aboutsummaryrefslogtreecommitdiffstats
path: root/test/mocks/datafilecollector-testharness/http-https-server
diff options
context:
space:
mode:
authorKrzysztof Gajewski <krzysztof.gajewski@nokia.com>2021-02-15 23:41:16 +0100
committerMarcin Przybysz <marcin.przybysz@nokia.com>2021-02-26 14:06:55 +0000
commitaadaad68888217c76e06adf633a4d8b97d39779e (patch)
tree07ce01704e2744c10eb47f4f8c22de00411d4fa5 /test/mocks/datafilecollector-testharness/http-https-server
parentc0b6b6cfc2448e9c513107940fba7b46fc6362ed (diff)
Add JWT support in HTTP/HTTPS based locations - integration
Issue-ID: DCAEGEN2-2536 Signed-off-by: Krzysztof Gajewski <krzysztof.gajewski@nokia.com> Change-Id: I334c66c025e1f3ef59393c3a0fe69493d4a3b5fa
Diffstat (limited to 'test/mocks/datafilecollector-testharness/http-https-server')
-rw-r--r--test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http-https8
-rw-r--r--test/mocks/datafilecollector-testharness/http-https-server/README.md5
-rw-r--r--test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/extra/httpd-ssl.conf34
-rw-r--r--test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/httpd.conf29
-rwxr-xr-xtest/mocks/datafilecollector-testharness/http-https-server/apache2/lib/libjwt.so.1.7.0bin0 -> 133400 bytes
-rw-r--r--test/mocks/datafilecollector-testharness/http-https-server/apache2/modules/mod_authnz_jwt.sobin0 -> 146696 bytes
-rw-r--r--test/mocks/datafilecollector-testharness/http-https-server/docker-compose.yml6
7 files changed, 78 insertions, 4 deletions
diff --git a/test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http-https b/test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http-https
index c1f85596c..5a5037f3e 100644
--- a/test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http-https
+++ b/test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http-https
@@ -1,15 +1,19 @@
-FROM httpd:alpine
+FROM httpd:2.4
-RUN apk update
+RUN apt-get update
ENV APACHE_LOG_DIR /usr/local/apache2/logs
COPY --chown=root:root apache2/conf /usr/local/apache2/conf
COPY --chown=root:root apache2/conf/extra /usr/local/apache2/conf/extra
+COPY --chown=root:root ./apache2/lib/libjwt.so.1.7.0 /usr/lib/x86_64-linux-gnu/libjwt.so.1
+COPY --chown=root:root ./apache2/modules/mod_authnz_jwt.so /usr/local/apache2/modules/mod_authnz_jwt.so
RUN chmod 644 /usr/local/apache2/conf/.htpasswd
RUN chmod 644 /usr/local/apache2/conf/httpd.conf
RUN chmod 644 /usr/local/apache2/conf/extra/httpd-ssl.conf
+RUN chmod 644 /usr/lib/x86_64-linux-gnu/libjwt.so.1
+RUN chmod 644 /usr/local/apache2/modules/mod_authnz_jwt.so
RUN mkdir /usr/local/apache2/certs
RUN chown root:root /usr/local/apache2/certs
diff --git a/test/mocks/datafilecollector-testharness/http-https-server/README.md b/test/mocks/datafilecollector-testharness/http-https-server/README.md
index 77e701175..7902c09d9 100644
--- a/test/mocks/datafilecollector-testharness/http-https-server/README.md
+++ b/test/mocks/datafilecollector-testharness/http-https-server/README.md
@@ -30,3 +30,8 @@ by using 'docker ps' and stop them if necessary.
# Cleaning docker structure
Deep cleaning: `docker system prune`
+
+# mod_authnz_jwt.so
+
+External library `mod_authnz_jwt.so` was added to the Apache server. This library wasn't changed in any way.
+This library is supplied under the Apache License, Version 2.0 (the "License").
diff --git a/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/extra/httpd-ssl.conf b/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/extra/httpd-ssl.conf
index f4caf357e..24cf51da3 100644
--- a/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/extra/httpd-ssl.conf
+++ b/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/extra/httpd-ssl.conf
@@ -1,5 +1,6 @@
Listen 443
Listen 8080
+Listen 32100
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
SSLProxyProtocol all -SSLv3
@@ -63,3 +64,36 @@ SSLSessionCacheTimeout 300
SSLCertificateFile /usr/local/apache2/certs/keystore.pem
SSLCertificateKeyFile /usr/local/apache2/certs/key.pem
</VirtualHost>
+<VirtualHost *:32100>
+
+ ServerAdmin httpserver-onap.org
+ ServerName httpserver-onap.org
+
+ DocumentRoot /usr/local/apache2/htdocs
+ AuthJWTSignatureAlgorithm HS256
+ AuthJWTSignatureSharedSecret Q0hBTkdFTUU=
+ AuthJWTIss onap
+ <Directory "/usr/local/apache2/htdocs">
+ AllowOverride None
+ Options Indexes FollowSymLinks MultiViews
+ AuthType jwt
+ AuthName "Restricted Content"
+ Require valid-user
+ RewriteEngine On
+ RewriteCond %{HTTP:Authorization} ^(.*)
+ RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
+ </Directory>
+
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+ SSLEngine on
+ SSLProtocol -all +TLSv1.2
+ SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+ SSLHonorCipherOrder off
+ SSLSessionTickets off
+
+ SSLCACertificateFile /usr/local/apache2/certs/truststore.pem
+ SSLCertificateFile /usr/local/apache2/certs/keystore.pem
+ SSLCertificateKeyFile /usr/local/apache2/certs/key.pem
+</VirtualHost>
diff --git a/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/httpd.conf b/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/httpd.conf
index ef3ce95f7..58892c461 100644
--- a/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/httpd.conf
+++ b/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/httpd.conf
@@ -50,6 +50,7 @@ ServerRoot "/usr/local/apache2"
#
#Listen 12.34.56.78:80
Listen 80
+Listen 32000
#
# Dynamic Shared Object (DSO) Support
@@ -63,6 +64,7 @@ Listen 80
# Example:
# LoadModule foo_module modules/mod_foo.so
#
+LoadModule auth_jwt_module modules/mod_authnz_jwt.so
LoadModule mpm_event_module modules/mod_mpm_event.so
#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
#LoadModule mpm_worker_module modules/mod_mpm_worker.so
@@ -196,7 +198,7 @@ LoadModule dir_module modules/mod_dir.so
#LoadModule speling_module modules/mod_speling.so
#LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
-#LoadModule rewrite_module modules/mod_rewrite.so
+LoadModule rewrite_module modules/mod_rewrite.so
<IfModule unixd_module>
#
@@ -299,6 +301,31 @@ ServerAdmin you@example.com
AuthUserFile /usr/local/apache2/conf/.htpasswd
Require valid-user
</Directory>
+
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
+</VirtualHost>
+<VirtualHost *:32000>
+
+ ServerAdmin httpserver-onap.org
+ DocumentRoot "/usr/local/apache2/htdocs"
+
+ AuthJWTSignatureAlgorithm HS256
+ AuthJWTSignatureSharedSecret Q0hBTkdFTUU=
+ AuthJWTIss onap
+ <Directory "/usr/local/apache2/htdocs">
+ AllowOverride None
+ Options Indexes FollowSymLinks MultiViews
+ AuthType jwt
+ AuthName "Restricted Content"
+ Require valid-user
+ RewriteEngine On
+ RewriteCond %{HTTP:Authorization} ^(.*)
+ RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
+ </Directory>
+
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
#
# DirectoryIndex: sets the file that Apache will serve if a directory
diff --git a/test/mocks/datafilecollector-testharness/http-https-server/apache2/lib/libjwt.so.1.7.0 b/test/mocks/datafilecollector-testharness/http-https-server/apache2/lib/libjwt.so.1.7.0
new file mode 100755
index 000000000..b22c52786
--- /dev/null
+++ b/test/mocks/datafilecollector-testharness/http-https-server/apache2/lib/libjwt.so.1.7.0
Binary files differ
diff --git a/test/mocks/datafilecollector-testharness/http-https-server/apache2/modules/mod_authnz_jwt.so b/test/mocks/datafilecollector-testharness/http-https-server/apache2/modules/mod_authnz_jwt.so
new file mode 100644
index 000000000..2e2e834e0
--- /dev/null
+++ b/test/mocks/datafilecollector-testharness/http-https-server/apache2/modules/mod_authnz_jwt.so
Binary files differ
diff --git a/test/mocks/datafilecollector-testharness/http-https-server/docker-compose.yml b/test/mocks/datafilecollector-testharness/http-https-server/docker-compose.yml
index 09b698f89..4e6263ee7 100644
--- a/test/mocks/datafilecollector-testharness/http-https-server/docker-compose.yml
+++ b/test/mocks/datafilecollector-testharness/http-https-server/docker-compose.yml
@@ -4,17 +4,21 @@ services:
http-https-server:
container_name: http-https-server-httpd
- image: httpd:alpine
+ image: httpd:2.4
environment:
APACHE_LOG_DIR: /usr/local/apache2/logs
ports:
- "80:80"
- "443:443"
- "8080:8080"
+ - "32000:32000"
+ - "32100:32100"
volumes:
- ./apache2/conf/.htpasswd:/usr/local/apache2/conf/.htpasswd:ro
- ./apache2/conf/httpd.conf:/usr/local/apache2/conf/httpd.conf:ro
- ./apache2/conf/extra/httpd-ssl.conf:/usr/local/apache2/conf/extra/httpd-ssl.conf:ro
+ - ./apache2/lib/libjwt.so.1.7.0:/usr/lib/x86_64-linux-gnu/libjwt.so.1:ro
+ - ./apache2/modules/mod_authnz_jwt.so:/usr/local/apache2/modules/mod_authnz_jwt.so:ro
- ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs:ro
- ./files/onap/http:/usr/local/apache2/htdocs
restart: on-failure