|api |The open api yaml for each supported version |
|src |Python source code for each supported version |
|test |Basic test |
-
+|certificate |A self-signed certificate and a key
The simulator handles the requests that are defined in the A1 open API yaml file. All these requests are implemented in the a1.py file in the source folder. In addition, a number of administrative functions are also supported and implemented by the main.py in the source folder.
The section below outlines the supported open api REST operations as well as the adminstrative REST operations. For the
documentation of the common parts in the admin API, see [Common Functions](https://docs.o-ran-sc.org/projects/o-ran-sc-sim-a1-interface/en/latest/simulator-api.html#common-functions).
+# Ports and certificates
+
+The simulator normally opens the port 8085 for http. If a certificate and a key are provided the simulator will open port 8185 for https instead. The port 8185 is only opened if a valid certificate and key is found.
+The certificate and key shall be placed in the same dir and the dir shall be mounted to /usr/src/app/cert in the container.
+
+| Port | Protocol |
+| -------- | ----- |
+| 8085 | http |
+| 8185 | https |
+
+The dir certificate contains a self-signed cert. Use the script generate_cert_and_key.sh to generate a new certificate and key. The password of the certificate must be set 'test'.
+The same urls are availables on both the http port 8085 and the https port 8185. If using curl and https, the flag -k shall be given to make curl ignore checking the certificate.
# Supported operations in simulator OSC 2.1.0
| POST, force a specific response code for an A1 operation | http://localhost:8085/forceresponse?code=<http-code> |
| POST, force delayed response of all A1 operations | http://localhost:8085/forcedelay?delay=<seconds> |
| PUT, set status and optional reason, delete and timestamp | http://localhost:8085/status?status=<status>&reason=<reason>[&deleted=<boolean>][&created\_at=<timestamp>] |
-| GET a counter <br> (counter-name: 'num\_instances', 'num\_types' or 'interface') | http://localhost:8085/counter/<counter-name> |
+| GET a counter <br> (counter-name: 'num\_instances', 'num\_types', 'interface' or 'remote\_hosts') | http://localhost:8085/counter/<counter-name> |
# Supported operations in simulator A1 Standard 1.1.3
| POST, force delayed response of all A1 operations | http://localhost:8085/forcedelay?delay=<seconds> |
| PUT, set status and optional reason | http://localhost:8085/status?status=<status>[&reason=<reason>] |
| POST, send status for policy | http://localhost:8085/sendstatus?policyid=<policyid> |
-| GET a counter <br> (counter-name: 'num\_instances', 'num\_types'(always 0) or 'interface') | http://localhost:8085/counter/<counter-name> |
+| GET a counter <br> (counter-name: 'num\_instances', 'num\_types'(always 0), 'interface' or 'remote\_hosts') | http://localhost:8085/counter/<counter-name> |
| DELETE all policy types | http://localhost:8085/deletetypes |
| PUT a status to a policy instance with an enforceStatus parameter only | http://localhost:8085/{policyId}/{enforceStatus} |
| PUT a status to a policy instance with both enforceStatus and enforceReason | http://localhost:8085/{policyId}/{enforceStatus}/{enforceReason} |
-| GET a counter <br> (counter-name: 'num\_instances', 'num\_types' or 'interface') | http://localhost:8085/counter/{counter-name} |
+| GET a counter <br> (counter-name: 'num\_instances', 'num\_types', 'interface' or 'remote\_hosts') | http://localhost:8085/counter/{counter-name} |
The backend server publishes live API documentation at the URL `http://localhost:8085/A1-P/v1/ui/`
# Configuring the simulator
-A env variable, A1\_VERSION need to be passed to the container at start to select the desired interface version. The variable shall be set to one of the version-ids shown in the table in the first section. For example A1\_VERSIION=STD\_1.1.3.
-In docker run the full command could look like this 'docker run -it -p 8085:8085 -e A1\_VERSION=STD\_1.1.3 a1test' where the variable is set with the '-e' flag.
+An env variable, A1\_VERSION need to be passed to the container at start to select the desired interface version. The variable shall be set to one of the version-ids shown in the table in the first section. For example A1\_VERSIION=STD\_1.1.3.
+An env variable, REMOTE_HOSTS_LOGGING, can be set (any value is ok) and the the counter remote\_hosts will log the host names of all remote hosts that has accessed the A1 URIs. If host names cannot be resolved, the ip address of the remote host is logged instead. This logging is default off so must be configured to be enabled. If not configured, the counter remote\_hosts will return a fixed text indicating that host name logging is not enabled. Use this feature with caution, remote host lookup may take time in certain environments.
+The simulator can also run using the https protocol. The enable https, a valid certificate and key need to provided. There is self-signed certificate available in the certificate dir and that dir shall be mounted to the container to make it available
+
+In docker run the full command could look like this:<br> 'docker run -it -p 8085:8085 -e A1\_VERSION=STD\_1.1.3 a1test' where the variable for A1 version is set with the '-e' flag.<br>
+With logging of remote host enabled:<br> 'docker run -it -p 8085:8085 -e A1\_VERSION=STD\_1.1.3 -e REMOTE_HOSTS_LOGGING=1 a1test'<br>
+Example of running https with secure port and certificate dir mounted<br> 'docker run -it -p 8085:8085 -e A1\_VERSION=STD\_1.1.3 -e REMOTE_HOSTS_LOGGING=1 --read-only --volume /PATH_TO_CERT_DIR/certificate:/usr/src/app/cert a1test'
# Updating the openapi specs
The openapi specifications are stored in the 'api/<version>/'. If adding/replacing with a new file, make sure to copy the 'operationId' parameter for each operation to the new file.
Go to the test folder of the selected version, 'test/<version>/.
-Build and start the simulator container using: ./build\_and\_start.sh
+Note that test can be performed both using the nonsecure http port and the secure https port.
+
+Build and start the simulator container using: ./build\_and\_start.sh nonsecure|secure
This will build and start the container in interactive mode. The built container only resides in the local docker repository.
-Note, the default port is 8085 which can be easily changed in the the script above as well as in the test script.
+Note, the default port is 8085 for http and 8185 for https. When running the simulator as a container, the defualt ports can be re-mapped to any port on the localhost.
-In a second terminal, go to the same folder and run the basic test script, basic\_test.sh or commands.sh depending on version.
+In a second terminal, go to the same folder and run the basic test script, basic\_test.sh nonsecure|secure or commands.sh nonsecure|secure depending on version.
This script runs a number of tests towards the simulator to make sure it works properply.
Only for version 1.1.x-alpha.2
-Let the simulator run in one terminal; in another terminal, one can run the command ./commands.sh. It contains the main requests, and will eventually leave the user with a policy type STD\_QoSNudging\_0.2.0 and a policy instance pi1 with an enforceStatus set to NOT\_ENFORCED and an enforce Reason set to 300.
+Let the simulator run in one terminal; in another terminal, one can run the command ./commands.sh nonsecure|secure. It contains the main requests, and will eventually leave the user with a policy type STD\_QoSNudging\_0.2.0 and a policy instance pi1 with an enforceStatus set to NOT\_ENFORCED and an enforce Reason set to 300.
All the response codes should be 20X, otherwise something went wrong.
## License
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIICljCCAX4CCQDVlvlNzxH9FzANBgkqhkiG9w0BAQsFADANMQswCQYDVQQGEwJT
+RTAeFw0yMDA0MjgxOTE2MTNaFw00NzA5MTMxOTE2MTNaMA0xCzAJBgNVBAYTAlNF
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpnXP5VmOvMPOTWaxWvm
+zfSBRvnioEFHoriGld+pW+vvvrma9UiWfxX3GaGFItxuwbwLwqwvR2LDo6wQQpbl
+SaNhg89DYD/NZvlRlLNcYOL218LjfFf4xaKVQGBHfT0Ts9JGTbTD/zcR2VS+3DUR
+lvLzbNpQ+Rdvwls7wsL1ZblR+1lry9HMGKCrtsYDSOMSyGqE40u1bOYAw1+VMrfp
+cK14u9toNPIbvk+HDP5yYnjC4FEp0ai07s3T6YDWHvp0WNIFJHCVFYzYQgS79/2b
+8zg4H7ZMQ5XjxcenU6f8Q97nN0VMk46LIutGe/7rYO0uYKrHcJz1qUu1ui96zOVC
+DQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBGvmFRHuUESpwijkekR0WFBuW6UNE5
+J7cZ9CXm7Mz06jeTAZWoCWVAZjYnpQ/MjvyzFglD9wL+A6LblIU+yNctYwtfspAq
+xDYmBKlhsKzlgZ3fyBUlfrM5BFxZR2uu1/4bUU4geEQrI2rYzif3Flj0a55EIeSa
+37fa7Acc+nNfy47mAa8Dsog6LHMs+FXGmuMS31c9lc70c9v4jCArctdDn/zKg9A7
+HCwd0+icgyDD+9U9eBhcFreBWyA1tPREWyx0qbhlw43OsVMpB6VM4exLGs/v1e0x
+/Nmmsis1o54eu2cLGjr5EYlDmdFD3Dn458r0zFkxg4CE23lRUtFz8d6F
+-----END CERTIFICATE-----
--- /dev/null
+#!/bin/bash
+
+# ============LICENSE_START===============================================
+# Copyright (C) 2020 Nordix Foundation. All rights reserved.
+# ========================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=================================================
+#
+
+# This will generate a self-signed certificate with password 'test'
+openssl req -x509 -passout pass:"test" -newkey rsa:2048 -keyout key.crt -out cert.crt -days 9999
--- /dev/null
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFHzBJBgkqhkiG9w0BBQ0wPDAbBgkqhkiG9w0BBQwwDgQIoefVgflG3OYCAggA
+MB0GCWCGSAFlAwQBKgQQEaJvnbiOIkAwGcyqi6eYCQSCBNDnK9PT/NdGvZAriJAg
+VYbqJiCxrqfrfRDAKU4Z4GWFnodzLt2+Xe6iEeOmCkCfs/oVaWx+yIMFzZKY2sq/
+jMmiihJggV+R+hIEXBsVnvqL/nqbchQ7ckhJK8ofXMcpdUdCd8CHylRPNmNNfMsu
+o3BbDjKEdCtWMmBWuMWI3DtF0U5Tu5d+nH2ZHpl7YtA7U+N5w3nWBlxoPVXmqsEH
+YE8cL0C/b+nFNs81FXKlbIPGNSv51c5YPjS0WQneci2Vj9JMPHWT6VMCaxVlv3js
+droG6AxzHH+UpB1Lx4BfVunHR79nmhzmH9mo74rWCiYZ+Kh7DnC26WHrJW/tqJX8
+AvDPIEyVsQ8JQH7omBviVs6NCwoDCwS7jX0NUTy2aWgd4feI+BLwt9SDpEIzyQHt
+YXZnwREd2ymDhS0ewvC4fjV82PJHc/yGBlNnXTh4er8hpUPjxTIuNZGaaWP7fcYP
+qqPuyfTZvTkKtzHKYsrOk6Fq7M5kMGjFBrGWK3dCNptCXM/R8gaxRqcOvEOb9G5g
+ISlC+TZy5T/EUZXJUJEK3gGMrQY4LYCxGm71Wnwe89zmC6bK/z/2XvNts867YKU+
+pODWHcxntJhwlzBRLL56dn2T0OhJEiynUMtpm45O3bHBtRkMjlQ5BhNic0Tog6fb
+757gJnbnSNFB5mCSkB09iPt8LEEamQGYUGbXE+0mPTdqwaAaKbz4Gh1yV3T9alh+
+AxJu/YaB52mmf2KdFVUuPBVzSMawYvp6hXHIgzJ6tb/GmYFI7P21RBQfVR/fKuJx
+pQMgRclNdYCAC0VCqHxSZdO0Lu7Sd/SWybCCNbfw+0tEO1fDlZwWbVQiF79AL62J
+VvaWX3pX8IF227astnyMxkCH6MB4fvu7CSZKTYgdkXekP81Ck5ZxStRcSj4jOvYj
+xuMqIvGzy16JRG1aGE1jpzunYBdDKiKKOIphH+jBK3NPk3b7wkTLxi7IkdS4MUf1
+e5E50W/Xx3wUlfyBvuc1TQy/1Moh+HvXIIG3JHU9MjfPkYwHvDITWIdXJb1vSEAE
+opi+zNt7C5A+mC1/CC2MCjHk+g+cqpLcSFmv9MXnhg8bHmuhSjaXWChD8sj/S7H4
+Kazc87gikvQguxFv+bFiVQ6+GdPcGvsrnh+UFn/kfHUM8wt2AWnrKc8OLWXbs8Ge
+0bCqXo1uy2sZEv558BGRKI35c/F4sovf0FLe8+M+UHPqOeYVaxSt9accXTHK2ajN
+IEEKuL5v0BDNTQqo0uDw0HJyKW+L55UpJQ9nNSdVjtQUnPJtbWlVg0V2Q7mnVOSF
+GRMqBtu+U9sejR03odkURjDFULntSw80M+U0LC+ceOrESLkO0AK2Yub1+IhR3OBh
+jICv3eTZbqZ27ltZrsyDTAYoRVnTvPQwSZoUJ6cQS6XgLa3QitDcj+Zqch9z7sV2
+ydkEHEbLXPIt/sQyASluKm5j1tHJVtzwezb5GO54WYwdpy3MmZ3VhXsagJc9oLHX
+MtsDGZR0hXMgzPp49leBhcieWW6fWXAZKt2oa64eI/12i2wSTjNsxPfsu45tJYXO
+GAPL0OYBKeVLi1Pfa3kCLqlMDAyC4GzTScWXad5/FEeo189JU1aGcJn7Gn7Ao805
+wuOOs1TQk+KHvAFDEGkkJEM0lg==
+-----END ENCRYPTED PRIVATE KEY-----
from flask import Flask, escape, request, make_response
from jsonschema import validate
from random import random, choice
-from var_declaration import policy_instances, policy_types, policy_status, policy_type_per_instance
+from var_declaration import policy_instances, policy_types, policy_status, policy_type_per_instance, hosts_set
+from maincommon import *
def get_all_policy_identities():
+ extract_host_name(hosts_set, request)
if len(request.args) == 0:
return(list(policy_instances.keys()), 200)
elif 'policyTypeId' in request.args:
return(send_error_code(request.args))
def put_policy(policyId):
+ extract_host_name(hosts_set, request)
data = request.data.decode("utf-8")
data = data.replace("'", "\"")
data = json.loads(data)
return ps
def get_policy(policyId):
+ extract_host_name(hosts_set, request)
if len(request.args) == 0:
if policyId in policy_instances.keys():
res = policy_instances[policyId]
return(send_error_code(request.args))
def delete_policy(policyId):
+ extract_host_name(hosts_set, request)
if len(request.args) == 0:
if policyId in policy_instances.keys():
policy_instances.pop(policyId)
return(send_error_code(request.args))
def get_policy_status(policyId):
+ extract_host_name(hosts_set, request)
if len(request.args) == 0:
if policyId in policy_instances.keys():
return(policy_status[policyId], 200)
return(send_error_code(request.args))
def get_all_policytypes_identities():
+ extract_host_name(hosts_set, request)
if len(request.args) == 0:
return(list(policy_types.keys()), 200)
else:
return(send_error_code(request.args))
def get_policytypes(policyTypeId):
+ extract_host_name(hosts_set, request)
if len(request.args) == 0:
if policyTypeId in policy_types.keys():
return(policy_types[policyTypeId], 200)
import sys
import os
-import maincommon
from pathlib import Path
from flask import Flask, escape, request, make_response
from jsonschema import validate
-from var_declaration import policy_instances, policy_types, policy_status, policy_type_per_instance
+from var_declaration import policy_instances, policy_types, policy_status, policy_type_per_instance, hosts_set
from maincommon import *
-
check_apipath()
app = connexion.App(__name__, specification_dir=apipath)
p=Path(os.getcwd())
pp=p.parts
return str(pp[len(pp)-1]),200
+ elif (countername == "remote_hosts"):
+ hosts=",".join(hosts_set)
+ return str(hosts),200
else:
return "Counter name: "+countername+" not found.",404
if isinstance(sys.argv[1], int):
port_number = sys.argv[1]
-app.add_api('a1-openapi.yaml')
-app.run(port=port_number)
+port_number_secure=8185
+app.add_api('a1-openapi.yaml')
+context=get_security_context()
+if (context == None):
+ print("Start on non-secure port: "+str(port_number))
+ app.run(port=port_number, host="::")
+else:
+ print("Start on secure port: "+str(port_number_secure))
+ app.run(port=port_number_secure, host="::", ssl_context=context)
\ No newline at end of file
policy_types = {}
policy_status = {}
policy_type_per_instance = {}
+hosts_set=set()
from connexion import NoContent
from flask import Flask, request, Response
from jsonschema import validate
-from var_declaration import policy_instances, policy_types, policy_status, policy_fingerprint, forced_settings
+from var_declaration import policy_instances, policy_types, policy_status, policy_fingerprint, forced_settings, hosts_set
from utils import calcFingerprint
-from maincommon import *
+from maincommon import extract_host_name
# API Function: Health check
def get_healthcheck():
+ extract_host_name(hosts_set, request)
+
if ((r := check_modified_response()) is not None):
return r
# API Function: Get all policy type ids
def get_all_policy_types():
+ extract_host_name(hosts_set, request)
+
if ((r := check_modified_response()) is not None):
return r
# API Function: Get a policy type
def get_policy_type(policy_type_id):
+ extract_host_name(hosts_set, request)
+
if ((r := check_modified_response()) is not None):
return r
# API Function: Delete a policy type
def delete_policy_type(policy_type_id):
+ extract_host_name(hosts_set, request)
+
if ((r := check_modified_response()) is not None):
return r
# API Function: Create a policy type
def create_policy_type(policy_type_id):
+ extract_host_name(hosts_set, request)
+
if ((r := check_modified_response()) is not None):
return r
# API Function: Get all policy ids for a type
def get_all_policy_identities(policy_type_id):
+ extract_host_name(hosts_set, request)
+
if ((r := check_modified_response()) is not None):
return r
# API Function: Get a policy instance
def get_policy_instance(policy_type_id, policy_instance_id):
+ extract_host_name(hosts_set, request)
+
if ((r := check_modified_response()) is not None):
return r
# API function: Delete a policy
def delete_policy_instance(policy_type_id, policy_instance_id):
+ extract_host_name(hosts_set, request)
+
if ((r := check_modified_response()) is not None):
return r
# API function: Create/update a policy
def create_or_replace_policy_instance(policy_type_id, policy_instance_id):
+ extract_host_name(hosts_set, request)
+
if ((r := check_modified_response()) is not None):
return r
# API function: Get policy status
def get_policy_instance_status(policy_type_id, policy_instance_id):
+ extract_host_name(hosts_set, request)
+
if ((r := check_modified_response()) is not None):
return r
from pathlib import Path
from flask import Flask, escape, request, Response
from jsonschema import validate
-from var_declaration import policy_instances, policy_types, policy_status, policy_fingerprint, forced_settings
+from var_declaration import policy_instances, policy_types, policy_status, policy_fingerprint, forced_settings, hosts_set
from maincommon import *
check_apipath()
-app = connexion.App(__name__, specification_dir=apipath)
+app = connexion.FlaskApp(__name__, specification_dir=apipath)
#Check alive function
@app.route('/', methods=['GET'])
p=Path(os.getcwd())
pp=p.parts
return Response(str(pp[len(pp)-1]),200, mimetype='text/plain')
+ elif (countername == "remote_hosts"):
+ hosts=",".join(hosts_set)
+ return str(hosts),200
else:
return Response("Counter name: "+countername+" not found.",404, mimetype='text/plain')
if isinstance(sys.argv[1], int):
port_number = sys.argv[1]
-app.add_api('openapi.yaml')
-app.run(port=port_number)
+port_number_secure=8185
+app.add_api('openapi.yaml')
+context=get_security_context()
+if (context == None):
+ print("Start on non-secure port: "+str(port_number))
+ app.run(port=port_number, host="::")
+else:
+ print("Start on secure port: "+str(port_number_secure))
+ app.run(port=port_number_secure, host="::", ssl_context=context)
\ No newline at end of file
forced_settings['code']=None
forced_settings['delay']=None
policy_fingerprint={}
+hosts_set=set()
from connexion import NoContent
from flask import Flask, escape, request, Response, make_response
-from var_declaration import policy_instances, policy_status, callbacks, forced_settings, policy_fingerprint
+from var_declaration import policy_instances, policy_status, callbacks, forced_settings, policy_fingerprint, hosts_set
from utils import calcFingerprint
+from maincommon import *
# API Function: Get all policy ids
def get_all_policy_identities():
+
if ((r := check_modified_response()) is not None):
return r
# API Function: Create or update a policy
def put_policy(policyId):
+ extract_host_name(hosts_set, request)
+
if ((r := check_modified_response()) is not None):
return r
# API Function: Get a policy
def get_policy(policyId):
+ extract_host_name(hosts_set, request)
+
if ((r := check_modified_response()) is not None):
return r
# API Function: Delete a policy
def delete_policy(policyId):
+ extract_host_name(hosts_set, request)
+
if ((r := check_modified_response()) is not None):
return r
# API Function: Get status for a policy
def get_policy_status(policyId):
+ extract_host_name(hosts_set, request)
+
if ((r := check_modified_response()) is not None):
return r
import os
import requests
+
from pathlib import Path
from flask import Flask, escape, request, Response
from jsonschema import validate
-from var_declaration import policy_instances, policy_status, callbacks, forced_settings, policy_fingerprint
+from var_declaration import policy_instances, policy_status, callbacks, forced_settings, policy_fingerprint, hosts_set
from maincommon import *
ps=policy_status[policyid]
cb=callbacks[policyid]
try:
- resp=requests.post(cb,json=json.dumps(ps))
+ resp=requests.post(cb,json=json.dumps(ps), verify=False)
except:
return Response('Post status failed, could not send to: '+str(cb), status=500, mimetype='text/plain')
if (resp.status_code<199 & resp.status_code > 299):
p=Path(os.getcwd())
pp=p.parts
return Response(str(pp[len(pp)-1]),200, mimetype='text/plain')
+ elif (countername == "remote_hosts"):
+ hosts=",".join(hosts_set)
+ return str(hosts),200
else:
return Response("Counter name: "+countername+" not found.",404, mimetype='text/plain')
if isinstance(sys.argv[1], int):
port_number = sys.argv[1]
+port_number_secure=8185
+
app.add_api('STD_A1.yaml')
-app.run(port=port_number)
+context=get_security_context()
+if (context == None):
+ print("Start on non-secure port: "+str(port_number))
+ app.run(port=port_number, host="::")
+else:
+ print("Start on secure port: "+str(port_number_secure))
+ app.run(port=port_number_secure, host="::", ssl_context=context)
forced_settings['code']=None
forced_settings['delay']=None
policy_fingerprint={}
+hosts_set=set()
import sys
from pathlib import Path
from flask import Response
+import socket
+import ssl
+#Must exist
apipath=os.environ['APIPATH']
+#May exist
+remote_hosts_logging=os.getenv('REMOTE_HOSTS_LOGGING')
# Make sure the api path for the interface yaml file is set, otherwise exit
def check_apipath():
del arr[arr.index('start.sh')] # Remove the start script
return Response("Current interface: " + str(pp[len(pp)-1]) + " All supported A1 interface yamls in this container: "+str(arr), 200, mimetype='text/plain')
+# Remote host lookup and store host name in a set
+def extract_host_name(hosts_set, request):
+ if (remote_hosts_logging is not None):
+ host_ip=str(request.environ['REMOTE_ADDR'])
+ prefix='::ffff:'
+ if (host_ip.startswith('::ffff:')):
+ host_ip=host_ip[len(prefix):]
+ try:
+ name, alias, addresslist = socket.gethostbyaddr(host_ip)
+ hosts_set.add(name)
+ except Exception as e:
+ hosts_set.add(host_ip)
+ else:
+ hosts_set.add("logging_of_remote_host_names_not_enabled")
+
+# Check if cert is available and return a sec context, if not return 'None'
+def get_security_context():
+
+ try:
+ path="/usr/src/app/cert"
+ if (os.path.isdir(path)):
+ certpath=path+"/cert.crt"
+ keypath=path+"/key.crt"
+ if (os.path.isfile(certpath) and os.path.isfile(keypath)):
+ context = ssl.SSLContext(ssl.PROTOCOL_TLS)
+ context.load_cert_chain(certpath, keypath, password="test")
+ return context
+ else:
+ print("Cert and/or key does not exists in dir "+str(path))
+
+ else:
+ print("Path "+str(path)+" to certificate and key does not exists")
+ except Exception as e:
+ print("Problem when loading cert and key: "+str(e))
+ return None
# ============LICENSE_END=================================================
#
-#Script to build and start the container
+# Script to build and start the container
+# Args: nonsecure|secure
+if [ $# -ne 1 ]; then
+ echo "Usage: ./build_and_start.sh nonsecure|secure"
+ exit 1
+fi
+if [ "$1" != "nonsecure" ] && [ "$1" != "secure" ]; then
+ echo "Usage: ./build_and_start.sh nonsecure|secure"
+ exit 1
+fi
+echo "Building image"
cd ../../
#Build the image
docker build -t a1test .
-#Run the container in interactive mode
-docker run -it -p 8085:8085 -e A1_VERSION=1.1.x-alpha.2 a1test
+echo "Starting $1 mode"
+if [ $1 == "nonsecure" ]; then
+ #Run the container in interactive mode, unsecure port
+ docker run -it -p 8085:8085 -e A1_VERSION=1.1.x-alpha.2 -e REMOTE_HOSTS_LOGGING=1 a1test
+else
+ #Run the container in interactive mode, secure port.
+ docker run -it -p 8185:8185 -e A1_VERSION=1.1.x-alpha.2 -e REMOTE_HOSTS_LOGGING=1 --read-only --volume "$PWD/certificate:/usr/src/app/cert" a1test
+fi
+
# Different commands for the simulator.
# By running this, nothing should return an error.
+# Run the build_and_start with the same arg as this script
+if [ $# -ne 1 ]; then
+ echo "Usage: ./commands.sh nonsecure|secure"
+ exit 1
+fi
+if [ "$1" != "nonsecure" ] && [ "$1" != "secure" ]; then
+ echo "Usage: ./commands.sh nonsecure|secure"
+ exit 1
+fi
+
+if [ $1 == "nonsecure" ]; then
+ #Default http port for the simulator
+ PORT=8085
+ # Set http protocol
+ HTTPX="http"
+else
+ #Default https port for the simulator
+ PORT=8185
+ # Set https protocol
+ HTTPX="https"
+fi
+
# Make a test
-curl -v "http://localhost:8085/"
+curl -vk "$HTTPX://localhost:$PORT/"
# PUT a policy type STD_QoSNudging_0.2.0
-curl -X PUT -v "http://localhost:8085/policytypes/STD_QoSNudging_0.2.0" -H "accept: application/json" -H "Content-Type: application/json" --data-binary @example_files/policy_type_STD_QoSNudging_0.2.0.json
+curl -X PUT -vk "$HTTPX://localhost:$PORT/policytypes/STD_QoSNudging_0.2.0" -H "accept: application/json" -H "Content-Type: application/json" --data-binary @example_files/policy_type_STD_QoSNudging_0.2.0.json
# GET policy types
-curl -v "http://localhost:8085/A1-P/v1/policytypes"
+curl -vk "$HTTPX://localhost:$PORT/A1-P/v1/policytypes"
# GET policy type STD_QoSNudging_0.2.0
-curl -v "http://localhost:8085/A1-P/v1/policytypes/STD_QoSNudging_0.2.0"
+curl -vk "$HTTPX://localhost:$PORT/A1-P/v1/policytypes/STD_QoSNudging_0.2.0"
# PUT a policy instance pi1
-curl -X PUT -v "http://localhost:8085/A1-P/v1/policies/pi1?policyTypeId=STD_QoSNudging_0.2.0" -H "accept: application/json" -H "Content-Type: application/json" --data-binary @example_files/policy_instance_1_STD_QoSNudging_0.2.0.json
+curl -X PUT -vk "$HTTPX://localhost:$PORT/A1-P/v1/policies/pi1?policyTypeId=STD_QoSNudging_0.2.0" -H "accept: application/json" -H "Content-Type: application/json" --data-binary @example_files/policy_instance_1_STD_QoSNudging_0.2.0.json
# PUT a policy instance pi2
-curl -X PUT -v "http://localhost:8085/A1-P/v1/policies/pi2?policyTypeId=STD_QoSNudging_0.2.0" -H "accept: application/json" -H "Content-Type: application/json" --data-binary @example_files/policy_instance_2_STD_QoSNudging_0.2.0.json
+curl -X PUT -vk "$HTTPX://localhost:$PORT/A1-P/v1/policies/pi2?policyTypeId=STD_QoSNudging_0.2.0" -H "accept: application/json" -H "Content-Type: application/json" --data-binary @example_files/policy_instance_2_STD_QoSNudging_0.2.0.json
# SET status for pi1 and pi2
-curl -X PUT "http://localhost:8085/pi1/NOT_ENFORCED/300"
-curl -X PUT "http://localhost:8085/pi2/ENFORCED"
+curl -X PUT -vk "$HTTPX://localhost:$PORT/pi1/NOT_ENFORCED/300"
+curl -X PUT -vk "$HTTPX://localhost:$PORT/pi2/ENFORCED"
# GET policies
-curl -v "http://localhost:8085/A1-P/v1/policies"
+curl -vk "$HTTPX://localhost:$PORT/A1-P/v1/policies"
# DELETE policy instance pi2
-curl -X DELETE -v "http://localhost:8085/A1-P/v1/policies/pi2"
+curl -X DELETE -vk "$HTTPX://localhost:$PORT/A1-P/v1/policies/pi2"
# PUT a different policy instance pi1 (i.e. update it)
-curl -X PUT -v "http://localhost:8085/A1-P/v1/policies/pi1?policyTypeId=STD_QoSNudging_0.2.0" -H "accept: application/json" -H "Content-Type: application/json" --data-binary @example_files/policy_instance_1_bis_STD_QoSNudging_0.2.0.json
+curl -X PUT -vk "$HTTPX://localhost:$PORT/A1-P/v1/policies/pi1?policyTypeId=STD_QoSNudging_0.2.0" -H "accept: application/json" -H "Content-Type: application/json" --data-binary @example_files/policy_instance_1_bis_STD_QoSNudging_0.2.0.json
# GET policy instance pi1
-curl -v "http://localhost:8085/A1-P/v1/policies/pi1"
+curl -vk "$HTTPX://localhost:$PORT/A1-P/v1/policies/pi1"
# GET policy status for pi1
-curl -v "http://localhost:8085/A1-P/v1/policystatus/pi1"
+curl -vk "$HTTPX://localhost:$PORT/A1-P/v1/policystatus/pi1"
# ============LICENSE_END=================================================
#
-#Default port for the simulator
-PORT=8085
+# Script for basic test of the simulator.
+# Run the build_and_start with the same arg as this script
+if [ $# -ne 1 ]; then
+ echo "Usage: ./basic_test.sh nonsecure|secure"
+ exit 1
+fi
+if [ "$1" != "nonsecure" ] && [ "$1" != "secure" ]; then
+ echo "Usage: ./basic_test.sh nonsecure|secure"
+ exit 1
+fi
+
+if [ $1 == "nonsecure" ]; then
+ #Default http port for the simulator
+ PORT=8085
+ # Set http protocol
+ HTTPX="http"
+else
+ #Default https port for the simulator
+ PORT=8185
+ # Set https protocol
+ HTTPX="https"
+fi
. ../common/test_common.sh
RESULT="OSC_2.1.0"
do_curl GET '/counter/interface' 200
+echo "=== Get counter: remote hosts ==="
+RESULT="*"
+do_curl GET '/counter/remote_hosts' 200
+
echo "=== DELETE policy pi1 ==="
RESULT=""
do_curl DELETE /a1-p/policytypes/1/policies/pi1 202
# ============LICENSE_END=================================================
#
-#Script to build and start the container
+# Script to build and start the container
+# Args: nonsecure|secure
+if [ $# -ne 1 ]; then
+ echo "Usage: ./build_and_start.sh nonsecure|secure"
+ exit 1
+fi
+if [ "$1" != "nonsecure" ] && [ "$1" != "secure" ]; then
+ echo "Usage: ./build_and_start.sh nonsecure|secure"
+ exit 1
+fi
+echo "Building image"
cd ../../
#Build the image
docker build -t a1test .
-#Run the container in interactive mode
-docker run -it -p 8085:8085 -e A1_VERSION=OSC_2.1.0 a1test
+echo "Starting $1 mode"
+if [ $1 == "nonsecure" ]; then
+ #Run the container in interactive mode, unsecure port
+ docker run -it -p 8085:8085 -e A1_VERSION=OSC_2.1.0 -e REMOTE_HOSTS_LOGGING=1 a1test
+else
+ #Run the container in interactive mode, secure port.
+ docker run -it -p 8185:8185 -e A1_VERSION=OSC_2.1.0 -e REMOTE_HOSTS_LOGGING=1 --read-only --volume "$PWD/certificate:/usr/src/app/cert" a1test
+fi
# ============LICENSE_END=================================================
#
-#Default port for the simulator
-PORT=8085
+# Script for basic test of the simulator.
+# Run the build_and_start with the same arg as this script
+if [ $# -ne 1 ]; then
+ echo "Usage: ./basic_test.sh nonsecure|secure"
+ exit 1
+fi
+if [ "$1" != "nonsecure" ] && [ "$1" != "secure" ]; then
+ echo "Usage: ./basic_test.sh nonsecure|secure"
+ exit 1
+fi
+
+if [ $1 == "nonsecure" ]; then
+ #Default http port for the simulator
+ PORT=8085
+ # Set http protocol
+ HTTPX="http"
+else
+ #Default https port for the simulator
+ PORT=8185
+ # Set https protocol
+ HTTPX="https"
+fi
. ../common/test_common.sh
echo "=== API: Update policy instance pi2 ==="
RESULT="json:{\"scope\": {\"ueId\": \"ue2\", \"groupId\": \"group2\", \"sliceId\": \"slice2\", \"qosId\": \"qos2\", \"cellId\": \"cell2\"}, \"statement\": {\"priorityLevel\": 10}}"
-do_curl PUT '/A1-P/v1/policies/pi2?notificationDestination=http://localhost:8085/statustest' 200 jsonfiles/pi2.json
+do_curl PUT '/A1-P/v1/policies/pi2?notificationDestination='$HTTPX'://localhost:'$PORT'/statustest' 200 jsonfiles/pi2.json
echo "=== API: Get policy instances, shall contain pi1 and pi2=="
RESULT="json:[ \"pi1\", \"pi2\" ]"
RESULT="STD_1.1.3"
do_curl GET /counter/interface 200
+echo "=== Get counter: remote hosts ==="
+RESULT="*"
+do_curl GET '/counter/remote_hosts' 200
+
echo "********************"
echo "*** All tests ok ***"
echo "********************"
# ============LICENSE_END=================================================
#
-#Script to build and start the container
+# Script to build and start the container
+# Args: nonsecure|secure
+if [ $# -ne 1 ]; then
+ echo "Usage: ./build_and_start.sh nonsecure|secure"
+ exit 1
+fi
+if [ "$1" != "nonsecure" ] && [ "$1" != "secure" ]; then
+ echo "Usage: ./build_and_start.sh nonsecure|secure"
+ exit 1
+fi
+echo "Building image"
cd ../../
#Build the image
docker build -t a1test .
-#Run the container in interactive mode
-docker run -it -p 8085:8085 -e A1_VERSION=STD_1.1.3 a1test
\ No newline at end of file
+echo "Starting $1 mode"
+if [ $1 == "nonsecure" ]; then
+ #Run the container in interactive mode, unsecure port
+ docker run -it -p 8085:8085 -e A1_VERSION=STD_1.1.3 -e REMOTE_HOSTS_LOGGING=1 a1test
+else
+ #Run the container in interactive mode, secure port.
+ docker run -it -p 8185:8185 -e A1_VERSION=STD_1.1.3 -e REMOTE_HOSTS_LOGGING=1 --read-only --volume "$PWD/certificate:/usr/src/app/cert" a1test
+fi
\ No newline at end of file
# ============LICENSE_END=================================================
#
-# Deep compare of two json obects
-# If a parameter value in the target json is set to '????' then the result json value is not checked for that parameter
-# Any included json array will be sorted before comparison
+# This script compare two jsons for eqaulity, taken into account that the parameter values
+# marked with '????' are not checked (only the parameter name need to exist)
+# Example of target json with '????'
+# [
+# {
+# "callbackUrl": "????",
+# "keepAliveIntervalSeconds": "????",
+# "serviceName": "serv2",
+# "timeSinceLastActivitySeconds": "????"
+# },
+# {
+# "callbackUrl": "????",
+# "keepAliveIntervalSeconds": "????",
+# "serviceName": "serv1",
+# "timeSinceLastActivitySeconds": "????"
+# }
+#]
-import sys
+
+import os
import json
+import sys
+
+# # Helper function to compare two json list.
+# # Returns true for equal, false for not equal
+def compare_json_list(list1, list2):
+ if (list1.__len__() != list2.__len__()):
+ return False
-def compare_json(jsonTarget,jsonResult):
+ for l in list1:
+ found = False
+ for m in list2:
+ res = compare_json(l, m)
+ if (res):
+ found = True
+ break
+ if (not found):
+ return False
- if isinstance(jsonTarget, dict):
- if (len(jsonTarget) != len(jsonResult)):
- return 1
- for key in jsonTarget.keys():
- if (jsonResult.get(key) is None):
- return 1
- res=compare_json(jsonTarget.get(key), jsonResult.get(key))
- if (res != 0):
- return 1
- elif isinstance(jsonTarget, list):
- if (len(jsonTarget) != len(jsonResult)):
- return 1
- jsonTarget.sort()
- jsonResult.sort()
- for i in range(len(jsonTarget)):
- res=compare_json(jsonTarget[i], jsonResult[i])
- if (res != 0):
- return 1
+ return True
+
+# Deep compare of two json obects
+# If a parameter value in the target json is set to '????' then the result json value is not checked for the that parameter
+# Return true for equal json, false for not equal json
+def compare_json(obj1, obj2):
+ if isinstance(obj1, list):
+ if (not isinstance(obj2, list)):
+ return False
+ return compare_json_list(obj1, obj2)
+ elif (isinstance(obj1, dict)):
+ if (not isinstance(obj2, dict)):
+ return False
+ exp = set(obj2.keys()) == set(obj1.keys())
+ if (not exp):
+ return False
+ for k in obj1.keys():
+ val1 = obj1.get(k)
+ val2 = obj2.get(k)
+ if isinstance(val1, list):
+ if (not compare_json_list(val1, val2)):
+ return False
+ elif isinstance(val1, dict):
+ if (not compare_json(val1, val2)):
+ return False
+ else:
+ #Do not check parameter values marked with '????'
+ if ((val1 != "????") and (val2 != val1)) and ((val2 != "????") and (val2 != val1)):
+ return False
else:
- if (jsonTarget != "????") and (jsonTarget != jsonResult):
- return 1
- return 0
+ return obj1 == obj2
+
+ return True
try:
+ #Read the input file and compare the two json (target->result)
jsonTarget = json.loads(sys.argv[1])
jsonResult = json.loads(sys.argv[2])
+ res1=compare_json(jsonTarget, jsonResult)
- print(compare_json(jsonTarget,jsonResult))
+ #Read the json again (in case the previous calls has re-arranged the jsons)
+ jsonTarget = json.loads(sys.argv[1])
+ jsonResult = json.loads(sys.argv[2])
+ #Compare the opposite order (result->target) to catch special duplicate json key cases
+ res2=compare_json(jsonResult, jsonTarget)
+
+ if (res1 and res2):
+ print (0)
+ else:
+ print (1)
except Exception as e:
print (1)
-sys.exit()
-
-
-
-
-
+sys.exit()
\ No newline at end of file
# Function to execute curl and compare + print result
+# Note: Env var PORT must be set to the intended port number
+# Notre Env var HTTPX must be set to either 'http' or 'https'
+
#args: <http-operation> <url> <response-code> [file]
#Expects the env $RESULT to contain the expected RESULT.
#If json, the RESULT shall begin with 'json:'.
echo "Exiting test script....."
exit 1
fi
- curlstr="curl -X "$1" -sw %{http_code} localhost:"${PORT}${2}" -H accept:*/*"
+ curlstr="curl -X "$1" -skw %{http_code} $HTTPX://localhost:"${PORT}${2}" -H accept:*/*"
if [ $# -gt 3 ]; then
curlstr=$curlstr" -H Content-Type:application/json --data-binary @"$4
fi