From c0f43f4c1696f94d0f7af78dbbe0a366eb2ea2ec Mon Sep 17 00:00:00 2001 From: Pubudu Gunatilaka Date: Thu, 5 Oct 2023 17:18:47 +0530 Subject: [PATCH] Adding test cases for token issuer with environments --- build-apk.sh | 2 + test/cucumber-tests/CRs/artifacts.yaml | 48 +++++++++ test/cucumber-tests/scripts/setup-hosts.sh | 6 +- .../apk-confs/multi-env/employees_conf.yaml | 27 +++++ .../tests/api/MultiEnvironment.feature | 101 +++++++++++++++--- 5 files changed, 167 insertions(+), 17 deletions(-) create mode 100644 test/cucumber-tests/src/test/resources/artifacts/apk-confs/multi-env/employees_conf.yaml diff --git a/build-apk.sh b/build-apk.sh index d4b1c655f..ae3cbc247 100755 --- a/build-apk.sh +++ b/build-apk.sh @@ -14,6 +14,8 @@ cd gateway/router;./gradlew build; cd $current_dir; cd gateway/enforcer;./gradlew build; cd $current_dir; +cd common-controller;./gradlew build; +cd $current_dir; cd idp/idp-domain-service;./gradlew build; cd $current_dir; cd idp/idp-ui;./gradlew build; diff --git a/test/cucumber-tests/CRs/artifacts.yaml b/test/cucumber-tests/CRs/artifacts.yaml index a6d401c52..b969f7f78 100644 --- a/test/cucumber-tests/CRs/artifacts.yaml +++ b/test/cucumber-tests/CRs/artifacts.yaml @@ -578,6 +578,54 @@ spec: kind: Gateway name: default --- +kind: TokenIssuer +apiVersion: dp.wso2.com/v1alpha1 +metadata: + name: multi-env-token-issuer-all-envs + namespace: apk-integration-test +spec: + consumerKeyClaim: azp + issuer: https://idp1.com + name: idp-all-env + organization: org3 + scopesClaim: scope + environments: + - "*" + signatureValidation: + jwks: + url: "http://dynamic-backend-service:8080/idp1/jwks" + claimMappings: + - remoteClaim: "organization" + localClaim: "x-wso2-organization" + targetRef: + group: gateway.networking.k8s.io + kind: Gateway + name: default +--- +kind: TokenIssuer +apiVersion: dp.wso2.com/v1alpha1 +metadata: + name: multi-env-token-issuer-dev-env + namespace: apk-integration-test +spec: + consumerKeyClaim: azp + issuer: https://idp1.com + name: idp-dev-only + organization: org4 + scopesClaim: scope + environments: + - "dev" + signatureValidation: + jwks: + url: "http://dynamic-backend-service:8080/idp1/jwks" + claimMappings: + - remoteClaim: "organization" + localClaim: "x-wso2-organization" + targetRef: + group: gateway.networking.k8s.io + kind: Gateway + name: default +--- # We have removed the Envoy admin interface port from our helm gateway service yaml. So we need this one here. apiVersion: v1 kind: Service diff --git a/test/cucumber-tests/scripts/setup-hosts.sh b/test/cucumber-tests/scripts/setup-hosts.sh index 6086aac7d..61f83455c 100644 --- a/test/cucumber-tests/scripts/setup-hosts.sh +++ b/test/cucumber-tests/scripts/setup-hosts.sh @@ -12,8 +12,12 @@ sudo echo "$IP api.am.wso2.com" | sudo tee -a /etc/hosts sudo echo "$IP default.gw.wso2.com" | sudo tee -a /etc/hosts sudo echo "$IP org1.gw.wso2.com" | sudo tee -a /etc/hosts sudo echo "$IP org2.gw.wso2.com" | sudo tee -a /etc/hosts +sudo echo "$IP org3.gw.wso2.com" | sudo tee -a /etc/hosts +sudo echo "$IP org4.gw.wso2.com" | sudo tee -a /etc/hosts sudo echo "$IP default.sandbox.gw.wso2.com" | sudo tee -a /etc/hosts -sudo echo "$IP default-qa.gw.wso2.com" | sudo tee -a /etc/hosts sudo echo "$IP default-dev.gw.wso2.com" | sudo tee -a /etc/hosts +sudo echo "$IP org3-qa.gw.wso2.com" | sudo tee -a /etc/hosts +sudo echo "$IP org4-qa.gw.wso2.com" | sudo tee -a /etc/hosts +sudo echo "$IP org4-dev.gw.wso2.com" | sudo tee -a /etc/hosts sudo echo "255.255.255.255 broadcasthost" | sudo tee -a /etc/hosts sudo echo "::1 localhost" | sudo tee -a /etc/hosts diff --git a/test/cucumber-tests/src/test/resources/artifacts/apk-confs/multi-env/employees_conf.yaml b/test/cucumber-tests/src/test/resources/artifacts/apk-confs/multi-env/employees_conf.yaml new file mode 100644 index 000000000..190a9fd33 --- /dev/null +++ b/test/cucumber-tests/src/test/resources/artifacts/apk-confs/multi-env/employees_conf.yaml @@ -0,0 +1,27 @@ +--- +name: "EmployeeServiceAPIDev" +basePath: "/withoutenv" +version: "3.14" +id: "without-env-api" +type: "REST" +defaultVersion: false +endpointConfigurations: + production: + endpoint: "http://backend:80/anything" +operations: + - target: "/employee" + verb: "GET" + secured: true + scopes: [] + - target: "/employee" + verb: "POST" + secured: true + scopes: [] + - target: "/employee/{employeeId}" + verb: "PUT" + secured: true + scopes: [] + - target: "/employee/{employeeId}" + verb: "DELETE" + secured: true + scopes: [] diff --git a/test/cucumber-tests/src/test/resources/tests/api/MultiEnvironment.feature b/test/cucumber-tests/src/test/resources/tests/api/MultiEnvironment.feature index 614178a4d..d57664c83 100644 --- a/test/cucumber-tests/src/test/resources/tests/api/MultiEnvironment.feature +++ b/test/cucumber-tests/src/test/resources/tests/api/MultiEnvironment.feature @@ -1,37 +1,106 @@ Feature: Deploy APIs in multiple environments - Scenario: Deploying an API in Dev Environment for Organization, test123 + Scenario: Deploying an API without specifing an Environment and token issuer has no environments. Given The system is ready And I have a valid subscription - When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_dev.yaml" + When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf.yaml" And the definition file "artifacts/definitions/employees_api.json" And make the API deployment request Then the response status code should be 200 Then I set headers |Authorization|bearer ${accessToken}| - And I send "GET" request to "https://default-dev.gw.wso2.com:9095/multienv/3.14/employee/" with body "" + And I send "GET" request to "https://default.gw.wso2.com:9095/withoutenv/3.14/employee/" with body "" + And I eventually receive 200 response code, not accepting + |429| + When I undeploy the API whose ID is "without-env-api" + Then the response status code should be 202 + + Scenario: Deploying an API without specifing an Environment and token issuer has all(*) environments. + Given The system is ready + And I have a valid token for organization "org3" + When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf.yaml" + And the definition file "artifacts/definitions/employees_api.json" + And make the API deployment request for organization "org3" + Then the response status code should be 200 + Then I set headers + |Authorization|bearer ${org3}| + And I send "GET" request to "https://org3.gw.wso2.com:9095/withoutenv/3.14/employee/" with body "" And I eventually receive 200 response code, not accepting |429| - - Scenario: Deploying the same API in QA Environment for Organization, test123 + When I undeploy the API whose ID is "without-env-api" and organization "org3" + Then the response status code should be 202 + + Scenario: Deploying an API without specifing an Environment and token issuer has only dev environment. + Given The system is ready + And I have a valid token for organization "org4" + When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf.yaml" + And the definition file "artifacts/definitions/employees_api.json" + And make the API deployment request for organization "org4" + Then the response status code should be 200 + Then I set headers + |Authorization|bearer ${org4}| + And I send "GET" request to "https://org4.gw.wso2.com:9095/withoutenv/3.14/employee/" with body "" + And I eventually receive 401 response code, not accepting + |200| + When I undeploy the API whose ID is "without-env-api" and organization "org4" + Then the response status code should be 202 + + Scenario: Deploying an API in Dev environment and token issuer has no environments. Given The system is ready And I have a valid subscription - When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_qa.yaml" + When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_dev.yaml" And the definition file "artifacts/definitions/employees_api.json" And make the API deployment request Then the response status code should be 200 Then I set headers |Authorization|bearer ${accessToken}| - And I send "GET" request to "https://default-qa.gw.wso2.com:9095/multienv/3.14/employee/" with body "" + And I send "GET" request to "https://default-dev.gw.wso2.com:9095/multienv/3.14/employee/" with body "" And I eventually receive 200 response code, not accepting |429| - - Scenario Outline: Undeploy API + When I undeploy the API whose ID is "multi-env-dev-api" + Then the response status code should be 202 + + Scenario: Deploying an API in QA environment and token issuer has all(*) environments. Given The system is ready - And I have a valid subscription - When I undeploy the API whose ID is "" - Then the response status code should be + And I have a valid token for organization "org3" + When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_qa.yaml" + And the definition file "artifacts/definitions/employees_api.json" + And make the API deployment request for organization "org3" + Then the response status code should be 200 + Then I set headers + |Authorization|bearer ${org3}| + And I send "GET" request to "https://org3-qa.gw.wso2.com:9095/multienv/3.14/employee/" with body "" + And I eventually receive 200 response code, not accepting + |401| + When I undeploy the API whose ID is "multi-env-qa-api" and organization "org3" + Then the response status code should be 202 + + Scenario: Deploying an API in QA environment and token issuer has only Dev environment. + Given The system is ready + And I have a valid token for organization "org4" + When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_qa.yaml" + And the definition file "artifacts/definitions/employees_api.json" + And make the API deployment request for organization "org4" + Then the response status code should be 200 + Then I set headers + |Authorization|bearer ${org4}| + And I send "GET" request to "https://org4-qa.gw.wso2.com:9095/multienv/3.14/employee/" with body "" + And I eventually receive 401 response code, not accepting + |200| + When I undeploy the API whose ID is "multi-env-qa-api" and organization "org4" + Then the response status code should be 202 - Examples: - | apiID | expectedStatusCode | - | multi-env-dev-api | 202 | - | multi-env-qa-api | 202 | + Scenario: Deploying an API in Dev environment and token issuer has only Dev environment. + Given The system is ready + And I have a valid token for organization "org4" + When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_dev.yaml" + And the definition file "artifacts/definitions/employees_api.json" + And make the API deployment request for organization "org4" + Then the response status code should be 200 + Then I set headers + |Authorization|bearer ${org4}| + And I send "GET" request to "https://org4-dev.gw.wso2.com:9095/multienv/3.14/employee/" with body "" + And I eventually receive 200 response code, not accepting + |401| + When I undeploy the API whose ID is "multi-env-dev-api" and organization "org4" + Then the response status code should be 202 + \ No newline at end of file