X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=capifcore%2Finternal%2Fsecurityservice%2Fsecurity_test.go;fp=capifcore%2Finternal%2Fsecurityservice%2Fsecurity_test.go;h=e97e354415d74a94efa89b8153ba52007f04411c;hb=31a8d98341c723394deb355dfc828eaaaa13ce6d;hp=0000000000000000000000000000000000000000;hpb=b8822bf024ecd8a5776e912581f1fb967d472d15;p=nonrtric%2Fplt%2Fsme.git diff --git a/capifcore/internal/securityservice/security_test.go b/capifcore/internal/securityservice/security_test.go new file mode 100644 index 0000000..e97e354 --- /dev/null +++ b/capifcore/internal/securityservice/security_test.go @@ -0,0 +1,102 @@ +// - +// ========================LICENSE_START================================= +// O-RAN-SC +// %% +// Copyright (C) 2022: Nordix Foundation +// %% +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// ========================LICENSE_END=================================== +// + +package security + +import ( + "fmt" + "net/http" + "net/url" + "os" + "testing" + + "oransc.org/nonrtric/capifcore/internal/securityapi" + + "oransc.org/nonrtric/capifcore/internal/invokermanagement" + "oransc.org/nonrtric/capifcore/internal/providermanagement" + "oransc.org/nonrtric/capifcore/internal/publishservice" + + "github.com/labstack/echo/v4" + + "oransc.org/nonrtric/capifcore/internal/common29122" + + invokermocks "oransc.org/nonrtric/capifcore/internal/invokermanagement/mocks" + servicemocks "oransc.org/nonrtric/capifcore/internal/providermanagement/mocks" + publishmocks "oransc.org/nonrtric/capifcore/internal/publishservice/mocks" + + "github.com/deepmap/oapi-codegen/pkg/middleware" + "github.com/deepmap/oapi-codegen/pkg/testutil" + echomiddleware "github.com/labstack/echo/v4/middleware" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/mock" +) + +func TestPostSecurityIdToken(t *testing.T) { + invokerRegisterMock := invokermocks.InvokerRegister{} + invokerRegisterMock.On("IsInvokerRegistered", mock.AnythingOfType("string")).Return(true) + invokerRegisterMock.On("VerifyInvokerSecret", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(true) + serviceRegisterMock := servicemocks.ServiceRegister{} + serviceRegisterMock.On("IsFunctionRegistered", mock.AnythingOfType("string")).Return(true) + apiRegisterMock := publishmocks.APIRegister{} + apiRegisterMock.On("IsAPIRegistered", mock.AnythingOfType("string"), mock.AnythingOfType("string")).Return(true) + + requestHandler := getEcho(&serviceRegisterMock, &apiRegisterMock, &invokerRegisterMock) + + data := url.Values{} + data.Set("client_id", "id") + data.Add("client_secret", "secret") + data.Add("grant_type", "client_credentials") + data.Add("scope", "scope#aefId:path") + encodedData := data.Encode() + + result := testutil.NewRequest().Post("/securities/invokerId/token").WithContentType("application/x-www-form-urlencoded").WithBody([]byte(encodedData)).Go(t, requestHandler) + + assert.Equal(t, http.StatusCreated, result.Code()) + var resultResponse securityapi.AccessTokenRsp + err := result.UnmarshalBodyToObject(&resultResponse) + assert.NoError(t, err, "error unmarshaling response") + assert.NotEmpty(t, resultResponse.AccessToken) + assert.Equal(t, "scope#aefId:path", *resultResponse.Scope) + assert.Equal(t, securityapi.AccessTokenRspTokenTypeBearer, resultResponse.TokenType) + assert.Equal(t, common29122.DurationSec(0), resultResponse.ExpiresIn) + invokerRegisterMock.AssertCalled(t, "IsInvokerRegistered", "id") + invokerRegisterMock.AssertCalled(t, "VerifyInvokerSecret", "id", "secret") + serviceRegisterMock.AssertCalled(t, "IsFunctionRegistered", "aefId") + apiRegisterMock.AssertCalled(t, "IsAPIRegistered", "aefId", "path") +} + +func getEcho(serviceRegister providermanagement.ServiceRegister, apiRegister publishservice.APIRegister, invokerRegister invokermanagement.InvokerRegister) *echo.Echo { + swagger, err := securityapi.GetSwagger() + if err != nil { + fmt.Fprintf(os.Stderr, "Error loading swagger spec\n: %s", err) + os.Exit(1) + } + + swagger.Servers = nil + + s := NewSecurity(serviceRegister, apiRegister, invokerRegister) + + e := echo.New() + e.Use(echomiddleware.Logger()) + e.Use(middleware.OapiRequestValidator(swagger)) + + securityapi.RegisterHandlers(e, s) + return e +}