diff options
author | Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com> | 2020-02-26 09:08:35 +0100 |
---|---|---|
committer | Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com> | 2020-02-26 14:11:34 +0100 |
commit | 1726ff54ecc3a9ca553723eee1d9ddc3f994398c (patch) | |
tree | 47694df3730ef58e28eb8632cba7a15cb599af8e /certService | |
parent | 73331084b24873b628b712e1473fcd3d5428e7a5 (diff) |
Create logic responsible for selecting server based on CAName
Issue-ID: AAF-995
Signed-off-by: Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com>
Change-Id: I2d3b931862ecca7c1edc52fb61aa8c4dcd29e3ec
Diffstat (limited to 'certService')
10 files changed, 280 insertions, 12 deletions
diff --git a/certService/src/main/java/org/onap/aaf/certservice/api/CertificationService.java b/certService/src/main/java/org/onap/aaf/certservice/api/CertificationService.java index d2de1aa0..945fc6d1 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/api/CertificationService.java +++ b/certService/src/main/java/org/onap/aaf/certservice/api/CertificationService.java @@ -76,7 +76,7 @@ public class CertificationService { ); LOGGER.debug("Received CSR meta data: \n{}", csrModel); CertificationModel certificationModel = certificationModelFactory - .createCertificationModel(csrModel,caName); + .createCertificationModel(csrModel, caName); return new ResponseEntity<>(new Gson().toJson(certificationModel), HttpStatus.OK); } diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/CertificationExceptionController.java b/certService/src/main/java/org/onap/aaf/certservice/certification/CertificationExceptionController.java index 4c9d3042..130a5167 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/CertificationExceptionController.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/CertificationExceptionController.java @@ -21,6 +21,7 @@ package org.onap.aaf.certservice.certification; import com.google.gson.Gson; +import org.onap.aaf.certservice.certification.exception.Cmpv2ServerNotFoundException; import org.onap.aaf.certservice.certification.exception.CsrDecryptionException; import org.onap.aaf.certservice.certification.exception.ErrorResponseModel; import org.onap.aaf.certservice.certification.exception.KeyDecryptionException; @@ -39,20 +40,27 @@ public class CertificationExceptionController { @ExceptionHandler(value = CsrDecryptionException.class) public ResponseEntity<String> handle(CsrDecryptionException exception) { LOGGER.error("Exception occurred during decoding certificate sign request:", exception); - return getErrorResponseEntity("Wrong certificate signing request (CSR) format"); + return getErrorResponseEntity("Wrong certificate signing request (CSR) format", HttpStatus.BAD_REQUEST); } @ExceptionHandler(value = KeyDecryptionException.class) public ResponseEntity<String> handle(KeyDecryptionException exception) { LOGGER.error("Exception occurred during decoding key:", exception); - return getErrorResponseEntity("Wrong key (PK) format"); + return getErrorResponseEntity("Wrong key (PK) format", HttpStatus.BAD_REQUEST); } - private ResponseEntity<String> getErrorResponseEntity(String errorMessage) { + @ExceptionHandler(value = Cmpv2ServerNotFoundException.class) + public ResponseEntity<String> handle(Cmpv2ServerNotFoundException exception) { + LOGGER.error("Exception occurred selecting CMPv2 server:", exception); + return getErrorResponseEntity("Certification authority not found for given CAName", HttpStatus.NOT_FOUND); + } + + private ResponseEntity<String> getErrorResponseEntity(String errorMessage, HttpStatus status) { ErrorResponseModel errorResponse = new ErrorResponseModel(errorMessage); return new ResponseEntity<>( new Gson().toJson(errorResponse), - HttpStatus.BAD_REQUEST + status ); } + } diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/CertificationModelFactory.java b/certService/src/main/java/org/onap/aaf/certservice/certification/CertificationModelFactory.java index 507ce3c1..69b83465 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/CertificationModelFactory.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/CertificationModelFactory.java @@ -20,10 +20,14 @@ package org.onap.aaf.certservice.certification; +import org.onap.aaf.certservice.certification.configuration.Cmpv2ServerProvider; +import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server; +import org.onap.aaf.certservice.certification.exception.Cmpv2ServerNotFoundException; import org.onap.aaf.certservice.certification.model.CertificationModel; import org.onap.aaf.certservice.certification.model.CsrModel; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import java.util.Arrays; @@ -38,14 +42,28 @@ public class CertificationModelFactory { private static final Logger LOGGER = LoggerFactory.getLogger(CertificationModelFactory.class); + private final Cmpv2ServerProvider cmpv2ServerProvider; + + @Autowired + CertificationModelFactory(Cmpv2ServerProvider cmpv2ServerProvider) { + this.cmpv2ServerProvider = cmpv2ServerProvider; + } public CertificationModel createCertificationModel(CsrModel csr, String caName) { LOGGER.info("Generating certification model for CA named: {}, and certificate signing request:\n{}", caName, csr); + + return cmpv2ServerProvider + .getCmpv2Server(caName) + .map(this::generateCertificationModel) + .orElseThrow(() -> new Cmpv2ServerNotFoundException("No server found for given CA name")); + } + + private CertificationModel generateCertificationModel(Cmpv2Server cmpv2Server) { + LOGGER.debug("Found server for given CA name: \n{}", cmpv2Server); return new CertificationModel( Arrays.asList(ENTITY_CERT, INTERMEDIATE_CERT), Arrays.asList(CA_CERT, EXTRA_CA_CERT) ); } - } diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/Cmpv2ServerProvider.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/Cmpv2ServerProvider.java new file mode 100644 index 00000000..755bfeb0 --- /dev/null +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/Cmpv2ServerProvider.java @@ -0,0 +1,46 @@ +/* + * ============LICENSE_START======================================================= + * PROJECT + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aaf.certservice.certification.configuration; + +import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import java.util.Optional; + +@Component +public class Cmpv2ServerProvider { + + private final CmpServersConfig cmpServersConfig; + + @Autowired + Cmpv2ServerProvider(CmpServersConfig cmpServersConfig) { + this.cmpServersConfig = cmpServersConfig; + } + + public Optional<Cmpv2Server> getCmpv2Server(String caName) { + return cmpServersConfig.getCmpServers() + .stream() + .filter(server -> server.getCaName().equals(caName)) + .findFirst(); + } + +} diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/model/Authentication.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/model/Authentication.java index ffd63ecf..af254d61 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/model/Authentication.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/model/Authentication.java @@ -45,4 +45,11 @@ public class Authentication { this.rv = rv; } + @Override + public String toString() { + return "Authentication{" + + " iak=*****" + + ", rv=*****" + + '}'; + } } diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/model/Cmpv2Server.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/model/Cmpv2Server.java index 21349d93..9a9f9c5d 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/model/Cmpv2Server.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/model/Cmpv2Server.java @@ -77,4 +77,15 @@ public class Cmpv2Server { this.url = url; } + @Override + public String toString() { + return "Cmpv2Server{" + + "authentication=" + authentication + + ", caMode=" + caMode + + ", caName='" + caName + '\'' + + ", issuerDN='" + issuerDN + '\'' + + ", url='" + url + '\'' + + '}'; + } + } diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/exception/Cmpv2ServerNotFoundException.java b/certService/src/main/java/org/onap/aaf/certservice/certification/exception/Cmpv2ServerNotFoundException.java new file mode 100644 index 00000000..95d4cd69 --- /dev/null +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/exception/Cmpv2ServerNotFoundException.java @@ -0,0 +1,29 @@ +/* + * ============LICENSE_START======================================================= + * PROJECT + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aaf.certservice.certification.exception; + +import org.webjars.NotFoundException; + +public class Cmpv2ServerNotFoundException extends NotFoundException { + public Cmpv2ServerNotFoundException(String message) { + super(message); + } +} diff --git a/certService/src/test/java/org/onap/aaf/certservice/certification/exception/CertificationExceptionControllerTest.java b/certService/src/test/java/org/onap/aaf/certservice/certification/CertificationExceptionControllerTest.java index 3dc93035..1a92c0c8 100644 --- a/certService/src/test/java/org/onap/aaf/certservice/certification/exception/CertificationExceptionControllerTest.java +++ b/certService/src/test/java/org/onap/aaf/certservice/certification/CertificationExceptionControllerTest.java @@ -18,12 +18,15 @@ * ============LICENSE_END========================================================= */ -package org.onap.aaf.certservice.certification.exception; +package org.onap.aaf.certservice.certification; import com.google.gson.Gson; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; -import org.onap.aaf.certservice.certification.CertificationExceptionController; +import org.onap.aaf.certservice.certification.exception.Cmpv2ServerNotFoundException; +import org.onap.aaf.certservice.certification.exception.CsrDecryptionException; +import org.onap.aaf.certservice.certification.exception.ErrorResponseModel; +import org.onap.aaf.certservice.certification.exception.KeyDecryptionException; import org.springframework.http.ResponseEntity; import static org.junit.jupiter.api.Assertions.assertEquals; @@ -68,4 +71,18 @@ class CertificationExceptionControllerTest { assertEquals(expectedMessage, response.getErrorMessage()); } + @Test + void shouldReturnResponseEntityWithAppropriateErrorMessageWhenGivenCaNameIsNotPresentInConfig() { + // given + String expectedMessage = "Certification authority not found for given CAName"; + Cmpv2ServerNotFoundException csrDecryptionException = new Cmpv2ServerNotFoundException("test Ca exception"); + + // when + ResponseEntity<String> responseEntity = certificationExceptionController.handle(csrDecryptionException); + + ErrorResponseModel response = new Gson().fromJson(responseEntity.getBody(), ErrorResponseModel.class); + + // then + assertEquals(expectedMessage, response.getErrorMessage()); + } } diff --git a/certService/src/test/java/org/onap/aaf/certservice/certification/CertificationModelFactoryTest.java b/certService/src/test/java/org/onap/aaf/certservice/certification/CertificationModelFactoryTest.java index 2953af78..50e604e2 100644 --- a/certService/src/test/java/org/onap/aaf/certservice/certification/CertificationModelFactoryTest.java +++ b/certService/src/test/java/org/onap/aaf/certservice/certification/CertificationModelFactoryTest.java @@ -22,36 +22,52 @@ package org.onap.aaf.certservice.certification; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; +import org.mockito.Mock; +import org.mockito.junit.jupiter.MockitoExtension; +import org.onap.aaf.certservice.certification.configuration.Cmpv2ServerProvider; +import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server; +import org.onap.aaf.certservice.certification.exception.Cmpv2ServerNotFoundException; import org.onap.aaf.certservice.certification.model.CertificationModel; import org.onap.aaf.certservice.certification.model.CsrModel; +import java.util.Optional; + import static org.assertj.core.api.Assertions.assertThat; import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.junit.jupiter.api.Assertions.assertTrue; import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; import static org.onap.aaf.certservice.certification.CertificationData.CA_CERT; import static org.onap.aaf.certservice.certification.CertificationData.ENTITY_CERT; import static org.onap.aaf.certservice.certification.CertificationData.INTERMEDIATE_CERT; import static org.onap.aaf.certservice.certification.CertificationData.EXTRA_CA_CERT; - +@ExtendWith(MockitoExtension.class) class CertificationModelFactoryTest { + private static final String TEST_CA = "testCA"; private CertificationModelFactory certificationModelFactory; + @Mock + Cmpv2ServerProvider cmpv2ServerProvider; + @BeforeEach void setUp() { - certificationModelFactory = new CertificationModelFactory(); + certificationModelFactory = new CertificationModelFactory(cmpv2ServerProvider); } @Test void shouldCreateProperCertificationModelWhenGivenProperCsrModelAndCaName() { // given - final String testCaName = "testCA"; CsrModel mockedCsrModel = mock(CsrModel.class); + when(cmpv2ServerProvider.getCmpv2Server(TEST_CA)).thenReturn(Optional.of(createTestCmpv2Server())); // when - CertificationModel certificationModel = certificationModelFactory.createCertificationModel(mockedCsrModel ,testCaName); + CertificationModel certificationModel = + certificationModelFactory.createCertificationModel(mockedCsrModel ,TEST_CA); //then assertEquals(2, certificationModel.getCertificateChain().size()); @@ -60,4 +76,24 @@ class CertificationModelFactoryTest { assertThat(certificationModel.getTrustedCertificates()).contains(CA_CERT, EXTRA_CA_CERT); } + @Test + void shouldThrowCmpv2ServerNotFoundExceptionWhenGivenWrongCaName() { + // given + String expectedMessage = "CA not found"; + CsrModel mockedCsrModel = mock(CsrModel.class); + when(cmpv2ServerProvider.getCmpv2Server(TEST_CA)).thenThrow(new Cmpv2ServerNotFoundException(expectedMessage)); + + // when + Exception exception = assertThrows( + Cmpv2ServerNotFoundException.class, () -> + certificationModelFactory.createCertificationModel(mockedCsrModel ,TEST_CA) + ); + + // then + assertTrue(exception.getMessage().contains(expectedMessage)); + } + + private Cmpv2Server createTestCmpv2Server() { + return new Cmpv2Server(); + } } diff --git a/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/Cmpv2ServerProviderTest.java b/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/Cmpv2ServerProviderTest.java new file mode 100644 index 00000000..d3c09e9c --- /dev/null +++ b/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/Cmpv2ServerProviderTest.java @@ -0,0 +1,96 @@ +/* + * ============LICENSE_START======================================================= + * PROJECT + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aaf.certservice.certification.configuration; + +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; +import org.mockito.Mock; +import org.mockito.junit.jupiter.MockitoExtension; +import org.onap.aaf.certservice.certification.configuration.model.Authentication; +import org.onap.aaf.certservice.certification.configuration.model.CaMode; +import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server; + +import java.util.Collections; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.Mockito.when; + +@ExtendWith(MockitoExtension.class) +class Cmpv2ServerProviderTest { + + private static final String TEST_CA = "testCA"; + + private Cmpv2ServerProvider cmpv2ServerProvider; + + @Mock + private CmpServersConfig cmpServersConfig; + + @BeforeEach + void setUp() { + cmpv2ServerProvider = + new Cmpv2ServerProvider(cmpServersConfig); + } + + @Test + void shouldReturnOptionalWithServerWhenServerWithGivenCaNameIsPresentInConfig() { + // given + Cmpv2Server testServer = createTestServer(); + when(cmpServersConfig.getCmpServers()).thenReturn(Collections.singletonList(testServer)); + + // when + Cmpv2Server receivedServer = cmpv2ServerProvider + .getCmpv2Server(TEST_CA) + .get(); + + // then + assertThat(receivedServer).isEqualToComparingFieldByField(testServer); + } + + + @Test + void shouldReturnEmptyOptionalWhenServerWithGivenCaNameIsNotPresentInConfig() { + // given + when(cmpServersConfig.getCmpServers()).thenReturn(Collections.emptyList()); + + // when + Boolean isEmpty = cmpv2ServerProvider + .getCmpv2Server(TEST_CA) + .isEmpty(); + + // then + assertThat(isEmpty).isTrue(); + } + + private Cmpv2Server createTestServer() { + Cmpv2Server testServer = new Cmpv2Server(); + testServer.setCaName(TEST_CA); + testServer.setIssuerDN("testIssuer"); + testServer.setUrl("http://test.ca.server"); + Authentication testAuthentication = new Authentication(); + testAuthentication.setIak("testIak"); + testAuthentication.setRv("testRv"); + testServer.setAuthentication(testAuthentication); + testServer.setCaMode(CaMode.RA); + + return testServer; + } +} |