Code Review / policy / engine.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Initial OpenECOMP policy/engine commit
[policy/engine.git] / PyPDPServer / src / test / java / testpypdp / AuthorizationTest.java
1 /*-
2  * ============LICENSE_START=======================================================
3  * ECOMP Policy Engine
4  * ================================================================================
5  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6  * ================================================================================
7  * Licensed under the Apache License, Version 2.0 (the "License");
8  * you may not use this file except in compliance with the License.
9  * You may obtain a copy of the License at
10  * 
11  *      http://www.apache.org/licenses/LICENSE-2.0
12  * 
13  * Unless required by applicable law or agreed to in writing, software
14  * distributed under the License is distributed on an "AS IS" BASIS,
15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * See the License for the specific language governing permissions and
17  * limitations under the License.
18  * ============LICENSE_END=========================================================
19  */
20
21 package testpypdp;
22
23 import static org.mockito.Mockito.mock;
24 import static org.mockito.Mockito.verify;
25 import static org.mockito.Mockito.when;
26
27 import java.io.IOException;
28
29 import javax.servlet.FilterChain;
30 import javax.servlet.ServletException;
31 import javax.servlet.http.HttpServletRequest;
32 import javax.servlet.http.HttpServletResponse;
33
34 import org.junit.After;
35 import org.junit.Before;
36 import org.junit.Test;
37
38 import org.openecomp.policy.pypdp.authorization.AuthenticationFilter;
39
40 /*
41  * Authentication Filter Testing
42  */
43 public class AuthorizationTest {
44         private static final String MASTERCLIENT= "cHl0aG9uOnRlc3Q=";
45         /*private static final String CONFIGCLIENT= "Y29uZmlnOmNvbmZpZw==";
46         private static final String ACTIONCLIENT= "YWN0aW9uOmFjdGlvbg==";
47         private static final String DECIDECLIENT= "ZGVjaWRlOmRlY2lkZQ==";
48         private static final String CREATECLIENT= "Y3JlYXRlOmNyZWF0ZQ==";
49         private static final String DELETECLIENT= "ZGVsZXRlOmRlbGV0ZQ==";*/
50         
51         private AuthenticationFilter authenticationFilter = new AuthenticationFilter(); 
52         
53         @Before
54         public void setUp() throws Exception{
55                 authenticationFilter.init(null);
56         }
57         
58         @Test
59         public void testDoFilterError() throws IOException, ServletException {
60             // create the objects to be mocked
61             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
62             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
63             FilterChain filterChain = mock(FilterChain.class);
64             //
65             when(httpServletRequest.getRequestURI()).thenReturn("error");
66
67             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
68                     filterChain);
69
70             // verify if unauthorized
71             verify(httpServletResponse).setStatus(HttpServletResponse.SC_BAD_REQUEST);
72         }
73         
74         @Test
75         public void testDoFilterNotification() throws IOException, ServletException {
76             // create the objects to be mocked
77             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
78             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
79             FilterChain filterChain = mock(FilterChain.class);
80             // 
81             when(httpServletRequest.getRequestURI()).thenReturn("org.openecomp.policy.pypdp.notifications swagger api-docs configuration");
82
83             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
84                     filterChain);
85
86             verify(filterChain).doFilter(httpServletRequest,httpServletResponse);
87         }
88         
89         /*@Test
90         public void testDoFilterWrongAuthenticaton() throws IOException, ServletException {
91             // create the objects to be mocked
92             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
93             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
94             FilterChain filterChain = mock(FilterChain.class);
95             // 
96             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("error");
97             when(httpServletRequest.getRequestURI()).thenReturn("getConfig");
98
99             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
100                     filterChain);
101
102             // verify if unauthorized
103             verify(httpServletResponse).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
104         }*/
105         
106         /*@Test
107         public void testDoFilterWrongClientAuthenticaton() throws IOException, ServletException {
108             // create the objects to be mocked
109             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
110             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
111             FilterChain filterChain = mock(FilterChain.class);
112             // 
113             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("Basic dGVzdHJlc3Q6c2VjVXJl");
114             when(httpServletRequest.getRequestURI()).thenReturn("getConfig");
115             when(httpServletRequest.getHeader("ClientAuth")).thenReturn("Error");
116             
117             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
118                     filterChain);
119             // verify if unauthorized
120             verify(httpServletResponse).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
121         }*/
122         
123         @Test
124         public void testDoFilterWrongClientAuthenticatonCount() throws IOException, ServletException {
125             // create the objects to be mocked
126             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
127             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
128             FilterChain filterChain = mock(FilterChain.class);
129             // 
130             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("Basic dGVzdHJlc3Q6c2VjVXJl");
131             when(httpServletRequest.getRequestURI()).thenReturn("count");
132             when(httpServletRequest.getHeader("ClientAuth")).thenReturn("Error");
133
134             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
135                     filterChain);
136
137             verify(filterChain).doFilter(httpServletRequest,httpServletResponse);
138         }
139         
140         /*@Test
141         public void testDoFilterWrongGetConfigAuthorization() throws IOException, ServletException {
142             // create the objects to be mocked
143             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
144             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
145             FilterChain filterChain = mock(FilterChain.class);
146             // 
147             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("Basic dGVzdHJlc3Q6c2VjVXJl");
148             when(httpServletRequest.getRequestURI()).thenReturn("getConfig");
149             when(httpServletRequest.getHeader("ClientAuth")).thenReturn(ACTIONCLIENT);
150
151             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
152                     filterChain);
153             // verify if unauthorized
154             verify(httpServletResponse).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
155         }*/
156         
157         /*@Test
158         public void testDoFilterWrongSendEventAuthorization() throws IOException, ServletException {
159             // create the objects to be mocked
160             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
161             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
162             FilterChain filterChain = mock(FilterChain.class);
163             // 
164             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("Basic dGVzdHJlc3Q6c2VjVXJl");
165             when(httpServletRequest.getRequestURI()).thenReturn("sendEvent");
166             when(httpServletRequest.getHeader("ClientAuth")).thenReturn(CONFIGCLIENT);
167             
168             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
169                     filterChain);
170             // verify if unauthorized
171             verify(httpServletResponse).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
172         }*/
173         
174         /*@Test
175         public void testDoFilterWrongUpdatePolicyAuthorization() throws IOException, ServletException {
176             // create the objects to be mocked
177             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
178             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
179             FilterChain filterChain = mock(FilterChain.class);
180             // 
181             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("Basic dGVzdHJlc3Q6c2VjVXJl");
182             when(httpServletRequest.getRequestURI()).thenReturn("updatePolicy");
183             when(httpServletRequest.getHeader("ClientAuth")).thenReturn(ACTIONCLIENT);
184             
185             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
186                     filterChain);
187             // verify if unauthorized
188             verify(httpServletResponse).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
189         }*/
190         
191         /*@Test
192         public void testDoFilterWrongCreatePolicyAuthorization() throws IOException, ServletException {
193             // create the objects to be mocked
194             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
195             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
196             FilterChain filterChain = mock(FilterChain.class);
197             // 
198             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("Basic dGVzdHJlc3Q6c2VjVXJl");
199             when(httpServletRequest.getRequestURI()).thenReturn("createPolicy");
200             when(httpServletRequest.getHeader("ClientAuth")).thenReturn(ACTIONCLIENT);
201             
202             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
203                     filterChain);
204             // verify if unauthorized
205             verify(httpServletResponse).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
206         }*/
207         
208         /*@Test
209         public void testDoFilterWrongPushPolicyAuthorization() throws IOException, ServletException {
210             // create the objects to be mocked
211             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
212             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
213             FilterChain filterChain = mock(FilterChain.class);
214             // 
215             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("Basic dGVzdHJlc3Q6c2VjVXJl");
216             when(httpServletRequest.getRequestURI()).thenReturn("pushPolicy");
217             when(httpServletRequest.getHeader("ClientAuth")).thenReturn(DELETECLIENT);
218
219             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
220                     filterChain);
221             // verify if unauthorized
222             verify(httpServletResponse).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
223         }*/
224         
225         /*@Test
226         public void testDoFilterWrongDeletePolicyAuthorization() throws IOException, ServletException {
227             // create the objects to be mocked
228             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
229             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
230             FilterChain filterChain = mock(FilterChain.class);
231             // 
232             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("Basic dGVzdHJlc3Q6c2VjVXJl");
233             when(httpServletRequest.getRequestURI()).thenReturn("deletePolicy");
234             when(httpServletRequest.getHeader("ClientAuth")).thenReturn(DECIDECLIENT);
235
236             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
237                     filterChain);
238             // verify if unauthorized
239             verify(httpServletResponse).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
240         }*/
241         
242         /*@Test
243         public void testDoFilterWrongDecidePolicyAuthorization() throws IOException, ServletException {
244             // create the objects to be mocked
245             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
246             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
247             FilterChain filterChain = mock(FilterChain.class);
248             // 
249             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("Basic dGVzdHJlc3Q6c2VjVXJl");
250             when(httpServletRequest.getRequestURI()).thenReturn("getDecision");
251             when(httpServletRequest.getHeader("ClientAuth")).thenReturn(CREATECLIENT);
252
253             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
254                     filterChain);
255             // verify if unauthorized
256             verify(httpServletResponse).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
257         }*/
258         
259         @Test
260         public void testDoFilterAuthorizedError() throws IOException, ServletException {
261             // create the objects to be mocked
262             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
263             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
264             FilterChain filterChain = mock(FilterChain.class);
265             // 
266             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("Basic dGVzdHJlc3Q6c2VjVXJl");
267             when(httpServletRequest.getRequestURI()).thenReturn("error");
268             when(httpServletRequest.getHeader("ClientAuth")).thenReturn(MASTERCLIENT);
269
270             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
271                     filterChain);
272             // verify if unauthorized
273             verify(httpServletResponse).setStatus(HttpServletResponse.SC_BAD_REQUEST);
274         }
275         
276         @Test
277         public void testDoFilterAuthorizedPDPs() throws IOException, ServletException {
278             // create the objects to be mocked
279             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
280             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
281             FilterChain filterChain = mock(FilterChain.class);
282             // 
283             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("Basic dGVzdHJlc3Q6c2VjVXJl");
284             when(httpServletRequest.getRequestURI()).thenReturn("pdps paps");
285             when(httpServletRequest.getHeader("ClientAuth")).thenReturn(MASTERCLIENT);
286
287             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
288                     filterChain);
289             
290             verify(filterChain).doFilter(httpServletRequest,httpServletResponse);
291         }
292         
293         @Test
294         public void testDoFilterDecideAuthorized() throws IOException, ServletException {
295             // create the objects to be mocked
296             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
297             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
298             FilterChain filterChain = mock(FilterChain.class);
299             // 
300             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("Basic dGVzdHJlc3Q6c2VjVXJl");
301             when(httpServletRequest.getRequestURI()).thenReturn("getDecision");
302             when(httpServletRequest.getHeader(AuthenticationFilter.ENVIRONMENT_HEADER)).thenReturn("DEVL");
303
304             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
305                     filterChain);
306
307             verify(filterChain).doFilter(httpServletRequest,httpServletResponse);
308         }
309         
310         @Test
311         public void testDoFilterDeleteAuthorized() throws IOException, ServletException {
312             // create the objects to be mocked
313             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
314             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
315             FilterChain filterChain = mock(FilterChain.class);
316             // 
317             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("Basic dGVzdHJlc3Q6c2VjVXJl");
318             when(httpServletRequest.getRequestURI()).thenReturn("deletePolicy");
319             when(httpServletRequest.getHeader(AuthenticationFilter.ENVIRONMENT_HEADER)).thenReturn("DEVL");
320
321             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
322                     filterChain);
323
324             verify(filterChain).doFilter(httpServletRequest,httpServletResponse);
325         }
326         
327         @Test
328         public void testDoFilterEventAuthorized() throws IOException, ServletException {
329             // create the objects to be mocked
330             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
331             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
332             FilterChain filterChain = mock(FilterChain.class);
333             // 
334             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("Basic dGVzdHJlc3Q6c2VjVXJl");
335             when(httpServletRequest.getRequestURI()).thenReturn("sendEvent");
336             when(httpServletRequest.getHeader(AuthenticationFilter.ENVIRONMENT_HEADER)).thenReturn("DEVL");
337
338             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
339                     filterChain);
340
341             verify(filterChain).doFilter(httpServletRequest,httpServletResponse);
342         }
343         
344         @Test
345         public void testDoFilterCreateAuthorized() throws IOException, ServletException {
346             // create the objects to be mocked
347             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
348             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
349             FilterChain filterChain = mock(FilterChain.class);
350             // 
351             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("Basic dGVzdHJlc3Q6c2VjVXJl");
352             when(httpServletRequest.getRequestURI()).thenReturn("createPolicy pushPolicy updatePolicy");
353             when(httpServletRequest.getHeader(AuthenticationFilter.ENVIRONMENT_HEADER)).thenReturn("DEVL");
354
355             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
356                     filterChain);
357
358             verify(filterChain).doFilter(httpServletRequest,httpServletResponse);
359         }
360         
361         @Test
362         public void testDoFilterConfigAuthorized() throws IOException, ServletException {
363             // create the objects to be mocked
364             HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
365             HttpServletResponse httpServletResponse = mock(HttpServletResponse.class);
366             FilterChain filterChain = mock(FilterChain.class);
367             // 
368             when(httpServletRequest.getHeader(AuthenticationFilter.AUTHENTICATION_HEADER)).thenReturn("Basic dGVzdHJlc3Q6c2VjVXJl");
369             when(httpServletRequest.getRequestURI()).thenReturn("getConfig");
370             when(httpServletRequest.getHeader(AuthenticationFilter.ENVIRONMENT_HEADER)).thenReturn("DEVL");
371
372             authenticationFilter.doFilter(httpServletRequest, httpServletResponse,
373                     filterChain);
374
375             verify(filterChain).doFilter(httpServletRequest,httpServletResponse);
376         }
377         
378         @After
379         public void tearDown(){
380                 authenticationFilter.destroy();
381         }
382 }
-- Archived 06/09/2021