summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Changelog.md3
-rw-r--r--src/main/java/org/onap/dcae/common/ConfigProcessors.java11
-rw-r--r--src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java13
-rw-r--r--src/test/java/org/onap/dcae/common/ConfigProcessorAdapterTest.java55
-rw-r--r--src/test/java/org/onap/dcae/common/ConfigProcessorTest.java127
-rw-r--r--src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java41
6 files changed, 218 insertions, 32 deletions
diff --git a/Changelog.md b/Changelog.md
index 0bcc63d0..3c7339f0 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -5,7 +5,8 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/)
and this project adheres to [Semantic Versioning](http://semver.org/).
## [1.12.2] - 2023/01/20
- [DCAEGEN2-3334] - Update tests execution to be platform agnostic
-
+ - [DCAEGEN2-3345] - Add additional tests for ConfigProcessor and ApiAuthInterceptor
+
## [1.12.1] - 2022/12/05
- [DCAEGEN2-3257] - Align DCAE components with the new logging GR.
diff --git a/src/main/java/org/onap/dcae/common/ConfigProcessors.java b/src/main/java/org/onap/dcae/common/ConfigProcessors.java
index d1c5e5a0..040a3e6e 100644
--- a/src/main/java/org/onap/dcae/common/ConfigProcessors.java
+++ b/src/main/java/org/onap/dcae/common/ConfigProcessors.java
@@ -2,8 +2,7 @@
* ============LICENSE_START=======================================================
* PROJECT
* ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights
- * reserved.
+ * Copyright (C) 2017,2023 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -72,7 +71,7 @@ public class ConfigProcessors {
}
- private String evaluate(String str) {
+ String evaluate(String str) {
String value = str;
if (str.startsWith("$")) {
value = (String) getEventObjectVal(str.substring(1));
@@ -134,7 +133,7 @@ public class ConfigProcessors {
}
- private void renameArrayInArray(JSONObject jsonObject) // map
+ void renameArrayInArray(JSONObject jsonObject) // map
{
log.info("renameArrayInArray");
final String field = jsonObject.getString(FIELD);
@@ -437,7 +436,7 @@ public class ConfigProcessors {
}
- private boolean checkFilter(JSONObject jo, String key, String logicKey) {
+ boolean checkFilter(JSONObject jo, String key, String logicKey) {
String filterValue = jo.getString(key);
if (filterValue.contains(":")) {
String[] splitVal = filterValue.split(":");
@@ -455,7 +454,7 @@ public class ConfigProcessors {
}
}
- if ("contains".equals(splitVal[0])) {
+ if ("contains".equals(splitVal[0])) {
if ("not".equals(logicKey)) {
if (getEventObjectVal(key).toString().contains(splitVal[1])) {
log.info(filterValue + "==" + key + "==" + getEventObjectVal(key) + COMP_FALSE);
diff --git a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
index 8c5fb82a..a9f309a3 100644
--- a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
+++ b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
@@ -3,6 +3,7 @@
* org.onap.dcaegen2.collectors.ves
* ================================================================================
* Copyright (C) 2018 - 2019 Nokia. All rights reserved.
+ * Copyright (C) 2023 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -115,18 +116,18 @@ public class ApiAuthInterceptor extends HandlerInterceptorAdapter {
return false;
}
- private boolean isBasicAuth() {
+ boolean isBasicAuth() {
return settings.authMethod().equalsIgnoreCase(AuthMethodType.CERT_BASIC_AUTH.value());
}
- private boolean isAuthorized(String authorizationHeader) {
+ boolean isAuthorized(String authorizationHeader) {
try {
String decodeCredentials = decodeCredentials(authorizationHeader);
String providedUser = extractUser(decodeCredentials);
String providedPassword = extractPassword(decodeCredentials);
Option<String> maybeSavedPassword = settings.validAuthorizationCredentials().get(providedUser);
boolean userRegistered = maybeSavedPassword.isDefined();
- return userRegistered && cryptPassword.matches(providedPassword,maybeSavedPassword.get());
+ return userRegistered && verifyCryptPassword(providedPassword,maybeSavedPassword);
} catch (Exception e) {
LOG.warn(String.format("Could not check if user is authorized (header: '%s')), probably malformed header.",
authorizationHeader), e);
@@ -134,6 +135,10 @@ public class ApiAuthInterceptor extends HandlerInterceptorAdapter {
}
}
+ Boolean verifyCryptPassword(String providedPassword, Option<String> maybeSavedPassword) {
+ return cryptPassword.matches(providedPassword,maybeSavedPassword.get());
+ }
+
private String extractPassword(String decodeCredentials) {
return decodeCredentials.split(":")[1].trim();
}
@@ -146,4 +151,4 @@ public class ApiAuthInterceptor extends HandlerInterceptorAdapter {
String encodedData = authorizationHeader.split(" ")[1];
return new String(Base64.getDecoder().decode(encodedData));
}
-} \ No newline at end of file
+}
diff --git a/src/test/java/org/onap/dcae/common/ConfigProcessorAdapterTest.java b/src/test/java/org/onap/dcae/common/ConfigProcessorAdapterTest.java
index 214badaf..824d4577 100644
--- a/src/test/java/org/onap/dcae/common/ConfigProcessorAdapterTest.java
+++ b/src/test/java/org/onap/dcae/common/ConfigProcessorAdapterTest.java
@@ -1,24 +1,26 @@
-//
-// ================================================================================
-// Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.
-// Copyright (c) 2018 Nokia. All rights reserved.
-// ================================================================================
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-// ============LICENSE_END=========================================================
-//
-//
+/*-
+ * ============LICENSE_START=======================================================
+ * dcaegen2-collector-ves
+ * ================================================================================
+ * Copyright (c) 2017-2018,2023 AT&T Intellectual Property. All rights reserved.
+ * Copyright (c) 2018 Nokia. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
package org.onap.dcae.common;
+import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
@@ -54,6 +56,18 @@ public class ConfigProcessorAdapterTest {
}
@Test
+ public void shouldCallIsFilterNotMetOnAdapter() {
+ //given
+ JSONObject parameter = new JSONObject();
+ when(configProcessors.isFilterMet(parameter)).thenReturn(false);
+ //when
+ boolean actualReturn = configProcessorAdapter.isFilterMet(parameter);
+ //then
+ assertFalse(actualReturn);
+ verify(configProcessors, times(1)).isFilterMet(parameter);
+ }
+
+ @Test
public void shouldCallGivenMethodFromConfigProcessor() throws Exception {
JSONObject parameter = new JSONObject();
String exampleFunction = "concatenateValue";
@@ -62,5 +76,4 @@ public class ConfigProcessorAdapterTest {
//then
verify(configProcessors, times(1)).concatenateValue(parameter);
}
-
-} \ No newline at end of file
+}
diff --git a/src/test/java/org/onap/dcae/common/ConfigProcessorTest.java b/src/test/java/org/onap/dcae/common/ConfigProcessorTest.java
new file mode 100644
index 00000000..7fe80e03
--- /dev/null
+++ b/src/test/java/org/onap/dcae/common/ConfigProcessorTest.java
@@ -0,0 +1,127 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * dcaegen2-collector-ves
+ * ================================================================================
+ * Copyright (C) 2023 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+
+package org.onap.dcae.common;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.doReturn;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import org.json.JSONObject;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.Spy;
+import org.mockito.junit.MockitoJUnitRunner;
+import org.onap.dcae.configuration.ConfigUpdater;
+import org.onap.dcae.restapi.ApiException.ExceptionType;
+import org.onap.dcae.common.ConfigProcessors;
+
+@RunWith(MockitoJUnitRunner.class)
+public class ConfigProcessorTest {
+
+
+ @Spy
+ ConfigProcessors configProcessors = new ConfigProcessors(new JSONObject());
+
+ @Test
+ public void verifyRenameArrayInArray() {
+
+ JSONObject jsonObj = new JSONObject(" {\r\n"
+ + " \"field\": \"event.measurementsForVfScalingFields\",\r\n"
+ + " \"oldField\": \"event.measurementFields\",\r\n"
+ + " \"mapType\": \"renameObject\"\r\n"
+ + " }");
+ doReturn("ObjectNotFound").when(configProcessors).getEventObjectVal(Mockito.any());
+ configProcessors.renameArrayInArray(jsonObj);
+
+ }
+
+ @Test
+ public void verifyCheckFilter() {
+
+ //Test for key as matches
+ JSONObject jsonObj = new JSONObject("{\r\n"
+ + " \"event.commonEventHeader.reportingEntityName\": \"matches:.*ircc|irpr.*\"\r\n"
+ + " }");
+
+ //Should return true when pattern not matched and logickey is "not"
+ doReturn("random").when(configProcessors).getEventObjectVal(Mockito.any());
+ assertTrue((configProcessors.checkFilter(jsonObj, "event.commonEventHeader.reportingEntityName", "not")));
+
+ //Should return false when pattern matched and logickey is "not"
+ doReturn("ircc").when(configProcessors).getEventObjectVal(Mockito.any());
+ assertFalse((configProcessors.checkFilter(jsonObj, "event.commonEventHeader.reportingEntityName", "not")));
+
+ //Should return false when pattern not matched
+ doReturn("random").when(configProcessors).getEventObjectVal(Mockito.any());
+ assertFalse((configProcessors.checkFilter(jsonObj, "event.commonEventHeader.reportingEntityName", "")));
+
+ //Test for key as contains
+ JSONObject jsonObj1 = new JSONObject("{\r\n"
+ + " \"event.commonEventHeader.reportingEntityName\": \"contains:ircc\"\r\n"
+ + " }");
+
+ //Should return false when pattern matched and logickey is "not"
+ doReturn("vnfircc001").when(configProcessors).getEventObjectVal(Mockito.any());
+ assertFalse((configProcessors.checkFilter(jsonObj1, "event.commonEventHeader.reportingEntityName", "not")));
+
+
+ doReturn("random").when(configProcessors).getEventObjectVal(Mockito.any());
+ assertFalse((configProcessors.checkFilter(jsonObj1, "event.commonEventHeader.reportingEntityName", "")));
+
+ //Test for value as string
+ JSONObject jsonObj3 = new JSONObject("{\r\n"
+ + " \"event.commonEventHeader.reportingEntityName\": \"testabc\"\r\n"
+ + " }");
+
+ //Should return false when pattern matched and logickey is "not"
+ doReturn("testabc").when(configProcessors).getEventObjectVal(Mockito.any());
+ assertFalse((configProcessors.checkFilter(jsonObj3, "event.commonEventHeader.reportingEntityName", "not")));
+
+ //Should return false when pattern not matched
+ doReturn("False").when(configProcessors).getEventObjectVal(Mockito.any());
+ assertFalse((configProcessors.checkFilter(jsonObj3, "event.commonEventHeader.reportingEntityName", "")));
+
+ }
+
+ @Test
+ public void verifyIsFilterMet() {
+ JSONObject jsonObj = new JSONObject("{\r\n"
+ + " \"event.commonEventHeader.domain\": \"measurementsForVfScaling\",\r\n"
+ + " \"VESversion\": \"v4\",\r\n"
+ + " \"not\": {\r\n"
+ + " \"event.commonEventHeader.reportingEntityName\": \"matches:.*ircc|irpr.*\"\r\n"
+ + " }"
+ + " }");
+ doReturn(false).when(configProcessors).checkFilter(Mockito.any(),Mockito.any(),Mockito.any());
+ assertFalse((configProcessors.isFilterMet(jsonObj)));
+
+ doReturn(true).when(configProcessors).checkFilter(Mockito.any(),Mockito.any(),Mockito.any());
+ assertTrue((configProcessors.isFilterMet(jsonObj)));
+ }
+}
diff --git a/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java b/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java
index 931e7bc3..c5e56e3f 100644
--- a/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java
+++ b/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java
@@ -3,6 +3,7 @@
* org.onap.dcaegen2.collectors.ves
* ================================================================================
* Copyright (C) 2018 - 2021 Nokia. All rights reserved.
+ * Copyright (C) 2023 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -24,6 +25,7 @@ import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.InjectMocks;
import org.mockito.Mock;
+import org.mockito.Mockito;
import org.mockito.junit.MockitoJUnitRunner;
import org.onap.dcae.ApplicationSettings;
import org.onap.dcae.common.configuration.AuthMethodType;
@@ -32,13 +34,17 @@ import org.springframework.http.HttpStatus;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import io.vavr.collection.HashMap;
+import io.vavr.collection.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
+
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
@@ -129,6 +135,41 @@ public class ApiAuthInterceptionTest {
verify(response).setStatus(HttpStatus.BAD_REQUEST.value());
}
+ @Test
+ public void shouldPassAuthorizationWithValidHeader() throws IOException {
+
+ // given
+ //Map<String, String> map = HashMap.of("sample1", "$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6");
+ Map<String, String> map = HashMap.of("test1", "testpassword");
+ when(settings.validAuthorizationCredentials()).thenReturn(map);
+ ApiAuthInterceptor spyauthint = Mockito.spy(new ApiAuthInterceptor(settings, log));
+ String str = "Basic dGVzdDE6dGVzdHBhc3N3b3Jk";
+ doReturn(true).when(spyauthint).verifyCryptPassword(Mockito.any(), Mockito.any());
+
+ // when
+ boolean isAuthorized = spyauthint.isAuthorized(str);
+
+ // then
+ assertTrue(isAuthorized);
+ }
+
+ @Test
+ public void shouldFailAuthorizationWithoutValidHeader() throws IOException {
+
+ // given
+ Map<String, String> map = HashMap.of("test1", "testpassword");
+ when(settings.validAuthorizationCredentials()).thenReturn(map);
+ ApiAuthInterceptor spyauthint = Mockito.spy(new ApiAuthInterceptor(settings, log));
+ String str = "Basic randombase64authheader12345";
+ doReturn(true).when(spyauthint).verifyCryptPassword(Mockito.any(), Mockito.any());
+
+ // when
+ boolean isAuthorized = spyauthint.isAuthorized(str);
+
+ // then
+ assertFalse(isAuthorized);
+ }
+
private HttpServletRequest createEmptyRequest() {
return MockMvcRequestBuilders
.post("/")