// - // ========================LICENSE_START================================= // O-RAN-SC // %% // Copyright (C) 2022: Nordix Foundation // %% // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. // ========================LICENSE_END=================================== // package security import ( "fmt" "net/http" "net/url" "os" "testing" "oransc.org/nonrtric/capifcore/internal/securityapi" "oransc.org/nonrtric/capifcore/internal/invokermanagement" "oransc.org/nonrtric/capifcore/internal/providermanagement" "oransc.org/nonrtric/capifcore/internal/publishservice" "github.com/labstack/echo/v4" "oransc.org/nonrtric/capifcore/internal/common29122" invokermocks "oransc.org/nonrtric/capifcore/internal/invokermanagement/mocks" servicemocks "oransc.org/nonrtric/capifcore/internal/providermanagement/mocks" publishmocks "oransc.org/nonrtric/capifcore/internal/publishservice/mocks" "github.com/deepmap/oapi-codegen/pkg/middleware" "github.com/deepmap/oapi-codegen/pkg/testutil" echomiddleware "github.com/labstack/echo/v4/middleware" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" ) func TestPostSecurityIdToken(t *testing.T) { invokerRegisterMock := invokermocks.InvokerRegister{} invokerRegisterMock.On("IsInvokerRegistered", mock.AnythingOfType("string")).Return(true) invokerRegisterMock.On("VerifyInvokerSecret", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(true) serviceRegisterMock := servicemocks.ServiceRegister{} serviceRegisterMock.On("IsFunctionRegistered", mock.AnythingOfType("string")).Return(true) apiRegisterMock := publishmocks.APIRegister{} apiRegisterMock.On("IsAPIRegistered", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(true) requestHandler := getEcho(&serviceRegisterMock, &apiRegisterMock, &invokerRegisterMock) data := url.Values{} data.Set("client_id", "id") data.Add("client_secret", "secret") data.Add("grant_type", "client_credentials") data.Add("scope", "scope#aefId:path") encodedData := data.Encode() result := testutil.NewRequest().Post("/securities/invokerId/token").WithContentType("application/x-www-form-urlencoded").WithBody([]byte(encodedData)).Go(t, requestHandler) assert.Equal(t, http.StatusCreated, result.Code()) var resultResponse securityapi.AccessTokenRsp err := result.UnmarshalBodyToObject(&resultResponse) assert.NoError(t, err, "error unmarshaling response") assert.NotEmpty(t, resultResponse.AccessToken) assert.Equal(t, "scope#aefId:path", *resultResponse.Scope) assert.Equal(t, securityapi.AccessTokenRspTokenTypeBearer, resultResponse.TokenType) assert.Equal(t, common29122.DurationSec(0), resultResponse.ExpiresIn) invokerRegisterMock.AssertCalled(t, "IsInvokerRegistered", "id") invokerRegisterMock.AssertCalled(t, "VerifyInvokerSecret", "id", "secret") serviceRegisterMock.AssertCalled(t, "IsFunctionRegistered", "aefId") apiRegisterMock.AssertCalled(t, "IsAPIRegistered", "aefId", "path") } func getEcho(serviceRegister providermanagement.ServiceRegister, apiRegister publishservice.APIRegister, invokerRegister invokermanagement.InvokerRegister) *echo.Echo { swagger, err := securityapi.GetSwagger() if err != nil { fmt.Fprintf(os.Stderr, "Error loading swagger spec\n: %s", err) os.Exit(1) } swagger.Servers = nil s := NewSecurity(serviceRegister, apiRegister, invokerRegister) e := echo.New() e.Use(echomiddleware.Logger()) e.Use(middleware.OapiRequestValidator(swagger)) securityapi.RegisterHandlers(e, s) return e }