From 77f09e0d45be278a5c4a80fb5b3467f55963204f Mon Sep 17 00:00:00 2001 From: PatrikBuhr Date: Thu, 6 Apr 2023 09:32:48 +0200 Subject: [PATCH] Minor changes Improved unittest, improved documentation. Signed-off-by: PatrikBuhr Issue-ID: NONRTRIC-841 Change-Id: Ib6ba350e683e0a1207bb7022825594f9ad43a9d7 --- api/ics-api.json | 28 +++--- api/ics-api.yaml | 40 ++++---- config/application.yaml | 3 +- .../oransc/ics/controllers/a1e/A1eController.java | 6 +- .../authorization/AuthorizationCheck.java | 6 +- .../controllers/r1consumer/ConsumerController.java | 8 +- src/test/java/org/oransc/ics/ApplicationTest.java | 106 +++++++++++++++------ .../OpenPolicyAgentSimulatorController.java | 8 +- 8 files changed, 128 insertions(+), 77 deletions(-) diff --git a/api/ics-api.json b/api/ics-api.json index db6d45e..cd3b61b 100644 --- a/api/ics-api.json +++ b/api/ics-api.json @@ -374,6 +374,20 @@ }}, "openapi": "3.0.1", "paths": { + "/example-authz-check": {"post": { + "summary": "Request for access authorization.", + "requestBody": { + "content": {"application/json": {"schema": {"$ref": "#/components/schemas/subscription_authorization"}}}, + "required": true + }, + "description": "The authorization function decides if access is granted.", + "operationId": "subscriptionAuth", + "responses": {"200": { + "description": "OK", + "content": {"application/json": {"schema": {"$ref": "#/components/schemas/authorization_result"}}} + }}, + "tags": ["Authorization API"] + }}, "/data-producer/v1/info-types": {"get": { "summary": "Info Type identifiers", "operationId": "getInfoTypdentifiers", @@ -1359,20 +1373,6 @@ }], "tags": ["Data producer (registration)"] }}, - "/example-subscription-auth": {"post": { - "summary": "Request for access authorization.", - "requestBody": { - "content": {"application/json": {"schema": {"$ref": "#/components/schemas/subscription_authorization"}}}, - "required": true - }, - "description": "The authorization function decides if access is granted.", - "operationId": "subscriptionAuth", - "responses": {"200": { - "description": "OK", - "content": {"application/json": {"schema": {"$ref": "#/components/schemas/authorization_result"}}} - }}, - "tags": ["Authorization API"] - }}, "/actuator/heapdump": {"get": { "summary": "Actuator web endpoint 'heapdump'", "operationId": "heapdump", diff --git a/api/ics-api.yaml b/api/ics-api.yaml index e7a0629..4a8d3bd 100644 --- a/api/ics-api.yaml +++ b/api/ics-api.yaml @@ -53,6 +53,26 @@ tags: description: API used for authorization of information job access (this is provided by an authorization producer such as OPA) paths: + /example-authz-check: + post: + tags: + - Authorization API + summary: Request for access authorization. + description: The authorization function decides if access is granted. + operationId: subscriptionAuth + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/subscription_authorization' + required: true + responses: + 200: + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/authorization_result' /data-producer/v1/info-types: get: tags: @@ -1326,26 +1346,6 @@ paths: application/json: schema: $ref: '#/components/schemas/ProblemDetails' - /example-subscription-auth: - post: - tags: - - Authorization API - summary: Request for access authorization. - description: The authorization function decides if access is granted. - operationId: subscriptionAuth - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/subscription_authorization' - required: true - responses: - 200: - description: OK - content: - application/json: - schema: - $ref: '#/components/schemas/authorization_result' /actuator/heapdump: get: tags: diff --git a/config/application.yaml b/config/application.yaml index 345b3fd..966c15d 100644 --- a/config/application.yaml +++ b/config/application.yaml @@ -72,7 +72,8 @@ app: vardata-directory: /var/information-coordinator-service # If the file name is empty, no authorization token is used auth-token-file: - # A URL to a REST based service that provides authorization. This can for instance be Open Policy Agent, OPA + # A URL to authorization provider such as OPA. Each time a information job is accessed, a call to this + # authorization provider is done for access control. If this is empty, no fine grained access control is done. info-job-authorization-agent: # S3 object store usage is enabled by defining the bucket to use. This will override the vardata-directory parameter. s3: diff --git a/src/main/java/org/oransc/ics/controllers/a1e/A1eController.java b/src/main/java/org/oransc/ics/controllers/a1e/A1eController.java index 491e0dd..879d6d8 100644 --- a/src/main/java/org/oransc/ics/controllers/a1e/A1eController.java +++ b/src/main/java/org/oransc/ics/controllers/a1e/A1eController.java @@ -202,7 +202,7 @@ public class A1eController { @RequestHeader Map headers) { return this.infoJobs.getJobMono(eiJobId) - .flatMap(job -> authorization.authorizeDataJob(headers, job, AccessType.READ)) // + .flatMap(job -> authorization.doAccessControl(headers, job, AccessType.READ)) // .map(job -> new ResponseEntity(gson.toJson(toEiJobInfo(job)), HttpStatus.OK)) .onErrorResume(ErrorResponse::createMono); } @@ -258,7 +258,7 @@ public class A1eController { @RequestHeader Map headers) { return this.infoJobs.getJobMono(eiJobId) - .flatMap(job -> authorization.authorizeDataJob(headers, job, AccessType.WRITE)) // + .flatMap(job -> authorization.doAccessControl(headers, job, AccessType.WRITE)) // .doOnNext(job -> this.infoJobs.remove(job, this.infoProducers)) .map(x -> new ResponseEntity<>(HttpStatus.NO_CONTENT)).onErrorResume(ErrorResponse::createMono); } @@ -299,7 +299,7 @@ public class A1eController { try { InfoType eiType = this.infoTypes.getCompatibleType(eiJobObject.eiTypeId); - return authorization.authorizeDataJob(headers, eiType, eiJobObject.jobDefinition, AccessType.WRITE) // + return authorization.doAccessControl(headers, eiType, eiJobObject.jobDefinition, AccessType.WRITE) // .flatMap(x -> validatePutEiJob(eiJobId, eiType, eiJobObject)) // .flatMap(job -> startEiJob(job, eiType)) // .doOnNext(newEiJob -> this.infoJobs.put(newEiJob)) // diff --git a/src/main/java/org/oransc/ics/controllers/authorization/AuthorizationCheck.java b/src/main/java/org/oransc/ics/controllers/authorization/AuthorizationCheck.java index 14b0291..dde7104 100644 --- a/src/main/java/org/oransc/ics/controllers/authorization/AuthorizationCheck.java +++ b/src/main/java/org/oransc/ics/controllers/authorization/AuthorizationCheck.java @@ -56,12 +56,12 @@ public class AuthorizationCheck { this.restClient = restClientFactory.createRestClientUseHttpProxy(""); } - public Mono authorizeDataJob(Map receivedHttpHeaders, InfoJob job, AccessType accessType) { - return authorizeDataJob(receivedHttpHeaders, job.getType(), job.getJobData(), accessType) // + public Mono doAccessControl(Map receivedHttpHeaders, InfoJob job, AccessType accessType) { + return doAccessControl(receivedHttpHeaders, job.getType(), job.getJobData(), accessType) // .map(x -> job); } - public Mono authorizeDataJob(Map receivedHttpHeaders, InfoType type, Object jobDefinition, + public Mono doAccessControl(Map receivedHttpHeaders, InfoType type, Object jobDefinition, AccessType accessType) { if (this.applicationConfig.getAuthAgentUrl().isEmpty()) { return Mono.just(type); diff --git a/src/main/java/org/oransc/ics/controllers/r1consumer/ConsumerController.java b/src/main/java/org/oransc/ics/controllers/r1consumer/ConsumerController.java index cd557c1..b48ac35 100644 --- a/src/main/java/org/oransc/ics/controllers/r1consumer/ConsumerController.java +++ b/src/main/java/org/oransc/ics/controllers/r1consumer/ConsumerController.java @@ -205,7 +205,7 @@ public class ConsumerController { return Flux.fromIterable(this.infoJobs.getJobsForOwner(owner)) .doOnNext(job -> logger.debug("DELETE info jobs, id: {}, type: {}, owner: {}", job.getId(), job.getType().getId(), owner)) - .flatMap(job -> this.authorization.authorizeDataJob(headers, job, AccessType.WRITE)) // + .flatMap(job -> this.authorization.doAccessControl(headers, job, AccessType.WRITE)) // .doOnNext(job -> this.infoJobs.remove(job, this.infoProducers)) // .collectList() // .map(l -> new ResponseEntity<>(HttpStatus.NO_CONTENT)) // @@ -231,7 +231,7 @@ public class ConsumerController { logger.debug("GET info job, id: {}", infoJobId); return this.infoJobs.getJobMono(infoJobId) // - .flatMap(job -> authorization.authorizeDataJob(headers, job, AccessType.READ)) // + .flatMap(job -> authorization.doAccessControl(headers, job, AccessType.READ)) // .map(job -> new ResponseEntity(gson.toJson(toInfoJobInfo(job)), HttpStatus.OK)) // .onErrorResume(ErrorResponse::createMono); } @@ -294,7 +294,7 @@ public class ConsumerController { logger.debug("DELETE info job, id: {}", jobId); return this.infoJobs.getJobMono(jobId) // - .flatMap(job -> authorization.authorizeDataJob(headers, job, AccessType.WRITE)) // + .flatMap(job -> authorization.doAccessControl(headers, job, AccessType.WRITE)) // .doOnNext(job -> this.infoJobs.remove(job, this.infoProducers)) // .map(job -> new ResponseEntity<>(HttpStatus.NO_CONTENT)) // .onErrorResume(ErrorResponse::createMono); @@ -339,7 +339,7 @@ public class ConsumerController { InfoType infoType = this.infoTypes.getCompatibleType(informationJobObject.infoTypeId); return authorization - .authorizeDataJob(headers, infoType, informationJobObject.jobDefinition, AccessType.WRITE) // + .doAccessControl(headers, infoType, informationJobObject.jobDefinition, AccessType.WRITE) // .flatMap(x -> validatePutInfoJob(jobId, infoType, informationJobObject)) // .flatMap(job -> startInfoSubscriptionJob(job, infoType)) // .doOnNext(this.infoJobs::put) // diff --git a/src/test/java/org/oransc/ics/ApplicationTest.java b/src/test/java/org/oransc/ics/ApplicationTest.java index 8ddba05..3d8a95b 100644 --- a/src/test/java/org/oransc/ics/ApplicationTest.java +++ b/src/test/java/org/oransc/ics/ApplicationTest.java @@ -122,7 +122,7 @@ class ApplicationTest { private final String TYPE_ID = "typeId_1.9.9"; private final String PRODUCER_ID = "producerId"; private final String EI_JOB_PROPERTY = "\"property1\""; - private final String EI_JOB_ID = "jobId"; + private final String JOB_ID = "jobId"; @Autowired ApplicationContext context; @@ -191,6 +191,7 @@ class ApplicationTest { this.securityContext.setAuthTokenFilePath(null); this.applicationConfig.setAuthAgentUrl(""); this.openPolicyAgentSimulatorController.getTestResults().reset(); + this.applicationConfig.setAuthAgentUrl(baseUrl() + OpenPolicyAgentSimulatorController.SUBSCRIPTION_AUTH_URL); } @AfterEach @@ -491,7 +492,7 @@ class ApplicationTest { InfoJob job = this.infoJobs.getJob("jobId"); assertThat(job.getOwner()).isEqualTo("owner"); - verifyJobStatus(EI_JOB_ID, "ENABLED"); + verifyJobStatus(JOB_ID, "ENABLED"); } @Test @@ -510,8 +511,8 @@ class ApplicationTest { putInfoProducerWithOneType(REG_TYPE_ID4, REG_TYPE_ID4); putInfoProducerWithOneType(REG_TYPE_ID5, REG_TYPE_ID5); - String url = A1eConsts.API_ROOT + "/eijobs/" + EI_JOB_ID; - String body = gson.toJson(eiJobInfo(PUT_TYPE_ID, EI_JOB_ID)); + String url = A1eConsts.API_ROOT + "/eijobs/" + JOB_ID; + String body = gson.toJson(eiJobInfo(PUT_TYPE_ID, JOB_ID)); ResponseEntity resp = restClient().putForEntity(url, body).block(); assertThat(this.infoJobs.size()).isEqualTo(1); assertThat(this.infoJobs.getJobs().iterator().next().getType().getId()).isEqualTo(REG_TYPE_ID1); @@ -529,14 +530,14 @@ class ApplicationTest { final String REG_TYPE_ID1 = "type_1.5.0"; // Compatible putInfoProducerWithOneType(REG_TYPE_ID1, REG_TYPE_ID1); - String body = gson.toJson(eiJobInfo("junkTypeId", EI_JOB_ID)); + String body = gson.toJson(eiJobInfo("junkTypeId", JOB_ID)); String url = A1eConsts.API_ROOT + "/eijobs/jobId"; testErrorCode(restClient().put(url, body), HttpStatus.NOT_FOUND, "not found"); - url = A1eConsts.API_ROOT + "/eijobs/" + EI_JOB_ID; + url = A1eConsts.API_ROOT + "/eijobs/" + JOB_ID; final String PUT_TYPE_ERROR_ID = "type_1.1"; - body = gson.toJson(eiJobInfo(PUT_TYPE_ERROR_ID, EI_JOB_ID)); + body = gson.toJson(eiJobInfo(PUT_TYPE_ERROR_ID, JOB_ID)); testErrorCode(restClient().put(url, body), HttpStatus.NOT_FOUND, "not found"); } @@ -561,7 +562,7 @@ class ApplicationTest { InfoJob job = this.infoJobs.getJob("jobId"); assertThat(job.getOwner()).isEqualTo("owner"); - verifyJobStatus(EI_JOB_ID, "ENABLED"); + verifyJobStatus(JOB_ID, "ENABLED"); body = gson.toJson(consumerJobInfo("junkTypeId", "jobId", "")); testErrorCode(restClient().put(url, body), HttpStatus.NOT_FOUND, "not found"); @@ -603,7 +604,7 @@ class ApplicationTest { // the principles for backwards compability. assertThat(request.typeId.equals(REG_TYPE_ID1) || request.typeId.equals(REG_TYPE_ID2)).isTrue(); - verifyJobStatus(EI_JOB_ID, "ENABLED"); + verifyJobStatus(JOB_ID, "ENABLED"); // Test update job resp = restClient().putForEntity(url, body).block(); @@ -717,7 +718,7 @@ class ApplicationTest { void producerDeleteTypeExistingJob() throws Exception { putInfoType(TYPE_ID); String url = ProducerConsts.API_ROOT + "/info-types/" + TYPE_ID; - putInfoJob(TYPE_ID, EI_JOB_ID); + putInfoJob(TYPE_ID, JOB_ID); restClient().delete(url).block(); assertThat(this.infoTypes.size()).isZero(); @@ -728,7 +729,7 @@ class ApplicationTest { @Test void producerPutProducerWithOneType_rejecting() throws Exception { putInfoProducerWithOneTypeRejecting("simulateProducerError", TYPE_ID); - String url = A1eConsts.API_ROOT + "/eijobs/" + EI_JOB_ID; + String url = A1eConsts.API_ROOT + "/eijobs/" + JOB_ID; String body = gson.toJson(eiJobInfo()); restClient().put(url, body).block(); @@ -737,7 +738,7 @@ class ApplicationTest { await().untilAsserted(() -> assertThat(simulatorResults.noOfRejectedCreate).isEqualTo(2)); assertThat(simulatorResults.noOfRejectedCreate).isEqualTo(2); - verifyJobStatus(EI_JOB_ID, "DISABLED"); + verifyJobStatus(JOB_ID, "DISABLED"); } @Test @@ -898,18 +899,18 @@ class ApplicationTest { // Create a job putInfoProducerWithOneType(PRODUCER_ID, TYPE_ID); - putInfoJob(TYPE_ID, EI_JOB_ID); + putInfoJob(TYPE_ID, JOB_ID); // change the type for the producer, the job shall be disabled putInfoProducerWithOneType(PRODUCER_ID, "junk"); - verifyJobStatus(EI_JOB_ID, "DISABLED"); + verifyJobStatus(JOB_ID, "DISABLED"); A1eCallbacksSimulatorController.TestResults consumerCalls = this.a1eCallbacksSimulator.getTestResults(); await().untilAsserted(() -> assertThat(consumerCalls.eiJobStatusCallbacks).hasSize(1)); assertThat(consumerCalls.eiJobStatusCallbacks.get(0).state) .isEqualTo(A1eEiJobStatus.EiJobStatusValues.DISABLED); putInfoProducerWithOneType(PRODUCER_ID, TYPE_ID); - verifyJobStatus(EI_JOB_ID, "ENABLED"); + verifyJobStatus(JOB_ID, "ENABLED"); await().untilAsserted(() -> assertThat(consumerCalls.eiJobStatusCallbacks).hasSize(2)); assertThat(consumerCalls.eiJobStatusCallbacks.get(1).state).isEqualTo(A1eEiJobStatus.EiJobStatusValues.ENABLED); } @@ -951,14 +952,14 @@ class ApplicationTest { { // Create a job putInfoProducerWithOneType(PRODUCER_ID, TYPE_ID); - putInfoJob(TYPE_ID, EI_JOB_ID); - verifyJobStatus(EI_JOB_ID, "ENABLED"); + putInfoJob(TYPE_ID, JOB_ID); + verifyJobStatus(JOB_ID, "ENABLED"); deleteInfoProducer(PRODUCER_ID); // A Job disabled status notification shall now be received await().untilAsserted(() -> assertThat(consumerResults.eiJobStatusCallbacks).hasSize(1)); assertThat(consumerResults.eiJobStatusCallbacks.get(0).state) .isEqualTo(A1eEiJobStatus.EiJobStatusValues.DISABLED); - verifyJobStatus(EI_JOB_ID, "DISABLED"); + verifyJobStatus(JOB_ID, "DISABLED"); } assertThat(this.infoProducers.size()).isEqualTo(1); @@ -983,7 +984,7 @@ class ApplicationTest { await().untilAsserted(() -> assertThat(consumerResults.eiJobStatusCallbacks).hasSize(2)); assertThat(consumerResults.eiJobStatusCallbacks.get(1).state) .isEqualTo(A1eEiJobStatus.EiJobStatusValues.ENABLED); - verifyJobStatus(EI_JOB_ID, "ENABLED"); + verifyJobStatus(JOB_ID, "ENABLED"); } @Test @@ -992,15 +993,15 @@ class ApplicationTest { // suceeded putInfoProducerWithOneType(PRODUCER_ID, TYPE_ID); - putInfoJob(TYPE_ID, EI_JOB_ID); + putInfoJob(TYPE_ID, JOB_ID); InfoProducer producer = this.infoProducers.getProducer(PRODUCER_ID); - InfoJob job = this.infoJobs.getJob(EI_JOB_ID); + InfoJob job = this.infoJobs.getJob(JOB_ID); // Pretend that the producer did reject the job and the a DISABLED notification // is sent for the job producer.setJobDisabled(job); job.setLastReportedStatus(false); - verifyJobStatus(EI_JOB_ID, "DISABLED"); + verifyJobStatus(JOB_ID, "DISABLED"); // Run the supervision and wait for the job to get started in the producer this.producerSupervision.createTask().blockLast(); @@ -1008,7 +1009,7 @@ class ApplicationTest { await().untilAsserted(() -> assertThat(consumerResults.eiJobStatusCallbacks).hasSize(1)); assertThat(consumerResults.eiJobStatusCallbacks.get(0).state) .isEqualTo(A1eEiJobStatus.EiJobStatusValues.ENABLED); - verifyJobStatus(EI_JOB_ID, "ENABLED"); + verifyJobStatus(JOB_ID, "ENABLED"); } @Test @@ -1228,7 +1229,7 @@ class ApplicationTest { } @Test - void testAuthorization() throws Exception { + void testFineGrainedAuthorizationCheck() throws Exception { this.applicationConfig.setAuthAgentUrl(baseUrl() + OpenPolicyAgentSimulatorController.SUBSCRIPTION_AUTH_URL); final String AUTH_TOKEN = "testToken"; Path authFile = Files.createTempFile("icsTestAuthToken", ".txt"); @@ -1246,16 +1247,65 @@ class ApplicationTest { assertThat(authRequest.getInput().getAccessType()).isEqualTo(AccessType.WRITE); assertThat(authRequest.getInput().getInfoTypeId()).isEqualTo(TYPE_ID); assertThat(authRequest.getInput().getAuthToken()).isEqualTo(AUTH_TOKEN); + } + + @Test + void testFineGrainedAuthorizationCheckRejections() throws Exception { + putInfoProducerWithOneType(PRODUCER_ID, TYPE_ID); + putInfoJob(TYPE_ID, JOB_ID); // Test rejection from OPA this.applicationConfig .setAuthAgentUrl(baseUrl() + OpenPolicyAgentSimulatorController.SUBSCRIPTION_REJECT_AUTH_URL); + var testResults = openPolicyAgentSimulatorController.getTestResults(); - String url = ConsumerConsts.API_ROOT + "/info-jobs/jobId"; + // R1 + String url = ConsumerConsts.API_ROOT + "/info-jobs/" + JOB_ID; testErrorCode(restClient().delete(url), HttpStatus.UNAUTHORIZED, "Not authorized"); assertThat(testResults.receivedRequests).hasSize(2); - authRequest = testResults.receivedRequests.get(1); + SubscriptionAuthRequest authRequest = testResults.receivedRequests.get(1); assertThat(authRequest.getInput().getAccessType()).isEqualTo(AccessType.WRITE); + + String body = gson.toJson(consumerJobInfo(TYPE_ID, JOB_ID, "owner")); + testErrorCode(restClient().put(url, body), HttpStatus.UNAUTHORIZED, "Not authorized"); + + testErrorCode(restClient().get(url), HttpStatus.UNAUTHORIZED, "Not authorized"); + + // A1-E + url = A1eConsts.API_ROOT + "/eijobs/" + JOB_ID; + testErrorCode(restClient().get(url), HttpStatus.UNAUTHORIZED, "Not authorized"); + + testErrorCode(restClient().delete(url), HttpStatus.UNAUTHORIZED, "Not authorized"); + + body = gson.toJson(eiJobInfo(TYPE_ID, JOB_ID, "owner")); + testErrorCode(restClient().put(url, body), HttpStatus.UNAUTHORIZED, "Not authorized"); + } + + @Test + void testFineGrainedAuthorizationCheckRejections_OPA_UNAVALIABLE() throws Exception { + putInfoProducerWithOneType(PRODUCER_ID, TYPE_ID); + putInfoJob(TYPE_ID, JOB_ID); + + // Test rejection from OPA + this.applicationConfig.setAuthAgentUrl("junk"); + + // R1 + String url = ConsumerConsts.API_ROOT + "/info-jobs/" + JOB_ID; + testErrorCode(restClient().delete(url), HttpStatus.UNAUTHORIZED, "Not authorized"); + + String body = gson.toJson(consumerJobInfo(TYPE_ID, JOB_ID, "owner")); + testErrorCode(restClient().put(url, body), HttpStatus.UNAUTHORIZED, "Not authorized"); + + testErrorCode(restClient().get(url), HttpStatus.UNAUTHORIZED, "Not authorized"); + + // A1-E + url = A1eConsts.API_ROOT + "/eijobs/" + JOB_ID; + testErrorCode(restClient().get(url), HttpStatus.UNAUTHORIZED, "Not authorized"); + + testErrorCode(restClient().delete(url), HttpStatus.UNAUTHORIZED, "Not authorized"); + + body = gson.toJson(eiJobInfo(TYPE_ID, JOB_ID, "owner")); + testErrorCode(restClient().put(url, body), HttpStatus.UNAUTHORIZED, "Not authorized"); } @Test @@ -1344,7 +1394,7 @@ class ApplicationTest { } private ConsumerJobInfo consumerJobInfo() throws JsonMappingException, JsonProcessingException { - return consumerJobInfo(TYPE_ID, EI_JOB_ID, "owner"); + return consumerJobInfo(TYPE_ID, JOB_ID, "owner"); } ConsumerJobInfo consumerJobInfo(String typeId, String infoJobId, String owner) @@ -1354,7 +1404,7 @@ class ApplicationTest { } private A1eEiJobInfo eiJobInfo() throws Exception { - return eiJobInfo(TYPE_ID, EI_JOB_ID); + return eiJobInfo(TYPE_ID, JOB_ID); } A1eEiJobInfo eiJobInfo(String typeId, String infoJobId) throws Exception { diff --git a/src/test/java/org/oransc/ics/controller/OpenPolicyAgentSimulatorController.java b/src/test/java/org/oransc/ics/controller/OpenPolicyAgentSimulatorController.java index 89b23c2..f711ca9 100644 --- a/src/test/java/org/oransc/ics/controller/OpenPolicyAgentSimulatorController.java +++ b/src/test/java/org/oransc/ics/controller/OpenPolicyAgentSimulatorController.java @@ -59,8 +59,8 @@ public class OpenPolicyAgentSimulatorController { private final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass()); - public static final String SUBSCRIPTION_AUTH_URL = "/example-subscription-auth"; - public static final String SUBSCRIPTION_REJECT_AUTH_URL = "/example-subscription-auth-reject"; + public static final String SUBSCRIPTION_AUTH_URL = "/example-authz-check"; + public static final String SUBSCRIPTION_REJECT_AUTH_URL = "/example-authz-check-reject"; public static class TestResults { @@ -93,7 +93,7 @@ public class OpenPolicyAgentSimulatorController { public ResponseEntity subscriptionAuth( // @RequestHeader Map headers, // @RequestBody SubscriptionAuthRequest request) { - logger.info("Auth {}", request); + logger.debug("Auth {}", request); testResults.receivedRequests.add(request); String res = gson.toJson(AuthorizationResult.builder().result(true).build()); @@ -112,7 +112,7 @@ public class OpenPolicyAgentSimulatorController { public ResponseEntity subscriptionAuthReject( // @RequestHeader Map headers, // @RequestBody SubscriptionAuthRequest request) { - logger.info("Auth Reject {}", request); + logger.debug("Auth Reject {}", request); testResults.receivedRequests.add(request); String res = gson.toJson(AuthorizationResult.builder().result(false).build()); return new ResponseEntity<>(res, HttpStatus.OK); -- 2.16.6