From c0830dc3d8ce9113fb29f9f81c7560b550b479ba Mon Sep 17 00:00:00 2001 From: Kiran Kamineni Date: Fri, 6 Apr 2018 16:45:23 -0700 Subject: Refactoring some code and adding disable_tls flag Refactored some code and adding disable_tls flag This is needed for now to enable some end to end testing of quorum abilities and will be enabled once certificate support is added to ONAP Also updated test script to take port as argument Issue-ID: AAF-95 Change-Id: I4124bbfd22185a83b3c671b8a0499bfb3bde865d Signed-off-by: Kiran Kamineni --- sms-service/src/quorumclient/config.json | 3 +- sms-service/src/quorumclient/quorumclient.go | 46 ++++++++++++++++++++-------- sms-service/src/sms/test/loop_test.sh | 27 ++++++++-------- 3 files changed, 49 insertions(+), 27 deletions(-) (limited to 'sms-service') diff --git a/sms-service/src/quorumclient/config.json b/sms-service/src/quorumclient/config.json index 1b2e4df..89979d5 100644 --- a/sms-service/src/quorumclient/config.json +++ b/sms-service/src/quorumclient/config.json @@ -4,5 +4,6 @@ "clientcert":"client.crt", "clientkey":"client.key", "key":"UHFFY0l6WDhZVlErbGxvWitFVWpUL3FCV083NXRra1B2TDVBblN4VE5mYz0=", - "timeout":"60s" + "timeout":"60s", + "disable_tls":false } \ No newline at end of file diff --git a/sms-service/src/quorumclient/quorumclient.go b/sms-service/src/quorumclient/quorumclient.go index 3f3c70b..e3e6e40 100644 --- a/sms-service/src/quorumclient/quorumclient.go +++ b/sms-service/src/quorumclient/quorumclient.go @@ -25,6 +25,8 @@ import ( "log" "net/http" "os" + smsauth "sms/auth" + smslogger "sms/log" "strings" "time" ) @@ -33,6 +35,8 @@ import ( //calls necessary initialization endpoints on the //SMS webservice func main() { + smslogger.Init("quorumclient.log") + //Struct to read json configuration file type config struct { BackEndURL string `json:"url"` @@ -41,7 +45,9 @@ func main() { ClientKey string `json:"clientkey"` B64Key string `json:"key"` TimeOut string `json:"timeout"` + DisableTLS bool `json:"disable_tls"` } + //Load the config File for reading vcf, err := os.Open("config.json") if err != nil { @@ -55,32 +61,44 @@ func main() { log.Fatalf("Error while parsing config file %v", err) } - duration, _ := time.ParseDuration(cfg.TimeOut) - ticker := time.NewTicker(duration) - - for _ = range ticker.C { + transport := http.Transport{} + if cfg.DisableTLS { + // Read the CA cert. This can be the self-signed CA + // or CA cert provided by AAF caCert, err := ioutil.ReadFile(cfg.CAFile) if err != nil { log.Fatalf("Error while reading CA file %v ", err) } + caCertPool := x509.NewCertPool() caCertPool.AppendCertsFromPEM(caCert) + + // Load the client certificate files cert, err := tls.LoadX509KeyPair(cfg.ClientCert, cfg.ClientKey) if err != nil { log.Fatalf("Error while loading key pair %v ", err) } - client := &http.Client{ - Transport: &http.Transport{ - TLSClientConfig: &tls.Config{ - RootCAs: caCertPool, - Certificates: []tls.Certificate{cert}, - }, - }, + transport.TLSClientConfig = &tls.Config{ + RootCAs: caCertPool, + Certificates: []tls.Certificate{cert}, } + } + + client := &http.Client{ + Transport: &transport, + } + + smsauth.GeneratePGPKeyPair() + + duration, _ := time.ParseDuration(cfg.TimeOut) + ticker := time.NewTicker(duration) + + for _ = range ticker.C { + //URL and Port is configured in config file - response, err := client.Get(cfg.BackEndURL + "v1/sms/status") + response, err := client.Get(cfg.BackEndURL + "/v1/sms/status") if err != nil { log.Fatalf("Error while connecting to SMS webservice %v", err) } @@ -89,15 +107,17 @@ func main() { if err != nil { log.Fatalf("Error while reading response %v", err) } + var data map[string]interface{} json.Unmarshal(responseData, &data) sealed := data["sealed"].(bool) + // Unseal the vault if sealed if sealed { decdB64Key, _ := base64.StdEncoding.DecodeString(cfg.B64Key) body := strings.NewReader(`{"key":"` + string(decdB64Key) + `"}`) //URL and PORT is configured via config file - response, err = client.Post(cfg.BackEndURL+"v1/sms/unseal", "application/json", body) + response, err = client.Post(cfg.BackEndURL+"/v1/sms/unseal", "application/json", body) if err != nil { log.Fatalf("Error while unsealing %v", err) } diff --git a/sms-service/src/sms/test/loop_test.sh b/sms-service/src/sms/test/loop_test.sh index 40fbfc5..d8c9f78 100644 --- a/sms-service/src/sms/test/loop_test.sh +++ b/sms-service/src/sms/test/loop_test.sh @@ -2,57 +2,58 @@ RED='\033[0;31m' NC='\033[0m' URL=$1 +PORT=$2 for i in `seq 1 2`; do echo -e "${RED}----------------BEGIN GET STATUS----------------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X GET \ - https://${URL}:10443/v1/sms/status + http://${URL}:${PORT}/v1/sms/status echo -e "${RED}----------------BEGIN CREATE SECRET DOMAIN------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X POST \ - -d @test/test_create_domain.json https://${URL}:10443/v1/sms/domain + -d @test/test_create_domain.json http://${URL}:${PORT}/v1/sms/domain echo -e "${RED}----------------BEGIN CREATE SECRET 1-----------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X POST \ - -d @test/test_create_secret1.json https://${URL}:10443/v1/sms/domain/curltestdomain/secret + -d @test/test_create_secret1.json http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret echo -e "${RED}----------------BEGIN CREATE SECRET 2-----------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X POST \ - -d @test/test_create_secret2.json https://${URL}:10443/v1/sms/domain/curltestdomain/secret + -d @test/test_create_secret2.json http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret echo -e "${RED}----------------BEGIN CREATE SECRET 3-----------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X POST \ - -d @test/test_create_secret3.json https://${URL}:10443/v1/sms/domain/curltestdomain/secret + -d @test/test_create_secret3.json http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret echo -e "${RED}----------------BEGIN LIST SECRET---------------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X GET \ - https://${URL}:10443/v1/sms/domain/curltestdomain/secret + http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret echo -e "${RED}----------------BEGIN GET SECRET 1--------------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X GET \ - https://${URL}:10443/v1/sms/domain/curltestdomain/secret/curltestsecret1 + http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret/curltestsecret1 echo -e "${RED}----------------BEGIN GET SECRET 2--------------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X GET \ - https://${URL}:10443/v1/sms/domain/curltestdomain/secret/curltestsecret2 + http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret/curltestsecret2 echo -e "${RED}----------------BEGIN GET SECRET 3--------------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X GET \ - https://${URL}:10443/v1/sms/domain/curltestdomain/secret/curltestsecret3 + http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret/curltestsecret3 echo -e "${RED}----------------BEGIN DELETE SECRET 1-----------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X DELETE \ - https://${URL}:10443/v1/sms/domain/curltestdomain/secret/curltestsecret1 + http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret/curltestsecret1 echo -e "${RED}----------------BEGIN DELETE SECRET 2-----------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X DELETE \ - https://${URL}:10443/v1/sms/domain/curltestdomain/secret/curltestsecret2 + http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret/curltestsecret2 echo -e "${RED}----------------BEGIN DELETE SECRET 3-----------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X DELETE \ - https://${URL}:10443/v1/sms/domain/curltestdomain/secret/curltestsecret3 + http://${URL}:${PORT}/v1/sms/domain/curltestdomain/secret/curltestsecret3 echo -e "${RED}----------------BEGIN DELETE SECRET DOMAIN------${NC}" curl -i -w "\n" -H "Accept: application/json" --cacert auth/selfsignedca.pem --cert auth/client.cert --key auth/client.key -X DELETE \ - https://${URL}:10443/v1/sms/domain/curltestdomain + http://${URL}:${PORT}/v1/sms/domain/curltestdomain done -- cgit 1.2.3-korg