summaryrefslogtreecommitdiffstats
path: root/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test
diff options
context:
space:
mode:
Diffstat (limited to 'openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test')
-rw-r--r--openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/java/org/openecomp/sdc/vendorsoftwareproduct/impl/orchestration/csar/validation/CsarSecurityValidatorTest.java104
-rw-r--r--openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/java/org/openecomp/sdc/vendorsoftwareproduct/security/SecurityManagerTest.java154
2 files changed, 212 insertions, 46 deletions
diff --git a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/java/org/openecomp/sdc/vendorsoftwareproduct/impl/orchestration/csar/validation/CsarSecurityValidatorTest.java b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/java/org/openecomp/sdc/vendorsoftwareproduct/impl/orchestration/csar/validation/CsarSecurityValidatorTest.java
index 96d11eb148..5f880701f3 100644
--- a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/java/org/openecomp/sdc/vendorsoftwareproduct/impl/orchestration/csar/validation/CsarSecurityValidatorTest.java
+++ b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/java/org/openecomp/sdc/vendorsoftwareproduct/impl/orchestration/csar/validation/CsarSecurityValidatorTest.java
@@ -24,25 +24,43 @@ import static org.hamcrest.core.Is.is;
import static org.junit.Assert.assertThat;
import static org.junit.Assert.fail;
import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyBoolean;
+import static org.mockito.ArgumentMatchers.anyInt;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.when;
-import static org.mockito.MockitoAnnotations.initMocks;
-
+import static org.mockito.MockitoAnnotations.openMocks;
+import static org.openecomp.sdc.be.csar.storage.StorageFactory.StorageType.MINIO;
+
+import io.minio.GetObjectArgs;
+import io.minio.GetObjectResponse;
+import io.minio.MinioClient;
+import java.io.BufferedInputStream;
+import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
import java.util.UUID;
import java.util.stream.Collectors;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.Answers;
import org.mockito.Mock;
+import org.mockito.MockedStatic;
+import org.mockito.Mockito;
+import org.mockito.junit.jupiter.MockitoExtension;
import org.openecomp.sdc.be.csar.storage.ArtifactInfo;
-import org.openecomp.sdc.be.csar.storage.PersistentStorageArtifactInfo;
+import org.openecomp.sdc.be.csar.storage.MinIoArtifactInfo;
+import org.openecomp.sdc.common.CommonConfigurationManager;
import org.openecomp.sdc.vendorsoftwareproduct.impl.onboarding.OnboardingPackageProcessor;
import org.openecomp.sdc.vendorsoftwareproduct.impl.onboarding.validation.CnfPackageValidator;
import org.openecomp.sdc.vendorsoftwareproduct.security.SecurityManager;
@@ -50,6 +68,7 @@ import org.openecomp.sdc.vendorsoftwareproduct.security.SecurityManagerException
import org.openecomp.sdc.vendorsoftwareproduct.types.OnboardPackageInfo;
import org.openecomp.sdc.vendorsoftwareproduct.types.OnboardSignedPackage;
+@ExtendWith(MockitoExtension.class)
class CsarSecurityValidatorTest {
private static final String BASE_DIR = "/vspmanager.csar/signing/";
@@ -57,6 +76,16 @@ class CsarSecurityValidatorTest {
private CsarSecurityValidator csarSecurityValidator;
@Mock
private SecurityManager securityManager;
+ @Mock
+ private CommonConfigurationManager commonConfigurationManager;
+ @Mock
+ private MinioClient minioClient;
+ @Mock(answer = Answers.RETURNS_DEEP_STUBS)
+ private MinioClient.Builder builderMinio;
+ @Mock(answer = Answers.RETURNS_DEEP_STUBS)
+ private GetObjectArgs.Builder getObjectArgsBuilder;
+ @Mock
+ private GetObjectArgs getObjectArgs;
@AfterEach
void tearDown() throws Exception {
@@ -74,7 +103,7 @@ class CsarSecurityValidatorTest {
@BeforeEach
public void setUp() throws Exception {
- initMocks(this);
+ openMocks(this);
csarSecurityValidator = new CsarSecurityValidator(securityManager);
backup();
}
@@ -88,9 +117,9 @@ class CsarSecurityValidatorTest {
}
@Test
- void isSignatureValidTestCorrectStructureAndValidSignatureExists() throws SecurityManagerException, IOException {
+ void isSignatureValidTestCorrectStructureAndValidSignatureExists() throws SecurityManagerException {
final byte[] packageBytes = getFileBytesOrFail("signed-package.zip");
- final OnboardPackageInfo onboardPackageInfo = loadSignedPackageWithArtifactInfo("signed-package.zip", packageBytes, null);
+ final OnboardPackageInfo onboardPackageInfo = loadSignedPackageWithArtifactInfoS3Store("signed-package.zip", packageBytes, null);
when(securityManager.verifyPackageSignedData(any(OnboardSignedPackage.class), any(ArtifactInfo.class))).thenReturn(true);
final boolean isSignatureValid = csarSecurityValidator
.verifyPackageSignature((OnboardSignedPackage) onboardPackageInfo.getOriginalOnboardPackage(), onboardPackageInfo.getArtifactInfo());
@@ -98,15 +127,53 @@ class CsarSecurityValidatorTest {
}
@Test
- void isSignatureValidTestCorrectStructureAndNotValidSignatureExists() throws SecurityManagerException {
- final byte[] packageBytes = getFileBytesOrFail("signed-package-tampered-data.zip");
- final OnboardPackageInfo onboardPackageInfo = loadSignedPackageWithArtifactInfo("signed-package-tampered-data.zip", packageBytes, null);
- //no mocked securityManager
- csarSecurityValidator = new CsarSecurityValidator();
- Assertions.assertThrows(SecurityManagerException.class, () -> {
- csarSecurityValidator
- .verifyPackageSignature((OnboardSignedPackage) onboardPackageInfo.getOriginalOnboardPackage(), onboardPackageInfo.getArtifactInfo());
- });
+ void isSignatureValidTestCorrectStructureAndNotValidSignatureExists() throws Exception {
+
+ final Map<String, Object> endpoint = new HashMap<>();
+ endpoint.put("host", "localhost");
+ endpoint.put("port", 9000);
+ final Map<String, Object> credentials = new HashMap<>();
+ credentials.put("accessKey", "login");
+ credentials.put("secretKey", "password");
+
+ try (MockedStatic<CommonConfigurationManager> utilities = Mockito.mockStatic(CommonConfigurationManager.class)) {
+ utilities.when(CommonConfigurationManager::getInstance).thenReturn(commonConfigurationManager);
+ try (MockedStatic<MinioClient> minioUtilities = Mockito.mockStatic(MinioClient.class)) {
+ minioUtilities.when(MinioClient::builder).thenReturn(builderMinio);
+ when(builderMinio
+ .endpoint(anyString(), anyInt(), anyBoolean())
+ .credentials(anyString(), anyString())
+ .build()
+ ).thenReturn(minioClient);
+
+ when(commonConfigurationManager.getConfigValue("externalCsarStore", "endpoint", null)).thenReturn(endpoint);
+ when(commonConfigurationManager.getConfigValue("externalCsarStore", "credentials", null)).thenReturn(credentials);
+ when(commonConfigurationManager.getConfigValue("externalCsarStore", "tempPath", null)).thenReturn("cert/2-file-signed-package");
+ when(commonConfigurationManager.getConfigValue(eq("externalCsarStore"), eq("storageType"), any())).thenReturn(MINIO.name());
+
+ final byte[] packageBytes = getFileBytesOrFail("signed-package-tampered-data.zip");
+
+ when(getObjectArgsBuilder
+ .bucket(anyString())
+ .object(anyString())
+ .build()
+ ).thenReturn(getObjectArgs);
+
+ when(minioClient.getObject(any(GetObjectArgs.class)))
+ .thenReturn(new GetObjectResponse(null, "bucket", "", "objectName",
+ new BufferedInputStream(new ByteArrayInputStream(packageBytes))));
+
+ final OnboardPackageInfo onboardPackageInfo = loadSignedPackageWithArtifactInfoS3Store("signed-package-tampered-data.zip",
+ packageBytes,
+ null);
+ //no mocked securityManager
+ csarSecurityValidator = new CsarSecurityValidator();
+ Assertions.assertThrows(SecurityManagerException.class, () -> {
+ csarSecurityValidator.verifyPackageSignature((OnboardSignedPackage) onboardPackageInfo.getOriginalOnboardPackage(),
+ onboardPackageInfo.getArtifactInfo());
+ });
+ }
+ }
}
@Test
@@ -148,11 +215,10 @@ class CsarSecurityValidatorTest {
CsarSecurityValidatorTest.class.getResource(BASE_DIR + path).toURI()));
}
- private OnboardPackageInfo loadSignedPackageWithArtifactInfo(final String packageName, final byte[] packageBytes,
- final CnfPackageValidator cnfPackageValidator) {
+ private OnboardPackageInfo loadSignedPackageWithArtifactInfoS3Store(final String packageName, final byte[] packageBytes,
+ final CnfPackageValidator cnfPackageValidator) {
final OnboardingPackageProcessor onboardingPackageProcessor =
- new OnboardingPackageProcessor(packageName, packageBytes, cnfPackageValidator,
- new PersistentStorageArtifactInfo(Path.of("src/test/resources/vspmanager.csar/signing/signed-package.zip")));
+ new OnboardingPackageProcessor(packageName, packageBytes, cnfPackageValidator, new MinIoArtifactInfo("bucket", "object"));
final OnboardPackageInfo onboardPackageInfo = onboardingPackageProcessor.getOnboardPackageInfo().orElse(null);
if (onboardPackageInfo == null) {
fail("Unexpected error. Could not load original package");
diff --git a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/java/org/openecomp/sdc/vendorsoftwareproduct/security/SecurityManagerTest.java b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/java/org/openecomp/sdc/vendorsoftwareproduct/security/SecurityManagerTest.java
index 6dc5517c45..afc43967c9 100644
--- a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/java/org/openecomp/sdc/vendorsoftwareproduct/security/SecurityManagerTest.java
+++ b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/java/org/openecomp/sdc/vendorsoftwareproduct/security/SecurityManagerTest.java
@@ -22,29 +22,61 @@ package org.openecomp.sdc.vendorsoftwareproduct.security;
import static junit.framework.TestCase.assertEquals;
import static junit.framework.TestCase.assertTrue;
-
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyBoolean;
+import static org.mockito.ArgumentMatchers.anyInt;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.ArgumentMatchers.eq;
+import static org.mockito.Mockito.when;
+import static org.mockito.MockitoAnnotations.openMocks;
+import static org.openecomp.sdc.be.csar.storage.StorageFactory.StorageType.MINIO;
+
+import io.minio.GetObjectArgs;
+import io.minio.GetObjectResponse;
+import io.minio.MinioClient;
+import java.io.BufferedInputStream;
+import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.IOException;
import java.net.URISyntaxException;
import java.nio.file.Files;
-import java.nio.file.Path;
import java.nio.file.Paths;
+import java.util.HashMap;
+import java.util.Map;
import org.apache.commons.io.FileUtils;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
-import org.openecomp.sdc.be.csar.storage.PersistentStorageArtifactInfo;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.Answers;
+import org.mockito.Mock;
+import org.mockito.MockedStatic;
+import org.mockito.Mockito;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.openecomp.sdc.be.csar.storage.MinIoArtifactInfo;
+import org.openecomp.sdc.common.CommonConfigurationManager;
import org.openecomp.sdc.vendorsoftwareproduct.impl.onboarding.OnboardingPackageProcessor;
import org.openecomp.sdc.vendorsoftwareproduct.impl.onboarding.validation.CnfPackageValidator;
import org.openecomp.sdc.vendorsoftwareproduct.types.OnboardPackageInfo;
import org.openecomp.sdc.vendorsoftwareproduct.types.OnboardSignedPackage;
+@ExtendWith(MockitoExtension.class)
class SecurityManagerTest {
private File certDir;
private String cerDirPath = "/tmp/cert/";
private SecurityManager securityManager;
+ @Mock
+ private CommonConfigurationManager commonConfigurationManager;
+ @Mock
+ private MinioClient minioClient;
+ @Mock(answer = Answers.RETURNS_DEEP_STUBS)
+ private MinioClient.Builder builderMinio;
+ @Mock(answer = Answers.RETURNS_DEEP_STUBS)
+ private GetObjectArgs.Builder getObjectArgsBuilder;
+ @Mock
+ private GetObjectArgs getObjectArgs;
private File prepareCertFiles(String origFilePath, String newFilePath) throws IOException, URISyntaxException {
File origFile = new File(getClass().getResource(origFilePath).toURI());
@@ -60,12 +92,14 @@ class SecurityManagerTest {
@BeforeEach
public void setUp() throws IOException {
+ openMocks(this);
certDir = new File(cerDirPath);
if (certDir.exists()) {
tearDown();
}
certDir.mkdirs();
securityManager = new SecurityManager(certDir.getPath());
+
}
@AfterEach
@@ -123,18 +157,51 @@ class SecurityManagerTest {
}
@Test
- void verifySignedDataTestCertIncludedIntoSignatureArtifactStorageManagerIsEnabled()
- throws IOException, URISyntaxException, SecurityManagerException {
- prepareCertFiles("/cert/rootCA.cert", cerDirPath + "root.cert");
- byte[] fileToUploadBytes = readAllBytes("/cert/2-file-signed-package/2-file-signed-package.zip");
-
- final var onboardingPackageProcessor = new OnboardingPackageProcessor("2-file-signed-package.zip", fileToUploadBytes,
- new CnfPackageValidator(),
- new PersistentStorageArtifactInfo(Path.of("src/test/resources/cert/2-file-signed-package/2-file-signed-package.zip")));
- final OnboardPackageInfo onboardPackageInfo = onboardingPackageProcessor.getOnboardPackageInfo().orElse(null);
-
- assertTrue(securityManager
- .verifyPackageSignedData((OnboardSignedPackage) onboardPackageInfo.getOriginalOnboardPackage(), onboardPackageInfo.getArtifactInfo()));
+ void verifySignedDataTestCertIncludedIntoSignatureArtifactStorageManagerIsEnabled() throws Exception {
+
+ final Map<String, Object> endpoint = new HashMap<>();
+ endpoint.put("host", "localhost");
+ endpoint.put("port", 9000);
+ final Map<String, Object> credentials = new HashMap<>();
+ credentials.put("accessKey", "login");
+ credentials.put("secretKey", "password");
+
+ try (MockedStatic<CommonConfigurationManager> utilities = Mockito.mockStatic(CommonConfigurationManager.class)) {
+ utilities.when(CommonConfigurationManager::getInstance).thenReturn(commonConfigurationManager);
+ try (MockedStatic<MinioClient> minioUtilities = Mockito.mockStatic(MinioClient.class)) {
+ minioUtilities.when(MinioClient::builder).thenReturn(builderMinio);
+ when(builderMinio
+ .endpoint(anyString(), anyInt(), anyBoolean())
+ .credentials(anyString(), anyString())
+ .build()
+ ).thenReturn(minioClient);
+
+ when(commonConfigurationManager.getConfigValue("externalCsarStore", "endpoint", null)).thenReturn(endpoint);
+ when(commonConfigurationManager.getConfigValue("externalCsarStore", "credentials", null)).thenReturn(credentials);
+ when(commonConfigurationManager.getConfigValue("externalCsarStore", "tempPath", null)).thenReturn("cert/2-file-signed-package");
+ when(commonConfigurationManager.getConfigValue(eq("externalCsarStore"), eq("storageType"), any())).thenReturn(MINIO.name());
+
+ prepareCertFiles("/cert/rootCA.cert", cerDirPath + "root.cert");
+ byte[] fileToUploadBytes = readAllBytes("/cert/2-file-signed-package/2-file-signed-package.zip");
+ when(getObjectArgsBuilder
+ .bucket(anyString())
+ .object(anyString())
+ .build()
+ ).thenReturn(getObjectArgs);
+
+ when(minioClient.getObject(any(GetObjectArgs.class)))
+ .thenReturn(new GetObjectResponse(null, "bucket", "", "objectName",
+ new BufferedInputStream(new ByteArrayInputStream(fileToUploadBytes))));
+
+ final var onboardingPackageProcessor = new OnboardingPackageProcessor("2-file-signed-package.zip", fileToUploadBytes,
+ new CnfPackageValidator(), new MinIoArtifactInfo("bucket", "objectName"));
+ final OnboardPackageInfo onboardPackageInfo = onboardingPackageProcessor.getOnboardPackageInfo().orElse(null);
+
+ assertTrue(securityManager
+ .verifyPackageSignedData((OnboardSignedPackage) onboardPackageInfo.getOriginalOnboardPackage(),
+ onboardPackageInfo.getArtifactInfo()));
+ }
+ }
}
@Test
@@ -158,18 +225,51 @@ class SecurityManagerTest {
}
@Test
- void verifySignedDataTestCertNotIncludedIntoSignatureArtifactStorageManagerIsEnabled()
- throws IOException, URISyntaxException, SecurityManagerException {
- prepareCertFiles("/cert/rootCA.cert", cerDirPath + "root.cert");
- byte[] fileToUploadBytes = readAllBytes("/cert/3-file-signed-package/3-file-signed-package.zip");
-
- final var onboardingPackageProcessor = new OnboardingPackageProcessor("3-file-signed-package.zip", fileToUploadBytes,
- new CnfPackageValidator(),
- new PersistentStorageArtifactInfo(Path.of("src/test/resources/cert/3-file-signed-package/3-file-signed-package.zip")));
- final OnboardPackageInfo onboardPackageInfo = onboardingPackageProcessor.getOnboardPackageInfo().orElse(null);
-
- assertTrue(securityManager
- .verifyPackageSignedData((OnboardSignedPackage) onboardPackageInfo.getOriginalOnboardPackage(), onboardPackageInfo.getArtifactInfo()));
+ void verifySignedDataTestCertNotIncludedIntoSignatureArtifactStorageManagerIsEnabled() throws Exception {
+
+ final Map<String, Object> endpoint = new HashMap<>();
+ endpoint.put("host", "localhost");
+ endpoint.put("port", 9000);
+ final Map<String, Object> credentials = new HashMap<>();
+ credentials.put("accessKey", "login");
+ credentials.put("secretKey", "password");
+
+ try (MockedStatic<CommonConfigurationManager> utilities = Mockito.mockStatic(CommonConfigurationManager.class)) {
+ utilities.when(CommonConfigurationManager::getInstance).thenReturn(commonConfigurationManager);
+ try (MockedStatic<MinioClient> minioUtilities = Mockito.mockStatic(MinioClient.class)) {
+ minioUtilities.when(MinioClient::builder).thenReturn(builderMinio);
+ when(builderMinio
+ .endpoint(anyString(), anyInt(), anyBoolean())
+ .credentials(anyString(), anyString())
+ .build()
+ ).thenReturn(minioClient);
+
+ when(commonConfigurationManager.getConfigValue("externalCsarStore", "endpoint", null)).thenReturn(endpoint);
+ when(commonConfigurationManager.getConfigValue("externalCsarStore", "credentials", null)).thenReturn(credentials);
+ when(commonConfigurationManager.getConfigValue("externalCsarStore", "tempPath", null)).thenReturn("tempPath");
+ when(commonConfigurationManager.getConfigValue(eq("externalCsarStore"), eq("storageType"), any())).thenReturn(MINIO.name());
+
+ prepareCertFiles("/cert/rootCA.cert", cerDirPath + "root.cert");
+ byte[] fileToUploadBytes = readAllBytes("/cert/3-file-signed-package/3-file-signed-package.zip");
+ when(getObjectArgsBuilder
+ .bucket(anyString())
+ .object(anyString())
+ .build()
+ ).thenReturn(getObjectArgs);
+
+ when(minioClient.getObject(any(GetObjectArgs.class)))
+ .thenReturn(new GetObjectResponse(null, "bucket", "", "objectName",
+ new BufferedInputStream(new ByteArrayInputStream(fileToUploadBytes))));
+
+ final var onboardingPackageProcessor = new OnboardingPackageProcessor("3-file-signed-package.zip", fileToUploadBytes,
+ new CnfPackageValidator(), new MinIoArtifactInfo("bucket", "objectName"));
+ final OnboardPackageInfo onboardPackageInfo = onboardingPackageProcessor.getOnboardPackageInfo().orElse(null);
+
+ assertTrue(securityManager
+ .verifyPackageSignedData((OnboardSignedPackage) onboardPackageInfo.getOriginalOnboardPackage(),
+ onboardPackageInfo.getArtifactInfo()));
+ }
+ }
}
@Test