def test_legal_notices(self):
"""Check the presence of legal-notices"""
logger.test_step('Check legal Notices')
for pod in TestAMMetadata.pods:
logger.info('Check legal-notices exist for: ' + pod.name)
pod.is_expected_legal_notices(TestAMMetadata.NAMESPACE)
def create_user(self, username, password='******'):
headers = {
'X-OpenAM-Username': '******',
'X-OpenAM-Password': '******',
'Content-Type': 'application/json',
'Accept-API-Version': 'resource=2.0, protocol=1.0'
}
logger.test_step('Admin login')
response = post(verify=self.ssl_verify,
url=self.rest_authn_url,
headers=headers)
rest.check_http_status(http_result=response, expected_status=200)
admin_token = response.json()["tokenId"]
headers = {
'iPlanetDirectoryPro': admin_token,
'Content-Type': 'application/json',
'Accept-API-Version': 'resource=3.0, protocol=2.1'
}
user_data = {
'username': username,
'userpassword': '******',
'mail': f'{username}@forgerock.com'
}
logger.test_step('Expecting test user to be created - HTTP-201')
response = post(verify=self.ssl_verify,
url=self.am_url +
'/json/realms/root/users/?_action=create',
headers=headers,
json=user_data)
rest.check_http_status(http_result=response, expected_status=201)
def teardown_class(cls):
""""""
headers1 = cls.idmcfg.get_admin_headers(
{'Content-Type': 'application/json'})
logger.test_step('Get user id')
response = get(verify=cls.idmcfg.ssl_verify,
url=cls.idmcfg.rest_managed_user_url +
'?_queryFilter=true',
headers=headers1).json()
# rest.check_http_status(http_result=response, expected_status=200)
if response['resultCount'] == 0:
return
_id = response["result"][0]["_id"]
headers2 = cls.idmcfg.get_admin_headers({
'Content-Type': 'application/json',
'if-match': '*',
})
logger.test_step('Delete user')
response = delete(verify=cls.idmcfg.ssl_verify,
url=cls.idmcfg.rest_managed_user_url + '/' + _id,
headers=headers2)
rest.check_http_status(http_result=response, expected_status=200)
def test_0_ping(self):
"""Test if OpenAM is responding on isAlive endpoint"""
logger.test_step('Ping OpenAM isAlive.jsp')
response = get(verify=self.amcfg.ssl_verify,
url=self.amcfg.am_url + '/isAlive.jsp')
rest.check_http_status(http_result=response, expected_status=200)
def test_0_ping(self):
"""Pings OpenIDM to see if server is alive using admin headers"""
logger.test_step('Ping OpenIDM')
response = get(verify=self.idmcfg.ssl_verify, auth=('openidm-admin', 'openidm-admin'),
url=self.idmcfg.rest_ping_url)
rest.check_http_status(http_result=response, expected_status=200)
def test_am_amster_versions(self):
"""Check the AM and Amster versions match"""
logger.test_step('Check AM and Amster versions match')
representative_amster_pod = TestAmsterMetadata.pods[0]
representative_am_pod = am_pod.AMPod("representative_openam_pod", TestAmsterMetadata.MANIFEST_FILEPATH)
pod.Pod.is_expected_am_amster_version(representative_am_pod.manifest, representative_amster_pod.manifest)
def test_commons_version(self, get_commons_library):
"""Check the version of a commons library"""
logger.test_step('Check commons version')
for pod in TestAmsterMetadata.pods:
logger.info('Check commons version for: ' + pod.name)
pod.is_expected_commons_version()
def test_1_oauth2_tokeninfo(self):
"""Test to check oauth2 token from AM"""
data = {
'grant_type': 'password',
'username': '******',
'password': '******',
'scope': 'mail employeenumber'
}
logger.test_step('Get access token')
response = post(verify=self.amcfg.ssl_verify,
url=self.amcfg.rest_oauth2_access_token_url,
auth=('oauth2', 'password'),
data=data)
rest.check_http_status(http_result=response, expected_status=200)
access_token = response.json()['access_token']
header = {'Authorization': 'Bearer ' + access_token}
logger.test_step('Check if IG page contains access token and info')
response = post(verify=self.igcfg.ssl_verify,
url=self.igcfg.ig_url + '/rs-tokeninfo',
headers=header)
assert (str(response.content).__contains__('access_token=' + access_token) is True), \
'IG page does not contain access token and info'
def version(self):
"""
Return the product version information.
:return: Dictionary
"""
logger.test_step(
'Report Amster version for pod {name}'.format(name=self.name))
stdout, ignored = kubectl.exec(Pod.NAMESPACE, [
self.name, '--', './amster', '-c', self.product_type, '--version'
])
version_text = stdout[0].strip()
version_key = 'Amster OpenAM Shell v'
build_key = ' build '
revision_length = 10
build_position = version_text.find(build_key)
version = version_text[len(version_key):build_position]
start = build_position + len(build_key)
revision = version_text[start:start + revision_length]
amster_metadata = {
'TITLE': self.product_type,
'DESCRIPTION': self.name,
'VERSION_TEXT': version_text,
'VERSION': version,
'REVISION': revision
}
return amster_metadata
def test_pods_jdk(self):
"""Check the JDK for the pods"""
logger.test_step('Check JDK version')
for pod in TestAmsterMetadata.pods:
logger.info('Check JDK version for ' + pod.name)
pod.is_expected_jdk()
def teardown_class(cls):
"""Remove user from AM"""
headers = {
'X-OpenAM-Username': '******',
'X-OpenAM-Password': '******',
'Content-Type': 'application/json',
'Accept-API-Version': 'resource=2.0, protocol=1.0'
}
logger.test_step('Admin login')
response = post(verify=cls.amcfg.ssl_verify,
url=cls.amcfg.rest_authn_url,
headers=headers)
rest.check_http_status(http_result=response, expected_status=200)
admin_token = response.json()["tokenId"]
headers = {
'iPlanetDirectoryPro': admin_token,
'Content-Type': 'application/json',
'Accept-API-Version': 'resource=3.0, protocol=2.1'
}
logger.test_step('Expecting test user to be deleted - HTTP-200')
response = delete(verify=cls.amcfg.ssl_verify,
url=cls.amcfg.am_url +
'/json/realms/root/users/igtestuser',
headers=headers)
rest.check_http_status(http_result=response, expected_status=200)
def delete_user(self, username):
headers = {
'X-OpenAM-Username': '******',
'X-OpenAM-Password': '******',
'Content-Type': 'application/json',
'Accept-API-Version': 'resource=2.0, protocol=1.0'
}
logger.test_step('Admin login')
response = post(verify=self.ssl_verify,
url=self.rest_authn_url,
headers=headers)
rest.check_http_status(http_result=response, expected_status=200)
admin_token = response.json()["tokenId"]
headers = {
'iPlanetDirectoryPro': admin_token,
'Content-Type': 'application/json',
'Accept-API-Version': 'resource=3.0, protocol=2.1'
}
logger.test_step('Expecting test user to be deleted - HTTP-200')
response = delete(verify=self.ssl_verify,
url=self.am_url +
f'/json/realms/root/users/{username}',
headers=headers)
rest.check_http_status(http_result=response, expected_status=200)
def test_image_os(self):
"""Check the OS running in the pods"""
logger.test_step('Report the operating system')
for idm_pod in TestIDMMetadata.pods:
logger.info('Report OS for {name}'.format(name=idm_pod.name))
idm_pod.log_os()
def test_image_os(self):
"""Report the OS for the pods"""
logger.test_step('Report the operating system')
for amster_pod in TestAmsterMetadata.pods:
logger.info('Report OS for {name}'.format(name=amster_pod.name))
amster_pod.log_os()
def test_legal_notices(self):
"""Check the presence of legal-notices"""
logger.test_step('Check legal Notices')
for pod in TestAmsterMetadata.pods:
logger.info('Check the contents of the legal-notices for: ' + pod.name)
pod.is_expected_legal_notices()
def test_commons_version(self, get_commons_library):
"""Report the version of a commons library"""
logger.test_step('Report commons version')
for amster_pod in TestAmsterMetadata.pods:
logger.info('Report commons version for {name}'.format(
name=amster_pod.name))
amster_pod.log_commons_version()
def test_0_ping(self):
"""Simple ping test to IDM"""
logger.test_step('Ping OpenIDM')
response = get(verify=self.idmcfg.ssl_verify,
url=self.idmcfg.rest_ping_url,
headers=self.idmcfg.get_admin_headers(None))
rest.check_http_status(http_result=response, expected_status=200)
def test_pods_jdk(self):
"""Report the JDK running in the pods"""
logger.test_step('Report Java version')
for amster_pod in TestAmsterMetadata.pods:
logger.info(
'Report Java version for {name}'.format(name=amster_pod.name))
amster_pod.log_jdk()
def test_legal_notices(self):
"""Check the presence of legal-notices"""
logger.test_step('Check legal notices')
for amster_pod in TestAmsterMetadata.pods:
logger.info('Check legal-notices exist for {name}'.format(
name=amster_pod.name))
amster_pod.are_legal_notices_present()
def setup_class(cls):
"""Populate the lists of pods"""
logger.test_step('Get pods')
podnames = kubectl.get_product_pod_names(TestAmsterMetadata.NAMESPACE, AmsterPod.PRODUCT_TYPE)
assert len(podnames) > 0, 'There are no Amster pods'
for podname in podnames:
TestAmsterMetadata.pods.append(AmsterPod(podname, TestAmsterMetadata.MANIFEST_FILEPATH))
def test_version(self):
"""Report the version"""
logger.test_step('Report the version')
for amster_pod in TestAmsterMetadata.pods:
logger.info(
'Report the version for {name}'.format(name=amster_pod.name))
amster_pod.log_version()
def test_jdk_version(self):
"""Report Java running in the pods"""
logger.test_step('Report the Java version')
for idm_pod in TestIDMMetadata.pods:
logger.info(
'Report Java version for {name}'.format(name=idm_pod.name))
idm_pod.log_jdk()
def test_legal_notices(self):
"""Report the presence of legal-notices"""
logger.test_step('Check legal Notices')
for idm_pod in TestIDMMetadata.pods:
logger.info('Check legal-notices exist for {name}'.format(
name=idm_pod.name))
idm_pod.are_legal_notices_present()
def test_commons_version(self):
"""Report the commons version"""
logger.test_step('Report the commons version')
for idm_pod in TestIDMMetadata.pods:
logger.info(
'Report commons version for {name}'.format(name=idm_pod.name))
idm_pod.log_commons_version()
def test_version(self):
"""Report the version"""
logger.test_step('Report the version')
representative_pod = self.pods[0]
logger.info('Report the version for {name}'.format(
name=representative_pod.name))
representative_pod.log_version()
def get_bearer_token(self):
"""
When IDM is integrated with AM, we need bearer token for being able to do admin stuff.
This do following:
- login into AM as amadmin
- do OAuth2 flow with idmAdminClient oauth2 client
- return bearer token
:return: Admin bearer token
"""
if self.bearer_token is not None:
return self.bearer_token
amcfg = AMConfig()
# GetAMAdminLogin
s = requests.session()
headers = {
'X-OpenAM-Username': '******',
'X-OpenAM-Password': amcfg.amadmin_pwd,
'Accept-API-Version': 'resource=2.0, protocol=1.0',
'Content-Type': 'application/json'
}
params = {
'redirect_uri': self.admin_oauth_redirect_url,
'client_id': self.admin_oauth_client,
'response_type': 'code',
'scope': self.admin_oauth_scopes,
}
token = s.post(amcfg.rest_authn_url, headers=headers, verify=self.ssl_verify).json()['tokenId']
data = {"decision": "Allow", 'csrf': token}
headers = {
'Content-Type': 'application/x-www-form-urlencoded',
'accept-api-version': 'resource=2.1'
}
r_loc = s.post(amcfg.rest_oauth2_authz_url, data=data, verify=self.ssl_verify, headers=headers, params=params,
allow_redirects=False).headers['Location']
auth_code = re.findall('(?<=code=)(.+?)(?=&)', r_loc)
print(f'Got oauth2 code: {auth_code}')
headers = {
'Accept-API-Version': 'resource=2.0, protocol=1.0',
'Content-Type': 'application/x-www-form-urlencoded'
}
data = {
'grant_type': 'authorization_code',
'code': auth_code[0],
'redirect_uri': self.admin_oauth_redirect_url,
'client_id': self.admin_oauth_client
}
logger.test_step('Oauth2 get access-token REST')
response = s.post(verify=amcfg.ssl_verify, url=amcfg.rest_oauth2_access_token_url,
data=data, headers=headers)
self.bearer_token = response.json()['access_token']
return self.bearer_token
def setup_class(cls):
"""Populate the lists of pods"""
logger.test_step('Get pods')
environment_properties = dict(os.environ)
podnames = kubectl.get_product_pod_names(AmsterPod.PRODUCT_TYPE, environment_properties.get('TESTS_NAMESPACE'))
assert len(podnames) > 0, 'There are no Amster pods'
for podname in podnames:
TestAmsterMetadata.pods.append(AmsterPod(podname, TestAmsterMetadata.MANIFEST_FILEPATH))
def login_user(self, username, password):
headers = {'X-OpenAM-Username': username,
'X-OpenAM-Password': password,
'Content-Type': 'application/json',
'Accept-API-Version': 'resource=2.0, protocol=1.0'}
logger.test_step(f'User {username} authn REST - AM')
response = post(verify=self.ssl_verify, url=self.rest_authn_url, headers=headers)
rest.check_http_status(http_result=response, expected_status=200)
def create_user(self, payload):
headers = self.get_admin_headers({
'Content-Type': 'application/json',
})
logger.test_step('Create test user')
response = post(verify=self.ssl_verify, url=f'{self.rest_managed_user_url}?_action=create',
headers=headers, data=payload)
rest.check_http_status(http_result=response, expected_status=201)
def setup_class(cls):
"""Populate the lists of pods"""
logger.test_step('Get pods')
podnames = kubectl.get_product_component_names(pod.Pod.NAMESPACE,
IDMPod.PRODUCT_TYPE)
assert len(podnames) > 0, 'There are no IDM pods'
for podname in podnames:
TestIDMMetadata.pods.append(IDMPod(podname))
