Commit b097b5e8 authored by Muhammad Umair Khan's avatar Muhammad Umair Khan Committed by Giacomo Bernini
Browse files

implement oauth scope for SOL003 VNFLifecycleOperationGranting API

parent 274a560b

SOL003/VNFLifecycleOperationGranting-API/Grants.robot

+27 −0
Original line number Diff line number Diff line
@@ -149,6 +149,33 @@ Requests a grant for a particular VNF lifecycle operation - Synchronous mode usi 
    Check Operation Occurrence Id existence 

    Check HTTP Response Body Json Schema Is    grant



Requests a grant for a particular VNF lifecycle operation - Synchronous mode with permitted authorization scope

    [Documentation]    Test ID: 7.3.2.1.11

    ...    Test title: Requests a grant for a particular VNF lifecycle operation - Synchronous mode with permitted authorization scope

    ...    Test objective: The objective is to request a grant for a particular VNF lifecycle operation and perform a JSON schema validation on the returned grant data structure with permitted authorization scope

    ...    Pre-conditions: none

    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1

    ...    Config ID: Config_prod_NFVO

    ...    Applicability: The NFVO can decide immediately what to respond to a grant request

    ...    Post-Conditions: The grant information is available to the VNFM.

    Send Request Grant Request in Synchronous mode with permitted authorization scope

    Check HTTP Response Status Code Is    201

    Check Operation Occurrence Id existence 

    Check HTTP Response Body Json Schema Is    grant



Requests a grant for a particular VNF lifecycle operation - Synchronous mode with not permitted authorization scope

    [Documentation]    Test ID: 7.3.2.1.12

    ...    Test title: Requests a grant for a particular VNF lifecycle operation - Synchronous mode with not permitted authorization scope

    ...    Test objective: The objective is to request a grant for a particular VNF lifecycle operation and perform a JSON schema validation on the returned grant data structure with not permitted authorization scope

    ...    Pre-conditions: none

    ...    Reference: Clause 9.4.2.3.1 - ETSI GS NFV-SOL 003 [1] v4.5.1

    ...    Config ID: Config_prod_NFVO

    ...    Applicability: The NFVO can decide immediately what to respond to a grant request

    ...    Post-Conditions: The grant information is available to the VNFM.

    Send Request Grant Request in Synchronous mode with not permitted authorization scope

    Check HTTP Response Status Code Is    403

    Check HTTP Response Body Json Schema Is    ProblemDetails



*** Keywords ***

Wait for individual grant successful notification

    Wait Until Keyword Succeeds    ${retry}   ${polling}    Get an individual grant - Successful
 
 No newline at end of file

SOL003/VNFLifecycleOperationGranting-API/VNFLifecycleOperationGrantingKeywords.robot

+35 −1
Original line number Diff line number Diff line
@@ -92,6 +92,35 @@ Send Request for a new Grant Forbiden Operation 
    ${body}=    Output    response

    Set Suite Variable    ${response}    ${body}



Send Request Grant Request in Synchronous mode with permitted authorization scope 

    Log    Request a new Grant for a VNF LCM operation by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/grants with permitted authorization scope 

    Pass Execution If    ${SYNC_MODE} == 0    The Granting process is asynchronous mode. Skipping the test

    Set Headers    {"Accept": "${ACCEPT}"}

    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}

    ${scopeValue}=    Create Dictionary    scopeValue=${GRANT_PERMITTED_SCOPE}

    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}

    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}

    Run Keyword If    ${check_descriptors} == 1    PARSE the Descriptor File

    ${template}=    Get File    jsons/grantRequest.json

    ${body}=        Format String   ${template}    vnfInstanceId=${vnfInstanceId}   vnfLcmOpOccId=${vnfLcmOpOccId}    vnfdId=${Descriptor_ID}    flavourId=${Flavour_ID}

    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/grants    ${body}

    ${body}=    Output    response

    Set Suite Variable    ${response}    ${body}

Send Request Grant Request in Synchronous mode with not permitted authorization scope 

    Log    Request a new Grant for a VNF LCM operation by POST to ${apiRoot}/${apiName}/${apiMajorVersion}/grants with not permitted authorization scope 

    Pass Execution If    ${SYNC_MODE} == 0    The Granting process is asynchronous mode. Skipping the test

    Set Headers    {"Accept": "${ACCEPT}"}

    Set Headers    {"Content-Type": "${CONTENT_TYPE}"}

    ${scopeValue}=    Create Dictionary    scopeValue=${GRANT_NOT_PERMITTED_SCOPE}

    ${authorizationToken}=    JWT Encode    payload=${scopeValue}    key=${OAUTH_KEY}    algorithm=${OAUTH_ENCRYPTION_ALGORITHM}

    Run Keyword If    ${AUTH_USAGE} == 1    Set Headers    {"${AUTHORIZATION_HEADER}":"${authorizationToken}"}

    Run Keyword If    ${check_descriptors} == 1    PARSE the Descriptor File

    ${template}=    Get File    jsons/grantRequest.json

    ${body}=        Format String   ${template}    vnfInstanceId=${vnfInstanceId}   vnfLcmOpOccId=${vnfLcmOpOccId}    vnfdId=${Descriptor_ID}    flavourId=${Flavour_ID}

    Post    ${apiRoot}/${apiName}/${apiMajorVersion}/grants    ${body}

    ${body}=    Output    response

    Set Suite Variable    ${response}    ${body}

    

Check HTTP Response Status Code Is

    [Arguments]    ${expected_status}    

    Should Be Equal As Strings    ${response['status']}    ${expected_status}
@@ -348,3 +377,8 @@ Match the grant Response Attributes with Descriptors 
    Run Keyword If  '${descriptorType}'=='SOL001'    List Should Contain Value    @{CP_IDs}    ${response['body']['extVirtualLinks'][0]['extCps'][0]['cpdId']}

    List Should Contain Value    ${VirtualLink_IDs}    ${response['body']['extManagedVirtualLinkData'][0]['vnfVirtualLinkDescId']}

    List Should Contain value    ${Compute_IDs}    ${response['body']['vimAssets']['computeResourceFlavours'][0]['vnfdVirtualComputeDescId']}



JWT Encode

    [Arguments]    ${payload}    ${key}    ${algorithm}

    ${encoded}=    Evaluate    jwt.encode(${payload}, ${key}, ${algorithm})

    [Return]    ${encoded}
 
 No newline at end of file

SOL003/VNFLifecycleOperationGranting-API/environment/variables.txt

+4 −0
Original line number Diff line number Diff line
@@ -2,7 +2,11 @@ 
${NFVO_HOST}      localhost    # Hostname of the NFVO

${NFVO_PORT}      8081    # Listening port of the NFVO

${NFVO_SCHEMA}    https

${OAUTH_ENCRYPTION_ALGORITHM}  HS256

${OAUTH_KEY}

${AUTHORIZATION_HEADER}    Authorization

${GRANT_PERMITTED_SCOPE}  grant:v1:all

${GRANT_NOT_PERMITTED_SCOPE}  grant:v1:all:invalid

${AUTHORIZATION_TOKEN}    Bearer 0b79bab50daca910b000d4f1a2b675d604257e42

${CONTENT_TYPE}    application/json

${ACCEPT}         application/json