#List of sftp server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc and the simulators in a private docker network
FTPES_SIMS_CONTAINER="ftpes-server-vsftpd0:21,ftpes-server-vsftpd1:21,ftpes-server-vsftpd2:21,ftpes-server-vsftpd3:21,ftpes-server-vsftpd4:21"
-#List of http/https/https with no authorization server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc and the simulators in a private docker network
+#List of http/https/https with no authorization/with jwt token server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc and the simulators in a private docker network
HTTP_SIMS_CONTAINER="http-https-server0:80,http-https-server1:80,http-https-server2:80,http-https-server3:80,http-https-server4:80"
+HTTP_JWT_SIMS_CONTAINER="http-https-server0:32000,http-https-server1:32000,http-https-server2:32000,http-https-server3:32000,http-https-server4:32000"
HTTPS_SIMS_CONTAINER="http-https-server0:443,http-https-server1:443,http-https-server2:443,http-https-server3:443,http-https-server4:443"
HTTPS_SIMS_NO_AUTH_CONTAINER="http-https-server0:8080,http-https-server1:8080,http-https-server2:8080,http-https-server3:8080,http-https-server4:8080"
+HTTPS_JWT_SIMS_CONTAINER="http-https-server0:32100,http-https-server1:32100,http-https-server2:32100,http-https-server3:32100,http-https-server4:32100"
#List of sftp server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc as stand along app and the simulators in a private docker network
SFTP_SIMS_LOCALHOST="localhost:1022,localhost:1023,localhost:1024,localhost:1025,localhost:1026"
#List of ftpes server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc as stand along app and the simulators in a private docker network
FTPES_SIMS_LOCALHOST="localhost:1032,localhost:1033,localhost:1034,localhost:1035,localhost:1036"
-#List of http/https/https with no authorization server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc as stand along app and the simulators in a private docker network
+#List of http/https/https with no authorization/with jwt token server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc as stand along app and the simulators in a private docker network
HTTP_SIMS_LOCALHOST="localhost:81,localhost:82,localhost:83,localhost:84,localhost:85"
+HTTP_JWT_SIMS_LOCALHOST="localhost:32001,localhost:32002,localhost:32003,localhost:32004,localhost:32005"
HTTPS_SIMS_LOCALHOST="localhost:444,localhost:445,localhost:446,localhost:447,localhost:448"
HTTPS_SIMS_NO_AUTH_LOCALHOST="localhost:8081,localhost:8082,localhost:8083,localhost:8084,localhost:8085"
+HTTPS_JWT_SIMS_LOCALHOST="localhost:32101,localhost:32102,localhost:32103,localhost:32104,localhost:32105"
export SFTP_SIMS=$SFTP_SIMS_CONTAINER #This env will be set to SFTP_SIMS_LOCALHOST if auto test is executed with 'manual-app'
export FTPES_SIMS=$FTPES_SIMS_CONTAINER #This env will be set to FTPES_SIMS_LOCALHOST if auto test is executed with 'manual-app'
export HTTP_SIMS=$HTTP_SIMS_CONTAINER #This env will be set to HTTP_SIMS_LOCALHOST if auto test is executed with 'manual-app'
+export HTTP_JWT_SIMS=$HTTP_JWT_SIMS_CONTAINER #This env will be set to HTTP_JWT_SIMS_LOCALHOST if auto test is executed with 'manual-app'
export HTTPS_SIMS=$HTTPS_SIMS_CONTAINER #This env will be set to HTTPS_SIMS_LOCALHOST if auto test is executed with 'manual-app'
export HTTPS_SIMS_NO_AUTH=$HTTPS_SIMS_NO_AUTH_CONTAINER #This env will be set to HTTPS_SIMS_NO_AUTH_LOCALHOST if auto test is executed with 'manual-app'
+export HTTPS_JWT_SIMS=$HTTPS_JWT_SIMS_CONTAINER #This env will be set to HTTPS_JWT_SIMS_LOCALHOST if auto test is executed with 'manual-app'
#Host name of the DR redirect simulator
export DR_REDIR_SIM="drsim_redir" #This env will be set to 'localhost' if auto test is executed with arg 'manual-app'
export SFTP_SIMS=$SFTP_SIMS_LOCALHOST
export FTPES_SIMS=$FTPES_SIMS_LOCALHOST
export HTTP_SIMS=$HTTP_SIMS_LOCALHOST
+ export HTTP_JWT_SIMS=$HTTP_JWT_SIMS_LOCALHOST
export HTTPS_SIMS=$HTTPS_SIMS_LOCALHOST
export HTTPS_SIMS_NO_AUTH=HTTPS_SIMS_NO_AUTH_LOCALHOST
+ export HTTPS_JWT_SIMS=$HTTPS_JWT_SIMS_LOCALHOST
export DR_REDIR_SIM="localhost"
fi
#else
echo "SFTP_SIMS= "$SFTP_SIMS
echo "FTPES_SIMS= "$FTPES_SIMS
echo "HTTP_SIMS= "$HTTP_SIMS
+ echo "HTTP_JWT_SIMS= "$HTTP_JWT_SIMS
echo "HTTPS_SIMS= "$HTTPS_SIMS
echo "HTTPS_SIMS_NO_AUTH= "$HTTPS_SIMS_NO_AUTH
+ echo "HTTPS_JWT_SIMS= "$HTTPS_JWT_SIMS
echo ""
}
-FROM httpd:alpine
+FROM httpd:2.4
-RUN apk update
+RUN apt-get update
ENV APACHE_LOG_DIR /usr/local/apache2/logs
COPY --chown=root:root apache2/conf /usr/local/apache2/conf
COPY --chown=root:root apache2/conf/extra /usr/local/apache2/conf/extra
+COPY --chown=root:root ./apache2/lib/libjwt.so.1.7.0 /usr/lib/x86_64-linux-gnu/libjwt.so.1
+COPY --chown=root:root ./apache2/modules/mod_authnz_jwt.so /usr/local/apache2/modules/mod_authnz_jwt.so
RUN chmod 644 /usr/local/apache2/conf/.htpasswd
RUN chmod 644 /usr/local/apache2/conf/httpd.conf
RUN chmod 644 /usr/local/apache2/conf/extra/httpd-ssl.conf
+RUN chmod 644 /usr/lib/x86_64-linux-gnu/libjwt.so.1
+RUN chmod 644 /usr/local/apache2/modules/mod_authnz_jwt.so
RUN mkdir /usr/local/apache2/certs
RUN chown root:root /usr/local/apache2/certs
# Cleaning docker structure
Deep cleaning: `docker system prune`
+
+# mod_authnz_jwt.so
+
+External library `mod_authnz_jwt.so` was added to the Apache server. This library wasn't changed in any way.
+This library is supplied under the Apache License, Version 2.0 (the "License").
Listen 443
Listen 8080
+Listen 32100
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
SSLProxyProtocol all -SSLv3
SSLCertificateFile /usr/local/apache2/certs/keystore.pem
SSLCertificateKeyFile /usr/local/apache2/certs/key.pem
</VirtualHost>
+<VirtualHost *:32100>
+
+ ServerAdmin httpserver-onap.org
+ ServerName httpserver-onap.org
+
+ DocumentRoot /usr/local/apache2/htdocs
+ AuthJWTSignatureAlgorithm HS256
+ AuthJWTSignatureSharedSecret Q0hBTkdFTUU=
+ AuthJWTIss onap
+ <Directory "/usr/local/apache2/htdocs">
+ AllowOverride None
+ Options Indexes FollowSymLinks MultiViews
+ AuthType jwt
+ AuthName "Restricted Content"
+ Require valid-user
+ RewriteEngine On
+ RewriteCond %{HTTP:Authorization} ^(.*)
+ RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
+ </Directory>
+
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+ SSLEngine on
+ SSLProtocol -all +TLSv1.2
+ SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+ SSLHonorCipherOrder off
+ SSLSessionTickets off
+
+ SSLCACertificateFile /usr/local/apache2/certs/truststore.pem
+ SSLCertificateFile /usr/local/apache2/certs/keystore.pem
+ SSLCertificateKeyFile /usr/local/apache2/certs/key.pem
+</VirtualHost>
#
#Listen 12.34.56.78:80
Listen 80
+Listen 32000
#
# Dynamic Shared Object (DSO) Support
# Example:
# LoadModule foo_module modules/mod_foo.so
#
+LoadModule auth_jwt_module modules/mod_authnz_jwt.so
LoadModule mpm_event_module modules/mod_mpm_event.so
#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
#LoadModule mpm_worker_module modules/mod_mpm_worker.so
#LoadModule speling_module modules/mod_speling.so
#LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
-#LoadModule rewrite_module modules/mod_rewrite.so
+LoadModule rewrite_module modules/mod_rewrite.so
<IfModule unixd_module>
#
AuthUserFile /usr/local/apache2/conf/.htpasswd
Require valid-user
</Directory>
+
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
+</VirtualHost>
+<VirtualHost *:32000>
+
+ ServerAdmin httpserver-onap.org
+ DocumentRoot "/usr/local/apache2/htdocs"
+
+ AuthJWTSignatureAlgorithm HS256
+ AuthJWTSignatureSharedSecret Q0hBTkdFTUU=
+ AuthJWTIss onap
+ <Directory "/usr/local/apache2/htdocs">
+ AllowOverride None
+ Options Indexes FollowSymLinks MultiViews
+ AuthType jwt
+ AuthName "Restricted Content"
+ Require valid-user
+ RewriteEngine On
+ RewriteCond %{HTTP:Authorization} ^(.*)
+ RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
+ </Directory>
+
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
#
# DirectoryIndex: sets the file that Apache will serve if a directory
http-https-server:
container_name: http-https-server-httpd
- image: httpd:alpine
+ image: httpd:2.4
environment:
APACHE_LOG_DIR: /usr/local/apache2/logs
ports:
- "80:80"
- "443:443"
- "8080:8080"
+ - "32000:32000"
+ - "32100:32100"
volumes:
- ./apache2/conf/.htpasswd:/usr/local/apache2/conf/.htpasswd:ro
- ./apache2/conf/httpd.conf:/usr/local/apache2/conf/httpd.conf:ro
- ./apache2/conf/extra/httpd-ssl.conf:/usr/local/apache2/conf/extra/httpd-ssl.conf:ro
+ - ./apache2/lib/libjwt.so.1.7.0:/usr/lib/x86_64-linux-gnu/libjwt.so.1:ro
+ - ./apache2/modules/mod_authnz_jwt.so:/usr/local/apache2/modules/mod_authnz_jwt.so:ro
- ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs:ro
- ./files/onap/http:/usr/local/apache2/htdocs
restart: on-failure
- **FTPES_SIMS** - A comma-separated list of hostname:port for the FTP servers to generate ftpes file urls for. If not set MR sim will assume 'localhost:21'. Minimum 1 and maximum 5 host-port pairs can be given.
- **SFTP_SIMS** - A comma-separated list of hostname:port for the FTP servers to generate sftp file urls for. If not set MR sim will assume 'localhost:1022'. Minimum 1 and maximum 5 host-port pairs can be given.
- **HTTP_SIMS** - A comma-separated list of hostname:port for the HTTP servers to generate http file urls for. If not set MR sim will assume 'localhost:81'. Minimum 1 and maximum 5 host-port pairs can be given.
+- **HTTP_JWT_SIMS** - A comma-separated list of hostname:port for the HTTP servers (using JWT token for authentication) to generate http file urls for. If not set MR sim will assume 'localhost:32000'. Minimum 1 and maximum 5 host-port pairs can be given.
- **HTTPS_SIMS** - A comma-separated list of hostname:port for the HTTPS servers (configured for client certificate authentication and basic authentication; certificates were obtained using CMPv2 server) to generate http file urls for. If not set MR sim will assume 'localhost:444'. Minimum 1 and maximum 5 host-port pairs can be given.
+- **HTTPS_JWT_SIMS** - A comma-separated list of hostname:port for the HTTPS servers (using JWT token for authentication) to generate http file urls for. If not set MR sim will assume 'localhost:32100'. Minimum 1 and maximum 5 host-port pairs can be given.
- **HTTPS_SIMS_NO_AUTH** - A comma-separated list of hostname:port for the HTTPS servers with no autorization to generate http file urls for. If not set MR sim will assume 'localhost:8081'. Minimum 1 and maximum 5 host-port pairs can be given.
- **NUM_FTP_SERVERS** - Number of FTP servers to use out of those specified in the envrioment variables above. The number shall be in the range 1-5.
- **NUM_HTTP_SERVERS** - Number of HTTP/HTTPS/HTTPS with no authorization servers to use out of those specified in the envrioment variables above. The number shall be in the range 1-5.
TC2XX is same as TC1XX but with FTPES, TC3XX is same as TC1XX but with HTTP, TC4XX is same as TC1XX but with HTTPS
(with basic authorization). Note, in the case of HTTPS, some tests may not have direct correspondence in FTP tests
-(TC403, TC404 described in the end of this section).
+(TC303, TC403, TC404, TC405 described in the end of this section).
TC6XX is same as TC5XX but with FTPES
TC2XXX is same as TC1XXX but with FTPES
+TC303 - One ME, HTTP with JWT authentication, 1 1MB file, 1 event
+
TC403 - One ME, HTTPS with client certificate authentication, 1 1MB file, 1 event
TC404 - One ME, HTTPS with no client authentication, 1 1MB file, 1 event
+TC405 - One ME, HTTPS with JWT authentication, 1 1MB file, 1 event
+
## Developer workflow
1. `sudo apt install python3-venv`
ftpes_ports = []
http_hosts = []
http_ports = []
+http_jwt_hosts = []
+http_jwt_ports = []
https_hosts = []
https_ports = []
+https_jwt_hosts = []
+https_jwt_ports = []
https_hosts_no_auth = []
https_ports_no_auth = []
num_ftp_servers = 1
return tc100(groupIndex, changeId, filePrefix, "http", "5MB")
elif args.tc302:
return tc100(groupIndex, changeId, filePrefix, "http", "50MB")
+ elif args.tc303:
+ return tc100(groupIndex, changeId, filePrefix, "httpJWT", "1MB")
elif args.tc400:
return tc100(groupIndex, changeId, filePrefix, "https", "1MB")
return tc100(groupIndex, changeId, filePrefix, "httpsCAuth", "1MB")
elif args.tc404:
return tc100(groupIndex, changeId, filePrefix, "httpsNoAuth", "1MB")
+ elif args.tc405:
+ return tc100(groupIndex, changeId, filePrefix, "httpsJWT", "1MB")
#### Test case functions
or (schemeType == "httpsCAuth") or (schemeType == "httpsNoAuth"):
msg = getEventHead(groupIndex, changeId, nodeName) + getEventName(fileName, schemeType, "demo", "demo123456!",
nodeIndex) + getEventEnd()
+ if (schemeType == "httpJWT") or (schemeType == "httpsJWT"):
+ msg = getEventHead(groupIndex, changeId, nodeName) + getEventName(fileName, schemeType, "", "",
+ nodeIndex) + getEventEnd()
fileMap[groupIndex][seqNr * hash(filePrefix)] = seqNr
ctr_events[groupIndex] = ctr_events[groupIndex] + 1
return buildOkResponse("[" + msg + "]")
port = sftp_ports[nodeIndex]
ip = sftp_hosts[nodeIndex]
location_variant = type + """://""" + user + """:""" + passwd + """@""" + ip + """:""" + str(port)
+ token = ""
if type == "ftpes":
port = ftpes_ports[nodeIndex]
ip = ftpes_hosts[nodeIndex]
port = http_ports[nodeIndex]
ip = http_hosts[nodeIndex]
location_variant = type + """://""" + user + """:""" + passwd + """@""" + ip + """:""" + str(port)
+ elif type == "httpJWT":
+ alt_type = "http"
+ nodeIndex = nodeIndex % num_http_servers
+ port = http_jwt_ports[nodeIndex]
+ ip = http_jwt_hosts[nodeIndex]
+ location_variant = alt_type + """://""" + ip + """:""" + str(port)
+ token = "?access_token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwidXNlciI6Imp3dFVzZXIiLCJpc3MiOiJvbmFwIiwiaWF0IjoxNTE2MjM5MDIyLCJleHAiOjk5OTk5OTk5OTksIm5iZiI6MTUxNjIzOTAyMn0.dZUtnGlr6Z42MehhZTGHYSVFaAggRjob9GyvnGpEc6o"
elif type == "https":
nodeIndex = nodeIndex % num_http_servers
port = https_ports[nodeIndex]
ip = https_hosts[nodeIndex]
location_variant = type + """://""" + user + """:""" + passwd + """@""" + ip + """:""" + str(port)
+ elif type == "httpsJWT":
+ alt_type = "https"
+ nodeIndex = nodeIndex % num_http_servers
+ port = https_jwt_ports[nodeIndex]
+ ip = https_jwt_hosts[nodeIndex]
+ location_variant = alt_type + """://""" + ip + """:""" + str(port)
+ token = "?access_token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJkZW1vIiwiaWF0IjoxNTE2MjM5MDIyLCJleHAiOjk5OTk5OTk5OTksIm5iZiI6MTUxNjIzOTAyMH0.vyktOJyCMVvJXEfImBuZCTaEifrvH0kXeAPpnHakffA"
elif type == "httpsCAuth":
alt_type = "https"
port = https_ports[nodeIndex]
"name": \"""" + fn + """",
"hashMap": {
"fileFormatType": "org.3GPP.32.435#measCollec",
- "location": \"""" + location_variant + """/""" + fn + """",
+ "location": \"""" + location_variant + """/""" + fn + token + """",
"fileFormatVersion": "V10",
"compression": "gzip"
}
sftp_sims = os.environ.get('SFTP_SIMS', 'localhost:1022')
ftpes_sims = os.environ.get('FTPES_SIMS', 'localhost:21')
http_sims = os.environ.get('HTTP_SIMS', 'localhost:81')
+ http_jwt_sims = os.environ.get('HTTP_JWT_SIMS', 'localhost:32000')
https_sims = os.environ.get('HTTPS_SIMS', 'localhost:444')
https_sims_no_auth = os.environ.get('HTTPS_SIMS_NO_AUTH', 'localhost:8081')
+ https_jwt_sims = os.environ.get('HTTPS_JWT_SIMS', 'localhost:32100')
num_ftp_servers = int(os.environ.get('NUM_FTP_SERVERS', 1))
num_http_servers = int(os.environ.get('NUM_HTTP_SERVERS', 1))
print("Configured sftp sims: " + sftp_sims)
print("Configured ftpes sims: " + ftpes_sims)
print("Configured http sims: " + http_sims)
+ print("Configured http JWT sims: " + http_jwt_sims)
print("Configured https sims: " + https_sims)
print("Configured https with no authorization sims: " + https_sims_no_auth)
+ print("Configured https JWT sims: " + https_jwt_sims)
print("Configured number of ftp servers: " + str(num_ftp_servers))
- print("Configured number of http/https/https with no auth servers: " + str(num_http_servers) + " each")
+ print("Configured number of http/https/https with no auth/JWT servers: " + str(num_http_servers) + " each")
tmp = sftp_sims.split(',')
for i in range(len(tmp)):
http_hosts.append(hp[0])
http_ports.append(hp[1])
+ tmp = http_jwt_sims.split(',')
+ for i in range(len(tmp)):
+ hp = tmp[i].split(':')
+ http_jwt_hosts.append(hp[0])
+ http_jwt_ports.append(hp[1])
+
tmp = https_sims.split(',')
for i in range(len(tmp)):
hp = tmp[i].split(':')
https_hosts.append(hp[0])
https_ports.append(hp[1])
+ tmp = https_jwt_sims.split(',')
+ for i in range(len(tmp)):
+ hp = tmp[i].split(':')
+ https_jwt_hosts.append(hp[0])
+ https_jwt_ports.append(hp[1])
+
tmp = https_sims_no_auth.split(',')
for i in range(len(tmp)):
hp = tmp[i].split(':')
'--tc302',
action='store_true',
help='TC302 - One ME, HTTP, 1 50MB file, 1 event')
+ parser.add_argument(
+ '--tc303',
+ action='store_true',
+ help='TC303 - One ME, HTTP JWT, 1 1MB file, 1 event')
# HTTPS TCs with single ME
parser.add_argument(
'--tc404',
action='store_true',
help='TC404 - One ME, HTTPS no client authentication, 1 1MB file, 1 event')
+ parser.add_argument(
+ '--tc405',
+ action='store_true',
+ help='TC405 - One ME, HTTPS JWT, 1 1MB file, 1 event')
args = parser.parse_args()
tc_num = "TC# 301"
elif args.tc302:
tc_num = "TC# 302"
+ elif args.tc303:
+ tc_num = "TC# 303"
elif args.tc400:
tc_num = "TC# 400"
tc_num = "TC# 403"
elif args.tc404:
tc_num = "TC# 404"
+ elif args.tc405:
+ tc_num = "TC# 405"
else:
print("No TC was defined")
print("Using " + str(http_hosts[i]) + ":" + str(http_ports[i]) + " for http server with index " + str(
i) + " for http server address and port in file urls.")
+ for i in range(len(http_jwt_hosts)):
+ print("Using " + str(http_jwt_hosts[i]) + ":" + str(http_jwt_ports[i]) + " for http jwt server with index " + str(
+ i) + " for http jwt server address and port in file urls.")
+
for i in range(len(https_hosts)):
print("Using " + str(https_hosts[i]) + ":" + str(https_ports[i]) + " for https server with index " + str(
i) + " for https server address and port in file urls.")
+ " for https server with no authentication with index " + str(i)
+ " for https server address and port in file urls.")
+ for i in range(len(https_jwt_hosts)):
+ print("Using " + str(https_jwt_hosts[i]) + ":" + str(https_jwt_ports[i]) + " for https jwt server with index " + str(
+ i) + " for https jwt server address and port in file urls.")
+
print("Using up to " + str(num_ftp_servers) + " ftp servers, for each protocol for PNFs.")
print("Using up to " + str(num_http_servers)
- + " http/https/https with no auth servers, for each protocol for PNFs.")
+ + " http/https/https with no auth/jwt servers, for each protocol for PNFs.")
def https_app(**kwargs):
parameters.
All simulators will be started with the generated docker-compose.yml file
-To generate an ftp/http/https url with an IP different from localhost, set the SFTP_SIM_IP and/or FTPES_SIM_IP and/or HTTP_SIM_IP and/or HTTPS_SIM_IP and/or HTTPS_SIM_NO_AUTH_IP env variables to the address(es) of the ftp/http/https servers before starting.
+To generate an ftp/http/https url with an IP different from localhost, set the SFTP_SIM_IP and/or FTPES_SIM_IP and/or HTTP_SIM_IP and/or HTTPS_SIM_IP and/or HTTPS_SIM_NO_AUTH_IP and/or HTTP_JWT_SIM_IP and/or HTTPS_JWT_SIM_IP env variables to the address(es) of the ftp/http/https servers before starting.
So far, this only works when the simulator python script is started from the command line.
Kill all the containers with `simulators-kill.se`
export SFTP_SIMS="localhost:21,localhost:22,localhost:23,localhost:24,localhost:25" # Comma separated list for SFTP servers host:port
export FTPES_SIMS="localhost:1022,localhost:1023,localhost:1024,localhost:1026,localhost:1026" # Comma separated list for FTPES servers host:port
export HTTP_SIMS="localhost:81,localhost:82,localhost:83,localhost:84,localhost:85" # Comma separated list for HTTP servers host:port
+export HTTP_JWT_SIMS="localhost:32001,localhost:32002,localhost:32003,localhost:32004,localhost:32005" # Comma separated list for HTTP JWT servers host:port
export HTTPS_SIMS="localhost:444,localhost:445,localhost:446,localhost:447,localhost:448" # Comma separated list for HTTPS (enabling client certificate authorization and basic authorization) servers host:port
export HTTPS_SIMS_NO_AUTH="localhost:8081,localhost:8082,localhost:8083,localhost:8084,localhost:8085" # Comma separated list for HTTPS (with no authorization) servers host:port
+export HTTPS_JWT_SIMS="localhost:32101,localhost:32102,localhost:32103,localhost:32104,localhost:32105" # Comma separated list for HTTPS JWT servers host:port
export DR_REDIR_SIM="localhost" # Hostname of DR redirect server
SFTP_SIMS: ${SFTP_SIMS}
FTPES_SIMS: ${FTPES_SIMS}
HTTP_SIMS: ${HTTP_SIMS}
+ HTTP_JWT_SIMS: ${HTTP_JWT_SIMS}
HTTPS_SIMS: ${HTTPS_SIMS}
HTTPS_SIMS_NO_AUTH: ${HTTPS_SIMS_NO_AUTH}
+ HTTPS_JWT_SIMS: ${HTTPS_JWT_SIMS}
NUM_FTP_SERVERS: ${NUM_FTP_SERVERS}
NUM_HTTP_SERVERS: ${NUM_HTTP_SERVERS}
MR_GROUPS: ${MR_GROUPS}
- "81:80"
- "444:443"
- "8081:8080"
+ - "32001:32000"
+ - "32101:32100"
restart: on-failure
volumes:
- ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs/:rw
- "82:80"
- "445:443"
- "8082:8080"
+ - "32002:32000"
+ - "32102:32100"
restart: on-failure
volumes:
- ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs/:rw
- "83:80"
- "446:443"
- "8083:8080"
+ - "32003:32000"
+ - "32103:32100"
restart: on-failure
volumes:
- ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs/:rw
- "84:80"
- "447:443"
- "8084:8080"
+ - "32004:32000"
+ - "32104:32100"
restart: on-failure
volumes:
- ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs/:rw
- "85:80"
- "448:443"
- "8085:8080"
+ - "32005:32000"
+ - "32105:32100"
restart: on-failure
volumes:
- ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs/:rw
-#!/usr/bin/env sh
+#!/usr/bin/env bash
# Script to create files for the HTTP server to return upon request.
# The file names matches the files names in the events polled from the MR simulator.
echo "Simulator " $1 " on localhost:$2 - no response"
}
+http_https_jwt_server_check() {
+ for i in {1..10}; do
+ res=$(curl $4 -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJkZW1vIiwiaWF0IjoxNTE2MjM5MDIyLCJleHAiOjk5OTk5OTk5OTksIm5iZiI6MTUxNjIzOTAyMH0.vyktOJyCMVvJXEfImBuZCTaEifrvH0kXeAPpnHakffA' -s -o /dev/null -w "%{http_code}" $3://localhost:$2)
+ if [ $res -gt 199 ] && [ $res -lt 300 ]; then
+ echo "Simulator " $1 " on localhost:$2 responded ok"
+ return
+ fi
+ sleep 1
+ done
+ echo "Simulator " $1 " on localhost:$2 - no response"
+}
+
server_check_https() {
for i in {1..10}; do
res=$(curl -k -s -o /dev/null -w "%{http_code}" https://localhost:$2$3)
http_https_basic_server_check "HTTP basic auth server 2" 83 http
http_https_basic_server_check "HTTP basic auth server 3" 84 http
http_https_basic_server_check "HTTP basic auth server 4" 85 http
+http_https_jwt_server_check "HTTP JWT server 0" 32001 http
+http_https_jwt_server_check "HTTP JWT server 1" 32002 http
+http_https_jwt_server_check "HTTP JWT server 2" 32003 http
+http_https_jwt_server_check "HTTP JWT server 3" 32004 http
+http_https_jwt_server_check "HTTP JWT server 4" 32005 http
http_https_basic_server_check "HTTPS basic auth server 0" 444 https -k
http_https_basic_server_check "HTTPS basic auth server 1" 445 https -k
http_https_basic_server_check "HTTPS basic auth server 2" 446 https -k
http_https_server_check "HTTPS no auth server 2" 8083 https -k
http_https_server_check "HTTPS no auth server 3" 8084 https -k
http_https_server_check "HTTPS no auth server 4" 8085 https -k
+http_https_jwt_server_check "HTTPS JWT server 0" 32101 https -k
+http_https_jwt_server_check "HTTPS JWT server 1" 32102 https -k
+http_https_jwt_server_check "HTTPS JWT server 2" 32103 https -k
+http_https_jwt_server_check "HTTPS JWT server 3" 32104 https -k
+http_https_jwt_server_check "HTTPS JWT server 4" 32105 https -k
echo ""