diff options
6 files changed, 218 insertions, 32 deletions
diff --git a/Changelog.md b/Changelog.md index 0bcc63d0..3c7339f0 100644 --- a/Changelog.md +++ b/Changelog.md @@ -5,7 +5,8 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/). ## [1.12.2] - 2023/01/20 - [DCAEGEN2-3334] - Update tests execution to be platform agnostic - + - [DCAEGEN2-3345] - Add additional tests for ConfigProcessor and ApiAuthInterceptor + ## [1.12.1] - 2022/12/05 - [DCAEGEN2-3257] - Align DCAE components with the new logging GR. diff --git a/src/main/java/org/onap/dcae/common/ConfigProcessors.java b/src/main/java/org/onap/dcae/common/ConfigProcessors.java index d1c5e5a0..040a3e6e 100644 --- a/src/main/java/org/onap/dcae/common/ConfigProcessors.java +++ b/src/main/java/org/onap/dcae/common/ConfigProcessors.java @@ -2,8 +2,7 @@ * ============LICENSE_START======================================================= * PROJECT * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights - * reserved. + * Copyright (C) 2017,2023 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -72,7 +71,7 @@ public class ConfigProcessors { } - private String evaluate(String str) { + String evaluate(String str) { String value = str; if (str.startsWith("$")) { value = (String) getEventObjectVal(str.substring(1)); @@ -134,7 +133,7 @@ public class ConfigProcessors { } - private void renameArrayInArray(JSONObject jsonObject) // map + void renameArrayInArray(JSONObject jsonObject) // map { log.info("renameArrayInArray"); final String field = jsonObject.getString(FIELD); @@ -437,7 +436,7 @@ public class ConfigProcessors { } - private boolean checkFilter(JSONObject jo, String key, String logicKey) { + boolean checkFilter(JSONObject jo, String key, String logicKey) { String filterValue = jo.getString(key); if (filterValue.contains(":")) { String[] splitVal = filterValue.split(":"); @@ -455,7 +454,7 @@ public class ConfigProcessors { } } - if ("contains".equals(splitVal[0])) { + if ("contains".equals(splitVal[0])) { if ("not".equals(logicKey)) { if (getEventObjectVal(key).toString().contains(splitVal[1])) { log.info(filterValue + "==" + key + "==" + getEventObjectVal(key) + COMP_FALSE); diff --git a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java index 8c5fb82a..a9f309a3 100644 --- a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java +++ b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java @@ -3,6 +3,7 @@ * org.onap.dcaegen2.collectors.ves * ================================================================================ * Copyright (C) 2018 - 2019 Nokia. All rights reserved. + * Copyright (C) 2023 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -115,18 +116,18 @@ public class ApiAuthInterceptor extends HandlerInterceptorAdapter { return false; } - private boolean isBasicAuth() { + boolean isBasicAuth() { return settings.authMethod().equalsIgnoreCase(AuthMethodType.CERT_BASIC_AUTH.value()); } - private boolean isAuthorized(String authorizationHeader) { + boolean isAuthorized(String authorizationHeader) { try { String decodeCredentials = decodeCredentials(authorizationHeader); String providedUser = extractUser(decodeCredentials); String providedPassword = extractPassword(decodeCredentials); Option<String> maybeSavedPassword = settings.validAuthorizationCredentials().get(providedUser); boolean userRegistered = maybeSavedPassword.isDefined(); - return userRegistered && cryptPassword.matches(providedPassword,maybeSavedPassword.get()); + return userRegistered && verifyCryptPassword(providedPassword,maybeSavedPassword); } catch (Exception e) { LOG.warn(String.format("Could not check if user is authorized (header: '%s')), probably malformed header.", authorizationHeader), e); @@ -134,6 +135,10 @@ public class ApiAuthInterceptor extends HandlerInterceptorAdapter { } } + Boolean verifyCryptPassword(String providedPassword, Option<String> maybeSavedPassword) { + return cryptPassword.matches(providedPassword,maybeSavedPassword.get()); + } + private String extractPassword(String decodeCredentials) { return decodeCredentials.split(":")[1].trim(); } @@ -146,4 +151,4 @@ public class ApiAuthInterceptor extends HandlerInterceptorAdapter { String encodedData = authorizationHeader.split(" ")[1]; return new String(Base64.getDecoder().decode(encodedData)); } -}
\ No newline at end of file +} diff --git a/src/test/java/org/onap/dcae/common/ConfigProcessorAdapterTest.java b/src/test/java/org/onap/dcae/common/ConfigProcessorAdapterTest.java index 214badaf..824d4577 100644 --- a/src/test/java/org/onap/dcae/common/ConfigProcessorAdapterTest.java +++ b/src/test/java/org/onap/dcae/common/ConfigProcessorAdapterTest.java @@ -1,24 +1,26 @@ -// -// ================================================================================ -// Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved. -// Copyright (c) 2018 Nokia. All rights reserved. -// ================================================================================ -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// ============LICENSE_END========================================================= -// -// +/*- + * ============LICENSE_START======================================================= + * dcaegen2-collector-ves + * ================================================================================ + * Copyright (c) 2017-2018,2023 AT&T Intellectual Property. All rights reserved. + * Copyright (c) 2018 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ package org.onap.dcae.common; +import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; @@ -54,6 +56,18 @@ public class ConfigProcessorAdapterTest { } @Test + public void shouldCallIsFilterNotMetOnAdapter() { + //given + JSONObject parameter = new JSONObject(); + when(configProcessors.isFilterMet(parameter)).thenReturn(false); + //when + boolean actualReturn = configProcessorAdapter.isFilterMet(parameter); + //then + assertFalse(actualReturn); + verify(configProcessors, times(1)).isFilterMet(parameter); + } + + @Test public void shouldCallGivenMethodFromConfigProcessor() throws Exception { JSONObject parameter = new JSONObject(); String exampleFunction = "concatenateValue"; @@ -62,5 +76,4 @@ public class ConfigProcessorAdapterTest { //then verify(configProcessors, times(1)).concatenateValue(parameter); } - -}
\ No newline at end of file +} diff --git a/src/test/java/org/onap/dcae/common/ConfigProcessorTest.java b/src/test/java/org/onap/dcae/common/ConfigProcessorTest.java new file mode 100644 index 00000000..7fe80e03 --- /dev/null +++ b/src/test/java/org/onap/dcae/common/ConfigProcessorTest.java @@ -0,0 +1,127 @@ +/*- + * ============LICENSE_START======================================================= + * dcaegen2-collector-ves + * ================================================================================ + * Copyright (C) 2023 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + + +package org.onap.dcae.common; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.mockito.Mockito.doReturn; +import static org.mockito.Mockito.times; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; + +import org.json.JSONObject; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.mockito.Mock; +import org.mockito.Mockito; +import org.mockito.Spy; +import org.mockito.junit.MockitoJUnitRunner; +import org.onap.dcae.configuration.ConfigUpdater; +import org.onap.dcae.restapi.ApiException.ExceptionType; +import org.onap.dcae.common.ConfigProcessors; + +@RunWith(MockitoJUnitRunner.class) +public class ConfigProcessorTest { + + + @Spy + ConfigProcessors configProcessors = new ConfigProcessors(new JSONObject()); + + @Test + public void verifyRenameArrayInArray() { + + JSONObject jsonObj = new JSONObject(" {\r\n" + + " \"field\": \"event.measurementsForVfScalingFields\",\r\n" + + " \"oldField\": \"event.measurementFields\",\r\n" + + " \"mapType\": \"renameObject\"\r\n" + + " }"); + doReturn("ObjectNotFound").when(configProcessors).getEventObjectVal(Mockito.any()); + configProcessors.renameArrayInArray(jsonObj); + + } + + @Test + public void verifyCheckFilter() { + + //Test for key as matches + JSONObject jsonObj = new JSONObject("{\r\n" + + " \"event.commonEventHeader.reportingEntityName\": \"matches:.*ircc|irpr.*\"\r\n" + + " }"); + + //Should return true when pattern not matched and logickey is "not" + doReturn("random").when(configProcessors).getEventObjectVal(Mockito.any()); + assertTrue((configProcessors.checkFilter(jsonObj, "event.commonEventHeader.reportingEntityName", "not"))); + + //Should return false when pattern matched and logickey is "not" + doReturn("ircc").when(configProcessors).getEventObjectVal(Mockito.any()); + assertFalse((configProcessors.checkFilter(jsonObj, "event.commonEventHeader.reportingEntityName", "not"))); + + //Should return false when pattern not matched + doReturn("random").when(configProcessors).getEventObjectVal(Mockito.any()); + assertFalse((configProcessors.checkFilter(jsonObj, "event.commonEventHeader.reportingEntityName", ""))); + + //Test for key as contains + JSONObject jsonObj1 = new JSONObject("{\r\n" + + " \"event.commonEventHeader.reportingEntityName\": \"contains:ircc\"\r\n" + + " }"); + + //Should return false when pattern matched and logickey is "not" + doReturn("vnfircc001").when(configProcessors).getEventObjectVal(Mockito.any()); + assertFalse((configProcessors.checkFilter(jsonObj1, "event.commonEventHeader.reportingEntityName", "not"))); + + + doReturn("random").when(configProcessors).getEventObjectVal(Mockito.any()); + assertFalse((configProcessors.checkFilter(jsonObj1, "event.commonEventHeader.reportingEntityName", ""))); + + //Test for value as string + JSONObject jsonObj3 = new JSONObject("{\r\n" + + " \"event.commonEventHeader.reportingEntityName\": \"testabc\"\r\n" + + " }"); + + //Should return false when pattern matched and logickey is "not" + doReturn("testabc").when(configProcessors).getEventObjectVal(Mockito.any()); + assertFalse((configProcessors.checkFilter(jsonObj3, "event.commonEventHeader.reportingEntityName", "not"))); + + //Should return false when pattern not matched + doReturn("False").when(configProcessors).getEventObjectVal(Mockito.any()); + assertFalse((configProcessors.checkFilter(jsonObj3, "event.commonEventHeader.reportingEntityName", ""))); + + } + + @Test + public void verifyIsFilterMet() { + JSONObject jsonObj = new JSONObject("{\r\n" + + " \"event.commonEventHeader.domain\": \"measurementsForVfScaling\",\r\n" + + " \"VESversion\": \"v4\",\r\n" + + " \"not\": {\r\n" + + " \"event.commonEventHeader.reportingEntityName\": \"matches:.*ircc|irpr.*\"\r\n" + + " }" + + " }"); + doReturn(false).when(configProcessors).checkFilter(Mockito.any(),Mockito.any(),Mockito.any()); + assertFalse((configProcessors.isFilterMet(jsonObj))); + + doReturn(true).when(configProcessors).checkFilter(Mockito.any(),Mockito.any(),Mockito.any()); + assertTrue((configProcessors.isFilterMet(jsonObj))); + } +} diff --git a/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java b/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java index 931e7bc3..c5e56e3f 100644 --- a/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java +++ b/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java @@ -3,6 +3,7 @@ * org.onap.dcaegen2.collectors.ves * ================================================================================ * Copyright (C) 2018 - 2021 Nokia. All rights reserved. + * Copyright (C) 2023 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,6 +25,7 @@ import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.InjectMocks; import org.mockito.Mock; +import org.mockito.Mockito; import org.mockito.junit.MockitoJUnitRunner; import org.onap.dcae.ApplicationSettings; import org.onap.dcae.common.configuration.AuthMethodType; @@ -32,13 +34,17 @@ import org.springframework.http.HttpStatus; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.test.web.servlet.request.MockMvcRequestBuilders; +import io.vavr.collection.HashMap; +import io.vavr.collection.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; + import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; +import static org.mockito.Mockito.doReturn; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; @@ -129,6 +135,41 @@ public class ApiAuthInterceptionTest { verify(response).setStatus(HttpStatus.BAD_REQUEST.value()); } + @Test + public void shouldPassAuthorizationWithValidHeader() throws IOException { + + // given + //Map<String, String> map = HashMap.of("sample1", "$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6"); + Map<String, String> map = HashMap.of("test1", "testpassword"); + when(settings.validAuthorizationCredentials()).thenReturn(map); + ApiAuthInterceptor spyauthint = Mockito.spy(new ApiAuthInterceptor(settings, log)); + String str = "Basic dGVzdDE6dGVzdHBhc3N3b3Jk"; + doReturn(true).when(spyauthint).verifyCryptPassword(Mockito.any(), Mockito.any()); + + // when + boolean isAuthorized = spyauthint.isAuthorized(str); + + // then + assertTrue(isAuthorized); + } + + @Test + public void shouldFailAuthorizationWithoutValidHeader() throws IOException { + + // given + Map<String, String> map = HashMap.of("test1", "testpassword"); + when(settings.validAuthorizationCredentials()).thenReturn(map); + ApiAuthInterceptor spyauthint = Mockito.spy(new ApiAuthInterceptor(settings, log)); + String str = "Basic randombase64authheader12345"; + doReturn(true).when(spyauthint).verifyCryptPassword(Mockito.any(), Mockito.any()); + + // when + boolean isAuthorized = spyauthint.isAuthorized(str); + + // then + assertFalse(isAuthorized); + } + private HttpServletRequest createEmptyRequest() { return MockMvcRequestBuilders .post("/") |