diff --git a/provider/notification-ibm/src/main/java/org/opengroup/osdu/notification/provider/ibm/security/SecurityConfig.java b/provider/notification-ibm/src/main/java/org/opengroup/osdu/notification/provider/ibm/security/SecurityConfig.java
index 3dbea65398b173700bdb8d677b9b91b94abcece7..74f6d6abb047b6fdae83c68f506a4cdb63ce40e5 100644
--- a/provider/notification-ibm/src/main/java/org/opengroup/osdu/notification/provider/ibm/security/SecurityConfig.java
+++ b/provider/notification-ibm/src/main/java/org/opengroup/osdu/notification/provider/ibm/security/SecurityConfig.java
@@ -1,17 +1,20 @@
/*
- * Copyright 2017-2020, Schlumberger
+
+ * Copyright 2020 IBM Corp. All Rights Reserved.
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+
+
*/
package org.opengroup.osdu.notification.provider.ibm.security;
@@ -24,11 +27,17 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
-
- @Override
- protected void configure(HttpSecurity httpSecurity) throws Exception {
- httpSecurity
- .httpBasic().disable()
- .csrf().disable(); //disable default authN. AuthN handled by endpoints proxy
- }
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http.csrf().disable().authorizeRequests()
+ .antMatchers("/test/challenge/**",
+ "/v1/api-docs",
+ "/configuration/ui",
+ "/swagger-resources/**",
+ "/configuration/security",
+ "/swagger-ui.html",
+ "/webjars/**")
+ .permitAll().anyRequest().authenticated().and().oauth2ResourceServer().jwt();
+ }
+
}
\ No newline at end of file
diff --git a/provider/notification-ibm/src/main/java/org/opengroup/osdu/notification/provider/ibm/util/IBMServiceAccountValidatorImpl.java b/provider/notification-ibm/src/main/java/org/opengroup/osdu/notification/provider/ibm/util/IBMServiceAccountValidatorImpl.java
index 5a492f2e0047855f5bf2b37a5b63356ea98927d9..7d4384f576c0da7f1c5a1f746703d755843ff0a0 100644
--- a/provider/notification-ibm/src/main/java/org/opengroup/osdu/notification/provider/ibm/util/IBMServiceAccountValidatorImpl.java
+++ b/provider/notification-ibm/src/main/java/org/opengroup/osdu/notification/provider/ibm/util/IBMServiceAccountValidatorImpl.java
@@ -34,7 +34,7 @@ public class IBMServiceAccountValidatorImpl implements IServiceAccountValidator
//call isValidServiceAccount()
// Check whether IBM have to implement the service account verification for PubSub Role
// Marking it to return true, for the integration tests.
- return true;
+ return false;
}
@Override
diff --git a/testing/notification-test-ibm/pom.xml b/testing/notification-test-ibm/pom.xml
new file mode 100644
index 0000000000000000000000000000000000000000..48630238eabf540f3825b3fdfd61b5ce8f096177
--- /dev/null
+++ b/testing/notification-test-ibm/pom.xml
@@ -0,0 +1,76 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright 2020 IBM Corp. All Rights Reserved.
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.opengroup.osdu</groupId>
+ <artifactId>notification-test-ibm</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ <name>notification-test-ibm</name>
+ <description>Integration tests IBM for notification</description>
+ <packaging>jar</packaging>
+
+ <properties>
+ <java.version>8</java.version>
+ <maven.compiler.target>${java.version}</maven.compiler.target>
+ <maven.compiler.source>${java.version}</maven.compiler.source>
+ <os-core-lib-ibm.version>0.3.6-SNAPSHOT</os-core-lib-ibm.version>
+ </properties>
+
+ <repositories>
+ <repository>
+ <id>${gitlab-server}</id>
+ <url>https://community.opengroup.org/api/v4/groups/17/-/packages/maven</url>
+ </repository>
+ </repositories>
+
+ <distributionManagement>
+ <repository>
+ <id>${gitlab-server}</id>
+ <url>https://community.opengroup.org/api/v4/projects/143/packages/maven</url>
+ </repository>
+ <snapshotRepository>
+ <id>${gitlab-server}</id>
+ <url>https://community.opengroup.org/api/v4/projects/143/packages/maven</url>
+ </snapshotRepository>
+ </distributionManagement>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.opengroup.osdu</groupId>
+ <artifactId>os-core-lib-ibm</artifactId>
+ <version>${os-core-lib-ibm.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.opengroup.osdu.notification</groupId>
+ <artifactId>notification-test-core</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>org.opengroup.osdu</groupId>
+ <artifactId>os-core-common</artifactId>
+ <version>0.3.6</version>
+ </dependency>
+
+
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>4.12</version>
+ </dependency>
+ </dependencies>
+
+</project>
diff --git a/testing/notification-test-ibm/src/test/java/org/opengroup/osdu/notification/api/TestPubsubEndpointGSA.java b/testing/notification-test-ibm/src/test/java/org/opengroup/osdu/notification/api/TestPubsubEndpointGSA.java
new file mode 100644
index 0000000000000000000000000000000000000000..789fc351f66f1f137b387f971d6e6031c6656f4e
--- /dev/null
+++ b/testing/notification-test-ibm/src/test/java/org/opengroup/osdu/notification/api/TestPubsubEndpointGSA.java
@@ -0,0 +1,71 @@
+package org.opengroup.osdu.notification.api;
+
+import static org.junit.Assert.assertEquals;
+
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.opengroup.osdu.notification.util.Config;
+import org.opengroup.osdu.notification.util.IBMTestUtils;
+import org.opengroup.osdu.notification.util.RestDescriptor;
+
+import com.sun.jersey.api.client.ClientResponse;
+
+public class TestPubsubEndpointGSA extends PubsubEndpointGSATests {
+
+ private static final IBMTestUtils gcpTestUtils = new IBMTestUtils();
+
+
+ @BeforeClass
+ public static void classSetup() throws Exception {
+ PubsubEndpointGSATests.classSetup(gcpTestUtils.getOpsToken());
+ }
+
+ @AfterClass
+ public static void classTearDown() throws Exception {
+ }
+
+ @Before
+ @Override
+ public void setup() throws Exception {
+ this.testUtils = new IBMTestUtils();
+ }
+
+ @After
+ @Override
+ public void tearDown() throws Exception {
+ this.testUtils = null;
+ }
+
+
+ @Override
+ public void should_return307_when_makingHttpRequest() throws Exception {
+ // No implementation for GSA in IBM
+ }
+
+ @Override
+ public void should_return20XResponseCode_when_makingValidHttpsRequest() throws Exception {
+ // No implementation for GSA in IBM
+ }
+
+ @Override
+ public void should_return20X_when_usingCredentialsWithOpsPermission() throws Exception{
+
+ }
+
+ @Override
+ public void should_returnOk_when_makingHttpOptionsRequest() throws Exception{
+
+ }
+
+ @Override
+ public void should_return400_when_makingHttpRequestWithoutToken() throws Exception {
+
+ ClientResponse response = descriptor.run(getArg(), "");
+ assertEquals(error( response.getEntity(String.class)), 401, response.getStatus());
+
+ }
+
+
+}
\ No newline at end of file
diff --git a/testing/notification-test-ibm/src/test/java/org/opengroup/osdu/notification/api/TestPubsubEndpointHMAC.java b/testing/notification-test-ibm/src/test/java/org/opengroup/osdu/notification/api/TestPubsubEndpointHMAC.java
new file mode 100644
index 0000000000000000000000000000000000000000..c0894c1c3e53d3f5523e5a7ce9df9a83d5ef434c
--- /dev/null
+++ b/testing/notification-test-ibm/src/test/java/org/opengroup/osdu/notification/api/TestPubsubEndpointHMAC.java
@@ -0,0 +1,44 @@
+package org.opengroup.osdu.notification.api;
+
+import static org.junit.Assert.assertEquals;
+
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.opengroup.osdu.notification.util.Config;
+import org.opengroup.osdu.notification.util.IBMTestUtils;
+import org.opengroup.osdu.notification.util.RestDescriptor;
+import org.opengroup.osdu.notification.util.TestUtils;
+
+import com.sun.jersey.api.client.ClientResponse;
+
+public class TestPubsubEndpointHMAC extends PubsubEndpointHMACTests {
+
+ @BeforeClass
+ public static void classSetup() throws Exception {
+ PubsubEndpointHMACTests.classSetup();
+ }
+
+ @AfterClass
+ public static void classTearDown() throws Exception {
+ }
+
+ @Before
+ @Override
+ public void setup() throws Exception {
+ this.testUtils = new IBMTestUtils();
+ }
+
+ @After
+ @Override
+ public void tearDown() throws Exception {
+ this.testUtils = null;
+ }
+
+ @Override
+ public void should_return400_when_makingHttpRequestWithoutToken()throws Exception{
+ ClientResponse response = descriptor.run(getArg(), "");
+ assertEquals(error( response.getEntity(String.class)), 401, response.getStatus());
+ }
+}
\ No newline at end of file
diff --git a/testing/notification-test-ibm/src/test/java/org/opengroup/osdu/notification/util/IBMTestUtils.java b/testing/notification-test-ibm/src/test/java/org/opengroup/osdu/notification/util/IBMTestUtils.java
new file mode 100644
index 0000000000000000000000000000000000000000..88e6e845f87b8c917b8bc2936e8e52eb9f7c7c3a
--- /dev/null
+++ b/testing/notification-test-ibm/src/test/java/org/opengroup/osdu/notification/util/IBMTestUtils.java
@@ -0,0 +1,45 @@
+package org.opengroup.osdu.notification.util;
+
+import org.opengroup.osdu.core.ibm.util.IdentityClient;
+
+import com.google.common.base.Strings;
+
+public class IBMTestUtils extends TestUtils {
+
+ public IBMTestUtils() {
+
+ }
+
+ @Override
+ public synchronized String getOpsToken() throws Exception {
+ if (Strings.isNullOrEmpty(opsToken)) {
+ opsToken=IdentityClient.getTokenForUserWithAccess();
+ }
+ return "Bearer " + opsToken;
+ }
+
+ @Override
+ public synchronized String getAdminToken() throws Exception {
+ if(Strings.isNullOrEmpty(adminToken)) {
+ adminToken = IdentityClient.getTokenForUserWithAccess();
+ }
+ return adminToken;
+ }
+
+ @Override
+ public synchronized String getEditorToken() throws Exception {
+ if(Strings.isNullOrEmpty(editorToken)) {
+ editorToken = IdentityClient.getTokenForUserWithAccess();
+ }
+ return editorToken;
+ }
+
+ @Override
+ public synchronized String getNoAccessToken() throws Exception {
+ if(Strings.isNullOrEmpty(noAccessToken)) {
+ noAccessToken = IdentityClient.getTokenForUserWithNoAccess();
+ }
+ return noAccessToken;
+ }
+
+}