Minor changes
Improved unittest, improved documentation.
Signed-off-by: PatrikBuhr <patrik.buhr@est.tech>
Issue-ID: NONRTRIC-841
Change-Id: Ib6ba350e683e0a1207bb7022825594f9ad43a9d7
diff --git a/api/ics-api.json b/api/ics-api.json
index db6d45e..cd3b61b 100644
--- a/api/ics-api.json
+++ b/api/ics-api.json
@@ -374,6 +374,20 @@
}},
"openapi": "3.0.1",
"paths": {
+ "/example-authz-check": {"post": {
+ "summary": "Request for access authorization.",
+ "requestBody": {
+ "content": {"application/json": {"schema": {"$ref": "#/components/schemas/subscription_authorization"}}},
+ "required": true
+ },
+ "description": "The authorization function decides if access is granted.",
+ "operationId": "subscriptionAuth",
+ "responses": {"200": {
+ "description": "OK",
+ "content": {"application/json": {"schema": {"$ref": "#/components/schemas/authorization_result"}}}
+ }},
+ "tags": ["Authorization API"]
+ }},
"/data-producer/v1/info-types": {"get": {
"summary": "Info Type identifiers",
"operationId": "getInfoTypdentifiers",
@@ -1359,20 +1373,6 @@
}],
"tags": ["Data producer (registration)"]
}},
- "/example-subscription-auth": {"post": {
- "summary": "Request for access authorization.",
- "requestBody": {
- "content": {"application/json": {"schema": {"$ref": "#/components/schemas/subscription_authorization"}}},
- "required": true
- },
- "description": "The authorization function decides if access is granted.",
- "operationId": "subscriptionAuth",
- "responses": {"200": {
- "description": "OK",
- "content": {"application/json": {"schema": {"$ref": "#/components/schemas/authorization_result"}}}
- }},
- "tags": ["Authorization API"]
- }},
"/actuator/heapdump": {"get": {
"summary": "Actuator web endpoint 'heapdump'",
"operationId": "heapdump",
diff --git a/api/ics-api.yaml b/api/ics-api.yaml
index e7a0629..4a8d3bd 100644
--- a/api/ics-api.yaml
+++ b/api/ics-api.yaml
@@ -53,6 +53,26 @@
description: API used for authorization of information job access (this is provided
by an authorization producer such as OPA)
paths:
+ /example-authz-check:
+ post:
+ tags:
+ - Authorization API
+ summary: Request for access authorization.
+ description: The authorization function decides if access is granted.
+ operationId: subscriptionAuth
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/subscription_authorization'
+ required: true
+ responses:
+ 200:
+ description: OK
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/authorization_result'
/data-producer/v1/info-types:
get:
tags:
@@ -1326,26 +1346,6 @@
application/json:
schema:
$ref: '#/components/schemas/ProblemDetails'
- /example-subscription-auth:
- post:
- tags:
- - Authorization API
- summary: Request for access authorization.
- description: The authorization function decides if access is granted.
- operationId: subscriptionAuth
- requestBody:
- content:
- application/json:
- schema:
- $ref: '#/components/schemas/subscription_authorization'
- required: true
- responses:
- 200:
- description: OK
- content:
- application/json:
- schema:
- $ref: '#/components/schemas/authorization_result'
/actuator/heapdump:
get:
tags:
diff --git a/config/application.yaml b/config/application.yaml
index 345b3fd..966c15d 100644
--- a/config/application.yaml
+++ b/config/application.yaml
@@ -72,7 +72,8 @@
vardata-directory: /var/information-coordinator-service
# If the file name is empty, no authorization token is used
auth-token-file:
- # A URL to a REST based service that provides authorization. This can for instance be Open Policy Agent, OPA
+ # A URL to authorization provider such as OPA. Each time a information job is accessed, a call to this
+ # authorization provider is done for access control. If this is empty, no fine grained access control is done.
info-job-authorization-agent:
# S3 object store usage is enabled by defining the bucket to use. This will override the vardata-directory parameter.
s3:
diff --git a/src/main/java/org/oransc/ics/controllers/a1e/A1eController.java b/src/main/java/org/oransc/ics/controllers/a1e/A1eController.java
index 491e0dd..879d6d8 100644
--- a/src/main/java/org/oransc/ics/controllers/a1e/A1eController.java
+++ b/src/main/java/org/oransc/ics/controllers/a1e/A1eController.java
@@ -202,7 +202,7 @@
@RequestHeader Map<String, String> headers) {
return this.infoJobs.getJobMono(eiJobId)
- .flatMap(job -> authorization.authorizeDataJob(headers, job, AccessType.READ)) //
+ .flatMap(job -> authorization.doAccessControl(headers, job, AccessType.READ)) //
.map(job -> new ResponseEntity<Object>(gson.toJson(toEiJobInfo(job)), HttpStatus.OK))
.onErrorResume(ErrorResponse::createMono);
}
@@ -258,7 +258,7 @@
@RequestHeader Map<String, String> headers) {
return this.infoJobs.getJobMono(eiJobId)
- .flatMap(job -> authorization.authorizeDataJob(headers, job, AccessType.WRITE)) //
+ .flatMap(job -> authorization.doAccessControl(headers, job, AccessType.WRITE)) //
.doOnNext(job -> this.infoJobs.remove(job, this.infoProducers))
.map(x -> new ResponseEntity<>(HttpStatus.NO_CONTENT)).onErrorResume(ErrorResponse::createMono);
}
@@ -299,7 +299,7 @@
try {
InfoType eiType = this.infoTypes.getCompatibleType(eiJobObject.eiTypeId);
- return authorization.authorizeDataJob(headers, eiType, eiJobObject.jobDefinition, AccessType.WRITE) //
+ return authorization.doAccessControl(headers, eiType, eiJobObject.jobDefinition, AccessType.WRITE) //
.flatMap(x -> validatePutEiJob(eiJobId, eiType, eiJobObject)) //
.flatMap(job -> startEiJob(job, eiType)) //
.doOnNext(newEiJob -> this.infoJobs.put(newEiJob)) //
diff --git a/src/main/java/org/oransc/ics/controllers/authorization/AuthorizationCheck.java b/src/main/java/org/oransc/ics/controllers/authorization/AuthorizationCheck.java
index 14b0291..dde7104 100644
--- a/src/main/java/org/oransc/ics/controllers/authorization/AuthorizationCheck.java
+++ b/src/main/java/org/oransc/ics/controllers/authorization/AuthorizationCheck.java
@@ -56,12 +56,12 @@
this.restClient = restClientFactory.createRestClientUseHttpProxy("");
}
- public Mono<InfoJob> authorizeDataJob(Map<String, String> receivedHttpHeaders, InfoJob job, AccessType accessType) {
- return authorizeDataJob(receivedHttpHeaders, job.getType(), job.getJobData(), accessType) //
+ public Mono<InfoJob> doAccessControl(Map<String, String> receivedHttpHeaders, InfoJob job, AccessType accessType) {
+ return doAccessControl(receivedHttpHeaders, job.getType(), job.getJobData(), accessType) //
.map(x -> job);
}
- public Mono<InfoType> authorizeDataJob(Map<String, String> receivedHttpHeaders, InfoType type, Object jobDefinition,
+ public Mono<InfoType> doAccessControl(Map<String, String> receivedHttpHeaders, InfoType type, Object jobDefinition,
AccessType accessType) {
if (this.applicationConfig.getAuthAgentUrl().isEmpty()) {
return Mono.just(type);
diff --git a/src/main/java/org/oransc/ics/controllers/r1consumer/ConsumerController.java b/src/main/java/org/oransc/ics/controllers/r1consumer/ConsumerController.java
index cd557c1..b48ac35 100644
--- a/src/main/java/org/oransc/ics/controllers/r1consumer/ConsumerController.java
+++ b/src/main/java/org/oransc/ics/controllers/r1consumer/ConsumerController.java
@@ -205,7 +205,7 @@
return Flux.fromIterable(this.infoJobs.getJobsForOwner(owner))
.doOnNext(job -> logger.debug("DELETE info jobs, id: {}, type: {}, owner: {}", job.getId(),
job.getType().getId(), owner))
- .flatMap(job -> this.authorization.authorizeDataJob(headers, job, AccessType.WRITE)) //
+ .flatMap(job -> this.authorization.doAccessControl(headers, job, AccessType.WRITE)) //
.doOnNext(job -> this.infoJobs.remove(job, this.infoProducers)) //
.collectList() //
.map(l -> new ResponseEntity<>(HttpStatus.NO_CONTENT)) //
@@ -231,7 +231,7 @@
logger.debug("GET info job, id: {}", infoJobId);
return this.infoJobs.getJobMono(infoJobId) //
- .flatMap(job -> authorization.authorizeDataJob(headers, job, AccessType.READ)) //
+ .flatMap(job -> authorization.doAccessControl(headers, job, AccessType.READ)) //
.map(job -> new ResponseEntity<Object>(gson.toJson(toInfoJobInfo(job)), HttpStatus.OK)) //
.onErrorResume(ErrorResponse::createMono);
}
@@ -294,7 +294,7 @@
logger.debug("DELETE info job, id: {}", jobId);
return this.infoJobs.getJobMono(jobId) //
- .flatMap(job -> authorization.authorizeDataJob(headers, job, AccessType.WRITE)) //
+ .flatMap(job -> authorization.doAccessControl(headers, job, AccessType.WRITE)) //
.doOnNext(job -> this.infoJobs.remove(job, this.infoProducers)) //
.map(job -> new ResponseEntity<>(HttpStatus.NO_CONTENT)) //
.onErrorResume(ErrorResponse::createMono);
@@ -339,7 +339,7 @@
InfoType infoType = this.infoTypes.getCompatibleType(informationJobObject.infoTypeId);
return authorization
- .authorizeDataJob(headers, infoType, informationJobObject.jobDefinition, AccessType.WRITE) //
+ .doAccessControl(headers, infoType, informationJobObject.jobDefinition, AccessType.WRITE) //
.flatMap(x -> validatePutInfoJob(jobId, infoType, informationJobObject)) //
.flatMap(job -> startInfoSubscriptionJob(job, infoType)) //
.doOnNext(this.infoJobs::put) //
diff --git a/src/test/java/org/oransc/ics/ApplicationTest.java b/src/test/java/org/oransc/ics/ApplicationTest.java
index 8ddba05..3d8a95b 100644
--- a/src/test/java/org/oransc/ics/ApplicationTest.java
+++ b/src/test/java/org/oransc/ics/ApplicationTest.java
@@ -122,7 +122,7 @@
private final String TYPE_ID = "typeId_1.9.9";
private final String PRODUCER_ID = "producerId";
private final String EI_JOB_PROPERTY = "\"property1\"";
- private final String EI_JOB_ID = "jobId";
+ private final String JOB_ID = "jobId";
@Autowired
ApplicationContext context;
@@ -191,6 +191,7 @@
this.securityContext.setAuthTokenFilePath(null);
this.applicationConfig.setAuthAgentUrl("");
this.openPolicyAgentSimulatorController.getTestResults().reset();
+ this.applicationConfig.setAuthAgentUrl(baseUrl() + OpenPolicyAgentSimulatorController.SUBSCRIPTION_AUTH_URL);
}
@AfterEach
@@ -491,7 +492,7 @@
InfoJob job = this.infoJobs.getJob("jobId");
assertThat(job.getOwner()).isEqualTo("owner");
- verifyJobStatus(EI_JOB_ID, "ENABLED");
+ verifyJobStatus(JOB_ID, "ENABLED");
}
@Test
@@ -510,8 +511,8 @@
putInfoProducerWithOneType(REG_TYPE_ID4, REG_TYPE_ID4);
putInfoProducerWithOneType(REG_TYPE_ID5, REG_TYPE_ID5);
- String url = A1eConsts.API_ROOT + "/eijobs/" + EI_JOB_ID;
- String body = gson.toJson(eiJobInfo(PUT_TYPE_ID, EI_JOB_ID));
+ String url = A1eConsts.API_ROOT + "/eijobs/" + JOB_ID;
+ String body = gson.toJson(eiJobInfo(PUT_TYPE_ID, JOB_ID));
ResponseEntity<String> resp = restClient().putForEntity(url, body).block();
assertThat(this.infoJobs.size()).isEqualTo(1);
assertThat(this.infoJobs.getJobs().iterator().next().getType().getId()).isEqualTo(REG_TYPE_ID1);
@@ -529,14 +530,14 @@
final String REG_TYPE_ID1 = "type_1.5.0"; // Compatible
putInfoProducerWithOneType(REG_TYPE_ID1, REG_TYPE_ID1);
- String body = gson.toJson(eiJobInfo("junkTypeId", EI_JOB_ID));
+ String body = gson.toJson(eiJobInfo("junkTypeId", JOB_ID));
String url = A1eConsts.API_ROOT + "/eijobs/jobId";
testErrorCode(restClient().put(url, body), HttpStatus.NOT_FOUND, "not found");
- url = A1eConsts.API_ROOT + "/eijobs/" + EI_JOB_ID;
+ url = A1eConsts.API_ROOT + "/eijobs/" + JOB_ID;
final String PUT_TYPE_ERROR_ID = "type_1.1";
- body = gson.toJson(eiJobInfo(PUT_TYPE_ERROR_ID, EI_JOB_ID));
+ body = gson.toJson(eiJobInfo(PUT_TYPE_ERROR_ID, JOB_ID));
testErrorCode(restClient().put(url, body), HttpStatus.NOT_FOUND, "not found");
}
@@ -561,7 +562,7 @@
InfoJob job = this.infoJobs.getJob("jobId");
assertThat(job.getOwner()).isEqualTo("owner");
- verifyJobStatus(EI_JOB_ID, "ENABLED");
+ verifyJobStatus(JOB_ID, "ENABLED");
body = gson.toJson(consumerJobInfo("junkTypeId", "jobId", ""));
testErrorCode(restClient().put(url, body), HttpStatus.NOT_FOUND, "not found");
@@ -603,7 +604,7 @@
// the principles for backwards compability.
assertThat(request.typeId.equals(REG_TYPE_ID1) || request.typeId.equals(REG_TYPE_ID2)).isTrue();
- verifyJobStatus(EI_JOB_ID, "ENABLED");
+ verifyJobStatus(JOB_ID, "ENABLED");
// Test update job
resp = restClient().putForEntity(url, body).block();
@@ -717,7 +718,7 @@
void producerDeleteTypeExistingJob() throws Exception {
putInfoType(TYPE_ID);
String url = ProducerConsts.API_ROOT + "/info-types/" + TYPE_ID;
- putInfoJob(TYPE_ID, EI_JOB_ID);
+ putInfoJob(TYPE_ID, JOB_ID);
restClient().delete(url).block();
assertThat(this.infoTypes.size()).isZero();
@@ -728,7 +729,7 @@
@Test
void producerPutProducerWithOneType_rejecting() throws Exception {
putInfoProducerWithOneTypeRejecting("simulateProducerError", TYPE_ID);
- String url = A1eConsts.API_ROOT + "/eijobs/" + EI_JOB_ID;
+ String url = A1eConsts.API_ROOT + "/eijobs/" + JOB_ID;
String body = gson.toJson(eiJobInfo());
restClient().put(url, body).block();
@@ -737,7 +738,7 @@
await().untilAsserted(() -> assertThat(simulatorResults.noOfRejectedCreate).isEqualTo(2));
assertThat(simulatorResults.noOfRejectedCreate).isEqualTo(2);
- verifyJobStatus(EI_JOB_ID, "DISABLED");
+ verifyJobStatus(JOB_ID, "DISABLED");
}
@Test
@@ -898,18 +899,18 @@
// Create a job
putInfoProducerWithOneType(PRODUCER_ID, TYPE_ID);
- putInfoJob(TYPE_ID, EI_JOB_ID);
+ putInfoJob(TYPE_ID, JOB_ID);
// change the type for the producer, the job shall be disabled
putInfoProducerWithOneType(PRODUCER_ID, "junk");
- verifyJobStatus(EI_JOB_ID, "DISABLED");
+ verifyJobStatus(JOB_ID, "DISABLED");
A1eCallbacksSimulatorController.TestResults consumerCalls = this.a1eCallbacksSimulator.getTestResults();
await().untilAsserted(() -> assertThat(consumerCalls.eiJobStatusCallbacks).hasSize(1));
assertThat(consumerCalls.eiJobStatusCallbacks.get(0).state)
.isEqualTo(A1eEiJobStatus.EiJobStatusValues.DISABLED);
putInfoProducerWithOneType(PRODUCER_ID, TYPE_ID);
- verifyJobStatus(EI_JOB_ID, "ENABLED");
+ verifyJobStatus(JOB_ID, "ENABLED");
await().untilAsserted(() -> assertThat(consumerCalls.eiJobStatusCallbacks).hasSize(2));
assertThat(consumerCalls.eiJobStatusCallbacks.get(1).state).isEqualTo(A1eEiJobStatus.EiJobStatusValues.ENABLED);
}
@@ -951,14 +952,14 @@
{
// Create a job
putInfoProducerWithOneType(PRODUCER_ID, TYPE_ID);
- putInfoJob(TYPE_ID, EI_JOB_ID);
- verifyJobStatus(EI_JOB_ID, "ENABLED");
+ putInfoJob(TYPE_ID, JOB_ID);
+ verifyJobStatus(JOB_ID, "ENABLED");
deleteInfoProducer(PRODUCER_ID);
// A Job disabled status notification shall now be received
await().untilAsserted(() -> assertThat(consumerResults.eiJobStatusCallbacks).hasSize(1));
assertThat(consumerResults.eiJobStatusCallbacks.get(0).state)
.isEqualTo(A1eEiJobStatus.EiJobStatusValues.DISABLED);
- verifyJobStatus(EI_JOB_ID, "DISABLED");
+ verifyJobStatus(JOB_ID, "DISABLED");
}
assertThat(this.infoProducers.size()).isEqualTo(1);
@@ -983,7 +984,7 @@
await().untilAsserted(() -> assertThat(consumerResults.eiJobStatusCallbacks).hasSize(2));
assertThat(consumerResults.eiJobStatusCallbacks.get(1).state)
.isEqualTo(A1eEiJobStatus.EiJobStatusValues.ENABLED);
- verifyJobStatus(EI_JOB_ID, "ENABLED");
+ verifyJobStatus(JOB_ID, "ENABLED");
}
@Test
@@ -992,15 +993,15 @@
// suceeded
putInfoProducerWithOneType(PRODUCER_ID, TYPE_ID);
- putInfoJob(TYPE_ID, EI_JOB_ID);
+ putInfoJob(TYPE_ID, JOB_ID);
InfoProducer producer = this.infoProducers.getProducer(PRODUCER_ID);
- InfoJob job = this.infoJobs.getJob(EI_JOB_ID);
+ InfoJob job = this.infoJobs.getJob(JOB_ID);
// Pretend that the producer did reject the job and the a DISABLED notification
// is sent for the job
producer.setJobDisabled(job);
job.setLastReportedStatus(false);
- verifyJobStatus(EI_JOB_ID, "DISABLED");
+ verifyJobStatus(JOB_ID, "DISABLED");
// Run the supervision and wait for the job to get started in the producer
this.producerSupervision.createTask().blockLast();
@@ -1008,7 +1009,7 @@
await().untilAsserted(() -> assertThat(consumerResults.eiJobStatusCallbacks).hasSize(1));
assertThat(consumerResults.eiJobStatusCallbacks.get(0).state)
.isEqualTo(A1eEiJobStatus.EiJobStatusValues.ENABLED);
- verifyJobStatus(EI_JOB_ID, "ENABLED");
+ verifyJobStatus(JOB_ID, "ENABLED");
}
@Test
@@ -1228,7 +1229,7 @@
}
@Test
- void testAuthorization() throws Exception {
+ void testFineGrainedAuthorizationCheck() throws Exception {
this.applicationConfig.setAuthAgentUrl(baseUrl() + OpenPolicyAgentSimulatorController.SUBSCRIPTION_AUTH_URL);
final String AUTH_TOKEN = "testToken";
Path authFile = Files.createTempFile("icsTestAuthToken", ".txt");
@@ -1246,16 +1247,65 @@
assertThat(authRequest.getInput().getAccessType()).isEqualTo(AccessType.WRITE);
assertThat(authRequest.getInput().getInfoTypeId()).isEqualTo(TYPE_ID);
assertThat(authRequest.getInput().getAuthToken()).isEqualTo(AUTH_TOKEN);
+ }
+
+ @Test
+ void testFineGrainedAuthorizationCheckRejections() throws Exception {
+ putInfoProducerWithOneType(PRODUCER_ID, TYPE_ID);
+ putInfoJob(TYPE_ID, JOB_ID);
// Test rejection from OPA
this.applicationConfig
.setAuthAgentUrl(baseUrl() + OpenPolicyAgentSimulatorController.SUBSCRIPTION_REJECT_AUTH_URL);
+ var testResults = openPolicyAgentSimulatorController.getTestResults();
- String url = ConsumerConsts.API_ROOT + "/info-jobs/jobId";
+ // R1
+ String url = ConsumerConsts.API_ROOT + "/info-jobs/" + JOB_ID;
testErrorCode(restClient().delete(url), HttpStatus.UNAUTHORIZED, "Not authorized");
assertThat(testResults.receivedRequests).hasSize(2);
- authRequest = testResults.receivedRequests.get(1);
+ SubscriptionAuthRequest authRequest = testResults.receivedRequests.get(1);
assertThat(authRequest.getInput().getAccessType()).isEqualTo(AccessType.WRITE);
+
+ String body = gson.toJson(consumerJobInfo(TYPE_ID, JOB_ID, "owner"));
+ testErrorCode(restClient().put(url, body), HttpStatus.UNAUTHORIZED, "Not authorized");
+
+ testErrorCode(restClient().get(url), HttpStatus.UNAUTHORIZED, "Not authorized");
+
+ // A1-E
+ url = A1eConsts.API_ROOT + "/eijobs/" + JOB_ID;
+ testErrorCode(restClient().get(url), HttpStatus.UNAUTHORIZED, "Not authorized");
+
+ testErrorCode(restClient().delete(url), HttpStatus.UNAUTHORIZED, "Not authorized");
+
+ body = gson.toJson(eiJobInfo(TYPE_ID, JOB_ID, "owner"));
+ testErrorCode(restClient().put(url, body), HttpStatus.UNAUTHORIZED, "Not authorized");
+ }
+
+ @Test
+ void testFineGrainedAuthorizationCheckRejections_OPA_UNAVALIABLE() throws Exception {
+ putInfoProducerWithOneType(PRODUCER_ID, TYPE_ID);
+ putInfoJob(TYPE_ID, JOB_ID);
+
+ // Test rejection from OPA
+ this.applicationConfig.setAuthAgentUrl("junk");
+
+ // R1
+ String url = ConsumerConsts.API_ROOT + "/info-jobs/" + JOB_ID;
+ testErrorCode(restClient().delete(url), HttpStatus.UNAUTHORIZED, "Not authorized");
+
+ String body = gson.toJson(consumerJobInfo(TYPE_ID, JOB_ID, "owner"));
+ testErrorCode(restClient().put(url, body), HttpStatus.UNAUTHORIZED, "Not authorized");
+
+ testErrorCode(restClient().get(url), HttpStatus.UNAUTHORIZED, "Not authorized");
+
+ // A1-E
+ url = A1eConsts.API_ROOT + "/eijobs/" + JOB_ID;
+ testErrorCode(restClient().get(url), HttpStatus.UNAUTHORIZED, "Not authorized");
+
+ testErrorCode(restClient().delete(url), HttpStatus.UNAUTHORIZED, "Not authorized");
+
+ body = gson.toJson(eiJobInfo(TYPE_ID, JOB_ID, "owner"));
+ testErrorCode(restClient().put(url, body), HttpStatus.UNAUTHORIZED, "Not authorized");
}
@Test
@@ -1344,7 +1394,7 @@
}
private ConsumerJobInfo consumerJobInfo() throws JsonMappingException, JsonProcessingException {
- return consumerJobInfo(TYPE_ID, EI_JOB_ID, "owner");
+ return consumerJobInfo(TYPE_ID, JOB_ID, "owner");
}
ConsumerJobInfo consumerJobInfo(String typeId, String infoJobId, String owner)
@@ -1354,7 +1404,7 @@
}
private A1eEiJobInfo eiJobInfo() throws Exception {
- return eiJobInfo(TYPE_ID, EI_JOB_ID);
+ return eiJobInfo(TYPE_ID, JOB_ID);
}
A1eEiJobInfo eiJobInfo(String typeId, String infoJobId) throws Exception {
diff --git a/src/test/java/org/oransc/ics/controller/OpenPolicyAgentSimulatorController.java b/src/test/java/org/oransc/ics/controller/OpenPolicyAgentSimulatorController.java
index 89b23c2..f711ca9 100644
--- a/src/test/java/org/oransc/ics/controller/OpenPolicyAgentSimulatorController.java
+++ b/src/test/java/org/oransc/ics/controller/OpenPolicyAgentSimulatorController.java
@@ -59,8 +59,8 @@
private final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
- public static final String SUBSCRIPTION_AUTH_URL = "/example-subscription-auth";
- public static final String SUBSCRIPTION_REJECT_AUTH_URL = "/example-subscription-auth-reject";
+ public static final String SUBSCRIPTION_AUTH_URL = "/example-authz-check";
+ public static final String SUBSCRIPTION_REJECT_AUTH_URL = "/example-authz-check-reject";
public static class TestResults {
@@ -93,7 +93,7 @@
public ResponseEntity<Object> subscriptionAuth( //
@RequestHeader Map<String, String> headers, //
@RequestBody SubscriptionAuthRequest request) {
- logger.info("Auth {}", request);
+ logger.debug("Auth {}", request);
testResults.receivedRequests.add(request);
String res = gson.toJson(AuthorizationResult.builder().result(true).build());
@@ -112,7 +112,7 @@
public ResponseEntity<Object> subscriptionAuthReject( //
@RequestHeader Map<String, String> headers, //
@RequestBody SubscriptionAuthRequest request) {
- logger.info("Auth Reject {}", request);
+ logger.debug("Auth Reject {}", request);
testResults.receivedRequests.add(request);
String res = gson.toJson(AuthorizationResult.builder().result(false).build());
return new ResponseEntity<>(res, HttpStatus.OK);