Skip to content

Commit

Permalink
create super-user in tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@paullatzelsperger
paullatzelsperger committed Feb 15, 2024
1 parent 1f58f87 commit 93d23c1
Show file tree
Hide file tree
Showing 4 changed files with 74 additions and 50 deletions.
17 changes: 10 additions & 7 deletions ...i-tests/src/test/java/org/eclipse/edc/identityhub/tests/DidManagementApiEndToEndTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,14 +79,14 @@ void publishDid_notOwner_expect403() {

@Test
void publishDid() {

var superUserKey = createSuperUser();
var subscriber = mock(EventSubscriber.class);
getService(EventRouter.class).registerSync(DidDocumentPublished.class, subscriber);

var user = "test-user";
var token = createParticipant(user);

assertThat(Arrays.asList(token, getSuperUserApiKey()))
assertThat(Arrays.asList(token, superUserKey))
.allSatisfy(t -> {
reset(subscriber);
RUNTIME_CONFIGURATION.getManagementEndpoint().baseRequest()
Expand Down Expand Up @@ -155,14 +155,14 @@ void unpublishDid_notOwner_expect403() {

@Test
void unpublishDid() {

var superUserKey = createSuperUser();
var subscriber = mock(EventSubscriber.class);
getService(EventRouter.class).registerSync(DidDocumentUnpublished.class, subscriber);

var user = "test-user";
var token = createParticipant(user);

assertThat(Arrays.asList(token, getSuperUserApiKey()))
assertThat(Arrays.asList(token, superUserKey))
.allSatisfy(t -> {
reset(subscriber);
RUNTIME_CONFIGURATION.getManagementEndpoint().baseRequest()
Expand Down Expand Up @@ -214,11 +214,12 @@ void getState_nowOwner_expect403() {

@Test
void getAll() {
var superUserKey = createSuperUser();
range(0, 20).forEach(i -> createParticipant("user-" + i));

var docs = RUNTIME_CONFIGURATION.getManagementEndpoint().baseRequest()
.contentType(JSON)
.header(new Header("x-api-key", getSuperUserApiKey()))
.header(new Header("x-api-key", superUserKey))
.get("/v1/dids")
.then()
.log().ifValidationFails()
Expand All @@ -230,11 +231,12 @@ void getAll() {

@Test
void getAll_withDefaultPaging() {
var superUserKey = createSuperUser();
range(0, 70).forEach(i -> createParticipant("user-" + i));

var docs = RUNTIME_CONFIGURATION.getManagementEndpoint().baseRequest()
.contentType(JSON)
.header(new Header("x-api-key", getSuperUserApiKey()))
.header(new Header("x-api-key", superUserKey))
.get("/v1/dids")
.then()
.log().ifValidationFails()
Expand All @@ -246,11 +248,12 @@ void getAll_withDefaultPaging() {

@Test
void getAll_withPaging() {
var superUserKey = createSuperUser();
range(0, 20).forEach(i -> createParticipant("user-" + i));

var docs = RUNTIME_CONFIGURATION.getManagementEndpoint().baseRequest()
.contentType(JSON)
.header(new Header("x-api-key", getSuperUserApiKey()))
.header(new Header("x-api-key", superUserKey))
.get("/v1/dids?offset=5&limit=10")
.then()
.log().ifValidationFails()
Expand Down
24 changes: 16 additions & 8 deletions ...tests/src/test/java/org/eclipse/edc/identityhub/tests/KeyPairResourceApiEndToEndTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,12 +84,13 @@ void findById_notAuthorized() {

@Test
void findById() {
var superUserKey = createSuperUser();
var user1 = "user1";
var token = createParticipant(user1);

var key = createKeyPair(user1);

assertThat(Arrays.asList(token, getSuperUserApiKey()))
assertThat(Arrays.asList(token, superUserKey))
.allSatisfy(t -> RUNTIME_CONFIGURATION.getManagementEndpoint().baseRequest()
.contentType(JSON)
.header(new Header("x-api-key", t))
Expand Down Expand Up @@ -132,11 +133,12 @@ void findForParticipant_notAuthorized() {

@Test
void findForParticipant() {
var superUserKey = createSuperUser();
var user1 = "user1";
var token = createParticipant(user1);
createKeyPair(user1);

assertThat(Arrays.asList(token, getSuperUserApiKey()))
assertThat(Arrays.asList(token, superUserKey))
.allSatisfy(t -> RUNTIME_CONFIGURATION.getManagementEndpoint().baseRequest()
.contentType(JSON)
.header(new Header("x-api-key", t))
Expand All @@ -150,13 +152,14 @@ void findForParticipant() {

@Test
void addKeyPair() {
var superUserKey = createSuperUser();
var subscriber = mock(EventSubscriber.class);
getService(EventRouter.class).registerSync(KeyPairAdded.class, subscriber);

var user1 = "user1";
var token = createParticipant(user1);

assertThat(Arrays.asList(token, getSuperUserApiKey()))
assertThat(Arrays.asList(token, superUserKey))
.allSatisfy(t -> {
var keyDesc = createKeyDescriptor(user1).build();
RUNTIME_CONFIGURATION.getManagementEndpoint().baseRequest()
Expand Down Expand Up @@ -210,6 +213,7 @@ void addKeyPair_notAuthorized() {

@Test
void rotate() {
var superUserKey = createSuperUser();
var subscriber = mock(EventSubscriber.class);
getService(EventRouter.class).registerSync(KeyPairRotated.class, subscriber);
getService(EventRouter.class).registerSync(KeyPairAdded.class, subscriber);
Expand All @@ -219,7 +223,7 @@ void rotate() {

var keyId = createKeyPair(user1);

assertThat(Arrays.asList(token, getSuperUserApiKey()))
assertThat(Arrays.asList(token, superUserKey))
.allSatisfy(t -> {
reset(subscriber);
// attempt to publish user1's DID document, which should fail
Expand Down Expand Up @@ -287,12 +291,13 @@ void rotate_notAuthorized() {

@Test
void revoke() {
var superUserKey = createSuperUser();
var user1 = "user1";
var token = createParticipant(user1);

var keyId = createKeyPair(user1);

assertThat(Arrays.asList(token, getSuperUserApiKey()))
assertThat(Arrays.asList(token, superUserKey))
.allSatisfy(t -> {
var keyDesc = createKeyDescriptor(user1).build();
RUNTIME_CONFIGURATION.getManagementEndpoint().baseRequest()
Expand Down Expand Up @@ -335,14 +340,15 @@ void revoke_notAuthorized() {

@Test
void getAll() {
var superUserKey = createSuperUser();
range(0, 10)
.forEach(i -> {
var participantId = "user" + i;
createParticipant(participantId); // implicitly creates a keypair
});
var found = RUNTIME_CONFIGURATION.getManagementEndpoint().baseRequest()
.contentType(JSON)
.header(new Header("x-api-key", getSuperUserApiKey()))
.header(new Header("x-api-key", superUserKey))
.get("/v1/keypairs")
.then()
.log().ifValidationFails()
Expand All @@ -353,14 +359,15 @@ void getAll() {

@Test
void getAll_withPaging() {
var superUserKey = createSuperUser();
range(0, 10)
.forEach(i -> {
var participantId = "user" + i;
createParticipant(participantId); // implicitly creates a keypair
});
var found = RUNTIME_CONFIGURATION.getManagementEndpoint().baseRequest()
.contentType(JSON)
.header(new Header("x-api-key", getSuperUserApiKey()))
.header(new Header("x-api-key", superUserKey))
.get("/v1/keypairs?offset=2&limit=4")
.then()
.log().ifValidationFails()
Expand All @@ -371,14 +378,15 @@ void getAll_withPaging() {

@Test
void getAll_withDefaultPaging() {
var superUserKey = createSuperUser();
IntStream.range(0, 70)
.forEach(i -> {
var participantId = "user" + i;
createParticipant(participantId); // implicitly creates a keypair
});
var found = RUNTIME_CONFIGURATION.getManagementEndpoint().baseRequest()
.contentType(JSON)
.header(new Header("x-api-key", getSuperUserApiKey()))
.header(new Header("x-api-key", superUserKey))
.get("/v1/keypairs")
.then()
.log().ifValidationFails()
Expand Down
56 changes: 31 additions & 25 deletions .../api-tests/src/test/java/org/eclipse/edc/identityhub/tests/ManagementApiEndToEndTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
import org.eclipse.edc.identithub.did.spi.DidDocumentService;
import org.eclipse.edc.identityhub.participantcontext.ApiTokenGenerator;
import org.eclipse.edc.identityhub.spi.ParticipantContextService;
import org.eclipse.edc.identityhub.spi.authentication.ServicePrincipal;
import org.eclipse.edc.identityhub.spi.model.KeyPairResource;
import org.eclipse.edc.identityhub.spi.model.participant.KeyDescriptor;
import org.eclipse.edc.identityhub.spi.model.participant.ParticipantContext;
Expand All @@ -34,6 +35,7 @@
import org.junit.jupiter.api.extension.RegisterExtension;

import java.util.Collection;
import java.util.List;
import java.util.Map;

/**
Expand All @@ -48,9 +50,23 @@ public abstract class ManagementApiEndToEndTest {
@RegisterExtension
protected static final EdcRuntimeExtension RUNTIME = new EdcRuntimeExtension(":launcher", "identity-hub", RUNTIME_CONFIGURATION.controlPlaneConfiguration());

protected String getSuperUserApiKey() {
var vault = RUNTIME.getContext().getService(Vault.class);
return vault.resolveSecret("super-user-apikey");
protected static ParticipantManifest createNewParticipant() {
var manifest = ParticipantManifest.Builder.newInstance()
.participantId("another-participant")
.active(false)
.did("did:web:another:participant")
.serviceEndpoint(new Service("test-service", "test-service-type", "https://test.com"))
.key(KeyDescriptor.Builder.newInstance()
.privateKeyAlias("another-alias")
.keyGeneratorParams(Map.of("algorithm", "EdDSA", "curve", "Ed25519"))
.keyId("another-keyid")
.build())
.build();
return manifest;
}

protected String createSuperUser() {
return createParticipant("super-user", List.of(ServicePrincipal.ROLE_ADMIN));
}

protected String storeParticipant(ParticipantContext pc) {
Expand All @@ -64,19 +80,7 @@ protected String storeParticipant(ParticipantContext pc) {
}

protected String createParticipant(String participantId) {
var manifest = ParticipantManifest.Builder.newInstance()
.participantId(participantId)
.active(true)
.serviceEndpoint(new Service("test-service-id", "test-type", "http://foo.bar.com"))
.did("did:web:" + participantId)
.key(KeyDescriptor.Builder.newInstance()
.privateKeyAlias(participantId + "-alias")
.keyId(participantId + "-key")
.keyGeneratorParams(Map.of("algorithm", "EC", "curve", "secp256r1"))
.build())
.build();
var srv = RUNTIME.getContext().getService(ParticipantContextService.class);
return srv.createParticipantContext(manifest).orElseThrow(f -> new EdcException(f.getFailureDetail()));
return createParticipant(participantId, List.of());
}

protected String createTokenFor(String userId) {
Expand Down Expand Up @@ -105,18 +109,20 @@ protected ParticipantContext getParticipant(String participantId) {
.orElseThrow(f -> new EdcException(f.getFailureDetail()));
}

protected static ParticipantManifest createNewParticipant() {
private String createParticipant(String participantId, List<String> roles) {
var manifest = ParticipantManifest.Builder.newInstance()
.participantId("another-participant")
.active(false)
.did("did:web:another:participant")
.serviceEndpoint(new Service("test-service", "test-service-type", "https://test.com"))
.participantId(participantId)
.active(true)
.roles(roles)
.serviceEndpoint(new Service("test-service-id", "test-type", "http://foo.bar.com"))
.did("did:web:" + participantId)
.key(KeyDescriptor.Builder.newInstance()
.privateKeyAlias("another-alias")
.keyGeneratorParams(Map.of("algorithm", "EdDSA", "curve", "Ed25519"))
.keyId("another-keyid")
.privateKeyAlias(participantId + "-alias")
.keyId(participantId + "-key")
.keyGeneratorParams(Map.of("algorithm", "EC", "curve", "secp256r1"))
.build())
.build();
return manifest;
var srv = RUNTIME.getContext().getService(ParticipantContextService.class);
return srv.createParticipantContext(manifest).orElseThrow(f -> new EdcException(f.getFailureDetail()));
}
}
Loading

0 comments on commit 93d23c1

Please sign in to comment.