diff --git a/.github/workflows/agent-integration-test.yml b/.github/workflows/agent-integration-test.yml index 0d35e50b2..1e18d2b64 100644 --- a/.github/workflows/agent-integration-test.yml +++ b/.github/workflows/agent-integration-test.yml @@ -56,9 +56,9 @@ jobs: if: github.event_name == 'pull_request_target' && contains(github.event.label.name, 'trigger-action') shell: sh run: | - helm repo add wso2apim https://github.com/wso2/helm-apim/releases/download/cp-4.3.0-rc + helm repo add wso2apim https://github.com/wso2/helm-apim/releases/download/cp-4.3.0 helm repo update - helm install apim wso2apim/wso2am-cp --version 4.3.0-rc -f https://raw.githubusercontent.com/wso2/apk/main/helm-charts/samples/apim/cp/amd-values.yaml -n apk --debug --wait --timeout 5m0s + helm install apim wso2apim/wso2am-cp --version 4.3.0 -f https://raw.githubusercontent.com/wso2/apk/main/helm-charts/samples/apim/cp/values.yaml -n apk --debug --wait --timeout 5m0s kubectl get pods -n apk kubectl get svc -n apk - name: Helm release deploy APK DP @@ -132,4 +132,4 @@ jobs: uses: malinthaprasan/action-surefire-report@v1 with: report_paths: 'apk-agent-repo/test/postman-tests/build/*.xml' - fail_on_test_failures: true \ No newline at end of file + fail_on_test_failures: true diff --git a/test/apim-apk-agent-test/agent-helm-chart/Chart.lock b/test/apim-apk-agent-test/agent-helm-chart/Chart.lock index e23a46154..d8543bc8d 100644 --- a/test/apim-apk-agent-test/agent-helm-chart/Chart.lock +++ b/test/apim-apk-agent-test/agent-helm-chart/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://charts.jetstack.io version: v1.10.1 digest: sha256:d1377472dfb3a62dccc58dd12757d029afa304c1f2ded3f5cc3052b308fb8c00 -generated: "2024-04-03T21:00:00.612083+05:30" +generated: "2024-04-05T14:59:18.259209+05:30" diff --git a/test/apim-apk-agent-test/agent-helm-chart/Chart.yaml b/test/apim-apk-agent-test/agent-helm-chart/Chart.yaml index 66294785f..062c7f1c7 100644 --- a/test/apim-apk-agent-test/agent-helm-chart/Chart.yaml +++ b/test/apim-apk-agent-test/agent-helm-chart/Chart.yaml @@ -18,7 +18,7 @@ apiVersion: v2 name: apim-apk-agent description: A Helm chart for deploying apim-apk-agent type: application -version: 1.1.0-beta +version: 1.1.0 appVersion: "1.16.0" dependencies: - name: cert-manager diff --git a/test/apim-apk-agent-test/agent-helm-chart/templates/deployment.yaml b/test/apim-apk-agent-test/agent-helm-chart/templates/deployment.yaml index 8e1c6114b..bd8e68813 100644 --- a/test/apim-apk-agent-test/agent-helm-chart/templates/deployment.yaml +++ b/test/apim-apk-agent-test/agent-helm-chart/templates/deployment.yaml @@ -34,6 +34,8 @@ spec: app.kubernetes.io/app: "apim-apk-agent" app.kubernetes.io/name: {{ .Chart.Name }} app.kubernetes.io/instance: {{ .Release.Name }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/log-conf.yaml") . | sha256sum }} spec: serviceAccountName: wso2agent-platform containers: @@ -82,6 +84,13 @@ spec: initialDelaySeconds: 20 periodSeconds: 20 failureThreshold: 5 + resources: + requests: + memory: {{ .Values.resources.requests.memory | default "128Mi" }} + cpu: {{ .Values.resources.requests.cpu | default "100m" }} + limits: + memory: {{ .Values.resources.limits.memory | default "256Mi" }} + cpu: {{ .Values.resources.limits.cpu | default "200m" }} volumes: - name: log-conf-volume configMap: diff --git a/test/apim-apk-agent-test/agent-helm-chart/templates/serviceAccount/agent-account-secret.yaml b/test/apim-apk-agent-test/agent-helm-chart/templates/serviceAccount/agent-account-secret.yaml index d610cefe1..446f0d086 100644 --- a/test/apim-apk-agent-test/agent-helm-chart/templates/serviceAccount/agent-account-secret.yaml +++ b/test/apim-apk-agent-test/agent-helm-chart/templates/serviceAccount/agent-account-secret.yaml @@ -13,12 +13,13 @@ # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. - +{{- if .Values.serviceAccount.enableServiceAccountCreation }} apiVersion: v1 kind: Secret metadata: name: agent-account-secret-token namespace: {{ .Release.Namespace }} annotations: - kubernetes.io/service-account.name: wso2agent-platform -type: kubernetes.io/service-account-token \ No newline at end of file + kubernetes.io/service-account.name: {{ .Values.serviceAccount.serviceAccountName | default "wso2agent-platform" }} +type: kubernetes.io/service-account-token +{{- end}} \ No newline at end of file diff --git a/test/apim-apk-agent-test/agent-helm-chart/templates/serviceAccount/agent-cluster-role-binding.yaml b/test/apim-apk-agent-test/agent-helm-chart/templates/serviceAccount/agent-cluster-role-binding.yaml index 1fcc2918c..3e4091a15 100644 --- a/test/apim-apk-agent-test/agent-helm-chart/templates/serviceAccount/agent-cluster-role-binding.yaml +++ b/test/apim-apk-agent-test/agent-helm-chart/templates/serviceAccount/agent-cluster-role-binding.yaml @@ -13,7 +13,7 @@ # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. - +{{- if .Values.serviceAccount.enableServiceAccountCreation }} apiVersion: rbac.authorization.k8s.io/v1 # This cluster role binding allows anyone in the "manager" group to read secrets in any namespace. kind: ClusterRoleBinding @@ -22,10 +22,11 @@ metadata: namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole - name: wso2agent-role + name: {{ .Values.serviceAccount.roleName | default "wso2agent-role" }} apiGroup: rbac.authorization.k8s.io subjects: # You can specify more than one "subject" - kind: ServiceAccount - name: wso2agent-platform - namespace: {{ .Release.Namespace }} \ No newline at end of file + name: {{ .Values.serviceAccount.serviceAccountName | default "wso2agent-platform" }} + namespace: {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/test/apim-apk-agent-test/agent-helm-chart/templates/serviceAccount/agent-cluster-role.yaml b/test/apim-apk-agent-test/agent-helm-chart/templates/serviceAccount/agent-cluster-role.yaml index 6d18eb5c9..86e208218 100644 --- a/test/apim-apk-agent-test/agent-helm-chart/templates/serviceAccount/agent-cluster-role.yaml +++ b/test/apim-apk-agent-test/agent-helm-chart/templates/serviceAccount/agent-cluster-role.yaml @@ -14,10 +14,11 @@ # specific language governing permissions and limitations # under the License. +{{- if .Values.serviceAccount.enableServiceAccountCreation }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: wso2agent-role + name: {{ .Values.serviceAccount.roleName | default "wso2agent-role" }} rules: - apiGroups: [""] resources: ["services","configmaps","secrets"] @@ -120,4 +121,5 @@ rules: verbs: ["update"] - apiGroups: ["dp.wso2.com"] resources: ["gqlroutes/status"] - verbs: ["get","patch","update"] \ No newline at end of file + verbs: ["get","patch","update"] +{{- end }} \ No newline at end of file diff --git a/test/apim-apk-agent-test/agent-helm-chart/templates/serviceAccount/agent-service-account.yaml b/test/apim-apk-agent-test/agent-helm-chart/templates/serviceAccount/agent-service-account.yaml index 969c24ff7..eed90cccf 100644 --- a/test/apim-apk-agent-test/agent-helm-chart/templates/serviceAccount/agent-service-account.yaml +++ b/test/apim-apk-agent-test/agent-helm-chart/templates/serviceAccount/agent-service-account.yaml @@ -14,8 +14,10 @@ # specific language governing permissions and limitations # under the License. +{{- if .Values.serviceAccount.enableServiceAccountCreation }} apiVersion: v1 kind: ServiceAccount metadata: - name: wso2agent-platform - namespace: {{ .Release.Namespace }} \ No newline at end of file + name: {{ .Values.serviceAccount.serviceAccountName | default "wso2agent-platform" }} + namespace: {{ .Release.Namespace }} +{{- end -}} \ No newline at end of file diff --git a/test/apim-apk-agent-test/agent-helm-chart/values.yaml b/test/apim-apk-agent-test/agent-helm-chart/values.yaml index 6ac7f3797..5755d2232 100644 --- a/test/apim-apk-agent-test/agent-helm-chart/values.yaml +++ b/test/apim-apk-agent-test/agent-helm-chart/values.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. # # WSO2 LLC. licenses this file to you under the Apache License, # Version 2.0 (the "License"); you may not use this file except @@ -21,7 +21,13 @@ image: pullPolicy: Always service: name: apim-apk-agent-service -resources: {} +resources: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "256Mi" + cpu: "200m" controlPlane: enabled: true serviceURL: https://apim-wso2am-cp-1-service.apk.svc.cluster.local:9443/ @@ -40,4 +46,9 @@ metrics: agent: mode: CPtoDP certmanager: - enabled: true + enabled: false +serviceAccount: + enableServiceAccountCreation: true + enableClusterRoleCreation: true + serviceAccountName: wso2agent-platform + roleName: wso2agent-role diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/APIDeploymentSteps.java b/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/APIDeploymentSteps.java index 537d7c926..5c28abc47 100644 --- a/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/APIDeploymentSteps.java +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/APIDeploymentSteps.java @@ -38,7 +38,8 @@ import org.wso2.apk.integration.utils.clients.SimpleHTTPClient; import java.nio.file.Files; import java.nio.charset.StandardCharsets; - +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; import java.io.File; import java.io.IOException; import java.net.URI; @@ -56,6 +57,7 @@ public class APIDeploymentSteps { private final SharedContext sharedContext; private File payloadFile; private File definitionFile; + private File certificateFile; private String OASURL; @@ -265,6 +267,8 @@ public void make_subscription_request() throws Exception { sharedContext.setResponse(response); sharedContext.setResponseBody(SimpleHTTPClient.responseEntityBodyToString(sharedContext.getResponse())); + sharedContext.setSubscriptionID(Utils.extractKeys(sharedContext.getResponseBody(), "subscriptionId")); + logger.info("Extracted subscription ID: " + sharedContext.getSubscriptionID()); Thread.sleep(3000); } @@ -312,6 +316,7 @@ public void make_access_token_generation_request(String type) throws Exception { sharedContext.setResponse(response); sharedContext.setResponseBody(SimpleHTTPClient.responseEntityBodyToString(sharedContext.getResponse())); sharedContext.setApiAccessToken(Utils.extractKeys(sharedContext.getResponseBody(), "accessToken")); + sharedContext.addStoreValue("accessToken",sharedContext.getApiAccessToken()); logger.info("Access Token: " + sharedContext.getApiAccessToken()); Thread.sleep(3000); } @@ -342,6 +347,7 @@ public void make_access_token_generation_request_without_scopes() throws Excepti sharedContext.setResponse(response); sharedContext.setResponseBody(SimpleHTTPClient.responseEntityBodyToString(sharedContext.getResponse())); sharedContext.setApiAccessToken(Utils.extractKeys(sharedContext.getResponseBody(), "accessToken")); + sharedContext.addStoreValue("accessToken",sharedContext.getApiAccessToken()); logger.info("Access Token without scopes: " + sharedContext.getApiAccessToken()); Thread.sleep(3000); } @@ -449,12 +455,24 @@ public void iHaveValidGraphQLDefinition() throws Exception { headers.put(Constants.REQUEST_HEADERS.HOST, Constants.DEFAULT_APIM_HOST); HttpEntity multipartEntity = builder.build(); - + + // Convert the multipart form entity to a string representation + ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); + multipartEntity.writeTo(outputStream); + String multipartForm = new String(outputStream.toByteArray(), StandardCharsets.UTF_8); + + // Log the multipart form + logger.info("Multipart Form Data:\n{}"+ multipartForm); + logger.info("Validator URL: " + Utils.getGQLSchemaValidatorURL()); + logger.info("Publisher Token: " + sharedContext.getPublisherAccessToken()); + HttpResponse response = sharedContext.getHttpClient().doPostWithMultipart(Utils.getGQLSchemaValidatorURL(), multipartEntity, headers); sharedContext.setResponse(response); + logger.info("Full Res:" + response); sharedContext.setResponseBody(SimpleHTTPClient.responseEntityBodyToString(sharedContext.getResponse())); + logger.info("GQL validation res: "+ sharedContext.getResponseBody()); sharedContext.setAPIDefinitionValidStatus(Utils.extractValidStatus(sharedContext.getResponseBody())); Thread.sleep(3000); } @@ -484,7 +502,7 @@ public void make_import_gqlapi_creation_request() throws Exception { Thread.sleep(3000); } - @Then("I update the GQL API settings") + @Then("I update the API settings") public void make_update_gql_request() throws Exception { String fileContent = new String(Files.readAllBytes(payloadFile.toPath()), StandardCharsets.UTF_8); Map headers = new HashMap<>(); @@ -576,4 +594,94 @@ public void create_new_version_of_the_api(String newVersion, String isDefaultVer sharedContext.setApiUUID(Utils.extractID(sharedContext.getResponseBody())); Thread.sleep(3000); } -} + + @Then("I set new API throttling policy allowing {string} requests per every {string} minute") + public void add_new_custom_throttling_policy(String requestCount, String unitTime) throws Exception { + String payload = "{\"policyName\":\"TestRatelimit\",\"description\":\"Test descroption\",\"conditionalGroups\":[],\"defaultLimit\":{\"requestCount\":{\"timeUnit\":\"min\",\"unitTime\":"+ unitTime + ",\"requestCount\":" + requestCount + "},\"type\":\"REQUESTCOUNTLIMIT\",\"bandwidth\":null}}"; + + Map headers = new HashMap<>(); + headers.put(Constants.REQUEST_HEADERS.AUTHORIZATION, "Bearer " + sharedContext.getAdminAccessToken()); + headers.put(Constants.REQUEST_HEADERS.HOST, Constants.DEFAULT_API_HOST); + HttpResponse httpResponse = sharedContext.getHttpClient().doPost(Utils.getAPIThrottlingConfigEndpoint(), headers, payload, Constants.CONTENT_TYPES.APPLICATION_JSON); + + sharedContext.setResponse(httpResponse); + sharedContext.setResponseBody(SimpleHTTPClient.responseEntityBodyToString(sharedContext.getResponse())); + sharedContext.setPolicyID(Utils.extractKeys(sharedContext.getResponseBody(), "policyId")); + Thread.sleep(3000); + } + + @Then("I send the subcription blocking request") + public void send_subscription_blocking() throws Exception { + Map headers = new HashMap<>(); + headers.put(Constants.REQUEST_HEADERS.AUTHORIZATION, "Bearer " + sharedContext.getPublisherAccessToken()); + headers.put(Constants.REQUEST_HEADERS.HOST, Constants.DEFAULT_API_HOST); + HttpResponse httpResponse = sharedContext.getHttpClient().doPost(Utils.getSubscriptionBlockingURL(sharedContext.getSubscriptionID()), headers, "", Constants.CONTENT_TYPES.APPLICATION_JSON); + sharedContext.setResponse(httpResponse); + sharedContext.setResponseBody(SimpleHTTPClient.responseEntityBodyToString(sharedContext.getResponse())); + Thread.sleep(3000); + } + + @Then("I make an internal key generation request") + public void generate_internal_key() throws Exception { + Map headers = new HashMap<>(); + headers.put(Constants.REQUEST_HEADERS.AUTHORIZATION, "Bearer " + sharedContext.getPublisherAccessToken()); + headers.put(Constants.REQUEST_HEADERS.HOST, Constants.DEFAULT_API_HOST); + + HttpResponse httpResponse = sharedContext.getHttpClient().doPost(Utils.getInternalKeyGenerationEndpoint(sharedContext.getApiUUID()), headers, "", Constants.CONTENT_TYPES.APPLICATION_JSON); + + sharedContext.setResponse(httpResponse); + sharedContext.setResponseBody(SimpleHTTPClient.responseEntityBodyToString(sharedContext.getResponse())); + sharedContext.setAPIInternalKey(Utils.extractKeys(sharedContext.getResponseBody(), "apikey")); + sharedContext.addStoreValue("internalKey",Utils.extractKeys(sharedContext.getResponseBody(), "apikey")); + logger.info("Internal Key: " + sharedContext.getAPIInternalKey()); + Thread.sleep(3000); + } + + @Then("I have a client certificate {string}") + public void get_valid_client_cert_for_mtls(String clientCertificatePath) throws Exception { + URL url = Resources.getResource("artifacts/certificates/" + clientCertificatePath); + + certificateFile = new File(url.getPath()); + String clientCertificate = Resources.toString(url, StandardCharsets.UTF_8); + sharedContext.addStoreValue("clientCertificate", clientCertificate); + + } + + @When("I update the API with mtls certificate data with the alias {string}") + public void update_api_with_mtls_cert_data(String alias) throws Exception { + + MultipartEntityBuilder builder = MultipartEntityBuilder.create() + .setMode(HttpMultipartMode.BROWSER_COMPATIBLE) + .addBinaryBody("certificate", certificateFile, ContentType.create("application/x-x509-ca-cert"), "tls.crt") + .addTextBody("alias", alias, ContentType.TEXT_PLAIN) + .addTextBody("tier", "", ContentType.TEXT_PLAIN); + + Map headers = new HashMap<>(); + headers.put(Constants.REQUEST_HEADERS.AUTHORIZATION, "Bearer " + sharedContext.getPublisherAccessToken()); + headers.put(Constants.REQUEST_HEADERS.HOST, Constants.DEFAULT_API_HOST); + + HttpEntity multipartEntity = builder.build(); + + HttpResponse response = sharedContext.getHttpClient().doPostWithMultipart(Utils.getClientCertUpdateEndpoint(sharedContext.getApiUUID()), + multipartEntity, headers); + + sharedContext.setResponse(response); + sharedContext.setResponseBody(SimpleHTTPClient.responseEntityBodyToString(sharedContext.getResponse())); + Thread.sleep(3000); + } + + @Then("I delete the created API throttling policy") + public void delete_throtlling_policy() throws Exception { + Map headers = new HashMap<>(); + headers.put(Constants.REQUEST_HEADERS.AUTHORIZATION, "Bearer " + sharedContext.getAdminAccessToken()); + headers.put(Constants.REQUEST_HEADERS.HOST, Constants.DEFAULT_API_HOST); + + logger.info("PolicyID to be deleted: " + sharedContext.getPolicyID()); + String URI = Utils.getAPIThrottlingConfigEndpoint() + "/" + sharedContext.getPolicyID(); + HttpResponse httpResponse = sharedContext.getHttpClient().doDelete(URI, headers); + sharedContext.setResponse(httpResponse); + sharedContext.setResponseBody(SimpleHTTPClient.responseEntityBodyToString(sharedContext.getResponse())); + Thread.sleep(3000); + } + +} \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/BaseSteps.java b/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/BaseSteps.java index 1a6a515aa..f2844498a 100644 --- a/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/BaseSteps.java +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/BaseSteps.java @@ -123,7 +123,6 @@ public void theResponseStatusCodeShouldBe(int expectedStatusCode) throws IOExcep @Then("I send {string} request to {string} with body {string}") public void sendHttpRequest(String httpMethod, String url, String body) throws IOException { - sharedContext.addHeader("Authorization", "Bearer " + sharedContext.getApiAccessToken()); body = Utils.resolveVariables(body, sharedContext.getValueStore()); if (sharedContext.getResponse() instanceof CloseableHttpResponse) { ((CloseableHttpResponse) sharedContext.getResponse()).close(); @@ -185,6 +184,11 @@ public void setHeaders(DataTable dataTable) { } } + @Then("I remove the header {string}") + public void removeHeader(String key) { + sharedContext.removeHeader(key); + } + @Then("the response headers should contain") public void theResponseHeadersShouldContain(DataTable dataTable) { List> rows = dataTable.asLists(String.class); @@ -351,7 +355,7 @@ public void iHaveValidPublisherAccessToken() throws Exception { headers.put(Constants.REQUEST_HEADERS.HOST, Constants.DEFAULT_IDP_HOST); headers.put(Constants.REQUEST_HEADERS.AUTHORIZATION, basicAuthHeader); - HttpResponse httpResponse = httpClient.doPost(Utils.getTokenEndpointURL(), headers, "grant_type=password&username=admin&password=admin&scope=apim:api_view apim:api_create apim:api_publish apim:api_delete apim:api_manage apim:api_import_export", + HttpResponse httpResponse = httpClient.doPost(Utils.getTokenEndpointURL(), headers, "grant_type=password&username=admin&password=admin&scope=apim:api_view apim:api_create apim:api_publish apim:api_delete apim:api_manage apim:api_import_export apim:subscription_manage apim:client_certificates_add apim:client_certificates_update", Constants.CONTENT_TYPES.APPLICATION_X_WWW_FORM_URLENCODED); logger.info("Response: " + httpResponse); sharedContext.setPublisherAccessToken(Utils.extractToken(httpResponse)); @@ -374,6 +378,22 @@ public void iHaveValidDevportalAccessToken() throws Exception { logger.info("Devportal Access Token: " + sharedContext.getDevportalAccessToken()); } + @Given("I have a valid Adminportal access token") + public void iHaveValidAdminportalAccessToken() throws Exception { + logger.info("Basic Auth Header: " + sharedContext.getBasicAuthToken()); + + Map headers = new HashMap<>(); + String basicAuthHeader = "Basic " + sharedContext.getBasicAuthToken(); + headers.put(Constants.REQUEST_HEADERS.HOST, Constants.DEFAULT_IDP_HOST); + headers.put(Constants.REQUEST_HEADERS.AUTHORIZATION, basicAuthHeader); + + HttpResponse httpResponse = httpClient.doPost(Utils.getTokenEndpointURL(), headers, "grant_type=password&username=admin&password=admin&scope=apim:app_manage apim:admin_tier_view apim:admin_tier_manage", + Constants.CONTENT_TYPES.APPLICATION_X_WWW_FORM_URLENCODED); + sharedContext.setAdminAccessToken(Utils.extractToken(httpResponse)); + sharedContext.addStoreValue("adminportalAccessToken", sharedContext.getAdminAccessToken()); + logger.info("Admin Access Token: " + sharedContext.getAdminAccessToken()); + } + @Then("the response should be given as valid") public void theResponseShouldBeGivenAs() throws IOException { Boolean status = sharedContext.getDefinitionValidStatus(); @@ -411,4 +431,10 @@ public void theResponseShouldBeGivenAs() throws IOException { // sharedContext.setAccessToken(Utils.extractToken(httpResponse)); // sharedContext.addStoreValue(Constants.ACCESS_TOKEN, sharedContext.getAccessToken()); // } + + @Then("I set {string} as the new access token") + public void set_invalid_access_token(String newToken) throws Exception { + sharedContext.setApiAccessToken(newToken); + sharedContext.addStoreValue("accessToken",sharedContext.getApiAccessToken()); + } } diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/SharedContext.java b/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/SharedContext.java index edca76227..f52dff955 100644 --- a/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/SharedContext.java +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/api/SharedContext.java @@ -33,6 +33,7 @@ public class SharedContext { private SimpleHTTPClient httpClient; private String publisherAccessToken; private String devportalAccessToken; + private String adminportalAccessToken; private String basicAuthToken; private HttpResponse response; private String responseBody; @@ -49,6 +50,9 @@ public class SharedContext { private String sandboxKeyMappingID; private String apiAccessToken; private Boolean definitionValidStatus; + private String subscriptionID; + private String internalKey; + private static String policyID; private HashMap valueStore = new HashMap<>(); private HashMap headers = new HashMap<>(); @@ -79,6 +83,16 @@ public void setDevportalAccessToken(String accessToken) { this.devportalAccessToken = accessToken; } + public String getAdminAccessToken() { + + return adminportalAccessToken; + } + + public void setAdminAccessToken(String accessToken) { + + this.adminportalAccessToken = accessToken; + } + public String getBasicAuthToken() { return basicAuthToken; @@ -119,6 +133,10 @@ public void addHeader(String key, String value) { headers.put(key, value); } + public void removeHeader(String key) { + headers.remove(key); + } + public String getResponseBody() { return responseBody; @@ -179,6 +197,14 @@ public void setOauthKeyUUID(String oauthKeyUUID) { this.oauthKeyUUID = oauthKeyUUID; } + public void setAPIInternalKey(String internalKey){ + this.internalKey = internalKey; + } + + public String getAPIInternalKey(){ + return internalKey; + } + public String getConsumerSecret(String keyType) { if ("production".equals(keyType)) return consumerSecret; @@ -241,4 +267,24 @@ public void setAPIDefinitionValidStatus(Boolean definitionValidStatus){ public Boolean getDefinitionValidStatus(){ return definitionValidStatus; } + + public String getSubscriptionID() { + + return subscriptionID; + } + + public void setSubscriptionID(String subID) { + + this.subscriptionID = subID; + } + + public String getPolicyID() { + + return policyID; + } + + public void setPolicyID(String policyId) { + + this.policyID = policyId; + } } diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/utils/Constants.java b/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/utils/Constants.java index c3aa9a8b5..360759120 100644 --- a/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/utils/Constants.java +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/utils/Constants.java @@ -27,6 +27,7 @@ public class Constants { public static final String DEFAULT_API_CONFIGURATOR = "api/configurator/1.1.0/"; public static final String DEFAULT_API_DEPLOYER = "api/am/publisher/v4/"; public static final String DEFAULT_DEVPORTAL = "api/am/devportal/v3/"; + public static final String DEFAULT_ADMINPORTAL = "api/am/admin/v4/"; public static final String ACCESS_TOKEN = "accessToken"; public static final String EMPTY_STRING = ""; public static final String API_CREATE_SCOPE = "apk:api_create"; @@ -54,5 +55,7 @@ public class CONTENT_TYPES { public static final String APPLICATION_ZIP = "application/zip"; public static final String TEXT_PLAIN = "text/plain"; + + public static final String APPLICATION_CA_CERT = "application/x-x509-ca-cert"; } } diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/utils/Utils.java b/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/utils/Utils.java index 8564e72f5..3f8ca1496 100644 --- a/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/utils/Utils.java +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/java/org/wso2/apk/integration/utils/Utils.java @@ -126,7 +126,7 @@ public static String getAPIUnDeployerURL(String apiID) { } public static String getGQLSchemaValidatorURL() { - return "https://" + Constants.DEFAULT_API_HOST + ":" + Constants.DEFAULT_GW_PORT + "/" + return "https://" + Constants.DEFAULT_API_HOST + "/" + Constants.DEFAULT_API_DEPLOYER + "apis/validate-graphql-schema"; } @@ -145,6 +145,26 @@ public static String getAPINewVersionCreationURL() { + Constants.DEFAULT_API_DEPLOYER + "apis/copy-api"; } + public static String getAPIThrottlingConfigEndpoint() { + return "https://" + Constants.DEFAULT_API_HOST + ":" + Constants.DEFAULT_GW_PORT + "/" + + Constants.DEFAULT_ADMINPORTAL+ "throttling/policies/advanced"; + } + + public static String getSubscriptionBlockingURL(String subscriptionID) { + return "https://" + Constants.DEFAULT_API_HOST + ":" + Constants.DEFAULT_GW_PORT + "/" + + Constants.DEFAULT_API_DEPLOYER+ "subscriptions/block-subscription?subscriptionId=" + subscriptionID+ "&blockState=BLOCKED"; + } + + public static String getInternalKeyGenerationEndpoint(String APIUUID) { + return "https://" + Constants.DEFAULT_API_HOST + ":" + Constants.DEFAULT_GW_PORT + "/" + + Constants.DEFAULT_API_DEPLOYER+ "apis/" + APIUUID+ "/generate-key"; + } + + public static String getClientCertUpdateEndpoint(String APIUUID) { + return "https://" + Constants.DEFAULT_API_HOST + "/" + + Constants.DEFAULT_API_DEPLOYER+ "apis/" + APIUUID+ "/client-certificates"; + } + public static String extractID(String payload) throws IOException { JSONParser parser = new JSONParser(); diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/certificates/config-map-1.crt b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/certificates/config-map-1.crt new file mode 100644 index 000000000..9687e8870 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/certificates/config-map-1.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDGTCCAgECFANIkLQBkd76qiTXzSXjBS2scPJsMA0GCSqGSIb3DQEBCwUAME0x +CzAJBgNVBAYTAkxLMRMwEQYDVQQIDApTb21lLVN0YXRlMQ0wCwYDVQQKDAR3c28y +MQwwCgYDVQQLDANhcGsxDDAKBgNVBAMMA2FwazAeFw0yMzEyMDYxMDEyNDhaFw0y +NTA0MTkxMDEyNDhaMEUxCzAJBgNVBAYTAkxLMRMwEQYDVQQIDApTb21lLVN0YXRl +MSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQCdG90W/Tlk4u9awHPteD5zpVcThUKwMLvAKw9i +vVQBC0AG6GzPbakol5gKVm+kBUDFzzzF6eayEXKWbyaZDty66A2+7HLLcKBop5M/ +a57Q9XtU3lRYvotgutLWuHcI7mLCScZDrjA3rnb/KjjbhZ602ZS1pp5jtyUz6DwL +m7w4wQ/RProqCdBj8QqoAvnDDLSPeDfsx14J5VeNJVGJV2wax65jWRjRkj6wE7z2 +qzWAlP5vDeED6bogYYVDpC8DtgayQ+vKAQLi1uj+I9Yqb/nPUrdUh9IlxudlqiFQ +QxyvsXMJEzbWWmlbD0kXYkHmHzetJNPK9ayOS/fJcAcfAb01AgMBAAEwDQYJKoZI +hvcNAQELBQADggEBAFmUc7+cI8d0Dl4wTdq+gfyWdqjQb7AYVO9DvJi3XGxdc5Kp +1nCSsKzKUz9gvxXHeaYKrBNYf4SSU+Pkdf/BWePqi7UX/SIxNXby2da8zWg+W6Uh +xZfKlLYGMp3mCjueZpZTJ7SKOOGFA8IIgEzjJD9Ln1gl3ywMaCwlNrG9RpiD1McT +COKvyWNKnSRVr/RvCklLVrAMTJr50kce2czcdFl/xF4Hm66vp7cP/bYJKWAL8hBG +zUa9aQBKncOoAO+zQ/SGy7uJxTDUF8SverDsmjOc6AU6IhBGVUyX/JQbYyJfZinB +YlviYxVzIm6IaNJHx4sihw4U1/jMFWRXT470zcQ= +-----END CERTIFICATE----- \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/certificates/config-map-2.crt b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/certificates/config-map-2.crt new file mode 100644 index 000000000..041c596e7 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/certificates/config-map-2.crt @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDkTCCAnmgAwIBAgIUJitjysknJ0nHeLH/mjT1JIpOz4YwDQYJKoZIhvcNAQEL +BQAwYDELMAkGA1UEBhMCVVMxEjAQBgNVBAgMCVlvdXJTdGF0ZTERMA8GA1UEBwwI +WW91ckNpdHkxGTAXBgNVBAoMEFlvdXJPcmdhbml6YXRpb24xDzANBgNVBAMMBllv +dXJDQTAeFw0yNDAxMDUwNDAwMjNaFw0yNTAxMDQwNDAwMjNaMGExCzAJBgNVBAYT +AlVTMRIwEAYDVQQIDAlZb3VyU3RhdGUxETAPBgNVBAcMCFlvdXJDaXR5MRkwFwYD +VQQKDBBZb3VyT3JnYW5pemF0aW9uMRAwDgYDVQQDDAdjbGllbnQxMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJhFZmCVnj6N+/+HHuMvb4vyWqWcorUf +pAWO7a3YVsHp3BX+lbGGzh67jbPcFK6K7RqejenFw7sQK8duZlqXmik/JvZMLxY3 +l/6e8LIAhN7PaX1zg58OU61baQ5VNBhUXkoYN77xqb87Yo7IFyyQ/tyWfRVFEzNj +V1+q2MpEinuscViieIQHEpB4i6fsRxomYkR+FwdfCB65MYCYveIB1z9NkmR6Pm6V +7zSPp+QYwc6WX4/61fbRje4BJh3j+FGYboJJg1o9O/MkD70RW6mdMV1l5bT9T98W +B+hJtN+5dEpSfAwXqlWWxzhDxNsEvdSwuoLz9e58gteR1LSLaJXMjQIDAQABo0Iw +QDAdBgNVHQ4EFgQULaoslUgyglywztd95CkL6sU5wa4wHwYDVR0jBBgwFoAUGUkK ++QXBjeGMy7XVnrXfrvVJUNswDQYJKoZIhvcNAQELBQADggEBABodQ1Y7zt7kvDI8 +jQUfLLkZZAPnVpjYpG7P1dLjOzUxqDNmyZAzoBMENXy/Zu81sRQt+Bs5NKsx1pu5 +z2TRk9ddxhszD1FKu9Hb6hqLcGHF7GnwPGVXJlHctkMp4QYvXc942VDk7c59/knC +PXAul7832cPTUMvFHdzRxBwJruK9xuvNLj2I24+Fji1ELPO7M/e8KZ1NrIS0Fdwn +DuDDw3kMkl0BlSrmvMBreSaIOU4mFhmepC97awZ/wZZ+4mpIdWIagZf01txue8o0 ++8kdGkFsmoCpnJjNjpoQFAYLEdif00iLcRpwwW/saUuxqZC0aDnQCIeo0GSNet8t +HOXCkvQ= +-----END CERTIFICATE----- \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/certificates/config-map-3.crt b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/certificates/config-map-3.crt new file mode 100644 index 000000000..f94ba143d --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/certificates/config-map-3.crt @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDkTCCAnmgAwIBAgIUJitjysknJ0nHeLH/mjT1JIpOz4cwDQYJKoZIhvcNAQEL +BQAwYDELMAkGA1UEBhMCVVMxEjAQBgNVBAgMCVlvdXJTdGF0ZTERMA8GA1UEBwwI +WW91ckNpdHkxGTAXBgNVBAoMEFlvdXJPcmdhbml6YXRpb24xDzANBgNVBAMMBllv +dXJDQTAeFw0yNDAxMDUwNDE0MTlaFw0yNTAxMDQwNDE0MTlaMGExCzAJBgNVBAYT +AlVTMRIwEAYDVQQIDAlZb3VyU3RhdGUxETAPBgNVBAcMCFlvdXJDaXR5MRkwFwYD +VQQKDBBZb3VyT3JnYW5pemF0aW9uMRAwDgYDVQQDDAdjbGllbnQyMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JQ8LITwayvjrrHUmFT44lH3IF3fdPhr +pQgKx7Z295QD9Ocka2rOFu47tuIeNcLiBTSyRLOFDRwjW9WXfWk9ALtxbedJfDyy +us/kLxY+SdzHW7/5dFbupGOcs58A/sxMyGTJgiCBxsgsRFfhet7ekq/ypmj5B8L3 +5FlGg5NS0mbZlTM6aapLnkqU907RcsmzpFQBfWOHlDdWJocKEHECBXcxiTQk72C7 +s2tndES5ltX/Wc8U/kX/M9LDXhn1Ew+roeFf0HCpdg6BlnTknhYU9S1c4aYKB2Yx +LNx74CsKsnxPPcePTXPqZEtZ4EsjF4PSToVFyceMBKvD6C6WPQoRNwIDAQABo0Iw +QDAdBgNVHQ4EFgQUWE8btMihi5eZXLJOeiNfh7XHaI0wHwYDVR0jBBgwFoAUGUkK ++QXBjeGMy7XVnrXfrvVJUNswDQYJKoZIhvcNAQELBQADggEBAJmXn/gefez7mq1b +iKpPLPeHUncIgVaru03v8YCX14pHFAsVuLgZ1lANelSrq+PR/HBJbQj8iloV938o +YFppe/fb96D8a2u90dnGwWipMRSDo3wgcInL38xfcH5UEPBVJVLa3IUkfwDjjEqK +3O0GXVSpjyv3RW+E9wfPfGSysRX66cTo5Uh3z3hTAloDc8uhCYRPcxG7S9eKD6jW +Z3MlFlw4U8CdO90L0nB1KFhz1Et0Sl9u/LDsUYq6mE+XhTngPs8qwR/o43s1DUID +y5Oi4A4+id+xO0XnHIkkqCfPtFzxl3hwytcy8EqISynzzHWNJ8bFZIYX4tgX+PLq +u0/ITEw= +-----END CERTIFICATE----- \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/certificates/invalid-cert.crt b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/certificates/invalid-cert.crt new file mode 100644 index 000000000..c526af6bd --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/certificates/invalid-cert.crt @@ -0,0 +1,3 @@ +-----BEGIN CERTIFICATE----- +invalidcertificate +-----END CERTIFICATE----- \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/certificates/tls.crt b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/certificates/tls.crt new file mode 100644 index 000000000..46fa79fc6 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/certificates/tls.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDCTCCAfGgAwIBAgIUeINiBxKE48ZayvCanHDpjBBWWT0wDQYJKoZIhvcNAQEL +BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTI0MDIwMjA4NDMxOFoXDTI1MDIw +MTA4NDMxOFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEA4Cb1Kgflk0cqGl1OonsCHD8VZI8Njc4KH0guf0Vy9lcf +s937MX3jfjfZckdao+ontDK5FdXNpalSHXVsv0HFOkUwpg2RHykULzBftG8YQrV/ +6NZgvVOPaX4IjGqkQaKdaY0nQGWH5g1RWYOxrBQEagpGjbWeBi2V4D0+4WkLVpjn +Ovqs3YIlHBPihC28OXi6N1K4cy1/lWOpQ+tVEVaQ05evybxMRT+0p4mOmc5LIRzF +ovjh9dJie47AlYOoI6WCKBSqESm9E1i49vWg5Ya3p0opDt/mLb90yhcPs4Et3Atw +aDH+7hHQ8UFkP1e5MA/r8ikWh0PQnB5liPWFbG14EwIDAQABo1MwUTAdBgNVHQ4E +FgQUkeTnxySX8Vylu3H3MttzP1SUj/EwHwYDVR0jBBgwFoAUkeTnxySX8Vylu3H3 +MttzP1SUj/EwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAksub +Vus945gRyQsZrEQlP4Wq8VgEJfy/f26gV7SutaPaYb9wsFIou8favoZkqBVo51Qd +yvh5aSplMr8G8hR/u0QpPtiKF6x1Mm7pe7DILuL17f46aWw4H8znFMMlYm3XmXwC +ATDIR7Cm+HMH3VhI3FfMrXNeg8QAm+Gkya0a0717xfGmlSsKPj/Rx07e5M+XU/Zq +NOnPsWq8BZ6gJdtvL8Xq6kk9WLdzsdE0JUv0/zuXkXzvs+/61shh2A2ot78d3XpT +RAlXLyYWrmyp4G3XQvW1thaAxHF8NKlm+9QBXIeYi8R5pcNwDLbxXo2N7vJx/r+w +DXoeIHImTMHHH5CWnw== +-----END CERTIFICATE----- diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/definitions/employee_with_rl_r.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/definitions/employee_with_rl_r.json new file mode 100644 index 000000000..13a1d5608 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/definitions/employee_with_rl_r.json @@ -0,0 +1,282 @@ +{ + "openapi": "3.0.1", + "info": { + "title": "SimpleRateLimitResourceLevelAPI", + "version": "3.14" + }, + "servers": [ + { + "url": "http://backend:80/anything", + "description": "Server URL" + } + ], + "security": [ + { + "default": [] + } + ], + "paths": { + "/employee": { + "get": { + "tags": [ + "employee-controller" + ], + "operationId": "getEmployees", + "parameters": [ + { + "name": "id", + "in": "query", + "required": true, + "style": "form", + "explode": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "default response", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Employee" + } + } + } + } + } + }, + "security": [ + { + "default": [] + } + ], + "x-throttling-tier": "TestRatelimit", + "x-auth-type": "Application & Application User", + "x-wso2-application-security": { + "security-types": [ + "oauth2" + ], + "optional": false + } + }, + "post": { + "tags": [ + "employee-controller" + ], + "operationId": "addEmployee", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Employee" + } + } + } + }, + "responses": { + "200": { + "description": "default response", + "content": { + "*/*": { + "schema": { + "$ref": "#/components/schemas/Employee" + } + } + } + } + }, + "security": [ + { + "default": [] + } + ], + "x-throttling-tier": "Unlimited", + "x-auth-type": "Application & Application User", + "x-wso2-application-security": { + "security-types": [ + "oauth2" + ], + "optional": false + } + } + }, + "/employee/{employeeId}": { + "put": { + "tags": [ + "employee-controller" + ], + "operationId": "editEmployee", + "parameters": [ + { + "name": "employeeId", + "in": "path", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "integer", + "format": "int32" + } + } + ], + "responses": { + "200": { + "description": "default response", + "content": { + "*/*": { + "schema": { + "$ref": "#/components/schemas/Employee" + } + } + } + } + }, + "security": [ + { + "default": [] + } + ], + "x-throttling-tier": "Unlimited", + "x-auth-type": "Application & Application User", + "x-wso2-application-security": { + "security-types": [ + "oauth2" + ], + "optional": false + } + }, + "delete": { + "tags": [ + "employee-controller" + ], + "operationId": "deleteEmployee", + "parameters": [ + { + "name": "employeeId", + "in": "path", + "required": true, + "style": "simple", + "explode": false, + "schema": { + "type": "integer", + "format": "int32" + } + } + ], + "responses": { + "200": { + "description": "default response", + "content": { + "*/*": { + "schema": { + "$ref": "#/components/schemas/Employee" + } + } + } + } + }, + "security": [ + { + "default": [] + } + ], + "x-throttling-tier": "Unlimited", + "x-auth-type": "Application & Application User", + "x-wso2-application-security": { + "security-types": [ + "oauth2" + ], + "optional": false + } + } + } + }, + "components": { + "schemas": { + "Employee": { + "type": "object", + "properties": { + "empId": { + "type": "string" + }, + "name": { + "type": "string" + }, + "designation": { + "type": "string" + }, + "salary": { + "type": "number", + "format": "double" + } + } + } + }, + "securitySchemes": { + "default": { + "type": "oauth2", + "flows": { + "implicit": { + "authorizationUrl": "https://test.com", + "scopes": {} + } + } + } + } + }, + "x-wso2-api-key-header": "ApiKey", + "x-wso2-auth-header": "Authorization", + "x-throttling-tier": "TestRatelimit", + "x-wso2-cors": { + "corsConfigurationEnabled": false, + "accessControlAllowOrigins": [ + "*" + ], + "accessControlAllowCredentials": false, + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "x-wso2-production-endpoints": { + "urls": [ + "http://backend:80/anything" + ], + "type": "http" + }, + "x-wso2-sandbox-endpoints": { + "urls": [ + "http://backend:80/anything" + ], + "type": "http" + }, + "x-wso2-basePath": "/simple-rl-r/3.14", + "x-wso2-transports": [ + "http", + "https" + ], + "x-wso2-application-security": { + "security-types": [ + "oauth2" + ], + "optional": false + }, + "x-wso2-response-cache": { + "enabled": false, + "cacheTimeoutInSeconds": 300 + } +} diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/definitions/employees_api.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/definitions/employees_api.json new file mode 100644 index 000000000..35afc7480 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/definitions/employees_api.json @@ -0,0 +1,158 @@ +{ + "openapi": "3.0.1", + "info": { + "title": "EmployeeServiceAPI", + "version": "3.14" + }, + "servers": [ + { + "url": "http://backend:80/anything", + "description": "Server URL", + "variables": {} + } + ], + "paths": { + "/employee": { + "get": { + "tags": [ + "employee-controller" + ], + "operationId": "getEmployees", + "parameters": [ + { + "name": "id", + "in": "query", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "default response", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/Employee" + } + } + } + } + } + } + }, + "post": { + "tags": [ + "employee-controller" + ], + "operationId": "addEmployee", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/Employee" + } + } + } + }, + "responses": { + "200": { + "description": "default response", + "content": { + "*/*": { + "schema": { + "$ref": "#/components/schemas/Employee" + } + } + } + } + } + } + }, + "/employee/{employeeId}": { + "put": { + "tags": [ + "employee-controller" + ], + "operationId": "editEmployee", + "parameters": [ + { + "name": "employeeId", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "format": "int32" + } + } + ], + "responses": { + "200": { + "description": "default response", + "content": { + "*/*": { + "schema": { + "$ref": "#/components/schemas/Employee" + } + } + } + } + } + }, + "delete": { + "tags": [ + "employee-controller" + ], + "operationId": "deleteEmployee", + "parameters": [ + { + "name": "employeeId", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "format": "int32" + } + } + ], + "responses": { + "200": { + "description": "default response", + "content": { + "*/*": { + "schema": { + "$ref": "#/components/schemas/Employee" + } + } + } + } + } + } + } + }, + "components": { + "schemas": { + "Employee": { + "type": "object", + "properties": { + "empId": { + "type": "string" + }, + "name": { + "type": "string" + }, + "designation": { + "type": "string" + }, + "salary": { + "type": "number", + "format": "double" + } + } + } + } + } +} diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/original.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/original.json new file mode 100644 index 000000000..2fcabfca0 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/original.json @@ -0,0 +1,92 @@ +{ + "name": "ResourceLevelIntercepterAPI", + "context": "/rlintercepter", + "version": "1.0.0", + "provider": "admin", + "isDefaultVersion": false, + "type": "HTTP", + "audience": null, + "transport": ["http", "https"], + "tags": [], + "policies": ["Unlimited"], + "authorizationHeader": "Authorization", + "apiKeyHeader": "ApiKey", + "securityScheme": ["oauth_basic_auth_api_key_mandatory", "oauth2"], + "additionalProperties": [ + { "name": "APIGroup", "value": "Gold", "display": false }, + { "name": "APITier", "value": "Unlimited", "display": false } + ], + "additionalPropertiesMap": { + "APIGroup": { "name": "APIGroup", "value": "Gold", "display": false }, + "APITier": { "name": "APITier", "value": "Unlimited", "display": false } + }, + "apiPolicies": { + "request": [], + "response": [], + "fault": [] + }, + "corsConfiguration": { + "corsConfigurationEnabled": false, + "accessControlAllowOrigins": ["*"], + "accessControlAllowCredentials": false, + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { "url": "http://backend.apk.svc.cluster.local" }, + "production_endpoints": { "url": "http://backend.apk.svc.cluster.local" } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "/headers", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "/get", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + } + ], + "gatewayVendor": "wso2", + "gatewayType": "wso2/apk" +} diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/request_and_response.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/request_and_response.json new file mode 100644 index 000000000..251eb72f6 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/request_and_response.json @@ -0,0 +1,159 @@ +{ + "name": "ReqandResIntercepterServiceAPI", + "context": "/intercepter", + "version": "1.0.0", + "provider": "admin", + "isDefaultVersion": false, + "type": "HTTP", + "audience": null, + "transport": ["http", "https"], + "tags": [], + "policies": ["Unlimited"], + "authorizationHeader": "Authorization", + "apiKeyHeader": "ApiKey", + "securityScheme": ["oauth_basic_auth_api_key_mandatory", "oauth2"], + "apiPolicies": { + "request": [ + { + "policyName": "ccCallInterceptorService", + "policyVersion": "v1", + "parameters": { + "interceptorServiceURL": "http://interceptor-service.apk.svc.cluster.local:8443", + "includes": "request_header,request_body" + } + } + ], + "response": [ + { + "policyName": "ccCallInterceptorService", + "policyVersion": "v1", + "parameters": { + "interceptorServiceURL": "http://interceptor-service.apk.svc.cluster.local:8443", + "includes": "response_header,response_body" + } + } + ], + "fault": [] + }, + "corsConfiguration": { + "corsConfigurationEnabled": false, + "accessControlAllowOrigins": ["*"], + "accessControlAllowCredentials": false, + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { "url": "http://backend.apk.svc.cluster.local" }, + "production_endpoints": { "url": "http://backend.apk.svc.cluster.local" } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "/*", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/*", + "verb": "PUT", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/*", + "verb": "POST", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/*", + "verb": "DELETE", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/*", + "verb": "PATCH", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/get", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + } + ], + "gatewayVendor": "wso2", + "gatewayType": "wso2/apk" + } + \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/request_interceptor.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/request_interceptor.json new file mode 100644 index 000000000..23ef0b884 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/request_interceptor.json @@ -0,0 +1,149 @@ +{ + "name": "IntercepterServiceAPI", + "context": "/intercepter", + "version": "1.0.0", + "provider": "admin", + "isDefaultVersion": false, + "type": "HTTP", + "audience": null, + "transport": ["http", "https"], + "tags": [], + "policies": ["Unlimited"], + "authorizationHeader": "Authorization", + "apiKeyHeader": "ApiKey", + "securityScheme": ["oauth_basic_auth_api_key_mandatory", "oauth2"], + "apiPolicies": { + "request": [ + { + "policyName": "ccCallInterceptorService", + "policyVersion": "v1", + "parameters": { + "interceptorServiceURL": "http://interceptor-service.apk.svc.cluster.local:8443", + "includes": "request_header,request_body" + } + } + ], + "response": [], + "fault": [] + }, + "corsConfiguration": { + "corsConfigurationEnabled": false, + "accessControlAllowOrigins": ["*"], + "accessControlAllowCredentials": false, + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { "url": "http://backend.apk.svc.cluster.local" }, + "production_endpoints": { "url": "http://backend.apk.svc.cluster.local" } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "/*", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/*", + "verb": "PUT", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/*", + "verb": "POST", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/*", + "verb": "DELETE", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/*", + "verb": "PATCH", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/get", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + } + ], + "gatewayVendor": "wso2", + "gatewayType": "wso2/apk" +} diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/request_interceptor_param_variation.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/request_interceptor_param_variation.json new file mode 100644 index 000000000..50f92df08 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/request_interceptor_param_variation.json @@ -0,0 +1,159 @@ +{ + "name": "ParamVarIntercepterServiceAPI", + "context": "/intercepter", + "version": "1.0.0", + "provider": "admin", + "isDefaultVersion": false, + "type": "HTTP", + "audience": null, + "transport": ["http", "https"], + "tags": [], + "policies": ["Unlimited"], + "authorizationHeader": "Authorization", + "apiKeyHeader": "ApiKey", + "securityScheme": ["oauth_basic_auth_api_key_mandatory", "oauth2"], + "apiPolicies": { + "request": [ + { + "policyName": "ccCallInterceptorService", + "policyVersion": "v1", + "parameters": { + "interceptorServiceURL": "http://interceptor-service.apk.svc.cluster.local:8443", + "includes": "request_header,request_body,response_header,response_body" + } + } + ], + "response": [ + { + "policyName": "ccCallInterceptorService", + "policyVersion": "v1", + "parameters": { + "interceptorServiceURL": "http://interceptor-service.apk.svc.cluster.local:8443", + "includes": "response_header,response_body" + } + } + ], + "fault": [] + }, + "corsConfiguration": { + "corsConfigurationEnabled": false, + "accessControlAllowOrigins": ["*"], + "accessControlAllowCredentials": false, + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { "url": "http://backend.apk.svc.cluster.local" }, + "production_endpoints": { "url": "http://backend.apk.svc.cluster.local" } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "/*", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/get", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/*", + "verb": "PUT", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/*", + "verb": "POST", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/*", + "verb": "DELETE", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/*", + "verb": "PATCH", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + } + ], + "gatewayVendor": "wso2", + "gatewayType": "wso2/apk" + } + \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/resource_level_interceptor.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/resource_level_interceptor.json new file mode 100644 index 000000000..da8190b51 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/resource_level_interceptor.json @@ -0,0 +1,111 @@ +{ + "name": "ResourceLevelIntercepterAPI", + "context": "/rlintercepter", + "version": "1.0.0", + "provider": "admin", + "isDefaultVersion": false, + "type": "HTTP", + "audience": null, + "transport": ["http", "https"], + "tags": [], + "policies": ["Unlimited"], + "authorizationHeader": "Authorization", + "apiKeyHeader": "ApiKey", + "securityScheme": ["oauth_basic_auth_api_key_mandatory", "oauth2"], + "additionalProperties": [ + { "name": "APIGroup", "value": "Gold", "display": false }, + { "name": "APITier", "value": "Unlimited", "display": false } + ], + "additionalPropertiesMap": { + "APIGroup": { "name": "APIGroup", "value": "Gold", "display": false }, + "APITier": { "name": "APITier", "value": "Unlimited", "display": false } + }, + "apiPolicies": { + "request": [], + "response": [], + "fault": [] + }, + "corsConfiguration": { + "corsConfigurationEnabled": false, + "accessControlAllowOrigins": ["*"], + "accessControlAllowCredentials": false, + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { "url": "http://backend.apk.svc.cluster.local" }, + "production_endpoints": { "url": "http://backend.apk.svc.cluster.local" } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "/headers", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [ + { + "policyName": "ccCallInterceptorService", + "policyVersion": "v1", + "parameters": { + "interceptorServiceURL": "http://interceptor-service.apk.svc.cluster.local:8443", + "includes": "request_header,request_body" + } + } + ], + "response": [ + { + "policyName": "ccCallInterceptorService", + "policyVersion": "v1", + "parameters": { + "interceptorServiceURL": "http://interceptor-service.apk.svc.cluster.local:8443", + "includes": "response_header,response_body" + } + } + ], + "fault": [] + } + }, + { + "id": "", + "target": "/get", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + } + ], + "gatewayVendor": "wso2", + "gatewayType": "wso2/apk" + } + \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/response_interceptor.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/response_interceptor.json new file mode 100644 index 000000000..780b66f4b --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/api_policy/response_interceptor.json @@ -0,0 +1,188 @@ +{ + "name": "ResponseIntercepterServiceAPI", + "description": null, + "context": "/interceptor", + "version": "1.0.0", + "provider": "admin", + "type": "HTTP", + "audience": null, + "transport": [ + "http", + "https" + ], + "tags": [], + "policies": [ + "Unlimited" + ], + "apiThrottlingPolicy": null, + "authorizationHeader": "Authorization", + "apiKeyHeader": "ApiKey", + "securityScheme": [ + "oauth_basic_auth_api_key_mandatory", + "oauth2" + ], + "apiPolicies": { + "request": [], + "response": [ + { + "policyName": "ccCallInterceptorService", + "policyVersion": "v1", + "parameters": { + "interceptorServiceURL": "http://interceptor-service.apk.svc.cluster.local:8443", + "includes": "response_header,response_body" + } + } + ], + "fault": [] + }, + "corsConfiguration": { + "corsConfigurationEnabled": false, + "accessControlAllowOrigins": [ + "*" + ], + "accessControlAllowCredentials": false, + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { + "url": "http://backend.apk.svc.cluster.local" + }, + "production_endpoints": { + "url": "http://backend.apk.svc.cluster.local" + } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "/*", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "/*", + "verb": "PUT", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "/*", + "verb": "POST", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "/*", + "verb": "DELETE", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "/*", + "verb": "PATCH", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "/get", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + } + ], + "gatewayVendor": "wso2", + "gatewayType": "wso2/apk" +} \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/cors_api.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/cors_api.json index 0f2f16852..83ce720af 100644 --- a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/cors_api.json +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/cors_api.json @@ -3,6 +3,7 @@ "context": "/test_cors", "version": "2.0.0", "type": "HTTP", + "gatewayType":"wso2/apk", "transport": [ "http", "https" diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/gql_api_level_rl.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/gql_api_level_rl.json new file mode 100644 index 000000000..2336b8695 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/gql_api_level_rl.json @@ -0,0 +1,225 @@ +{ + "name": "StarwarsAPI", + "context": "/graphql", + "version": "3.14", + "type": "GRAPHQL", + "transport": ["http", "https"], + "tags": [], + "policies": ["Unlimited"], + "apiThrottlingPolicy": "TestRatelimit", + "authorizationHeader": "Authorization", + "apiKeyHeader": "ApiKey", + "securityScheme": ["oauth_basic_auth_api_key_mandatory", "oauth2"], + "corsConfiguration": { + "corsConfigurationEnabled": false, + "accessControlAllowOrigins": ["*"], + "accessControlAllowCredentials": false, + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { "url": "http://graphql-faker-service:9002/graphql" }, + "production_endpoints": { + "url": "http://graphql-faker-service:9002/graphql" + } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "allCharacters", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "allDroids", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "allHumans", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "character", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "createReview", + "verb": "MUTATION", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "droid", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "hero", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "human", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "reviewAdded", + "verb": "SUBSCRIPTION", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "reviews", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "search", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "starship", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + } + ], + "gatewayVendor": "wso2", + "gatewayType": "wso2/apk" +} diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/gql_cors.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/gql_cors.json index 355f8a0cf..8da95be27 100644 --- a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/gql_cors.json +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/gql_cors.json @@ -5,6 +5,7 @@ "provider": "admin", "type": "GRAPHQL", "audience": null, + "gatewayType":"wso2/apk", "transport": [ "http", "https" diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/gql_resource_level_rl.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/gql_resource_level_rl.json new file mode 100644 index 000000000..65ba137ee --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/gql_resource_level_rl.json @@ -0,0 +1,287 @@ +{ + "name": "StarwarsAPI", + "context": "/graphql", + "version": "3.14", + "provider": "admin", + "type": "GRAPHQL", + "audience": null, + "transport": [ + "http", + "https" + ], + "tags": [], + "policies": [ + "Unlimited" + ], + "apiThrottlingPolicy": null, + "authorizationHeader": "Authorization", + "apiKeyHeader": "ApiKey", + "securityScheme": [ + "oauth_basic_auth_api_key_mandatory", + "oauth2" + ], + "corsConfiguration": { + "corsConfigurationEnabled": false, + "accessControlAllowOrigins": [ + "*" + ], + "accessControlAllowCredentials": false, + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { + "url": "http://graphql-faker-service:9002/graphql" + }, + "production_endpoints": { + "url": "http://graphql-faker-service:9002/graphql" + } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "allCharacters", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "allDroids", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "allHumans", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "character", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "createReview", + "verb": "MUTATION", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "droid", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "hero", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "TestRatelimit", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "human", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "reviewAdded", + "verb": "SUBSCRIPTION", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "reviews", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "search", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "starship", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + } + ], + "gatewayVendor": "wso2", + "gatewayType": "wso2/apk" +} \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/graphql_with_mtls.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/graphql_with_mtls.json new file mode 100644 index 000000000..a55da08f5 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/graphql_with_mtls.json @@ -0,0 +1,232 @@ +{ + "name": "GraphQLAPImTLS", + "context": "/graphql", + "version": "3.14", + "provider": "admin", + "type": "GRAPHQL", + "audience": null, + "transport": ["https"], + "tags": [], + "policies": ["Unlimited"], + "apiThrottlingPolicy": null, + "authorizationHeader": "Authorization", + "apiKeyHeader": "ApiKey", + "securityScheme": [ + "oauth2", + "oauth_basic_auth_api_key_mandatory", + "mutualssl", + "mutualssl_mandatory" + ], + "corsConfiguration": { + "corsConfigurationEnabled": false, + "accessControlAllowCredentials": false, + "accessControlAllowOrigins": ["*"], + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { "url": "http://graphql-faker-service:9002/graphql" }, + "production_endpoints": { + "url": "http://graphql-faker-service:9002/graphql" + } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "hero", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "reviews", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "search", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "character", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "droid", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "human", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "allHumans", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "allDroids", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "allCharacters", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "starship", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "createReview", + "verb": "MUTATION", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "reviewAdded", + "verb": "SUBSCRIPTION", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + } + ], + "gatewayVendor": "wso2", + "gatewayType": "wso2/apk" +} diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/graphql_with_mtls_optional_oauth2_mandatory.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/graphql_with_mtls_optional_oauth2_mandatory.json new file mode 100644 index 000000000..3978ad731 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/graphql_with_mtls_optional_oauth2_mandatory.json @@ -0,0 +1,233 @@ +{ + "name": "GraphQLAPImTLS", + "context": "/graphql", + "version": "3.14", + "provider": "admin", + "type": "GRAPHQL", + "audience": null, + "transport": ["https"], + "tags": [], + "policies": ["Unlimited"], + "apiThrottlingPolicy": null, + "authorizationHeader": "Authorization", + "apiKeyHeader": "ApiKey", + "securityScheme": [ + "oauth2", + "oauth_basic_auth_api_key_mandatory", + "mutualssl", + "mutualssl_optional" + ], + "corsConfiguration": { + "corsConfigurationEnabled": false, + "accessControlAllowCredentials": false, + "accessControlAllowOrigins": ["*"], + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { "url": "http://graphql-faker-service:9002/graphql" }, + "production_endpoints": { + "url": "http://graphql-faker-service:9002/graphql" + } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "hero", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "reviews", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "search", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "character", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "droid", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "human", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "allHumans", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "allDroids", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "allCharacters", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "starship", + "verb": "QUERY", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "createReview", + "verb": "MUTATION", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "reviewAdded", + "verb": "SUBSCRIPTION", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + } + ], + "gatewayVendor": "wso2", + "gatewayType": "wso2/apk" + } + \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/mtls_mandatory_oauth2_disabled.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/mtls_mandatory_oauth2_disabled.json new file mode 100644 index 000000000..168f7f266 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/mtls_mandatory_oauth2_disabled.json @@ -0,0 +1,112 @@ +{ + "name": "EmployeeServiceAPI", + "context": "/mtls", + "version": "3.14", + "provider": "admin", + "type": "HTTP", + "transport": ["https"], + "tags": [], + "policies": ["Unlimited"], + "apiThrottlingPolicy": null, + "authorizationHeader": "Authorization", + "apiKeyHeader": "ApiKey", + "securityScheme": [ + "mutualssl", + "mutualssl_mandatory" + ], + "apiPolicies": { + "request": [], + "response": [], + "fault": [] + }, + "corsConfiguration": { + "corsConfigurationEnabled": false, + "accessControlAllowCredentials": false, + "accessControlAllowOrigins": ["*"], + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { "url": "http://backend:80/anything" }, + "production_endpoints": { "url": "http://backend:80/anything" } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "/employee", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/employee/{employeeId}", + "verb": "PUT", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/employee", + "verb": "POST", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/employee{employeeId}", + "verb": "DELETE", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + } + ], + "gatewayVendor": "wso2", + "gatewayType": "wso2/apk" +} diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/mtls_mandatory_oauth2_enabled.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/mtls_mandatory_oauth2_enabled.json new file mode 100644 index 000000000..34ef106f5 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/mtls_mandatory_oauth2_enabled.json @@ -0,0 +1,114 @@ +{ + "name": "EmployeeServiceAPI", + "context": "/mtls", + "version": "3.14", + "provider": "admin", + "type": "HTTP", + "transport": ["https"], + "tags": [], + "policies": ["Unlimited"], + "apiThrottlingPolicy": null, + "authorizationHeader": "Authorization", + "apiKeyHeader": "ApiKey", + "securityScheme": [ + "oauth2", + "oauth_basic_auth_api_key_mandatory", + "mutualssl", + "mutualssl_mandatory" + ], + "apiPolicies": { + "request": [], + "response": [], + "fault": [] + }, + "corsConfiguration": { + "corsConfigurationEnabled": false, + "accessControlAllowCredentials": false, + "accessControlAllowOrigins": ["*"], + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { "url": "http://backend:80/anything" }, + "production_endpoints": { "url": "http://backend:80/anything" } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "/employee", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/employee/{employeeId}", + "verb": "PUT", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/employee", + "verb": "POST", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/employee{employeeId}", + "verb": "DELETE", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + } + ], + "gatewayVendor": "wso2", + "gatewayType": "wso2/apk" +} diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/mtls_mandatory_oauth2_optional.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/mtls_mandatory_oauth2_optional.json new file mode 100644 index 000000000..8f019ab35 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/mtls_mandatory_oauth2_optional.json @@ -0,0 +1,115 @@ +{ + "name": "EmployeeServiceAPI", + "context": "/mtls", + "version": "3.14", + "provider": "admin", + "type": "HTTP", + "transport": ["https"], + "tags": [], + "policies": ["Unlimited"], + "apiThrottlingPolicy": null, + "authorizationHeader": "Authorization", + "apiKeyHeader": "ApiKey", + "securityScheme": [ + "mutualssl", + "oauth2", + "oauth_basic_auth_api_key_optional", + "mutualssl_mandatory" + ], + "apiPolicies": { + "request": [], + "response": [], + "fault": [] + }, + "corsConfiguration": { + "corsConfigurationEnabled": false, + "accessControlAllowCredentials": false, + "accessControlAllowOrigins": ["*"], + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { "url": "http://backend:80/anything" }, + "production_endpoints": { "url": "http://backend:80/anything" } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "/employee", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/employee/{employeeId}", + "verb": "PUT", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/employee", + "verb": "POST", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/employee{employeeId}", + "verb": "DELETE", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + } + ], + "gatewayVendor": "wso2", + "gatewayType": "wso2/apk" + } + \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/mtls_optional_oauth2_mandatory.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/mtls_optional_oauth2_mandatory.json new file mode 100644 index 000000000..9d4a0582e --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/mtls_optional_oauth2_mandatory.json @@ -0,0 +1,114 @@ +{ + "name": "EmployeeServiceAPI", + "context": "/mtls", + "version": "3.14", + "provider": "admin", + "type": "HTTP", + "transport": ["https"], + "tags": [], + "policies": ["Unlimited"], + "apiThrottlingPolicy": null, + "authorizationHeader": "Authorization", + "apiKeyHeader": "ApiKey", + "securityScheme": [ + "mutualssl", + "oauth2", + "mutualssl_optional", + "oauth_basic_auth_api_key_mandatory" + ], + "apiPolicies": { + "request": [], + "response": [], + "fault": [] + }, + "corsConfiguration": { + "corsConfigurationEnabled": false, + "accessControlAllowCredentials": false, + "accessControlAllowOrigins": ["*"], + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { "url": "http://backend:80/anything" }, + "production_endpoints": { "url": "http://backend:80/anything" } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "/employee", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/employee/{employeeId}", + "verb": "PUT", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/employee", + "verb": "POST", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/employee{employeeId}", + "verb": "DELETE", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + } + ], + "gatewayVendor": "wso2", + "gatewayType": "wso2/apk" +} diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/mtls_optional_oauth2_optional.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/mtls_optional_oauth2_optional.json new file mode 100644 index 000000000..f3601ab62 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/mtls/mtls_optional_oauth2_optional.json @@ -0,0 +1,115 @@ +{ + "name": "EmployeeServiceAPI", + "context": "/mtls", + "version": "3.14", + "provider": "admin", + "type": "HTTP", + "transport": ["https"], + "tags": [], + "policies": ["Unlimited"], + "apiThrottlingPolicy": null, + "authorizationHeader": "Authorization", + "apiKeyHeader": "ApiKey", + "securityScheme": [ + "mutualssl", + "oauth2", + "oauth_basic_auth_api_key_optional", + "mutualssl_optional" + ], + "apiPolicies": { + "request": [], + "response": [], + "fault": [] + }, + "corsConfiguration": { + "corsConfigurationEnabled": false, + "accessControlAllowCredentials": false, + "accessControlAllowOrigins": ["*"], + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { "url": "http://backend:80/anything" }, + "production_endpoints": { "url": "http://backend:80/anything" } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "/employee", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/employee/{employeeId}", + "verb": "PUT", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/employee", + "verb": "POST", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + }, + { + "id": "", + "target": "/employee{employeeId}", + "verb": "DELETE", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { "request": [], "response": [], "fault": [] } + } + ], + "gatewayVendor": "wso2", + "gatewayType": "wso2/apk" + } + \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/ratelimit_api.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/ratelimit_api.json new file mode 100644 index 000000000..0700cdd60 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/ratelimit_api.json @@ -0,0 +1,85 @@ +{ + "name": "SimpleRateLimitAPI", + "context": "/simple-rl", + "version": "3.14", + "type": "HTTP", + "transport": [ + "http", + "https" + ], + "policies": [ + "Gold", + "Unlimited" + ], + "apiThrottlingPolicy": "TestRatelimit", + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { + "url": "http://backend:80/anything" + }, + "production_endpoints": { + "url": "http://backend:80/anything" + } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "/employee", + "verb": "GET", + "authType": "Application \u0026 Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "/employee", + "verb": "POST", + "authType": "Application \u0026 Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "/employee/{employeeId}", + "verb": "PUT", + "authType": "Application \u0026 Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "/employee/{employeeId}", + "verb": "DELETE", + "authType": "Application \u0026 Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + } + ], + "gatewayType":"wso2/apk" +} diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/ratelimit_api2.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/ratelimit_api2.json new file mode 100644 index 000000000..b8365fe4e --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/ratelimit_api2.json @@ -0,0 +1,84 @@ +{ + "name": "SimpleRateLimitResourceLevelAPI", + "context": "/simple-rl-r", + "version": "3.14", + "type": "HTTP", + "transport": [ + "http", + "https" + ], + "policies": [ + "Unlimited", + "Gold" + ], + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { + "url": "http://backend:80/anything" + }, + "production_endpoints": { + "url": "http://backend:80/anything" + } + }, + "endpointImplementationType": "ENDPOINT", + "scopes": [], + "operations": [ + { + "id": "", + "target": "/employee", + "verb": "GET", + "authType": "Application \u0026 Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "/employee", + "verb": "POST", + "authType": "Application \u0026 Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "/employee/{employeeId}", + "verb": "PUT", + "authType": "Application \u0026 Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "/employee/{employeeId}", + "verb": "DELETE", + "authType": "Application \u0026 Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + } + ], + "gatewayType":"wso2/apk" +} diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/resource_level_rl.json b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/resource_level_rl.json new file mode 100644 index 000000000..44f291e67 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/artifacts/payloads/resource_level_rl.json @@ -0,0 +1,151 @@ +{ + "name": "SimpleRateLimitResourceLevelAPI", + "context": "/simple-rl-r", + "version": "3.14", + "type": "HTTP", + "transport": [ + "http", + "https" + ], + "tags": [], + "policies": [ + "Unlimited" + ], + "apiThrottlingPolicy": null, + "authorizationHeader": "Authorization", + "apiKeyHeader": "ApiKey", + "securityScheme": [ + "oauth_basic_auth_api_key_mandatory", + "oauth2" + ], + "corsConfiguration": { + "corsConfigurationEnabled": false, + "accessControlAllowOrigins": [ + "*" + ], + "accessControlAllowCredentials": false, + "accessControlAllowHeaders": [ + "authorization", + "Access-Control-Allow-Origin", + "Content-Type", + "SOAPAction" + ], + "accessControlAllowMethods": [ + "GET", + "PUT", + "POST", + "DELETE", + "PATCH", + "OPTIONS" + ] + }, + "endpointConfig": { + "endpoint_type": "http", + "sandbox_endpoints": { + "url": "http://backend:80/anything" + }, + "production_endpoints": { + "url": "http://backend:80/anything" + } + }, + "endpointImplementationType": "ENDPOINT", + "operations": [ + { + "id": "", + "target": "/employee", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "TestRatelimit", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "/withoutrl", + "verb": "GET", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "/employee", + "verb": "POST", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "/employee/{employeeId}", + "verb": "PUT", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + }, + { + "id": "", + "target": "/employee/{employeeId}", + "verb": "DELETE", + "authType": "Application & Application User", + "throttlingPolicy": "Unlimited", + "scopes": [], + "usedProductIds": [], + "amznResourceName": null, + "amznResourceTimeout": null, + "amznResourceContentEncode": null, + "payloadSchema": null, + "uriMapping": null, + "operationPolicies": { + "request": [], + "response": [], + "fault": [] + } + } + ], + "gatewayVendor": "wso2", + "gatewayType": "wso2/apk" +} \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/APILevelInterceptor.feature b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/APILevelInterceptor.feature new file mode 100644 index 000000000..2d2f91ebb --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/APILevelInterceptor.feature @@ -0,0 +1,196 @@ +Feature: API Policy Addition(Interceptor Service) + Background: + Given The system is ready + Scenario: Create a REST API and add policy for request flow over API Level + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/api_policy/request_interceptor.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "IntercepterServiceAPI" + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + And I send "GET" request to "https://default.gw.wso2.com:9095/intercepter/1.0.0/get" with body "" + And I eventually receive 200 response code, not accepting + |429| + And the response body should contain "\"Interceptor-Header\": \"Interceptor-header-value\"" + + Scenario: Undeploying the created REST API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "IntercepterServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/interceptor/1.0.0/get" with body "" + And I eventually receive 404 response code, not accepting + |200| + + Scenario: Create a REST API and add policy for response flow over API Level + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/api_policy/response_interceptor.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "IntercepterServiceAPI" + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + And I send "GET" request to "https://default.gw.wso2.com:9095/interceptor/1.0.0/get" with body "" + Then the response status code should be 200 + Then the response headers contains key "interceptor-response-header" and value "Interceptor-Response-header-value" + + Scenario: Undeploying the created REST API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "ResponseIntercepterServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/interceptor/1.0.0/get" with body "" + And I eventually receive 404 response code, not accepting + |200| + + Scenario: Create a REST API and add policy for request and response flow over API Level + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/api_policy/request_and_response.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "ReqandResIntercepterServiceAPI" + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + And I send "GET" request to "https://default.gw.wso2.com:9095/intercepter/1.0.0/get" with body "" + Then the response status code should be 200 + And the response body should contain "\"Interceptor-Header\": \"Interceptor-header-value\"" + Then the response headers contains key "interceptor-response-header" and value "Interceptor-Response-header-value" + + Scenario: Undeploying the created REST API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "ReqandResIntercepterServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/interceptor/1.0.0/get" with body "" + And I eventually receive 404 response code, not accepting + |200| + + Scenario: Create a REST API and add interceptor with parameter variation + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/api_policy/request_interceptor_param_variation.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "ParamVarIntercepterServiceAPI" + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + And I send "GET" request to "https://default.gw.wso2.com:9095/intercepter/1.0.0/get" with body "" + Then the response status code should be 200 + And the response body should contain "\"Interceptor-Header\": \"Interceptor-header-value\"" + + Scenario: Undeploying the created REST API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "ParamVarIntercepterServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/interceptor/1.0.0/get" with body "" + And I eventually receive 404 response code, not accepting + |200| \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/APIVersion.feature b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/APIVersion.feature index b0372a3c8..bf30be4f0 100644 --- a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/APIVersion.feature +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/APIVersion.feature @@ -30,6 +30,8 @@ Feature: Creating new versions of the APIs And make the Access Token Generation request for "production" Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "GET" request to "https://default.gw.wso2.com:9095/petstore/1.0.0/pet/4" with body "" And I eventually receive 200 response code, not accepting |429| @@ -41,9 +43,6 @@ Feature: Creating new versions of the APIs Then the response status code should be 201 And make the Change Lifecycle request Then the response status code should be 200 - # And make the Subscription request - # Then the response status code should be 201 - # And the response body should contain "Unlimited" And I send "GET" request to "https://default.gw.wso2.com:9095/petstore/2.0.0/pet/4" with body "" And I eventually receive 200 response code, not accepting |429| @@ -70,8 +69,6 @@ Feature: Creating new versions of the APIs And I have a DCR application And I have a valid Publisher access token When the definition file "artifacts/definitions/schema_graphql.graphql" - Given a valid graphql definition file - Then the response should be given as valid When I use the Payload file "artifacts/payloads/gql_with_scopes.json" Then I make the import GraphQLAPI Creation request Then the response status code should be 201 @@ -97,6 +94,8 @@ Feature: Creating new versions of the APIs And make the Access Token Generation request for "production" Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" Then the response status code should be 200 And I eventually receive 200 response code, not accepting diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/BackendSecurity.feature b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/BackendSecurity.feature index b6a4c3a8a..098856f3b 100644 --- a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/BackendSecurity.feature +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/BackendSecurity.feature @@ -30,6 +30,8 @@ Feature: Backend Security for APIs And make the Access Token Generation request for "production" Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "GET" request to "https://default.gw.wso2.com:9095/petstore/1.0.0/pet/5" with body "" Then the response status code should be 200 # And the response body should contain "\"Authorization\": \"Basic YWRtaW46YWRtaW4=\"" @@ -47,18 +49,16 @@ Feature: Backend Security for APIs And I eventually receive 404 response code, not accepting |200| - Scenario: Enable basic auth for endpoint and verfy the authorization for REST API for a GraphQL API + Scenario: Enable basic auth for endpoint and verfy the authorization for a GraphQL API And I have a DCR application And I have a valid Publisher access token When the definition file "artifacts/definitions/schema_graphql.graphql" - Given a valid graphql definition file - Then the response should be given as valid When I use the Payload file "artifacts/payloads/gql_with_basic_auth.json" Then I make the import GraphQLAPI Creation request Then the response status code should be 201 And the response body should contain "StarWarsAPI" Then I use the Payload file "artifacts/payloads/gql_with_basic_auth2.json" - And I update the GQL API settings + And I update the API settings Then the response status code should be 200 And the response body should contain "StarWarsAPI" And make the API Revision Deployment request @@ -82,6 +82,8 @@ Feature: Backend Security for APIs And make the Access Token Generation request for "production" Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "POST" request to "https://default.gw.wso2.com:9095/gql_basic_auth/2.0.0/" with body "{\"query\":\"{ hero { id } }\"}" Then the response status code should be 200 # And the response body should contain "\"Authorization\": \"Basic YWRtaW46YWRtaW4=\"" diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/BackendSupport.feature b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/BackendSupport.feature index 5b8ed644f..ed5b50f7c 100644 --- a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/BackendSupport.feature +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/BackendSupport.feature @@ -30,13 +30,18 @@ Feature: Backend Support for APIs And make the Access Token Generation request for "production" Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "GET" request to "https://default.gw.wso2.com:9095/petstore/1.0.0/pet/5" with body "" Then the response status code should be 200 + Then I remove the header "Authorization" And I get "sandbox" oauth keys for application Then the response status code should be 200 And make the Access Token Generation request for "sandbox" Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "GET" request to "https://sandbox.default.gw.wso2.com:9095/petstore/1.0.0/pet/5" with body "" Then the response status code should be 200 @@ -57,8 +62,6 @@ Feature: Backend Support for APIs And I have a DCR application And I have a valid Publisher access token When the definition file "artifacts/definitions/schema_graphql.graphql" - Given a valid graphql definition file - Then the response should be given as valid When I use the Payload file "artifacts/payloads/gqlPayload.json" Then I make the import GraphQLAPI Creation request Then the response status code should be 201 @@ -84,13 +87,18 @@ Feature: Backend Support for APIs And make the Access Token Generation request for "production" Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" Then the response status code should be 200 + Then I remove the header "Authorization" And I get "sandbox" oauth keys for application Then the response status code should be 200 And make the Access Token Generation request for "sandbox" Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "POST" request to "https://sandbox.default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" Then the response status code should be 200 diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/CORS.feature b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/CORS.feature index 61519e3ea..e313076cc 100644 --- a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/CORS.feature +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/CORS.feature @@ -30,6 +30,8 @@ Feature: CORS Policy handling And make the Access Token Generation request for "production" Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "OPTIONS" request to "https://default.gw.wso2.com:9095/test_cors/2.0.0/anything/" with body "" And I eventually receive 204 response code, not accepting | 429 | @@ -87,8 +89,6 @@ Feature: CORS Policy handling And I have a DCR application And I have a valid Publisher access token When the definition file "artifacts/definitions/schema_graphql.graphql" - Given a valid graphql definition file - Then the response should be given as valid When I use the Payload file "artifacts/payloads/gql_cors.json" Then I make the import GraphQLAPI Creation request Then the response status code should be 201 @@ -114,6 +114,8 @@ Feature: CORS Policy handling And make the Access Token Generation request for "production" Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "OPTIONS" request to "https://default.gw.wso2.com:9095/test_cors/2.0.0/" with body "{\"query\":\"{ anything }\"}" And I eventually receive 204 response code, not accepting | 429 | diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/DefaultVersion.feature b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/DefaultVersion.feature index 63cc188c6..d3abb1313 100644 --- a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/DefaultVersion.feature +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/DefaultVersion.feature @@ -30,6 +30,8 @@ Feature: API Default Version And make the Access Token Generation request for "production" Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "GET" request to "https://default.gw.wso2.com:9095/petstore/1.0.0/pet/4" with body "" And I eventually receive 200 response code, not accepting |429| @@ -50,57 +52,57 @@ Feature: API Default Version And I eventually receive 404 response code, not accepting |200| -# Scenario: Checking the default version property for the GraphQL API -# And I have a DCR application -# And I have a valid Publisher access token -# When the definition file "artifacts/definitions/schema_graphql.graphql" -# Given a valid graphql definition file -# Then the response should be given as valid -# When I use the Payload file "artifacts/payloads/gql_default_version.json" -# Then I make the import GraphQLAPI Creation request -# Then the response status code should be 201 -# And the response body should contain "StarwarsAPI" -# And make the API Revision Deployment request -# Then the response status code should be 201 -# And make the Change Lifecycle request -# Then the response status code should be 200 -# And I have a valid Devportal access token -# And make the Application Creation request with the name "TestApp" -# Then the response status code should be 201 -# And the response body should contain "TestApp" -# And I have a KeyManager -# And make the Generate Keys request -# Then the response status code should be 200 -# And the response body should contain "consumerKey" -# And the response body should contain "consumerSecret" -# And make the Subscription request -# Then the response status code should be 201 -# And the response body should contain "Unlimited" -# And I get "production" oauth keys for application -# Then the response status code should be 200 -# And make the Access Token Generation request for "production" -# Then the response status code should be 200 -# And the response body should contain "accessToken" -# And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" -# Then the response status code should be 200 -# And I eventually receive 200 response code, not accepting -# | 404 | -# | 401 | -# And I send "POST" request to "https://default.gw.wso2.com:9095/graphql" with body "{\"query\":\"{ hero { name } }\"}" -# Then the response status code should be 200 -# And I eventually receive 200 response code, not accepting -# | 404 | -# | 401 | + Scenario: Checking the default version property for the GraphQL API + And I have a DCR application + And I have a valid Publisher access token + When the definition file "artifacts/definitions/schema_graphql.graphql" + When I use the Payload file "artifacts/payloads/gql_default_version.json" + Then I make the import GraphQLAPI Creation request + Then the response status code should be 201 + And the response body should contain "StarwarsAPI" + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "TestApp" + Then the response status code should be 201 + And the response body should contain "TestApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" + Then the response status code should be 200 + And I eventually receive 200 response code, not accepting + | 404 | + | 401 | + And I send "POST" request to "https://default.gw.wso2.com:9095/graphql" with body "{\"query\":\"{ hero { name } }\"}" + Then the response status code should be 200 + And I eventually receive 200 response code, not accepting + | 404 | + | 401 | -# Scenario: Undeploying an already existing GraphQL API -# And I have a DCR application -# And I have a valid Devportal access token -# Then I delete the application "TestApp" from devportal -# Then the response status code should be 200 -# And I have a valid Publisher access token -# Then I find the apiUUID of the API created with the name "StarwarsAPI" -# Then I undeploy the selected API -# Then the response status code should be 200 -# And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" -# And I eventually receive 404 response code, not accepting -# |200| \ No newline at end of file + Scenario: Undeploying an already existing GraphQL API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "TestApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "StarwarsAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" + And I eventually receive 404 response code, not accepting + |200| \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/Deployment.feature b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/Deployment.feature index d380eda36..002f4f1de 100644 --- a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/Deployment.feature +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/Deployment.feature @@ -30,6 +30,8 @@ Feature: API Deployment And make the Access Token Generation request for "production" Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "GET" request to "https://default.gw.wso2.com:9095/petstore/1.0.0/pet/4" with body "" And I eventually receive 200 response code, not accepting |429| @@ -51,8 +53,6 @@ Feature: API Deployment And I have a DCR application And I have a valid Publisher access token When the definition file "artifacts/definitions/schema_graphql.graphql" - Given a valid graphql definition file - Then the response should be given as valid When I use the Payload file "artifacts/payloads/gqlPayload.json" Then I make the import GraphQLAPI Creation request Then the response status code should be 201 @@ -78,6 +78,8 @@ Feature: API Deployment And make the Access Token Generation request for "production" Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" Then the response status code should be 200 And I eventually receive 200 response code, not accepting diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/InternalKey.feature b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/InternalKey.feature new file mode 100644 index 000000000..3a2f23e60 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/InternalKey.feature @@ -0,0 +1,33 @@ +Feature: Testing the internal-key generation and invocation + Background: + Given The system is ready + Scenario: Creating and invoking a REST API using Internal-Key + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/api1.json" + And I use the OAS URL "https://petstore3.swagger.io/api/v3/openapi.json" + And make the import API Creation request using OAS "URL" + Then the response status code should be 201 + And the response body should contain "SwaggerPetstore" + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + Then I make an internal key generation request + Then the response status code should be 200 + And the response body should contain "apikey" + Then I set headers + | Internal-Key | ${internalKey} | + And I send "GET" request to "https://default.gw.wso2.com:9095/petstore/1.0.0/pet/4" with body "" + And I eventually receive 200 response code, not accepting + |429| + + Scenario: Undeploying an already existing REST API + And I have a DCR application + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "SwaggerPetstore" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/petstore/1.0.0/pet/4" with body "" + And I eventually receive 404 response code, not accepting + |200| diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/MTLSwithOAuth2Mandatory.feature b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/MTLSwithOAuth2Mandatory.feature new file mode 100644 index 000000000..600272dab --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/MTLSwithOAuth2Mandatory.feature @@ -0,0 +1,448 @@ +Feature: Test mTLS between client and gateway with client certificate sent in header + Background: + Given The system is ready + # mTLS mandatory OAuth2 mandatory + Scenario: Test mandatory mTLS and mandatory OAuth2 with a valid client certificate in header + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_mandatory_oauth2_enabled.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 200 response code, not accepting + | 401 | + | 403 | + | 429 | + + Scenario: Undeploy the created REST API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + |200| + + + Scenario: Test mandatory mTLS and mandatory OAuth2 with a invalid client certificate in header + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_mandatory_oauth2_enabled.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And I have a client certificate "invalid-cert.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 500 + + Scenario: Undeploy the created REST API + And I have a DCR application + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + + Scenario: Test mandatory mTLS and mandatory OAuth2 without client certificate in header + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_mandatory_oauth2_enabled.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 401 response code, not accepting + | 200 | + + Scenario: Undeploy the created REST API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + |200| + + + # mTLS optional OAuth2 mandatory + Scenario: Test optional mTLS and mandatory OAuth2 with a valid client certificate in header + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_mandatory_oauth2_enabled.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 200 response code, not accepting + | 401 | + | 403 | + | 429 | + + Scenario: Undeploy the created REST API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + |200| + + Scenario: Test optional mTLS and mandatory OAuth2 without a token + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_optional_oauth2_mandatory.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + Then I set headers + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 401 response code, not accepting + | 200 | + + Scenario: Undeploy the created REST API + And I have a DCR application + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + |200| + + + Scenario: Test optional mTLS and mandatory OAuth2 with an invalid token in header + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_optional_oauth2_mandatory.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I set "invlaidToken" as the new access token + Then I set headers + | Authorization | Bearer ${accessToken} | + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 401 response code, not accepting + | 200 | + + Scenario: Undeploy the created REST API + And I have a DCR application + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + |200| + + # #TODO: ERROR Exists IN THE APK SIDE that NEED TO BE FIXED. Enable this test case after that + # Scenario: Test mandatory mTLS and disabled OAuth2 with a valid client certificate in header + # And I have a DCR application + # And I have a valid Publisher access token + # When I use the Payload file "artifacts/payloads/mtls/mtls_mandatory_oauth2_disabled.json" + # When the definition file "artifacts/definitions/cors-definition.json" + # And make the import API Creation request using OAS "File" + # Then the response status code should be 201 + # And the response body should contain "EmployeeServiceAPI" + # And I have a client certificate "config-map-1.crt" + # Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + # Then the response status code should be 201 + # And make the API Revision Deployment request + # Then the response status code should be 201 + # And make the Change Lifecycle request + # Then the response status code should be 200 + # Then I set headers + # | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + # And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + # And I eventually receive 200 response code, not accepting + # | 401 | + + # Scenario: Undeploy the created REST API + # And I have a DCR application + # And I have a valid Devportal access token + # Then I delete the application "SampleApp" from devportal + # Then the response status code should be 200 + # And I have a valid Publisher access token + # Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + # Then I undeploy the selected API + # Then the response status code should be 200 + # And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + # And I eventually receive 404 response code, not accepting + # |200| + + # Scenario: Test mandatory mTLS and disabled OAuth2 with an invalid client certificate in header + + Scenario: Test mandatory mTLS and disabled OAuth2 without a client certificate in header + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_mandatory_oauth2_disabled.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 401 response code, not accepting + | 200 | + + Scenario: Undeploy the created REST API + And I have a DCR application + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + |200| + + # Multiple certificates test cases + Scenario: Test an API with mTLS enabled and one associated certificate with multiple certificates existing in system + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_mandatory_oauth2_enabled.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 200 response code, not accepting + | 401 | + And I have a client certificate "config-map-2.crt" + Then I set headers + | Authorization | Bearer ${accessToken} | + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 401 response code, not accepting + | 200 | + And I have a client certificate "config-map-3.crt" + Then I set headers + | Authorization | Bearer ${accessToken} | + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 401 response code, not accepting + | 200 | + + Scenario: Undeploy the created REST API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + |200| + + Scenario: Test an API with mTLS enabled and multiple certificates configured + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_mandatory_oauth2_enabled.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And I have a client certificate "config-map-2.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap2" + Then the response status code should be 201 + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 200 response code, not accepting + | 401 | + And I have a client certificate "config-map-2.crt" + Then I set headers + | Authorization | Bearer ${accessToken} | + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 200 response code, not accepting + | 401 | + And I have a client certificate "config-map-3.crt" + Then I set headers + | Authorization | Bearer ${accessToken} | + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 401 response code, not accepting + | 200 | + + Scenario: Undeploy the created REST API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + |200| diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/MTLSwithOAuth2Optional.feature b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/MTLSwithOAuth2Optional.feature new file mode 100644 index 000000000..3cb49dc8e --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/MTLSwithOAuth2Optional.feature @@ -0,0 +1,382 @@ +Feature: Test mTLS between client and gateway with client certificate sent in header with OAuth2 optional + Background: + Given The system is ready + #mTLS mandatory OAuth2 optional + Scenario: Test mandatory mTLS and optional OAuth2 with a valid client certificate in header + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_mandatory_oauth2_optional.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee/" with body "" + And I eventually receive 200 response code, not accepting + | 401 | + Then I remove the header "Authorization" + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee/" with body "" + And I eventually receive 200 response code, not accepting + | 401 | + + Scenario: Undeploy the created REST API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + |200| + + Scenario: Test mandatory mTLS and optional OAuth2 with an invalid client certificate in header + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_mandatory_oauth2_optional.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + And I have a client certificate "invalid-cert.crt" + Then I set headers + | Authorization | Bearer ${accessToken} | + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee/" with body "" + And I eventually receive 401 response code, not accepting + | 200 | + Then I remove the header "Authorization" + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee/" with body "" + And I eventually receive 401 response code, not accepting + | 200 | + Then I remove the header "X-WSO2-CLIENT-CERTIFICATE" + Then I set headers + | Authorization | Bearer ${accessToken} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee/" with body "" + And I eventually receive 401 response code, not accepting + | 200 | + + Scenario: Undeploy API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + | 200 | + + Scenario: Test mandatory mTLS and optional OAuth2 without a client certificate in header + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_mandatory_oauth2_optional.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee/" with body "" + And I eventually receive 401 response code, not accepting + | 200 | + + Scenario: Undeploy the created REST API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + |200| + + # mTLS optional OAuth2 optional + Scenario: Test optional mTLS and optional OAuth2 with a valid token and then a valid client certificate in header + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_optional_oauth2_optional.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee/" with body "" + And I eventually receive 200 response code, not accepting + | 401 | + Then I remove the header "Authorization" + Then I set headers + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I eventually receive 200 response code, not accepting + | 401 | + + Scenario: Undeploy the created REST API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + |200| + + Scenario: Test optional mTLS and optional OAuth2 with an invalid client certificate and invalid token in header + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_optional_oauth2_optional.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + Then I set "invalidToken" as the new access token + And I have a client certificate "invalid-cert.crt" + Then I set headers + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + | Authorization | Bearer ${accessToken} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee/" with body "" + And I eventually receive 401 response code, not accepting + | 200 | + + Scenario: Undeploy the created REST API + And I have a DCR application + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + |200| + + Scenario: Test optional mTLS and optional OAuth2 with an invalid client certificate and valid token in header + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_optional_oauth2_optional.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + And I have a client certificate "invalid-cert.crt" + Then I set headers + | Authorization | Bearer ${accessToken} | + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee/" with body "" + And I eventually receive 401 response code, not accepting + | 200 | + Then I remove the header "Authorization" + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee/" with body "" + And I eventually receive 401 response code, not accepting + | 200 | + + Scenario: Undeploy API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + | 200 | + + Scenario: Test optional mTLS and optional OAuth2 with an invalid token in header + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_optional_oauth2_optional.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + Then I set "invalidToken" as the new access token + Then I set headers + | Authorization | Bearer ${accessToken} | + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee/" with body "" + And I eventually receive 401 response code, not accepting + | 200 | + + Scenario: Undeploy API + And I have a DCR application + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + | 200 | + + Scenario: Test optional mTLS and optional OAuth2 with no client certificate or token in header + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/mtls/mtls_optional_oauth2_optional.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "EmployeeServiceAPI" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee/" with body "" + And I eventually receive 401 response code, not accepting + | 200 | + + Scenario: Undeploy API + And I have a DCR application + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "EmployeeServiceAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + | 200 | \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/Ratelimit.feature b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/Ratelimit.feature new file mode 100644 index 000000000..694f02e1e --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/Ratelimit.feature @@ -0,0 +1,281 @@ +Feature: Testing Ratelimit feature + Background: + Given The system is ready + Scenario: Testing API level rate limiiting for REST API + And I have a DCR application + And I have a valid Adminportal access token + Then I set new API throttling policy allowing "2" requests per every "1" minute + Then the response status code should be 201 + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/ratelimit_api.json" + When the definition file "artifacts/definitions/employees_api.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "SimpleRateLimitAPI" + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + And I send "GET" request to "https://default.gw.wso2.com:9095/simple-rl/3.14/employee/" with body "" + And I eventually receive 200 response code, not accepting + |429| + |401| + And I send "GET" request to "https://default.gw.wso2.com:9095/simple-rl/3.14/employee/" with body "" + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/simple-rl/3.14/employee/" with body "" + Then the response status code should be 429 + Then I wait for next minute strictly + And I send "GET" request to "https://default.gw.wso2.com:9095/simple-rl/3.14/employee/" with body "" + Then the response status code should be 200 + + + Scenario: Undeploy the created REST API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "SimpleRateLimitAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/simple-rl/3.14/employee/" with body "" + Then the response status code should be 404 + And I send "GET" request to "https://sandbox.default.gw.wso2.com:9095/simple-rl/3.14/employee/" with body "" + Then the response status code should be 404 + And I have a valid Adminportal access token + Then I delete the created API throttling policy + + Scenario: Testing Resource level rate limiiting for REST API + And I have a DCR application + And I have a valid Adminportal access token + Then I set new API throttling policy allowing "2" requests per every "1" minute + Then the response status code should be 201 + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/resource_level_rl.json" + When the definition file "artifacts/definitions/employee_with_rl_r.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "SimpleRateLimitResourceLevelAPI" + And the response body should contain "\"throttlingPolicy\":\"TestRatelimit\"" + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "ResourceLevelApp" + Then the response status code should be 201 + And the response body should contain "ResourceLevelApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + And I send "GET" request to "https://default.gw.wso2.com:9095/simple-rl-r/3.14/employee/" with body "" + And I eventually receive 200 response code, not accepting + |429| + |401| + And I send "GET" request to "https://default.gw.wso2.com:9095/simple-rl-r/3.14/employee/" with body "" + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/simple-rl-r/3.14/employee/" with body "" + Then the response status code should be 429 + And I send "GET" request to "https://default.gw.wso2.com:9095/simple-rl-r/3.14/employee/" with body "" + Then the response status code should be 429 + And I send "GET" request to "https://default.gw.wso2.com:9095/simple-rl-r/3.14/withoutrl/" with body "" + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/simple-rl-r/3.14/withoutrl/" with body "" + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/simple-rl-r/3.14/withoutrl/" with body "" + Then the response status code should be 200 + Then I wait for next minute strictly + And I send "GET" request to "https://default.gw.wso2.com:9095/simple-rl-r/3.14/employee/" with body "" + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/simple-rl-r/3.14/employee/" with body "" + Then the response status code should be 200 + + + Scenario: Undeploy the created REST API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "ResourceLevelApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "SimpleRateLimitResourceLevelAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I have a valid Adminportal access token + Then I delete the created API throttling policy + + Scenario: Testing API level rate limiiting for GraphQL API + And I have a DCR application + And I have a valid Adminportal access token + Then I set new API throttling policy allowing "2" requests per every "1" minute + Then the response status code should be 201 + And I have a valid Publisher access token + When the definition file "artifacts/definitions/schema_graphql.graphql" + Then I use the Payload file "artifacts/payloads/gqlPayload.json" + Then I make the import GraphQLAPI Creation request + Then the response status code should be 201 + And the response body should contain "StarwarsAPI" + Then I use the Payload file "artifacts/payloads/gql_api_level_rl.json" + And I update the API settings + Then the response status code should be 200 + And the response body should contain "StarwarsAPI" + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "TestApp" + Then the response status code should be 201 + And the response body should contain "TestApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" + And I eventually receive 200 response code, not accepting + |429| + |401| + And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" + Then the response status code should be 200 + And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" + Then the response status code should be 429 + Then I wait for next minute strictly + And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" + Then the response status code should be 200 + + + Scenario: Undeploy the created GraphQL API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "TestApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "StarwarsAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" + Then the response status code should be 404 + And I send "POST" request to "https://sandbox.default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" + Then the response status code should be 404 + And I have a valid Adminportal access token + Then I delete the created API throttling policy + Then the response status code should be 200 + + # NOTE: In the current implementation, APK only supports API level ratelimitting hence this test case + # commented out. Uncomment this after the proper implementation. +# Scenario: Testing Resource level rate limiiting for REST API +# And I have a DCR application +# And I have a valid Adminportal access token +# Then I set new API throttling policy allowing "2" requests per every "1" minute +# Then the response status code should be 201 +# And I have a valid Publisher access token +# When the definition file "artifacts/definitions/schema_graphql.graphql" +# Then I use the Payload file "artifacts/payloads/gqlPayload.json" +# Then I make the import GraphQLAPI Creation request +# Then the response status code should be 201 +# And the response body should contain "StarwarsAPI" +# Then I use the Payload file "artifacts/payloads/gql_resource_level_rl.json" +# And I update the GQL API settings +# Then the response status code should be 200 +# And the response body should contain "StarwarsAPI" +# And make the API Revision Deployment request +# Then the response status code should be 201 +# And make the Change Lifecycle request +# Then the response status code should be 200 +# And I have a valid Devportal access token +# And make the Application Creation request with the name "TestApp" +# Then the response status code should be 201 +# And the response body should contain "TestApp" +# And I have a KeyManager +# And make the Generate Keys request +# Then the response status code should be 200 +# And the response body should contain "consumerKey" +# And the response body should contain "consumerSecret" +# And make the Subscription request +# Then the response status code should be 201 +# And the response body should contain "Unlimited" +# And I get "production" oauth keys for application +# Then the response status code should be 200 +# And make the Access Token Generation request for "production" +# Then the response status code should be 200 +# And the response body should contain "accessToken" +# Then I set headers +# | Authorization | Bearer ${accessToken} | +# And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" +# And I eventually receive 200 response code, not accepting +# |429| +# |401| +# And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" +# Then the response status code should be 200 +# And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" +# Then the response status code should be 429 +# And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" +# Then the response status code should be 429 +# #From here onwards, it should query an endpoint without rate limit +# And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ human(id:1000){ id name }}\"}"; +# Then the response status code should be 200 +# And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ human(id:1000){ id name }}\"}"; +# Then the response status code should be 200 +# And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ human(id:1000){ id name }}\"}"; +# Then the response status code should be 200 +# Then I wait for next minute strictly +# And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" +# Then the response status code should be 200 +# And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" +# Then the response status code should be 200 + + +# Scenario: Undeploy the created GraphQL API +# And I have a DCR application +# And I have a valid Devportal access token +# Then I delete the application "TestApp" from devportal +# Then the response status code should be 200 +# And I have a valid Publisher access token +# Then I find the apiUUID of the API created with the name "StarwarsAPI" +# Then I undeploy the selected API +# Then the response status code should be 200 +# And I have a valid Adminportal access token +# Then I delete the created API throttling policy +# Then the response status code should be 200 + diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/ResourceLevelInterceptor.feature b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/ResourceLevelInterceptor.feature new file mode 100644 index 000000000..7467e30ba --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/ResourceLevelInterceptor.feature @@ -0,0 +1,61 @@ +Feature: API Policy Addition(Interceptor Service) + Background: + Given The system is ready + Scenario: Create a REST API and add policy for request flow over Resource Level + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/api_policy/original.json" + When the definition file "artifacts/definitions/cors-definition.json" + And make the import API Creation request using OAS "File" + Then the response status code should be 201 + And the response body should contain "ResourceLevelIntercepterAPI" + Then I use the Payload file "artifacts/payloads/api_policy/resource_level_interceptor.json" + And I update the API settings + Then the response status code should be 200 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + And I send "GET" request to "https://default.gw.wso2.com:9095/rlintercepter/1.0.0/get" with body "" + And the response body should not contain "\"Interceptor-Header\"" + Then the response status code should be 200 + Then the response headers not contains key "interceptor-response-header" + And I send "GET" request to "https://default.gw.wso2.com:9095/rlintercepter/1.0.0/headers" with body "" + And the response body should contain + |"Interceptor-Header": "Interceptor-header-value"| + # |"Interceptor-Header-Apigroup": "Gold"| + # |"Interceptor-Header-Apitier": "Unlimited"| + Then the response status code should be 200 + Then the response headers contains key "interceptor-response-header" and value "Interceptor-Response-header-value" + + Scenario: Undeploying an already existing REST API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "ResourceLevelIntercepterAPI" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/rlintercepter/1.0.0/get" with body "" + And I eventually receive 404 response code, not accepting + |200| diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/Scopes.feature b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/Scopes.feature index f88068ec8..ec4747479 100644 --- a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/Scopes.feature +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/Scopes.feature @@ -30,12 +30,16 @@ Feature: Invoking APIs with scopes enabled And make the Access Token Generation request for "production" Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "GET" request to "https://default.gw.wso2.com:9095/petstore/1.0.0/pet/4" with body "" And I eventually receive 200 response code, not accepting |429| Then I make Access Token Generation request without scopes Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "GET" request to "https://default.gw.wso2.com:9095/petstore/1.0.0/pet/4" with body "" Then the response status code should be 403 @@ -53,8 +57,6 @@ Feature: Invoking APIs with scopes enabled And I have a DCR application And I have a valid Publisher access token When the definition file "artifacts/definitions/schema_graphql.graphql" - Given a valid graphql definition file - Then the response should be given as valid When I use the Payload file "artifacts/payloads/gql_with_scopes.json" Then I make the import GraphQLAPI Creation request Then the response status code should be 201 @@ -80,6 +82,8 @@ Feature: Invoking APIs with scopes enabled And make the Access Token Generation request for "production" Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" Then the response status code should be 200 And I eventually receive 200 response code, not accepting @@ -88,6 +92,8 @@ Feature: Invoking APIs with scopes enabled Then I make Access Token Generation request without scopes Then the response status code should be 200 And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ hero { name } }\"}" Then the response status code should be 403 diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/SubscriptionBlocking.feature b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/SubscriptionBlocking.feature new file mode 100644 index 000000000..d2339d2e8 --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/SubscriptionBlocking.feature @@ -0,0 +1,59 @@ +Feature: Blocking the subscription for a selected application + Background: + Given The system is ready + Scenario: Checking the subscription blocking for an REST API + And I have a DCR application + And I have a valid Publisher access token + When I use the Payload file "artifacts/payloads/api1.json" + And I use the OAS URL "https://petstore3.swagger.io/api/v3/openapi.json" + And make the import API Creation request using OAS "URL" + Then the response status code should be 201 + And the response body should contain "SwaggerPetstore" + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "SampleApp" + Then the response status code should be 201 + And the response body should contain "SampleApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + And I send "GET" request to "https://default.gw.wso2.com:9095/petstore/1.0.0/pet/4" with body "" + And I eventually receive 200 response code, not accepting + |429| + Then I send the subcription blocking request + And the response status code should be 200 + And the response body should contain "BLOCKED" + And I send "GET" request to "https://default.gw.wso2.com:9095/petstore/1.0.0/pet/4" with body "" + And I eventually receive 403 response code, not accepting + |200| + |201| + |429| + |500| + + Scenario: Undeploying the created REST API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "SampleApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "SwaggerPetstore" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/petstore/1.0.0/pet/4" with body "" + And I eventually receive 404 response code, not accepting + |200| \ No newline at end of file diff --git a/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/graphQLmTLS.feature b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/graphQLmTLS.feature new file mode 100644 index 000000000..13fc9c30a --- /dev/null +++ b/test/apim-apk-agent-test/cucumber-tests/src/test/resources/tests/api/graphQLmTLS.feature @@ -0,0 +1,178 @@ +Feature: Test mTLS between client and gateway with client certificate sent in header + Background: + Given The system is ready + Scenario: Deploying APK conf using a valid GraphQL API definition with mTLS mandatory and valid certificate + And I have a DCR application + And I have a valid Publisher access token + When the definition file "artifacts/definitions/schema_graphql.graphql" + When I use the Payload file "artifacts/payloads/mtls/graphql_with_mtls.json" + Then I make the import GraphQLAPI Creation request + Then the response status code should be 201 + And the response body should contain "GraphQLAPImTLS" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "TestApp" + Then the response status code should be 201 + And the response body should contain "TestApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ allHumans { name } }\"}" + And I eventually receive 200 response code, not accepting + | 429 | + | 500 | + And the response body should contain "\"name\":\"string\"" + + Scenario: Undeploy API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "TestApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "GraphQLAPImTLS" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + |200| + + + Scenario: Deploying APK conf using a valid GraphQL API definition with mTLS mandatory and no certificate + And I have a DCR application + And I have a valid Publisher access token + When the definition file "artifacts/definitions/schema_graphql.graphql" + When I use the Payload file "artifacts/payloads/mtls/graphql_with_mtls.json" + Then I make the import GraphQLAPI Creation request + Then the response status code should be 201 + And the response body should contain "GraphQLAPImTLS" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "TestApp" + Then the response status code should be 201 + And the response body should contain "TestApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ allHumans { name } }\"}" + And I eventually receive 401 response code, not accepting + | 200 | + | 429 | + | 500 | + + Scenario: Undeploy API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "TestApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "GraphQLAPImTLS" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + |200| + + Scenario: Deploying APK conf using a valid GraphQL API definition with OAuth2 mandatory mTLS optional + And I have a DCR application + And I have a valid Publisher access token + When the definition file "artifacts/definitions/schema_graphql.graphql" + When I use the Payload file "artifacts/payloads/mtls/graphql_with_mtls_optional_oauth2_mandatory.json" + Then I make the import GraphQLAPI Creation request + Then the response status code should be 201 + And the response body should contain "GraphQLAPImTLS" + And I have a client certificate "config-map-1.crt" + Then I update the API with mtls certificate data with the alias "mtls-test-configmap" + Then the response status code should be 201 + And make the API Revision Deployment request + Then the response status code should be 201 + And make the Change Lifecycle request + Then the response status code should be 200 + And I have a valid Devportal access token + And make the Application Creation request with the name "TestApp" + Then the response status code should be 201 + And the response body should contain "TestApp" + And I have a KeyManager + And make the Generate Keys request + Then the response status code should be 200 + And the response body should contain "consumerKey" + And the response body should contain "consumerSecret" + And make the Subscription request + Then the response status code should be 201 + And the response body should contain "Unlimited" + And I get "production" oauth keys for application + Then the response status code should be 200 + And make the Access Token Generation request for "production" + Then the response status code should be 200 + And the response body should contain "accessToken" + Then I set headers + | Authorization | Bearer ${accessToken} | + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ allHumans { name } }\"}" + And I eventually receive 200 response code, not accepting + | 429 | + | 500 | + And the response body should contain "\"name\":\"string\"" + Then I remove the header "X-WSO2-CLIENT-CERTIFICATE" + And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ allHumans { name } }\"}" + And I eventually receive 200 response code, not accepting + | 429 | + | 500 | + And the response body should contain "\"name\":\"string\"" + And I have a client certificate "invalid-cert.crt" + Then I set headers + | X-WSO2-CLIENT-CERTIFICATE | ${clientCertificate} | + And I send "POST" request to "https://default.gw.wso2.com:9095/graphql/3.14" with body "{\"query\":\"{ allHumans { name } }\"}" + And I eventually receive 401 response code, not accepting + | 429 | + | 500 | + + Scenario: Undeploy API + And I have a DCR application + And I have a valid Devportal access token + Then I delete the application "TestApp" from devportal + Then the response status code should be 200 + And I have a valid Publisher access token + Then I find the apiUUID of the API created with the name "GraphQLAPImTLS" + Then I undeploy the selected API + Then the response status code should be 200 + And I send "GET" request to "https://default.gw.wso2.com:9095/mtls/3.14/employee" with body "" + And I eventually receive 404 response code, not accepting + |200| +