From 37444e2753f351cfe22b4651bcf777b833aeba92 Mon Sep 17 00:00:00 2001 From: grabinsk Date: Tue, 28 May 2019 11:23:53 +0200 Subject: SSL key loading for Dmaap client Change-Id: I65b3d0bcd6735af655c9243f20f3596ce8f03aca Issue-ID: DCAEGEN2-1501 Signed-off-by: grabinsk --- .../ConsulConfigurationParserTest.java | 82 ++++++++++++++++++++-- .../services/prh/tasks/DmaapConsumerTaskSpy.java | 53 -------------- .../prh/tasks/DmaapConsumerTaskTestConfig.java | 50 +++++++++++++ .../services/prh/tasks/DmaapProducerTaskSpy.java | 54 -------------- .../prh/tasks/DmaapProducerTaskTestConfig.java | 53 ++++++++++++++ .../prh/tasks/DmaapPublisherTaskImplTest.java | 13 +--- .../services/prh/tasks/ScheduledTasksTest.java | 8 +-- 7 files changed, 186 insertions(+), 127 deletions(-) delete mode 100644 prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapConsumerTaskSpy.java create mode 100644 prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapConsumerTaskTestConfig.java delete mode 100644 prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapProducerTaskSpy.java create mode 100644 prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapProducerTaskTestConfig.java (limited to 'prh-app-server/src/test/java/org/onap') diff --git a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/configuration/ConsulConfigurationParserTest.java b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/configuration/ConsulConfigurationParserTest.java index 350cee68..24586a08 100644 --- a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/configuration/ConsulConfigurationParserTest.java +++ b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/configuration/ConsulConfigurationParserTest.java @@ -22,20 +22,25 @@ package org.onap.dcaegen2.services.prh.configuration; import com.google.gson.Gson; import com.google.gson.JsonObject; +import org.jetbrains.annotations.Nullable; import org.junit.jupiter.api.Test; import org.onap.dcaegen2.services.prh.TestAppConfiguration; import org.onap.dcaegen2.services.sdk.rest.services.aai.client.config.AaiClientConfiguration; import org.onap.dcaegen2.services.sdk.rest.services.aai.client.config.ImmutableAaiClientConfiguration; -import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.model.ImmutableMessageRouterPublishRequest; import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.model.MessageRouterPublishRequest; import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.model.MessageRouterSubscribeRequest; +import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.model.config.MessageRouterPublisherConfig; +import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.model.config.MessageRouterSubscriberConfig; +import org.onap.dcaegen2.services.sdk.security.ssl.SecurityKeys; +import java.net.URISyntaxException; import java.nio.file.Files; import java.nio.file.Paths; import java.time.Duration; import static java.lang.ClassLoader.getSystemResource; import static org.assertj.core.api.Assertions.assertThat; +import static org.junit.jupiter.api.Assumptions.assumeFalse; class ConsulConfigurationParserTest { @@ -44,10 +49,9 @@ class ConsulConfigurationParserTest { new String(Files.readAllBytes(Paths.get(getSystemResource("flattened_configuration.json").toURI()))); private final ImmutableAaiClientConfiguration correctAaiClientConfig = TestAppConfiguration.createDefaultAaiClientConfiguration(); - private final ImmutableMessageRouterPublishRequest correctDmaapPublisherConfig = - TestAppConfiguration.createDefaultMessageRouterPublishRequest(); - private final CbsContentParser consulConfigurationParser = new CbsContentParser( - new Gson().fromJson(correctJson, JsonObject.class)); + + private final JsonObject correctConfig = new Gson().fromJson(correctJson, JsonObject.class); + private final CbsContentParser consulConfigurationParser = new CbsContentParser(correctConfig); ConsulConfigurationParserTest() throws Exception { } @@ -83,4 +87,72 @@ class ConsulConfigurationParserTest { assertThat(messageRouterPublishRequest.contentType()).isEqualTo("application/json"); assertThat(messageRouterPublishRequest.sinkDefinition().topicUrl()).isEqualTo("http://dmaap-mr:2222/events/unauthenticated.PNF_READY"); } + + @Test + void whenDmaapCertAuthIsDisabled_MessageRouterPublisherConfigSecurityKeysShouldBeIgnored() { + assumeFalse(correctConfig.getAsJsonObject("config").get("security.enableDmaapCertAuth").getAsBoolean()); + + MessageRouterPublisherConfig messageRouterPublisherConfig = consulConfigurationParser.getMessageRouterPublisherConfig(); + + assertThat(messageRouterPublisherConfig.securityKeys()).isNull(); + } + + @Test + void whenDmaapCertAuthIsDisabled_MessageRouterSubscriberConfigSecurityKeysShouldBeIgnored() { + assumeFalse(correctConfig.getAsJsonObject("config").get("security.enableDmaapCertAuth").getAsBoolean()); + + MessageRouterSubscriberConfig messageRouterSubscriberConfig = consulConfigurationParser.getMessageRouterSubscriberConfig(); + + assertThat(messageRouterSubscriberConfig.securityKeys()).isNull(); + } + + + @Test + void whenDmaapCertAuthIsEnabled_MessageRouterPublisherConfigSecurityKeysShouldBeLoaded() { + CbsContentParser consulConfigurationParser = new CbsContentParser(getConfigWithSslEnabled(correctJson)); + + MessageRouterPublisherConfig messageRouterPublisherConfig = consulConfigurationParser.getMessageRouterPublisherConfig(); + + verifySecurityKeys(messageRouterPublisherConfig.securityKeys()); + } + + + @Test + void whenDmaapCertAuthIsEnabled_MessageRouterSubscriberConfigSecurityKeysShouldBeLoaded() { + CbsContentParser consulConfigurationParser = new CbsContentParser(getConfigWithSslEnabled(correctJson)); + + MessageRouterSubscriberConfig messageRouterSubscriberConfig = consulConfigurationParser.getMessageRouterSubscriberConfig(); + + verifySecurityKeys(messageRouterSubscriberConfig.securityKeys()); + } + + private static void verifySecurityKeys(@Nullable SecurityKeys securityKeys) { + assertThat(securityKeys).isNotNull(); + assertThat(securityKeys.trustStore().path().endsWith("org.onap.dcae.trust.jks")).isTrue(); + assertThat(securityKeys.keyStore().path().endsWith("org.onap.dcae.jks")).isTrue(); + securityKeys.trustStorePassword().use(chars -> assertThat(new String(chars)).isEqualTo("*TQH?Lnszprs4LmlAj38yds(")); + securityKeys.keyStorePassword().use(chars -> assertThat(new String(chars)).isEqualTo("mYHC98!qX}7h?W}jRv}MIXTJ")); + } + + private static JsonObject getConfigWithSslEnabled(String configJsonString) { + JsonObject configJson = new Gson().fromJson(configJsonString, JsonObject.class); + JsonObject config = configJson.getAsJsonObject("config"); + config.addProperty("security.enableDmaapCertAuth", true); + config.addProperty("security.enableAaiCertAuth", true); + config.addProperty("security.trustStorePath", testResourceToPath("/org.onap.dcae.trust.jks")); + config.addProperty("security.trustStorePasswordPath", testResourceToPath("/truststore.password")); + config.addProperty("security.keyStorePath", testResourceToPath("/org.onap.dcae.jks")); + config.addProperty("security.keyStorePasswordPath", testResourceToPath("/keystore.password")); + return configJson; + } + + + private static String testResourceToPath(String resource) { + try { + return Paths.get(ConsulConfigurationParserTest.class.getResource(resource).toURI()).toString(); + } catch (URISyntaxException e) { + throw new RuntimeException("Failed resolving test resource path", e); + } + } + } \ No newline at end of file diff --git a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapConsumerTaskSpy.java b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapConsumerTaskSpy.java deleted file mode 100644 index 4c95c717..00000000 --- a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapConsumerTaskSpy.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * PROJECT - * ================================================================================ - * Copyright (C) 2018 NOKIA Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.dcaegen2.services.prh.tasks; - -import org.onap.dcaegen2.services.prh.configuration.CbsConfiguration; -import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.model.MessageRouterPublishRequest; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Primary; - -import static org.mockito.Mockito.doReturn; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.spy; - - -/** - * @author Przemysław Wąsala on 3/27/18 - */ -@Configuration -public class DmaapConsumerTaskSpy { - - /** - * Mocking bean for tests. - * - * @return DMaaP ConsumerTask spy - */ - @Bean - @Primary - public DmaapConsumerTask registerSimpleDmaapConsumerTask() { - CbsConfiguration cbsConfiguration = spy(CbsConfiguration.class); - doReturn(mock(MessageRouterPublishRequest.class)).when(cbsConfiguration).getMessageRouterPublishRequest(); - DmaapConsumerTaskImpl dmaapConsumerTask = spy(new DmaapConsumerTaskImpl(cbsConfiguration)); - return dmaapConsumerTask; - } -} diff --git a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapConsumerTaskTestConfig.java b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapConsumerTaskTestConfig.java new file mode 100644 index 00000000..29290aed --- /dev/null +++ b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapConsumerTaskTestConfig.java @@ -0,0 +1,50 @@ +/* + * ============LICENSE_START======================================================= + * PROJECT + * ================================================================================ + * Copyright (C) 2018 NOKIA Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.dcaegen2.services.prh.tasks; + +import org.onap.dcaegen2.services.prh.configuration.CbsConfiguration; +import org.onap.dcaegen2.services.prh.service.DmaapConsumerJsonParser; +import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.model.MessageRouterPublishRequest; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Primary; + +import static org.mockito.Mockito.doReturn; +import static org.mockito.Mockito.mock; + +/** + * @author Przemysław Wąsala on 3/27/18 + */ +@Configuration +public class DmaapConsumerTaskTestConfig { + + /** + * Mocking bean for tests. + */ + @Bean + @Primary + public DmaapConsumerTask registerSimpleDmaapConsumerTask() { + CbsConfiguration cbsConfiguration = mock(CbsConfiguration.class); + DmaapConsumerJsonParser dmaapConsumerJsonParser = mock(DmaapConsumerJsonParser.class); + doReturn(mock(MessageRouterPublishRequest.class)).when(cbsConfiguration).getMessageRouterPublishRequest(); + return new DmaapConsumerTaskImpl(cbsConfiguration, dmaapConsumerJsonParser); + } +} diff --git a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapProducerTaskSpy.java b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapProducerTaskSpy.java deleted file mode 100644 index 7a68bc8c..00000000 --- a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapProducerTaskSpy.java +++ /dev/null @@ -1,54 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * PROJECT - * ================================================================================ - * Copyright (C) 2018 NOKIA Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.dcaegen2.services.prh.tasks; - -import org.onap.dcaegen2.services.prh.configuration.CbsConfiguration; -import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.model.MessageRouterPublishRequest; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Primary; - -import java.util.function.Supplier; - -import static org.mockito.Mockito.doReturn; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.spy; - -/** - * @author Przemysław Wąsala on 4/13/18 - */ -@Configuration -public class DmaapProducerTaskSpy { - - /** - * Mocking bean for tests. - * - * @return DMaaP PublisherTask spy - */ - @Bean - @Primary - public DmaapPublisherTask registerSimpleDmaapPublisherTask() { - final CbsConfiguration cbsConfiguration = mock(CbsConfiguration.class); - final Supplier configSupplier = cbsConfiguration::getMessageRouterPublishRequest; - doReturn(mock(MessageRouterPublishRequest.class)).when(cbsConfiguration).getMessageRouterPublishRequest(); - return spy(new DmaapPublisherTaskImpl(configSupplier, new MessageRouterPublisherResolver())); - } -} diff --git a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapProducerTaskTestConfig.java b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapProducerTaskTestConfig.java new file mode 100644 index 00000000..a6697163 --- /dev/null +++ b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapProducerTaskTestConfig.java @@ -0,0 +1,53 @@ +/* + * ============LICENSE_START======================================================= + * PROJECT + * ================================================================================ + * Copyright (C) 2018 NOKIA Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.dcaegen2.services.prh.tasks; + +import org.onap.dcaegen2.services.prh.configuration.CbsConfiguration; +import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.api.MessageRouterPublisher; +import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.model.MessageRouterPublishRequest; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Primary; + +import java.util.function.Supplier; + +import static org.mockito.Mockito.doReturn; +import static org.mockito.Mockito.mock; + +/** + * @author Przemysław Wąsala on 4/13/18 + */ +@Configuration +public class DmaapProducerTaskTestConfig { + + /** + * Mocking bean for tests. + */ + @Bean + @Primary + public DmaapPublisherTask registerSimpleDmaapPublisherTask() { + final CbsConfiguration cbsConfiguration = mock(CbsConfiguration.class); + final Supplier configSupplier = cbsConfiguration::getMessageRouterPublishRequest; + doReturn(mock(MessageRouterPublishRequest.class)).when(cbsConfiguration).getMessageRouterPublishRequest(); + MessageRouterPublisher messageRouterPublisher = mock(MessageRouterPublisher.class); + return new DmaapPublisherTaskImpl(configSupplier, () -> messageRouterPublisher); + } +} diff --git a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapPublisherTaskImplTest.java b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapPublisherTaskImplTest.java index 6f38d87d..b1f97a3c 100644 --- a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapPublisherTaskImplTest.java +++ b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/DmaapPublisherTaskImplTest.java @@ -22,7 +22,6 @@ package org.onap.dcaegen2.services.prh.tasks; import com.google.gson.JsonElement; import com.google.gson.JsonParser; -import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.junit.jupiter.api.function.Executable; @@ -44,7 +43,6 @@ import reactor.test.StepVerifier; import static org.junit.jupiter.api.Assertions.assertThrows; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.Mockito.verify; -import static org.mockito.Mockito.when; /** * @author Przemysław Wąsala on 5/17/18 @@ -56,23 +54,16 @@ class DmaapPublisherTaskImplTest { private MessageRouterPublishRequest mrRequest = createMRRequest(); - @Mock - private static MessageRouterPublisherResolver messageRouterPublisherClientResolver; @Mock private static MessageRouterPublisher messageRouterPublisher; @Captor private ArgumentCaptor> fluxCaptor; - @BeforeEach - void beforeEach() { - when(messageRouterPublisherClientResolver.resolveClient()).thenReturn(messageRouterPublisher); - } - @Test void execute_whenPassedObjectDoesntFit_ThrowsPrhTaskException() { //given - dmaapPublisherTask = new DmaapPublisherTaskImpl(() -> mrRequest, messageRouterPublisherClientResolver); + dmaapPublisherTask = new DmaapPublisherTaskImpl(() -> mrRequest, () -> messageRouterPublisher); //when Executable executableFunction = () -> dmaapPublisherTask.execute(null); //then @@ -82,7 +73,7 @@ class DmaapPublisherTaskImplTest { @Test void execute_whenPassedObjectFits_ReturnsCorrectStatus() throws DmaapNotFoundException { //given - dmaapPublisherTask = new DmaapPublisherTaskImpl(() -> mrRequest, messageRouterPublisherClientResolver); + dmaapPublisherTask = new DmaapPublisherTaskImpl(() -> mrRequest, () -> messageRouterPublisher); //when dmaapPublisherTask.execute(createConsumerDmaapModel()); //then diff --git a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/ScheduledTasksTest.java b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/ScheduledTasksTest.java index 9acbadd7..47767bac 100644 --- a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/ScheduledTasksTest.java +++ b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/ScheduledTasksTest.java @@ -94,7 +94,7 @@ public class ScheduledTasksTest { @Test void whenEmptyResultFromDMaaPConsumer_NotActionShouldBePerformed() throws SSLException, PrhTaskException { //given - given(consumer.execute(anyString())).willReturn(Flux.empty()); + given(consumer.execute()).willReturn(Flux.empty()); //when sut.scheduleMainPrhEventTask(); @@ -109,7 +109,7 @@ public class ScheduledTasksTest { @Test void whenPnfNotFoundInAai_NotActionShouldBePerformed() throws SSLException, PrhTaskException { //given - given(consumer.execute(anyString())).willReturn(Flux.just(DMAAP_MODEL)); + given(consumer.execute()).willReturn(Flux.just(DMAAP_MODEL)); given(aaiQuery.execute(any())).willReturn(Mono.error(new PrhTaskException("404 Not Found"))); //when @@ -124,7 +124,7 @@ public class ScheduledTasksTest { @Test void whenPnfWithoutService_PatchToAaiAndPostToPnfReadyShouldBePerformed() throws SSLException, PrhTaskException { //given - given(consumer.execute(anyString())).willReturn(Flux.just(DMAAP_MODEL)); + given(consumer.execute()).willReturn(Flux.just(DMAAP_MODEL)); given(aaiQuery.execute(any())).willReturn(Mono.just(false)); //when @@ -140,7 +140,7 @@ public class ScheduledTasksTest { @Test void whenPnfHasActiveService_OnlyPostToPnfUpdateShouldBePerformed() throws SSLException, PrhTaskException { //given - given(consumer.execute(anyString())).willReturn(Flux.just(DMAAP_MODEL)); + given(consumer.execute()).willReturn(Flux.just(DMAAP_MODEL)); given(aaiQuery.execute(any())).willReturn(Mono.just(true)); //when -- cgit 1.2.3-korg