Commit 7fca949d authored by Ching Yang's avatar Ching Yang
Browse files

commit initial info_sec test cases

parent 0c8da308
Pipeline #9429 failed with stages
in 8 seconds
{
"info": {
"_postman_id": "2e1a0b21-02e4-40d5-98f5-6b65b0d9c759",
"name": "Security CI/CD v0.1",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "Configure collection",
"item": [
{
"name": "Refresh Token(test-user-noaccess)",
"event": [
{
"listen": "test",
"script": {
"id": "9d249cfd-2262-4663-8210-6fab0052e73b",
"exec": [
"pm.test(\"Access Token Returned\", function(){",
" pm.response.to.have.status(200)",
"})",
"// this snippet extracts the new access and id tokens",
"// and puts them to environment variables",
"cp = pm.environment.get(\"cloud_platform\");",
"",
"var data = JSON.parse(responseBody)",
"pm.environment.set(\"access_token_no_access\", data.access_token);",
"if (cp == \"AWS\" || cp == \"IBM\") {",
" pm.environment.set(\"id_token_no_access\", data.id_token);",
"}",
"// Uncomment if server returns a new refresh_token,",
"// otherwise comment out to prevent overwriting it with null",
"if (cp == \"Azure\") {",
" pm.environment.set(\"refresh_token_no_access\", data.refresh_token);",
"}"
],
"type": "text/javascript"
}
},
{
"listen": "prerequest",
"script": {
"id": "5af85917-41a1-4151-82d4-c4ba852a0437",
"exec": [
""
],
"type": "text/javascript"
}
}
],
"request": {
"auth": {
"type": "noauth"
},
"method": "POST",
"header": [
{
"key": "Content-Type",
"name": "Content-Type",
"type": "text",
"value": "application/x-www-form-urlencoded"
},
{
"key": "Ocp-Apim-Subscription-Key",
"type": "text",
"value": "xxxxxxxx",
"disabled": true
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "grant_type",
"value": "refresh_token",
"type": "text"
},
{
"key": "client_id",
"value": "{{CLIENT_ID}}",
"description": "Supply your client id as an environment variable",
"type": "text"
},
{
"key": "client_secret",
"value": "{{CLIENT_SECRET}}",
"description": "Supply your client secret as an environment variable",
"type": "text"
},
{
"key": "refresh_token",
"value": "{{refresh_token_user_no_access}}",
"type": "text"
},
{
"key": "scope",
"value": "{{Scope}}",
"type": "text"
}
],
"options": {
"urlencoded": {}
}
},
"url": {
"raw": "{{Token_Fetch_URL}}",
"host": [
"{{Token_Fetch_URL}}"
]
}
},
"response": []
},
{
"name": "Refresh Token(test-user-08)",
"event": [
{
"listen": "test",
"script": {
"id": "b404906e-9a68-4d31-a9a3-086572585c6a",
"exec": [
"pm.test(\"Access Token Returned\", function(){",
" pm.response.to.have.status(200)",
"})",
"",
"// this snippet extracts the new access and id tokens",
"// and puts them to environment variables",
"cp = pm.environment.get(\"cloud_platform\");",
"",
"var data = JSON.parse(responseBody)",
"pm.environment.set(\"access_token\", data.access_token);",
"if (cp == \"AWS\" || cp == \"IBM\") {",
" pm.environment.set(\"id_token\", data.id_token);",
"}",
"// Uncomment if server returns a new refresh_token,",
"// otherwise comment out to prevent overwriting it with null",
"if (cp == \"Azure\") {",
" pm.environment.set(\"refresh_token\", data.refresh_token);",
"}"
],
"type": "text/javascript"
}
},
{
"listen": "prerequest",
"script": {
"id": "ec291f86-213b-4007-a9d5-49784c50ad74",
"exec": [
""
],
"type": "text/javascript"
}
}
],
"request": {
"auth": {
"type": "noauth"
},
"method": "POST",
"header": [
{
"key": "Content-Type",
"name": "Content-Type",
"type": "text",
"value": "application/x-www-form-urlencoded"
},
{
"key": "Ocp-Apim-Subscription-Key",
"type": "text",
"value": "xxxxxxxx",
"disabled": true
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "grant_type",
"value": "refresh_token",
"type": "text"
},
{
"key": "client_id",
"value": "{{CLIENT_ID}}",
"description": "Supply your client id as an environment variable",
"type": "text"
},
{
"key": "client_secret",
"value": "{{CLIENT_SECRET}}",
"description": "Supply your client secret as an environment variable",
"type": "text"
},
{
"key": "refresh_token",
"value": "{{refresh_token}}",
"type": "text"
},
{
"key": "scope",
"value": "{{Scope}}",
"type": "text"
}
],
"options": {
"urlencoded": {}
}
},
"url": {
"raw": "{{Token_Fetch_URL}}",
"host": [
"{{Token_Fetch_URL}}"
]
}
},
"response": []
}
],
"protocolProfileBehavior": {}
},
{
"name": "st-authn-core",
"item": [
{
"name": "001 Check error response on unauthenticated API call",
"event": [
{
"listen": "test",
"script": {
"id": "a579d654-eab0-434f-8110-2015c260a779",
"exec": [
"pm.test(\"Status Code is 401 Unauthorized or 302 Redirect\",function(){",
" pm.response.to.have.status(401)",
"});"
],
"type": "text/javascript"
}
},
{
"listen": "prerequest",
"script": {
"id": "d73add92-6d20-4f5d-ac9b-25cce1051056",
"exec": [
"pm.request.headers.remove('Authorization');"
],
"type": "text/javascript"
}
}
],
"request": {
"auth": {
"type": "noauth"
},
"method": "GET",
"header": [
{
"key": "data-partition-id",
"value": "{{data-partition-id}}",
"type": "text"
},
{
"key": "Accept",
"value": "application/json",
"type": "text"
}
],
"url": {
"raw": "https://{{LEGAL_HOST}}/legaltags?valid=true",
"protocol": "https",
"host": [
"{{LEGAL_HOST}}"
],
"path": [
"legaltags"
],
"query": [
{
"key": "valid",
"value": "true"
}
]
},
"description": "001 Check error response on unauthenticated API call"
},
"response": []
}
],
"event": [
{
"listen": "prerequest",
"script": {
"id": "cbbd7c78-c5ac-490d-ab0c-9303416507db",
"type": "text/javascript",
"exec": [
""
]
}
},
{
"listen": "test",
"script": {
"id": "129c2a85-886a-46fd-a1e2-bb92465238c8",
"type": "text/javascript",
"exec": [
""
]
}
}
],
"protocolProfileBehavior": {}
},
{
"name": "st-search-auth",
"item": [
{
"name": "001 check error response when user is not authorised",
"event": [
{
"listen": "prerequest",
"script": {
"id": "220e27ab-5dd6-4264-8df6-bee783f966a4",
"exec": [
""
],
"type": "text/javascript"
}
},
{
"listen": "test",
"script": {
"id": "b884c037-52f2-4265-a93f-3648cd27c4df",
"exec": [
"pm.test(\"Status Code is 401 Unauthorized or 302 Redirect\",function(){",
" pm.response.to.have.status(401)",
"});"
],
"type": "text/javascript"
}
}
],
"request": {
"auth": {
"type": "bearer",
"bearer": [
{
"key": "token",
"value": "{{access_token_no_access}}",
"type": "string"
}
]
},
"method": "POST",
"header": [
{
"key": "data-partition-id",
"value": "{{data-partition-id}}",
"type": "text"
},
{
"key": "Authorization",
"value": "Bearer {{access_token}}",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"kind\": \"{{data-partition-id}}:osdu:*:{{standard_schema_version}}\",\n \"query\": \"(BIR AND 0?)\"\n}\n",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "https://{{SEARCH_HOST}}/query",
"protocol": "https",
"host": [
"{{SEARCH_HOST}}"
],
"path": [
"query"
]
},
"description": "This test checks that API calls fail when the user is not authorised to call the search service.\n"
},
"response": []
},
{
"name": "002 check response when user is authorised",
"event": [
{
"listen": "prerequest",
"script": {
"id": "5a18d607-87b7-4d8f-9739-5825ee2ee34b",
"exec": [
""
],
"type": "text/javascript"
}
},
{
"listen": "test",
"script": {
"id": "7a178e4a-9233-452d-b9ca-c5bde9ae79db",
"exec": [
"pm.test(\"Status Code is NOT 401 unauthorized\",function(){",
" pm.response.not.to.have.status(401)",
"});"
],
"type": "text/javascript"
}
}
],
"request": {
"auth": {
"type": "bearer",
"bearer": [
{
"key": "token",
"value": "{{access_token}}",
"type": "string"
}
]
},
"method": "POST",
"header": [
{
"key": "data-partition-id",
"type": "text",
"value": "{{data-partition-id}}"
},
{
"key": "Authorization",
"type": "text",
"value": "Bearer {{access_token}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"kind\": \"{{data-partition-id}}:osdu:*:{{standard_schema_version}}\",\n \"query\": \"(BIR AND 0?)\"\n}\n",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "https://{{SEARCH_HOST}}/query",
"protocol": "https",
"host": [
"{{SEARCH_HOST}}"
],
"path": [
"query"
]
},
"description": "This test checks that API calls fail when the user is not authorised to call the search service.\n"
},
"response": []
}
],
"event": [
{
"listen": "prerequest",
"script": {
"id": "5e716441-6bde-48e4-a9d4-9de43c68f100",
"type": "text/javascript",
"exec": [
""
]
}
},
{
"listen": "test",
"script": {
"id": "dbb6631f-dd3c-4802-83a1-f2bbd0a70fa2",
"type": "text/javascript",
"exec": [
""
]
}
}
],
"protocolProfileBehavior": {}
}
],
"event": [
{
"listen": "prerequest",
"script": {
"id": "89927072-40da-44c3-94a3-f05546722a7a",
"type": "text/javascript",
"exec": [
""
]
}
},
{
"listen": "test",
"script": {
"id": "fd670728-fefd-441f-b445-7443c65ed673",
"type": "text/javascript",
"exec": [
""
]
}
}
],
"protocolProfileBehavior": {}
}
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment