Enhacement AAF-CerService CSIT

Added http response code verification in negative path.
Added verification of .jks file creation in positive path.

Issue-ID: AAF-996
Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com>
Change-Id: Ia60823a0393149054bbb4358883f7ec6dbd965b4

3 files changed, 105 insertions, 14 deletions

diff --git a/tests/aaf/certservice/cert-service-test.robot b/tests/aaf/certservice/cert-service-test.robot
index 9d45e455..b3b57b54 100644
--- a/tests/aaf/certservice/cert-service-test.robot
+++ b/tests/aaf/certservice/cert-service-test.robot
@@ -43,13 +43,13 @@ Report Bad Request Error When PK Is Not Valid
     [Documentation]  Send request to ${CERT_SERVICE_ENDPOINT}/${CLIENT_CA_NAME} endpoint and expect 400
     Send Get Request with Header And Expect Error  ${CERT_SERVICE_ENDPOINT}/${CLIENT_CA_NAME}  ${VALID_CLIENT_CSR_FILE}  ${INVALID_PK_FILE}  400
 
-Cert Service Client successful create keystore and trust store
+Cert Service Client successfully creates keystore and truststore
     [Tags]      AAF-CERT-SERVICE
     [Documentation]  Run with correct env and expected exit code 0
-    Run Cert Service Client Container And Validate Exit Code  ${VALID_ENV_FILE}  0
+    Run Cert Service Client And Validate JKS File Creation And Client Exit Code  ${VALID_ENV_FILE}  0
 
-Creation of keystore and trustore unsuccesful, incorrect client configuration
+Run Cert Service Client Container And Validate Exit Code And API Response
     [Tags]      AAF-CERT-SERVICE
     [Documentation]  Run with invalid CaName env and expected exit code 5
-    Run Cert Service Client Container And Validate Exit Code  ${INVALID_ENV_FILE}  5
+    Run Cert Service Client And Validate Http Response Code And Client Exit Code  ${INVALID_ENV_FILE}  404  5
 
diff --git a/tests/aaf/certservice/libraries/CertClientManager.py b/tests/aaf/certservice/libraries/CertClientManager.py
index 30501c8b..ebacf221 100644
--- a/tests/aaf/certservice/libraries/CertClientManager.py
+++ b/tests/aaf/certservice/libraries/CertClientManager.py
@@ -1,4 +1,15 @@
 import docker
+import os
+import shutil
+import tarfile
+import re
+from OpenSSL import crypto
+
+ARCHIVES_PATH = os.getenv("WORKSPACE") + "/archives/"
+TMP_PATH = os.getenv("WORKSPACE") + "/tests/aaf/certservice/tmp"
+
+ERROR_API_REGEX = 'Error on API response.*[0-9]{3}'
+RESPONSE_CODE_REGEX = '[0-9]{3}'
 
 
 class CertClientManager:
@@ -12,11 +23,6 @@ class CertClientManager:
         exitcode = container.wait()
         return exitcode
 
-    def remove_client_container(self, container_name):
-        client = docker.from_env()
-        container = client.containers.get(container_name)
-        container.remove()
-
     def read_list_env_from_file(self, path):
         f = open(path, "r")
         r_list = []
@@ -25,3 +31,75 @@ class CertClientManager:
             if line[0] != "#":
                 r_list.append(line)
         return r_list
+
+    def remove_client_container_and_save_logs(self, container_name, log_file_name):
+        client = docker.from_env()
+        container = client.containers.get(container_name)
+        text_file = open(ARCHIVES_PATH + "container_" + log_file_name + ".log", "w")
+        text_file.write(container.logs())
+        text_file.close()
+        container.remove()
+
+    def can_open_keystore_and_truststore_with_pass(self, container_name):
+        self.copy_jks_file_to_tmp_dir(container_name)
+
+        keystore_pass_path = TMP_PATH + '/logs/log/keystore.pass'
+        keystore_jks_path = TMP_PATH + '/logs/log/keystore.jks'
+        can_open_keystore = self.can_open_jks_file_by_pass_file(keystore_pass_path, keystore_jks_path)
+
+        truststore_pass_path = TMP_PATH + '/logs/log/truststore.pass'
+        truststore_jks_path = TMP_PATH + '/logs/log/truststore.jks'
+        can_open_truststore = self.can_open_jks_file_by_pass_file(truststore_pass_path, truststore_jks_path)
+
+        self.remove_tmp_dir(TMP_PATH)
+        return can_open_keystore & can_open_truststore
+
+    def copy_jks_file_to_tmp_dir(self, container_name):
+        os.mkdir(TMP_PATH)
+        self.copy_jks_file_from_container_to_tmp_dir(container_name)
+        self.extract_tar_file()
+
+    def copy_jks_file_from_container_to_tmp_dir(self, container_name):
+        client = docker.from_env()
+        container = client.containers.get(container_name)
+        f = open(TMP_PATH + '/var_log.tar', 'wb')
+        bits, stat = container.get_archive('/var/log/')
+        for chunk in bits:
+            f.write(chunk)
+        f.close()
+
+    def extract_tar_file(self):
+        my_tar = tarfile.open(TMP_PATH + '/var_log.tar')
+        my_tar.extractall(TMP_PATH + '/logs')
+        my_tar.close()
+
+    def can_open_jks_file_by_pass_file(self, pass_file_path, jks_file_path):
+        try:
+            password = open(pass_file_path, 'rb').read()
+            crypto.load_pkcs12(open(jks_file_path, 'rb').read(), password)
+            return True
+        except:
+            return False
+
+    def remove_tmp_dir(self, tmp_path):
+        shutil.rmtree(tmp_path)
+
+    def can_find_api_response_in_logs(self, container_name):
+        logs = self.get_container_logs(container_name)
+        api_logs = re.findall(ERROR_API_REGEX, logs)
+        if api_logs:
+            return True
+        else:
+            return False
+
+    def get_api_response_from_logs(self, container_name):
+        logs = self.get_container_logs(container_name)
+        error_api_message = re.findall(ERROR_API_REGEX, logs)
+        code = re.findall(RESPONSE_CODE_REGEX, error_api_message[0])
+        return code[0]
+
+    def get_container_logs(self, container_name):
+        client = docker.from_env()
+        container = client.containers.get(container_name)
+        logs = container.logs()
+        return logs
diff --git a/tests/aaf/certservice/resources/cert-service-keywords.robot b/tests/aaf/certservice/resources/cert-service-keywords.robot
index a8315e7f..e8576dd2 100644
--- a/tests/aaf/certservice/resources/cert-service-keywords.robot
+++ b/tests/aaf/certservice/resources/cert-service-keywords.robot
@@ -83,9 +83,22 @@ Send Post Request And Validate Response
     ${resp}= 	Post Request 	${http_session}  ${path}
     Should Be Equal As Strings 	${resp.status_code} 	${resp_code}
 
-Run Cert Service Client Container And Validate Exit Code
+Run Cert Service Client And Validate JKS File Creation And Client Exit Code
     [Documentation]  Run Cert Service Client Container And Validate Exit Code
-    [Arguments]   ${env_file}  ${expected_code}
-    ${exitcode}=  Run Client Container  ${DOCKER_CLIENT_IMAGE}  ${CLIENT_CONTAINER_NAME}  ${env_file}  ${CERT_ADDRESS}  ${CERT_SERVICE_NETWORK}
-    Remove Client Container  ${CLIENT_CONTAINER_NAME}
-    Should Be Equal As Strings  ${exitcode}  ${expected_code}
+    [Arguments]   ${env_file}  ${expected_exit_code}
+    ${exit_code}=  Run Client Container  ${DOCKER_CLIENT_IMAGE}  ${CLIENT_CONTAINER_NAME}  ${env_file}  ${CERT_ADDRESS}  ${CERT_SERVICE_NETWORK}
+    ${can_open}=  Can Open Keystore And Truststore With Pass  ${CLIENT_CONTAINER_NAME}
+    Remove Client Container And Save Logs  ${CLIENT_CONTAINER_NAME}  positive_path
+    Should Be Equal As Strings  ${exit_code}  ${expected_exit_code}  Client return: ${exitcode} exit code, but expected: ${expected_exit_code}
+    Should Be True  ${can_open}  Cannot Open Keystore/TrustStore by passpshase
+
+Run Cert Service Client And Validate Http Response Code And Client Exit Code
+    [Documentation]  Run Cert Service Client Container And Validate Exit Code
+    [Arguments]   ${env_file}  ${expected_api_response_code}  ${expected_exit_code}
+    ${exit_code}=  Run Client Container  ${DOCKER_CLIENT_IMAGE}  ${CLIENT_CONTAINER_NAME}  ${env_file}  ${CERT_ADDRESS}  ${CERT_SERVICE_NETWORK}
+    ${can_find_API_response}=  Can Find Api Response In Logs  ${CLIENT_CONTAINER_NAME}
+    ${api_response_code}=  Get Api Response From Logs  ${CLIENT_CONTAINER_NAME}
+    Remove Client Container And Save Logs  ${CLIENT_CONTAINER_NAME}  negative_path
+    Should Be True  ${can_find_API_response}  Cannot Find API response in logs
+    Should Be Equal As Strings  ${api_response_code}  ${expected_api_response_code}  API return ${api_response_code} but expected: ${expected_api_response_code}
+    Should Be Equal As Strings  ${exit_code}  ${expected_exit_code}  Client return unexpected exit code return: ${exitcode} , but expected: ${expected_exit_code}