Added HTTPS and CADI/AAF Support for PDP-X

- Yay I found the mysterious https issue that caused the junit to fail.
Please don't laugh, it was a typo :)

- Made changes per review comments
	1) Added builder class for RestServer constructor
	2) removed some try/catch blocks in junit
	3) Other minor changes

- More changes per review comments
- Added changes per Ram's review comments (not lombrok yet)
- Made changes for ONAP API CVS guidelines

Change-Id: Ie1a6225459b3ce235cd73828ccddec04c690f5fd
Issue-ID: POLICY-1436
Signed-off-by: Michael Mokry <michael.mokry@att.com>

5 files changed, 192 insertions, 40 deletions

diff --git a/main/src/test/java/org/onap/policy/pdpx/main/parameters/CommonTestData.java b/main/src/test/java/org/onap/policy/pdpx/main/parameters/CommonTestData.java
index f50871ec..1bf2294c 100644
--- a/main/src/test/java/org/onap/policy/pdpx/main/parameters/CommonTestData.java
+++ b/main/src/test/java/org/onap/policy/pdpx/main/parameters/CommonTestData.java
@@ -30,6 +30,8 @@ public class CommonTestData {
     private static final String REST_SERVER_USER = "healthcheck";
     private static final int REST_SERVER_PORT = 6969;
     private static final String REST_SERVER_HOST = "0.0.0.0";
+    private static final boolean REST_SERVER_HTTPS = false;
+    private static final boolean REST_SERVER_AAF = false;
     public static final String PDPX_GROUP_NAME = "XacmlPdpGroup";
 
     /**
@@ -39,13 +41,16 @@ public class CommonTestData {
      * @return the restServerParameters object
      */
     public RestServerParameters getRestServerParameters(final boolean isEmpty) {
-        final RestServerParameters restServerParameters;
+        final RestServerBuilder builder;
         if (!isEmpty) {
-            restServerParameters = new RestServerParameters(REST_SERVER_HOST, REST_SERVER_PORT, REST_SERVER_USER,
-                    REST_SERVER_PASSWORD);
+            builder = new RestServerBuilder().setHost(REST_SERVER_HOST).setPort(REST_SERVER_PORT)
+                    .setUserName(REST_SERVER_USER).setPassword(REST_SERVER_PASSWORD).setHttps(REST_SERVER_HTTPS)
+                    .setAaf(REST_SERVER_AAF);
         } else {
-            restServerParameters = new RestServerParameters(null, 0, null, null);
+            builder = new RestServerBuilder().setHost(null).setPort(0).setUserName(null).setPassword(null)
+                    .setHttps(REST_SERVER_HTTPS).setAaf(REST_SERVER_AAF);
         }
+        final RestServerParameters restServerParameters = new RestServerParameters(builder);
         return restServerParameters;
     }
 
diff --git a/main/src/test/java/org/onap/policy/pdpx/main/parameters/TestXacmlPdpParameterGroup.java b/main/src/test/java/org/onap/policy/pdpx/main/parameters/TestXacmlPdpParameterGroup.java
index 4b9db99d..48606c98 100644
--- a/main/src/test/java/org/onap/policy/pdpx/main/parameters/TestXacmlPdpParameterGroup.java
+++ b/main/src/test/java/org/onap/policy/pdpx/main/parameters/TestXacmlPdpParameterGroup.java
@@ -47,6 +47,8 @@ public class TestXacmlPdpParameterGroup {
         assertEquals(restServerParameters.getUserName(), pdpxParameters.getRestServerParameters().getUserName());
         assertEquals(restServerParameters.getPassword(), pdpxParameters.getRestServerParameters().getPassword());
         assertEquals(CommonTestData.PDPX_GROUP_NAME, pdpxParameters.getName());
+        assertFalse(pdpxParameters.getRestServerParameters().isHttps());
+        assertFalse(pdpxParameters.getRestServerParameters().isAaf());
     }
 
     @Test
diff --git a/main/src/test/java/org/onap/policy/pdpx/main/rest/TestXacmlPdpRestServer.java b/main/src/test/java/org/onap/policy/pdpx/main/rest/TestXacmlPdpRestServer.java
index 2170c8a3..0f608e29 100644
--- a/main/src/test/java/org/onap/policy/pdpx/main/rest/TestXacmlPdpRestServer.java
+++ b/main/src/test/java/org/onap/policy/pdpx/main/rest/TestXacmlPdpRestServer.java
@@ -18,7 +18,6 @@
  * ============LICENSE_END=========================================================
  */
 
-
 package org.onap.policy.pdpx.main.rest;
 
 import static org.junit.Assert.assertEquals;
@@ -26,6 +25,14 @@ import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
 import java.io.IOException;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.Modifier;
+import java.security.SecureRandom;
+import java.security.cert.X509Certificate;
+import java.util.Properties;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
 import javax.ws.rs.client.Client;
 import javax.ws.rs.client.ClientBuilder;
 import javax.ws.rs.client.Invocation;
@@ -33,19 +40,20 @@ import javax.ws.rs.client.WebTarget;
 import javax.ws.rs.core.MediaType;
 import org.glassfish.jersey.client.ClientConfig;
 import org.glassfish.jersey.client.authentication.HttpAuthenticationFeature;
+import org.junit.After;
 import org.junit.Test;
 import org.onap.policy.common.endpoints.report.HealthCheckReport;
 import org.onap.policy.common.utils.network.NetworkUtil;
 import org.onap.policy.pdpx.main.PolicyXacmlPdpException;
 import org.onap.policy.pdpx.main.parameters.CommonTestData;
 import org.onap.policy.pdpx.main.parameters.RestServerParameters;
+import org.onap.policy.pdpx.main.rest.model.StatisticsReport;
 import org.onap.policy.pdpx.main.startstop.Main;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-
 /**
- * Class to perform unit test of HealthCheckMonitor.
+ * Class to perform unit test of {@link XacmlPdpRestServer}.
  *
  */
 public class TestXacmlPdpRestServer {
@@ -55,45 +63,124 @@ public class TestXacmlPdpRestServer {
     private static final String ALIVE = "alive";
     private static final String SELF = "self";
     private static final String NAME = "Policy Xacml PDP";
+    private static final String HEALTHCHECK_ENDPOINT = "healthcheck";
+    private static final String STATISTICS_ENDPOINT = "statistics";
+    private static String KEYSTORE = System.getProperty("user.dir") + "/src/test/resources/ssl/policy-keystore";
+    private Main main;
+    private XacmlPdpRestServer restServer;
 
-    @Test
-    public void testHealthCheckSuccess() throws PolicyXacmlPdpException, InterruptedException {
-        final String reportString = "Report [name=Policy Xacml PDP, url=self, healthy=true, code=200, message=alive]";
+    /**
+     * Method for cleanup after each test.
+     */
+    @After
+    public void teardown() {
         try {
-            final Main main = startXacmlPdpService();
-            final HealthCheckReport report = performHealthCheck();
-            validateReport(NAME, SELF, true, 200, ALIVE, reportString, report);
-            stopXacmlPdpService(main);
-        } catch (final Exception e) {
-            LOGGER.error("testHealthCheckSuccess failed", e);
-            fail("Test should not throw an exception");
+            if (NetworkUtil.isTcpPortOpen("localhost", 6969, 1, 1000L)) {
+                if (main != null) {
+                    stopXacmlPdpService(main);
+                }
+
+                if (restServer != null) {
+                    restServer.stop();
+                }
+            }
+        } catch (IOException | PolicyXacmlPdpException e) {
+            LOGGER.error("teardown failed", e);
+        } catch (InterruptedException ie) {
+            Thread.interrupted();
+            LOGGER.error("teardown failed", ie);
         }
+    }
 
+    @Test
+    public void testHealthCheckSuccess() throws IOException, InterruptedException {
+        main = startXacmlPdpService(true);
+        final Invocation.Builder invocationBuilder = sendHttpRequest(HEALTHCHECK_ENDPOINT);
+        final HealthCheckReport report = invocationBuilder.get(HealthCheckReport.class);
+        validateHealthCheckReport(NAME, SELF, true, 200, ALIVE, report);
     }
 
     @Test
-    public void testHealthCheckFailure() throws InterruptedException {
-        final String reportString =
-                "Report [name=Policy Xacml PDP, url=self, healthy=false, code=500, message=not alive]";
+    public void testHealthCheckFailure() throws InterruptedException, IOException {
         final RestServerParameters restServerParams = new CommonTestData().getRestServerParameters(false);
         restServerParams.setName(CommonTestData.PDPX_GROUP_NAME);
-        final XacmlPdpRestServer restServer = new XacmlPdpRestServer(restServerParams);
+        restServer = new XacmlPdpRestServer(restServerParams);
+        restServer.start();
+        final Invocation.Builder invocationBuilder = sendHttpRequest(HEALTHCHECK_ENDPOINT);
+        final HealthCheckReport report = invocationBuilder.get(HealthCheckReport.class);
+        validateHealthCheckReport(NAME, SELF, false, 500, NOT_ALIVE, report);
+        assertTrue(restServer.isAlive());
+        assertTrue(restServer.toString().startsWith("XacmlPdpRestServer [servers="));
+    }
+
+    @Test
+    public void testHttpsHealthCheckSuccess() throws Exception {
+        main = startXacmlPdpService(false);
+        final Invocation.Builder invocationBuilder = sendHttpsRequest(HEALTHCHECK_ENDPOINT);
+        final HealthCheckReport report = invocationBuilder.get(HealthCheckReport.class);
+        validateHealthCheckReport(NAME, SELF, true, 200, ALIVE, report);
+    }
+
+    @Test
+    public void testStatistics_200() throws IOException, InterruptedException {
+        main = startXacmlPdpService(true);
+        Invocation.Builder invocationBuilder = sendHttpRequest(STATISTICS_ENDPOINT);
+        StatisticsReport report = invocationBuilder.get(StatisticsReport.class);
+        validateStatisticsReport(report, 0, 200);
+        updateXacmlPdpStatistics();
+        invocationBuilder = sendHttpRequest(STATISTICS_ENDPOINT);
+        report = invocationBuilder.get(StatisticsReport.class);
+        validateStatisticsReport(report, 1, 200);
+        XacmlPdpStatisticsManager.resetAllStatistics();
+    }
+
+    @Test
+    public void testStatistics_500() throws IOException, InterruptedException {
+        final RestServerParameters restServerParams = new CommonTestData().getRestServerParameters(false);
+        restServerParams.setName(CommonTestData.PDPX_GROUP_NAME);
+        restServer = new XacmlPdpRestServer(restServerParams);
+        restServer.start();
+        final Invocation.Builder invocationBuilder = sendHttpRequest(STATISTICS_ENDPOINT);
+        final StatisticsReport report = invocationBuilder.get(StatisticsReport.class);
+        validateStatisticsReport(report, 0, 500);
+        XacmlPdpStatisticsManager.resetAllStatistics();
+    }
+
+    @Test
+    public void testHttpsStatistic() throws Exception {
+        main = startXacmlPdpService(false);
+        final Invocation.Builder invocationBuilder = sendHttpsRequest(STATISTICS_ENDPOINT);
+        final StatisticsReport report = invocationBuilder.get(StatisticsReport.class);
+        validateStatisticsReport(report, 0, 200);
+    }
 
+    @Test
+    public void testStatisticsConstructorIsPrivate() {
         try {
-            restServer.start();
-            final HealthCheckReport report = performHealthCheck();
-            validateReport(NAME, SELF, false, 500, NOT_ALIVE, reportString, report);
-            assertTrue(restServer.isAlive());
-            assertTrue(restServer.toString().startsWith("XacmlPdpRestServer [servers="));
-            restServer.shutdown();
-        } catch (final Exception e) {
-            LOGGER.error("testHealthCheckSuccess failed", e);
-            fail("Test should not throw an exception");
+            final Constructor<XacmlPdpStatisticsManager> constructor =
+                    XacmlPdpStatisticsManager.class.getDeclaredConstructor();
+            assertTrue(Modifier.isPrivate(constructor.getModifiers()));
+            constructor.setAccessible(true);
+            constructor.newInstance();
+            fail("Expected an InstantiationException to be thrown");
+        } catch (final Exception exp) {
+            assertTrue(exp.getCause().toString().contains("Instantiation of the class is not allowed"));
         }
     }
 
-    private Main startXacmlPdpService() {
-        final String[] xacmlPdpConfigParameters = {"-c", "parameters/XacmlPdpConfigParameters.json"};
+    private Main startXacmlPdpService(final boolean http) {
+        final String[] xacmlPdpConfigParameters = new String[2];
+        if (http) {
+            xacmlPdpConfigParameters[0] = "-c";
+            xacmlPdpConfigParameters[1] = "parameters/XacmlPdpConfigParameters.json";
+        } else {
+            final Properties systemProps = System.getProperties();
+            systemProps.put("javax.net.ssl.keyStore", KEYSTORE);
+            systemProps.put("javax.net.ssl.keyStorePassword", "Pol1cy_0nap");
+            System.setProperties(systemProps);
+            xacmlPdpConfigParameters[0] = "-c";
+            xacmlPdpConfigParameters[1] = "parameters/XacmlPdpConfigParameters_Https.json";
+        }
         return new Main(xacmlPdpConfigParameters);
     }
 
@@ -101,32 +188,80 @@ public class TestXacmlPdpRestServer {
         main.shutdown();
     }
 
-    private HealthCheckReport performHealthCheck() throws InterruptedException, IOException {
-
+    private Invocation.Builder sendHttpRequest(final String endpoint) throws IOException, InterruptedException {
         final ClientConfig clientConfig = new ClientConfig();
 
         final HttpAuthenticationFeature feature = HttpAuthenticationFeature.basic("healthcheck", "zb!XztG34");
         clientConfig.register(feature);
 
         final Client client = ClientBuilder.newClient(clientConfig);
-        final WebTarget webTarget = client.target("http://localhost:6969/policy/pdpx/v1/healthcheck");
+        final WebTarget webTarget = client.target("http://localhost:6969/policy/pdpx/v1/" + endpoint);
 
         final Invocation.Builder invocationBuilder = webTarget.request(MediaType.APPLICATION_JSON);
 
         if (!NetworkUtil.isTcpPortOpen("localhost", 6969, 6, 10000L)) {
-            throw new IllegalStateException("Cannot connect to port 6969");
+            throw new IllegalStateException("cannot connect to port 6969");
         }
+        return invocationBuilder;
+    }
+
+    private Invocation.Builder sendHttpsRequest(final String endpoint) throws Exception {
+
+        final TrustManager[] noopTrustManager = new TrustManager[] {new X509TrustManager() {
+
+            @Override
+            public X509Certificate[] getAcceptedIssuers() {
+                return new X509Certificate[0];
+            }
+
+            @Override
+            public void checkClientTrusted(final java.security.cert.X509Certificate[] certs, final String authType) {}
+
+            @Override
+            public void checkServerTrusted(final java.security.cert.X509Certificate[] certs, final String authType) {}
+        }};
+
+        final SSLContext sc = SSLContext.getInstance("TLSv1.2");
+        sc.init(null, noopTrustManager, new SecureRandom());
+        final ClientBuilder clientBuilder =
+                ClientBuilder.newBuilder().sslContext(sc).hostnameVerifier((host, session) -> true);
+        final Client client = clientBuilder.build();
+        final HttpAuthenticationFeature feature = HttpAuthenticationFeature.basic("healthcheck", "zb!XztG34");
+        client.register(feature);
 
-        return invocationBuilder.get(HealthCheckReport.class);
+        final WebTarget webTarget = client.target("https://localhost:6969/policy/pdpx/v1/" + endpoint);
+
+        final Invocation.Builder invocationBuilder = webTarget.request(MediaType.APPLICATION_JSON);
+
+        if (!NetworkUtil.isTcpPortOpen("localhost", 6969, 6, 10000L)) {
+            throw new IllegalStateException("cannot connect to port 6969");
+        }
+        return invocationBuilder;
+    }
+
+    private void updateXacmlPdpStatistics() {
+        XacmlPdpStatisticsManager.updateTotalPoliciesCount();
+        XacmlPdpStatisticsManager.updatePermitDecisionsCount();
+        XacmlPdpStatisticsManager.updateDenyDecisionsCount();
+        XacmlPdpStatisticsManager.updateIndeterminantDecisionsCount();
+        XacmlPdpStatisticsManager.updateNotApplicableDecisionsCount();
+    }
+
+    private void validateStatisticsReport(final StatisticsReport report, final int count, final int code) {
+        assertEquals(code, report.getCode());
+        assertEquals(count, report.getTotalPoliciesCount());
+        assertEquals(count, report.getPermitDecisionsCount());
+        assertEquals(count, report.getDenyDecisionsCount());
+        assertEquals(count, report.getIndeterminantDecisionsCount());
+        assertEquals(count, report.getNotApplicableDecisionsCount());
     }
 
-    private void validateReport(final String name, final String url, final boolean healthy, final int code,
-            final String message, final String reportString, final HealthCheckReport report) {
+    private void validateHealthCheckReport(final String name, final String url, final boolean healthy, final int code,
+            final String message, final HealthCheckReport report) {
         assertEquals(name, report.getName());
         assertEquals(url, report.getUrl());
         assertEquals(healthy, report.isHealthy());
         assertEquals(code, report.getCode());
         assertEquals(message, report.getMessage());
-        assertEquals(reportString, report.toString());
     }
 }
diff --git a/main/src/test/resources/parameters/XacmlPdpConfigParameters_Https.json b/main/src/test/resources/parameters/XacmlPdpConfigParameters_Https.json
new file mode 100644
index 00000000..b467fe4c
--- /dev/null
+++ b/main/src/test/resources/parameters/XacmlPdpConfigParameters_Https.json
@@ -0,0 +1,10 @@
+{
+    "name":"XacmlPdpGroup",
+    "restServerParameters":{
+        "host":"0.0.0.0",
+        "port":6969,
+        "userName":"healthcheck",
+        "password":"zb!XztG34",
+        "https":true
+    }
+}
\ No newline at end of file
diff --git a/main/src/test/resources/ssl/policy-keystore b/main/src/test/resources/ssl/policy-keystore
new file mode 100644
index 00000000..7d2b1ecc
--- /dev/null
+++ b/main/src/test/resources/ssl/policy-keystore