SSL key loading for Dmaap client

Change-Id: I65b3d0bcd6735af655c9243f20f3596ce8f03aca Issue-ID: DCAEGEN2-1501 Signed-off-by: grabinsk <maciej.grabinski@nokia.com>
author: grabinsk <maciej.grabinski@nokia.com> 2019-05-28 11:23:53 +0200
committer: grabinsk <maciej.grabinski@nokia.com> 2019-05-29 09:32:47 +0200
commit: 37444e2753f351cfe22b4651bcf777b833aeba92 (patch)
tree: 9280875024a947f1b644aa9f1c93bc81799d1201 /prh-app-server/src/test
parent: 37dd2cb2d2ad38ad1e6dd83f3ff5b40bc2c0f614 (diff)
9 files changed, 94 insertions, 33 deletions
diff --git a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/configuration/ConsulConfigurationParserTest.java b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/configuration/ConsulConfigurationParserTest.java
index 350cee68..24586a08 100644
--- a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/configuration/ConsulConfigurationParserTest.java
+++ b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/configuration/ConsulConfigurationParserTest.java
@@ -22,20 +22,25 @@ package org.onap.dcaegen2.services.prh.configuration;
 
 import com.google.gson.Gson;
 import com.google.gson.JsonObject;
+import org.jetbrains.annotations.Nullable;
 import org.junit.jupiter.api.Test;
 import org.onap.dcaegen2.services.prh.TestAppConfiguration;
 import org.onap.dcaegen2.services.sdk.rest.services.aai.client.config.AaiClientConfiguration;
 import org.onap.dcaegen2.services.sdk.rest.services.aai.client.config.ImmutableAaiClientConfiguration;
-import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.model.ImmutableMessageRouterPublishRequest;
 import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.model.MessageRouterPublishRequest;
 import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.model.MessageRouterSubscribeRequest;
+import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.model.config.MessageRouterPublisherConfig;
+import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.model.config.MessageRouterSubscriberConfig;
+import org.onap.dcaegen2.services.sdk.security.ssl.SecurityKeys;
 
+import java.net.URISyntaxException;
 import java.nio.file.Files;
 import java.nio.file.Paths;
 import java.time.Duration;
 
 import static java.lang.ClassLoader.getSystemResource;
 import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assumptions.assumeFalse;
 
 
 class ConsulConfigurationParserTest {
@@ -44,10 +49,9 @@ class ConsulConfigurationParserTest {
             new String(Files.readAllBytes(Paths.get(getSystemResource("flattened_configuration.json").toURI())));
     private final ImmutableAaiClientConfiguration correctAaiClientConfig =
             TestAppConfiguration.createDefaultAaiClientConfiguration();
-    private final ImmutableMessageRouterPublishRequest correctDmaapPublisherConfig =
-            TestAppConfiguration.createDefaultMessageRouterPublishRequest();
-    private final CbsContentParser consulConfigurationParser = new CbsContentParser(
-            new Gson().fromJson(correctJson, JsonObject.class));
+
+    private final JsonObject correctConfig = new Gson().fromJson(correctJson, JsonObject.class);
+    private final CbsContentParser consulConfigurationParser = new CbsContentParser(correctConfig);
 
     ConsulConfigurationParserTest() throws Exception {
     }
@@ -83,4 +87,72 @@ class ConsulConfigurationParserTest {
         assertThat(messageRouterPublishRequest.contentType()).isEqualTo("application/json");
         assertThat(messageRouterPublishRequest.sinkDefinition().topicUrl()).isEqualTo("http://dmaap-mr:2222/events/unauthenticated.PNF_READY");
     }
+
+    @Test
+    void whenDmaapCertAuthIsDisabled_MessageRouterPublisherConfigSecurityKeysShouldBeIgnored() {
+        assumeFalse(correctConfig.getAsJsonObject("config").get("security.enableDmaapCertAuth").getAsBoolean());
+
+        MessageRouterPublisherConfig messageRouterPublisherConfig = consulConfigurationParser.getMessageRouterPublisherConfig();
+
+        assertThat(messageRouterPublisherConfig.securityKeys()).isNull();
+    }
+
+    @Test
+    void whenDmaapCertAuthIsDisabled_MessageRouterSubscriberConfigSecurityKeysShouldBeIgnored() {
+        assumeFalse(correctConfig.getAsJsonObject("config").get("security.enableDmaapCertAuth").getAsBoolean());
+
+        MessageRouterSubscriberConfig messageRouterSubscriberConfig = consulConfigurationParser.getMessageRouterSubscriberConfig();
+
+        assertThat(messageRouterSubscriberConfig.securityKeys()).isNull();
+    }
+
+
+    @Test
+    void whenDmaapCertAuthIsEnabled_MessageRouterPublisherConfigSecurityKeysShouldBeLoaded() {
+        CbsContentParser consulConfigurationParser = new CbsContentParser(getConfigWithSslEnabled(correctJson));
+
+        MessageRouterPublisherConfig messageRouterPublisherConfig = consulConfigurationParser.getMessageRouterPublisherConfig();
+
+        verifySecurityKeys(messageRouterPublisherConfig.securityKeys());
+    }
+
+
+    @Test
+    void whenDmaapCertAuthIsEnabled_MessageRouterSubscriberConfigSecurityKeysShouldBeLoaded() {
+        CbsContentParser consulConfigurationParser = new CbsContentParser(getConfigWithSslEnabled(correctJson));
+
+        MessageRouterSubscriberConfig messageRouterSubscriberConfig = consulConfigurationParser.getMessageRouterSubscriberConfig();
+
+        verifySecurityKeys(messageRouterSubscriberConfig.securityKeys());
+    }
+
+    private static void verifySecurityKeys(@Nullable SecurityKeys securityKeys) {
+        assertThat(securityKeys).isNotNull();
+        assertThat(securityKeys.trustStore().path().endsWith("org.onap.dcae.trust.jks")).isTrue();
+        assertThat(securityKeys.keyStore().path().endsWith("org.onap.dcae.jks")).isTrue();
+        securityKeys.trustStorePassword().use(chars -> assertThat(new String(chars)).isEqualTo("*TQH?Lnszprs4LmlAj38yds("));
+        securityKeys.keyStorePassword().use(chars -> assertThat(new String(chars)).isEqualTo("mYHC98!qX}7h?W}jRv}MIXTJ"));
+    }
+
+    private static JsonObject getConfigWithSslEnabled(String configJsonString) {
+        JsonObject configJson = new Gson().fromJson(configJsonString, JsonObject.class);
+        JsonObject config = configJson.getAsJsonObject("config");
+        config.addProperty("security.enableDmaapCertAuth", true);
+        config.addProperty("security.enableAaiCertAuth", true);
+        config.addProperty("security.trustStorePath", testResourceToPath("/org.onap.dcae.trust.jks"));
+        config.addProperty("security.trustStorePasswordPath", testResourceToPath("/truststore.password"));
+        config.addProperty("security.keyStorePath", testResourceToPath("/org.onap.dcae.jks"));
+        config.addProperty("security.keyStorePasswordPath", testResourceToPath("/keystore.password"));
+        return configJson;
+    }
+
+
+    private static String testResourceToPath(String resource) {
+        try {
+            return Paths.get(ConsulConfigurationParserTest.class.getResource(resource).toURI()).toString();
+        } catch (URISyntaxException e) {
+            throw new RuntimeException("Failed resolving test resource path", e);
+        }
+    }
+
 }
 \ No newline at end of file
diff --git a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapConsumerTaskSpy.java b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapConsumerTaskTestConfig.java
index 4c95c717..29290aed 100644
--- a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapConsumerTaskSpy.java
+++ b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapConsumerTaskTestConfig.java
@@ -21,6 +21,7 @@
 package org.onap.dcaegen2.services.prh.tasks;
 
 import org.onap.dcaegen2.services.prh.configuration.CbsConfiguration;
+import org.onap.dcaegen2.services.prh.service.DmaapConsumerJsonParser;
 import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.model.MessageRouterPublishRequest;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -28,26 +29,22 @@ import org.springframework.context.annotation.Primary;
 
 import static org.mockito.Mockito.doReturn;
 import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.spy;
-
 
 /**
  * @author <a href="mailto:przemyslaw.wasala@nokia.com">Przemysław Wąsala</a> on 3/27/18
  */
 @Configuration
-public class DmaapConsumerTaskSpy {
+public class DmaapConsumerTaskTestConfig {
 
     /**
      * Mocking bean for tests.
-     *
-     * @return DMaaP ConsumerTask spy
      */
     @Bean
     @Primary
     public DmaapConsumerTask registerSimpleDmaapConsumerTask() {
-        CbsConfiguration cbsConfiguration = spy(CbsConfiguration.class);
+        CbsConfiguration cbsConfiguration = mock(CbsConfiguration.class);
+        DmaapConsumerJsonParser dmaapConsumerJsonParser = mock(DmaapConsumerJsonParser.class);
         doReturn(mock(MessageRouterPublishRequest.class)).when(cbsConfiguration).getMessageRouterPublishRequest();
-        DmaapConsumerTaskImpl dmaapConsumerTask = spy(new DmaapConsumerTaskImpl(cbsConfiguration));
-        return dmaapConsumerTask;
+        return new DmaapConsumerTaskImpl(cbsConfiguration, dmaapConsumerJsonParser);
     }
 }
diff --git a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapProducerTaskSpy.java b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapProducerTaskTestConfig.java
index 7a68bc8c..a6697163 100644
--- a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapProducerTaskSpy.java
+++ b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapProducerTaskTestConfig.java
@@ -21,6 +21,7 @@
 package org.onap.dcaegen2.services.prh.tasks;
 
 import org.onap.dcaegen2.services.prh.configuration.CbsConfiguration;
+import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.api.MessageRouterPublisher;
 import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.model.MessageRouterPublishRequest;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -30,18 +31,15 @@ import java.util.function.Supplier;
 
 import static org.mockito.Mockito.doReturn;
 import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.spy;
 
 /**
  * @author <a href="mailto:przemyslaw.wasala@nokia.com">Przemysław Wąsala</a> on 4/13/18
  */
 @Configuration
-public class DmaapProducerTaskSpy {
+public class DmaapProducerTaskTestConfig {
 
     /**
      * Mocking bean for tests.
-     *
-     * @return DMaaP PublisherTask spy
      */
     @Bean
     @Primary
@@ -49,6 +47,7 @@ public class DmaapProducerTaskSpy {
         final CbsConfiguration cbsConfiguration = mock(CbsConfiguration.class);
         final Supplier<MessageRouterPublishRequest> configSupplier = cbsConfiguration::getMessageRouterPublishRequest;
         doReturn(mock(MessageRouterPublishRequest.class)).when(cbsConfiguration).getMessageRouterPublishRequest();
-        return spy(new DmaapPublisherTaskImpl(configSupplier, new MessageRouterPublisherResolver()));
+        MessageRouterPublisher messageRouterPublisher = mock(MessageRouterPublisher.class);
+        return new DmaapPublisherTaskImpl(configSupplier, () -> messageRouterPublisher);
     }
 }
diff --git a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapPublisherTaskImplTest.java b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapPublisherTaskImplTest.java
index 6f38d87d..b1f97a3c 100644
--- a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapPublisherTaskImplTest.java
+++ b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapPublisherTaskImplTest.java
@@ -22,7 +22,6 @@ package org.onap.dcaegen2.services.prh.tasks;
 
 import com.google.gson.JsonElement;
 import com.google.gson.JsonParser;
-import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.junit.jupiter.api.function.Executable;
@@ -44,7 +43,6 @@ import reactor.test.StepVerifier;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
 
 /**
  * @author <a href="mailto:przemyslaw.wasala@nokia.com">Przemysław Wąsala</a> on 5/17/18
@@ -57,22 +55,15 @@ class DmaapPublisherTaskImplTest {
     private MessageRouterPublishRequest mrRequest = createMRRequest();
 
     @Mock
-    private static MessageRouterPublisherResolver messageRouterPublisherClientResolver;
-    @Mock
     private static MessageRouterPublisher messageRouterPublisher;
 
     @Captor
     private ArgumentCaptor<Flux<JsonElement>> fluxCaptor;
 
-    @BeforeEach
-    void beforeEach() {
-        when(messageRouterPublisherClientResolver.resolveClient()).thenReturn(messageRouterPublisher);
-    }
-
     @Test
     void execute_whenPassedObjectDoesntFit_ThrowsPrhTaskException() {
         //given
-        dmaapPublisherTask = new DmaapPublisherTaskImpl(() -> mrRequest, messageRouterPublisherClientResolver);
+        dmaapPublisherTask = new DmaapPublisherTaskImpl(() -> mrRequest, () -> messageRouterPublisher);
         //when
         Executable executableFunction = () -> dmaapPublisherTask.execute(null);
         //then
@@ -82,7 +73,7 @@ class DmaapPublisherTaskImplTest {
     @Test
     void execute_whenPassedObjectFits_ReturnsCorrectStatus() throws DmaapNotFoundException {
         //given
-        dmaapPublisherTask = new DmaapPublisherTaskImpl(() -> mrRequest, messageRouterPublisherClientResolver);
+        dmaapPublisherTask = new DmaapPublisherTaskImpl(() -> mrRequest, () -> messageRouterPublisher);
         //when
         dmaapPublisherTask.execute(createConsumerDmaapModel());
         //then
diff --git a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/ScheduledTasksTest.java b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/ScheduledTasksTest.java
index 9acbadd7..47767bac 100644
--- a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/ScheduledTasksTest.java
+++ b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/ScheduledTasksTest.java
@@ -94,7 +94,7 @@ public class ScheduledTasksTest {
     @Test
     void whenEmptyResultFromDMaaPConsumer_NotActionShouldBePerformed() throws SSLException, PrhTaskException {
         //given
-        given(consumer.execute(anyString())).willReturn(Flux.empty());
+        given(consumer.execute()).willReturn(Flux.empty());
 
         //when
         sut.scheduleMainPrhEventTask();
@@ -109,7 +109,7 @@ public class ScheduledTasksTest {
     @Test
     void whenPnfNotFoundInAai_NotActionShouldBePerformed() throws SSLException, PrhTaskException {
         //given
-        given(consumer.execute(anyString())).willReturn(Flux.just(DMAAP_MODEL));
+        given(consumer.execute()).willReturn(Flux.just(DMAAP_MODEL));
         given(aaiQuery.execute(any())).willReturn(Mono.error(new PrhTaskException("404 Not Found")));
 
         //when
@@ -124,7 +124,7 @@ public class ScheduledTasksTest {
     @Test
     void whenPnfWithoutService_PatchToAaiAndPostToPnfReadyShouldBePerformed() throws SSLException, PrhTaskException {
         //given
-        given(consumer.execute(anyString())).willReturn(Flux.just(DMAAP_MODEL));
+        given(consumer.execute()).willReturn(Flux.just(DMAAP_MODEL));
         given(aaiQuery.execute(any())).willReturn(Mono.just(false));
 
         //when
@@ -140,7 +140,7 @@ public class ScheduledTasksTest {
     @Test
     void whenPnfHasActiveService_OnlyPostToPnfUpdateShouldBePerformed() throws SSLException, PrhTaskException {
         //given
-        given(consumer.execute(anyString())).willReturn(Flux.just(DMAAP_MODEL));
+        given(consumer.execute()).willReturn(Flux.just(DMAAP_MODEL));
         given(aaiQuery.execute(any())).willReturn(Mono.just(true));
 
         //when
diff --git a/prh-app-server/src/test/resources/keystore.password b/prh-app-server/src/test/resources/keystore.password
new file mode 100644
index 00000000..39823872
--- /dev/null
+++ b/prh-app-server/src/test/resources/keystore.password
@@ -0,0 +1 @@
+mYHC98!qX}7h?W}jRv}MIXTJ
+\ No newline at end of file
diff --git a/prh-app-server/src/test/resources/org.onap.dcae.jks b/prh-app-server/src/test/resources/org.onap.dcae.jks
new file mode 100644
index 00000000..e74ce64f
--- /dev/null
+++ b/prh-app-server/src/test/resources/org.onap.dcae.jks
diff --git a/prh-app-server/src/test/resources/org.onap.dcae.trust.jks b/prh-app-server/src/test/resources/org.onap.dcae.trust.jks
new file mode 100644
index 00000000..10103cfb
--- /dev/null
+++ b/prh-app-server/src/test/resources/org.onap.dcae.trust.jks
diff --git a/prh-app-server/src/test/resources/truststore.password b/prh-app-server/src/test/resources/truststore.password
new file mode 100644
index 00000000..168e64bd
--- /dev/null
+++ b/prh-app-server/src/test/resources/truststore.password
@@ -0,0 +1 @@
+*TQH?Lnszprs4LmlAj38yds(
+\ No newline at end of file
author	grabinsk <maciej.grabinski@nokia.com>	2019-05-28 11:23:53 +0200
committer	grabinsk <maciej.grabinski@nokia.com>	2019-05-29 09:32:47 +0200
commit	37444e2753f351cfe22b4651bcf777b833aeba92 (patch)
tree	9280875024a947f1b644aa9f1c93bc81799d1201 /prh-app-server/src/test
parent	37dd2cb2d2ad38ad1e6dd83f3ff5b40bc2c0f614 (diff)