3 Resource ../../../common.robot
4 Resource ./cert-service-properties.robot
5 Library RequestsLibrary
9 Library ../libraries/CertClientManager.py ${MOUNT_PATH} ${TRUSTSTORE_PATH}
10 Library ../libraries/P12ArtifactsValidator.py ${MOUNT_PATH}
11 Library ../libraries/JksArtifactsValidator.py ${MOUNT_PATH}
12 Library ../libraries/PemArtifactsValidator.py ${MOUNT_PATH}
13 Library ../libraries/ResponseParser.py
19 [Documentation] Create all required sessions
20 ${certs}= Create List ${CERTSERVICE_SERVER_CRT} ${CERTSERVICE_SERVER_KEY}
21 Create Client Cert Session alias ${OOMCERT_URL} client_certs=${certs} verify=${ROOTCA}
22 Set Suite Variable ${https_valid_cert_session} alias
25 [Documentation] Run Healthcheck
26 ${resp}= Get Request ${https_valid_cert_session} /actuator/health
27 Should Be Equal As Strings ${resp.status_code} 200
28 Validate Recieved Response ${resp} status UP
30 Validate Recieved Response
31 [Documentation] Validare message that has been received
32 [Arguments] ${resp} ${key} ${expected_value}
33 ${json}= Evaluate json.loads(r"""${resp.content}""", strict=False) json
34 ${value}= Get From Dictionary ${json} ${key}
35 Log To Console ${value}
36 Should Be Equal As Strings ${value} ${expected_value}
38 Send Get Request And Validate Response
39 [Documentation] Send request to passed url and validate received response
40 [Arguments] ${path} ${resp_code}
41 ${resp}= Get Request ${https_valid_cert_session} ${path}
42 Should Be Equal As Strings ${resp.status_code} ${resp_code}
44 Send Get Request with Header
45 [Documentation] Send request to passed url
46 [Arguments] ${path} ${csr_file} ${pk_file}
48 ${headers}= Create Header with CSR and PK ${csr_file} ${pk_file}
49 ${resp}= Get Request ${https_valid_cert_session} ${path} headers=${headers}
51 Send Get Request with Header And Expect Success
52 [Documentation] Send request to passed url and validate received response
53 [Arguments] ${path} ${csr_file} ${pk_file}
54 ${resp}= Send Get Request with Header ${path} ${csr_file} ${pk_file}
55 Should Be Equal As Strings ${resp.status_code} 200
56 Check Message Recieved On Success ${resp.content}
58 Check Message Recieved On Success
59 [Documentation] Check if correct messsage has been sent on successful request
60 [Arguments] ${content}
61 ${resp_content}= Evaluate json.loads(r"""${content}""", strict=False) json
62 Dictionary Should Contain Key ${resp_content} certificateChain
63 @{list}= Get From Dictionary ${resp_content} certificateChain
64 List Should Contain Certificates @{list}
65 Dictionary Should Contain Key ${resp_content} trustedCertificates
67 List Should Contain Certificates
68 [Documentation] Verify if list contains certificates
70 FOR ${content} IN @{list}
71 Should Contain ${content} BEGIN CERTIFICATE
72 Should Contain ${content} END CERTIFICATE
75 Send Get Request with Header And Expect Error
76 [Documentation] Send request to passed url and validate received response
77 [Arguments] ${path} ${csr_file} ${pk_file} ${resp_code}
78 ${resp}= Send Get Request with Header ${path} ${csr_file} ${pk_file}
79 Should Be Equal As Strings ${resp.status_code} ${resp_code}
81 Create Header with CSR and PK
82 [Documentation] Create header with CSR and PK
83 [Arguments] ${csr_file} ${pk_file}
85 ${csr}= Get Data From File ${csr_file}
86 ${pk}= Get Data From File ${pk_file}
87 ${headers}= Create Dictionary CSR=${csr} PK=${pk}
89 Send Post Request And Validate Response
90 [Documentation] Send request to passed url and validate received response
91 [Arguments] ${path} ${resp_code}
92 ${resp}= Post Request ${https_valid_cert_session} ${path}
93 Should Be Equal As Strings ${resp.status_code} ${resp_code}
95 Send Initialization Request And Key Update Request And Expect Success
96 [Documentation] Send initialization request and then key update request to passed urls and validate received response
97 [Arguments] ${path} ${update_path} ${csr_file} ${pk_file} ${update_csr_file} ${update_pk_file}
98 ${start_time}= Get Current Timestamp For Docker Log
99 Send Initialization Request And Update Request And Check Status Code ${path} ${update_path} ${csr_file} ${pk_file}
100 ... ${update_csr_file} ${update_pk_file} 200
101 Verify Key Update Request Sent By Cert Service ${start_time}
103 Send Initialization Request And Certification Request And Expect Success
104 [Documentation] Send initialization request and then certification request to passed urls and validate received response
105 [Arguments] ${path} ${update_path} ${csr_file} ${pk_file} ${update_csr_file} ${update_pk_file}
106 ${start_time}= Get Current Timestamp For Docker Log
107 Send Initialization Request And Update Request And Check Status Code ${path} ${update_path} ${csr_file} ${pk_file}
108 ... ${update_csr_file} ${update_pk_file} 200
109 Verify Certification Request Sent By Cert Service ${start_time}
111 Send Initialization Request And Key Update Request With Wrong Old Private Key And Expect Error
112 [Documentation] Send initialization request and then key update request to passed urls and expect status code 500
113 [Arguments] ${path} ${update_path} ${csr_file} ${pk_file} ${update_csr_file} ${update_pk_file} ${wrong_old_pk_file}
114 ${start_time}= Get Current Timestamp For Docker Log
115 ${old_cert}= Send Certificate Initialization Request And Return Certificate ${path} ${csr_file} ${pk_file}
116 ${resp}= Send Certificate Update Request And Return Response ${update_path} ${update_csr_file} ${update_pk_file} ${old_cert} ${wrong_old_pk_file}
117 Should Be Equal As Strings ${resp.status_code} 500
118 Verify Key Update Request Sent By Cert Service ${start_time}
120 Send Update Request With Wrong Header And Expect Error
121 [Documentation] Send update request to passed url and expect wrong header response
122 [Arguments] ${update_path} ${update_csr_file} ${update_pk_file} ${old_cert_base64} ${old_pk_file}
123 ${resp}= Send Certificate Update Request And Return Response ${update_path} ${update_csr_file} ${update_pk_file} ${old_cert_base64} ${old_pk_file}
124 Should Be Equal As Strings ${resp.status_code} 400
126 Send Update Request With Missing Header And Expect Error
127 [Documentation] Send update request to passed url and expect wrong header response
128 [Arguments] ${update_path} ${update_csr_file} ${update_pk_file} ${old_cert_base64} ${old_pk_file} ${header_to_remove}
129 ${headers}= Create Header for Certificate Update ${update_csr_file} ${update_pk_file} ${old_cert_base64} ${old_pk_file}
130 Remove From Dictionary ${headers} ${header_to_remove}
131 ${resp}= Get Request ${https_valid_cert_session} ${update_path} headers=${headers}
132 Should Be Equal As Strings ${resp.status_code} 400
134 Send Initialization Request And Update Request And Check Status Code
135 [Documentation] Send certificate update request and check status code
136 [Arguments] ${path} ${update_path} ${csr_file} ${pk_file} ${update_csr_file} ${update_pk_file} ${expected_status_code}
137 ${old_cert}= Send Certificate Initialization Request And Return Certificate ${path} ${csr_file} ${pk_file}
138 ${resp}= Send Certificate Update Request And Return Response ${update_path} ${update_csr_file} ${update_pk_file} ${old_cert} ${pk_file}
139 Should Be Equal As Strings ${resp.status_code} ${expected_status_code}
141 Send Certificate Initialization Request And Return Certificate
142 [Documentation] Send certificate initialization request and return base64 encoded certificate from response
143 [Arguments] ${path} ${csr_file} ${pk_file}
144 [Return] ${base64Certificate}
145 ${resp}= Send Get Request with Header ${path} ${csr_file} ${pk_file}
146 ${json}= Evaluate json.loads(r"""${resp.content}""", strict=False) json
147 ${base64Certificate}= Parse Response ${json}
149 Send Certificate Update Request And Return Response
150 [Documentation] Send certificate update request and return response code
151 [Arguments] ${path} ${csr_file} ${pk_file} ${old_cert} ${old_pk_file}
153 ${headers}= Create Header for Certificate Update ${csr_file} ${pk_file} ${old_cert} ${old_pk_file}
154 ${resp}= Get Request ${https_valid_cert_session} ${path} headers=${headers}
156 Create Header for Certificate Update
157 [Documentation] Create header with CSR and PK, OLD_CERT and OLD_PK
158 [Arguments] ${csr_file} ${pk_file} ${old_cert} ${old_pk_file}
160 ${csr}= Get Data From File ${csr_file}
161 ${pk}= Get Data From File ${pk_file}
162 ${old_pk}= Get Data From File ${old_pk_file}
163 ${headers}= Create Dictionary CSR=${csr} PK=${pk} OLD_CERT=${old_cert} OLD_PK=${old_pk}
165 Verify Key Update Request Sent By Cert Service
166 [Documentation] Verify that request was key update request
167 [Arguments] ${start_time}
168 ${result}= Run Process docker logs oomcert-service --since ${start_time} shell=yes
169 Should Contain ${result.stdout} ${EXPECTED_KUR_LOG}
171 Verify Certification Request Sent By Cert Service
172 [Documentation] Verify that request was certification request
173 [Arguments] ${start_time}
174 ${result}= Run Process docker logs oomcert-service --since ${start_time} shell=yes
175 Should Contain ${result.stdout} ${EXPECTED_CR_LOG}
177 Get Current Timestamp For Docker Log
178 [Documentation] Gets current timestamp valid for docker
179 [Return] ${timestamp}
180 ${timestamp}= Get Current Date result_format=%Y-%m-%dT%H:%M:%S.%f
182 Run Cert Service Client And Validate PKCS12 File Creation And Client Exit Code
183 [Documentation] Run Cert Service Client Container And Validate Exit Code
184 [Arguments] ${env_file} ${expected_exit_code}
185 [Teardown] Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path
186 ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK}
187 ${can_open}= Can Open Keystore And Truststore With Pass
188 Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code}
189 Should Be True ${can_open} Cannot Open Keystore/TrustStore by passpshase
191 Run Cert Service Client And Validate JKS File Creation And Client Exit Code
192 [Documentation] Run Cert Service Client Container And Validate Exit Code
193 [Arguments] ${env_file} ${expected_exit_code}
194 [Teardown] Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path
195 ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK}
196 ${can_open}= Can Open Keystore And Truststore With Pass Jks
197 Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code}
198 Should Be True ${can_open} Cannot Open Keystore/TrustStore by passpshase
200 Run Cert Service Client And Validate PKCS12 Files Contain Expected Data
201 [Documentation] Run Cert Service Client Container And Validate PKCS12 Files Contain Expected Data
202 [Arguments] ${env_file} ${expected_exit_code}
203 [Teardown] Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path_with_data
204 ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK}
205 ${data} ${isEqual}= Get And Compare Data P12 ${env_file}
206 Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code}
207 Should Be True ${isEqual} Keystore doesn't contain ${data.expectedData}. Actual data is: ${data.actualData}
209 Run Cert Service Client And Validate JKS Files Contain Expected Data
210 [Documentation] Run Cert Service Client Container And Validate JKS Files Contain Expected Data
211 [Arguments] ${env_file} ${expected_exit_code}
212 [Teardown] Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path_with_data
213 ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK}
214 ${data} ${isEqual}= Get And Compare Data Jks ${env_file}
215 Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code}
216 Should Be True ${isEqual} Keystore doesn't contain ${data.expectedData}. Actual data is: ${data.actualData}
218 Run Cert Service Client And Validate PEM Files Contain Expected Data
219 [Documentation] Run Cert Service Client Container And Validate PEM Files Contain Expected Data
220 [Arguments] ${env_file} ${expected_exit_code}
221 [Teardown] Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path_with_data
222 ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK}
223 ${existNotEmpty}= Artifacts Exist And Are Not Empty
224 ${data} ${isEqual}= Get And Compare Data Pem ${env_file}
225 Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code}
226 Should Be True ${existNotEmpty} PEM artifacts not created properly
227 Should Be True ${isEqual} Keystore doesn't contain ${data.expectedData}. Actual data is: ${data.actualData}
229 Run Cert Service Client And Validate Http Response Code And Client Exit Code
230 [Documentation] Run Cert Service Client Container And Validate Exit Code
231 [Arguments] ${env_file} ${expected_api_response_code} ${expected_exit_code}
232 ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK}
233 ${can_find_API_response}= Can Find Api Response In Logs ${CLIENT_CONTAINER_NAME}
234 ${api_response_code}= Get Api Response From Logs ${CLIENT_CONTAINER_NAME}
235 [Teardown] Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} negative_path
236 Should Be True ${can_find_API_response} Cannot Find API response in logs
237 Should Be Equal As Strings ${api_response_code} ${expected_api_response_code} API return ${api_response_code} but expected: ${expected_api_response_code}
238 Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return unexpected exit code return: ${exitcode} , but expected: ${expected_exit_code}
240 Run Cert Service Client And Validate Client Exit Code
241 [Documentation] Run Cert Service Client Container And Validate Exit Code
242 [Arguments] ${env_file} ${expected_exit_code}
243 [Teardown] Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} negative_path
244 ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK}
245 Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return unexpected exit code return: ${exitcode} , but expected: ${expected_exit_code}