From e558a6469df40ba7c7aca8cdf81cacd703cd4b0b Mon Sep 17 00:00:00 2001 From: Tomasz Golabek Date: Wed, 21 Aug 2019 10:40:45 +0200 Subject: unit tests - sdc-healthcheck-manager Additional junit tests Change-Id: I6562e5085f7bfd692db129bf1706f3f569ebd793 Issue-ID: SDC-2326 Signed-off-by: Tomasz Golabek --- .../ApplicationConfigManagerTest.java | 82 ---------- .../openecomp-sdc-healthcheck-manager/pom.xml | 6 + .../sdc/health/data/HealthCheckResultTest.java | 32 ++++ .../sdc/health/data/HealthCheckStatusTest.java | 40 +++++ .../openecomp/sdc/health/data/HealthInfoTest.java | 32 ++++ .../sdc/health/data/MonitoredModulesTest.java | 40 +++++ .../openecomp/sdc/health/data/SiteModeTest.java | 39 +++++ .../src/test/AuthenticationCookieUtilsTest.java | 74 --------- .../src/test/CipherUtilTest.java | 76 --------- .../src/test/PasswordsTest.java | 97 ----------- .../src/test/RepresentationUtilsTest.java | 54 ------- .../src/test/SecurityUtilTest.java | 50 ------ .../src/test/SessionValidationFilterTest.java | 177 -------------------- .../test/java/AuthenticationCookieUtilsTest.java | 64 ++++++++ .../src/test/java/CipherUtilTest.java | 73 +++++++++ .../src/test/java/PasswordsTest.java | 95 +++++++++++ .../src/test/java/RepresentationUtilsTest.java | 54 +++++++ .../src/test/java/SecurityUtilTest.java | 49 ++++++ .../src/test/java/SessionValidationFilterTest.java | 178 +++++++++++++++++++++ 19 files changed, 702 insertions(+), 610 deletions(-) delete mode 100644 openecomp-be/backend/openecomp-sdc-application-config-manager/src/test/java/org/openecomp/sdc/applicationconfig/ApplicationConfigManagerTest.java create mode 100644 openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/HealthCheckResultTest.java create mode 100644 openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/HealthCheckStatusTest.java create mode 100644 openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/HealthInfoTest.java create mode 100644 openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/MonitoredModulesTest.java create mode 100644 openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/SiteModeTest.java delete mode 100644 openecomp-be/backend/openecomp-sdc-security-util/src/test/AuthenticationCookieUtilsTest.java delete mode 100644 openecomp-be/backend/openecomp-sdc-security-util/src/test/CipherUtilTest.java delete mode 100644 openecomp-be/backend/openecomp-sdc-security-util/src/test/PasswordsTest.java delete mode 100644 openecomp-be/backend/openecomp-sdc-security-util/src/test/RepresentationUtilsTest.java delete mode 100644 openecomp-be/backend/openecomp-sdc-security-util/src/test/SecurityUtilTest.java delete mode 100644 openecomp-be/backend/openecomp-sdc-security-util/src/test/SessionValidationFilterTest.java create mode 100644 openecomp-be/backend/openecomp-sdc-security-util/src/test/java/AuthenticationCookieUtilsTest.java create mode 100644 openecomp-be/backend/openecomp-sdc-security-util/src/test/java/CipherUtilTest.java create mode 100644 openecomp-be/backend/openecomp-sdc-security-util/src/test/java/PasswordsTest.java create mode 100644 openecomp-be/backend/openecomp-sdc-security-util/src/test/java/RepresentationUtilsTest.java create mode 100644 openecomp-be/backend/openecomp-sdc-security-util/src/test/java/SecurityUtilTest.java create mode 100644 openecomp-be/backend/openecomp-sdc-security-util/src/test/java/SessionValidationFilterTest.java diff --git a/openecomp-be/backend/openecomp-sdc-application-config-manager/src/test/java/org/openecomp/sdc/applicationconfig/ApplicationConfigManagerTest.java b/openecomp-be/backend/openecomp-sdc-application-config-manager/src/test/java/org/openecomp/sdc/applicationconfig/ApplicationConfigManagerTest.java deleted file mode 100644 index e58f455d11..0000000000 --- a/openecomp-be/backend/openecomp-sdc-application-config-manager/src/test/java/org/openecomp/sdc/applicationconfig/ApplicationConfigManagerTest.java +++ /dev/null @@ -1,82 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.openecomp.sdc.applicationconfig; - -import org.openecomp.sdc.applicationconfig.impl.ApplicationConfigManagerImpl; - -/** - * Created by Talio on 8/9/2016. - */ -public class ApplicationConfigManagerTest { - - public static final String TEST_NAMESPACE_1 = "test-app-namespace"; - public static final String TEST_NAMESPACE_2 = "test-namespace"; - public static final String TEST_KEY = "test-app-key"; - public static final String TEST_VALUE = "test-app-value"; - ApplicationConfigManager applicationConfigManager = new ApplicationConfigManagerImpl(); - - /* - @Test - public void testInsertIntoTable() { - try { - applicationConfigManager.insertIntoTable(TEST_NAMESPACE_1, TEST_KEY, TEST_VALUE); - } catch (CoreException exception) { - Assert.assertEquals(exception.getMessage(), - "Error occurred while loading questionnaire schema templates"); - } - } - - - @Test(dependsOnMethods = "testInsertIntoTable") - public void testGetValueFromTable() { - ConfigurationData value = applicationConfigManager.getFromTable(TEST_NAMESPACE_1, TEST_KEY); - - Assert.assertEquals(value.getValue(), TEST_VALUE); - } - - - @Test(dependsOnMethods = "testInsertIntoTable") - public void testGetValueFromTableNegative() { - try { - ConfigurationData value = - applicationConfigManager.getFromTable("not-existing-namespace", "not-existing-key"); - } catch (CoreException ce) { - Assert.assertEquals(ce.getMessage(), - "Configuration for namespace not-existing-namespace and key not-existing-key was not found"); - } - - } - - @Test - public void testGetList() { - applicationConfigManager.insertIntoTable(TEST_NAMESPACE_2, "key1", "val1"); - applicationConfigManager.insertIntoTable(TEST_NAMESPACE_2, "key2", "val2"); - applicationConfigManager.insertIntoTable(TEST_NAMESPACE_2, "key3", "val3"); - - Collection ACElist = - applicationConfigManager.getListOfConfigurationByNamespace(TEST_NAMESPACE_2); - - Assert.assertNotNull(ACElist); - Assert.assertEquals(ACElist.size(), 3); - } - - */ -} diff --git a/openecomp-be/backend/openecomp-sdc-healthcheck-manager/pom.xml b/openecomp-be/backend/openecomp-sdc-healthcheck-manager/pom.xml index a0e36c9d8b..15733ba710 100644 --- a/openecomp-be/backend/openecomp-sdc-healthcheck-manager/pom.xml +++ b/openecomp-be/backend/openecomp-sdc-healthcheck-manager/pom.xml @@ -66,6 +66,12 @@ junit test + + com.google.code.bean-matchers + bean-matchers + ${bean-matchers.version} + test + diff --git a/openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/HealthCheckResultTest.java b/openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/HealthCheckResultTest.java new file mode 100644 index 0000000000..996dcb5fc6 --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/HealthCheckResultTest.java @@ -0,0 +1,32 @@ +/*- + * ============LICENSE_START======================================================= + * SDC + * ================================================================================ + * Copyright (C) 2019 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ +package org.openecomp.sdc.health.data; + +import static com.google.code.beanmatchers.BeanMatchers.hasValidGettersAndSetters; +import static org.junit.Assert.assertThat; + +import org.junit.Test; + +public class HealthCheckResultTest { + @Test + public void shouldHaveValidGettersAndSetters() { + assertThat(HealthCheckResult.class, hasValidGettersAndSetters()); + } +} \ No newline at end of file diff --git a/openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/HealthCheckStatusTest.java b/openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/HealthCheckStatusTest.java new file mode 100644 index 0000000000..98850defd1 --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/HealthCheckStatusTest.java @@ -0,0 +1,40 @@ +/*- + * ============LICENSE_START======================================================= + * SDC + * ================================================================================ + * Copyright (C) 2019 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ +package org.openecomp.sdc.health.data; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNull; + +import org.junit.Test; + +public class HealthCheckStatusTest { + + @Test + public void shouldReturnEnumFromStringValue() { + HealthCheckStatus status = HealthCheckStatus.toValue("UP"); + assertEquals(status, HealthCheckStatus.UP); + } + + @Test + public void shouldReturnNullIfNotSuchEnum() { + HealthCheckStatus status = HealthCheckStatus.toValue("MAYBE"); + assertNull(status); + } +} \ No newline at end of file diff --git a/openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/HealthInfoTest.java b/openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/HealthInfoTest.java new file mode 100644 index 0000000000..dbb3a76569 --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/HealthInfoTest.java @@ -0,0 +1,32 @@ +/*- + * ============LICENSE_START======================================================= + * SDC + * ================================================================================ + * Copyright (C) 2019 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ +package org.openecomp.sdc.health.data; + +import static com.google.code.beanmatchers.BeanMatchers.hasValidGettersAndSetters; +import static org.junit.Assert.assertThat; + +import org.junit.Test; + +public class HealthInfoTest { + @Test + public void shouldHaveValidGettersAndSetters() { + assertThat(HealthInfo.class, hasValidGettersAndSetters()); + } +} \ No newline at end of file diff --git a/openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/MonitoredModulesTest.java b/openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/MonitoredModulesTest.java new file mode 100644 index 0000000000..fe9415a72c --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/MonitoredModulesTest.java @@ -0,0 +1,40 @@ +/*- + * ============LICENSE_START======================================================= + * SDC + * ================================================================================ + * Copyright (C) 2019 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ +package org.openecomp.sdc.health.data; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNull; + +import org.junit.Test; + +public class MonitoredModulesTest { + + @Test + public void shouldReturnEnumFromStringValue() { + MonitoredModules modules = MonitoredModules.toValue("Zusammen"); + assertEquals(modules, MonitoredModules.ZU); + } + + @Test + public void shouldReturnNullIfNotSuchEnum() { + MonitoredModules modules = MonitoredModules.toValue("UP"); + assertNull(modules); + } +} \ No newline at end of file diff --git a/openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/SiteModeTest.java b/openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/SiteModeTest.java new file mode 100644 index 0000000000..b3d21a0d45 --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-healthcheck-manager/src/test/java/org/openecomp/sdc/health/data/SiteModeTest.java @@ -0,0 +1,39 @@ +/*- + * ============LICENSE_START======================================================= + * SDC + * ================================================================================ + * Copyright (C) 2019 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ +package org.openecomp.sdc.health.data; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNull; + +import org.junit.Test; + +public class SiteModeTest { + @Test + public void shouldReturnEnumFromStringValue() { + SiteMode siteMode = SiteMode.toValue("active"); + assertEquals(siteMode, SiteMode.Active); + } + + @Test + public void shouldReturnNullIfNotSuchEnum() { + SiteMode siteMode = SiteMode.toValue("maybe"); + assertNull(siteMode); + } +} \ No newline at end of file diff --git a/openecomp-be/backend/openecomp-sdc-security-util/src/test/AuthenticationCookieUtilsTest.java b/openecomp-be/backend/openecomp-sdc-security-util/src/test/AuthenticationCookieUtilsTest.java deleted file mode 100644 index 34d349a2b4..0000000000 --- a/openecomp-be/backend/openecomp-sdc-security-util/src/test/AuthenticationCookieUtilsTest.java +++ /dev/null @@ -1,74 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.sdc.security; - -import org.junit.Test; -import org.onap.sdc.security.filters.SampleFilter; - -import javax.servlet.http.Cookie; - -import java.io.IOException; - -import static org.junit.Assert.*; - -public class AuthenticationCookieUtilsTest { - - private SampleFilter sessionValidationFilter = new SampleFilter(); - private ISessionValidationFilterConfiguration filterCfg = sessionValidationFilter.getFilterConfiguration(); - - @Test - public void vaildateThatCookieCurrentSessionTimeIncreased() throws IOException, CipherUtilException { - // original cookie, pojo and servlet cookie - AuthenticationCookie authenticationCookieOriginal = new AuthenticationCookie("kuku"); - Cookie cookieWithOriginalTime = new Cookie(filterCfg.getCookieName(), AuthenticationCookieUtils.getEncryptedCookie(authenticationCookieOriginal,filterCfg )); - // cookie with increased time, pojo and servlet cookie - Cookie cookieWithIncreasedTime = AuthenticationCookieUtils.updateSessionTime(cookieWithOriginalTime, filterCfg); - AuthenticationCookie authenticationCookieIncreasedTime = AuthenticationCookieUtils.getAuthenticationCookie(cookieWithIncreasedTime, filterCfg); - // validation - long currentSessionTimeOriginal = authenticationCookieOriginal.getCurrentSessionTime(); - long currentSessionTimeIncreased = authenticationCookieIncreasedTime.getCurrentSessionTime(); - assertTrue(currentSessionTimeOriginal < currentSessionTimeIncreased); - } - - @Test - public void validateSerializationEncriptionDeserializationDecryption() throws IOException, CipherUtilException { - // original cookie, pojo and servlet cookie - AuthenticationCookie authenticationCookieOriginal = new AuthenticationCookie("kuku"); - Cookie cookieWithOriginalTime = new Cookie(filterCfg.getCookieName(), AuthenticationCookieUtils.getEncryptedCookie(authenticationCookieOriginal,filterCfg )); - // cookie with increased time, pojo and servlet cookie - AuthenticationCookie decriptedAndDeserializedAuthenticationCookie = AuthenticationCookieUtils.getAuthenticationCookie(cookieWithOriginalTime,filterCfg); - assertTrue(authenticationCookieOriginal.equals(decriptedAndDeserializedAuthenticationCookie)); - } - - - -// @Test -// public void getEncryptedCookie() { -// } -// -// @Test -// public void getAuthenticationCookie() { -// } -// -// @Test -// public void isSessionExpired() { -// } -} diff --git a/openecomp-be/backend/openecomp-sdc-security-util/src/test/CipherUtilTest.java b/openecomp-be/backend/openecomp-sdc-security-util/src/test/CipherUtilTest.java deleted file mode 100644 index 6d539b6391..0000000000 --- a/openecomp-be/backend/openecomp-sdc-security-util/src/test/CipherUtilTest.java +++ /dev/null @@ -1,76 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.sdc.security; - -import org.apache.commons.codec.binary.Base64; -import org.apache.commons.lang.RandomStringUtils; -import org.junit.Test; - -import java.util.Random; - -import static org.apache.commons.codec.binary.Base64.encodeBase64String; -import static org.junit.Assert.*; - -public class CipherUtilTest { - - private static final String KEY = "AGLDdG4D04BKm2IxIWEr8o=="; - private static final String DATA = "data"; - - @Test - public void encryptDecryptPKC() throws CipherUtilException { - String generatedKey = RandomStringUtils.randomAlphabetic(16); - String base64Key = Base64.encodeBase64String(generatedKey.getBytes()); - String encrypted = CipherUtil.encryptPKC(DATA, base64Key); - assertNotEquals(DATA, encrypted); - String decrypted = CipherUtil.decryptPKC(encrypted, base64Key); - assertEquals(decrypted, DATA); - } - - @Test - public void encryptInvalidKey() { - try { - CipherUtil.encryptPKC(DATA, "invalidKey"); - fail(); - } catch (CipherUtilException ex) { - assertTrue(ex.getMessage().contains("Invalid AES key length")); - } - } - - @Test - public void decryptInvalidKey() { - try { - CipherUtil.decryptPKC(DATA, "invalidKey"); - fail(); - } catch (CipherUtilException ex) { - assertTrue(ex.getMessage().contains("length")); - } - } - - @Test - public void decryptInvalidData() { - try { - CipherUtil.decryptPKC(DATA, KEY); - fail(); - } catch (CipherUtilException ex) { - assertTrue(ex.getMessage().contains("Wrong IV length")); - } - } -} diff --git a/openecomp-be/backend/openecomp-sdc-security-util/src/test/PasswordsTest.java b/openecomp-be/backend/openecomp-sdc-security-util/src/test/PasswordsTest.java deleted file mode 100644 index 4ead127ad2..0000000000 --- a/openecomp-be/backend/openecomp-sdc-security-util/src/test/PasswordsTest.java +++ /dev/null @@ -1,97 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.sdc.security; - -import org.junit.Test; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; - -public class PasswordsTest { - - @Test - public void hashPassword() throws Exception { - String hash = Passwords.hashPassword("hello1234"); - assertTrue(Passwords.isExpectedPassword("hello1234", hash)); - - //test different salt-> result in different hash - String hash2 = Passwords.hashPassword("hello1234"); - assertFalse(hash.equals(hash2)); - - String hash3 = Passwords.hashPassword(""); - assertTrue(Passwords.isExpectedPassword("", hash3)); - - String hash4 = Passwords.hashPassword(null); - assertTrue(hash4 == null); - } - - @Test - public void isExpectedPassword() throws Exception { - //region isExpectedPassword(String password, String salt, String hash) - assertTrue(Passwords.isExpectedPassword(null, null, null)); - //valid hash - assertTrue(Passwords.isExpectedPassword("hello1234", "e0277df331f4ff8f74752ac4a8fbe03b", "6dfbad308cdf53c9ff2ee2dca811ee92f1b359586b33027580e2ff92578edbd0")); - //invalid salt - assertFalse(Passwords.isExpectedPassword("hello1234", "c0000df331f4ff8f74752ac4a00be03c", "6dfbad308cdf53c9ff2ee2dca811ee92f1b359586b33027580e2ff92578edbd0")); - assertFalse(Passwords.isExpectedPassword("hello1234", null, "6dfbad308cdf53c9ff2ee2dca811ee92f1b359586b33027580e2ff92578edbd0")); - //exacly 1 param uninitialized - assertFalse(Passwords.isExpectedPassword("hello1234", "", null)); - assertFalse(Passwords.isExpectedPassword(null, "", "hello1234")); - //no salt & no hash - assertFalse(Passwords.isExpectedPassword("hello1234", null, "hello1234")); - //endregion - - //region isExpectedPassword(String password, String expectedHash) - assertTrue(Passwords.isExpectedPassword(null, null)); - //valid hash - assertTrue(Passwords.isExpectedPassword("hello1234", "e0277df331f4ff8f74752ac4a8fbe03b:6dfbad308cdf53c9ff2ee2dca811ee92f1b359586b33027580e2ff92578edbd0")); - //invalid salt - assertFalse(Passwords.isExpectedPassword("hello1234", "c0000df331f4ff8f74752ac4a00be03c:6dfbad308cdf53c9ff2ee2dca811ee92f1b359586b33027580e2ff92578edbd0")); - //exacly 1 param uninitialized - assertFalse(Passwords.isExpectedPassword("hello1234", null)); - assertFalse(Passwords.isExpectedPassword(null, "hello1234")); - //no salt & no hash - assertFalse(Passwords.isExpectedPassword("hello1234", "hello1234")); - //endregion - } - - @Test - public void hashtest() { - String password = "123456"; - String hash = Passwords.hashPassword(password); - assertTrue(Passwords.isExpectedPassword(password, hash)); - password = "1sdfgsgd23456"; - hash = Passwords.hashPassword(password); - assertTrue(Passwords.isExpectedPassword(password, hash)); - password = "1sdfgsgd2345((*&%$%6"; - hash = Passwords.hashPassword(password); - assertTrue(Passwords.isExpectedPassword(password, hash)); - password = ""; - hash = Passwords.hashPassword(password); - assertTrue(Passwords.isExpectedPassword(password, hash)); - password = " "; - hash = Passwords.hashPassword(password); - assertTrue(Passwords.isExpectedPassword(password, hash)); - } - - -} diff --git a/openecomp-be/backend/openecomp-sdc-security-util/src/test/RepresentationUtilsTest.java b/openecomp-be/backend/openecomp-sdc-security-util/src/test/RepresentationUtilsTest.java deleted file mode 100644 index 5d7798da56..0000000000 --- a/openecomp-be/backend/openecomp-sdc-security-util/src/test/RepresentationUtilsTest.java +++ /dev/null @@ -1,54 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.sdc.security; - -import org.junit.Test; - -import java.io.IOException; -import java.util.HashSet; -import java.util.Set; - -import static org.junit.Assert.assertTrue; - -public class RepresentationUtilsTest { - - private static AuthenticationCookie originalCookie = new AuthenticationCookie("kuku"); - - @Test - public void representationE2EwithRoleNull() throws IOException { - originalCookie.setRoles(null); - String jsonStr = RepresentationUtils.toRepresentation(originalCookie); - AuthenticationCookie cookieFromJson = RepresentationUtils.fromRepresentation(jsonStr, AuthenticationCookie.class); - assertTrue(originalCookie.equals(cookieFromJson)); - } - - @Test - public void representationE2EwithRoleNotNull() throws IOException { - Set roles = new HashSet(); - roles.add("Designer"); - roles.add("Admin"); - roles.add("Tester"); - originalCookie.setRoles(roles); - String jsonStr = RepresentationUtils.toRepresentation(originalCookie); - AuthenticationCookie cookieFromJson = RepresentationUtils.fromRepresentation(jsonStr, AuthenticationCookie.class); - assertTrue(originalCookie.equals(cookieFromJson)); - } -} diff --git a/openecomp-be/backend/openecomp-sdc-security-util/src/test/SecurityUtilTest.java b/openecomp-be/backend/openecomp-sdc-security-util/src/test/SecurityUtilTest.java deleted file mode 100644 index 9edce15a44..0000000000 --- a/openecomp-be/backend/openecomp-sdc-security-util/src/test/SecurityUtilTest.java +++ /dev/null @@ -1,50 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.sdc.security; - -import org.junit.Test; - -import java.util.Base64; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertNotEquals; - -public class SecurityUtilTest { - - @Test - public void encryptDecryptAES128() { - String data = "decrypt SUCCESS!!"; - String encrypted = SecurityUtil.INSTANCE.encrypt(data).left().value(); - assertNotEquals( data, encrypted ); - byte[] decryptMsg = Base64.getDecoder().decode(encrypted); - assertEquals( SecurityUtil.INSTANCE.decrypt( decryptMsg , false ).left().value() ,data ); - assertEquals( SecurityUtil.INSTANCE.decrypt( encrypted.getBytes() , true ).left().value() ,data ); - } - - @Test - public void obfuscateKey() { - String key = "abcdefghij123456"; - String expectedkey = "********ij123456"; - String obfuscated = SecurityUtil.INSTANCE.obfuscateKey( key ); - System.out.println( obfuscated ); - assertEquals( obfuscated , expectedkey ); - } -} diff --git a/openecomp-be/backend/openecomp-sdc-security-util/src/test/SessionValidationFilterTest.java b/openecomp-be/backend/openecomp-sdc-security-util/src/test/SessionValidationFilterTest.java deleted file mode 100644 index 9a1bb1c5c1..0000000000 --- a/openecomp-be/backend/openecomp-sdc-security-util/src/test/SessionValidationFilterTest.java +++ /dev/null @@ -1,177 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.sdc.security; - -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.mockito.Mock; -import org.mockito.Mockito; -import org.mockito.Spy; -import org.mockito.junit.MockitoJUnitRunner; -import org.onap.sdc.security.filters.ResponceWrapper; -import org.onap.sdc.security.filters.SampleFilter; - -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -import static org.mockito.Mockito.times; -import static org.mockito.Mockito.when; - -@RunWith(MockitoJUnitRunner.class) -//@RunWith(PowerMockRunner.class) -//@PrepareForTest(fullyQualifiedNames = "org.onap.sdc.security.*") -public class SessionValidationFilterTest { - - @Mock - private HttpServletRequest request; - @Spy - private HttpServletResponse response; - @Mock - private FilterChain filterChain; - @Mock - private FilterConfig filterConfig; - @Mock - private ResponceWrapper responceWrapper; - - // implementation of SessionValidationFilter - @InjectMocks - @Spy - private SampleFilter sessionValidationFilter = new SampleFilter(); - - @Before - public void setUpClass() throws ServletException { - sessionValidationFilter.init(filterConfig); - } - - @Test - public void excludedUrlHealthcheck() throws IOException, ServletException { - when(request.getPathInfo()).thenReturn("/healthCheck"); - sessionValidationFilter.doFilter(request, response, filterChain); - Mockito.verify(filterChain, times(1)).doFilter(request, response); - } - - @Test - public void excludedUrlUpload() throws IOException, ServletException { - when(request.getPathInfo()).thenReturn("/upload/123"); - sessionValidationFilter.doFilter(request, response, filterChain); - Mockito.verify(filterChain, times(1)).doFilter(request, response); - } - - // case when url pattern in web.xml is forward slash (/) - @Test - public void pathInfoIsNull() throws IOException, ServletException { - when(request.getServletPath()).thenReturn("/upload/2"); - when(request.getPathInfo()).thenReturn(null); - sessionValidationFilter.doFilter(request, response, filterChain); - Mockito.verify(filterChain, times(1)).doFilter(request, response); - } - - @Test - public void noCookiesInRequest() throws IOException, ServletException { - when(request.getPathInfo()).thenReturn("/resource"); - when(request.getCookies()).thenReturn(new Cookie[0]); - sessionValidationFilter.doFilter(request, response, filterChain); - Mockito.verify(response, times(1)).sendRedirect(sessionValidationFilter.getFilterConfiguration().getRedirectURL()); - } - - @Test - public void nullCookiesInRequest() throws IOException, ServletException { - when(request.getPathInfo()).thenReturn("/resource"); - when(request.getCookies()).thenReturn(null); - sessionValidationFilter.doFilter(request, response, filterChain); - Mockito.verify(response, times(1)).sendRedirect(sessionValidationFilter.getFilterConfiguration().getRedirectURL()); - } - - @Test - public void noCookiesWithCorrectNameInRequest() throws IOException, ServletException { - when(request.getPathInfo()).thenReturn("/resource"); - String newNameNotContainsRealName = sessionValidationFilter.getFilterConfiguration().getCookieName().substring(1); - Cookie cookie = new Cookie("fake" + newNameNotContainsRealName + "fake2", RepresentationUtils.toRepresentation(new AuthenticationCookie("kuku"))); - when(request.getCookies()).thenReturn(new Cookie[]{cookie}); - sessionValidationFilter.doFilter(request, response, filterChain); - Mockito.verify(response, times(1)).sendRedirect(sessionValidationFilter.getFilterConfiguration().getRedirectURL()); - } - - @Test - public void cookieMaxSessionTimeTimedOut() throws IOException, ServletException, CipherUtilException { - when(request.getPathInfo()).thenReturn("/resource"); - AuthenticationCookie authenticationCookie = new AuthenticationCookie("kuku"); - // set max session time to timout value - long maxSessionTimeOut = sessionValidationFilter.getFilterConfiguration().getMaxSessionTimeOut(); - long startTime = authenticationCookie.getMaxSessionTime(); - long timeout = startTime - maxSessionTimeOut - 1000l; - authenticationCookie.setMaxSessionTime(timeout); - Cookie cookie = new Cookie(sessionValidationFilter.getFilterConfiguration().getCookieName(), AuthenticationCookieUtils.getEncryptedCookie(authenticationCookie, sessionValidationFilter.getFilterConfiguration())); - - when(request.getCookies()).thenReturn(new Cookie[]{cookie}); - sessionValidationFilter.doFilter(request, response, filterChain); - Mockito.verify(response, times(1)).sendRedirect(sessionValidationFilter.getFilterConfiguration().getRedirectURL()); - } - - @Test - public void cookieSessionIdle() throws IOException, ServletException, CipherUtilException { - when(request.getPathInfo()).thenReturn("/resource"); - AuthenticationCookie authenticationCookie = new AuthenticationCookie("kuku"); - // set session time to timout to idle - long idleSessionTimeOut = sessionValidationFilter.getFilterConfiguration().getSessionIdleTimeOut(); - long sessionStartTime = authenticationCookie.getCurrentSessionTime(); - long timeout = sessionStartTime - idleSessionTimeOut - 2000; - authenticationCookie.setCurrentSessionTime(timeout); - Cookie cookie = new Cookie(sessionValidationFilter.getFilterConfiguration().getCookieName(), AuthenticationCookieUtils.getEncryptedCookie(authenticationCookie, sessionValidationFilter.getFilterConfiguration())); - - when(request.getCookies()).thenReturn(new Cookie[]{cookie}); - sessionValidationFilter.doFilter(request, response, filterChain); - Mockito.verify(response, times(1)).sendRedirect(sessionValidationFilter.getFilterConfiguration().getRedirectURL()); - } - - @Test - public void requestThatPassFilter() throws IOException, ServletException, CipherUtilException { - when(request.getPathInfo()).thenReturn("/resource"); - - AuthenticationCookie authenticationCookie = new AuthenticationCookie("kuku"); - Cookie cookie = new Cookie(sessionValidationFilter.getFilterConfiguration().getCookieName(), AuthenticationCookieUtils.getEncryptedCookie(authenticationCookie, sessionValidationFilter.getFilterConfiguration())); - - when(request.getCookies()).thenReturn(new Cookie[]{cookie}); - sessionValidationFilter.doFilter(request, response, filterChain); - Mockito.verify(filterChain, times(1)).doFilter(request, response); - } - -// test validate contains - @Test - public void requestThatPassFilterWithCookieNameAsPartOfOtherString() throws IOException, ServletException, CipherUtilException { - when(request.getPathInfo()).thenReturn("/resource"); - - AuthenticationCookie authenticationCookie = new AuthenticationCookie("kuku"); - Cookie cookie = new Cookie("some" +sessionValidationFilter.getFilterConfiguration().getCookieName() + "Thing", AuthenticationCookieUtils.getEncryptedCookie(authenticationCookie, sessionValidationFilter.getFilterConfiguration())); - - when(request.getCookies()).thenReturn(new Cookie[]{cookie}); - sessionValidationFilter.doFilter(request, response, filterChain); - Mockito.verify(filterChain, times(1)).doFilter(request, response); - } - -} diff --git a/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/AuthenticationCookieUtilsTest.java b/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/AuthenticationCookieUtilsTest.java new file mode 100644 index 0000000000..402803479f --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/AuthenticationCookieUtilsTest.java @@ -0,0 +1,64 @@ +/*- + * ============LICENSE_START======================================================= + * SDC + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +import org.junit.Test; + +import javax.servlet.http.Cookie; + +import java.io.IOException; +import org.openecomp.sdc.securityutil.AuthenticationCookie; +import org.openecomp.sdc.securityutil.AuthenticationCookieUtils; +import org.openecomp.sdc.securityutil.CipherUtilException; +import org.openecomp.sdc.securityutil.ISessionValidationFilterConfiguration; +import org.openecomp.sdc.securityutil.filters.SampleFilter; + +import static org.junit.Assert.*; + +public class AuthenticationCookieUtilsTest { + + private SampleFilter sessionValidationFilter = new SampleFilter(); + private ISessionValidationFilterConfiguration filterCfg = sessionValidationFilter.getFilterConfiguration(); + + @Test + public void vaildateThatCookieCurrentSessionTimeIncreased() throws IOException, CipherUtilException { + // original cookie, pojo and servlet cookie + AuthenticationCookie authenticationCookieOriginal = new AuthenticationCookie("kuku"); + Cookie cookieWithOriginalTime = new Cookie(filterCfg.getCookieName(), AuthenticationCookieUtils + .getEncryptedCookie(authenticationCookieOriginal,filterCfg )); + // cookie with increased time, pojo and servlet cookie + Cookie cookieWithIncreasedTime = AuthenticationCookieUtils.updateSessionTime(cookieWithOriginalTime, filterCfg); + AuthenticationCookie authenticationCookieIncreasedTime = AuthenticationCookieUtils.getAuthenticationCookie(cookieWithIncreasedTime, filterCfg); + // validation + long currentSessionTimeOriginal = authenticationCookieOriginal.getCurrentSessionTime(); + long currentSessionTimeIncreased = authenticationCookieIncreasedTime.getCurrentSessionTime(); + assertTrue(currentSessionTimeOriginal < currentSessionTimeIncreased); + } + + @Test + public void validateSerializationEncriptionDeserializationDecryption() throws IOException, CipherUtilException { + // original cookie, pojo and servlet cookie + AuthenticationCookie authenticationCookieOriginal = new AuthenticationCookie("kuku"); + Cookie cookieWithOriginalTime = new Cookie(filterCfg.getCookieName(), AuthenticationCookieUtils.getEncryptedCookie(authenticationCookieOriginal,filterCfg )); + // cookie with increased time, pojo and servlet cookie + AuthenticationCookie decriptedAndDeserializedAuthenticationCookie = AuthenticationCookieUtils.getAuthenticationCookie(cookieWithOriginalTime,filterCfg); + assertTrue(authenticationCookieOriginal.equals(decriptedAndDeserializedAuthenticationCookie)); + } + +} diff --git a/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/CipherUtilTest.java b/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/CipherUtilTest.java new file mode 100644 index 0000000000..888c888d42 --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/CipherUtilTest.java @@ -0,0 +1,73 @@ +/*- + * ============LICENSE_START======================================================= + * SDC + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +import org.apache.commons.codec.binary.Base64; +import org.apache.commons.lang.RandomStringUtils; +import org.junit.Test; +import org.openecomp.sdc.securityutil.CipherUtil; +import org.openecomp.sdc.securityutil.CipherUtilException; + +import static org.junit.Assert.*; + +public class CipherUtilTest { + + private static final String KEY = "AGLDdG4D04BKm2IxIWEr8o=="; + private static final String DATA = "data"; + + @Test + public void encryptDecryptPKC() throws CipherUtilException { + String generatedKey = RandomStringUtils.randomAlphabetic(16); + String base64Key = Base64.encodeBase64String(generatedKey.getBytes()); + String encrypted = CipherUtil.encryptPKC(DATA, base64Key); + assertNotEquals(DATA, encrypted); + String decrypted = CipherUtil.decryptPKC(encrypted, base64Key); + assertEquals(decrypted, DATA); + } + + @Test + public void encryptInvalidKey() { + try { + CipherUtil.encryptPKC(DATA, "invalidKey"); + fail(); + } catch (CipherUtilException ex) { + assertTrue(ex.getMessage().contains("Invalid AES key length")); + } + } + + @Test + public void decryptInvalidKey() { + try { + CipherUtil.decryptPKC(DATA, "invalidKey"); + fail(); + } catch (CipherUtilException ex) { + assertTrue(ex.getMessage().contains("length")); + } + } + + @Test + public void decryptInvalidData() { + try { + CipherUtil.decryptPKC(DATA, KEY); + fail(); + } catch (CipherUtilException ex) { + assertTrue(ex.getMessage().contains("Wrong IV length")); + } + } +} diff --git a/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/PasswordsTest.java b/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/PasswordsTest.java new file mode 100644 index 0000000000..d3ba3bbe4e --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/PasswordsTest.java @@ -0,0 +1,95 @@ +/*- + * ============LICENSE_START======================================================= + * SDC + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +import org.junit.Test; +import org.openecomp.sdc.securityutil.Passwords; + +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +public class PasswordsTest { + + @Test + public void hashPassword() throws Exception { + String hash = Passwords.hashPassword("hello1234"); + assertTrue(Passwords.isExpectedPassword("hello1234", hash)); + + //test different salt-> result in different hash + String hash2 = Passwords.hashPassword("hello1234"); + assertFalse(hash.equals(hash2)); + + String hash3 = Passwords.hashPassword(""); + assertTrue(Passwords.isExpectedPassword("", hash3)); + + String hash4 = Passwords.hashPassword(null); + assertTrue(hash4 == null); + } + + @Test + public void isExpectedPassword() throws Exception { + //region isExpectedPassword(String password, String salt, String hash) + assertTrue(Passwords.isExpectedPassword(null, null, null)); + //valid hash + assertTrue(Passwords.isExpectedPassword("hello1234", "e0277df331f4ff8f74752ac4a8fbe03b", "6dfbad308cdf53c9ff2ee2dca811ee92f1b359586b33027580e2ff92578edbd0")); + //invalid salt + assertFalse(Passwords.isExpectedPassword("hello1234", "c0000df331f4ff8f74752ac4a00be03c", "6dfbad308cdf53c9ff2ee2dca811ee92f1b359586b33027580e2ff92578edbd0")); + assertFalse(Passwords.isExpectedPassword("hello1234", null, "6dfbad308cdf53c9ff2ee2dca811ee92f1b359586b33027580e2ff92578edbd0")); + //exacly 1 param uninitialized + assertFalse(Passwords.isExpectedPassword("hello1234", "", null)); + assertFalse(Passwords.isExpectedPassword(null, "", "hello1234")); + //no salt & no hash + assertFalse(Passwords.isExpectedPassword("hello1234", null, "hello1234")); + //endregion + + //region isExpectedPassword(String password, String expectedHash) + assertTrue(Passwords.isExpectedPassword(null, null)); + //valid hash + assertTrue(Passwords.isExpectedPassword("hello1234", "e0277df331f4ff8f74752ac4a8fbe03b:6dfbad308cdf53c9ff2ee2dca811ee92f1b359586b33027580e2ff92578edbd0")); + //invalid salt + assertFalse(Passwords.isExpectedPassword("hello1234", "c0000df331f4ff8f74752ac4a00be03c:6dfbad308cdf53c9ff2ee2dca811ee92f1b359586b33027580e2ff92578edbd0")); + //exacly 1 param uninitialized + assertFalse(Passwords.isExpectedPassword("hello1234", null)); + assertFalse(Passwords.isExpectedPassword(null, "hello1234")); + //no salt & no hash + assertFalse(Passwords.isExpectedPassword("hello1234", "hello1234")); + //endregion + } + + @Test + public void hashtest() { + String password = "123456"; + String hash = Passwords.hashPassword(password); + assertTrue(Passwords.isExpectedPassword(password, hash)); + password = "1sdfgsgd23456"; + hash = Passwords.hashPassword(password); + assertTrue(Passwords.isExpectedPassword(password, hash)); + password = "1sdfgsgd2345((*&%$%6"; + hash = Passwords.hashPassword(password); + assertTrue(Passwords.isExpectedPassword(password, hash)); + password = ""; + hash = Passwords.hashPassword(password); + assertTrue(Passwords.isExpectedPassword(password, hash)); + password = " "; + hash = Passwords.hashPassword(password); + assertTrue(Passwords.isExpectedPassword(password, hash)); + } + + +} diff --git a/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/RepresentationUtilsTest.java b/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/RepresentationUtilsTest.java new file mode 100644 index 0000000000..5960c82130 --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/RepresentationUtilsTest.java @@ -0,0 +1,54 @@ +/*- + * ============LICENSE_START======================================================= + * SDC + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +import org.junit.Test; + +import java.io.IOException; +import java.util.HashSet; +import java.util.Set; +import org.openecomp.sdc.securityutil.AuthenticationCookie; +import org.openecomp.sdc.securityutil.RepresentationUtils; + +import static org.junit.Assert.assertTrue; + +public class RepresentationUtilsTest { + + private static AuthenticationCookie originalCookie = new AuthenticationCookie("kuku"); + + @Test + public void representationE2EwithRoleNull() throws IOException { + originalCookie.setRoles(null); + String jsonStr = RepresentationUtils.toRepresentation(originalCookie); + AuthenticationCookie cookieFromJson = RepresentationUtils.fromRepresentation(jsonStr, AuthenticationCookie.class); + assertTrue(originalCookie.equals(cookieFromJson)); + } + + @Test + public void representationE2EwithRoleNotNull() throws IOException { + Set roles = new HashSet(); + roles.add("Designer"); + roles.add("Admin"); + roles.add("Tester"); + originalCookie.setRoles(roles); + String jsonStr = RepresentationUtils.toRepresentation(originalCookie); + AuthenticationCookie cookieFromJson = RepresentationUtils.fromRepresentation(jsonStr, AuthenticationCookie.class); + assertTrue(originalCookie.equals(cookieFromJson)); + } +} diff --git a/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/SecurityUtilTest.java b/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/SecurityUtilTest.java new file mode 100644 index 0000000000..938f3c5e92 --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/SecurityUtilTest.java @@ -0,0 +1,49 @@ +/*- + * ============LICENSE_START======================================================= + * SDC + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +import org.junit.Test; + +import java.util.Base64; +import org.openecomp.sdc.securityutil.SecurityUtil; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotEquals; + +public class SecurityUtilTest { + + @Test + public void encryptDecryptAES128() { + String data = "decrypt SUCCESS!!"; + String encrypted = SecurityUtil.INSTANCE.encrypt(data).left().value(); + assertNotEquals( data, encrypted ); + byte[] decryptMsg = Base64.getDecoder().decode(encrypted); + assertEquals( SecurityUtil.INSTANCE.decrypt( decryptMsg , false ).left().value() ,data ); + assertEquals( SecurityUtil.INSTANCE.decrypt( encrypted.getBytes() , true ).left().value() ,data ); + } + + @Test + public void obfuscateKey() { + String key = "abcdefghij123456"; + String expectedkey = "********ij123456"; + String obfuscated = SecurityUtil.INSTANCE.obfuscateKey( key ); + System.out.println( obfuscated ); + assertEquals( obfuscated , expectedkey ); + } +} diff --git a/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/SessionValidationFilterTest.java b/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/SessionValidationFilterTest.java new file mode 100644 index 0000000000..07151bc4d5 --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-security-util/src/test/java/SessionValidationFilterTest.java @@ -0,0 +1,178 @@ +/*- + * ============LICENSE_START======================================================= + * SDC + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.mockito.Mock; +import org.mockito.Mockito; +import org.mockito.Spy; +import org.mockito.junit.MockitoJUnitRunner; + +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import org.openecomp.sdc.securityutil.AuthenticationCookie; +import org.openecomp.sdc.securityutil.AuthenticationCookieUtils; +import org.openecomp.sdc.securityutil.CipherUtilException; +import org.openecomp.sdc.securityutil.RepresentationUtils; +import org.openecomp.sdc.securityutil.filters.ResponceWrapper; +import org.openecomp.sdc.securityutil.filters.SampleFilter; + +import static org.mockito.Mockito.times; +import static org.mockito.Mockito.when; + +@RunWith(MockitoJUnitRunner.class) +public class SessionValidationFilterTest { + + @Mock + private HttpServletRequest request; + @Spy + private HttpServletResponse response; + @Mock + private FilterChain filterChain; + @Mock + private FilterConfig filterConfig; + @Mock + private ResponceWrapper responceWrapper; + + // implementation of SessionValidationFilter + @InjectMocks + @Spy + private SampleFilter sessionValidationFilter = new SampleFilter(); + + @Before + public void setUpClass() throws ServletException { + sessionValidationFilter.init(filterConfig); + } + + @Test + public void excludedUrlHealthcheck() throws IOException, ServletException { + when(request.getPathInfo()).thenReturn("/healthCheck"); + sessionValidationFilter.doFilter(request, response, filterChain); + Mockito.verify(filterChain, times(1)).doFilter(request, response); + } + + @Test + public void excludedUrlUpload() throws IOException, ServletException { + when(request.getPathInfo()).thenReturn("/upload/123"); + sessionValidationFilter.doFilter(request, response, filterChain); + Mockito.verify(filterChain, times(1)).doFilter(request, response); + } + + // case when url pattern in web.xml is forward slash (/) + @Test + public void pathInfoIsNull() throws IOException, ServletException { + when(request.getServletPath()).thenReturn("/upload/2"); + when(request.getPathInfo()).thenReturn(null); + sessionValidationFilter.doFilter(request, response, filterChain); + Mockito.verify(filterChain, times(1)).doFilter(request, response); + } + + @Test + public void noCookiesInRequest() throws IOException, ServletException { + when(request.getPathInfo()).thenReturn("/resource"); + when(request.getCookies()).thenReturn(new Cookie[0]); + sessionValidationFilter.doFilter(request, response, filterChain); + Mockito.verify(response, times(1)).sendRedirect(sessionValidationFilter.getFilterConfiguration().getRedirectURL()); + } + + @Test + public void nullCookiesInRequest() throws IOException, ServletException { + when(request.getPathInfo()).thenReturn("/resource"); + when(request.getCookies()).thenReturn(null); + sessionValidationFilter.doFilter(request, response, filterChain); + Mockito.verify(response, times(1)).sendRedirect(sessionValidationFilter.getFilterConfiguration().getRedirectURL()); + } + + @Test + public void noCookiesWithCorrectNameInRequest() throws IOException, ServletException { + when(request.getPathInfo()).thenReturn("/resource"); + String newNameNotContainsRealName = sessionValidationFilter.getFilterConfiguration().getCookieName().substring(1); + Cookie cookie = new Cookie("fake" + newNameNotContainsRealName + "fake2", RepresentationUtils.toRepresentation(new AuthenticationCookie("kuku"))); + when(request.getCookies()).thenReturn(new Cookie[]{cookie}); + sessionValidationFilter.doFilter(request, response, filterChain); + Mockito.verify(response, times(1)).sendRedirect(sessionValidationFilter.getFilterConfiguration().getRedirectURL()); + } + + @Test + public void cookieMaxSessionTimeTimedOut() throws IOException, ServletException, CipherUtilException { + when(request.getPathInfo()).thenReturn("/resource"); + AuthenticationCookie authenticationCookie = new AuthenticationCookie("kuku"); + // set max session time to timout value + long maxSessionTimeOut = sessionValidationFilter.getFilterConfiguration().getMaxSessionTimeOut(); + long startTime = authenticationCookie.getMaxSessionTime(); + long timeout = startTime - maxSessionTimeOut - 1000l; + authenticationCookie.setMaxSessionTime(timeout); + Cookie cookie = new Cookie(sessionValidationFilter.getFilterConfiguration().getCookieName(), AuthenticationCookieUtils + .getEncryptedCookie(authenticationCookie, sessionValidationFilter.getFilterConfiguration())); + + when(request.getCookies()).thenReturn(new Cookie[]{cookie}); + sessionValidationFilter.doFilter(request, response, filterChain); + Mockito.verify(response, times(1)).sendRedirect(sessionValidationFilter.getFilterConfiguration().getRedirectURL()); + } + + @Test + public void cookieSessionIdle() throws IOException, ServletException, CipherUtilException { + when(request.getPathInfo()).thenReturn("/resource"); + AuthenticationCookie authenticationCookie = new AuthenticationCookie("kuku"); + // set session time to timout to idle + long idleSessionTimeOut = sessionValidationFilter.getFilterConfiguration().getSessionIdleTimeOut(); + long sessionStartTime = authenticationCookie.getCurrentSessionTime(); + long timeout = sessionStartTime - idleSessionTimeOut - 2000; + authenticationCookie.setCurrentSessionTime(timeout); + Cookie cookie = new Cookie(sessionValidationFilter.getFilterConfiguration().getCookieName(), AuthenticationCookieUtils.getEncryptedCookie(authenticationCookie, sessionValidationFilter.getFilterConfiguration())); + + when(request.getCookies()).thenReturn(new Cookie[]{cookie}); + sessionValidationFilter.doFilter(request, response, filterChain); + Mockito.verify(response, times(1)).sendRedirect(sessionValidationFilter.getFilterConfiguration().getRedirectURL()); + } + + @Test + public void requestThatPassFilter() throws IOException, ServletException, CipherUtilException { + when(request.getPathInfo()).thenReturn("/resource"); + + AuthenticationCookie authenticationCookie = new AuthenticationCookie("kuku"); + Cookie cookie = new Cookie(sessionValidationFilter.getFilterConfiguration().getCookieName(), AuthenticationCookieUtils.getEncryptedCookie(authenticationCookie, sessionValidationFilter.getFilterConfiguration())); + + when(request.getCookies()).thenReturn(new Cookie[]{cookie}); + sessionValidationFilter.doFilter(request, response, filterChain); + Mockito.verify(filterChain, times(1)).doFilter(request, response); + } + +// test validate contains + @Test + public void requestThatPassFilterWithCookieNameAsPartOfOtherString() throws IOException, ServletException, CipherUtilException { + when(request.getPathInfo()).thenReturn("/resource"); + + AuthenticationCookie authenticationCookie = new AuthenticationCookie("kuku"); + Cookie cookie = new Cookie("some" +sessionValidationFilter.getFilterConfiguration().getCookieName() + "Thing", AuthenticationCookieUtils.getEncryptedCookie(authenticationCookie, sessionValidationFilter.getFilterConfiguration())); + + when(request.getCookies()).thenReturn(new Cookie[]{cookie}); + sessionValidationFilter.doFilter(request, response, filterChain); + Mockito.verify(filterChain, times(1)).doFilter(request, response); + } + +} -- cgit 1.2.3-korg