2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
22 package org.openecomp.sdc.ci.tests.execute.general;
24 import org.apache.commons.codec.binary.Base64;
25 import org.junit.Rule;
26 import org.junit.rules.TestName;
27 import org.openecomp.sdc.be.dao.api.ActionStatus;
28 import org.openecomp.sdc.be.datatypes.elements.ConsumerDataDefinition;
29 import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum;
30 import org.openecomp.sdc.be.datatypes.enums.ResourceTypeEnum;
31 import org.openecomp.sdc.be.model.Resource;
32 import org.openecomp.sdc.be.model.Service;
33 import org.openecomp.sdc.be.model.User;
34 import org.openecomp.sdc.ci.tests.api.ComponentBaseTest;
35 import org.openecomp.sdc.ci.tests.api.Urls;
36 import org.openecomp.sdc.ci.tests.datatypes.ArtifactReqDetails;
37 import org.openecomp.sdc.ci.tests.datatypes.ComponentInstanceReqDetails;
38 import org.openecomp.sdc.ci.tests.datatypes.ResourceReqDetails;
39 import org.openecomp.sdc.ci.tests.datatypes.ServiceReqDetails;
40 import org.openecomp.sdc.ci.tests.datatypes.enums.ArtifactTypeEnum;
41 import org.openecomp.sdc.ci.tests.datatypes.enums.UserRoleEnum;
42 import org.openecomp.sdc.ci.tests.datatypes.expected.ExpectedAuthenticationAudit;
43 import org.openecomp.sdc.ci.tests.datatypes.http.HttpHeaderEnum;
44 import org.openecomp.sdc.ci.tests.datatypes.http.RestResponse;
45 import org.openecomp.sdc.ci.tests.utils.DbUtils;
46 import org.openecomp.sdc.ci.tests.utils.general.AtomicOperationUtils;
47 import org.openecomp.sdc.ci.tests.utils.general.ElementFactory;
48 import org.openecomp.sdc.ci.tests.utils.rest.*;
49 import org.openecomp.sdc.ci.tests.utils.validation.AuditValidationUtils;
50 import org.openecomp.sdc.ci.tests.utils.validation.ErrorValidationUtils;
51 import org.openecomp.sdc.common.util.ValidationUtils;
52 import org.testng.AssertJUnit;
53 import org.testng.annotations.AfterMethod;
54 import org.testng.annotations.BeforeMethod;
55 import org.testng.annotations.Test;
57 import java.util.ArrayList;
58 import java.util.HashMap;
59 import java.util.List;
62 import static org.testng.AssertJUnit.*;
64 public class BasicHttpAuthenticationTest extends ComponentBaseTest {
66 protected static final String AUTH_FAILED_INVALID_AUTHENTICATION_HEADER = "AUTH_FAILED_INVALID_AUTHENTICATION_HEADER";
68 protected static final String AUTH_SUCCESS = "AUTH_SUCCESS";
70 protected static final String AUTH_FAILED_INVALID_PASSWORD = "AUTH_FAILED_INVALID_PASSWORD";
72 protected static final String AUTH_FAILED_USER_NOT_FOUND = "AUTH_FAILED_USER_NOT_FOUND";
74 protected static final String AUTH_REQUIRED = "AUTH_REQUIRED";
76 protected static final String WWW_AUTHENTICATE = "WWW-Authenticate";
78 // user ci password 123456
79 // protected final String authorizationHeader = "Basic Y2k6MTIzNDU2";
80 // user ci password 123456
81 protected final String USER = "ci";
83 protected final String PASSWORD = "123456";
85 protected final String SALT = "2a1f887d607d4515d4066fe0f5452a50";
87 protected final String HASHED_PASSWORD = "0a0dc557c3bf594b1a48030e3e99227580168b21f44e285c69740b8d5b13e33b";
89 protected User sdncAdminUserDetails;
91 protected ConsumerDataDefinition consumerDataDefinition;
92 protected ResourceReqDetails resourceDetails;
93 protected ServiceReqDetails serviceDetails;
94 protected User sdncUserDetails;
96 protected ArtifactReqDetails deploymentArtifact;
98 protected ExpectedAuthenticationAudit expectedAuthenticationAudit;
100 protected final String auditAction = "HttpAuthentication";
102 protected String expectedDownloadServiceUrl;
103 protected String expectedDownloadResourceUrl;
104 protected ComponentInstanceReqDetails componentInstanceReqDetails;
107 public static TestName name = new TestName();
109 public BasicHttpAuthenticationTest() {
110 super(name, BasicHttpAuthenticationTest.class.getName());
114 public void init() throws Exception {
116 sdncUserDetails = ElementFactory.getDefaultUser(UserRoleEnum.DESIGNER);
117 Resource resourceObject = AtomicOperationUtils
118 .createResourceByType(ResourceTypeEnum.VFC, UserRoleEnum.DESIGNER, true).left().value();
119 resourceDetails = new ResourceReqDetails(resourceObject);
120 Service serviceObject = AtomicOperationUtils.createDefaultService(UserRoleEnum.DESIGNER, true).left().value();
121 serviceDetails = new ServiceReqDetails(serviceObject);
123 deploymentArtifact = ElementFactory.getDefaultDeploymentArtifactForType(ArtifactTypeEnum.HEAT.getType());
124 RestResponse response = ArtifactRestUtils.addInformationalArtifactToResource(deploymentArtifact,
125 sdncUserDetails, resourceDetails.getUniqueId());
126 AssertJUnit.assertTrue("add HEAT artifact to resource request returned status:" + response.getErrorCode(),
127 response.getErrorCode() == 200);
129 componentInstanceReqDetails = ElementFactory.getDefaultComponentInstance();
130 // certified resource
131 response = LifecycleRestUtils.certifyResource(resourceDetails);
132 AssertJUnit.assertTrue("certify resource request returned status:" + response.getErrorCode(),
133 response.getErrorCode() == 200);
135 // add resource instance with HEAT deployment artifact to the service
136 componentInstanceReqDetails.setComponentUid(resourceDetails.getUniqueId());
137 response = ComponentInstanceRestUtils.createComponentInstance(componentInstanceReqDetails, sdncUserDetails,
138 serviceDetails.getUniqueId(), ComponentTypeEnum.SERVICE);
139 AssertJUnit.assertTrue("response code is not 201, returned: " + response.getErrorCode(),
140 response.getErrorCode() == 201);
141 expectedAuthenticationAudit = new ExpectedAuthenticationAudit();
143 // RestResponse addDeploymentArtifactResponse =
144 // ArtifactRestUtils.addInformationalArtifactToService(deploymentArtifact,
145 // sdncUserDetails, serviceDetails.getUniqueId());
146 // assertEquals("didn't succeed to upload deployment artifact", 200,
147 // addDeploymentArtifactResponse.getErrorCode().intValue());
150 // String.format(Urls.DISTRIB_DOWNLOAD_SERVICE_ARTIFACT_RELATIVE_URL,
151 // ValidationUtils.convertToSystemName(serviceDetails.getServiceName()),
152 // serviceDetails.getVersion(),
153 // ValidationUtils.normalizeFileName(deploymentArtifact.getArtifactName()));
155 expectedDownloadResourceUrl = String.format(Urls.DISTRIB_DOWNLOAD_RESOURCE_ARTIFACT_RELATIVE_URL,
156 ValidationUtils.convertToSystemName(serviceDetails.getName()), serviceDetails.getVersion(),
157 ValidationUtils.convertToSystemName(resourceDetails.getName()), resourceDetails.getVersion(),
158 ValidationUtils.normalizeFileName(deploymentArtifact.getArtifactName()));
159 expectedDownloadResourceUrl = expectedDownloadResourceUrl.substring("/sdc/".length(),
160 expectedDownloadResourceUrl.length());
162 expectedDownloadServiceUrl = String.format(Urls.DISTRIB_DOWNLOAD_SERVICE_ARTIFACT_RELATIVE_URL,
163 ValidationUtils.convertToSystemName(serviceDetails.getName()), serviceDetails.getVersion(),
164 ValidationUtils.normalizeFileName(deploymentArtifact.getArtifactName()));
165 expectedDownloadServiceUrl = expectedDownloadServiceUrl.substring("/sdc/".length(),
166 expectedDownloadServiceUrl.length());
168 sdncAdminUserDetails = ElementFactory.getDefaultUser(UserRoleEnum.ADMIN);
169 consumerDataDefinition = createConsumer();
170 RestResponse deleteResponse = ConsumerRestUtils.deleteConsumer(consumerDataDefinition, sdncAdminUserDetails);
171 BaseRestUtils.checkStatusCode(deleteResponse, "delete operation filed", false, 404, 200);
174 RestResponse createResponse = ConsumerRestUtils.createConsumer(consumerDataDefinition, sdncAdminUserDetails);
175 BaseRestUtils.checkCreateResponse(createResponse);
180 public void tearDown() throws Exception {
181 RestResponse deleteResponse = ConsumerRestUtils.deleteConsumer(consumerDataDefinition, sdncAdminUserDetails);
182 BaseRestUtils.checkStatusCode(deleteResponse, "delete operation filed", false, 404, 200);
187 public void sendAuthenticatedRequestTest_success() throws Exception, Exception {
188 DbUtils.cleanAllAudits();
189 Map<String, String> authorizationHeader = BaseRestUtils.addAuthorizeHeader(USER, PASSWORD);
190 // RestResponse restResponse =
191 // ArtifactRestUtils.downloadServiceArtifact(serviceDetails,
192 // deploymentArtifact, sdncUserDetails, authorizationHeader);
193 RestResponse restResponse = ArtifactRestUtils.downloadResourceArtifact(serviceDetails, resourceDetails,
194 deploymentArtifact, sdncUserDetails, authorizationHeader);
195 AssertJUnit.assertEquals("Check response code after download artifact", 200,
196 restResponse.getErrorCode().intValue());
197 AssertJUnit.assertFalse(restResponse.getHeaderFields().containsKey(HttpHeaderEnum.WWW_AUTHENTICATE.getValue()));
199 validateAuditAuthentication(USER, AUTH_SUCCESS, ComponentTypeEnum.RESOURCE);
203 protected void validateAuditAuthentication(String userName, String AuthStatus, ComponentTypeEnum compType)
205 if (compType.equals(ComponentTypeEnum.RESOURCE)) {
206 expectedAuthenticationAudit = new ExpectedAuthenticationAudit(expectedDownloadResourceUrl, userName,
207 auditAction, AuthStatus);
209 expectedAuthenticationAudit = new ExpectedAuthenticationAudit(expectedDownloadServiceUrl, userName,
210 auditAction, AuthStatus);
212 AuditValidationUtils.validateAuthenticationAudit(expectedAuthenticationAudit);
215 protected ConsumerDataDefinition createConsumer() {
216 ConsumerDataDefinition consumer = new ConsumerDataDefinition();
217 consumer.setConsumerName(USER);
218 consumer.setConsumerSalt(SALT);
219 consumer.setConsumerPassword(HASHED_PASSWORD);
225 public void sendAuthenticatedRequestWithoutHeadersTest() throws Exception, Exception {
226 RestResponse restResponse = ArtifactRestUtils.downloadServiceArtifact(serviceDetails, deploymentArtifact,
227 sdncUserDetails, new HashMap<String, String>());
228 assertEquals("Check response code after download artifact", 401, restResponse.getErrorCode().intValue());
229 ErrorValidationUtils.checkBodyResponseOnError(ActionStatus.AUTH_REQUIRED.name(), new ArrayList<String>(),
230 restResponse.getResponse());
231 assertTrue(restResponse.getHeaderFields().containsKey(WWW_AUTHENTICATE));
232 List<String> getAuthenticateHeader = restResponse.getHeaderFields().get(WWW_AUTHENTICATE);
233 assertEquals("www-authenticate header contains more then one value", 1, getAuthenticateHeader.size());
234 assertTrue(getAuthenticateHeader.get(0).equals("Basic realm=" + "\"SDC\""));
236 validateAuditAuthentication("", AUTH_REQUIRED, ComponentTypeEnum.SERVICE);
240 public void sendAuthenticatedRequestTest_userIsNotProvsioned() throws Exception, Exception {
241 String userName = "shay";
242 Map<String, String> authorizationHeader = BaseRestUtils.addAuthorizeHeader(userName, "123456");
243 RestResponse restResponse = ArtifactRestUtils.downloadServiceArtifact(serviceDetails, deploymentArtifact,
244 sdncUserDetails, authorizationHeader);
245 assertEquals("Check response code after download artifact", 403, restResponse.getErrorCode().intValue());
246 ErrorValidationUtils.checkBodyResponseOnError(ActionStatus.AUTH_FAILED.name(), new ArrayList<String>(),
247 restResponse.getResponse());
248 assertFalse(restResponse.getHeaderFields().containsKey(WWW_AUTHENTICATE));
250 validateAuditAuthentication(userName, AUTH_FAILED_USER_NOT_FOUND, ComponentTypeEnum.SERVICE);
254 public void sendAuthenticatedRequestTest_userIsNull() throws Exception, Exception {
255 String userName = "";
256 Map<String, String> authorizationHeader = BaseRestUtils.addAuthorizeHeader(userName, "123456");
257 RestResponse restResponse = ArtifactRestUtils.downloadServiceArtifact(serviceDetails, deploymentArtifact,
258 sdncUserDetails, authorizationHeader);
259 assertEquals("Check response code after download artifact", 403, restResponse.getErrorCode().intValue());
260 ErrorValidationUtils.checkBodyResponseOnError(ActionStatus.AUTH_FAILED.name(), new ArrayList<String>(),
261 restResponse.getResponse());
262 assertFalse(restResponse.getHeaderFields().containsKey(WWW_AUTHENTICATE));
264 validateAuditAuthentication(userName, AUTH_FAILED_USER_NOT_FOUND, ComponentTypeEnum.SERVICE);
268 public void sendAuthenticatedRequestTest_passwordIsNull() throws Exception, Exception {
269 String userName = "ci";
270 Map<String, String> authorizationHeader = BaseRestUtils.addAuthorizeHeader(userName, "");
271 RestResponse restResponse = ArtifactRestUtils.downloadServiceArtifact(serviceDetails, deploymentArtifact,
272 sdncUserDetails, authorizationHeader);
273 assertEquals("Check response code after download artifact", 403, restResponse.getErrorCode().intValue());
274 ErrorValidationUtils.checkBodyResponseOnError(ActionStatus.AUTH_FAILED.name(), new ArrayList<String>(),
275 restResponse.getResponse());
276 assertFalse(restResponse.getHeaderFields().containsKey(WWW_AUTHENTICATE));
278 validateAuditAuthentication(userName, AUTH_FAILED_INVALID_PASSWORD, ComponentTypeEnum.SERVICE);
282 public void sendAuthenticatedRequestTest_passowrdIsNotValidated() throws Exception, Exception {
283 String userCi = "ci";
284 Map<String, String> authorizationHeader = BaseRestUtils.addAuthorizeHeader(userCi, "98765");
285 RestResponse restResponse = ArtifactRestUtils.downloadServiceArtifact(serviceDetails, deploymentArtifact,
286 sdncUserDetails, authorizationHeader);
287 assertEquals("Check response code after download artifact", 403, restResponse.getErrorCode().intValue());
288 ErrorValidationUtils.checkBodyResponseOnError(ActionStatus.AUTH_FAILED.name(), new ArrayList<String>(),
289 restResponse.getResponse());
290 assertFalse(restResponse.getHeaderFields().containsKey(HttpHeaderEnum.WWW_AUTHENTICATE.getValue()));
292 validateAuditAuthentication(userCi, AUTH_FAILED_INVALID_PASSWORD, ComponentTypeEnum.SERVICE);
296 public void sendAuthenticatedRequestTest_InvalidHeader() throws Exception, Exception {
297 String userCredentials = USER + ":" + PASSWORD;
298 byte[] encodeBase64 = Base64.encodeBase64(userCredentials.getBytes());
299 String encodedUserCredentials = new String(encodeBase64);
300 Map<String, String> authorizationHeader = new HashMap<String, String>();
301 authorizationHeader.put(HttpHeaderEnum.AUTHORIZATION.getValue(), encodedUserCredentials);
302 RestResponse restResponse = ArtifactRestUtils.downloadServiceArtifact(serviceDetails, deploymentArtifact,
303 sdncUserDetails, authorizationHeader);
304 assertEquals("Check response code after download artifact", 400, restResponse.getErrorCode().intValue());
305 assertFalse(restResponse.getHeaderFields().containsKey(HttpHeaderEnum.WWW_AUTHENTICATE.getValue()));
307 validateAuditAuthentication("", AUTH_FAILED_INVALID_AUTHENTICATION_HEADER, ComponentTypeEnum.SERVICE);
310 @Test(enabled = false)
311 public void sendTwoAuthenticatedRequestsTest() throws Exception, Exception {
312 Map<String, String> authorizationHeader = BaseRestUtils.addAuthorizeHeader(USER, PASSWORD);
313 RestResponse restResponse = ArtifactRestUtils.downloadServiceArtifact(serviceDetails, deploymentArtifact,
314 sdncUserDetails, authorizationHeader);
315 assertEquals("Check response code after download artifact", 200, restResponse.getErrorCode().intValue());
317 RestResponse secondRestResponse = ArtifactRestUtils.downloadServiceArtifact(serviceDetails, deploymentArtifact,
318 sdncUserDetails, authorizationHeader);
319 assertEquals("Check response code after second download artifact", 200,
320 secondRestResponse.getErrorCode().intValue());
323 @Test(enabled = false)
324 public void sendAuthenticatedRequestTest_userValidation_1() throws Exception, Exception {
326 ConsumerDataDefinition consumer = new ConsumerDataDefinition();
327 consumer.setConsumerName("cI2468");
328 consumer.setConsumerPassword(HASHED_PASSWORD);
329 consumer.setConsumerSalt(SALT);
330 RestResponse deleteResponse = ConsumerRestUtils.deleteConsumer(consumer, sdncAdminUserDetails);
331 BaseRestUtils.checkStatusCode(deleteResponse, "delete operation filed", false, 404, 200);
333 RestResponse createResponse = ConsumerRestUtils.createConsumer(consumer, sdncAdminUserDetails);
334 BaseRestUtils.checkCreateResponse(createResponse);
336 Map<String, String> authorizationHeader = BaseRestUtils.addAuthorizeHeader(consumer.getConsumerName(),
338 RestResponse restResponse = ArtifactRestUtils.downloadServiceArtifact(serviceDetails, deploymentArtifact,
339 sdncUserDetails, authorizationHeader);
340 assertEquals("Check response code after download artifact", 200, restResponse.getErrorCode().intValue());
342 deleteResponse = ConsumerRestUtils.deleteConsumer(consumer, sdncAdminUserDetails);
343 BaseRestUtils.checkStatusCode(deleteResponse, "delete operation filed", false, 404, 200);
346 // ECOMP Consumer Name - UTF-8 string up to 255 characters containing the
347 // following characters : ( maybe to limit 4-64 chars ? )
348 // Lowercase characters {a-z}
349 // Uppercase characters {A-Z}
351 // Dash {-}; this character is not supported as the first character in the
353 // Period {.}; this character is not supported as the first character in the
356 // @Ignore("add manually user:password 24-!68:123456 to
357 // users-configuration.yaml in runtime")
358 @Test(enabled = false)
359 public void sendAuthenticatedRequestTest_userValidation_2() throws Exception, Exception {
360 ConsumerDataDefinition consumer = new ConsumerDataDefinition();
361 consumer.setConsumerName("24-!68");
362 consumer.setConsumerPassword(HASHED_PASSWORD);
363 consumer.setConsumerSalt(SALT);
364 RestResponse deleteResponse = ConsumerRestUtils.deleteConsumer(consumer, sdncAdminUserDetails);
365 BaseRestUtils.checkStatusCode(deleteResponse, "delete operation filed", false, 404, 200);
367 RestResponse createResponse = ConsumerRestUtils.createConsumer(consumer, sdncAdminUserDetails);
368 BaseRestUtils.checkCreateResponse(createResponse);
369 Map<String, String> authorizationHeader = BaseRestUtils.addAuthorizeHeader(consumer.getConsumerName(),
371 RestResponse restResponse = ArtifactRestUtils.downloadServiceArtifact(serviceDetails, deploymentArtifact,
372 sdncUserDetails, authorizationHeader);
373 assertEquals("Check response code after download artifact", 200, restResponse.getErrorCode().intValue());
375 deleteResponse = ConsumerRestUtils.deleteConsumer(consumer, sdncAdminUserDetails);
376 BaseRestUtils.checkStatusCode(deleteResponse, "delete operation filed", false, 404, 200);
379 // this is invalide becouse we do not use the : any more
380 // @Ignore("can't exectue, yaml file does not allow to enter more then one
381 // colon continuously (\":\") ")
382 @Test(enabled = false)
383 public void sendAuthenticatedRequestTest_userValidation_3() throws Exception, Exception {
384 Map<String, String> authorizationHeader = BaseRestUtils.addAuthorizeHeader("a:", "123456");
385 RestResponse restResponse = ArtifactRestUtils.downloadServiceArtifact(serviceDetails, deploymentArtifact,
386 sdncUserDetails, authorizationHeader);
387 assertEquals("Check response code after download artifact", 200, restResponse.getErrorCode().intValue());
391 // * ECOMP Consumer Password - expected to be SHA-2 256 encrypted value (
392 // SALT + "real" password ) => maximal length 256 bytes = 32 characters
393 // Before storing/comparing please convert upper case letter to lower.
394 // The "normalized" encrypted password should match the following format :
396 // @Ignore("add manually user:password 2468:123:456 to
397 // users-configuration.yaml in runtime")
398 @Test(enabled = false)
399 public void sendAuthenticatedRequestTest_passwordValidation_1() throws Exception, Exception {
400 Map<String, String> authorizationHeader = BaseRestUtils.addAuthorizeHeader("A1", "123:456");
401 RestResponse restResponse = ArtifactRestUtils.downloadServiceArtifact(serviceDetails, deploymentArtifact,
402 sdncUserDetails, authorizationHeader);
403 assertEquals("Check response code after download artifact", 200, restResponse.getErrorCode().intValue());
406 // * ECOMP Consumer Password - expected to be SHA-2 256 encrypted value (
407 // SALT + "real" password ) => maximal length 256 bytes = 32 characters
408 // Before storing/comparing please convert upper case letter to lower.
409 // The "normalized" encrypted password should match the following format :
411 @Test(enabled = false)
412 // @Ignore("add manually user:password 2468:Sq123a456B to
413 // users-configuration.yaml in runtime")
414 public void sendAuthenticatedRequestTest_passwordValidation_2() throws Exception, Exception {
415 Map<String, String> authorizationHeader = BaseRestUtils.addAuthorizeHeader("B2", "Sq123a456B");
416 RestResponse restResponse = ArtifactRestUtils.downloadServiceArtifact(serviceDetails, deploymentArtifact,
417 sdncUserDetails, authorizationHeader);
418 assertEquals("Check response code after download artifact", 200, restResponse.getErrorCode().intValue());
421 // * ECOMP Consumer Password - expected to be SHA-2 256 encrypted value (
422 // SALT + "real" password ) => maximal length 256 bytes = 32 characters
423 // Before storing/comparing please convert upper case letter to lower.
424 // The "normalized" encrypted password should match the following format :
427 // @Ignore("add C3:111T-0-*# to file")
428 public void sendAuthenticatedRequestTest_passwordValidation_3() throws Exception, Exception {
429 Map<String, String> authorizationHeader = BaseRestUtils.addAuthorizeHeader("C3", "111T-0-*#");
430 RestResponse restResponse = ArtifactRestUtils.downloadServiceArtifact(serviceDetails, deploymentArtifact,
431 sdncUserDetails, authorizationHeader);
432 assertEquals("Check response code after download artifact", 200, restResponse.getErrorCode().intValue());