aboutsummaryrefslogtreecommitdiffstats
path: root/integration-test/src/test/groovy/org/onap/cps/integration/functional/NcmpBearerTokenPassthroughSpec.groovy
blob: d8585fb978ceb94e67bdd8596fa94beb065bb655 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
/*
 *  ============LICENSE_START=======================================================
 *  Copyright (C) 2024 Nordix Foundation
 *  ================================================================================
 *  Licensed under the Apache License, Version 2.0 (the 'License');
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *        http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an 'AS IS' BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 *
 *  SPDX-License-Identifier: Apache-2.0
 *  ============LICENSE_END=========================================================
 */

package org.onap.cps.integration.functional

import spock.lang.Ignore

import java.time.Duration
import org.onap.cps.integration.base.CpsIntegrationSpecBase
import org.springframework.http.HttpHeaders
import org.springframework.http.HttpStatus
import org.springframework.http.MediaType
import org.springframework.test.web.client.match.MockRestRequestMatchers

import static org.springframework.http.HttpMethod.GET
import static org.springframework.http.HttpMethod.DELETE
import static org.springframework.http.HttpMethod.PATCH
import static org.springframework.http.HttpMethod.POST
import static org.springframework.http.HttpMethod.PUT
import static org.springframework.test.web.client.match.MockRestRequestMatchers.method
import static org.springframework.test.web.client.match.MockRestRequestMatchers.requestTo
import static org.springframework.test.web.client.response.MockRestResponseCreators.withStatus
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.request
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status

@Ignore
class NcmpBearerTokenPassthroughSpec extends CpsIntegrationSpecBase {

    static final MODULE_REFERENCES_RESPONSE = readResourceDataFile('mock-dmi-responses/bookStoreAWithModules_M1_M2_Response.json')
    static final MODULE_RESOURCES_RESPONSE = readResourceDataFile('mock-dmi-responses/bookStoreAWithModules_M1_M2_ResourcesResponse.json')

    def setup() {
        mockDmiWillRespondToHealthChecks(DMI_URL)
        mockDmiResponsesForModuleSync(DMI_URL, 'ch-1', MODULE_REFERENCES_RESPONSE, MODULE_RESOURCES_RESPONSE)
        registerCmHandle(DMI_URL, 'ch-1', NO_MODULE_SET_TAG)
        mockDmiServer.reset()
        mockDmiWillRespondToHealthChecks(DMI_URL)
    }

    def cleanup() {
        deregisterCmHandle(DMI_URL, 'ch-1')
    }

    def 'Bearer token is passed from NCMP to DMI in pass-through data operations.'() {
        given: 'DMI will expect to receive a request with a bearer token'
            def targetDmiUrl = "$DMI_URL/dmi/v1/ch/ch-1/data/ds/ncmp-datastore:passthrough-running?resourceIdentifier=my-resource-id"
            mockDmiServer.expect(requestTo(targetDmiUrl))
                    .andExpect(MockRestRequestMatchers.header(HttpHeaders.AUTHORIZATION, 'Bearer some-bearer-token'))
                    .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON))

        when: 'a pass-through data request is sent to NCMP with a bearer token'
            mvc.perform(request(httpMethod, '/ncmp/v1/ch/ch-1/data/ds/ncmp-datastore:passthrough-running')
                    .queryParam('resourceIdentifier', 'my-resource-id')
                    .contentType(MediaType.APPLICATION_JSON)
                    .content('{ "some-json": "data" }')
                    .header(HttpHeaders.AUTHORIZATION, 'Bearer some-bearer-token'))
                    .andExpect(status().is2xxSuccessful())

        then: 'DMI has received request with bearer token'
            mockDmiServer.verify()

        where: 'all HTTP operations are applied'
            httpMethod << [GET, POST, PUT, PATCH, DELETE]
    }

    def 'Basic auth header is NOT passed from NCMP to DMI in pass-through data operations.'() {
        given: 'DMI will expect to receive a request with no authorization header'
            def targetDmiUrl = "$DMI_URL/dmi/v1/ch/ch-1/data/ds/ncmp-datastore:passthrough-running?resourceIdentifier=my-resource-id"
            mockDmiServer.expect(requestTo(targetDmiUrl))
                    .andExpect(MockRestRequestMatchers.headerDoesNotExist(HttpHeaders.AUTHORIZATION))
                    .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON))

        when: 'a pass-through data request is sent to NCMP with basic authentication'
            mvc.perform(request(httpMethod, '/ncmp/v1/ch/ch-1/data/ds/ncmp-datastore:passthrough-running')
                    .queryParam('resourceIdentifier', 'my-resource-id')
                    .contentType(MediaType.APPLICATION_JSON)
                    .content('{ "some-json": "data" }')
                    .header(HttpHeaders.AUTHORIZATION, 'Basic Y3BzdXNlcjpjcHNyMGNrcyE='))
                    .andExpect(status().is2xxSuccessful())

        then: 'DMI has received request with no authorization header'
            mockDmiServer.verify()

        where: 'all HTTP operations are applied'
            httpMethod << [GET, POST, PUT, PATCH, DELETE]
    }

    def 'Bearer token is passed from NCMP to DMI in async batch pass-through data operation.'() {
        given: 'DMI will expect to receive a request with a bearer token'
            mockDmiServer.expect(method(POST))
                    .andExpect(MockRestRequestMatchers.header(HttpHeaders.AUTHORIZATION, 'Bearer some-bearer-token'))
                    .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON))

        when: 'a pass-through async data request is sent to NCMP with a bearer token'
            def requestBody = """{"operations": [{
                "operation": "read",
                "operationId": "operational-1",
                "datastore": "ncmp-datastore:passthrough-running",
                "resourceIdentifier": "my-resource-id",
                "targetIds": ["ch-1"]
            }]}"""
        mvc.perform(request(POST, '/ncmp/v1/data')
                    .queryParam('topic', 'my-topic')
                    .contentType(MediaType.APPLICATION_JSON)
                    .content(requestBody)
                    .header(HttpHeaders.AUTHORIZATION, 'Bearer some-bearer-token'))
                    .andExpect(status().is2xxSuccessful())

        then: 'DMI will receive the async request with bearer token'
            mockDmiServer.verify(Duration.ofSeconds(1))
    }

}