class SecretTestCase(CmdLineTestCase):
def setUp(self):
super(SecretTestCase, self).setUp()
self.secret_behaviors = SecretBehaviors()
self.expected_payload = "Top secret payload for secret smoke tests"
self.payload_content_type = "text/plain"
def tearDown(self):
super(SecretTestCase, self).tearDown()
self.secret_behaviors.delete_all_created_secrets()
@utils.parameterized_dataset({
'symmetric': [
'symmetric', 'aes', '128',
('\x00\x01\x02\x03\x04\x05\x06\x07'
'\x00\x01\x02\x03\x04\x05\x06\x07')
],
'private': ['private', 'rsa', '2048',
keys.get_private_key_pem()],
'public': ['public', 'rsa', '2048',
keys.get_public_key_pem()],
'certificate':
['certificate', 'rsa', '2048',
keys.get_certificate_pem()],
'opaque':
['opaque', None, None, (b'\x00\x01\x02\x03\x04\x05\x06\x07')],
'passphrase': ['passphrase', None, None,
keys.get_passphrase_txt()],
})
@testcase.attr('positive')
def test_secret_store_with_secret_type(self, secret_type, algorithm,
bit_length, secret):
payload = secret
secret_argv = ['--secret-type', secret_type]
if algorithm:
secret_argv.extend(['--algorithm', algorithm])
if bit_length:
secret_argv.extend(['--bit-length', bit_length])
secret_href = self.secret_behaviors.store_secret(payload, secret_argv)
self.assertIsNotNone(secret_href)
secret = self.secret_behaviors.get_secret(secret_href)
self.assertEqual(secret_href, secret['Secret href'])
@testcase.attr('positive')
def test_secret_store(self):
secret_href = self.secret_behaviors.store_secret()
self.assertIsNotNone(secret_href)
secret = self.secret_behaviors.get_secret(secret_href)
self.assertEqual(secret_href, secret['Secret href'])
@testcase.attr('positive')
def test_secret_update(self):
secret_href = self.secret_behaviors.store_secret(payload=None)
payload = 'time for an ice cold!!!'
self.assertIsNotNone(secret_href)
self.secret_behaviors.update_secret(secret_href, payload)
payload_update = self.secret_behaviors.get_secret_payload(secret_href)
self.assertEqual(payload, payload_update)
@testcase.attr('positive')
def test_secret_list(self):
secrets_to_create = 10
for _ in range(secrets_to_create):
self.secret_behaviors.store_secret()
secret_list = self.secret_behaviors.list_secrets()
self.assertGreaterEqual(len(secret_list), secrets_to_create)
@testcase.attr('positive')
def test_secret_delete(self):
secret_href = self.secret_behaviors.store_secret()
self.secret_behaviors.delete_secret(secret_href)
secret = self.secret_behaviors.get_secret(secret_href)
self.assertEqual(0, len(secret))
@testcase.attr('positive')
def test_secret_get(self):
secret_href = self.secret_behaviors.store_secret()
secret = self.secret_behaviors.get_secret(secret_href)
self.assertIsNotNone(secret)
@testcase.attr('positive')
def test_secret_get_payload(self):
secret_href = self.secret_behaviors.store_secret(
payload=self.expected_payload)
payload = self.secret_behaviors.get_secret_payload(secret_href)
self.assertEqual(payload, self.expected_payload)
@testcase.attr('positive')
def test_secret_get_raw_payload(self):
secret_href = self.secret_behaviors.store_secret(
payload=self.expected_payload)
payload = self.secret_behaviors.get_secret_payload(secret_href,
raw=True)
self.assertEqual(payload, self.expected_payload)
@testcase.attr('positive')
def test_secret_file_parameter_read(self):
secret_href = self.secret_behaviors.store_secret(
payload=self.expected_payload)
self.secret_behaviors.get_secret_file(secret_href=secret_href)
payload = self.secret_behaviors.read_secret_test_file()
self.assertEqual(payload, self.expected_payload)
@testcase.attr('positive')
def test_secret_file_parameter_write(self):
self.secret_behaviors.write_secret_test_file(
payload=self.expected_payload)
secret_href = self.secret_behaviors.store_secret_file()
payload = self.secret_behaviors.get_secret_payload(secret_href)
self.assertEqual(payload, self.expected_payload)
class SecretsTestCase(base.TestCase):
def setUp(self):
super(SecretsTestCase, self).setUp()
self.behaviors = secret_behaviors.SecretBehaviors(self.barbicanclient)
def tearDown(self):
self.behaviors.delete_all_created_secrets()
super(SecretsTestCase, self).tearDown()
@testcase.attr('positive')
def test_create_secret_defaults(self):
"""Creates a secret with default values"""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
@testcase.attr('positive')
@utils.parameterized_dataset({
'symmetric': [
'symmetric', 'aes', 128,
('\x00\x01\x02\x03\x04\x05\x06\x07'
'\x00\x01\x02\x03\x04\x05\x06\x07')
],
'private': ['private', 'rsa', 2048,
keys.get_private_key_pem()],
'public': ['public', 'rsa', 2048,
keys.get_public_key_pem()],
'certificate':
['certificate', 'rsa', 2048,
keys.get_certificate_pem()],
'opaque':
['opaque', None, None, (b'\x00\x01\x02\x03\x04\x05\x06\x07')],
'passphrase': ['passphrase', None, None,
keys.get_passphrase_txt()],
})
def test_create_secret_with_type(self, secret_type, algorithm, bit_length,
secret):
"""Creates a secret with default values"""
secret_data = secret_create_defaults_data
secret_data['secret_type'] = secret_type
secret_data['algorithm'] = algorithm
secret_data['bit_length'] = bit_length
secret_data['payload'] = base64.b64encode(secret)
test_model = self.behaviors.create_secret(secret_create_defaults_data)
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
@testcase.attr('positive')
def test_secret_create_defaults_no_expiration(self):
"""Covers creating a secret without an expiration."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.expiration = None
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
@testcase.attr('positive')
def test_secret_delete_defaults(self):
"""Covers deleting a secret."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
secret_ref = self.behaviors.store_secret(test_model)
del_response = self.behaviors.delete_secret(secret_ref)
self.assertIsNone(del_response)
@testcase.attr('positive')
def test_secret_delete_minimal_secret_w_no_metadata(self):
"""Covers deleting a secret with nones data."""
test_model = self.behaviors.create_secret(secret_create_nones_data)
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
del_resp = self.behaviors.delete_secret(secret_ref)
self.assertIsNone(del_resp)
@testcase.attr('positive')
def test_secret_get_defaults_payload(self):
"""Covers getting a secret's payload data."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
secret_ref = self.behaviors.store_secret(test_model)
get_resp = self.behaviors.get_secret(secret_ref)
self.assertEqual(test_model.payload, get_resp.payload)
@testcase.attr('positive')
def test_secrets_get_defaults_multiple_secrets(self):
"""Covers getting a list of secrets.
Creates 11 secrets then returns a list of 5 secrets
"""
limit = 5
offset = 5
total = 10
for i in range(0, total + 1):
test_model = self.behaviors.create_secret(
secret_create_defaults_data)
self.behaviors.store_secret(test_model)
secret_list = self.behaviors.get_secrets(limit=limit, offset=offset)
self.assertEqual(len(secret_list), limit)
class SecretsTestCase(base.TestCase):
def setUp(self):
super(SecretsTestCase, self).setUp()
self.cleanup = cleanup.CleanUp(self.barbicanclient)
def tearDown(self):
self.cleanup.delete_all_entities()
super(SecretsTestCase, self).tearDown()
@testcase.attr('positive')
def test_secret_create_defaults_check_content_types(self):
"""Check that set content-type attribute is retained in metadata."""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret_ref = self.cleanup.add_entity(secret)
self.assertIsNotNone(secret_ref)
resp = self.barbicanclient.secrets.get(secret_ref)
content_types = resp.content_types
self.assertIsNotNone(content_types)
self.assertIn('default', content_types)
self.assertEqual('application/octet-stream', content_types['default'])
@testcase.attr('positive')
def test_secret_create_defaults_non_standard_algorithm(self):
"""Create a secret with a non standard algorithm.
Currently the client will accept any string for the algorithm.
"""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.algorithm = "not-an-algorithm"
secret_ref = self.cleanup.add_entity(secret)
self.assertIsNotNone(secret_ref)
resp = self.barbicanclient.secrets.get(secret_ref)
self.assertEqual(secret.algorithm, resp.algorithm)
@testcase.attr('positive')
def test_secret_read_with_acls(self):
"""Access default ACL settings data on recently created secret.
By default, 'read' ACL settings are there for a secret.
"""
test_model = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret_ref = self.cleanup.add_entity(test_model)
self.assertIsNotNone(secret_ref)
secret_entity = self.barbicanclient.secrets.get(secret_ref)
self.assertIsNotNone(secret_entity.acls)
self.assertIsNotNone(secret_entity.acls.read)
self.assertEqual([], secret_entity.acls.read.users)
@testcase.attr('positive')
def test_secret_create_defaults_non_standard_mode(self):
"""Create a secret with a non standard mode.
Currently the client will accept any string for the mode.
"""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.mode = 'not-a-mode'
secret_ref = self.cleanup.add_entity(secret)
self.assertIsNotNone(secret_ref)
resp = self.barbicanclient.secrets.get(secret_ref)
self.assertEqual(secret.mode, resp.mode)
@testcase.attr('negative')
def test_secret_delete_doesnt_exist(self):
"""Deletes a non-existent secret.
This delete uses a reference with an invalid UUID format
"""
url = self.barbicanclient.secrets._api.endpoint_override + \
'/secrets/notauuid'
e = self.assertRaises(ValueError, self.barbicanclient.secrets.delete,
url)
self.assertEqual('Secret incorrectly specified.', str(e))
@testcase.attr('negative')
def test_secret_delete_doesnt_exist_valid_uuid_format(self):
"""Deletes a non-existent secret.
This delete has a valid UUID format but there is no secret
associated with this UUID
"""
uuid = 'de20ad54-85b4-421b-adb2-eb7b9e546013'
url = self.barbicanclient.secrets._api.endpoint_override + \
'/secrets/' + uuid
e = self.assertRaises(exceptions.HTTPClientError,
self.barbicanclient.secrets.delete, url)
self.assertEqual(404, e.status_code)
@testcase.attr('negative')
def test_secret_get_secret_doesnt_exist(self):
"""GET an invalid secret ref.
Will get value error secret incorrectly specified since "notauuid"
is not a properly formatted uuid.
"""
url = self.barbicanclient.secrets._api.endpoint_override + \
'/secrets/notauuid'
e = self.assertRaises(ValueError, self.barbicanclient.secrets.get, url,
'text/plain')
self.assertIn("Secret incorrectly specified", str(e))
@testcase.attr('negative')
def test_secret_create_defaults_expiration_passed(self):
"""Create a secret with an expiration that has already passed.
Returns a 400.
"""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.expiration = '2000-01-10T14:58:52.546795'
e = self.assertRaises(exceptions.HTTPClientError, secret.store)
self.assertEqual(400, e.status_code)
@testcase.attr('negative')
def test_secret_create_emptystrings(self):
"""Secret create with empty Strings for all attributes.
Fails with a value error, Payload incorrectly specified.
"""
secret = self.barbicanclient.secrets.create(
**secret_create_emptystrings_data)
self.assertRaises(exceptions.PayloadException, secret.store)
@testcase.attr('negative')
def test_secret_create_defaults_oversized_payload(self):
"""Create a secret with a payload that is larger than the allowed size.
Should return a 413 if the secret size is greater than the
maximum allowed size.
"""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.payload = str(self.oversized_payload)
e = self.assertRaises(exceptions.HTTPClientError, secret.store)
self.assertEqual(413, e.status_code)
@utils.parameterized_dataset({
'alphanumeric': ['1f34ds'],
'punctuation': ['~!@#$%^&*()_+`-={}[]|:;<>,.?'],
'uuid': ['54262d9d-4bc7-4821-8df0-dc2ca8e112bb'],
'len_255': [base.TestCase.max_sized_field],
'empty': [''],
'null': [None]
})
@testcase.attr('positive')
def test_secret_create_defaults_valid_name(self, name):
"""Covers cases of creating secrets with valid names."""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.name = name
secret_ref = self.cleanup.add_entity(secret)
self.assertIsNotNone(secret_ref)
resp = self.barbicanclient.secrets.get(secret_ref)
self.assertEqual(secret.name, resp.name)
@utils.parameterized_dataset({'int': [400]})
@testcase.attr('negative')
def test_secret_create_defaults_invalid_name(self, name):
"""Create secrets with various invalid names.
Should return 400.
"""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.name = name
e = self.assertRaises(exceptions.HTTPClientError, secret.store)
self.assertEqual(400, e.status_code)
@utils.parameterized_dataset({'aes': ['aes']})
@testcase.attr('positive')
def test_secret_create_defaults_valid_algorithms(self, algorithm):
"""Creates secrets with various valid algorithms."""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.algorithm = algorithm
secret_ref = self.cleanup.add_entity(secret)
self.assertIsNotNone(secret_ref)
resp = self.barbicanclient.secrets.get(secret_ref)
self.assertEqual(secret.algorithm, resp.algorithm)
@utils.parameterized_dataset({'int': [400]})
@testcase.attr('negative')
def test_secret_create_defaults_invalid_algorithms(self, algorithm):
"""Creates secrets with various invalid algorithms."""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.algorithm = algorithm
# We are currently testing for exception with http_code
# launchpad bug 1431514 will address the change to this functionality
e = self.assertRaises(exceptions.HTTPClientError, secret.store)
self.assertEqual(400, e.status_code)
@utils.parameterized_dataset({
'symmetric': [
'symmetric', 'aes', 128,
(b'\x00\x01\x02\x03\x04\x05\x06\x07'
b'\x00\x01\x02\x03\x04\x05\x06\x07')
],
'private': ['private', 'rsa', 2048,
keys.get_private_key_pem()],
'public': ['public', 'rsa', 2048,
keys.get_public_key_pem()],
'certificate':
['certificate', 'rsa', 2048,
keys.get_certificate_pem()],
'opaque':
['opaque', None, None, (b'\x00\x01\x02\x03\x04\x05\x06\x07')],
'passphrase': ['passphrase', None, None,
keys.get_passphrase_txt()],
})
@testcase.attr('positive')
def test_secret_create_defaults_valid_secret_type(self, secret_type,
algorithm, bit_length,
payload):
"""Covers cases of creating secrets with valid secret types."""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.secret_type = secret_type
secret.algorithm = algorithm
secret.bit_length = bit_length
# payload should not be encoded.
secret.payload = payload
secret_ref = self.cleanup.add_entity(secret)
self.assertIsNotNone(secret_ref)
resp = self.barbicanclient.secrets.get(secret_ref)
self.assertEqual(secret_type, resp.secret_type)
@testcase.attr('negative')
def test_secret_create_defaults_invalid_secret_type(self):
"""Covers cases of creating secrets with invalid secret types."""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.secret_type = 'not a valid secret type'
e = self.assertRaises(exceptions.HTTPClientError, secret.store)
self.assertEqual(400, e.status_code)
@utils.parameterized_dataset({
'512': [512],
'sixteen': [16],
'fifteen': [15],
'eight': [8],
'seven': [7],
'one': [1],
'none': [None]
})
@testcase.attr('positive')
def test_secret_create_defaults_valid_bit_length(self, bit_length):
"""Covers cases of creating secrets with valid bit lengths."""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.bit_length = bit_length
secret_ref = self.cleanup.add_entity(secret)
self.assertIsNotNone(secret_ref)
resp = self.barbicanclient.secrets.get(secret_ref)
self.assertEqual(secret.bit_length, resp.bit_length)
@utils.parameterized_dataset({
'str_type': ['not-an-int'],
'empty': [''],
'blank': [' '],
'negative_maxsize': [-sys.maxsize],
'negative_one': [-1],
'zero': [0]
})
@testcase.attr('negative')
def test_secret_create_defaults_invalid_bit_length(self, bit_length):
"""Covers cases of creating secrets with invalid bit lengths."""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.bit_length = bit_length
e = self.assertRaises(exceptions.HTTPClientError, secret.store)
self.assertEqual(400, e.status_code)
@utils.parameterized_dataset({'cbc': ['cbc']})
@testcase.attr('positive')
def test_secret_create_defaults_valid_mode(self, mode):
"""Covers cases of creating secrets with valid modes."""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.mode = mode
secret_ref = self.cleanup.add_entity(secret)
self.assertIsNotNone(secret_ref)
resp = self.barbicanclient.secrets.get(secret_ref)
self.assertEqual(secret.mode, resp.mode)
@utils.parameterized_dataset({
'zero': [0],
'oversized_string': [base.TestCase.oversized_field],
'int': [400]
})
@testcase.attr('negative')
def test_secret_create_defaults_invalid_mode(self, mode):
"""Covers cases of creating secrets with invalid modes."""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.mode = mode
e = self.assertRaises(exceptions.HTTPClientError, secret.store)
self.assertEqual(400, e.status_code)
@utils.parameterized_dataset({
'text_content_type_none_encoding': {
'payload_content_type': 'text/plain',
'payload_content_encoding': None
},
'utf8_text_content_type_none_encoding': {
'payload_content_type': 'text/plain; charset=utf-8',
'payload_content_encoding': None
},
'no_space_utf8_text_content_type_none_encoding': {
'payload_content_type': 'text/plain;charset=utf-8',
'payload_content_encoding': None
},
'octet_content_type_base64_encoding': {
'payload_content_type': 'application/octet-stream',
'payload_content_encoding': 'base64'
}
})
@testcase.attr('positive')
def test_secret_create_deprecated_types_and_encoding(
self, payload_content_type, payload_content_encoding):
"""Creates secrets with various content types and encodings."""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.payload_content_type = payload_content_type
secret.payload_content_encoding = payload_content_encoding
secret_ref = self.cleanup.add_entity(secret)
self.assertIsNotNone(secret_ref)
resp = self.barbicanclient.secrets.get(secret_ref)
if secret.payload_content_encoding == 'base64':
self.assertEqual(base64.b64decode(secret.payload), resp.payload)
else:
self.assertEqual(secret.payload, resp.payload.encode('utf-8'))
@utils.parameterized_dataset({
'large_string_content_type_and_encoding': {
'payload_content_type': base.TestCase.oversized_field,
'payload_content_encoding': base.TestCase.oversized_field
},
'int_content_type_and_encoding': {
'payload_content_type': 123,
'payload_content_encoding': 123
},
'text_content_type_none_content_encoding': {
'payload_content_type': 'text/plain',
'payload_content_encoding': ''
},
'text_no_subtype_content_type_none_content_encoding': {
'payload_content_type': 'text',
'payload_content_encoding': None
},
'text_slash_no_subtype_content_type_none_content_encoding': {
'payload_content_type': 'text/',
'payload_content_encoding': None
},
'text_content_type_empty_content_encoding': {
'payload_content_type': 'text/plain',
'payload_content_encoding': ' '
},
'text_content_type_spaces_content_encoding': {
'payload_content_type': 'text/plain',
'payload_content_encoding': ' '
},
'text_content_type_base64_content_encoding': {
'payload_content_type': 'text/plain',
'payload_content_encoding': 'base64'
},
'text_and_utf88_content_type_none_content_encoding': {
'payload_content_type': 'text/plain; charset=utf-88',
'payload_content_encoding': None
},
'invalid_content_type_base64_content_encoding': {
'payload_content_type': 'invalid',
'payload_content_encoding': 'base64'
},
'invalid_content_type_none_content_encoding': {
'payload_content_type': 'invalid',
'payload_content_encoding': None
},
'octet_content_type_invalid_content_encoding': {
'payload_content_type': 'application/octet-stream',
'payload_content_encoding': 'invalid'
},
'text_content_type_invalid_content_encoding': {
'payload_content_type': 'text/plain',
'payload_content_encoding': 'invalid'
},
'none_content_type_invalid_content_encoding': {
'payload_content_type': None,
'payload_content_encoding': 'invalid'
},
'none_content_type_base64_content_encoding': {
'payload_content_type': None,
'payload_content_encoding': 'base64'
}
})
@testcase.attr('negative')
def test_secret_create_defaults_invalid_types_and_encoding(self, **kwargs):
"""Creating secrets with invalid payload types and encodings."""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.payload_content_encoding = kwargs['payload_content_encoding']
secret.payload_content_type = kwargs['payload_content_type']
e = self.assertRaises(exceptions.HTTPClientError, secret.store)
self.assertEqual(400, e.status_code)
@utils.parameterized_dataset(
{'max_payload_string': [base.TestCase.max_sized_payload]})
@testcase.attr('positive')
def test_secret_create_defaults_valid_payload(self, payload):
"""Create secrets with a various valid payloads."""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.payload = payload
secret_ref = self.cleanup.add_entity(secret)
self.assertIsNotNone(secret_ref)
resp = self.barbicanclient.secrets.get(secret_ref)
self.assertEqual(secret.payload, resp.payload)
@utils.parameterized_dataset({'list': [['boom']], 'int': [123]})
@testcase.attr('negative')
def test_secret_create_with_invalid_payload_(self, payload):
"""Covers attempting to create secret with invalid payload types
Tests the negative cases of invalid types (list and int).
"""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.payload = payload
self.assertRaises(exceptions.PayloadException, secret.store)
@utils.parameterized_dataset({'empty': [''], 'zero': [0]})
@testcase.attr('negative')
def test_secret_with_no_payload_exception(self, payload):
"""Covers creating secrets with various invalid payloads.
These requests will fail with a value error before the request to the
server is made
"""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.payload = payload
self.assertRaises(exceptions.PayloadException, secret.store)
@utils.parameterized_dataset({
'negative_five_long_expire': {
'timezone': '-05:00',
'days': 5
},
'positive_five_long_expire': {
'timezone': '+05:00',
'days': 5
},
'negative_one_short_expire': {
'timezone': '-01',
'days': 1
},
'positive_one_short_expire': {
'timezone': '+01',
'days': 1
}
})
@testcase.attr('positive')
def test_secret_create_defaults_valid_expiration(self, **kwargs):
"""Create secrets with a various valid expiration data."""
timestamp = utils.create_timestamp_w_tz_and_offset(**kwargs)
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.expiration = timestamp
secret_ref = self.cleanup.add_entity(secret)
self.assertIsNotNone(secret_ref)
resp = self.barbicanclient.secrets.get(secret_ref)
self.assertIsNotNone(resp)
self.assertEqual(secret.name, resp.name)
@utils.parameterized_dataset(
{'malformed_timezone': {
'timezone': '-5:00',
'days': 0
}})
@testcase.attr('negative')
def test_secret_create_defaults_invalid_expiration(self, **kwargs):
"""Create secrets with various invalid expiration data."""
timestamp = utils.create_timestamp_w_tz_and_offset(**kwargs)
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.expiration = timestamp
e = self.assertRaises(exceptions.HTTPClientError, secret.store)
self.assertEqual(400, e.status_code)
@utils.parameterized_dataset({
'text/plain': ['meowwwwwwwmeowwwwwww', 'text/plain'],
'application/octet-stream': [
base64.b64encode(b'F\x130\x89f\x8e\xd9\xa1\x0e\x1f\r\xf67uu\x8b'),
'application/octet-stream'
]
})
@testcase.attr('positive')
def test_secret_update_nones(self, payload, payload_content_type):
"""Cover case of updating with all nones in the Secret object."""
secret = self.barbicanclient.secrets.create(**secret_create_nones_data)
secret.payload = None
secret.payload_content_type = None
secret_ref = self.cleanup.add_entity(secret)
self.assertIsNotNone(secret_ref)
secret.payload = payload
secret.update()
resp = self.barbicanclient.secrets.get(secret_ref)
self.assertEqual(payload, resp.payload)
self.assertEqual(payload_content_type, resp.payload_content_type)
@utils.parameterized_dataset({
'alphanumeric': ['1f34ds'],
'punctuation': ['~!@#$%^&*()_+`-={}[]|:;<>,.?'],
'uuid': ['54262d9d-4bc7-4821-8df0-dc2ca8e112bb'],
'len_255': ['a' * 255],
'empty': [''],
'null': [None]
})
@testcase.attr('positive')
def test_secret_get_defaults_metadata_w_valid_name(self, name):
"""Covers getting and checking a secret's metadata."""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.name = name
secret_ref = self.cleanup.add_entity(secret)
self.assertIsNotNone(secret_ref)
resp = self.barbicanclient.secrets.get(secret_ref)
self.assertEqual("ACTIVE", resp.status)
self.assertEqual(name, resp.name)
self.assertEqual(secret.mode, resp.mode)
self.assertEqual(secret.algorithm, resp.algorithm)
self.assertEqual(secret.bit_length, resp.bit_length)
@utils.parameterized_dataset({
'symmetric': [
'symmetric', 'aes', 128,
('\x00\x01\x02\x03\x04\x05\x06\x07'
'\x00\x01\x02\x03\x04\x05\x06\x07')
],
'private': ['private', 'rsa', 2048,
keys.get_private_key_pem()],
'public': ['public', 'rsa', 2048,
keys.get_public_key_pem()],
'certificate':
['certificate', 'rsa', 2048,
keys.get_certificate_pem()],
'opaque':
['opaque', None, None, (b'\x00\x01\x02\x03\x04\x05\x06\x07')],
'passphrase': ['passphrase', None, None,
keys.get_passphrase_txt()],
})
@testcase.attr('positive')
def test_secret_get_defaults_secret_type(self, secret_type, algorithm,
bit_length, payload):
"""Covers getting and checking a secret's metadata."""
secret = self.barbicanclient.secrets.create(
**secret_create_defaults_data)
secret.secret_type = secret_type
secret.algorithm = algorithm
secret.bit_length = bit_length
# payload should not be encoded.
secret.payload = payload
secret_ref = self.cleanup.add_entity(secret)
self.assertIsNotNone(secret_ref)
resp = self.barbicanclient.secrets.get(secret_ref)
self.assertEqual("ACTIVE", resp.status)
self.assertEqual(secret_type, resp.secret_type)
@utils.parameterized_dataset({
'query_by_name': {
'secret_1_dict': dict(name="name1"),
'secret_2_dict': dict(name="name2"),
'query_dict': dict(name="name1")
},
'query_by_algorithm': {
'secret_1_dict': dict(algorithm="algorithm1"),
'secret_2_dict': dict(algorithm="algorithm2"),
'query_dict': dict(algorithm="algorithm1")
},
'query_by_mode': {
'secret_1_dict': dict(mode="mode1"),
'secret_2_dict': dict(mode="mode2"),
'query_dict': dict(mode="mode1")
},
'query_by_bit_length': {
'secret_1_dict': dict(bit_length=1024),
'secret_2_dict': dict(bit_length=2048),
'query_dict': dict(bits=1024)
},
'query_by_secret_type': {
'secret_1_dict': dict(secret_type='opaque'),
'secret_2_dict': dict(secret_type='symmetric'),
'query_dict': dict(secret_type='opaque')
},
})
@testcase.attr('positive')
def test_secret_list_with_filter(self, secret_1_dict, secret_2_dict,
query_dict):
secret_1 = self.barbicanclient.secrets.create(**secret_1_dict)
secret_1_ref = self.cleanup.add_entity(secret_1)
self.assertIsNotNone(secret_1_ref)
secret_2 = self.barbicanclient.secrets.create(**secret_2_dict)
secret_2_ref = self.cleanup.add_entity(secret_2)
self.assertIsNotNone(secret_2_ref)
secret_list = self.barbicanclient.secrets.list(**query_dict)
self.assertEqual(1, len(secret_list))
@utils.parameterized_dataset({
'query_by_name': {
'secret_1_dict': dict(name="name1"),
'secret_2_dict': dict(name="name2"),
'sort': 'name'
},
'query_by_algorithm': {
'secret_1_dict': dict(algorithm="algorithm1"),
'secret_2_dict': dict(algorithm="algorithm2"),
'sort': 'algorithm'
},
'query_by_mode': {
'secret_1_dict': dict(mode="mode1"),
'secret_2_dict': dict(mode="mode2"),
'sort': 'mode'
},
'query_by_bit_length': {
'secret_1_dict': dict(bit_length=1024),
'secret_2_dict': dict(bit_length=2048),
'sort': 'bit_length'
},
'query_by_secret_type': {
'secret_1_dict': dict(secret_type='opaque'),
'secret_2_dict': dict(secret_type='symmetric'),
'sort': 'secret_type'
},
})
@testcase.attr('positive')
def test_secret_list_with_sort(self, secret_1_dict, secret_2_dict, sort):
secret_1 = self.barbicanclient.secrets.create(**secret_1_dict)
secret_1_ref = self.cleanup.add_entity(secret_1)
self.assertIsNotNone(secret_1_ref)
secret_2 = self.barbicanclient.secrets.create(**secret_2_dict)
secret_2_ref = self.cleanup.add_entity(secret_2)
self.assertIsNotNone(secret_2_ref)
query_dict = {'sort': sort + ":asc"}
secret_list = self.barbicanclient.secrets.list(**query_dict)
self.assertEqual(2, len(secret_list))
self.assertEqual(secret_1_ref, secret_list[0].secret_ref)
query_dict = {'sort': sort + ":desc"}
secret_list = self.barbicanclient.secrets.list(**query_dict)
self.assertEqual(2, len(secret_list))
self.assertEqual(secret_2_ref, secret_list[0].secret_ref)
@utils.parameterized_dataset({
'created': {
'date_type': 'created',
},
'updated': {
'date_type': 'updated',
},
'expiration': {
'date_type': 'expiration',
},
})
@testcase.attr('positive')
def test_secret_list_with_date_filter(self, date_type):
now = datetime.datetime.utcnow()
expiration_1 = (now + datetime.timedelta(days=3)).isoformat()
expiration_2 = (now + datetime.timedelta(days=5)).isoformat()
secret_1 = self.barbicanclient.secrets.create(expiration=expiration_1)
secret_1_ref = self.cleanup.add_entity(secret_1)
self.assertIsNotNone(secret_1_ref)
payload = "gF6+lLoF3ohA9aPRpt+6bQ=="
self.barbicanclient.secrets.update(secret_1_ref, payload)
time.sleep(1)
secret_2 = self.barbicanclient.secrets.create(expiration=expiration_2)
secret_2_ref = self.cleanup.add_entity(secret_2)
self.assertIsNotNone(secret_2_ref)
time_to_search_1 = getattr(secret_1, date_type).isoformat()
time_to_search_2 = getattr(secret_2, date_type).isoformat()
# Search for secrets with secret 1's time
query_dict = {date_type: time_to_search_1}
secret_list = self.barbicanclient.secrets.list(**query_dict)
self.assertEqual(1, len(secret_list))
self.assertEqual(secret_1_ref, secret_list[0].secret_ref)
# Search for secrets with time < secret 2, i.e. secret 1
query_dict = {date_type: 'lt:' + time_to_search_2}
secret_list = self.barbicanclient.secrets.list(**query_dict)
self.assertEqual(1, len(secret_list))
self.assertEqual(secret_1_ref, secret_list[0].secret_ref)
# Search for secrets with time < secret 1, i.e. none
query_dict = {date_type: 'lt:' + time_to_search_1}
secret_list = self.barbicanclient.secrets.list(**query_dict)
self.assertEqual(0, len(secret_list))
# Search for secrets with time <= secret 2, i.e. both secrets
query_dict = {date_type: 'lte:' + time_to_search_2}
secret_list = self.barbicanclient.secrets.list(**query_dict)
self.assertEqual(2, len(secret_list))
# Search for secrets with time > secret 1, i.e. secret 2
query_dict = {date_type: 'gt:' + time_to_search_1}
secret_list = self.barbicanclient.secrets.list(**query_dict)
self.assertEqual(1, len(secret_list))
self.assertEqual(secret_2_ref, secret_list[0].secret_ref)
# Search for secrets with time > secret 2, i.e. none
query_dict = {date_type: 'gt:' + time_to_search_2}
secret_list = self.barbicanclient.secrets.list(**query_dict)
self.assertEqual(0, len(secret_list))
# Search for secrets with time >= secret 1, i.e. both secrets
query_dict = {date_type: 'gte:' + time_to_search_1}
secret_list = self.barbicanclient.secrets.list(**query_dict)
self.assertEqual(2, len(secret_list))
# Sort secrets by date
query_dict = {'sort': date_type + ":asc"}
secret_list = self.barbicanclient.secrets.list(**query_dict)
self.assertEqual(2, len(secret_list))
self.assertEqual(secret_1_ref, secret_list[0].secret_ref)
# Sort secrets by date
query_dict = {'sort': date_type + ":desc"}
secret_list = self.barbicanclient.secrets.list(**query_dict)
self.assertEqual(2, len(secret_list))
self.assertEqual(secret_2_ref, secret_list[0].secret_ref)
class SecretsTestCase(base.TestCase):
def setUp(self):
super(SecretsTestCase, self).setUp()
self.behaviors = secret_behaviors.SecretBehaviors(self.barbicanclient)
def tearDown(self):
self.behaviors.delete_all_created_secrets()
super(SecretsTestCase, self).tearDown()
@testcase.attr('positive')
def test_secret_create_defaults_check_content_types(self):
"""Check that set content-type attribute is retained in metadata."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
resp = self.behaviors.get_secret(secret_ref)
content_types = resp.content_types
self.assertIsNotNone(content_types)
self.assertIn('default', content_types)
self.assertEqual('application/octet-stream', content_types['default'])
@testcase.attr('positive')
def test_secret_create_defaults_non_standard_algorithm(self):
"""Create a secret with a non standard algorithm.
Currently the client will accept any string for the algorithm.
"""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.algorithm = "not-an-algorithm"
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
get_resp = self.behaviors.get_secret(secret_ref)
self.assertEqual(get_resp.algorithm, test_model.algorithm)
@testcase.attr('positive')
def test_secret_create_defaults_non_standard_mode(self):
"""Create a secret with a non standard mode.
Currently the client will accept any string for the mode.
"""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.mode = 'not-a-mode'
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
get_resp = self.behaviors.get_secret(secret_ref)
self.assertEqual(get_resp.mode, test_model.mode)
@testcase.attr('negative')
def test_secret_delete_doesnt_exist(self):
"""Deletes a non-existent secret.
This delete uses a reference with an invalid UUID format
"""
url = self.behaviors.base_url + '/secrets/notauuid'
e = self.assertRaises(ValueError, self.behaviors.delete_secret, url)
self.assertEqual(e.message, 'Secret incorrectly specified.')
@testcase.attr('negative')
def test_secret_delete_doesnt_exist_valid_uuid_format(self):
"""Deletes a non-existent secret.
This delete has a valid UUID format but there is no secret
associated with this UUID
"""
uuid = 'de20ad54-85b4-421b-adb2-eb7b9e546013'
url = self.behaviors.base_url + '/secrets/' + uuid
e = self.assertRaises(exceptions.HTTPClientError,
self.behaviors.delete_secret, url)
self.assertEqual(e.status_code, 404)
@testcase.attr('negative')
def test_secret_create_nones_content_type(self):
"""Create secret with valid content type but no payload.
Secret will not create due to None in the payload even if content
type is valid.
"""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.payload = None
self.assertRaises(exceptions.PayloadException,
self.behaviors.store_secret, test_model)
@testcase.attr('negative')
def test_secret_create_nones(self):
"""Cover case of posting with all nones in the Secret object."""
test_model = self.behaviors.create_secret(secret_create_nones_data)
test_model.payload = None
test_model.payload_content_encoding = None
test_model.payload_content_type = None
self.assertRaises(exceptions.PayloadException,
self.behaviors.store_secret, test_model)
@testcase.attr('negative')
def test_secret_get_secret_doesnt_exist(self):
"""GET an invalid secret ref.
Will get value error secret incorrectly specified since "notauuid"
is not a properly formatted uuid.
"""
url = self.behaviors.base_url + '/secrets/notauuid'
e = self.assertRaises(ValueError, self.behaviors.get_secret, url)
self.assertIn("Secret incorrectly specified", e.message)
@testcase.attr('negative')
def test_secret_create_defaults_expiration_passed(self):
"""Create a secret with an expiration that has already passed.
Returns a 400.
"""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.expiration = '2000-01-10T14:58:52.546795'
e = self.assertRaises(exceptions.HTTPClientError,
self.behaviors.store_secret, test_model)
self.assertEqual(e.status_code, 400)
@testcase.attr('negative')
def test_secret_create_emptystrings(self):
"""Secret create with empty Strings for all attributes.
Fails with a value error, Payload incorrectly specified.
"""
test_model = self.behaviors.create_secret(
secret_create_emptystrings_data)
self.assertRaises(exceptions.PayloadException,
self.behaviors.store_secret, test_model)
@testcase.attr('negative')
def test_secret_create_defaults_oversized_payload(self):
"""Create a secret with a payload that is larger than the allowed size.
Should return a 413 if the secret size is greater than the
maximum allowed size.
"""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.payload = str(self.oversized_payload)
e = self.assertRaises(exceptions.HTTPClientError,
self.behaviors.store_secret, test_model)
self.assertEqual(e.status_code, 413)
@utils.parameterized_dataset({
'alphanumeric': ['1f34ds'],
'punctuation': ['~!@#$%^&*()_+`-={}[]|:;<>,.?'],
'uuid': ['54262d9d-4bc7-4821-8df0-dc2ca8e112bb'],
'len_255': [base.TestCase.max_sized_field],
'empty': [''],
'null': [None]
})
@testcase.attr('positive')
def test_secret_create_defaults_valid_name(self, name):
"""Covers cases of creating secrets with valid names."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.name = name
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
get_resp = self.behaviors.get_secret(secret_ref)
self.assertEqual(get_resp.name, test_model.name)
@utils.parameterized_dataset({'int': [400]})
@testcase.attr('negative')
def test_secret_create_defaults_invalid_name(self, name):
"""Create secrets with various invalid names.
Should return 400.
"""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.name = name
e = self.assertRaises(exceptions.HTTPClientError,
self.behaviors.store_secret, test_model)
self.assertEqual(e.status_code, 400)
@utils.parameterized_dataset({'aes': ['aes']})
@testcase.attr('positive')
def test_secret_create_defaults_valid_algorithms(self, algorithm):
"""Creates secrets with various valid algorithms."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.algorithm = algorithm
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
get_resp = self.behaviors.get_secret(secret_ref)
self.assertEqual(get_resp.algorithm, test_model.algorithm)
@utils.parameterized_dataset({'int': [400]})
@testcase.attr('negative')
def test_secret_create_defaults_invalid_algorithms(self, algorithm):
"""Creates secrets with various invalid algorithms."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.algorithm = algorithm
# We are currently testing for exception with http_code
# launchpad bug 1431514 will address the change to this functionality
e = self.assertRaises(exceptions.HTTPClientError,
self.behaviors.store_secret, test_model)
self.assertEqual(e.status_code, 400)
@utils.parameterized_dataset({
'symmetric': [
'symmetric', 'aes', 128,
('\x00\x01\x02\x03\x04\x05\x06\x07'
'\x00\x01\x02\x03\x04\x05\x06\x07')
],
'private': ['private', 'rsa', 2048,
keys.get_private_key_pem()],
'public': ['public', 'rsa', 2048,
keys.get_public_key_pem()],
'certificate':
['certificate', 'rsa', 2048,
keys.get_certificate_pem()],
'opaque':
['opaque', None, None, (b'\x00\x01\x02\x03\x04\x05\x06\x07')],
'passphrase': ['passphrase', None, None,
keys.get_passphrase_txt()],
})
@testcase.attr('positive')
def test_secret_create_defaults_valid_secret_type(self, secret_type,
algorithm, bit_length,
secret):
"""Covers cases of creating secrets with valid secret types."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.secret_type = secret_type
test_model.algorithm = algorithm
test_model.bit_length = bit_length
test_model.payload = base64.b64encode(secret)
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
get_resp = self.behaviors.get_secret(secret_ref)
self.assertEqual(get_resp.secret_type, secret_type)
@testcase.attr('negative')
def test_secret_create_defaults_invalid_secret_type(self):
"""Covers cases of creating secrets with invalid secret types."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.secret_type = 'not a valid secret type'
e = self.assertRaises(exceptions.HTTPClientError,
self.behaviors.store_secret, test_model)
self.assertEqual(e.status_code, 400)
@utils.parameterized_dataset({
'512': [512],
'sixteen': [16],
'fifteen': [15],
'eight': [8],
'seven': [7],
'one': [1],
'none': [None]
})
@testcase.attr('positive')
def test_secret_create_defaults_valid_bit_length(self, bit_length):
"""Covers cases of creating secrets with valid bit lengths."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.bit_length = bit_length
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
get_resp = self.behaviors.get_secret(secret_ref)
self.assertEqual(get_resp.bit_length, test_model.bit_length)
@utils.parameterized_dataset({
'str_type': ['not-an-int'],
'empty': [''],
'blank': [' '],
'negative_maxint': [-sys.maxint],
'negative_one': [-1],
'zero': [0]
})
@testcase.attr('negative')
def test_secret_create_defaults_invalid_bit_length(self, bit_length):
"""Covers cases of creating secrets with invalid bit lengths."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.bit_length = bit_length
e = self.assertRaises(exceptions.HTTPClientError,
self.behaviors.store_secret, test_model)
self.assertEqual(e.status_code, 400)
@utils.parameterized_dataset({'cbc': ['cbc']})
@testcase.attr('positive')
def test_secret_create_defaults_valid_mode(self, mode):
"""Covers cases of creating secrets with valid modes."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.mode = mode
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
get_resp = self.behaviors.get_secret(secret_ref)
self.assertEqual(get_resp.mode, test_model.mode)
@utils.parameterized_dataset({
'zero': [0],
'oversized_string': [base.TestCase.oversized_field],
'int': [400]
})
@testcase.attr('negative')
def test_secret_create_defaults_invalid_mode(self, mode):
"""Covers cases of creating secrets with invalid modes."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.mode = mode
e = self.assertRaises(exceptions.HTTPClientError,
self.behaviors.store_secret, test_model)
self.assertEqual(e.status_code, 400)
@utils.parameterized_dataset({
'text_content_type_none_encoding': {
'payload_content_type': 'text/plain',
'payload_content_encoding': None
},
'utf8_text_content_type_none_encoding': {
'payload_content_type': 'text/plain; charset=utf-8',
'payload_content_encoding': None
},
'no_space_utf8_text_content_type_none_encoding': {
'payload_content_type': 'text/plain;charset=utf-8',
'payload_content_encoding': None
},
'octet_content_type_base64_encoding': {
'payload_content_type': 'application/octet-stream',
'payload_content_encoding': 'base64'
}
})
@testcase.attr('positive')
def test_secret_create_deprecated_types_and_encoding(
self, payload_content_type, payload_content_encoding):
"""Creates secrets with various content types and encodings."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.payload_content_encoding = payload_content_encoding
test_model.payload_content_type = payload_content_type
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
get_resp = self.behaviors.get_secret(
secret_ref, payload_content_type=test_model.payload_content_type)
if test_model.payload_content_encoding == 'base64':
self.assertEqual(base64.b64decode(test_model.payload),
get_resp.payload)
else:
self.assertEqual(test_model.payload, str(get_resp.payload))
@utils.parameterized_dataset({
'large_string_content_type_and_encoding': {
'payload_content_type': base.TestCase.oversized_field,
'payload_content_encoding': base.TestCase.oversized_field
},
'int_content_type_and_encoding': {
'payload_content_type': 123,
'payload_content_encoding': 123
},
'text_content_type_none_content_encoding': {
'payload_content_type': 'text/plain',
'payload_content_encoding': ''
},
'text_no_subtype_content_type_none_content_encoding': {
'payload_content_type': 'text',
'payload_content_encoding': None
},
'text_slash_no_subtype_content_type_none_content_encoding': {
'payload_content_type': 'text/',
'payload_content_encoding': None
},
'text_content_type_empty_content_encoding': {
'payload_content_type': 'text/plain',
'payload_content_encoding': ' '
},
'text_content_type_spaces_content_encoding': {
'payload_content_type': 'text/plain',
'payload_content_encoding': ' '
},
'text_content_type_base64_content_encoding': {
'payload_content_type': 'text/plain',
'payload_content_encoding': 'base64'
},
'text_and_utf88_content_type_none_content_encoding': {
'payload_content_type': 'text/plain; charset=utf-88',
'payload_content_encoding': None
},
'invalid_content_type_base64_content_encoding': {
'payload_content_type': 'invalid',
'payload_content_encoding': 'base64'
},
'invalid_content_type_none_content_encoding': {
'payload_content_type': 'invalid',
'payload_content_encoding': None
},
'octet_content_type_invalid_content_encoding': {
'payload_content_type': 'application/octet-stream',
'payload_content_encoding': 'invalid'
},
'text_content_type_invalid_content_encoding': {
'payload_content_type': 'text/plain',
'payload_content_encoding': 'invalid'
},
'none_content_type_invalid_content_encoding': {
'payload_content_type': None,
'payload_content_encoding': 'invalid'
},
'none_content_type_base64_content_encoding': {
'payload_content_type': None,
'payload_content_encoding': 'base64'
}
})
@testcase.attr('negative')
def test_secret_create_defaults_invalid_types_and_encoding(self, **kwargs):
"""Creating secrets with invalid payload types and encodings."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.payload_content_encoding = kwargs[
'payload_content_encoding']
test_model.payload_content_type = kwargs['payload_content_type']
e = self.assertRaises(exceptions.HTTPClientError,
self.behaviors.store_secret, test_model)
self.assertEqual(e.status_code, 400)
@utils.parameterized_dataset(
{'max_payload_string': [base.TestCase.max_sized_payload]})
@testcase.attr('positive')
def test_secret_create_defaults_valid_payload(self, payload):
"""Create secrets with a various valid payloads."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.payload = payload
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
get_resp = self.behaviors.get_secret(secret_ref)
self.assertEqual(test_model.payload, get_resp.payload)
@utils.parameterized_dataset({'list': [['boom']], 'int': [123]})
@testcase.attr('negative')
def test_secret_create_with_invalid_payload_(self, payload):
"""Covers attempting to create secret with invalid payload types
Tests the negative cases of invalid types (list and int).
"""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.payload = payload
self.assertRaises(exceptions.PayloadException,
self.behaviors.store_secret, test_model)
@utils.parameterized_dataset({'empty': [''], 'none': [None], 'zero': [0]})
@testcase.attr('negative')
def test_secret_with_no_payload_exception(self, payload):
"""Covers creating secrets with various invalid payloads.
These requests will fail with a value error before the request to the
server is made"""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.payload = payload
self.assertRaises(exceptions.PayloadException,
self.behaviors.store_secret, test_model)
@utils.parameterized_dataset({
'negative_five_long_expire': {
'timezone': '-05:00',
'days': 5
},
'positive_five_long_expire': {
'timezone': '+05:00',
'days': 5
},
'negative_one_short_expire': {
'timezone': '-01',
'days': 1
},
'positive_one_short_expire': {
'timezone': '+01',
'days': 1
}
})
@testcase.attr('positive')
def test_secret_create_defaults_valid_expiration(self, **kwargs):
"""Create secrets with a various valid expiration data."""
timestamp = utils.create_timestamp_w_tz_and_offset(**kwargs)
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.expiration = timestamp
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
get_resp = self.behaviors.get_secret(secret_ref)
self.assertIsNotNone(get_resp)
self.assertEqual(get_resp.name, test_model.name)
@utils.parameterized_dataset(
{'malformed_timezone': {
'timezone': '-5:00',
'days': 0
}})
@testcase.attr('negative')
def test_secret_create_defaults_invalid_expiration(self, **kwargs):
"""Create secrets with various invalid expiration data."""
timestamp = utils.create_timestamp_w_tz_and_offset(**kwargs)
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.expiration = timestamp
e = self.assertRaises(exceptions.HTTPClientError,
self.behaviors.store_secret, test_model)
self.assertEqual(e.status_code, 400)
@utils.parameterized_dataset({
'alphanumeric': ['1f34ds'],
'punctuation': ['~!@#$%^&*()_+`-={}[]|:;<>,.?'],
'uuid': ['54262d9d-4bc7-4821-8df0-dc2ca8e112bb'],
'len_255': [str(bytearray().zfill(255))],
'empty': [''],
'null': [None]
})
@testcase.attr('positive')
def test_secret_get_defaults_metadata_w_valid_name(self, name):
"""Covers getting and checking a secret's metadata."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.name = name
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
get_resp = self.behaviors.get_secret(secret_ref)
self.assertEqual(get_resp.status, "ACTIVE")
self.assertEqual(get_resp.name, name)
self.assertEqual(get_resp.mode, test_model.mode)
self.assertEqual(get_resp.algorithm, test_model.algorithm)
self.assertEqual(get_resp.bit_length, test_model.bit_length)
@utils.parameterized_dataset({
'symmetric': [
'symmetric', 'aes', 128,
('\x00\x01\x02\x03\x04\x05\x06\x07'
'\x00\x01\x02\x03\x04\x05\x06\x07')
],
'private': ['private', 'rsa', 2048,
keys.get_private_key_pem()],
'public': ['public', 'rsa', 2048,
keys.get_public_key_pem()],
'certificate':
['certificate', 'rsa', 2048,
keys.get_certificate_pem()],
'opaque':
['opaque', None, None, (b'\x00\x01\x02\x03\x04\x05\x06\x07')],
'passphrase': ['passphrase', None, None,
keys.get_passphrase_txt()],
})
@testcase.attr('positive')
def test_secret_get_defaults_secret_type(self, secret_type, algorithm,
bit_length, secret):
"""Covers getting and checking a secret's metadata."""
test_model = self.behaviors.create_secret(secret_create_defaults_data)
test_model.secret_type = secret_type
test_model.algorithm = algorithm
test_model.bit_length = bit_length
test_model.payload = base64.b64encode(secret)
secret_ref = self.behaviors.store_secret(test_model)
self.assertIsNotNone(secret_ref)
get_resp = self.behaviors.get_secret(secret_ref)
self.assertEqual(get_resp.status, "ACTIVE")
self.assertEqual(get_resp.secret_type, secret_type)
