invokerRegisterMock.On("VerifyInvokerSecret", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(true)
144 serviceRegisterMock := servicemocks.ServiceRegister{}
145 serviceRegisterMock.On("IsFunctionRegistered", mock.AnythingOfType("string")).Return(false)
147 requestHandler := getEcho(&serviceRegisterMock, nil, &invokerRegisterMock)
150 data.Set("client_id", "id")
151 data.Add("client_secret", "secret")
152 data.Add("grant_type", "client_credentials")
153 data.Add("scope", "scope#aefId:path")
154 encodedData := data.Encode()
156 result := testutil.NewRequest().Post("/securities/invokerId/token").WithContentType("application/x-www-form-urlencoded").WithBody([]byte(encodedData)).Go(t, requestHandler)
158 assert.Equal(t, http.StatusBadRequest, result.Code())
159 var problemDetails common29122.ProblemDetails
160 err := result.UnmarshalBodyToObject(&problemDetails)
161 assert.NoError(t, err, "error unmarshaling response")
162 badRequest := http.StatusBadRequest
163 assert.Equal(t, &badRequest, problemDetails.Status)
164 errMsg := "Function not registered"
165 assert.Equal(t, &errMsg, problemDetails.Cause)
168 func TestPostSecurityIdTokenAPINotPublished(t *testing.T) {
169 invokerRegisterMock := invokermocks.InvokerRegister{}
170 invokerRegisterMock.On("IsInvokerRegistered", mock.AnythingOfType("string")).Return(true)
171 invokerRegisterMock.On("VerifyInvokerSecret", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(true)
172 serviceRegisterMock := servicemocks.ServiceRegister{}
173 serviceRegisterMock.On("IsFunctionRegistered", mock.AnythingOfType("string")).Return(true)
174 publishRegisterMock := publishmocks.PublishRegister{}
175 publishRegisterMock.On("IsAPIPublished", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(false)
177 requestHandler := getEcho(&serviceRegisterMock, &publishRegisterMock, &invokerRegisterMock)
180 data.Set("client_id", "id")
181 data.Add("client_secret", "secret")
182 data.Add("grant_type", "client_credentials")
183 data.Add("scope", "scope#aefId:path")
184 encodedData := data.Encode()
186 result := testutil.NewRequest().Post("/securities/invokerId/token").WithContentType("application/x-www-form-urlencoded").WithBody([]byte(encodedData)).Go(t, requestHandler)
188 assert.Equal(t, http.StatusBadRequest, result.Code())
189 var problemDetails common29122.ProblemDetails
190 err := result.UnmarshalBodyToObject(&problemDetails)
191 assert.NoError(t, err, "error unmarshaling response")
192 badRequest := http.StatusBadRequest
193 assert.Equal(t, &badRequest, problemDetails.Status)
194 errMsg := "API not published"
195 assert.Equal(t, &errMsg, problemDetails.Cause)
198 func getEcho(serviceRegister providermanagement.ServiceRegister, publishRegister publishservice.PublishRegister, invokerRegister invokermanagement.InvokerRegister) *echo.Echo {
199 swagger, err := securityapi.GetSwagger()
201 fmt.Fprintf(os.Stderr, "Error loading swagger spec\n: %s", err)
205 swagger.Servers = nil
207 s := NewSecurity(serviceRegister, publishRegister, invokerRegister)
210 e.Use(echomiddleware.Logger())
211 e.Use(middleware.OapiRequestValidator(swagger))
213 securityapi.RegisterHandlers(e, s)