Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
Open Subsurface Data Universe Software
Platform
Platform Validation
Commits
7fca949d
Commit
7fca949d
authored
Sep 22, 2020
by
Ching Yang
Browse files
commit initial info_sec test cases
parent
0c8da308
Pipeline
#9429
failed with stages
in 8 seconds
Changes
1
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
Postman Collection/10_CICD_Setup_InformationSecurity/Security CI-CD v0.1.postman_collection.json
0 → 100644
View file @
7fca949d
{
"info"
:
{
"_postman_id"
:
"2e1a0b21-02e4-40d5-98f5-6b65b0d9c759"
,
"name"
:
"Security CI/CD v0.1"
,
"schema"
:
"https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item"
:
[
{
"name"
:
"Configure collection"
,
"item"
:
[
{
"name"
:
"Refresh Token(test-user-noaccess)"
,
"event"
:
[
{
"listen"
:
"test"
,
"script"
:
{
"id"
:
"9d249cfd-2262-4663-8210-6fab0052e73b"
,
"exec"
:
[
"pm.test(
\"
Access Token Returned
\"
, function(){"
,
" pm.response.to.have.status(200)"
,
"})"
,
"// this snippet extracts the new access and id tokens"
,
"// and puts them to environment variables"
,
"cp = pm.environment.get(
\"
cloud_platform
\"
);"
,
""
,
"var data = JSON.parse(responseBody)"
,
"pm.environment.set(
\"
access_token_no_access
\"
, data.access_token);"
,
"if (cp ==
\"
AWS
\"
|| cp ==
\"
IBM
\"
) {"
,
" pm.environment.set(
\"
id_token_no_access
\"
, data.id_token);"
,
"}"
,
"// Uncomment if server returns a new refresh_token,"
,
"// otherwise comment out to prevent overwriting it with null"
,
"if (cp ==
\"
Azure
\"
) {"
,
" pm.environment.set(
\"
refresh_token_no_access
\"
, data.refresh_token);"
,
"}"
],
"type"
:
"text/javascript"
}
},
{
"listen"
:
"prerequest"
,
"script"
:
{
"id"
:
"5af85917-41a1-4151-82d4-c4ba852a0437"
,
"exec"
:
[
""
],
"type"
:
"text/javascript"
}
}
],
"request"
:
{
"auth"
:
{
"type"
:
"noauth"
},
"method"
:
"POST"
,
"header"
:
[
{
"key"
:
"Content-Type"
,
"name"
:
"Content-Type"
,
"type"
:
"text"
,
"value"
:
"application/x-www-form-urlencoded"
},
{
"key"
:
"Ocp-Apim-Subscription-Key"
,
"type"
:
"text"
,
"value"
:
"xxxxxxxx"
,
"disabled"
:
true
}
],
"body"
:
{
"mode"
:
"urlencoded"
,
"urlencoded"
:
[
{
"key"
:
"grant_type"
,
"value"
:
"refresh_token"
,
"type"
:
"text"
},
{
"key"
:
"client_id"
,
"value"
:
"{{CLIENT_ID}}"
,
"description"
:
"Supply your client id as an environment variable"
,
"type"
:
"text"
},
{
"key"
:
"client_secret"
,
"value"
:
"{{CLIENT_SECRET}}"
,
"description"
:
"Supply your client secret as an environment variable"
,
"type"
:
"text"
},
{
"key"
:
"refresh_token"
,
"value"
:
"{{refresh_token_user_no_access}}"
,
"type"
:
"text"
},
{
"key"
:
"scope"
,
"value"
:
"{{Scope}}"
,
"type"
:
"text"
}
],
"options"
:
{
"urlencoded"
:
{}
}
},
"url"
:
{
"raw"
:
"{{Token_Fetch_URL}}"
,
"host"
:
[
"{{Token_Fetch_URL}}"
]
}
},
"response"
:
[]
},
{
"name"
:
"Refresh Token(test-user-08)"
,
"event"
:
[
{
"listen"
:
"test"
,
"script"
:
{
"id"
:
"b404906e-9a68-4d31-a9a3-086572585c6a"
,
"exec"
:
[
"pm.test(
\"
Access Token Returned
\"
, function(){"
,
" pm.response.to.have.status(200)"
,
"})"
,
""
,
"// this snippet extracts the new access and id tokens"
,
"// and puts them to environment variables"
,
"cp = pm.environment.get(
\"
cloud_platform
\"
);"
,
""
,
"var data = JSON.parse(responseBody)"
,
"pm.environment.set(
\"
access_token
\"
, data.access_token);"
,
"if (cp ==
\"
AWS
\"
|| cp ==
\"
IBM
\"
) {"
,
" pm.environment.set(
\"
id_token
\"
, data.id_token);"
,
"}"
,
"// Uncomment if server returns a new refresh_token,"
,
"// otherwise comment out to prevent overwriting it with null"
,
"if (cp ==
\"
Azure
\"
) {"
,
" pm.environment.set(
\"
refresh_token
\"
, data.refresh_token);"
,
"}"
],
"type"
:
"text/javascript"
}
},
{
"listen"
:
"prerequest"
,
"script"
:
{
"id"
:
"ec291f86-213b-4007-a9d5-49784c50ad74"
,
"exec"
:
[
""
],
"type"
:
"text/javascript"
}
}
],
"request"
:
{
"auth"
:
{
"type"
:
"noauth"
},
"method"
:
"POST"
,
"header"
:
[
{
"key"
:
"Content-Type"
,
"name"
:
"Content-Type"
,
"type"
:
"text"
,
"value"
:
"application/x-www-form-urlencoded"
},
{
"key"
:
"Ocp-Apim-Subscription-Key"
,
"type"
:
"text"
,
"value"
:
"xxxxxxxx"
,
"disabled"
:
true
}
],
"body"
:
{
"mode"
:
"urlencoded"
,
"urlencoded"
:
[
{
"key"
:
"grant_type"
,
"value"
:
"refresh_token"
,
"type"
:
"text"
},
{
"key"
:
"client_id"
,
"value"
:
"{{CLIENT_ID}}"
,
"description"
:
"Supply your client id as an environment variable"
,
"type"
:
"text"
},
{
"key"
:
"client_secret"
,
"value"
:
"{{CLIENT_SECRET}}"
,
"description"
:
"Supply your client secret as an environment variable"
,
"type"
:
"text"
},
{
"key"
:
"refresh_token"
,
"value"
:
"{{refresh_token}}"
,
"type"
:
"text"
},
{
"key"
:
"scope"
,
"value"
:
"{{Scope}}"
,
"type"
:
"text"
}
],
"options"
:
{
"urlencoded"
:
{}
}
},
"url"
:
{
"raw"
:
"{{Token_Fetch_URL}}"
,
"host"
:
[
"{{Token_Fetch_URL}}"
]
}
},
"response"
:
[]
}
],
"protocolProfileBehavior"
:
{}
},
{
"name"
:
"st-authn-core"
,
"item"
:
[
{
"name"
:
"001 Check error response on unauthenticated API call"
,
"event"
:
[
{
"listen"
:
"test"
,
"script"
:
{
"id"
:
"a579d654-eab0-434f-8110-2015c260a779"
,
"exec"
:
[
"pm.test(
\"
Status Code is 401 Unauthorized or 302 Redirect
\"
,function(){"
,
" pm.response.to.have.status(401)"
,
"});"
],
"type"
:
"text/javascript"
}
},
{
"listen"
:
"prerequest"
,
"script"
:
{
"id"
:
"d73add92-6d20-4f5d-ac9b-25cce1051056"
,
"exec"
:
[
"pm.request.headers.remove('Authorization');"
],
"type"
:
"text/javascript"
}
}
],
"request"
:
{
"auth"
:
{
"type"
:
"noauth"
},
"method"
:
"GET"
,
"header"
:
[
{
"key"
:
"data-partition-id"
,
"value"
:
"{{data-partition-id}}"
,
"type"
:
"text"
},
{
"key"
:
"Accept"
,
"value"
:
"application/json"
,
"type"
:
"text"
}
],
"url"
:
{
"raw"
:
"https://{{LEGAL_HOST}}/legaltags?valid=true"
,
"protocol"
:
"https"
,
"host"
:
[
"{{LEGAL_HOST}}"
],
"path"
:
[
"legaltags"
],
"query"
:
[
{
"key"
:
"valid"
,
"value"
:
"true"
}
]
},
"description"
:
"001 Check error response on unauthenticated API call"
},
"response"
:
[]
}
],
"event"
:
[
{
"listen"
:
"prerequest"
,
"script"
:
{
"id"
:
"cbbd7c78-c5ac-490d-ab0c-9303416507db"
,
"type"
:
"text/javascript"
,
"exec"
:
[
""
]
}
},
{
"listen"
:
"test"
,
"script"
:
{
"id"
:
"129c2a85-886a-46fd-a1e2-bb92465238c8"
,
"type"
:
"text/javascript"
,
"exec"
:
[
""
]
}
}
],
"protocolProfileBehavior"
:
{}
},
{
"name"
:
"st-search-auth"
,
"item"
:
[
{
"name"
:
"001 check error response when user is not authorised"
,
"event"
:
[
{
"listen"
:
"prerequest"
,
"script"
:
{
"id"
:
"220e27ab-5dd6-4264-8df6-bee783f966a4"
,
"exec"
:
[
""
],
"type"
:
"text/javascript"
}
},
{
"listen"
:
"test"
,
"script"
:
{
"id"
:
"b884c037-52f2-4265-a93f-3648cd27c4df"
,
"exec"
:
[
"pm.test(
\"
Status Code is 401 Unauthorized or 302 Redirect
\"
,function(){"
,
" pm.response.to.have.status(401)"
,
"});"
],
"type"
:
"text/javascript"
}
}
],
"request"
:
{
"auth"
:
{
"type"
:
"bearer"
,
"bearer"
:
[
{
"key"
:
"token"
,
"value"
:
"{{access_token_no_access}}"
,
"type"
:
"string"
}
]
},
"method"
:
"POST"
,
"header"
:
[
{
"key"
:
"data-partition-id"
,
"value"
:
"{{data-partition-id}}"
,
"type"
:
"text"
},
{
"key"
:
"Authorization"
,
"value"
:
"Bearer {{access_token}}"
,
"type"
:
"text"
}
],
"body"
:
{
"mode"
:
"raw"
,
"raw"
:
"{
\n
\"
kind
\"
:
\"
{{data-partition-id}}:osdu:*:{{standard_schema_version}}
\"
,
\n
\"
query
\"
:
\"
(BIR AND 0?)
\"\n
}
\n
"
,
"options"
:
{
"raw"
:
{
"language"
:
"json"
}
}
},
"url"
:
{
"raw"
:
"https://{{SEARCH_HOST}}/query"
,
"protocol"
:
"https"
,
"host"
:
[
"{{SEARCH_HOST}}"
],
"path"
:
[
"query"
]
},
"description"
:
"This test checks that API calls fail when the user is not authorised to call the search service.
\n
"
},
"response"
:
[]
},
{
"name"
:
"002 check response when user is authorised"
,
"event"
:
[
{
"listen"
:
"prerequest"
,
"script"
:
{
"id"
:
"5a18d607-87b7-4d8f-9739-5825ee2ee34b"
,
"exec"
:
[
""
],
"type"
:
"text/javascript"
}
},
{
"listen"
:
"test"
,
"script"
:
{
"id"
:
"7a178e4a-9233-452d-b9ca-c5bde9ae79db"
,
"exec"
:
[
"pm.test(
\"
Status Code is NOT 401 unauthorized
\"
,function(){"
,
" pm.response.not.to.have.status(401)"
,
"});"
],
"type"
:
"text/javascript"
}
}
],
"request"
:
{
"auth"
:
{
"type"
:
"bearer"
,
"bearer"
:
[
{
"key"
:
"token"
,
"value"
:
"{{access_token}}"
,
"type"
:
"string"
}
]
},
"method"
:
"POST"
,
"header"
:
[
{
"key"
:
"data-partition-id"
,
"type"
:
"text"
,
"value"
:
"{{data-partition-id}}"
},
{
"key"
:
"Authorization"
,
"type"
:
"text"
,
"value"
:
"Bearer {{access_token}}"
}
],
"body"
:
{
"mode"
:
"raw"
,
"raw"
:
"{
\n
\"
kind
\"
:
\"
{{data-partition-id}}:osdu:*:{{standard_schema_version}}
\"
,
\n
\"
query
\"
:
\"
(BIR AND 0?)
\"\n
}
\n
"
,
"options"
:
{
"raw"
:
{
"language"
:
"json"
}
}
},
"url"
:
{
"raw"
:
"https://{{SEARCH_HOST}}/query"
,
"protocol"
:
"https"
,
"host"
:
[
"{{SEARCH_HOST}}"
],
"path"
:
[
"query"
]
},
"description"
:
"This test checks that API calls fail when the user is not authorised to call the search service.
\n
"
},
"response"
:
[]
}
],
"event"
:
[
{
"listen"
:
"prerequest"
,
"script"
:
{
"id"
:
"5e716441-6bde-48e4-a9d4-9de43c68f100"
,
"type"
:
"text/javascript"
,
"exec"
:
[
""
]
}
},
{
"listen"
:
"test"
,
"script"
:
{
"id"
:
"dbb6631f-dd3c-4802-83a1-f2bbd0a70fa2"
,
"type"
:
"text/javascript"
,
"exec"
:
[
""
]
}
}
],
"protocolProfileBehavior"
:
{}
}
],
"event"
:
[
{
"listen"
:
"prerequest"
,
"script"
:
{
"id"
:
"89927072-40da-44c3-94a3-f05546722a7a"
,
"type"
:
"text/javascript"
,
"exec"
:
[
""
]
}
},
{
"listen"
:
"test"
,
"script"
:
{
"id"
:
"fd670728-fefd-441f-b445-7443c65ed673"
,
"type"
:
"text/javascript"
,
"exec"
:
[
""
]
}
}
],
"protocolProfileBehavior"
:
{}
}
\ No newline at end of file
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
