From 0ae7a7f6b40ff13a21f33e3e573d6b3ebde6bf90 Mon Sep 17 00:00:00 2001 From: Vijay Venkatesh Kumar Date: Fri, 5 Oct 2018 14:14:00 +0200 Subject: Fix mutual authentication Last version from demo. Change-Id: Ib41581bf6f9eb92a03edf8434261d3674b6e3e39 Issue-ID: DCAEGEN2-860 Signed-off-by: elinuxhenrik Signed-off-by: Vijay Venkatesh Kumar --- .../collectors/datafile/ftp/FtpsClientTest.java | 234 +++++++++++++++++++++ .../collectors/datafile/ftp/SftpClientTest.java | 103 +++++++++ .../DmaapProducerReactiveHttpClientTest.java | 3 + 3 files changed, 340 insertions(+) create mode 100644 datafile-dmaap-client/src/test/java/org/onap/dcaegen2/collectors/datafile/ftp/FtpsClientTest.java create mode 100644 datafile-dmaap-client/src/test/java/org/onap/dcaegen2/collectors/datafile/ftp/SftpClientTest.java (limited to 'datafile-dmaap-client/src/test') diff --git a/datafile-dmaap-client/src/test/java/org/onap/dcaegen2/collectors/datafile/ftp/FtpsClientTest.java b/datafile-dmaap-client/src/test/java/org/onap/dcaegen2/collectors/datafile/ftp/FtpsClientTest.java new file mode 100644 index 00000000..5d716a9b --- /dev/null +++ b/datafile-dmaap-client/src/test/java/org/onap/dcaegen2/collectors/datafile/ftp/FtpsClientTest.java @@ -0,0 +1,234 @@ +/* + * ============LICENSE_START====================================================================== + * Copyright (C) 2018 Nordix Foundation. All rights reserved. + * =============================================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * ============LICENSE_END======================================================================== + */ + +package org.onap.dcaegen2.collectors.datafile.ftp; + +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.mockito.Mockito.doThrow; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.times; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.verifyNoMoreInteractions; +import static org.mockito.Mockito.when; + +import java.io.File; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.security.GeneralSecurityException; +import java.security.KeyStore; +import java.security.KeyStoreException; + +import javax.net.ssl.KeyManager; +import javax.net.ssl.TrustManager; + +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.onap.dcaegen2.collectors.datafile.io.IFile; +import org.onap.dcaegen2.collectors.datafile.io.IFileSystemResource; +import org.onap.dcaegen2.collectors.datafile.io.IOutputStream; +import org.onap.dcaegen2.collectors.datafile.ssl.IKeyManagerUtils; +import org.onap.dcaegen2.collectors.datafile.ssl.IKeyStore; +import org.onap.dcaegen2.collectors.datafile.ssl.ITrustManagerFactory; +import org.springframework.http.HttpStatus; + +public class FtpsClientTest { + + private static final String REMOTE_FILE_PATH = "/dir/sample.txt"; + private static final String LOCAL_FILE_PATH = "target/sample.txt"; + private static final String XNF_ADDRESS = "127.0.0.1"; + private static final int PORT = 8021; + private static final String FTP_KEY_PATH = "ftpKeyPath"; + private static final String FTP_KEY_PASSWORD = "ftpKeyPassword"; + private static final String TRUSTED_CA_PATH = "trustedCAPath"; + private static final String TRUSTED_CA_PASSWORD = "trustedCAPassword"; + + private static final String USERNAME = "bob"; + private static final String PASSWORD = "123"; + + private IFTPSClient ftpsClientMock = mock(IFTPSClient.class); + private IKeyManagerUtils keyManagerUtilsMock = mock(IKeyManagerUtils.class); + private KeyManager keyManagerMock = mock(KeyManager.class); + private IKeyStore keyStoreWrapperMock = mock(IKeyStore.class); + private KeyStore keyStoreMock = mock(KeyStore.class); + private ITrustManagerFactory trustManagerFactoryMock = mock(ITrustManagerFactory.class); + private TrustManager trustManagerMock = mock(TrustManager.class); + private IFile localFileMock = mock(IFile.class); + private IFileSystemResource fileResourceMock = mock(IFileSystemResource.class); + private IOutputStream outputStreamMock = mock(IOutputStream.class); + private InputStream inputStreamMock = mock(InputStream.class); + + FtpsClient clientUnderTest = new FtpsClient(); + + @BeforeEach + protected void setUp() throws Exception { + clientUnderTest.setFtpsClient(ftpsClientMock); + clientUnderTest.setKeyManagerUtils(keyManagerUtilsMock); + clientUnderTest.setKeyStore(keyStoreWrapperMock); + clientUnderTest.setTrustManagerFactory(trustManagerFactoryMock); + clientUnderTest.setFile(localFileMock); + clientUnderTest.setFileSystemResource(fileResourceMock); + clientUnderTest.setOutputStream(outputStreamMock); + + clientUnderTest.setKeyCertPath(FTP_KEY_PATH); + clientUnderTest.setKeyCertPassword(FTP_KEY_PASSWORD); + clientUnderTest.setTrustedCAPath(TRUSTED_CA_PATH); + clientUnderTest.setTrustedCAPassword(TRUSTED_CA_PASSWORD); +} + + @Test + public void collectFile_allOk() throws Exception { + when(keyManagerUtilsMock.getClientKeyManager()).thenReturn(keyManagerMock); + when(fileResourceMock.getInputStream()).thenReturn(inputStreamMock); + when(keyStoreWrapperMock.getKeyStore()).thenReturn(keyStoreMock); + when(trustManagerFactoryMock.getTrustManagers()).thenReturn(new TrustManager[] {trustManagerMock}); + when(ftpsClientMock.login(USERNAME, PASSWORD)).thenReturn(true); + when(ftpsClientMock.getReplyCode()).thenReturn(HttpStatus.OK.value()); + File fileMock = mock(File.class); + when(localFileMock.getFile()).thenReturn(fileMock); + OutputStream osMock = mock(OutputStream.class); + when(outputStreamMock.getOutputStream(fileMock)).thenReturn(osMock); + + ImmutableFileServerData fileServerData = ImmutableFileServerData.builder().serverAddress(XNF_ADDRESS) + .userId(USERNAME).password(PASSWORD).port(PORT).build(); + + boolean result = clientUnderTest.collectFile(fileServerData, REMOTE_FILE_PATH, LOCAL_FILE_PATH); + + assertTrue(result); + verify(ftpsClientMock).setNeedClientAuth(true); + verify(keyManagerUtilsMock).setCredentials(FTP_KEY_PATH, FTP_KEY_PASSWORD); + verify(ftpsClientMock).setKeyManager(keyManagerMock); + verify(fileResourceMock).setPath(TRUSTED_CA_PATH); + verify(keyStoreWrapperMock).load(inputStreamMock, TRUSTED_CA_PASSWORD.toCharArray()); + verify(inputStreamMock, times(1)).close(); + verify(trustManagerFactoryMock).init(keyStoreMock); + verify(ftpsClientMock).setTrustManager(trustManagerMock); + verify(ftpsClientMock).connect(XNF_ADDRESS, PORT); + verify(ftpsClientMock).login(USERNAME, PASSWORD); + verify(ftpsClientMock).getReplyCode(); + verify(ftpsClientMock, times(1)).enterLocalPassiveMode(); + verify(ftpsClientMock).execPBSZ(0); + verify(ftpsClientMock).execPROT("P"); + verify(localFileMock).setPath(LOCAL_FILE_PATH); + verify(localFileMock, times(1)).createNewFile(); + verify(ftpsClientMock).retrieveFile(REMOTE_FILE_PATH, osMock); + verify(osMock, times(1)).close(); + verify(ftpsClientMock, times(1)).logout(); + verify(ftpsClientMock, times(1)).disconnect(); + verifyNoMoreInteractions(ftpsClientMock); + } + + @Test + public void collectFileFaultyOwnKey_shouldFail() throws Exception { + doThrow(new GeneralSecurityException()) + .when(keyManagerUtilsMock).setCredentials(FTP_KEY_PATH, FTP_KEY_PASSWORD); + + ImmutableFileServerData fileServerData = ImmutableFileServerData.builder().serverAddress(XNF_ADDRESS) + .userId(USERNAME).password(PASSWORD).port(PORT).build(); + + boolean result = clientUnderTest.collectFile(fileServerData, REMOTE_FILE_PATH, LOCAL_FILE_PATH); + + assertFalse(result); + } + + @Test + public void collectFileFaultTrustedCA_shouldFail() throws Exception { + when(keyManagerUtilsMock.getClientKeyManager()).thenReturn(keyManagerMock); + when(fileResourceMock.getInputStream()).thenReturn(inputStreamMock); + when(keyStoreWrapperMock.getKeyStore()).thenReturn(keyStoreMock); + + doThrow(new KeyStoreException()).when(trustManagerFactoryMock).init(keyStoreMock); + + ImmutableFileServerData fileServerData = ImmutableFileServerData.builder().serverAddress(XNF_ADDRESS) + .userId(USERNAME).password(PASSWORD).port(PORT).build(); + + boolean result = clientUnderTest.collectFile(fileServerData, REMOTE_FILE_PATH, LOCAL_FILE_PATH); + + assertFalse(result); + } + + @Test + public void collectFileFaultyLogin_shouldFail() throws Exception { + when(keyManagerUtilsMock.getClientKeyManager()).thenReturn(keyManagerMock); + when(fileResourceMock.getInputStream()).thenReturn(inputStreamMock); + when(keyStoreWrapperMock.getKeyStore()).thenReturn(keyStoreMock); + when(trustManagerFactoryMock.getTrustManagers()).thenReturn(new TrustManager[] {trustManagerMock}); + when(ftpsClientMock.login(USERNAME, PASSWORD)).thenReturn(false); + + ImmutableFileServerData fileServerData = ImmutableFileServerData.builder().serverAddress(XNF_ADDRESS) + .userId(USERNAME).password(PASSWORD).port(PORT).build(); + + boolean result = clientUnderTest.collectFile(fileServerData, REMOTE_FILE_PATH, LOCAL_FILE_PATH); + + verify(ftpsClientMock, times(1)).logout(); + assertFalse(result); + } + + @Test + public void collectFileBadRequestResponse_shouldFail() throws Exception { + when(keyManagerUtilsMock.getClientKeyManager()).thenReturn(keyManagerMock); + when(fileResourceMock.getInputStream()).thenReturn(inputStreamMock); + when(keyStoreWrapperMock.getKeyStore()).thenReturn(keyStoreMock); + when(trustManagerFactoryMock.getTrustManagers()).thenReturn(new TrustManager[] {trustManagerMock}); + when(ftpsClientMock.login(USERNAME, PASSWORD)).thenReturn(true); + when(ftpsClientMock.getReplyCode()).thenReturn(HttpStatus.BAD_REQUEST.value()); + + ImmutableFileServerData fileServerData = ImmutableFileServerData.builder().serverAddress(XNF_ADDRESS) + .userId(USERNAME).password(PASSWORD).port(PORT).build(); + + boolean result = clientUnderTest.collectFile(fileServerData, REMOTE_FILE_PATH, LOCAL_FILE_PATH); + + verify(ftpsClientMock, times(1)).disconnect(); + assertFalse(result); + } + + @Test + public void collectFileFaultyConnection_shouldFail() throws Exception { + when(keyManagerUtilsMock.getClientKeyManager()).thenReturn(keyManagerMock); + when(fileResourceMock.getInputStream()).thenReturn(inputStreamMock); + when(keyStoreWrapperMock.getKeyStore()).thenReturn(keyStoreMock); + when(trustManagerFactoryMock.getTrustManagers()).thenReturn(new TrustManager[] {trustManagerMock}); + + doThrow(new IOException()).when(ftpsClientMock).connect(XNF_ADDRESS, PORT); + + ImmutableFileServerData fileServerData = ImmutableFileServerData.builder().serverAddress(XNF_ADDRESS) + .userId(USERNAME).password(PASSWORD).port(PORT).build(); + + boolean result = clientUnderTest.collectFile(fileServerData, REMOTE_FILE_PATH, LOCAL_FILE_PATH); + + assertFalse(result); + } + + @Test + public void collectFileFailingFileCollect_shouldFail() throws Exception { + when(keyManagerUtilsMock.getClientKeyManager()).thenReturn(keyManagerMock); + when(fileResourceMock.getInputStream()).thenReturn(inputStreamMock); + when(keyStoreWrapperMock.getKeyStore()).thenReturn(keyStoreMock); + when(trustManagerFactoryMock.getTrustManagers()).thenReturn(new TrustManager[] {trustManagerMock}); + when(ftpsClientMock.login(USERNAME, PASSWORD)).thenReturn(true); + when(ftpsClientMock.getReplyCode()).thenReturn(HttpStatus.OK.value()); + + doThrow(new IOException()).when(localFileMock).createNewFile(); + + ImmutableFileServerData fileServerData = ImmutableFileServerData.builder().serverAddress(XNF_ADDRESS) + .userId(USERNAME).password(PASSWORD).port(PORT).build(); + + boolean result = clientUnderTest.collectFile(fileServerData, REMOTE_FILE_PATH, LOCAL_FILE_PATH); + + assertFalse(result); + } +} \ No newline at end of file diff --git a/datafile-dmaap-client/src/test/java/org/onap/dcaegen2/collectors/datafile/ftp/SftpClientTest.java b/datafile-dmaap-client/src/test/java/org/onap/dcaegen2/collectors/datafile/ftp/SftpClientTest.java new file mode 100644 index 00000000..13f1fbb9 --- /dev/null +++ b/datafile-dmaap-client/src/test/java/org/onap/dcaegen2/collectors/datafile/ftp/SftpClientTest.java @@ -0,0 +1,103 @@ +/* + * ============LICENSE_START====================================================================== + * Copyright (C) 2018 Nordix Foundation. All rights reserved. + * =============================================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END======================================================================== + */ + +package org.onap.dcaegen2.collectors.datafile.ftp; + +import static java.nio.charset.StandardCharsets.UTF_8; +import static org.apache.commons.io.IOUtils.toByteArray; +import static org.assertj.core.api.Assertions.assertThat; + +import com.github.stefanbirkner.fakesftpserver.rule.FakeSftpServerRule; +import com.jcraft.jsch.ChannelSftp; +import com.jcraft.jsch.JSch; +import com.jcraft.jsch.JSchException; +import com.jcraft.jsch.Session; +import com.jcraft.jsch.SftpException; + +import java.io.File; +import java.io.IOException; +import java.io.InputStream; +import java.nio.file.Files; + +import org.junit.Rule; +import org.junit.Test; + +public class SftpClientTest { + private static final String USERNAME = "bob"; + private static final String PASSWORD = "123"; + private static final String DUMMY_CONTENT = "dummy content"; + private static final String LOCAL_DUMMY_FILE = "target/dummy.txt"; + private static final String REMOTE_DUMMY_FILE = "/dummy_directory/dummy_file.txt"; + private static final JSch JSCH = new JSch(); + private static final int TIMEOUT = 2000; + + @Rule + public final FakeSftpServerRule sftpServer = new FakeSftpServerRule().addUser(USERNAME, PASSWORD); + + @Test + public void collectFile_withOKresponse() throws IOException, JSchException, SftpException { + SftpClient sftpClient = new SftpClient(); + sftpServer.putFile(REMOTE_DUMMY_FILE, DUMMY_CONTENT, UTF_8); + byte[] file = downloadFile(sftpServer, REMOTE_DUMMY_FILE); + FileServerData expectedFileServerData = ImmutableFileServerData.builder().serverAddress("127.0.0.1") + .userId(USERNAME).password(PASSWORD).port(sftpServer.getPort()).build(); + sftpClient.collectFile(expectedFileServerData, REMOTE_DUMMY_FILE, + LOCAL_DUMMY_FILE); + byte[] localFile = Files.readAllBytes(new File(LOCAL_DUMMY_FILE).toPath()); + assertThat(new String(file, UTF_8)).isEqualTo(DUMMY_CONTENT); + assertThat(new String(localFile, UTF_8)).isEqualTo(DUMMY_CONTENT); + } + + private static Session connectToServer(FakeSftpServerRule sftpServer) throws JSchException { + return connectToServerAtPort(sftpServer.getPort()); + } + + private static Session connectToServerAtPort(int port) throws JSchException { + Session session = createSessionWithCredentials(USERNAME, PASSWORD, port); + session.connect(TIMEOUT); + return session; + } + + private static ChannelSftp connectSftpChannel(Session session) throws JSchException { + ChannelSftp channel = (ChannelSftp) session.openChannel("sftp"); + channel.connect(); + return channel; + } + + private static Session createSessionWithCredentials(String username, String password, int port) + throws JSchException { + Session session = JSCH.getSession(username, "127.0.0.1", port); + session.setConfig("StrictHostKeyChecking", "no"); + session.setPassword(password); + return session; + } + + private static byte[] downloadFile(FakeSftpServerRule server, String path) + throws JSchException, SftpException, IOException { + Session session = connectToServer(server); + ChannelSftp channel = connectSftpChannel(session); + try { + InputStream is = channel.get(path); + return toByteArray(is); + } finally { + channel.disconnect(); + session.disconnect(); + } + } + +} diff --git a/datafile-dmaap-client/src/test/java/org/onap/dcaegen2/collectors/datafile/service/producer/DmaapProducerReactiveHttpClientTest.java b/datafile-dmaap-client/src/test/java/org/onap/dcaegen2/collectors/datafile/service/producer/DmaapProducerReactiveHttpClientTest.java index 7e8ec734..ba424626 100644 --- a/datafile-dmaap-client/src/test/java/org/onap/dcaegen2/collectors/datafile/service/producer/DmaapProducerReactiveHttpClientTest.java +++ b/datafile-dmaap-client/src/test/java/org/onap/dcaegen2/collectors/datafile/service/producer/DmaapProducerReactiveHttpClientTest.java @@ -36,9 +36,11 @@ import org.apache.commons.io.IOUtils; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.onap.dcaegen2.collectors.datafile.config.DmaapPublisherConfiguration; +import org.onap.dcaegen2.collectors.datafile.io.IFileSystemResource; import org.onap.dcaegen2.collectors.datafile.model.CommonFunctions; import org.onap.dcaegen2.collectors.datafile.model.ConsumerDmaapModel; import org.onap.dcaegen2.collectors.datafile.model.ConsumerDmaapModelForUnitTest; +import org.onap.dcaegen2.collectors.datafile.web.IRestTemplate; import org.springframework.http.HttpEntity; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpMethod; @@ -123,6 +125,7 @@ class DmaapProducerReactiveHttpClientTest { fileStream.reset(); HttpEntity requestEntity = new HttpEntity<>(IOUtils.toByteArray(fileStream), headers); + verify(fileSystemResourceMock).setPath("target/" + FILE_NAME); verify(restTemplateMock).exchange(expectedUri, HttpMethod.PUT, requestEntity, String.class); verifyNoMoreInteractions(restTemplateMock); } -- cgit 1.2.3-korg