diff options
Diffstat (limited to 'gui-server/src/test')
14 files changed, 437 insertions, 156 deletions
diff --git a/gui-server/src/test/java/org/onap/policy/gui/server/GuiServerAppMainTest.java b/gui-server/src/test/java/org/onap/policy/gui/server/GuiServerAppMainTest.java index d0f6598..870eaaf 100644 --- a/gui-server/src/test/java/org/onap/policy/gui/server/GuiServerAppMainTest.java +++ b/gui-server/src/test/java/org/onap/policy/gui/server/GuiServerAppMainTest.java @@ -32,9 +32,14 @@ class GuiServerAppMainTest { @Test void whenMainIsCalled_thenNoExceptions() { String[] args = { - "--server.port=0", // use random available port - "--clamp.url=https://clamp-backend:8443/", - "--clamp.disable-ssl-validation=true" + "--server.port=0", + "--server.ssl.enabled=false", + "--runtime-ui.policy.disable-ssl-validation=true", + "--runtime-ui.policy.mapping-path=/policy-api", + "--runtime-ui.policy.url=http://policyapi:9876/", + "--runtime-ui.acm.disable-ssl-validation=true", + "--runtime-ui.acm.mapping-path=/acm-runtime", + "--runtime-ui.acm.url=http://acmruntime:9876/" }; assertDoesNotThrow(() -> GuiServerApplication.main(args)); } diff --git a/gui-server/src/test/java/org/onap/policy/gui/server/SpringContextTest.java b/gui-server/src/test/java/org/onap/policy/gui/server/SpringContextTest.java index 7be7694..1623ea7 100644 --- a/gui-server/src/test/java/org/onap/policy/gui/server/SpringContextTest.java +++ b/gui-server/src/test/java/org/onap/policy/gui/server/SpringContextTest.java @@ -25,9 +25,14 @@ import org.springframework.boot.test.context.SpringBootTest; @SpringBootTest( properties = { - "clamp.url=https://clamp-backend:8443/", - "clamp.disable-ssl-validation=true" + "runtime-ui.policy.disable-ssl-validation=true", + "runtime-ui.policy.mapping-path=policy-api", + "runtime-ui.policy.url=http://policyapi:9876/", + "runtime-ui.acm.disable-ssl-validation=true", + "runtime-ui.acm.mapping-path=acm-runtime", + "runtime-ui.acm.url=http://acmruntime:9876/" }) + class SpringContextTest { @Test diff --git a/gui-server/src/test/java/org/onap/policy/gui/server/config/ClampRestTemplateConfig1Test.java b/gui-server/src/test/java/org/onap/policy/gui/server/config/RestTemplateConfig1Test.java index 44e4c46..e982db5 100644 --- a/gui-server/src/test/java/org/onap/policy/gui/server/config/ClampRestTemplateConfig1Test.java +++ b/gui-server/src/test/java/org/onap/policy/gui/server/config/RestTemplateConfig1Test.java @@ -25,13 +25,10 @@ import static org.junit.jupiter.api.Assertions.assertTrue; import javax.net.ssl.SSLPeerUnverifiedException; import org.junit.jupiter.api.Test; +import org.onap.policy.gui.server.test.util.RestTemplateConfig; import org.onap.policy.gui.server.test.util.hello.HelloWorldApplication; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.boot.web.server.LocalServerPort; import org.springframework.web.client.RestClientException; -import org.springframework.web.client.RestTemplate; /** * In this test, SSL validation and hostname check are enabled. @@ -40,30 +37,33 @@ import org.springframework.web.client.RestTemplate; * the SSL cert name does not match the server name 'localhost'. */ @SpringBootTest( - classes = { HelloWorldApplication.class, ClampRestTemplateConfig.class }, + classes = { + HelloWorldApplication.class, + AcmRuntimeRestTemplateConfig.class, + PolicyApiRestTemplateConfig.class + }, properties = { + "server.ssl.enabled=true", "server.ssl.key-store=file:src/test/resources/helloworld-keystore.jks", "server.ssl.key-store-password=changeit", "server.ssl.trust-store=file:src/test/resources/helloworld-truststore.jks", "server.ssl.trust-store-password=changeit", - "clamp.disable-ssl-validation=false", - "clamp.disable-ssl-hostname-check=false" + "runtime-ui.acm.disable-ssl-validation=false", + "runtime-ui.acm.disable-ssl-hostname-check=false", + "runtime-ui.policy.disable-ssl-validation=false", + "runtime-ui.policy.disable-ssl-hostname-check=false" }, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) -class ClampRestTemplateConfig1Test { - - @LocalServerPort - private int port; - - @Autowired - @Qualifier("clampRestTemplate") - private RestTemplate restTemplate; - +class RestTemplateConfig1Test { @Test void testRequestFailsWhenSslHostnameCheckIsEnabled() { - var helloUrl = "https://localhost:" + port + "/"; - Exception e = assertThrows(RestClientException.class, - () -> restTemplate.getForEntity(helloUrl, String.class)); - assertTrue(e.getCause() instanceof SSLPeerUnverifiedException); + RestTemplateConfig rtConfig = new RestTemplateConfig(); + + rtConfig.getRestTemplateList().forEach(restTemplate -> { + var helloUrl = "https://localhost:" + rtConfig.getPort() + "/"; + Exception e = assertThrows(RestClientException.class, + () -> restTemplate.getForEntity(helloUrl, String.class)); + assertTrue(e.getCause() instanceof SSLPeerUnverifiedException); + }); } } diff --git a/gui-server/src/test/java/org/onap/policy/gui/server/config/ClampRestTemplateConfig2Test.java b/gui-server/src/test/java/org/onap/policy/gui/server/config/RestTemplateConfig2Test.java index b8e744c..f59eeaf 100644 --- a/gui-server/src/test/java/org/onap/policy/gui/server/config/ClampRestTemplateConfig2Test.java +++ b/gui-server/src/test/java/org/onap/policy/gui/server/config/RestTemplateConfig2Test.java @@ -24,38 +24,37 @@ import static org.junit.jupiter.api.Assertions.assertEquals; import static org.onap.policy.gui.server.test.util.hello.HelloWorldRestController.HELLO_WORLD_STRING; import org.junit.jupiter.api.Test; +import org.onap.policy.gui.server.test.util.RestTemplateConfig; import org.onap.policy.gui.server.test.util.hello.HelloWorldApplication; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.boot.web.server.LocalServerPort; -import org.springframework.web.client.RestTemplate; /** * In this test, SSL validation is disabled. * The test request should succeed. A trust store has not been supplied in this case. */ @SpringBootTest( - classes = { HelloWorldApplication.class, ClampRestTemplateConfig.class }, + classes = { + HelloWorldApplication.class, + AcmRuntimeRestTemplateConfig.class, + PolicyApiRestTemplateConfig.class, + }, properties = { + "server.ssl.enabled=true", "server.ssl.key-store=file:src/test/resources/helloworld-keystore.jks", "server.ssl.key-store-password=changeit", - "clamp.disable-ssl-validation=true" + "runtime-ui.acm.disable-ssl-validation=true", + "runtime-ui.policy.disable-ssl-validation=true" }, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) -class ClampRestTemplateConfig2Test { - - @LocalServerPort - private int port; - - @Autowired - @Qualifier("clampRestTemplate") - private RestTemplate restTemplate; - +class RestTemplateConfig2Test { @Test void testRequestSucceedsWhenSslValidationIsDisabled() { - var helloUrl = "https://localhost:" + port + "/"; - String response = restTemplate.getForObject(helloUrl, String.class); - assertEquals(HELLO_WORLD_STRING, response); + RestTemplateConfig rtConfig = new RestTemplateConfig(); + + rtConfig.getRestTemplateList().forEach(restTemplate -> { + var helloUrl = "https://localhost:" + rtConfig.getPort() + "/"; + String response = restTemplate.getForObject(helloUrl, String.class); + assertEquals(HELLO_WORLD_STRING, response); + }); } } diff --git a/gui-server/src/test/java/org/onap/policy/gui/server/config/ClampRestTemplateConfig3Test.java b/gui-server/src/test/java/org/onap/policy/gui/server/config/RestTemplateConfig3Test.java index 4636982..60ae9ac 100644 --- a/gui-server/src/test/java/org/onap/policy/gui/server/config/ClampRestTemplateConfig3Test.java +++ b/gui-server/src/test/java/org/onap/policy/gui/server/config/RestTemplateConfig3Test.java @@ -24,12 +24,9 @@ import static org.junit.jupiter.api.Assertions.assertEquals; import static org.onap.policy.gui.server.test.util.hello.HelloWorldRestController.HELLO_WORLD_STRING; import org.junit.jupiter.api.Test; +import org.onap.policy.gui.server.test.util.RestTemplateConfig; import org.onap.policy.gui.server.test.util.hello.HelloWorldApplication; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.boot.web.server.LocalServerPort; -import org.springframework.web.client.RestTemplate; /** * In this test, SSL validation is enabled but hostname check is disabled. @@ -38,33 +35,36 @@ import org.springframework.web.client.RestTemplate; * is disabled. */ @SpringBootTest( - classes = { HelloWorldApplication.class, ClampRestTemplateConfig.class }, + classes = { + HelloWorldApplication.class, + AcmRuntimeRestTemplateConfig.class, + PolicyApiRestTemplateConfig.class + }, properties = { + "server.ssl.enabled=true", "server.ssl.key-store=file:src/test/resources/helloworld-keystore.jks", "server.ssl.key-store-password=changeit", "server.ssl.trust-store=file:src/test/resources/helloworld-truststore.jks", "server.ssl.trust-store-password=changeit", - "clamp.disable-ssl-validation=false", - "clamp.disable-ssl-hostname-check=true" + "runtime-ui.acm.disable-ssl-validation=false", + "runtime-ui.acm.disable-ssl-hostname-check=true", + "runtime-ui.policy.disable-ssl-validation=false", + "runtime-ui.policy.disable-ssl-hostname-check=true" }, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) -class ClampRestTemplateConfig3Test { - - @LocalServerPort - private int port; - - @Autowired - @Qualifier("clampRestTemplate") - private RestTemplate restTemplate; - +class RestTemplateConfig3Test { /* * In this test, the request will succeed even though the SSL cert name * does not match 'localhost', as SSL hostname verification is disabled. */ @Test void testRequestSucceedsWhenSslHostnameCheckIsDisabled() { - var helloUrl = "https://localhost:" + port + "/"; - String response = restTemplate.getForObject(helloUrl, String.class); - assertEquals(HELLO_WORLD_STRING, response); + RestTemplateConfig rtConfig = new RestTemplateConfig(); + + rtConfig.getRestTemplateList().forEach(restTemplate -> { + var helloUrl = "https://localhost:" + rtConfig.getPort() + "/"; + String response = restTemplate.getForObject(helloUrl, String.class); + assertEquals(HELLO_WORLD_STRING, response); + }); } } diff --git a/gui-server/src/test/java/org/onap/policy/gui/server/config/ClampRestTemplateConfig4Test.java b/gui-server/src/test/java/org/onap/policy/gui/server/config/RestTemplateConfig4Test.java index f0f222f..e85cdd0 100644 --- a/gui-server/src/test/java/org/onap/policy/gui/server/config/ClampRestTemplateConfig4Test.java +++ b/gui-server/src/test/java/org/onap/policy/gui/server/config/RestTemplateConfig4Test.java @@ -24,12 +24,9 @@ import static org.junit.jupiter.api.Assertions.assertEquals; import static org.onap.policy.gui.server.test.util.hello.HelloWorldRestController.HELLO_WORLD_STRING; import org.junit.jupiter.api.Test; +import org.onap.policy.gui.server.test.util.RestTemplateConfig; import org.onap.policy.gui.server.test.util.hello.HelloWorldApplication; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.boot.web.server.LocalServerPort; -import org.springframework.web.client.RestTemplate; /** * In this test, SSL validation is disabled but hostname check is explicitly @@ -39,29 +36,32 @@ import org.springframework.web.client.RestTemplate; * implicitly disabled. */ @SpringBootTest( - classes = { HelloWorldApplication.class, ClampRestTemplateConfig.class }, + classes = { + HelloWorldApplication.class, + AcmRuntimeRestTemplateConfig.class, + PolicyApiRestTemplateConfig.class + }, properties = { + "server.ssl.enabled=true", "server.ssl.key-store=file:src/test/resources/helloworld-keystore.jks", "server.ssl.key-store-password=changeit", "server.ssl.trust-store=file:src/test/resources/helloworld-truststore.jks", "server.ssl.trust-store-password=changeit", - "clamp.disable-ssl-validation=true", - "clamp.disable-ssl-hostname-check=false" + "runtime-ui.acm.disable-ssl-validation=true", + "runtime-ui.acm.disable-ssl-hostname-check=false", + "runtime-ui.policy.disable-ssl-validation=true", + "runtime-ui.policy.disable-ssl-hostname-check=false" }, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) -class ClampRestTemplateConfig4Test { - - @LocalServerPort - private int port; - - @Autowired - @Qualifier("clampRestTemplate") - private RestTemplate restTemplate; - +class RestTemplateConfig4Test { @Test void testHostnameCheckIsDisabledWhenSslValidationIsDisabled() { - var helloUrl = "https://localhost:" + port + "/"; - String response = restTemplate.getForObject(helloUrl, String.class); - assertEquals(HELLO_WORLD_STRING, response); + RestTemplateConfig rtConfig = new RestTemplateConfig(); + + rtConfig.getRestTemplateList().forEach(restTemplate -> { + var helloUrl = "https://localhost:" + rtConfig.getPort() + "/"; + String response = restTemplate.getForObject(helloUrl, String.class); + assertEquals(HELLO_WORLD_STRING, response); + }); } } diff --git a/gui-server/src/test/java/org/onap/policy/gui/server/config/ClampRestTemplateConfig5Test.java b/gui-server/src/test/java/org/onap/policy/gui/server/config/RestTemplateConfig5Test.java index cc23de5..5905ebc 100644 --- a/gui-server/src/test/java/org/onap/policy/gui/server/config/ClampRestTemplateConfig5Test.java +++ b/gui-server/src/test/java/org/onap/policy/gui/server/config/RestTemplateConfig5Test.java @@ -25,45 +25,43 @@ import static org.junit.jupiter.api.Assertions.assertTrue; import javax.net.ssl.SSLPeerUnverifiedException; import org.junit.jupiter.api.Test; +import org.onap.policy.gui.server.test.util.RestTemplateConfig; import org.onap.policy.gui.server.test.util.hello.HelloWorldApplication; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.boot.web.server.LocalServerPort; import org.springframework.web.client.RestClientException; -import org.springframework.web.client.RestTemplate; /** * In this test, we verify that SSL validation and hostname check are enabled - * by default. Thus we do not explicitly set the Spring properties - * clamp.disable-ssl-validation and clamp.disable-ssl-hostname-check. + * by default. Thus we explicitly set the Spring properties + * runtime-ui.acm.disable-ssl-validation and runtime-ui.acm.disable-ssl-hostname-check as false. * Since our keystore cert has a hostname 'helloworld' and our test request is * to localhost, the request will fail with an SSLPeerUnverifiedException, as * the SSL cert name does not match the server name 'localhost'. */ @SpringBootTest( - classes = { HelloWorldApplication.class, ClampRestTemplateConfig.class }, + classes = { + HelloWorldApplication.class, + AcmRuntimeRestTemplateConfig.class, + PolicyApiRestTemplateConfig.class + }, properties = { + "server.ssl.enabled=true", "server.ssl.key-store=file:src/test/resources/helloworld-keystore.jks", "server.ssl.key-store-password=changeit", "server.ssl.trust-store=file:src/test/resources/helloworld-truststore.jks", - "server.ssl.trust-store-password=changeit", + "server.ssl.trust-store-password=changeit" }, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) -class ClampRestTemplateConfig5Test { - - @LocalServerPort - private int port; - - @Autowired - @Qualifier("clampRestTemplate") - private RestTemplate restTemplate; - +class RestTemplateConfig5Test { @Test void testSslValidationIsEnabledByDefault() { - var helloUrl = "https://localhost:" + port + "/"; - Exception e = assertThrows(RestClientException.class, - () -> restTemplate.getForEntity(helloUrl, String.class)); - assertTrue(e.getCause() instanceof SSLPeerUnverifiedException); + RestTemplateConfig rtConfig = new RestTemplateConfig(); + + rtConfig.getRestTemplateList().forEach(restTemplate -> { + var helloUrl = "https://localhost:" + rtConfig.getPort() + "/"; + Exception e = assertThrows(RestClientException.class, + () -> restTemplate.getForEntity(helloUrl, String.class)); + assertTrue(e.getCause() instanceof SSLPeerUnverifiedException); + }); } } diff --git a/gui-server/src/test/java/org/onap/policy/gui/server/config/ClampRestTemplateConfig6Test.java b/gui-server/src/test/java/org/onap/policy/gui/server/config/RestTemplateTrustStoreUnsetTest.java index d1d3072..5edda12 100644 --- a/gui-server/src/test/java/org/onap/policy/gui/server/config/ClampRestTemplateConfig6Test.java +++ b/gui-server/src/test/java/org/onap/policy/gui/server/config/RestTemplateTrustStoreUnsetTest.java @@ -22,6 +22,7 @@ package org.onap.policy.gui.server.config; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import org.assertj.core.util.Arrays; import org.junit.jupiter.api.Test; import org.onap.policy.gui.server.test.util.hello.HelloWorldApplication; import org.springframework.beans.factory.BeanCreationException; @@ -35,23 +36,30 @@ import org.springframework.test.util.ReflectionTestUtils; * An BeanCreationException should be thrown on application startup. */ @SpringBootTest( - classes = { HelloWorldApplication.class } + classes = { + HelloWorldApplication.class + } ) -class ClampRestTemplateConfig6Test { +class RestTemplateTrustStoreUnsetTest { + BaseRestTemplateConfig[] restTemplateConfigArray = { + new AcmRuntimeRestTemplateConfig(), + new PolicyApiRestTemplateConfig() + }; @Test void expectExceptionWithNoTrustStore(ApplicationContext context) { - // Manually autowire the bean so we can test PostConstruct logic. - ClampRestTemplateConfig restTemplateConfig = new ClampRestTemplateConfig(); - AutowireCapableBeanFactory factory = context.getAutowireCapableBeanFactory(); - factory.autowireBean(restTemplateConfig); + Arrays.asList(restTemplateConfigArray).forEach(restTemplateConfig -> { + // Manually autowire the bean so we can test PostConstruct logic. + AutowireCapableBeanFactory factory = context.getAutowireCapableBeanFactory(); + factory.autowireBean(restTemplateConfig); - // Enable SSL validation, but provide no trust store. - ReflectionTestUtils.setField(restTemplateConfig, "disableSslValidation", false); + // Enable SSL validation, but provide no trust store. + ReflectionTestUtils.setField(restTemplateConfig, "disableSslValidation", false); - // Expect exception when creating bean. - assertThatExceptionOfType(BeanCreationException.class) - .isThrownBy(() -> factory.initializeBean(restTemplateConfig, "clampRestTemplate")) - .withMessageContaining("server.ssl.trust-store must be set"); + // Expect exception when creating bean. + assertThatExceptionOfType(BeanCreationException.class) + .isThrownBy(() -> factory.initializeBean(restTemplateConfig, "dummyRestTemplate")) + .withMessageContaining("server.ssl.trust-store must be set"); + }); } } diff --git a/gui-server/src/test/java/org/onap/policy/gui/server/rest/ClampRestControllerTest.java b/gui-server/src/test/java/org/onap/policy/gui/server/rest/AcmRuntimeRestControllerTest.java index fb3e843..56a805d 100644 --- a/gui-server/src/test/java/org/onap/policy/gui/server/rest/ClampRestControllerTest.java +++ b/gui-server/src/test/java/org/onap/policy/gui/server/rest/AcmRuntimeRestControllerTest.java @@ -51,17 +51,21 @@ import org.springframework.web.client.RestTemplate; @SpringBootTest( properties = { - "clamp.url=https://clamp-backend:8443/", - "clamp.disable-ssl-validation=true" + "runtime-ui.policy.mapping-path=/runtime-ui/policy/restservices/", + "runtime-ui.policy.url=http://policy-api:9876/", + "runtime-ui.policy.disable-ssl-validation=true", + "runtime-ui.acm.mapping-path=/runtime-ui/acm/restservices/", + "runtime-ui.acm.url=https://runtime-acm:8443/", + "runtime-ui.acm.disable-ssl-validation=true" }) @AutoConfigureMockMvc -class ClampRestControllerTest { +class AcmRuntimeRestControllerTest { @Autowired private MockMvc mvc; @Autowired - @Qualifier("clampRestTemplate") + @Qualifier("acmRuntimeRestTemplate") private RestTemplate restTemplate; private MockRestServiceServer mockServer; @@ -73,32 +77,32 @@ class ClampRestControllerTest { @Test void testStaticContentUrls() throws Exception { - mvc.perform(get("/clamp/")) + mvc.perform(get("/runtime-ui/")) .andExpect(status().isOk()) - .andExpect(forwardedUrl("/clamp/index.html")); + .andExpect(forwardedUrl("/runtime-ui/index.html")); - mvc.perform(get("/clamp")) + mvc.perform(get("/runtime-ui")) .andExpect(status().is3xxRedirection()) - .andExpect(redirectedUrl("/clamp/")); + .andExpect(redirectedUrl("/runtime-ui/")); } /* - * This is a happy path test to verify that calls to /clamp/restservices/** - * are relayed to the clamp backend, and that the backend receives the + * This is a happy path test to verify that calls to <mapping-path>/** + * are relayed to the server, and that the server receives the * client certificate encoded in a header. More extensive tests of the * certificate cert filter are in ClientSslHeaderFilterTest. */ @Test - void testClampProxyWithClientCert() throws Exception { + void testServerProxyWithClientCert() throws Exception { X509Certificate cert = KeyStoreHelper.loadValidCert(); mockServer.expect( - requestTo("https://clamp-backend:8443/restservices/junit/test")) + requestTo("https://runtime-acm:8443/junit/test")) .andExpect(header(SSL_CERT_HEADER_NAME, urlEncodeCert(cert))) .andRespond(withStatus(HttpStatus.OK).body("admin")); mvc.perform( - get("/clamp/restservices/junit/test") + get("/runtime-ui/acm/restservices/junit/test") .with(x509(cert))) .andExpect(status().isOk()) .andExpect(content().string("admin")); @@ -108,20 +112,20 @@ class ClampRestControllerTest { /* * This test verifies that HTTP headers are preserved for requests to the - * clamp backend (including multi-value headers). + * server (including multi-value headers). */ @Test - void verifyClampProxyPassesHeaders() throws Exception { + void verifyServerProxyPassesHeaders() throws Exception { // Single value header final String userAgent = "User-Agent"; final String userAgentValue = "JUnit"; - // Multi value header + // Multi-value header final String acceptLanguage = "Accept-Language"; final String enUs = "en-US"; final String enIe = "en-IE"; mockServer.expect( - requestTo("https://clamp-backend:8443/restservices/junit/test")) + requestTo("https://runtime-acm:8443/junit/test")) .andExpect(method(HttpMethod.GET)) .andExpect(header(userAgent, userAgentValue)) .andExpect(header(acceptLanguage, enUs, enIe)) @@ -132,7 +136,7 @@ class ClampRestControllerTest { requestHeaders.add(acceptLanguage, enUs); requestHeaders.add(acceptLanguage, enIe); mvc.perform( - get("/clamp/restservices/junit/test") + get("/runtime-ui/acm/restservices/junit/test") .headers(requestHeaders)) .andExpect(status().isOk()); @@ -140,19 +144,19 @@ class ClampRestControllerTest { } /* - * This test verifies that error messages from the clamp backend are + * This test verifies that error messages from the server are * delivered to the client (as opposed to 500 "Internal Server Error"). */ @Test - void verifyClampProxyReturnsBackendErrorCode() throws Exception { + void verifyServerProxyReturnsBackendErrorCode() throws Exception { final String errorMessage = "This appliance cannot brew coffee"; mockServer.expect( - requestTo("https://clamp-backend:8443/restservices/coffee")) + requestTo("https://runtime-acm:8443/coffee")) .andRespond(withStatus(HttpStatus.I_AM_A_TEAPOT).body(errorMessage)); mvc.perform( - post("/clamp/restservices/coffee")) + post("/runtime-ui/acm/restservices/coffee").secure(true)) .andExpect(status().is(HttpStatus.I_AM_A_TEAPOT.value())) .andExpect(content().string(errorMessage)); diff --git a/gui-server/src/test/java/org/onap/policy/gui/server/rest/ApexEditorRestControllerTest.java b/gui-server/src/test/java/org/onap/policy/gui/server/rest/DesigntimeRestControllerTest.java index 4cfd994..92f75d5 100644 --- a/gui-server/src/test/java/org/onap/policy/gui/server/rest/ApexEditorRestControllerTest.java +++ b/gui-server/src/test/java/org/onap/policy/gui/server/rest/DesigntimeRestControllerTest.java @@ -33,29 +33,27 @@ import org.springframework.test.web.servlet.MockMvc; @SpringBootTest( properties = { - "clamp.url=https://clamp-backend:8443/", - "clamp.disable-ssl-validation=true" + "runtime-ui.policy.disable-ssl-validation=true", + "runtime-ui.policy.mapping-path=policy-api", + "runtime-ui.policy.url=http://policyapi:9876/", + "runtime-ui.acm.disable-ssl-validation=true", + "runtime-ui.acm.mapping-path=acm-runtime", + "runtime-ui.acm.url=http://acmruntime:9876/" }) @AutoConfigureMockMvc -class ApexEditorRestControllerTest { +class DesigntimeRestControllerTest { @Autowired private MockMvc mvc; @Test void testStaticContentUrls() throws Exception { - mvc.perform(get("/apex-editor/")) + mvc.perform(get("/designtime-ui/")) .andExpect(status().isOk()) - .andExpect(forwardedUrl("/apex-editor/index.html")); + .andExpect(forwardedUrl("/designtime-ui/index.html")); - mvc.perform(get("/apex-editor")) + mvc.perform(get("/designtime-ui")) .andExpect(status().is3xxRedirection()) - .andExpect(redirectedUrl("/apex-editor/")); - } - - @Test - void testApexEditorRestForwarding() throws Exception { - mvc.perform(get("/apex-editor/policy/gui/v1/apex/editor/-1/Session/Create")) - .andExpect(forwardedUrl("/policy/gui/v1/apex/editor/-1/Session/Create")); + .andExpect(redirectedUrl("/designtime-ui/")); } } diff --git a/gui-server/src/test/java/org/onap/policy/gui/server/rest/PolicyApiRestControllerTest.java b/gui-server/src/test/java/org/onap/policy/gui/server/rest/PolicyApiRestControllerTest.java new file mode 100644 index 0000000..e7c8db6 --- /dev/null +++ b/gui-server/src/test/java/org/onap/policy/gui/server/rest/PolicyApiRestControllerTest.java @@ -0,0 +1,165 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2022 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.gui.server.rest; + +import static org.onap.policy.gui.server.filters.ClientSslHeaderFilter.SSL_CERT_HEADER_NAME; +import static org.onap.policy.gui.server.test.util.X509RequestPostProcessor.x509; +import static org.onap.policy.gui.server.util.X509CertificateEncoder.urlEncodeCert; +import static org.springframework.test.web.client.match.MockRestRequestMatchers.header; +import static org.springframework.test.web.client.match.MockRestRequestMatchers.method; +import static org.springframework.test.web.client.match.MockRestRequestMatchers.requestTo; +import static org.springframework.test.web.client.response.MockRestResponseCreators.withStatus; +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.forwardedUrl; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; + +import java.security.cert.X509Certificate; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.onap.policy.gui.server.test.util.KeyStoreHelper; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.http.HttpHeaders; +import org.springframework.http.HttpMethod; +import org.springframework.http.HttpStatus; +import org.springframework.test.web.client.MockRestServiceServer; +import org.springframework.test.web.servlet.MockMvc; +import org.springframework.web.client.RestTemplate; + +@SpringBootTest( + properties = { + "runtime-ui.policy.mapping-path=/runtime-ui/policy/restservices/", + "runtime-ui.policy.url=https://policy-api:9876/", + "runtime-ui.policy.disable-ssl-validation=true", + "runtime-ui.acm.mapping-path=/runtime-ui/acm/restservices/", + "runtime-ui.acm.url=https://runtime-acm:8443/", + "runtime-ui.acm.disable-ssl-validation=true" + }) +@AutoConfigureMockMvc +class PolicyApiRestControllerTest { + + @Autowired + private MockMvc mvc; + + @Autowired + @Qualifier("policyApiRestTemplate") + private RestTemplate restTemplate; + + private MockRestServiceServer mockServer; + + @BeforeEach + public void init() { + mockServer = MockRestServiceServer.createServer(restTemplate); + } + + @Test + void testStaticContentUrls() throws Exception { + mvc.perform(get("/runtime-ui/")) + .andExpect(status().isOk()) + .andExpect(forwardedUrl("/runtime-ui/index.html")); + + mvc.perform(get("/runtime-ui")) + .andExpect(status().is3xxRedirection()) + .andExpect(redirectedUrl("/runtime-ui/")); + } + + /* + * This is a happy path test to verify that calls to <mapping-path>/** + * are relayed to the server, and that the server receives the + * client certificate encoded in a header. More extensive tests of the + * certificate cert filter are in ClientSslHeaderFilterTest. + */ + @Test + void testServerProxyWithClientCert() throws Exception { + X509Certificate cert = KeyStoreHelper.loadValidCert(); + + mockServer.expect( + requestTo("https://policy-api:9876/junit/test")) + .andExpect(header(SSL_CERT_HEADER_NAME, urlEncodeCert(cert))) + .andRespond(withStatus(HttpStatus.OK).body("admin")); + + mvc.perform( + get("/runtime-ui/policy/restservices/junit/test") + .with(x509(cert))) + .andExpect(status().isOk()) + .andExpect(content().string("admin")); + + mockServer.verify(); + } + + /* + * This test verifies that HTTP headers are preserved for requests to the + * server (including multi-value headers). + */ + @Test + void verifyServerProxyPassesHeaders() throws Exception { + // Single value header + final String userAgent = "User-Agent"; + final String userAgentValue = "JUnit"; + // Multi-value header + final String acceptLanguage = "Accept-Language"; + final String enUs = "en-US"; + final String enIe = "en-IE"; + + mockServer.expect( + requestTo("https://policy-api:9876/junit/test")) + .andExpect(method(HttpMethod.GET)) + .andExpect(header(userAgent, userAgentValue)) + .andExpect(header(acceptLanguage, enUs, enIe)) + .andRespond(withStatus(HttpStatus.OK)); + + HttpHeaders requestHeaders = new HttpHeaders(); + requestHeaders.set(userAgent, userAgentValue); + requestHeaders.add(acceptLanguage, enUs); + requestHeaders.add(acceptLanguage, enIe); + mvc.perform( + get("/runtime-ui/policy/restservices/junit/test") + .headers(requestHeaders)) + .andExpect(status().isOk()); + + mockServer.verify(); + } + + /* + * This test verifies that error messages from the server are + * delivered to the client (as opposed to 500 "Internal Server Error"). + */ + @Test + void verifyServerProxyReturnsBackendErrorCode() throws Exception { + final String errorMessage = "This appliance cannot brew coffee"; + + mockServer.expect( + requestTo("https://policy-api:9876/coffee")) + .andRespond(withStatus(HttpStatus.I_AM_A_TEAPOT).body(errorMessage)); + + mvc.perform( + post("/runtime-ui/policy/restservices/coffee").secure(true)) + .andExpect(status().is(HttpStatus.I_AM_A_TEAPOT.value())) + .andExpect(content().string(errorMessage)); + + mockServer.verify(); + } +} diff --git a/gui-server/src/test/java/org/onap/policy/gui/server/test/util/RestTemplateConfig.java b/gui-server/src/test/java/org/onap/policy/gui/server/test/util/RestTemplateConfig.java new file mode 100644 index 0000000..0d11eb7 --- /dev/null +++ b/gui-server/src/test/java/org/onap/policy/gui/server/test/util/RestTemplateConfig.java @@ -0,0 +1,56 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2022 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.gui.server.test.util; + +import java.util.ArrayList; +import java.util.List; +import javax.annotation.PostConstruct; +import lombok.Getter; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.boot.web.server.LocalServerPort; +import org.springframework.web.client.RestTemplate; + +/** + * This class setups up the REST templates for testing. + */ +public class RestTemplateConfig { + @Getter + @LocalServerPort + private int port; + + @Autowired + @Qualifier("acmRuntimeRestTemplate") + private RestTemplate acmRuntimeRestTemplate; + + @Autowired + @Qualifier("policyApiRestTemplate") + private RestTemplate policyApiRestTemplate; + + @Getter + List<RestTemplate> restTemplateList = new ArrayList<>(); + + @PostConstruct + public void setupRestTemplateList() { + restTemplateList.add(acmRuntimeRestTemplate); + restTemplateList.add(policyApiRestTemplate); + } +} diff --git a/gui-server/src/test/resources/application_http.yaml b/gui-server/src/test/resources/application_http.yaml index 24f3e8e..cebdc09 100644 --- a/gui-server/src/test/resources/application_http.yaml +++ b/gui-server/src/test/resources/application_http.yaml @@ -3,14 +3,23 @@ server: ssl: enabled: false -clamp: - url: http://localhost:30258 - disable-ssl-validation: true - disable-ssl-hostname-check: true +runtime-ui: + policy: + mapping-path: "/runtime-ui/policy/restservices" + url: http://localhost:30440 + disable-ssl-validation: true + disable-ssl-hostname-check: true -apex-editor: - upload-url: - upload-userid: + acm: + mapping-path: "/runtime-ui/acm/restservices" + url: http://localhost:30258 + disable-ssl-validation: true + disable-ssl-hostname-check: true + +designtime-ui: + apex-editor: + upload-url: + upload-userid: management: endpoints: diff --git a/gui-server/src/test/resources/application_https.yaml b/gui-server/src/test/resources/application_https.yaml new file mode 100644 index 0000000..8882c29 --- /dev/null +++ b/gui-server/src/test/resources/application_https.yaml @@ -0,0 +1,34 @@ +server: + port: 2443 + ssl: + enabled: true + enabled-protocols: TLSv1.2 + client-auth: want + key-store: file:./src/test/resources/helloworld-keystore.jks + key-store-password: changeit + trust-store: file:./src/test/resources/helloworld-truststore.jks + trust-store-password: changeit + +runtime-ui: + policy: + mapping-path: "/runtime-ui/policy/restservices" + url: http://localhost:30440 + disable-ssl-validation: true + disable-ssl-hostname-check: true + + acm: + mapping-path: "/runtime-ui/acm/restservices" + url: http://localhost:30258 + disable-ssl-validation: true + disable-ssl-hostname-check: true + +designtime-ui: + apex-editor: + upload-url: + upload-userid: + +management: + endpoints: + web: + exposure: + include: health, metrics, prometheus |