diff options
| author |   Kiran Kamineni <kiran.k.kamineni@intel.com> | 2018-04-06 16:45:23 -0700 |
|---|---|---|
| committer |   Girish Havaldar <hg0071052@techmahindra.com> | 2018-04-11 04:04:16 +0000 |
| commit | c0830dc3d8ce9113fb29f9f81c7560b550b479ba (patch) | |
| tree | b375899c6a706959677ba5de1d4bea712c7fda9e | |
| parent | a9e5943435ba1fb61fd891f1173f1b020858049f (diff) | |
Refactoring some code and adding disable_tls flag
Refactored some code and adding disable_tls flag
This is needed for now to enable some end to end
testing of quorum abilities and will be enabled
once certificate support is added to ONAP
Also updated test script to take port as argument
Issue-ID: AAF-95
Change-Id: I4124bbfd22185a83b3c671b8a0499bfb3bde865d
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
| -rw-r--r-- | sms-service/src/quorumclient/config.json | 3 | ||||
| -rw-r--r-- | sms-service/src/quorumclient/quorumclient.go | 46 | ||||
| -rw-r--r-- | sms-service/src/sms/test/loop_test.sh | 27 |
3 files changed, 49 insertions, 27 deletions
diff --git a/sms-service/src/quorumclient/config.json b/sms-service/src/quorumclient/config.json index 1b2e4df..89979d5 100644 --- a/sms-service/src/quorumclient/config.json +++ b/sms-service/src/quorumclient/config.json @@ -4,5 +4,6 @@ "clientcert":"client.crt", "clientkey":"client.key", "key":"UHFFY0l6WDhZVlErbGxvWitFVWpUL3FCV083NXRra1B2TDVBblN4VE5mYz0=", - "timeout":"60s" + "timeout":"60s", + "disable_tls":false }
\ No newline at end of file diff --git a/sms-service/src/quorumclient/quorumclient.go b/sms-service/src/quorumclient/quorumclient.go index 3f3c70b..e3e6e40 100644 --- a/sms-service/src/quorumclient/quorumclient.go +++ b/sms-service/src/quorumclient/quorumclient.go @@ -25,6 +25,8 @@ import ( "log" "net/http" "os" + smsauth "sms/auth" + smslogger "sms/log" "strings" "time" ) @@ -33,6 +35,8 @@ import ( //calls necessary initialization endpoints on the //SMS webservice func main() { + smslogger.Init("quorumclient.log") + //Struct to read json configuration file type config struct { BackEndURL string `json:"url"` @@ -41,7 +45,9 @@ func main() { ClientKey string `json:"clientkey"` B64Key string `json:"key"` TimeOut string `json:"timeout"` + DisableTLS bool `json:"disable_tls"` } + //Load the config File for reading vcf, err := os.Open("config.json") if err != nil { @@ -55,32 +61,44 @@ func main() { log.Fatalf("Error while parsing config file %v", err) } - duration, _ := time.ParseDuration(cfg.TimeOut) - ticker := time.NewTicker(duration) - - for _ = range ticker.C { + transport := http.Transport{} + if cfg.DisableTLS { + // Read the CA cert. This can be the self-signed CA + // or CA cert provided by AAF caCert, err := ioutil.ReadFile(cfg.CAFile) if err != nil { log.Fatalf("Error while reading CA file %v ", err) } + caCertPool := x509.NewCertPool() caCertPool.AppendCertsFromPEM(caCert) + + // Load the client certificate files cert, err := tls.LoadX509KeyPair(cfg.ClientCert, cfg.ClientKey) if err != nil { log.Fatalf("Error while loading key pair %v ", err) } - client := &http.Client{ - Transport: &http.Transport{ - TLSClientConfig: &tls.Config{ - RootCAs: caCertPool, - Certificates: []tls.Certificate{cert}, - }, - }, + transport.TLSClientConfig = &tls.Config{ + RootCAs: caCertPool, + Certificates: []tls.Certificate{cert}, } + } + + client := &http.Client{ + Transport: &transport, + } + + smsauth.GeneratePGPKeyPair() + + duration, _ := time.ParseDuration(cfg.TimeOut) + ticker := time.NewTicker(duration) + + for _ = range ticker.C { + //URL and Port is configured in config file - response, err := client.Get(cfg.BackEndURL + "v1/sms/status") + response, err := client.Get(cfg.BackEndURL + "/v1/sms/status") if err != nil { log.Fatalf("Error while connecting to SMS webservice %v", err) } @@ -89,15 +107,17 @@ func main() { if err != nil { log.Fatalf("Error while reading response %v", err) } + var data map[string]interface{} json.Unmarshal(responseData, &data) sealed := data["sealed"].(bool) + // Unseal the vault if sealed if sealed { decdB64Key, _ := base64.StdEncoding.DecodeString(cfg.B64Key) body := strings.NewReader(`{"key":"` + string(decdB64Key) + `"}`) //URL and PORT is configured via config file - response, err = client.Post(cfg.BackEndURL+"v1/sms/unseal", "application/json", body) + response, err = client.Post(cfg.BackEndURL+"/v1/sms/unseal", "application/json", body) if err != nil { log.Fatalf("Error while unsealing %v", err) } diff --git a/sms-service/src/sms/test/loop_test.sh b/sms-service/src/sms/test/loop_test.sh index 40fbfc5..d8c9f78 100644 --- a/sms-service/src/sms/test/loop_test.sh +++ b/sms-service/src/sms/test/loop_test.sh @@ -2,57 +2,58 @@ RED='\033[0;31m' NC='\033[0m' URL=$1 +PORT=$2 for i in `seq 1 2`; do echo -e "${RED}----------------BEGIN GET STATUS----------------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X GET \ - https://${URL}:10443/v1/sms/status + http://${URL}:${PORT}/v1/sms/status echo -e "${RED}----------------BEGIN CREATE SECRET DOMAIN------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X POST \ - -d @test/test_create_domain.json https://${URL}:10443/v1/sms/domain + -d @test/test_create_domain.json http://${URL}:${PORT}/v1/sms/domain echo -e "${RED}----------------BEGIN CREATE SECRET 1-----------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X POST \ - -d @test/test_create_secret1.json https://${URL}:10443/v1/sms/domain/curltestdomain/secret + -d @test/test_create_secret1.json http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret echo -e "${RED}----------------BEGIN CREATE SECRET 2-----------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X POST \ - -d @test/test_create_secret2.json https://${URL}:10443/v1/sms/domain/curltestdomain/secret + -d @test/test_create_secret2.json http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret echo -e "${RED}----------------BEGIN CREATE SECRET 3-----------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X POST \ - -d @test/test_create_secret3.json https://${URL}:10443/v1/sms/domain/curltestdomain/secret + -d @test/test_create_secret3.json http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret echo -e "${RED}----------------BEGIN LIST SECRET---------------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X GET \ - https://${URL}:10443/v1/sms/domain/curltestdomain/secret + http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret echo -e "${RED}----------------BEGIN GET SECRET 1--------------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X GET \ - https://${URL}:10443/v1/sms/domain/curltestdomain/secret/curltestsecret1 + http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret/curltestsecret1 echo -e "${RED}----------------BEGIN GET SECRET 2--------------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X GET \ - https://${URL}:10443/v1/sms/domain/curltestdomain/secret/curltestsecret2 + http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret/curltestsecret2 echo -e "${RED}----------------BEGIN GET SECRET 3--------------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X GET \ - https://${URL}:10443/v1/sms/domain/curltestdomain/secret/curltestsecret3 + http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret/curltestsecret3 echo -e "${RED}----------------BEGIN DELETE SECRET 1-----------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X DELETE \ - https://${URL}:10443/v1/sms/domain/curltestdomain/secret/curltestsecret1 + http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret/curltestsecret1 echo -e "${RED}----------------BEGIN DELETE SECRET 2-----------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X DELETE \ - https://${URL}:10443/v1/sms/domain/curltestdomain/secret/curltestsecret2 + http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret/curltestsecret2 echo -e "${RED}----------------BEGIN DELETE SECRET 3-----------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X DELETE \ - https://${URL}:10443/v1/sms/domain/curltestdomain/secret/curltestsecret3 + http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret/curltestsecret3 echo -e "${RED}----------------BEGIN DELETE SECRET DOMAIN------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X DELETE \ - https://${URL}:10443/v1/sms/domain/curltestdomain + http://${URL}:${PORT}/v1/sms/domain/curltestdomain done |