Remove certOnly and basicAuth from authentication methods CSIT VES
Issue-ID: DCAEGEN2-1776
Signed-off-by: Aleksandra Maciaga <aleksandra.maciaga@nokia.com>
Change-Id: I7e087f70d3458e8477b5cb35132b526bddbb7df2
diff --git a/tests/dcaegen2/testcases/resources/DMaaP.py b/tests/dcaegen2/testcases/resources/DMaaP.py
index 092b608..779397e 100644
--- a/tests/dcaegen2/testcases/resources/DMaaP.py
+++ b/tests/dcaegen2/testcases/resources/DMaaP.py
@@ -17,8 +17,6 @@
import json
import DcaeVariables
import SimpleHTTPServer
-from robot.api import logger
-
try:
from cStringIO import StringIO
@@ -42,10 +40,6 @@
if DcaeVariables.VESEventQ is not None:
try:
DcaeVariables.VESEventQ.put(evt)
- if DcaeVariables.IsRobotRun:
- logger.console("DMaaP Event enqued - size=" + str(len(evt)))
- else:
- print ("DMaaP Event enqueued - size=" + str(len(evt)))
return True
except Exception as e:
print (str(e))
@@ -55,18 +49,14 @@
def deque_event(wait_sec=25):
if DcaeVariables.IsRobotRun:
- logger.console("Enter DequeEvent")
+ pass
try:
evt = DcaeVariables.VESEventQ.get(True, wait_sec)
- if DcaeVariables.IsRobotRun:
- logger.console("DMaaP Event dequeued - size=" + str(len(evt)))
- else:
- print("DMaaP Event dequeued - size=" + str(len(evt)))
return evt
except Exception as e:
if DcaeVariables.IsRobotRun:
- logger.console(str(e))
- logger.console("DMaaP Event dequeue timeout")
+ pass
+
else:
print("DMaaP Event dequeue timeout")
return None
@@ -79,7 +69,6 @@
return
def do_POST(self):
-
resp_code = 0
# Parse the form data posted
'''
@@ -120,12 +109,6 @@
content_len = int(self.headers.getheader('content-length', 0))
post_body = self.rfile.read(content_len)
- if DcaeVariables.IsRobotRun:
- logger.console("\n" + "DMaaP Receive Event:\n" + post_body)
- else:
- print("\n" + "DMaaP Receive Event:")
- print (post_body)
-
indx = post_body.index("{")
if indx != 0:
post_body = post_body[indx:]
@@ -168,7 +151,6 @@
self.send_response(200)
self.send_header('Content-Type', 'application/json')
self.end_headers()
- # self.wfile.write("{'responses' : {'200' : {'description' : 'Success'}}}")
self.wfile.write("{'count': 1, 'serverTimeMs': 3}")
self.wfile.close()
else:
diff --git a/tests/dcaegen2/testcases/resources/DcaeLibrary.py b/tests/dcaegen2/testcases/resources/DcaeLibrary.py
index d4188e3..6b96826 100644
--- a/tests/dcaegen2/testcases/resources/DcaeLibrary.py
+++ b/tests/dcaegen2/testcases/resources/DcaeLibrary.py
@@ -64,7 +64,7 @@
return "false"
@staticmethod
- def enable_vesc_https_auth():
+ def enable_vesc_with_certBasicAuth():
global client
if 'Windows' in platform.system():
try:
@@ -85,14 +85,13 @@
logger.console("Running script: " + script2run)
subprocess.call(script2run)
time.sleep(5)
- return
-
+ return
+
@staticmethod
def dmaap_message_receive(evtobj, action='contain'):
evt_str = DMaaP.deque_event()
while evt_str != None:
- logger.console("DMaaP receive VES Event:\n" + evt_str)
if action == 'contain':
if evtobj in evt_str:
logger.info("DMaaP Receive Expected Publish Event:\n" + evt_str)
diff --git a/tests/dcaegen2/testcases/resources/collector.properties b/tests/dcaegen2/testcases/resources/collector.properties
index 1c5c841..c555e48 100755
--- a/tests/dcaegen2/testcases/resources/collector.properties
+++ b/tests/dcaegen2/testcases/resources/collector.properties
@@ -11,64 +11,55 @@
## Normally:
##
## - 8080 is http service
-## - https is disabled by default (-1)
+## - https is disabled by default
##
## - At this time, the server always binds to 0.0.0.0
##
-## The default port when header.authflag is disabled (0)
-#collector.service.port=8080
+##
+collector.service.port=8080
-## The secure port is required if header.authflag is set to 1 (true)
## Authentication is only supported via secure port
## When enabled - require valid keystore defined
collector.service.secure.port=8443
+# auth.method flags:
+#
+# noAuth - default option - no security (http)
+# certOnly - auth by certificate (https)
+# basicAuth - auth by basic auth username and password (https)
+# certBasicAuth - auth by certificate and basic auth username / password (https)
+auth.method=certBasicAuth
+
+## Combination of userid,hashPassword encoded pwd list to be supported
+## userid and pwd comma separated; pipe delimitation between each pair
+## Password is generated by crypt-password library using BCrypt algorithm stored in dcaegen2/sdk package
+## or https://nexus.onap.org/#nexus-search;quick~crypt-password
+header.authlist=sample1,$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6
+
## The keystore must be setup per installation when secure port is configured
-collector.keystore.file.location=../etc/keystore
-collector.keystore.passwordfile=./etc/passwordfile
-collector.keystore.alias=tomcat
+collector.keystore.file.location=etc/keystore
+collector.keystore.passwordfile=etc/passwordfile
+collector.cert.subject.matcher=etc/certSubjectMatcher.properties
-###############################################################################
-## Processing
-##
-## If there's a problem that prevents the collector from processing alarms,
-## it's normally better to apply back pressure to the caller than to try to
-## buffer beyond a reasonable size limit. With a limit, the server won't crash
-## due to being out of memory, and the caller will get a 5xx reply saying the
-## server is in trouble.
-collector.inputQueue.maxPending=8096
+## The truststore must be setup per installation when mutual tls support is configured
+collector.truststore.file.location=etc/truststore
+collector.truststore.passwordfile=etc/trustpasswordfile
## Schema Validation checkflag
## default no validation checkflag (-1)
## If enabled (1) - schemafile location must be specified
collector.schema.checkflag=1
-collector.schema.file={\"v1\":\"./etc/CommonEventFormat_27.2.json\",\"v2\":\"./etc/CommonEventFormat_27.2.json\",\"v3\":\"./etc/CommonEventFormat_27.2.json\",\"v4\":\"./etc/CommonEventFormat_27.2.json\",\"v5\":\"./etc/CommonEventFormat_28.3.json\"}
+collector.schema.file={\"v1\":\"./etc/CommonEventFormat_27.2.json\",\"v2\":\"./etc/CommonEventFormat_27.2.json\",\"v3\":\"./etc/CommonEventFormat_27.2.json\",\"v4\":\"./etc/CommonEventFormat_27.2.json\",\"v5\":\"./etc/CommonEventFormat_28.4.1.json\",\"v7\":\"./etc/CommonEventFormat_30.0.1.json\"}
-## List all streamid per domain to be supported. The streamid should match to channel name on dmaapfile
-collector.dmaap.streamid=fault=sec_fault|syslog=sec_syslog|heartbeat=sec_heartbeat|measurementsForVfScaling=sec_measurement|mobileFlow=sec_mobileflow|other=sec_other|stateChange=sec_statechange|thresholdCrossingAlert=sec_thresholdCrossingAlert|voiceQuality=ves_voicequality|sipSignaling=ves_sipsignaling
+## List all streamid per domain to be supported. The streamid should match to channel name on dmaapfile
+collector.dmaap.streamid=fault=ves-fault|syslog=ves-syslog|heartbeat=ves-heartbeat|measurementsForVfScaling=ves-measurement|mobileFlow=ves-mobileflow|other=ves-other|stateChange=ves-statechange|thresholdCrossingAlert=ves-thresholdCrossingAlert|voiceQuality=ves-voicequality|sipSignaling=ves-sipsignaling|notification=ves-notification|pnfRegistration=ves-pnfRegistration
collector.dmaapfile=./etc/DmaapConfig.json
-## Custom ExceptionConfiguration
-exceptionConfig=./etc/ExceptionConfig.json
-
-## authflag control authentication by the collector
-## If enabled (1) - then authlist has to be defined
-## When authflag is enabled, only secure port will be supported
-## To disable enter 0
-header.authflag=1
-## Combination of userid,base64 encoded pwd list to be supported
-## userid and pwd comma separated; pipe delimitation between each pair
-header.authlist=sample1,c2FtcGxlMQ==|vdnsagg,dmRuc2FnZw==
-
## Event transformation Flag - when set expects configurable transformation
## defined under ./etc/eventTransform.json
## Enabled by default; to disable set to 0
event.transform.flag=0
-###############################################################################
-##
-## Tomcat control
-##
-#tomcat.maxthreads=(tomcat default, which is usually 200)
-
+# Describes at what frequency (measured in minutes) should application try to fetch config from CBS
+collector.dynamic.config.update.frequency=5
diff --git a/tests/dcaegen2/testcases/resources/dcae_keywords.robot b/tests/dcaegen2/testcases/resources/dcae_keywords.robot
index 013f6f0..c4cdbb9 100644
--- a/tests/dcaegen2/testcases/resources/dcae_keywords.robot
+++ b/tests/dcaegen2/testcases/resources/dcae_keywords.robot
@@ -1,7 +1,7 @@
*** Settings ***
Documentation The main interface for interacting with DCAE. It handles low level stuff like managing the http request library and DCAE required fields
Library RequestsLibrary
-Library DcaeLibrary
+Library DcaeLibrary
Library OperatingSystem
Library Collections
Variables ../resources/DcaeVariables.py
@@ -10,6 +10,7 @@
*** Variables ***
${DCAE_HEALTH_CHECK_BODY} %{WORKSPACE}/tests/dcae/testcases/assets/json_events/dcae_healthcheck.json
+
*** Keywords ***
Create sessions
[Documentation] Create all required sessions
@@ -18,6 +19,17 @@
${auth}= Create List ${VESC_HTTPS_USER} ${VESC_HTTPS_PD}
Create Session dcae_vesc_url_https ${VESC_URL_HTTPS} auth=${auth} disable_warnings=1
Set Suite Variable ${suite_dcae_vesc_url_https_session} dcae_vesc_url_https
+ ${wrong_auth}= Create List ${VESC_HTTPS_WRONG_USER} ${VESC_HTTPS_WRONG_PD}
+ Create Session dcae_vesc_url_https_wrong_auth ${VESC_URL_HTTPS} auth=${wrong_auth} disable_warnings=1
+ Set Suite Variable ${suite_dcae_vesc_url_https_wrong_auth_session} dcae_vesc_url_https_wrong_auth
+ ${certs}= Create List ${VESC_ROOTCA_CERT} ${VESC_ROOTCA_KEY}
+ Create Client Cert Session dcae_vesc_url_https_cert ${VESC_URL_HTTPS} client_certs=${certs} disable_warnings=1
+ Set Suite Variable ${suite_dcae_vesc_url_https_cert_session} dcae_vesc_url_https_cert
+ ${wrong_certs}= Create List ${VESC_WRONG_CERT} ${VESC_WRONG_KEY}
+ Create Client Cert Session dcae_vesc_url_https_wrong_cert ${VESC_URL_HTTPS} client_certs=${wrong_certs} disable_warnings=1 verify=${False}
+ Set Suite Variable ${suite_dcae_vesc_url_https_wrong_cert_session} dcae_vesc_url_https_wrong_cert
+ Create Session dcae_vesc_url_https_wo_auth ${VESC_URL_HTTPS} disable_warnings=1
+ Set Suite Variable ${suite_dcae_vesc_url_https_wo_auth_session} dcae_vesc_url_https_wo_auth
Create header
${headers}= Create Dictionary Content-Type=application/json
@@ -33,8 +45,8 @@
Log Received response from dcae consul: ${resp.json()}
Should Be Equal As Strings ${resp.status_code} 200
${NodeList}= Get Json Value List ${resp.text} Node
- ${NodeListLength}= Get Length ${NodeList}
- ${len}= Get Length ${NodeList}
+ ${NodeListLength}= Get Length ${NodeList}
+ ${len}= Get Length ${NodeList}
Should Not Be Equal As Integers ${len} 0
[Return] ${NodeList}
@@ -56,7 +68,7 @@
DCAE Check Health Status
[Arguments] ${NodeName} ${ItemStatus} ${CheckType}
- Should Be Equal As Strings ${ItemStatus} passing
+ Should Be Equal As Strings ${ItemStatus} passing
Log Node: ${NodeName} ${CheckType} check pass ok
VES Collector Suite Setup DMaaP
@@ -76,11 +88,11 @@
@{headers}= Get From Dictionary ${json['returns']} columns
# Retrieve column names from headers
${columns}= Create List
- :for ${header} in @{headers}
+ :for ${header} IN @{headers}
\ ${colName}= Get From Dictionary ${header} colName
\ Append To List ${columns} ${colName}
# Process each row making sure status=GREEN
- :for ${row} in @{rows}
+ :for ${row} IN @{rows}
\ ${cells}= Get From Dictionary ${row} cells
\ ${dict}= Make A Dictionary ${cells} ${columns}
\ Dictionary Should Contain Item ${dict} healthTestStatus GREEN
@@ -91,15 +103,15 @@
${dict}= Create Dictionary
${collength}= Get Length ${columns}
${namelength}= Get Length ${names}
- :for ${index} in range 0 ${collength}
+ :for ${index} IN RANGE 0 ${collength}
\ ${name}= Evaluate ${names}[${index}]
\ ${valued}= Evaluate ${columns}[${index}]
\ ${value}= Get From Dictionary ${valued} ${valueName}
- \ Set To Dictionary ${dict} ${name} ${value}
+ \ Set To Dictionary ${dict} ${name} ${value}
[Return] ${dict}
Json String To Dictionary
- [Arguments] ${json_string}
+ [Arguments] ${json_string}
${json_dict}= evaluate json.loads('''${json_string}''') json
[Return] ${json_dict}
@@ -110,7 +122,7 @@
Get DCAE Service Component Status
[Documentation] Get the status of a DCAE Service Component
- [Arguments] ${url} ${urlpath} ${usr} ${passwd}
+ [Arguments] ${url} ${urlpath} ${usr} ${passwd}
${auth}= Create List ${usr} ${passwd}
${session}= Create Session dcae-service-component ${url} auth=${auth}
${resp}= Get Request dcae-service-component ${urlpath}
@@ -120,26 +132,46 @@
[Documentation] Send an event to VES Collector
[Arguments] ${evtpath} ${evtdata}
${resp}= Post Request ${suite_dcae_vesc_url_session} ${evtpath} data=${evtdata} headers=${suite_headers}
- #Log Received response from dcae ${resp.json()}
[Return] ${resp}
Publish Event To VES Collector
[Documentation] Send an event to VES Collector
[Arguments] ${evtpath} ${evtdata}
${resp}= Post Request ${suite_dcae_vesc_url_https_session} ${evtpath} data=${evtdata} headers=${suite_headers}
- #Log Received response from dcae ${resp.json()}
[Return] ${resp}
Publish Event To VES Collector With Put Method
[Documentation] Send an event to VES Collector
[Arguments] ${evtpath} ${evtdata}
${resp}= Put Request ${suite_dcae_vesc_url_https_session} ${evtpath} data=${evtdata} headers=${suite_headers}
- #Log Received response from dcae ${resp.json()}
[Return] ${resp}
Publish Event To VES Collector With Put Method No Auth
[Documentation] Send an event to VES Collector
[Arguments] ${evtpath} ${evtdata}
${resp}= Put Request ${suite_dcae_vesc_url_session} ${evtpath} data=${evtdata} headers=${suite_headers}
- #Log Received response from dcae ${resp.json()}
[Return] ${resp}
+
+Publish Event To VES Collector With Wrong Auth
+ [Documentation] Send an event to VES Collector by session with wrong auth
+ [Arguments] ${evtpath} ${evtdata}
+ ${resp}= Post Request ${suite_dcae_vesc_url_https_wrong_auth_session} ${evtpath} data=${evtdata} headers=${suite_headers}
+ [Return] ${resp}
+
+Publish Event To VES Collector With Cert
+ [Documentation] Send an event to VES Collector by session with certs
+ [Arguments] ${evtpath} ${evtdata}
+ ${resp}= Post Request ${suite_dcae_vesc_url_https_cert_session} ${evtpath} data=${evtdata} headers=${suite_headers}
+ [Return] ${resp}
+
+Publish Event To VES Collector With Wrong Cert
+ [Documentation] Send an event to VES Collector by session with wrong certs
+ [Arguments] ${evtpath} ${evtdata}
+ ${resp}= Post Request ${suite_dcae_vesc_url_https_wrong_cert_session} ${evtpath} data=${evtdata} headers=${suite_headers}
+ [Return] ${resp}
+
+Publish Event To VES Collector Without Auth And Cert
+ [Documentation] Send an event to VES Collector by session without Auth and Cert
+ [Arguments] ${evtpath} ${evtdata}
+ ${resp}= Post Request ${suite_dcae_vesc_url_https_wo_auth_session} ${evtpath} data=${evtdata} headers=${suite_headers}
+ [Return] ${resp}
diff --git a/tests/dcaegen2/testcases/resources/dcae_properties.robot b/tests/dcaegen2/testcases/resources/dcae_properties.robot
index 135ff26..7505fab 100644
--- a/tests/dcaegen2/testcases/resources/dcae_properties.robot
+++ b/tests/dcaegen2/testcases/resources/dcae_properties.robot
@@ -12,3 +12,9 @@
${GLOBAL_DCAE_PASSWORD} ZjJkYjllMjljMTI2M2Iz
${VESC_HTTPS_USER} sample1
${VESC_HTTPS_PD} sample1
+${VESC_HTTPS_WRONG_PD} sample
+${VESC_HTTPS_WRONG_USER} sample
+${VESC_ROOTCA_CERT} %{WORKSPACE}/tests/dcaegen2/testcases/assets/certs/rootCA.crt
+${VESC_ROOTCA_KEY} %{WORKSPACE}/tests/dcaegen2/testcases/assets/certs/rootCAdec.key
+${VESC_WRONG_CERT} %{WORKSPACE}/tests/dcaegen2/testcases/assets/certs/wrong.crt
+${VESC_WRONG_KEY} %{WORKSPACE}/tests/dcaegen2/testcases/assets/certs/wrong.key
\ No newline at end of file
diff --git a/tests/dcaegen2/testcases/resources/vesc_enable_https_auth.sh b/tests/dcaegen2/testcases/resources/vesc_enable_https_auth.sh
index 0755f07..29700bc 100755
--- a/tests/dcaegen2/testcases/resources/vesc_enable_https_auth.sh
+++ b/tests/dcaegen2/testcases/resources/vesc_enable_https_auth.sh
@@ -14,10 +14,10 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-docker exec -it vesc /opt/app/VESCollector/bin/VESrestfulCollector.sh stop
-sleep 2
+docker exec vesc /opt/app/VESCollector/bin/appController.sh stop
+sleep 2
docker cp ${WORKSPACE}/tests/dcaegen2/testcases/resources/collector.properties vesc:/opt/app/VESCollector/etc
-sleep 10
-docker exec -id vesc /opt/app/VESCollector/bin/VESrestfulCollector.sh start
+sleep 10
+docker exec vesc /opt/app/VESCollector/bin/appController.sh start
sleep 5
-echo "VES Collector Restarted"
+echo "VES Collector Restarted with certBasicAuth"