implement OAuth scope test for NSLifeCycleOperationGranting API of SOL011 (6cef9960) · Commits · NFV - Network Functions Virtualisation / api-tests

SOL011/NSLifecycleOperationGranting-API/Grants.robot

+27 −1

Original line number	Diff line number	Diff line
		@@ -83,3 +83,29 @@ DELETE Grants - Method not implemented
		Delete Grants
		Check HTTP Response Status Code Is 405
		Check Postcondition Grants Exist
		Requests a grant for a particular NS lifecycle operation with permitted authorization scope
		[Documentation] Test ID: 9.3.1.1.7
		... Test title: Requests a grant for a particular NS lifecycle operation with permitted authorization scope
		... Test objective: The objective is to request a grant for a particular NS lifecycle operation and perform a JSON schema validation on the returned grant data structure
		... Pre-conditions:
		... Reference: Clause 7.5.3.3.1 - ETSI GS NFV-SOL 011 [8] v4.5.1
		... Config ID: Config_prod_NFVO
		... Applicability: The NFVO can decide immediately what to respond to a grant request
		... Post-Conditions: The grant information is available to the NFVO.
		Send Post Request for Grant with permitted authorization scope
		Check HTTP Response Status Code Is 201
		Check HTTP Response Body Json Schema Is Grant
		Check HTTP Response Header Contains Location
		Check Postcondition Grant Is Set
		Requests a grant for a particular NS lifecycle operation with NOT permitted authorization scope
		[Documentation] Test ID: 9.3.1.1.8
		... Test title: Requests a grant for a particular NS lifecycle operation with not permitted authorization scope
		... Test objective: The objective is to request a grant for a particular NS lifecycle operation and perform a JSON schema validation on the returned grant data structure
		... Pre-conditions:
		... Reference: Clause 7.5.3.3.1 - ETSI GS NFV-SOL 011 [8] v4.5.1
		... Config ID: Config_prod_NFVO
		... Applicability: The NFVO can decide immediately what to respond to a grant request
		... Post-Conditions: The grant information is available to the NFVO.
		Send Post Request for Grant with not permitted authorization scope
		Check HTTP Response Status Code Is 403
		Check HTTP Response Body Json Schema Is ProblemDetails
		No newline at end of file

SOL011/NSLifecycleOperationGranting-API/IndividualGrant.robot

+24 −0

Original line number	Diff line number	Diff line
		@@ -83,3 +83,27 @@ GET an individual grant - NOT FOUND
		Get individual grant
		Check HTTP Response Status Code Is 404
		Check HTTP Response Body Json Schema Is ProblemDetails
		GET an individual grant with permitted authorization scope - Successful
		[Documentation] Test ID: 9.3.1.2.7
		... Test title: GET an individual grant with permitted authorization scope - Successful
		... Test objective: The objective is to retrieve a grant for a particular NS Lifecycle Operation.
		... Pre-conditions: The grant information is available to the NFVO
		... Reference: Clause 7.5.4.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
		... Config ID: Config_prod_NFVO
		... Applicability: none
		... Post-Conditions: none
		Get individual grant with permitted authorization scope
		Check HTTP Response Status Code Is 200
		Check HTTP Response Body Json Schema Is Grant
		GET an individual grant with not permitted authorization scope - Successful
		[Documentation] Test ID: 9.3.1.2.8
		... Test title: GET an individual grant with not permitted authorization scope - Successful
		... Test objective: The objective is to retrieve a grant for a particular NS Lifecycle Operation.
		... Pre-conditions: The grant information is available to the NFVO
		... Reference: Clause 7.5.4.3.2 - ETSI GS NFV-SOL 011 [8] v4.5.1
		... Config ID: Config_prod_NFVO
		... Applicability: none
		... Post-Conditions: none
		Get individual grant with permitted not authorization scope
		Check HTTP Response Status Code Is 403
		Check HTTP Response Body Json Schema Is ProblemDetails
		No newline at end of file

SOL011/NSLifecycleOperationGranting-API/NSLCOperationGrantingKeywords.robot

+48 −1

Original line number	Diff line number	Diff line
		@@ -4,6 +4,7 @@ Library REST ${NFVO_SCHEMA}://${NFVO_HOST}:${NFVO_PORT} ssl_verify=fals
		Library OperatingSystem
		Library JSONLibrary
		Library JSONSchemaLibrary schemas/
		Library jwt

		* Keywords *
		Send Post Request for Grant
		@@ -142,3 +143,49 @@ Check Postcondition Grant Is Set
		${output}= Output response
		Set Suite Variable ${response} ${output}
		Check HTTP Response Status Code Is 200
		JWT Encode
		[Arguments] ${payload} ${key} ${algorithm}
		${encoded}= Evaluate jwt.encode(${payload}, ${key}, ${algorithm})
		[Return] ${encoded}
		Send Post Request for Grant with permitted authorization scope
		Log Request a new Grant for an NS LCM operation by POST to ${apiRoot}/${apiName}/${apiVersion}/grants
		Set Headers {"Accept": "${ACCEPT}"}
		Set Headers {"Content-Type": "${CONTENT_TYPE}"}
		${scope_value}= Create Dictionary scopeValue=${OPERATION_GRANTING_SCOPE}
		${authorizationToken}= JWT Encode payload=${scope_value} key='' algorithm=${OAUTH_Encryption_ALGORITHM}
		Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"Authorization":"${authorizationToken}"}
		${body}= Get File jsons/grantNSLifecycleOperationRequest.json
		Post ${apiRoot}/${apiName}/${apiVersion}/grants ${body}
		${body}= Output response
		Set Suite Variable ${response} ${body}
		Send Post Request for Grant with not permitted authorization scope
		Log Request a new Grant for an NS LCM operation by POST to ${apiRoot}/${apiName}/${apiVersion}/grants
		Set Headers {"Accept": "${ACCEPT}"}
		Set Headers {"Content-Type": "${CONTENT_TYPE}"}
		${scope_value}= Create Dictionary scopeValue=${NEG_SCOPE}
		${authorizationToken}= JWT Encode payload=${scope_value} key='' algorithm=${OAUTH_Encryption_ALGORITHM}
		Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"Authorization":"${authorizationToken}"}
		${body}= Get File jsons/grantNSLifecycleOperationRequest.json
		Post ${apiRoot}/${apiName}/${apiVersion}/grants ${body}
		${body}= Output response
		Set Suite Variable ${response} ${body}
		Get individual grant with permitted authorization scope
		log Trying to read an individual grant
		Set Headers {"Accept":"${ACCEPT}"}
		Set Headers {"Content-Type":"${CONTENT_TYPE}"}
		${scope_value}= Create Dictionary scopeValue=${OPERATION_GRANTING_SCOPE}
		${authorizationToken}= JWT Encode payload=${scope_value} key='' algorithm=${OAUTH_Encryption_ALGORITHM}
		Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"Authorization":"${authorizationToken}"}
		Get ${apiRoot}/${apiName}/${apiVersion}/grants/${grantId}
		${body}= Output response
		Set Suite Variable ${response} ${body}
		Get individual grant with permitted not authorization scope
		log Trying to read an individual grant
		Set Headers {"Accept":"${ACCEPT}"}
		Set Headers {"Content-Type":"${CONTENT_TYPE}"}
		${scope_value}= Create Dictionary scopeValue=${NEG_SCOPE}
		${authorizationToken}= JWT Encode payload=${scope_value} key='' algorithm=${OAUTH_Encryption_ALGORITHM}
		Run Keyword If ${AUTH_USAGE} == 1 Set Headers {"Authorization":"${authorizationToken}"}
		Get ${apiRoot}/${apiName}/${apiVersion}/grants/${grantId}
		${body}= Output response
		Set Suite Variable ${response} ${body}
		No newline at end of file

SOL011/NSLifecycleOperationGranting-API/environment/variables.txt

+4 −0

Original line number	Diff line number	Diff line
		@@ -25,6 +25,10 @@ ${VNFM_SCHEMA} https
		${CONTENT_TYPE_PATCH} application/merge-patch+json
		${WRONG_AUTHORIZATION} Bearer XXXXXWRONGXXXXX

		${OPERATION_GRANTING_SCOPE} nslcog:v1:all
		${NEG_SCOPE} nslcog:v1:invalid
		${OAUTH_Encryption_ALGORITHM} HS256

		${vnfInstanceDescription} description vnf
		${vnfInstanceDescription_Update} Updated description vnf
		${SINGLE_FILE_VNFD} 1 # If VNFD is PLAIN TEXT