Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix test failures and add new tests for subscription validation disabling #13527

Merged
merged 3 commits into from
Sep 20, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,7 @@ public static class API_TIER {
public static final String BRONZE = "Bronze";
public static final String ASYNC_UNLIMITED = "AsyncUnlimited";
public static final String ASYNC_WH_UNLIMITED = "AsyncWHUnlimited";
public static final String DEFAULT_SUBSCRIPTIONLESSS = "DefaultSubscriptionless";

public static final int GOLD_LIMIT = 20;
public static final int SILVER_LIMIT = 5;
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,247 @@
package org.wso2.am.integration.tests.application;

import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.lang.StringUtils;
import org.apache.http.NameValuePair;
import org.apache.http.message.BasicNameValuePair;
import org.json.JSONObject;
import org.testng.Assert;
import org.testng.annotations.*;
import org.wso2.am.integration.clients.publisher.api.v1.dto.APIDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationKeyDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationKeyGenerateRequestDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.SubscriptionListDTO;
import org.wso2.am.integration.test.utils.base.APIMIntegrationConstants;
import org.wso2.am.integration.test.utils.bean.APILifeCycleAction;
import org.wso2.am.integration.test.utils.bean.APIRequest;
import org.wso2.am.integration.test.utils.http.HTTPSClientUtils;
import org.wso2.am.integration.test.utils.token.TokenUtils;
import org.wso2.am.integration.tests.api.lifecycle.APIManagerLifecycleBaseTest;
import org.wso2.carbon.automation.engine.context.TestUserMode;
import org.wso2.carbon.automation.test.utils.http.client.HttpRequestUtil;
import org.wso2.carbon.automation.test.utils.http.client.HttpResponse;
import org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationConfig;
import org.wso2.carbon.identity.application.common.model.xsd.InboundAuthenticationRequestConfig;
import org.wso2.carbon.identity.application.common.model.xsd.Property;
import org.wso2.carbon.identity.application.common.model.xsd.ServiceProvider;
import org.wso2.carbon.identity.oauth.stub.dto.OAuthConsumerAppDTO;

import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

public class SubscriptionValidationDisableTestCase extends APIManagerLifecycleBaseTest {
private static final String APPLICATION_NAME = "subscriptionValidationApp";
private final String SP_NAME = "externalSP";
private String applicationId;
private String apiId;
private final String API_END_POINT_POSTFIX_URL = "jaxrs_basic/services/customers/customerservice/";
private final String API_ENDPOINT_METHOD = "/customers/123";
private final String API_NAME = "SubValidationDisabledAPI";
private final String API_CONTEXT = "subValidationDisabledAPI";
private String accessToken;
private String accessTokenExternal;
private String consumerKey;
private String consumerSecret;

@Factory(dataProvider = "userModeDataProvider")
public SubscriptionValidationDisableTestCase(TestUserMode userMode) {
this.userMode = userMode;
}

@DataProvider
public static Object[][] userModeDataProvider() {
return new Object[][]{
new Object[]{TestUserMode.SUPER_TENANT_ADMIN},
new Object[]{TestUserMode.TENANT_ADMIN},
};
}

@BeforeClass(alwaysRun = true)
public void setEnvironment() throws Exception {
super.init(userMode);
createAPIAndApp();
createServiceProvider();
}

@Test(groups = {"wso2.am"}, description = "Test API invocation without subscriptions when subscription " +
"validation is disabled")
public void testSubscriptionValidationDisablingForAPI() throws Exception {
APIDTO apidto = restAPIPublisher.getAPIByID(apiId);
List<String> tiers = new ArrayList<>();
apidto.setPolicies(tiers);
restAPIPublisher.updateAPI(apidto);

APIDTO updatedApi = restAPIPublisher.getAPIByID(apiId);
List<String> updatedTiers = updatedApi.getPolicies();
Assert.assertEquals(updatedTiers.size(), 1,
"The default internal subscription policy is not applied for the API");
Assert.assertEquals(updatedTiers.get(0), APIMIntegrationConstants.API_TIER.DEFAULT_SUBSCRIPTIONLESSS,
"The default internal subscription policy is not applied for the API");
}

@Test(groups = {"wso2.am"}, description = "Test API invocation without subscriptions when subscription " +
"validation is disabled", dependsOnMethods = "testSubscriptionValidationDisablingForAPI")
public void testAPIInvocationWithoutSubscription() throws Exception {
List<String> grantTypes = new ArrayList<>();
grantTypes.add(APIMIntegrationConstants.GRANT_TYPE.CLIENT_CREDENTIAL);
ApplicationKeyDTO applicationKey = restAPIStore.generateKeys(applicationId, "3600", null,
ApplicationKeyGenerateRequestDTO.KeyTypeEnum.PRODUCTION, null, grantTypes);
Assert.assertNotNull(applicationKey, "Application key generation failed");
accessToken = applicationKey.getToken().getAccessToken();

Map<String, String> requestHeaders = new HashMap<>();
requestHeaders.put(APIMIntegrationConstants.AUTHORIZATION_HEADER, "Bearer " + accessToken);
requestHeaders.put("accept", "text/xml");
HttpResponse response = HttpRequestUtil
.doGet(getAPIInvocationURLHttp(API_CONTEXT, API_VERSION_1_0_0) +
API_ENDPOINT_METHOD, requestHeaders);
Assert.assertEquals(response.getResponseCode(), 200, "API invocation failed without subscription");

SubscriptionListDTO listDTO = restAPIStore.getSubscription(apiId, applicationId, "", null);
Assert.assertNotNull(listDTO, "Subscription retrieval failed");
Assert.assertEquals(1, listDTO.getList().size(), "Internal subscription" +
" not created when subscription validation was disabled");
Assert.assertEquals(listDTO.getList().get(0).getThrottlingPolicy(),
APIMIntegrationConstants.API_TIER.DEFAULT_SUBSCRIPTIONLESSS,
"Default policy not applied to internal subscription");
}

@Test(groups = {"wso2.am"}, description = "Test API invocation with an external token",
dependsOnMethods = "testAPIInvocationWithoutSubscription")
public void testAPIInvocationWithExternalToken() throws Exception {
String credentials = TokenUtils.getBase64EncodedAppCredentials(consumerKey, consumerSecret);

List<NameValuePair> urlParameters = new ArrayList<>();
urlParameters.add(new BasicNameValuePair("grant_type",
APIMIntegrationConstants.GRANT_TYPE.CLIENT_CREDENTIAL));
Map<String, String> tokenHeaders = new HashMap<>();
tokenHeaders.put(APIMIntegrationConstants.AUTHORIZATION_HEADER, "Basic " + credentials);
HttpResponse tokenResponse = HTTPSClientUtils.doPost(getKeyManagerURLHttps() + "/oauth2/token",
tokenHeaders, urlParameters);
Assert.assertEquals(tokenResponse.getResponseCode(), HttpStatus.SC_OK,
"External token request failed");
JSONObject jsonObject = new JSONObject(tokenResponse.getData());
accessTokenExternal = jsonObject.getString("access_token");
Assert.assertNotNull(accessTokenExternal, "Couldn't find the access token");

Map<String, String> requestHeaders = new HashMap<>();
requestHeaders.put(APIMIntegrationConstants.AUTHORIZATION_HEADER, "Bearer " + accessTokenExternal);
requestHeaders.put("accept", "text/xml");
HttpResponse response = HttpRequestUtil
.doGet(getAPIInvocationURLHttp(API_CONTEXT, API_VERSION_1_0_0) +
API_ENDPOINT_METHOD, requestHeaders);
Assert.assertEquals(response.getResponseCode(), 200, "API invocation failed for the external token");

SubscriptionListDTO listDTO = restAPIStore.getSubscription(apiId, applicationId, "", null);
Assert.assertNotNull(listDTO, "Subscription retrieval failed");
Assert.assertEquals(1, listDTO.getList().size(),
"Subscription count changed when invoked with external token");
}

@Test(groups = {"wso2.am"}, description = "Test API invocation after re-enabling subscription validation",
dependsOnMethods = "testAPIInvocationWithExternalToken")
public void testAPIInvocationAfterEnablingSubscriptionValidation() throws Exception {
APIDTO apidto = restAPIPublisher.getAPIByID(apiId);
apidto.getPolicies().add(APIMIntegrationConstants.API_TIER.UNLIMITED);
restAPIPublisher.updateAPI(apidto);

// Need to wait for a while until the API update event is received by the gateway
Thread.sleep(60000);

Map<String, String> requestHeaders = new HashMap<>();
requestHeaders.put(APIMIntegrationConstants.AUTHORIZATION_HEADER, "Bearer " + accessToken);
requestHeaders.put("accept", "text/xml");
HttpResponse response = HttpRequestUtil
.doGet(getAPIInvocationURLHttp(API_CONTEXT, API_VERSION_1_0_0) +
API_ENDPOINT_METHOD, requestHeaders);
Assert.assertEquals(response.getResponseCode(), 200,
"API invocation failed after re-enabling subscription validation");

Map<String, String> requestHeaders2 = new HashMap<>();
requestHeaders2.put(APIMIntegrationConstants.AUTHORIZATION_HEADER, "Bearer " + accessTokenExternal);
requestHeaders2.put("accept", "text/xml");
HttpResponse response2 = HttpRequestUtil
.doGet(getAPIInvocationURLHttp(API_CONTEXT, API_VERSION_1_0_0) +
API_ENDPOINT_METHOD, requestHeaders2);
Assert.assertEquals(response2.getResponseCode(), 403,
"API invocation successful for the external token after re-enabling subscription validation");
}

private void createAPIAndApp() throws Exception {
// Create an API
APIRequest apiRequest;
String apiEndPointUrl = backEndServerUrl.getWebAppURLHttp() + API_END_POINT_POSTFIX_URL;
apiRequest = new APIRequest(API_NAME, API_CONTEXT, new URL(apiEndPointUrl));

apiRequest.setVersion(API_VERSION_1_0_0);
apiRequest.setTiersCollection(APIMIntegrationConstants.API_TIER.UNLIMITED);
apiRequest.setTier(APIMIntegrationConstants.API_TIER.UNLIMITED);
apiRequest.setProvider(user.getUserName());

HttpResponse apiResponse = restAPIPublisher.addAPI(apiRequest);
apiId = apiResponse.getData();
createAPIRevisionAndDeployUsingRest(apiId, restAPIPublisher);
APIDTO apidto = restAPIPublisher.getAPIByID(apiId);
waitForAPIDeploymentSync(apidto.getProvider(), apidto.getName(), apidto.getVersion(),
APIMIntegrationConstants.IS_API_EXISTS);
restAPIPublisher.changeAPILifeCycleStatus(apiId, APILifeCycleAction.PUBLISH.getAction());

// Create an application
HttpResponse appCreationResponse = restAPIStore.createApplication(APPLICATION_NAME,
"Sub validation test app", APIMIntegrationConstants.APPLICATION_TIER.UNLIMITED,
ApplicationDTO.TokenTypeEnum.JWT);
applicationId = appCreationResponse.getData();
}

private void createServiceProvider() throws Exception {
OAuthConsumerAppDTO appDTO = new OAuthConsumerAppDTO();
appDTO.setApplicationName(SP_NAME);
appDTO.setCallbackUrl("http://localhost:9999");
appDTO.setOAuthVersion("OAuth-2.0");
appDTO.setGrantTypes("client_credentials");
appDTO.setTokenType("JWT");

oAuthAdminServiceClient.registerOAuthApplicationData(appDTO);
OAuthConsumerAppDTO createdApp = oAuthAdminServiceClient.getOAuthAppByName(SP_NAME);
Assert.assertNotNull(createdApp);

consumerKey = createdApp.getOauthConsumerKey();
consumerSecret = createdApp.getOauthConsumerSecret();

ServiceProvider serviceProvider = new ServiceProvider();
serviceProvider.setApplicationName(SP_NAME);
applicationManagementClient.createApplication(serviceProvider);
serviceProvider = applicationManagementClient.getApplication(SP_NAME);

InboundAuthenticationRequestConfig requestConfig = new InboundAuthenticationRequestConfig();
requestConfig.setInboundAuthKey(consumerKey);
requestConfig.setInboundAuthType("oauth2");
if (StringUtils.isNotBlank(consumerSecret)) {
Property property = new Property();
property.setName("oauthConsumerSecret");
property.setValue(consumerSecret);
Property[] properties = {property};
requestConfig.setProperties(properties);
}

InboundAuthenticationConfig inboundAuthenticationConfig = new InboundAuthenticationConfig();
inboundAuthenticationConfig
.setInboundAuthenticationRequestConfigs(new InboundAuthenticationRequestConfig[]{requestConfig});
serviceProvider.setInboundAuthenticationConfig(inboundAuthenticationConfig);
applicationManagementClient.updateApplication(serviceProvider);
}

@AfterClass(alwaysRun = true)
public void destroy() throws Exception {
if (applicationId != null) {
restAPIStore.deleteApplication(applicationId);
}
if (apiId != null) {
restAPIPublisher.deleteAPI(apiId);
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -24,11 +24,14 @@
import org.testng.annotations.DataProvider;
import org.testng.annotations.Factory;
import org.testng.annotations.Test;
import org.wso2.am.integration.clients.publisher.api.v1.dto.SubscriptionPolicyDTO;
import org.wso2.am.integration.clients.publisher.api.v1.dto.ThrottlingPolicyDTO;
import org.wso2.am.integration.clients.publisher.api.v1.dto.ThrottlingPolicyListDTO;
import org.wso2.am.integration.test.utils.base.APIMIntegrationBaseTest;
import org.wso2.carbon.automation.engine.context.TestUserMode;

import java.util.List;

import static org.testng.Assert.assertEquals;
import static org.testng.Assert.assertNotNull;

Expand Down Expand Up @@ -67,7 +70,7 @@ public void testGetAllTheThrottlingTiers() throws Exception {
ThrottlingPolicyDTO.PolicyLevelEnum.SUBSCRIPTION.getValue());
assertNotNull(throttlingPolicyListDTO, "There are no API level policies available");
assertNotNull(throttlingPolicyListDTO.getCount(), "Throttle policy count should be available");
assertEquals(throttlingPolicyListDTO.getCount().intValue(), 4, "There must be only 4 policies by default");
assertEquals(throttlingPolicyListDTO.getCount().intValue(), 5, "There must be only 5 policies by default");

//Validate the Tier Bronze
ThrottlingPolicyDTO tierBronze = throttlingPolicyListDTO.getList().get(0);
Expand All @@ -78,8 +81,18 @@ public void testGetAllTheThrottlingTiers() throws Exception {
assertEquals(tierBronze.getName(), "Bronze",
"Invalid name of the tier Bronze");

//Validate the Default Subscriptionless tier
ThrottlingPolicyDTO tierSubscriptionless = throttlingPolicyListDTO.getList().get(1);
assertEquals(tierSubscriptionless.getDescription(),
"Allows 10000 requests per minute when subscription validation is disabled",
"Invalid description of the tier DefaultSubscriptionless");
assertEquals(tierSubscriptionless.getDisplayName(), "DefaultSubscriptionless",
"Invalid display name of the tier DefaultSubscriptionless");
assertEquals(tierSubscriptionless.getName(), "DefaultSubscriptionless",
"Invalid name of the tier DefaultSubscriptionless");

//Validate the Tier Gold
ThrottlingPolicyDTO tierGold = throttlingPolicyListDTO.getList().get(1);
ThrottlingPolicyDTO tierGold = throttlingPolicyListDTO.getList().get(2);
assertEquals(tierGold.getDescription(), "Allows 5000 requests per minute",
"Invalid description of the tier Gold");
assertEquals(tierGold.getDisplayName(), "Gold",
Expand All @@ -88,7 +101,7 @@ public void testGetAllTheThrottlingTiers() throws Exception {
"Invalid name of the tier Gold");

//Validate the Tier Silver
ThrottlingPolicyDTO tierSilver = throttlingPolicyListDTO.getList().get(2);
ThrottlingPolicyDTO tierSilver = throttlingPolicyListDTO.getList().get(3);
assertEquals(tierSilver.getDescription(), "Allows 2000 requests per minute",
"Invalid description of the tier Silver");
assertEquals(tierSilver.getDisplayName(), "Silver",
Expand All @@ -97,7 +110,7 @@ public void testGetAllTheThrottlingTiers() throws Exception {
"Invalid name of the tier Silver");

//Validate the Tier Unlimited
ThrottlingPolicyDTO tierUnlimited = throttlingPolicyListDTO.getList().get(3);
ThrottlingPolicyDTO tierUnlimited = throttlingPolicyListDTO.getList().get(4);
assertEquals(tierUnlimited.getDescription(), "Allows unlimited requests",
"Invalid description of the tier Unlimited");
assertEquals(tierUnlimited.getDisplayName(), "Unlimited",
Expand All @@ -108,5 +121,4 @@ public void testGetAllTheThrottlingTiers() throws Exception {

}


}
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ public void testGetAllSubscriptionThrottlingPoliciesByQuotaType() throws Excepti
SubscriptionPolicyListDTO subscriptionPolicyList = restAPIPublisher.getSubscriptionPolicies(EVENT_COUNT_TYPE);
assertNotNull(subscriptionPolicyList, "There are no subscription policies available");
assertNotNull(subscriptionPolicyList.getCount(), "Subscription policy count should be available");
assertEquals(subscriptionPolicyList.getCount().intValue(), 8, "There must be only 8 policies by default");
assertEquals(subscriptionPolicyList.getCount().intValue(), 9, "There must be only 9 policies by default");
assertNotNull(subscriptionPolicyList.getList(), "Subscription policy list should be available");

SubscriptionPolicyDTO tierAsyncBronze = getSubscriptionPolicy("AsyncBronze",
Expand Down Expand Up @@ -96,6 +96,15 @@ public void testGetAllSubscriptionThrottlingPoliciesByQuotaType() throws Excepti
assertEquals(tierAsyncUnlimited.getDescription(), "Allows unlimited events",
"Invalid description of the tier AsyncUnlimited");

SubscriptionPolicyDTO tierAsyncSubscriptionless
= getSubscriptionPolicy("AsyncDefaultSubscriptionless", subscriptionPolicyList.getList());
assertNotNull(tierAsyncSubscriptionless, "Tier AsyncDefaultSubscriptionless is not available");
assertEquals(tierAsyncSubscriptionless.getDisplayName(), "AsyncDefaultSubscriptionless",
"Invalid display name of the tier AsyncDefaultSubscriptionless");
assertEquals(tierAsyncSubscriptionless.getDescription(),
"Allows 10000 events per day when subscription validation is disabled",
"Invalid description of the tier AsyncDefaultSubscriptionless");

SubscriptionPolicyDTO tierAsyncWHBronze = getSubscriptionPolicy("AsyncWHBronze",
subscriptionPolicyList.getList());
assertNotNull(tierAsyncWHBronze, "Tier AsyncWHBronze is not available");
Expand Down Expand Up @@ -131,7 +140,7 @@ public void testGetAllSubscriptionThrottlingPoliciesByQuotaType() throws Excepti

public SubscriptionPolicyDTO getSubscriptionPolicy(String policyName, List<SubscriptionPolicyDTO> subscriptionPolicyDTOList) {
for (SubscriptionPolicyDTO subscriptionPolicyDTO: subscriptionPolicyDTOList) {
if (subscriptionPolicyDTO.getPolicyName().equals(policyName)) {
if (policyName.equals(subscriptionPolicyDTO.getPolicyName())) {
return subscriptionPolicyDTO;
}
}
Expand Down
Loading
Loading