);
LOGGER.debug("Received CSR meta data: \n{}", csrModel);
CertificationModel certificationModel = certificationModelFactory
- .createCertificationModel(csrModel,caName);
+ .createCertificationModel(csrModel, caName);
return new ResponseEntity<>(new Gson().toJson(certificationModel), HttpStatus.OK);
}
package org.onap.aaf.certservice.certification;
import com.google.gson.Gson;
+import org.onap.aaf.certservice.certification.exception.Cmpv2ServerNotFoundException;
import org.onap.aaf.certservice.certification.exception.CsrDecryptionException;
import org.onap.aaf.certservice.certification.exception.ErrorResponseModel;
import org.onap.aaf.certservice.certification.exception.KeyDecryptionException;
@ExceptionHandler(value = CsrDecryptionException.class)
public ResponseEntity<String> handle(CsrDecryptionException exception) {
LOGGER.error("Exception occurred during decoding certificate sign request:", exception);
- return getErrorResponseEntity("Wrong certificate signing request (CSR) format");
+ return getErrorResponseEntity("Wrong certificate signing request (CSR) format", HttpStatus.BAD_REQUEST);
}
@ExceptionHandler(value = KeyDecryptionException.class)
public ResponseEntity<String> handle(KeyDecryptionException exception) {
LOGGER.error("Exception occurred during decoding key:", exception);
- return getErrorResponseEntity("Wrong key (PK) format");
+ return getErrorResponseEntity("Wrong key (PK) format", HttpStatus.BAD_REQUEST);
}
- private ResponseEntity<String> getErrorResponseEntity(String errorMessage) {
+ @ExceptionHandler(value = Cmpv2ServerNotFoundException.class)
+ public ResponseEntity<String> handle(Cmpv2ServerNotFoundException exception) {
+ LOGGER.error("Exception occurred selecting CMPv2 server:", exception);
+ return getErrorResponseEntity("Certification authority not found for given CAName", HttpStatus.NOT_FOUND);
+ }
+
+ private ResponseEntity<String> getErrorResponseEntity(String errorMessage, HttpStatus status) {
ErrorResponseModel errorResponse = new ErrorResponseModel(errorMessage);
return new ResponseEntity<>(
new Gson().toJson(errorResponse),
- HttpStatus.BAD_REQUEST
+ status
);
}
+
}
package org.onap.aaf.certservice.certification;
+import org.onap.aaf.certservice.certification.configuration.Cmpv2ServerProvider;
+import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server;
+import org.onap.aaf.certservice.certification.exception.Cmpv2ServerNotFoundException;
import org.onap.aaf.certservice.certification.model.CertificationModel;
import org.onap.aaf.certservice.certification.model.CsrModel;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.Arrays;
private static final Logger LOGGER = LoggerFactory.getLogger(CertificationModelFactory.class);
+ private final Cmpv2ServerProvider cmpv2ServerProvider;
+
+ @Autowired
+ CertificationModelFactory(Cmpv2ServerProvider cmpv2ServerProvider) {
+ this.cmpv2ServerProvider = cmpv2ServerProvider;
+ }
public CertificationModel createCertificationModel(CsrModel csr, String caName) {
LOGGER.info("Generating certification model for CA named: {}, and certificate signing request:\n{}",
caName, csr);
+
+ return cmpv2ServerProvider
+ .getCmpv2Server(caName)
+ .map(this::generateCertificationModel)
+ .orElseThrow(() -> new Cmpv2ServerNotFoundException("No server found for given CA name"));
+ }
+
+ private CertificationModel generateCertificationModel(Cmpv2Server cmpv2Server) {
+ LOGGER.debug("Found server for given CA name: \n{}", cmpv2Server);
return new CertificationModel(
Arrays.asList(ENTITY_CERT, INTERMEDIATE_CERT),
Arrays.asList(CA_CERT, EXTRA_CA_CERT)
);
}
-
}
--- /dev/null
+/*
+ * ============LICENSE_START=======================================================
+ * PROJECT
+ * ================================================================================
+ * Copyright (C) 2020 Nokia. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.aaf.certservice.certification.configuration;
+
+import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import java.util.Optional;
+
+@Component
+public class Cmpv2ServerProvider {
+
+ private final CmpServersConfig cmpServersConfig;
+
+ @Autowired
+ Cmpv2ServerProvider(CmpServersConfig cmpServersConfig) {
+ this.cmpServersConfig = cmpServersConfig;
+ }
+
+ public Optional<Cmpv2Server> getCmpv2Server(String caName) {
+ return cmpServersConfig.getCmpServers()
+ .stream()
+ .filter(server -> server.getCaName().equals(caName))
+ .findFirst();
+ }
+
+}
this.rv = rv;
}
+ @Override
+ public String toString() {
+ return "Authentication{" +
+ " iak=*****" +
+ ", rv=*****" +
+ '}';
+ }
}
this.url = url;
}
+ @Override
+ public String toString() {
+ return "Cmpv2Server{" +
+ "authentication=" + authentication +
+ ", caMode=" + caMode +
+ ", caName='" + caName + '\'' +
+ ", issuerDN='" + issuerDN + '\'' +
+ ", url='" + url + '\'' +
+ '}';
+ }
+
}
--- /dev/null
+/*
+ * ============LICENSE_START=======================================================
+ * PROJECT
+ * ================================================================================
+ * Copyright (C) 2020 Nokia. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.aaf.certservice.certification.exception;
+
+import org.webjars.NotFoundException;
+
+public class Cmpv2ServerNotFoundException extends NotFoundException {
+ public Cmpv2ServerNotFoundException(String message) {
+ super(message);
+ }
+}
* ============LICENSE_END=========================================================
*/
-package org.onap.aaf.certservice.certification.exception;
+package org.onap.aaf.certservice.certification;
import com.google.gson.Gson;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
-import org.onap.aaf.certservice.certification.CertificationExceptionController;
+import org.onap.aaf.certservice.certification.exception.Cmpv2ServerNotFoundException;
+import org.onap.aaf.certservice.certification.exception.CsrDecryptionException;
+import org.onap.aaf.certservice.certification.exception.ErrorResponseModel;
+import org.onap.aaf.certservice.certification.exception.KeyDecryptionException;
import org.springframework.http.ResponseEntity;
import static org.junit.jupiter.api.Assertions.assertEquals;
assertEquals(expectedMessage, response.getErrorMessage());
}
+ @Test
+ void shouldReturnResponseEntityWithAppropriateErrorMessageWhenGivenCaNameIsNotPresentInConfig() {
+ // given
+ String expectedMessage = "Certification authority not found for given CAName";
+ Cmpv2ServerNotFoundException csrDecryptionException = new Cmpv2ServerNotFoundException("test Ca exception");
+
+ // when
+ ResponseEntity<String> responseEntity = certificationExceptionController.handle(csrDecryptionException);
+
+ ErrorResponseModel response = new Gson().fromJson(responseEntity.getBody(), ErrorResponseModel.class);
+
+ // then
+ assertEquals(expectedMessage, response.getErrorMessage());
+ }
}
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.onap.aaf.certservice.certification.configuration.Cmpv2ServerProvider;
+import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server;
+import org.onap.aaf.certservice.certification.exception.Cmpv2ServerNotFoundException;
import org.onap.aaf.certservice.certification.model.CertificationModel;
import org.onap.aaf.certservice.certification.model.CsrModel;
+import java.util.Optional;
+
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
import static org.onap.aaf.certservice.certification.CertificationData.CA_CERT;
import static org.onap.aaf.certservice.certification.CertificationData.ENTITY_CERT;
import static org.onap.aaf.certservice.certification.CertificationData.INTERMEDIATE_CERT;
import static org.onap.aaf.certservice.certification.CertificationData.EXTRA_CA_CERT;
-
+@ExtendWith(MockitoExtension.class)
class CertificationModelFactoryTest {
+ private static final String TEST_CA = "testCA";
private CertificationModelFactory certificationModelFactory;
+ @Mock
+ Cmpv2ServerProvider cmpv2ServerProvider;
+
@BeforeEach
void setUp() {
- certificationModelFactory = new CertificationModelFactory();
+ certificationModelFactory = new CertificationModelFactory(cmpv2ServerProvider);
}
@Test
void shouldCreateProperCertificationModelWhenGivenProperCsrModelAndCaName() {
// given
- final String testCaName = "testCA";
CsrModel mockedCsrModel = mock(CsrModel.class);
+ when(cmpv2ServerProvider.getCmpv2Server(TEST_CA)).thenReturn(Optional.of(createTestCmpv2Server()));
// when
- CertificationModel certificationModel = certificationModelFactory.createCertificationModel(mockedCsrModel ,testCaName);
+ CertificationModel certificationModel =
+ certificationModelFactory.createCertificationModel(mockedCsrModel ,TEST_CA);
//then
assertEquals(2, certificationModel.getCertificateChain().size());
assertThat(certificationModel.getTrustedCertificates()).contains(CA_CERT, EXTRA_CA_CERT);
}
+ @Test
+ void shouldThrowCmpv2ServerNotFoundExceptionWhenGivenWrongCaName() {
+ // given
+ String expectedMessage = "CA not found";
+ CsrModel mockedCsrModel = mock(CsrModel.class);
+ when(cmpv2ServerProvider.getCmpv2Server(TEST_CA)).thenThrow(new Cmpv2ServerNotFoundException(expectedMessage));
+
+ // when
+ Exception exception = assertThrows(
+ Cmpv2ServerNotFoundException.class, () ->
+ certificationModelFactory.createCertificationModel(mockedCsrModel ,TEST_CA)
+ );
+
+ // then
+ assertTrue(exception.getMessage().contains(expectedMessage));
+ }
+
+ private Cmpv2Server createTestCmpv2Server() {
+ return new Cmpv2Server();
+ }
}
--- /dev/null
+/*
+ * ============LICENSE_START=======================================================
+ * PROJECT
+ * ================================================================================
+ * Copyright (C) 2020 Nokia. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.aaf.certservice.certification.configuration;
+
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.onap.aaf.certservice.certification.configuration.model.Authentication;
+import org.onap.aaf.certservice.certification.configuration.model.CaMode;
+import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server;
+
+import java.util.Collections;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Mockito.when;
+
+@ExtendWith(MockitoExtension.class)
+class Cmpv2ServerProviderTest {
+
+ private static final String TEST_CA = "testCA";
+
+ private Cmpv2ServerProvider cmpv2ServerProvider;
+
+ @Mock
+ private CmpServersConfig cmpServersConfig;
+
+ @BeforeEach
+ void setUp() {
+ cmpv2ServerProvider =
+ new Cmpv2ServerProvider(cmpServersConfig);
+ }
+
+ @Test
+ void shouldReturnOptionalWithServerWhenServerWithGivenCaNameIsPresentInConfig() {
+ // given
+ Cmpv2Server testServer = createTestServer();
+ when(cmpServersConfig.getCmpServers()).thenReturn(Collections.singletonList(testServer));
+
+ // when
+ Cmpv2Server receivedServer = cmpv2ServerProvider
+ .getCmpv2Server(TEST_CA)
+ .get();
+
+ // then
+ assertThat(receivedServer).isEqualToComparingFieldByField(testServer);
+ }
+
+
+ @Test
+ void shouldReturnEmptyOptionalWhenServerWithGivenCaNameIsNotPresentInConfig() {
+ // given
+ when(cmpServersConfig.getCmpServers()).thenReturn(Collections.emptyList());
+
+ // when
+ Boolean isEmpty = cmpv2ServerProvider
+ .getCmpv2Server(TEST_CA)
+ .isEmpty();
+
+ // then
+ assertThat(isEmpty).isTrue();
+ }
+
+ private Cmpv2Server createTestServer() {
+ Cmpv2Server testServer = new Cmpv2Server();
+ testServer.setCaName(TEST_CA);
+ testServer.setIssuerDN("testIssuer");
+ testServer.setUrl("http://test.ca.server");
+ Authentication testAuthentication = new Authentication();
+ testAuthentication.setIak("testIak");
+ testAuthentication.setRv("testRv");
+ testServer.setAuthentication(testAuthentication);
+ testServer.setCaMode(CaMode.RA);
+
+ return testServer;
+ }
+}
Code Review / oom / platform / cert-service.git / commitdiff