Stop using base64 encoded service accounts for tests(GONRG-7865)

590cf5f2 · Rustam Lotsmanenko (EPAM) · e255aa93 · 590cf5f2 · 590cf5f2 · 590cf5f2
Commit 590cf5f2 authored 6 months ago by Rustam Lotsmanenko (EPAM)
--- a/provider/schema-gc/docs/gc/README.md
+++ b/provider/schema-gc/docs/gc/README.md
@@ -55,14 +55,14 @@ This section describes how to run cloud OSDU E2E tests (testing/schema-test-core

 You will need to have the following environment variables defined.

-| name | value | description | sensitive? | source |
-| ---  | ---   | ---         | ---        | ---    |
-| `VENDOR` | `gc` | Use value 'gc' to run Google Cloud tests | no | - |
-| `HOST` | ex`http://localhost:8080` | Schema service host | no | - |
-| `INTEGRATION_TESTER` | `********` | Service account base64 encoded string for API calls. Note: this user must have entitlements configured already | yes | <https://console.cloud.google.com/iam-admin/serviceaccounts> |
-| `PRIVATE_TENANT2` | ex`opendes` | OSDU tenant used for testing | no | - |
-| `PRIVATE_TENANT1` | ex`osdu` | OSDU tenant used for testing | no | - |
-| `SHARED_TENANT` | ex`common` | OSDU tenant used for testing | no | - |
+| name                 | value                                    | description                                                                                                                      | sensitive? | source                                                       |
+|----------------------|------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------|------------|--------------------------------------------------------------|
+| `VENDOR`             | `gc`                                     | Use value 'gc' to run Google Cloud tests                                                                                         | no         | -                                                            |
+| `HOST`               | ex`http://localhost:8080`                | Schema service host                                                                                                              | no         | -                                                            |
+| `INTEGRATION_TESTER` | `ewogICJ0....` or `tmp/service-acc.json` | Service account base64 encoded string or path to a file for API calls. Note: this user must have entitlements configured already | yes        | <https://console.cloud.google.com/iam-admin/serviceaccounts> |
+| `PRIVATE_TENANT2`    | ex`opendes`                              | OSDU tenant used for testing                                                                                                     | no         | -                                                            |
+| `PRIVATE_TENANT1`    | ex`osdu`                                 | OSDU tenant used for testing                                                                                                     | no         | -                                                            |
+| `SHARED_TENANT`      | ex`common`                               | OSDU tenant used for testing                                                                                                     | no         | -                                                            |

 **Entitlements configuration for integration accounts**


--- a/testing/schema-test-core/src/test/java/org/opengroup/osdu/schema/util/gcp/DecodedContentExtractor.java
+++ b/testing/schema-test-core/src/test/java/org/opengroup/osdu/schema/util/gcp/DecodedContentExtractor.java
+/*
+ *  Copyright 2020-2024 Google LLC
+ *  Copyright 2020-2024 EPAM Systems, Inc
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.opengroup.osdu.schema.util.gcp;
+
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.InvalidPathException;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.Base64;
+import java.util.function.Predicate;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.java.Log;
+
+@Log
+@RequiredArgsConstructor
+public class DecodedContentExtractor {
+    private final String inputFilenameOrContent;
+    private final Predicate<String> contentAcceptanceTester;
+
+    private boolean validOutputContentFound;
+    private String outputContent;
+
+    public String getContent() {
+
+        validOutputContentFound = false;
+        outputContent = null;
+
+        log.info("Treat value as a content");
+        if (inputFilenameOrContent.trim().isEmpty()) {
+            log.info("provided value is empty. Output as is.");
+            return setValidOutputContent(inputFilenameOrContent);
+        }
+
+        if (!treatValueAsAContent(inputFilenameOrContent)) {
+            log.info("Value is not a valid content. Treat value as a filename");
+            if (!treatValueAsAFileName(inputFilenameOrContent)){
+                log.info("Value is not a filename with a valid content");
+            }
+
+        }
+
+        return getValidOutputContentIfFound();
+    }
+
+    private boolean treatValueAsAContent(String input) {
+        if (contentAcceptanceTester.test(input)) {
+            log.info("the value is a valid content. Output as is.");
+            setValidOutputContent(input);
+            return true;
+        }
+        String output;
+        try {
+            output = new String(Base64.getDecoder().decode(input));
+            log.info("the value is probably Base64 encoded. Just decoded");
+            if (contentAcceptanceTester.test(output)) {
+                log.info("the decoded value is a valid content. Output decoded value.");
+                setValidOutputContent(output);
+            } else {
+                log.info("the decoded value is not a valid content.");
+            }
+        } catch (IllegalArgumentException e) {
+            log.info("the value is not Base64 encoded. ");
+        }
+
+        return validOutputContentFound;
+    }
+
+    private boolean treatValueAsAFileName(String filename) {
+
+        if (treatFileContent(filename)) return true;
+
+        try {
+            filename = new String(Base64.getDecoder().decode(filename));
+            log.info("the filename is probably Base64 encoded. Just decoded");
+            if (treatFileContent(filename)) return true;
+        } catch (IllegalArgumentException e) {
+            log.info("the filename is not Base64 encoded. ");
+        }
+        return validOutputContentFound;
+    }
+
+    private boolean treatFileContent(String filename) {
+        try {
+            Path path = Paths.get(filename);
+            if (Files.exists(path)) {
+                log.info("the filename is of existing file. Read file.");
+                try {
+                    String fileContent = new String(Files.readAllBytes(path));
+                    if (treatValueAsAContent(fileContent)) {
+                        return true;
+                    }
+                } catch (IOException | SecurityException | OutOfMemoryError ex) {
+                    log.info(() -> ("unable to read the file: " + ex.getClass().getSimpleName()));
+                }
+            }
+        } catch (InvalidPathException ex) {
+            log.info("the filename is not valid or the file doesn't exist.");
+        }
+        return false;
+    }
+
+    private String setValidOutputContent(String outputContent) {
+        this.outputContent = outputContent;
+        this.validOutputContentFound = true;
+        return getValidOutputContentIfFound();
+    }
+
+    public String getValidOutputContentIfFound() {
+        return validOutputContentFound ? outputContent : null;
+    }
+}
--- a/testing/schema-test-core/src/test/java/org/opengroup/osdu/schema/util/gcp/GoogleServiceAccount.java
+++ b/testing/schema-test-core/src/test/java/org/opengroup/osdu/schema/util/gcp/GoogleServiceAccount.java
@@ -27,9 +27,9 @@ import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.util.ArrayList;
-import java.util.Base64;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.function.Predicate;
 import org.apache.http.HttpResponse;
 import org.apache.http.NameValuePair;
 import org.apache.http.client.HttpClient;
@@ -41,16 +41,13 @@ import org.apache.http.util.EntityUtils;

 public class GoogleServiceAccount {

+  private final static Predicate<String> contentAcceptanceTester = s -> s.trim().startsWith("{");
  private static final String DEFAULT_TARGET_AUDIENCE = "osdu";
  final ServiceAccountCredentials serviceAccount;

-  public GoogleServiceAccount(String serviceAccountEncoded) throws IOException {
-    this(Base64.getDecoder().decode(serviceAccountEncoded));
-  }
-
-  public GoogleServiceAccount(byte[] serviceAccountJson) throws IOException {
-    try (InputStream inputStream = new ByteArrayInputStream(serviceAccountJson)) {
-
+  public GoogleServiceAccount(String serviceAccountValue) throws IOException {
+    serviceAccountValue = new DecodedContentExtractor(serviceAccountValue, contentAcceptanceTester).getContent();
+    try (InputStream inputStream = new ByteArrayInputStream(serviceAccountValue.getBytes())) {
      this.serviceAccount = ServiceAccountCredentials.fromStream(inputStream);
    }
  }