Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
Open Subsurface Data Universe Software
Platform
Security and Compliance
entitlements-azure
Commits
b3ecf227
Commit
b3ecf227
authored
Sep 26, 2020
by
harshit aggarwal
Browse files
Adding UT's
parent
e6ff4201
Pipeline
#9956
failed with stage
in 1 minute and 50 seconds
Changes
5
Pipelines
2
Hide whitespace changes
Inline
Side-by-side
pom.xml
View file @
b3ecf227
...
...
@@ -181,7 +181,7 @@
<artifactId>
springfox-swagger-ui
</artifactId>
<version>
${springfox-version}
</version>
</dependency>
</dependencies>
</dependencies>
<build>
<plugins>
...
...
src/main/java/org/opengroup/osdu/azure/entitlements/di/AzureBootstrapConfig.java
View file @
b3ecf227
...
...
@@ -59,32 +59,32 @@ public class AzureBootstrapConfig {
@Value
(
"${azure.graph-api.version}"
)
private
String
graphApiVersion
;
private
String
appDevSp
Object
Id
;
private
String
appDevSpId
;
@Autowired
private
SecretClient
secretClient
;
@PostConstruct
public
void
setAppDevSp
Object
Id
()
{
appDevSp
Object
Id
=
getKeyVaultSecret
(
secretClient
,
"app-dev-sp-
object-
id"
);
public
void
setAppDevSpId
()
{
appDevSpId
=
getKeyVaultSecret
(
"app-dev-sp-id"
);
}
@Bean
@Named
(
"APP_DEV_SP_TENANT_ID"
)
public
String
appDevSpTenantId
(
SecretClient
kv
)
{
return
getKeyVaultSecret
(
kv
,
"app-dev-sp-tenant-id"
);
public
String
appDevSpTenantId
()
{
return
getKeyVaultSecret
(
"app-dev-sp-tenant-id"
);
}
@Bean
@Named
(
"APP_DEV_SP_USERNAME"
)
public
String
appDevSpUsername
(
SecretClient
kv
)
{
return
getKeyVaultSecret
(
kv
,
"app-dev-sp-username"
);
public
String
appDevSpUsername
()
{
return
getKeyVaultSecret
(
"app-dev-sp-username"
);
}
@Bean
@Named
(
"APP_DEV_SP_PASSWORD"
)
public
String
appDevSpPassword
(
SecretClient
kv
)
{
return
getKeyVaultSecret
(
kv
,
"app-dev-sp-password"
);
public
String
appDevSpPassword
()
{
return
getKeyVaultSecret
(
"app-dev-sp-password"
);
}
@Bean
...
...
@@ -137,18 +137,18 @@ public class AzureBootstrapConfig {
@Bean
@Named
(
"COSMOS_ENDPOINT"
)
public
String
cosmosEndpoint
(
SecretClient
kv
)
{
return
getKeyVaultSecret
(
kv
,
"cosmos-endpoint"
);
public
String
cosmosEndpoint
()
{
return
getKeyVaultSecret
(
"cosmos-endpoint"
);
}
@Bean
@Named
(
"COSMOS_KEY"
)
public
String
cosmosKey
(
SecretClient
kv
)
{
return
getKeyVaultSecret
(
kv
,
"cosmos-primary-key"
);
public
String
cosmosKey
()
{
return
getKeyVaultSecret
(
"cosmos-primary-key"
);
}
String
getKeyVaultSecret
(
SecretClient
kv
,
String
secretName
)
{
KeyVaultSecret
secret
=
kv
.
getSecret
(
secretName
);
String
getKeyVaultSecret
(
String
secretName
)
{
KeyVaultSecret
secret
=
secretClient
.
getSecret
(
secretName
);
if
(
secret
==
null
)
{
throw
new
IllegalStateException
(
String
.
format
(
"No secret found with name %s"
,
secretName
));
}
...
...
src/main/java/org/opengroup/osdu/azure/entitlements/service/EntitlementsAzure.java
View file @
b3ecf227
...
...
@@ -244,26 +244,23 @@ public class EntitlementsAzure
String
oid
=
authenticationContext
.
getOid
();
String
[]
userTenantGroups
=
userInfoRepository
.
getTenantGroups
(
oid
,
headers
.
getPartitionId
());
// String[] userTenantGroups;
// if(oid.equals(azureBootstrapConfig.getAppDevSpObjectId())) {
// try {
// Optional<TenantInfoDoc> result = groupInfoRepository.findTenantInfo(headers.getPartitionId());
// if(!result.isPresent()) {
// throw new AppException(HttpStatus.SC_NOT_FOUND, "tenant not found", "the tenant does not exist");
// }
// userTenantGroups = result.get().getGroups();
// }
// catch (AppException exception) {
// throw new AppException(exception.getError().getCode(), exception.getError().getReason(), exception.getError().getMessage());
// }
// }
// else {
// userTenantGroups = userInfoRepository.getTenantGroups(oid, headers.getPartitionId());
// }
String
[]
userTenantGroups
;
if
(
oid
.
equals
(
azureBootstrapConfig
.
getAppDevSpId
()))
{
try
{
Optional
<
TenantInfoDoc
>
result
=
groupInfoRepository
.
findTenantInfo
(
headers
.
getPartitionId
());
if
(!
result
.
isPresent
())
{
throw
new
AppException
(
HttpStatus
.
SC_NOT_FOUND
,
"tenant not found"
,
String
.
format
(
"Tenant with name %s does not exist"
,
headers
.
getPartitionId
()));
}
userTenantGroups
=
result
.
get
().
getGroups
();
}
catch
(
AppException
exception
)
{
throw
new
AppException
(
exception
.
getError
().
getCode
(),
exception
.
getError
().
getReason
(),
exception
.
getError
().
getMessage
());
}
}
else
{
userTenantGroups
=
userInfoRepository
.
getTenantGroups
(
oid
,
headers
.
getPartitionId
());
}
List
<
GroupInfo
>
groupInfoList
=
new
ArrayList
();
...
...
src/test/java/org/opengroup/osdu/azure/entitlements/EntitlementsAzureTests.java
View file @
b3ecf227
...
...
@@ -26,8 +26,10 @@ import org.junit.runner.RunWith;
import
org.mockito.InjectMocks
;
import
org.mockito.Mock
;
import
org.mockito.junit.MockitoJUnitRunner
;
import
org.opengroup.osdu.azure.entitlements.di.AzureBootstrapConfig
;
import
org.opengroup.osdu.azure.entitlements.dto.CreateGroupRequest
;
import
org.opengroup.osdu.azure.entitlements.graph.IGraphService
;
import
org.opengroup.osdu.azure.entitlements.model.TenantInfoDoc
;
import
org.opengroup.osdu.azure.entitlements.model.UserTenantItem
;
import
org.opengroup.osdu.azure.entitlements.repository.GroupInfoRepository
;
import
org.opengroup.osdu.azure.entitlements.model.UserInfoDoc
;
...
...
@@ -43,6 +45,8 @@ import org.springframework.security.core.Authentication;
import
org.springframework.security.core.context.SecurityContext
;
import
org.springframework.security.core.context.SecurityContextHolder
;
import
java.util.Optional
;
import
static
org
.
junit
.
Assert
.
assertEquals
;
import
static
org
.
mockito
.
AdditionalMatchers
.
aryEq
;
import
static
org
.
mockito
.
ArgumentMatchers
.
eq
;
...
...
@@ -72,6 +76,9 @@ public class EntitlementsAzureTests {
@Mock
private
IGraphService
graphService
;
@Mock
private
AzureBootstrapConfig
azureBootstrapConfig
;
@InjectMocks
private
EntitlementsAzure
sut
;
...
...
@@ -176,6 +183,50 @@ public class EntitlementsAzureTests {
assertEquals
(
groups
.
getGroup
(
TestUtils
.
getGroup
()).
getEmail
(),
String
.
format
(
"%s@%s.%s"
,
TestUtils
.
getGroup
(),
TestUtils
.
getTenantName
(),
TestUtils
.
getDomain
()));
}
@Test
public
void
givenRootServicePrincipalInJwtButTenantNotPresent_whenGetGroups_thenError
()
{
setField
(
sut
,
TestUtils
.
SERVICE_DOMAIN_NAME
,
TestUtils
.
getDomain
());
//serviceprincipal in JWT
createUserPrincipalSetSecurityContext
(
TestUtils
.
APPID
,
TestUtils
.
getAppId
(),
TestUtils
.
OID
,
TestUtils
.
getOid
());
when
(
groupInfoRepository
.
findTenantInfo
(
TestUtils
.
getTenantName
())).
thenReturn
(
Optional
.
empty
());
when
(
azureBootstrapConfig
.
getAppDevSpId
()).
thenReturn
(
TestUtils
.
getOid
());
//no email in header
when
(
dpsHeaders
.
getPartitionId
()).
thenReturn
(
TestUtils
.
getTenantName
());
try
{
sut
.
getGroups
();
}
catch
(
AppException
exception
)
{
assertEquals
(
exception
.
getError
().
getCode
(),
HttpStatus
.
SC_NOT_FOUND
);
assertEquals
(
exception
.
getError
().
getReason
(),
"tenant not found"
);
assertEquals
(
exception
.
getError
().
getMessage
(),
String
.
format
(
"Tenant with name %s does not exist"
,
TestUtils
.
getTenantName
()));
}
}
@Test
public
void
givenRootServicePrincipalInJwt_whenGetGroups_thenReturnGroups
()
{
setField
(
sut
,
TestUtils
.
SERVICE_DOMAIN_NAME
,
TestUtils
.
getDomain
());
//serviceprincipal in JWT
createUserPrincipalSetSecurityContext
(
TestUtils
.
APPID
,
TestUtils
.
getAppId
(),
TestUtils
.
OID
,
TestUtils
.
getOid
());
TenantInfoDoc
result
=
new
TenantInfoDoc
();
result
.
setGroups
(
new
String
[]{
TestUtils
.
getGroup
()});
when
(
groupInfoRepository
.
findTenantInfo
(
TestUtils
.
getTenantName
())).
thenReturn
(
Optional
.
of
(
result
));
when
(
azureBootstrapConfig
.
getAppDevSpId
()).
thenReturn
(
TestUtils
.
getOid
());
//no email in header
when
(
dpsHeaders
.
getPartitionId
()).
thenReturn
(
TestUtils
.
getTenantName
());
Groups
groups
=
sut
.
getGroups
();
assertEquals
(
groups
.
getDesId
(),
TestUtils
.
getAppId
());
assertEquals
(
groups
.
getGroups
().
size
(),
1
);
assertEquals
(
groups
.
getGroup
(
TestUtils
.
getGroup
()).
getName
(),
TestUtils
.
getGroup
());
assertEquals
(
groups
.
getGroup
(
TestUtils
.
getGroup
()).
getEmail
(),
String
.
format
(
"%s@%s.%s"
,
TestUtils
.
getGroup
(),
TestUtils
.
getTenantName
(),
TestUtils
.
getDomain
()));
}
@Test
public
void
givenMismatchUpnInHeaderAndJwt_whenCreateProfile_thenError
()
{
setField
(
sut
,
TestUtils
.
SERVICE_DOMAIN_NAME
,
TestUtils
.
getDomain
());
...
...
src/test/java/org/opengroup/osdu/azure/entitlements/di/AzureBootstrapConfigTest.java
View file @
b3ecf227
...
...
@@ -16,54 +16,63 @@ package org.opengroup.osdu.azure.entitlements.di;
import
com.azure.security.keyvault.secrets.SecretClient
;
import
com.azure.security.keyvault.secrets.models.KeyVaultSecret
;
import
org.junit.Before
;
import
org.junit.Test
;
import
org.mockito.Mockito
;
import
org.mockito.InjectMocks
;
import
org.mockito.Mock
;
import
org.mockito.MockitoAnnotations
;
import
static
org
.
junit
.
Assert
.
assertEquals
;
import
static
org
.
mockito
.
Mockito
.
doReturn
;
public
class
AzureBootstrapConfigTest
{
private
AzureBootstrapConfig
bootstrapConfig
=
new
AzureBootstrapConfig
(
Mockito
.
mock
(
SecretClient
.
class
));
private
SecretClient
kv
=
Mockito
.
mock
(
SecretClient
.
class
);
@InjectMocks
private
AzureBootstrapConfig
bootstrapConfig
;
@Mock
private
SecretClient
secretClient
;
@Mock
private
KeyVaultSecret
keyVaultSecret
;
@Before
public
void
initMocks
(){
MockitoAnnotations
.
initMocks
(
this
);
}
@Test
(
expected
=
IllegalStateException
.
class
)
public
void
kvSecret_checksForNullResponse
()
{
// the null response is the default behavior, but its included here
// to be explicit
doReturn
(
null
).
when
(
kv
).
getSecret
(
"secret-name"
);
bootstrapConfig
.
getKeyVaultSecret
(
kv
,
"secret-name"
);
// the null response is the default behavior, but its included here to be explicit
doReturn
(
null
).
when
(
secretClient
).
getSecret
(
"secret-name"
);
bootstrapConfig
.
getKeyVaultSecret
(
"secret-name"
);
}
@Test
(
expected
=
IllegalStateException
.
class
)
public
void
kvSecret_checksForNullValueWithinResponse
()
{
KeyVaultSecret
secret
=
Mockito
.
mock
(
KeyVaultSecret
.
class
);
// the null response is the default behavior, but its included here
// to be explicit
doReturn
(
null
).
when
(
secret
).
getValue
();
doReturn
(
secret
).
when
(
kv
).
getSecret
(
"secret-name"
);
// the null response is the default behavior, but its included here to be explicit
doReturn
(
null
).
when
(
keyVaultSecret
).
getValue
();
doReturn
(
keyVaultSecret
).
when
(
secretClient
).
getSecret
(
"secret-name"
);
bootstrapConfig
.
getKeyVaultSecret
(
kv
,
"secret-name"
);
bootstrapConfig
.
getKeyVaultSecret
(
"secret-name"
);
}
@Test
public
void
config_returnsCorrectSecret_cosmosKey
()
{
KeyVaultSecret
secret
=
Mockito
.
mock
(
KeyVaultSecret
.
class
);
doReturn
(
"cosmos-key-secret"
).
when
(
secret
).
getValue
();
doReturn
(
secret
).
when
(
kv
).
getSecret
(
"cosmos-primary-key"
);
doReturn
(
"cosmos-key-secret"
).
when
(
keyVaultSecret
).
getValue
();
doReturn
(
keyVaultSecret
).
when
(
secretClient
).
getSecret
(
"cosmos-primary-key"
);
String
secretValue
=
bootstrapConfig
.
cosmosKey
(
kv
);
String
secretValue
=
bootstrapConfig
.
cosmosKey
();
assertEquals
(
"Secret value was incorrect"
,
"cosmos-key-secret"
,
secretValue
);
}
@Test
public
void
config_returnsCorrectSecret_cosmosEndpoint
()
{
KeyVaultSecret
secret
=
Mockito
.
mock
(
KeyVaultSecret
.
class
);
doReturn
(
"cosmos-endpoint-secret"
).
when
(
secret
).
getValue
();
doReturn
(
secret
).
when
(
kv
).
getSecret
(
"cosmos-endpoint"
);
doReturn
(
"cosmos-endpoint-secret"
).
when
(
keyVaultSecret
).
getValue
();
doReturn
(
keyVaultSecret
).
when
(
secretClient
).
getSecret
(
"cosmos-endpoint"
);
String
secretValue
=
bootstrapConfig
.
cosmosEndpoint
(
kv
);
String
secretValue
=
bootstrapConfig
.
cosmosEndpoint
();
assertEquals
(
"Secret value was incorrect"
,
"cosmos-endpoint-secret"
,
secretValue
);
}
}
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment