1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
/*
* ============LICENSE_START=======================================================
* Copyright (C) 2024 Nordix Foundation
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the 'License');
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an 'AS IS' BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* SPDX-License-Identifier: Apache-2.0
* ============LICENSE_END=========================================================
*/
package org.onap.cps.integration.functional
import java.time.Duration
import org.onap.cps.integration.base.CpsIntegrationSpecBase
import org.springframework.http.HttpHeaders
import org.springframework.http.HttpStatus
import org.springframework.http.MediaType
import org.springframework.test.web.client.match.MockRestRequestMatchers
import static org.springframework.http.HttpMethod.GET
import static org.springframework.http.HttpMethod.DELETE
import static org.springframework.http.HttpMethod.PATCH
import static org.springframework.http.HttpMethod.POST
import static org.springframework.http.HttpMethod.PUT
import static org.springframework.test.web.client.match.MockRestRequestMatchers.method
import static org.springframework.test.web.client.match.MockRestRequestMatchers.requestTo
import static org.springframework.test.web.client.response.MockRestResponseCreators.withStatus
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.request
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status
class NcmpBearerTokenPassthroughSpec extends CpsIntegrationSpecBase {
static final NO_MODULE_SET_TAG = ''
static final MODULE_REFERENCES_RESPONSE = readResourceDataFile('mock-dmi-responses/bookStoreAWithModules_M1_M2_Response.json')
static final MODULE_RESOURCES_RESPONSE = readResourceDataFile('mock-dmi-responses/bookStoreAWithModules_M1_M2_ResourcesResponse.json')
def setup() {
registerCmHandle(DMI_URL, 'ch-1', NO_MODULE_SET_TAG, MODULE_REFERENCES_RESPONSE, MODULE_RESOURCES_RESPONSE)
}
def cleanup() {
deregisterCmHandle(DMI_URL, 'ch-1')
}
def 'Bearer token is passed from NCMP to DMI in pass-through data operations.'() {
given: 'DMI will expect to receive a request with a bearer token'
def targetDmiUrl = "$DMI_URL/dmi/v1/ch/ch-1/data/ds/ncmp-datastore:passthrough-running?resourceIdentifier=my-resource-id"
mockDmiServer.expect(requestTo(targetDmiUrl))
.andExpect(MockRestRequestMatchers.header(HttpHeaders.AUTHORIZATION, 'Bearer some-bearer-token'))
.andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON))
when: 'a pass-through data request is sent to NCMP with a bearer token'
mvc.perform(request(httpMethod, '/ncmp/v1/ch/ch-1/data/ds/ncmp-datastore:passthrough-running')
.queryParam('resourceIdentifier', 'my-resource-id')
.contentType(MediaType.APPLICATION_JSON)
.content('{ "some-json": "data" }')
.header(HttpHeaders.AUTHORIZATION, 'Bearer some-bearer-token'))
.andExpect(status().is2xxSuccessful())
then: 'DMI has received request with bearer token'
mockDmiServer.verify()
where: 'all HTTP operations are applied'
httpMethod << [GET, POST, PUT, PATCH, DELETE]
}
def 'Basic auth header is NOT passed from NCMP to DMI in pass-through data operations.'() {
given: 'DMI will expect to receive a request with no authorization header'
def targetDmiUrl = "$DMI_URL/dmi/v1/ch/ch-1/data/ds/ncmp-datastore:passthrough-running?resourceIdentifier=my-resource-id"
mockDmiServer.expect(requestTo(targetDmiUrl))
.andExpect(MockRestRequestMatchers.headerDoesNotExist(HttpHeaders.AUTHORIZATION))
.andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON))
when: 'a pass-through data request is sent to NCMP with basic authentication'
mvc.perform(request(httpMethod, '/ncmp/v1/ch/ch-1/data/ds/ncmp-datastore:passthrough-running')
.queryParam('resourceIdentifier', 'my-resource-id')
.contentType(MediaType.APPLICATION_JSON)
.content('{ "some-json": "data" }')
.header(HttpHeaders.AUTHORIZATION, 'Basic Y3BzdXNlcjpjcHNyMGNrcyE='))
.andExpect(status().is2xxSuccessful())
then: 'DMI has received request with no authorization header'
mockDmiServer.verify()
where: 'all HTTP operations are applied'
httpMethod << [GET, POST, PUT, PATCH, DELETE]
}
def 'Bearer token is passed from NCMP to DMI in async batch pass-through data operation.'() {
given: 'DMI will expect to receive a request with a bearer token'
mockDmiServer.expect(method(POST))
.andExpect(MockRestRequestMatchers.header(HttpHeaders.AUTHORIZATION, 'Bearer some-bearer-token'))
.andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON))
when: 'a pass-through async data request is sent to NCMP with a bearer token'
def requestBody = """{"operations": [{
"operation": "read",
"operationId": "operational-1",
"datastore": "ncmp-datastore:passthrough-running",
"resourceIdentifier": "my-resource-id",
"targetIds": ["ch-1"]
}]}"""
mvc.perform(request(POST, '/ncmp/v1/data')
.queryParam('topic', 'my-topic')
.contentType(MediaType.APPLICATION_JSON)
.content(requestBody)
.header(HttpHeaders.AUTHORIZATION, 'Bearer some-bearer-token'))
.andExpect(status().is2xxSuccessful())
then: 'DMI will receive the async request with bearer token'
mockDmiServer.verify(Duration.ofSeconds(1))
}
}
|