update asapo cli and tests

63a21e19 · Sergey Yakubov · 5a513e81 · 63a21e19 · 63a21e19 · 63a21e19
Commit 63a21e19 authored 4 years ago by Sergey Yakubov
--- a/CMakeModules/prepare_asapo.cmake
+++ b/CMakeModules/prepare_asapo.cmake
@@ -50,6 +50,7 @@ function(prepare_asapo)
    configure_file(${CMAKE_SOURCE_DIR}/tests/automatic/settings/broker_settings.json.tpl broker.json.tpl COPYONLY)
    configure_file(${CMAKE_SOURCE_DIR}/tests/automatic/settings/file_transfer_settings.json.tpl file_transfer.json.tpl COPYONLY)
    configure_file(${CMAKE_SOURCE_DIR}/tests/automatic/settings/auth_secret.key auth_secret.key COPYONLY)
+    configure_file(${CMAKE_SOURCE_DIR}/tests/automatic/settings/admin_token.key admin_token.key COPYONLY)
    configure_file(${CMAKE_SOURCE_DIR}/tests/automatic/settings/auth_secret_admin.key auth_secret_admin.key COPYONLY)
    configure_file(${CMAKE_SOURCE_DIR}/tests/automatic/settings/nginx.conf.tpl nginx.conf.tpl COPYONLY)
    configure_file(${CMAKE_SOURCE_DIR}/config/nomad/nginx.nmd.in nginx.nmd @ONLY)

--- a/asapo_tools/src/asapo_tools/cli/command_test.go
+++ b/asapo_tools/src/asapo_tools/cli/command_test.go
@@ -10,7 +10,7 @@ var CommandTests = []struct {
 	cmd    command
 	answer string
 }{
-	{command{"token", []string{"-secret", "secret_file", "beamtime"}}, "secret"},
+	{command{"token", []string{"-secret", "secret_file","-type","read","-endpoint","bla", "beamtime"}}, "secret"},
 	{command{"dummy", []string{"description"}}, "wrong"},
 }

@@ -22,7 +22,6 @@ func TestCommand(t *testing.T) {
 		err := DoCommand(test.cmd.name, test.cmd.args)
 		assert.Contains(t, err.Error(), test.answer, "")
 		assert.NotNil(t, err, "Should be error")
-
 	}

 }

--- a/asapo_tools/src/asapo_tools/cli/token.go
+++ b/asapo_tools/src/asapo_tools/cli/token.go
 package cli

 import (
+	"asapo_common/utils"
+	"asapo_tools/rest_client"
+	"bytes"
+	"encoding/json"
 	"errors"
-	"os"
 	"fmt"
-	"asapo_common/utils"
+	"io"
+	"net/http"
+	"os"
 )

 type tokenFlags struct {
-	Name       string
-	SecretFile string
+	Name         string
+	Endpoint     string
+	AccessType   string
+	SecretFile   string
+	TokenDetails bool
 }

-func generateToken(id string,secret string) string {
-	hmac := utils.NewHMACAuth(secret)
-	token,err := hmac.GenerateToken(&id)
-
-	if (err!=nil) {
-		fmt.Println(err.Error())
-	}
-	return token
+type tokenRequest struct {
+	Subject    map[string]string
+	DaysValid  int
+	AccessType string
 }

+func generateToken(flags tokenFlags, secret string) string {
+	//	hmac := utils.NewHMACAuth(secret)
+	//	token,err := hmac.GenerateToken(&id)
+
+	//	if (err!=nil) {
+	//		fmt.Println(err.Error())
+	//	}
+	//	return token
+	return ""
+}

-// GenerateToken generates token for consumers
+// CommandToken receives token from authorization server
 func (cmd *command) CommandToken() error {

 	message_string := "Generate token"
@@ -38,21 +52,64 @@ func (cmd *command) CommandToken() error {
 	}

 	secret, err := utils.ReadFirstStringFromFile(flags.SecretFile)
-	if err !=nil  {
+	if err != nil {
 		return err
 	}

-	fmt.Fprintf(outBuf, "%s\n", generateToken(flags.Name,secret))
+	request := tokenRequest{
+		Subject:    map[string]string{"beamtimeId": flags.Name},
+		DaysValid:  180,
+		AccessType: flags.AccessType,
+	}
+	json_data, _ := json.Marshal(request)
+	path := flags.Endpoint + "/admin/issue"

-	return nil
-}
+	req, err := http.NewRequest("POST", path, bytes.NewBuffer(json_data))
+	if err != nil {
+		return err
+	}
+	req.Header.Add("Content-Type", "application/json")
+	req.Header.Add("Authorization", "Bearer "+secret)

+	resp, err := rest_client.Client.Do(req)
+	if err != nil {
+		return err
+	}
+	defer resp.Body.Close()
+
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return err
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return errors.New("returned " + resp.Status + ": " + string(body))
+	}
+
+	if flags.TokenDetails {
+		fmt.Fprintf(outBuf, "%s\n", string(body))
+		return nil
+	}
+
+	token := struct {
+		Token string
+	}{}
+
+	err = json.Unmarshal(body, &token)
+	if err == nil {
+		fmt.Fprintf(outBuf, "%s\n", token.Token)
+	}
+	return err
+}

 func (cmd *command) parseTokenFlags(message_string string) (tokenFlags, error) {

 	var flags tokenFlags
 	flagset := cmd.createDefaultFlagset(message_string, "<token_body>")
 	flagset.StringVar(&flags.SecretFile, "secret", "", "path to file with secret")
+	flagset.StringVar(&flags.AccessType, "type", "", "access type")
+	flagset.StringVar(&flags.Endpoint, "endpoint", "", "asapo endpoint")
+	flagset.BoolVar(&flags.TokenDetails, "token-details", false, "output token details")

 	flagset.Parse(cmd.args)

@@ -70,6 +127,13 @@ func (cmd *command) parseTokenFlags(message_string string) (tokenFlags, error) {
 		return flags, errors.New("secret file missed ")
 	}

+	if flags.Endpoint == "" {
+		return flags, errors.New("endpoint missed ")
+	}
+
+	if flags.AccessType != "read" && flags.AccessType != "write" {
+		return flags, errors.New("incorrect or missed token access type ")
+	}

 	return flags, nil


--- a/asapo_tools/src/asapo_tools/cli/token_test.go
+++ b/asapo_tools/src/asapo_tools/cli/token_test.go
 package cli

 import (
+	"asapo_tools/mocks"
+	"asapo_tools/rest_client"
+	"encoding/json"
+	"fmt"
+	"net/http"
 	"testing"

-	"github.com/stretchr/testify/assert"
 	"bytes"
+	"github.com/stretchr/testify/assert"
 	"io/ioutil"
 	"os"
 )

 var tokenTests = []struct {
 	cmd      command
-	answer string
+	ok bool
 	msg  string
 }{
-	{command{args: []string{"beamtime_id"}},  "secret", "no secret parameter"},
-	{command{args: []string{"-secret","secret.tmp"}},  "payload", "no file"},
-	{command{args: []string{"-secret","not_existing_file","payload"}},  "not_existing_file", "no file"},
-	{command{args: []string{"-secret","secret.tmp","beamtime_id"}},  "eodk3s5ZXwACLGyVA63MZYcOTWuWE4bceI9Vxl9zejI=", "ok"},
+	{command{args: []string{"beamtime_id"}},  false, "no secret parameter"},
+	{command{args: []string{"-secret","secret.tmp"}},  false, "no file"},
+	{command{args: []string{"-secret","not_existing_file","payload"}},  false, "no file"},
+	{command{args: []string{"-secret","secret.tmp","beamtime_id"}},  false, "type is missing"},
+	{command{args: []string{"-secret","secret.tmp","-type","read","beamtime_id"}},  false, "endpoint is missing"},
+	{command{args: []string{"-secret","secret.tmp","-type","read","-endpoint","endpoint","-token-details","beamtime_id"}},  true, "ok"},
 }

 func TestParseTokenFlags(t *testing.T) {

 	ioutil.WriteFile("secret.tmp", []byte("secret"), 0644)
 	outBuf = new(bytes.Buffer)
+
+	rest_client.Client = &mocks.MockClient{}
+
+
+	mocks.DoFunc = func(req *http.Request) (*http.Response, error) {
+		json := `{"Token":"blabla","Uri":"`+req.URL.Path+`"}`
+		r := ioutil.NopCloser(bytes.NewReader([]byte(json)))
+
+		return &http.Response{
+			StatusCode: 200,
+			Body:       r,
+		}, nil
+	}
+
 	for _, test := range tokenTests {
 		err := test.cmd.CommandToken()
-		if err == nil {
-			assert.Contains(t, outBuf.(*bytes.Buffer).String(), test.answer, test.msg)
+		if test.ok {
+			assert.Nil(t, err, test.msg)
+			resp := struct {
+				Token string
+				Uri string
+			}{}
+			err := json.Unmarshal(outBuf.(*bytes.Buffer).Bytes(),&resp)
+			fmt.Println(err)
+			assert.Equal(t,  "blabla", resp.Token,test.msg)
+			assert.Equal(t, "endpoint/admin/issue",resp.Uri, test.msg)
 		} else {
-			assert.Contains(t, err.Error(), test.answer, test.msg)
+			assert.NotNil(t, err, test.msg)
 		}

 	}

--- a/asapo_tools/src/asapo_tools/main/asapo.go
+++ b/asapo_tools/src/asapo_tools/main/asapo.go
 package main

 import (
+	"asapo_tools/rest_client"
 	"flag"
 	"fmt"
+	"net/http"
 	"os"
 	"asapo_common/version"
 	"asapo_tools/cli"
@@ -20,6 +22,8 @@ func main() {

 	flag.Parse()

+	rest_client.Client = &http.Client{}
+
 	if *flHelp || flag.NArg() == 0 {
 		flag.Usage()
 		cli.PrintAllCommands()

--- a/asapo_tools/src/asapo_tools/mocks/mock_client.go
+++ b/asapo_tools/src/asapo_tools/mocks/mock_client.go
+package mocks
+
+import "net/http"
+
+type MockClient struct {
+	DoFunc func(req *http.Request) (*http.Response, error)
+}
+
+func (m *MockClient) Do(req *http.Request) (*http.Response, error) {
+	return DoFunc(req)
+}
+
+var DoFunc func(req *http.Request) (*http.Response, error)
--- a/asapo_tools/src/asapo_tools/rest_client/rest_client.go
+++ b/asapo_tools/src/asapo_tools/rest_client/rest_client.go
+package rest_client
+
+import "net/http"
+
+type HTTPClient interface {
+	Do(req *http.Request) (*http.Response, error)
+}
+
+var Client HTTPClient
--- a/authorizer/src/asapo_authorizer/server/issue_token.go
+++ b/authorizer/src/asapo_authorizer/server/issue_token.go
@@ -27,7 +27,7 @@ func extractUserTokenrequest(r *http.Request) (request authorization.TokenReques
 	}

 	if request.AccessType != "read" && request.AccessType != "write" {
-		return request, errors.New("wrong access type " + request.AccessType)
+		return request, errors.New("wrong access type: " + request.AccessType)
 	}

 	return request, nil

--- a/examples/pipeline/in_to_out/check_linux.sh
+++ b/examples/pipeline/in_to_out/check_linux.sh
@@ -10,7 +10,8 @@ indatabase_name=${beamtime_id}_${data_source_in}
 outdatabase_name=${beamtime_id}_${data_source_out}
 outdatabase_name2=${beamtime_id}_${data_source_out2}

-token=IEfwsWa0GXky2S3MkxJSUHJT1sI8DD5teRdjBUXVRxk=
+#asapo_test read token
+token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJjMTRhcDQzaXB0M2E0bmNpMDkwMCIsInN1YiI6ImJ0X2FzYXBvX3Rlc3QiLCJFeHRyYUNsYWltcyI6eyJBY2Nlc3NUeXBlIjoicmVhZCJ9fQ.X5Up3PBd81i4X7wUBXGkIrLEVSL-WO9kijDtzOqasgg

 beamline=test
 receiver_root_folder=/tmp/asapo/receiver/files

--- a/examples/pipeline/in_to_out/check_windows.bat
+++ b/examples/pipeline/in_to_out/check_windows.bat
@@ -8,7 +8,7 @@ SET indatabase_name=%beamtime_id%_%data_source_in%
 SET outdatabase_name=%beamtime_id%_%data_source_out%
 SET outdatabase_name2=%beamtime_id%_%data_source_out2%

-SET token=IEfwsWa0GXky2S3MkxJSUHJT1sI8DD5teRdjBUXVRxk=
+SET token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJjMTRhcDQzaXB0M2E0bmNpMDkwMCIsInN1YiI6ImJ0X2FzYXBvX3Rlc3QiLCJFeHRyYUNsYWltcyI6eyJBY2Nlc3NUeXBlIjoicmVhZCJ9fQ.X5Up3PBd81i4X7wUBXGkIrLEVSL-WO9kijDtzOqasgg

 SET beamline=test


--- a/examples/pipeline/in_to_out_python/check_linux.sh
+++ b/examples/pipeline/in_to_out_python/check_linux.sh
@@ -12,7 +12,8 @@ nthreads=4
 indatabase_name=${beamtime_id}_${data_source_in}
 outdatabase_name=${beamtime_id}_${data_source_out}

-token=IEfwsWa0GXky2S3MkxJSUHJT1sI8DD5teRdjBUXVRxk=
+#asapo_test read token
+token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJjMTRhcDQzaXB0M2E0bmNpMDkwMCIsInN1YiI6ImJ0X2FzYXBvX3Rlc3QiLCJFeHRyYUNsYWltcyI6eyJBY2Nlc3NUeXBlIjoicmVhZCJ9fQ.X5Up3PBd81i4X7wUBXGkIrLEVSL-WO9kijDtzOqasgg

 beamline=test
 receiver_root_folder=/tmp/asapo/receiver/files

--- a/examples/pipeline/in_to_out_python/check_windows.bat
+++ b/examples/pipeline/in_to_out_python/check_windows.bat
@@ -6,7 +6,7 @@ SET data_source_out=simulation
 SET indatabase_name=%beamtime_id%_%data_source_in%
 SET outdatabase_name=%beamtime_id%_%data_source_out%

-SET token=IEfwsWa0GXky2S3MkxJSUHJT1sI8DD5teRdjBUXVRxk=
+SET token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJjMTRhcDQzaXB0M2E0bmNpMDkwMCIsInN1YiI6ImJ0X2FzYXBvX3Rlc3QiLCJFeHRyYUNsYWltcyI6eyJBY2Nlc3NUeXBlIjoicmVhZCJ9fQ.X5Up3PBd81i4X7wUBXGkIrLEVSL-WO9kijDtzOqasgg

 SET beamline=test


--- a/receiver/src/request_handler/request_handler_authorize.cpp
+++ b/receiver/src/request_handler/request_handler_authorize.cpp
@@ -28,7 +28,7 @@ Error RequestHandlerAuthorize::ErrorFromAuthorizationServerResponse(const Error&

 Error CheckAccessType(const std::string& access_type) {
    if (access_type!="write") {
-        return asapo::ReceiverErrorTemplates::kAuthorizationFailure.Generate("wrong access type " + access_type);
+        return asapo::ReceiverErrorTemplates::kAuthorizationFailure.Generate("wrong access type: " + access_type);
    }
    return nullptr;
 }

--- a/tests/automatic/broker/check_monitoring/check_linux.sh
+++ b/tests/automatic/broker/check_monitoring/check_linux.sh
@@ -16,7 +16,8 @@ Cleanup() {
 ! influx -execute "drop database ${database_name}"


-token=`$2 token -secret auth_secret.key data`
+token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MzA5MzU3NjgsImp0aSI6ImMxNGNwbTNpcHQzZGRrbnFwYm9nIiwic3ViIjoiYnRfZGF0YSIsIkV4dHJhQ2xhaW1zIjp7IkFjY2Vzc1R5cGUiOiJyZWFkIn19.Jnhmj2i8zUbTzlmRCo6CUkqkD_FdyMxfNj_PztmnN-0
+

 $1 -config settings.json &


--- a/tests/automatic/broker/get_last/check_linux.sh
+++ b/tests/automatic/broker/get_last/check_linux.sh
@@ -16,7 +16,7 @@ Cleanup() {
 echo "db.data_${stream}.insert({"_id":2})" | mongo ${database_name}
 echo "db.data_${stream}.insert({"_id":1})" | mongo ${database_name}

-token=`$2 token -secret auth_secret.key data`
+token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MzA5MzU3NjgsImp0aSI6ImMxNGNwbTNpcHQzZGRrbnFwYm9nIiwic3ViIjoiYnRfZGF0YSIsIkV4dHJhQ2xhaW1zIjp7IkFjY2Vzc1R5cGUiOiJyZWFkIn19.Jnhmj2i8zUbTzlmRCo6CUkqkD_FdyMxfNj_PztmnN-0

 $1 -config settings.json &


--- a/tests/automatic/broker/get_last/check_windows.bat
+++ b/tests/automatic/broker/get_last/check_windows.bat
@@ -7,8 +7,7 @@ echo db.data_default.insert({"_id":2}) | %mongo_exe% %database_name%  || goto :e
 set full_name="%1"
 set short_name="%~nx1"

-"%2" token -secret auth_secret.key data > token
-set /P token=< token
+set token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MzA5MzU3NjgsImp0aSI6ImMxNGNwbTNpcHQzZGRrbnFwYm9nIiwic3ViIjoiYnRfZGF0YSIsIkV4dHJhQ2xhaW1zIjp7IkFjY2Vzc1R5cGUiOiJyZWFkIn19.Jnhmj2i8zUbTzlmRCo6CUkqkD_FdyMxfNj_PztmnN-0

 start /B "" "%full_name%" -config settings.json
 ping 192.0.2.1 -n 1 -w 1000 > nul
@@ -44,5 +43,4 @@ exit /b 1
 :clean
 Taskkill /IM "%short_name%" /F
 echo db.dropDatabase() | %mongo_exe% %database_name%
-del /f token
 del /f groupid
\ No newline at end of file
--- a/tests/automatic/broker/get_meta/check_linux.sh
+++ b/tests/automatic/broker/get_meta/check_linux.sh
@@ -14,7 +14,7 @@ Cleanup() {

 echo 'db.meta.insert({"_id":0,"data":"test"})' | mongo ${database_name}

-token=`$2 token -secret auth_secret.key test`
+token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MzA5MzU5MDEsImp0aSI6ImMxNGNxbmJpcHQzZGY2bDRvNHIwIiwic3ViIjoiYnRfdGVzdCIsIkV4dHJhQ2xhaW1zIjp7IkFjY2Vzc1R5cGUiOiJyZWFkIn19.D71Gv2AwSPIEkaeejWXs70sSoQzvKDonrTmtPk2J9AI

 $1 -config settings.json &


--- a/tests/automatic/broker/get_meta/check_windows.bat
+++ b/tests/automatic/broker/get_meta/check_windows.bat
@@ -6,8 +6,7 @@ echo db.meta.insert({"_id":0}) | %mongo_exe% %database_name%  || goto :error
 set full_name="%1"
 set short_name="%~nx1"

-"%2" token -secret auth_secret.key data > token
-set /P token=< token
+set token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MzA5MzU5MDEsImp0aSI6ImMxNGNxbmJpcHQzZGY2bDRvNHIwIiwic3ViIjoiYnRfdGVzdCIsIkV4dHJhQ2xhaW1zIjp7IkFjY2Vzc1R5cGUiOiJyZWFkIn19.D71Gv2AwSPIEkaeejWXs70sSoQzvKDonrTmtPk2J9AI

 start /B "" "%full_name%" -config settings.json

@@ -26,5 +25,4 @@ exit /b 1
 :clean
 Taskkill /IM "%short_name%" /F
 echo db.dropDatabase() | %mongo_exe% %database_name%
-del /f token
 del /f groupid
\ No newline at end of file
--- a/tests/automatic/broker/get_next/check_linux.sh
+++ b/tests/automatic/broker/get_next/check_linux.sh
@@ -16,7 +16,7 @@ Cleanup() {
 echo "db.data_${stream}.insert({"_id":2})" | mongo ${database_name}
 echo "db.data_${stream}.insert({"_id":1})" | mongo ${database_name}

-token=`$2 token -secret auth_secret.key data`
+token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MzA5MzU5MDEsImp0aSI6ImMxNGNxbmJpcHQzZGY2bDRvNHIwIiwic3ViIjoiYnRfdGVzdCIsIkV4dHJhQ2xhaW1zIjp7IkFjY2Vzc1R5cGUiOiJyZWFkIn19.D71Gv2AwSPIEkaeejWXs70sSoQzvKDonrTmtPk2J9AI

 $1 -config settings.json &


--- a/tests/automatic/broker/get_next/check_windows.bat
+++ b/tests/automatic/broker/get_next/check_windows.bat
@@ -7,8 +7,7 @@ echo db.data_default.insert({"_id":2}) | %mongo_exe% %database_name%  || goto :e
 set full_name="%1"
 set short_name="%~nx1"

-"%2" token -secret auth_secret.key data > token
-set /P token=< token
+set token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MzA5MzU5MDEsImp0aSI6ImMxNGNxbmJpcHQzZGY2bDRvNHIwIiwic3ViIjoiYnRfdGVzdCIsIkV4dHJhQ2xhaW1zIjp7IkFjY2Vzc1R5cGUiOiJyZWFkIn19.D71Gv2AwSPIEkaeejWXs70sSoQzvKDonrTmtPk2J9AI

 start /B "" "%full_name%" -config settings.json