From 3075051aa8ae9a2af4267148da5221687c6da9ba Mon Sep 17 00:00:00 2001 From: Jim Hahn Date: Thu, 12 Sep 2019 17:29:49 -0400 Subject: Report bad-request for invalid YAML Added classes and modified code to report bad-request when a servlet attempts to read invalid YAML. Change-Id: Iacddee92a448fb69d5c778a3c3f3f2b5528983f7 Issue-ID: POLICY-2085 Signed-off-by: Jim Hahn --- .../http/server/test/JsonExceptionMapperTest.java | 2 +- .../endpoints/http/server/test/RestServerTest.java | 144 +++++++++++++-------- .../http/server/test/YamlExceptionMapperTest.java | 50 +++++++ .../server/test/YamlMessageBodyHandlerTest.java | 13 +- 4 files changed, 154 insertions(+), 55 deletions(-) create mode 100644 policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/YamlExceptionMapperTest.java (limited to 'policy-endpoints/src/test/java/org/onap') diff --git a/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/JsonExceptionMapperTest.java b/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/JsonExceptionMapperTest.java index 3efbf85f..59ce0c1c 100644 --- a/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/JsonExceptionMapperTest.java +++ b/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/JsonExceptionMapperTest.java @@ -44,7 +44,7 @@ public class JsonExceptionMapperTest { Response resp = mapper.toResponse(ex); assertEquals(Response.Status.BAD_REQUEST.getStatusCode(), resp.getStatus()); - assertEquals("{'errorDetails':'Invalid JSON request'}".replace('\'', '"'), + assertEquals("{'errorDetails':'Invalid request'}".replace('\'', '"'), new StandardCoder().encode(resp.getEntity())); } } diff --git a/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/RestServerTest.java b/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/RestServerTest.java index ee28b96d..cd40f012 100644 --- a/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/RestServerTest.java +++ b/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/RestServerTest.java @@ -20,6 +20,7 @@ package org.onap.policy.common.endpoints.http.server.test; +import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; @@ -34,6 +35,7 @@ import java.io.IOException; import java.io.PrintWriter; import java.net.HttpURLConnection; import java.net.URL; +import java.nio.charset.StandardCharsets; import java.util.Arrays; import java.util.Base64; import java.util.Properties; @@ -45,7 +47,7 @@ import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import lombok.Getter; -import org.junit.After; +import org.apache.commons.io.IOUtils; import org.junit.AfterClass; import org.junit.Before; import org.junit.BeforeClass; @@ -56,6 +58,7 @@ import org.onap.policy.common.endpoints.http.server.HttpServletServerFactory; import org.onap.policy.common.endpoints.http.server.JsonExceptionMapper; import org.onap.policy.common.endpoints.http.server.RestServer; import org.onap.policy.common.endpoints.http.server.RestServer.Factory; +import org.onap.policy.common.endpoints.http.server.YamlExceptionMapper; import org.onap.policy.common.endpoints.http.server.YamlMessageBodyHandler; import org.onap.policy.common.endpoints.http.server.aaf.AafAuthFilter; import org.onap.policy.common.endpoints.parameters.RestServerParameters; @@ -66,6 +69,7 @@ import org.onap.policy.common.utils.network.NetworkUtil; import org.powermock.reflect.Whitebox; public class RestServerTest { + private static final String APPLICATION_YAML = "application/yaml"; private static final String SERVER1 = "my-server-A"; private static final String SERVER2 = "my-server-B"; private static final String FACTORY_FIELD = "factory"; @@ -74,24 +78,56 @@ public class RestServerTest { private static final String PASS = "my-pass"; private static final Integer PORT = 9876; private static final String USER = "my-user"; + private static Factory saveFactory; + private static RestServer realRest; + private static int realPort; + private static RestServerParameters params; - private RestServer realRest; private RestServer rest; private HttpServletServer server1; private HttpServletServer server2; private Factory factory; private HttpServletServerFactory serverFactory; - private RestServerParameters params; + private String errorMsg; + /** + * Starts the REST server. + * @throws Exception if an error occurs + */ @BeforeClass - public static void setUpBeforeClass() { + public static void setUpBeforeClass() throws Exception { saveFactory = Whitebox.getInternalState(RestServer.class, FACTORY_FIELD); + + realPort = NetworkUtil.allocPort(); + + initRealParams(); + + realRest = new RestServer(params, null, RealProvider.class) { + @Override + protected Properties getServerProperties(RestServerParameters restServerParameters, String names) { + Properties props = super.getServerProperties(restServerParameters, names); + + String svcpfx = PolicyEndPointProperties.PROPERTY_HTTP_SERVER_SERVICES + "." + + restServerParameters.getName(); + props.setProperty(svcpfx + PolicyEndPointProperties.PROPERTY_HTTP_SWAGGER_SUFFIX, "false"); + + return props; + } + }; + + realRest.start(); + assertTrue(NetworkUtil.isTcpPortOpen(params.getHost(), params.getPort(), 100, 100)); } + /** + * Restores the factory and stops the REST server. + */ @AfterClass public static void tearDownAfterClass() { Whitebox.setInternalState(RestServer.class, FACTORY_FIELD, saveFactory); + + realRest.stop(); } /** @@ -103,7 +139,8 @@ public class RestServerTest { server2 = mock(HttpServletServer.class); factory = mock(Factory.class); serverFactory = mock(HttpServletServerFactory.class); - params = mock(RestServerParameters.class); + + initParams(); when(factory.getServerFactory()).thenReturn(serverFactory); when(serverFactory.build(any())).thenReturn(Arrays.asList(server1, server2)); @@ -111,27 +148,7 @@ public class RestServerTest { when(server1.getName()).thenReturn(SERVER1); when(server2.getName()).thenReturn(SERVER2); - when(params.getHost()).thenReturn(HOST); - when(params.getName()).thenReturn(PARAM_NAME); - when(params.getPassword()).thenReturn(PASS); - when(params.getPort()).thenReturn(PORT); - when(params.getUserName()).thenReturn(USER); - when(params.isAaf()).thenReturn(true); - when(params.isHttps()).thenReturn(true); - Whitebox.setInternalState(RestServer.class, FACTORY_FIELD, factory); - - realRest = null; - } - - /** - * Stops the rest server. - */ - @After - public void tearDown() { - if (realRest != null) { - realRest.stop(); - } } @Test @@ -213,41 +230,33 @@ public class RestServerTest { assertEquals("true", props.getProperty(svcpfx + PolicyEndPointProperties.PROPERTY_HTTP_HTTPS_SUFFIX)); assertEquals("true", props.getProperty(svcpfx + PolicyEndPointProperties.PROPERTY_AAF_SUFFIX)); assertEquals(String.join(",", GsonMessageBodyHandler.class.getName(), YamlMessageBodyHandler.class.getName(), - JsonExceptionMapper.class.getName()), + JsonExceptionMapper.class.getName(), YamlExceptionMapper.class.getName()), props.getProperty(svcpfx + PolicyEndPointProperties.PROPERTY_HTTP_SERIALIZATION_PROVIDER)); } @Test public void testInvalidJson() throws Exception { - when(params.getHost()).thenReturn("localhost"); - when(params.getPort()).thenReturn(NetworkUtil.allocPort()); - when(params.isHttps()).thenReturn(false); - when(params.isAaf()).thenReturn(false); - - // use real factory - Whitebox.setInternalState(RestServer.class, FACTORY_FIELD, saveFactory); - - realRest = new RestServer(params, null, RealProvider.class) { - @Override - protected Properties getServerProperties(RestServerParameters restServerParameters, String names) { - Properties props = super.getServerProperties(restServerParameters, names); - - String svcpfx = PolicyEndPointProperties.PROPERTY_HTTP_SERVER_SERVICES + "." - + restServerParameters.getName(); - props.setProperty(svcpfx + PolicyEndPointProperties.PROPERTY_HTTP_SWAGGER_SUFFIX, "false"); - - return props; - } - }; - - realRest.start(); - assertTrue(NetworkUtil.isTcpPortOpen(params.getHost(), params.getPort(), 100, 100)); + initRealParams(); assertEquals(200, roundTrip(new StandardCoder().encode(new MyRequest()))); assertEquals(400, roundTrip("{'bogus-json'")); + assertThat(errorMsg).contains("Invalid request"); + } + + @Test + public void testInvalidYaml() throws Exception { + initRealParams(); + + assertEquals(200, roundTrip(new StandardCoder().encode(new MyRequest()), APPLICATION_YAML)); + assertEquals(400, roundTrip(" hdlr.readFrom(CLASS_OBJ, CLASS_OBJ, null, null, null, inpstr)) - .isInstanceOf(IOException.class); + .isInstanceOf(YAMLException.class); + + inpstr.close(); + } + + @Test + public void testReadFrom_Invalid() throws Exception { + InputStream inpstr = new ByteArrayInputStream("plain text".getBytes()); + + assertThatThrownBy(() -> hdlr.readFrom(CLASS_OBJ, CLASS_OBJ, null, null, null, inpstr)) + .isInstanceOf(YAMLException.class); inpstr.close(); } -- cgit 1.2.3-korg