Adding test cases for token issuer with environments

wso2 · Oct 21, 2023 · 2763091 · 2763091
1 parent cac99a0
commit 2763091
Show file tree

Hide file tree

Showing 5 changed files with 167 additions and 17 deletions.
diff --git a/build-apk.sh b/build-apk.sh
@@ -14,6 +14,8 @@ cd gateway/router;./gradlew build;
 cd $current_dir;
 cd gateway/enforcer;./gradlew build;
 cd $current_dir;
+cd common-controller;./gradlew build;
+cd $current_dir;
 cd idp/idp-domain-service;./gradlew build;
 cd $current_dir;
 cd idp/idp-ui;./gradlew build;

diff --git a/test/cucumber-tests/CRs/artifacts.yaml b/test/cucumber-tests/CRs/artifacts.yaml
@@ -578,6 +578,54 @@ spec:
  kind: Gateway
  name: default
 ---
+kind: TokenIssuer
+apiVersion: dp.wso2.com/v1alpha1
+metadata:
+ name: multi-env-token-issuer-all-envs
+ namespace: apk-integration-test
+spec:
+ consumerKeyClaim: azp
+ issuer: https://idp1.com
+ name: idp-all-env
+ organization: org3
+ scopesClaim: scope
+ environments:
+ - "*"
+ signatureValidation:
+ jwks:
+ url: "http:https://dynamic-backend-service:8080/idp1/jwks"
+ claimMappings:
+ - remoteClaim: "organization"
+ localClaim: "x-wso2-organization"
+ targetRef:
+ group: gateway.networking.k8s.io
+ kind: Gateway
+ name: default
+---
+kind: TokenIssuer
+apiVersion: dp.wso2.com/v1alpha1
+metadata:
+ name: multi-env-token-issuer-dev-env
+ namespace: apk-integration-test
+spec:
+ consumerKeyClaim: azp
+ issuer: https://idp1.com
+ name: idp-dev-only
+ organization: org4
+ scopesClaim: scope
+ environments:
+ - "dev"
+ signatureValidation:
+ jwks:
+ url: "http:https://dynamic-backend-service:8080/idp1/jwks"
+ claimMappings:
+ - remoteClaim: "organization"
+ localClaim: "x-wso2-organization"
+ targetRef:
+ group: gateway.networking.k8s.io
+ kind: Gateway
+ name: default
+---
 # We have removed the Envoy admin interface port from our helm gateway service yaml. So we need this one here.
 apiVersion: v1
 kind: Service

diff --git a/test/cucumber-tests/scripts/setup-hosts.sh b/test/cucumber-tests/scripts/setup-hosts.sh
@@ -14,8 +14,12 @@ sudo echo "$IP api.am.wso2.com" | sudo tee -a /etc/hosts
 sudo echo "$IP default.gw.wso2.com" | sudo tee -a /etc/hosts
 sudo echo "$IP org1.gw.wso2.com" | sudo tee -a /etc/hosts
 sudo echo "$IP org2.gw.wso2.com" | sudo tee -a /etc/hosts
+sudo echo "$IP org3.gw.wso2.com" | sudo tee -a /etc/hosts
+sudo echo "$IP org4.gw.wso2.com" | sudo tee -a /etc/hosts
 sudo echo "$IP default.sandbox.gw.wso2.com" | sudo tee -a /etc/hosts
-sudo echo "$IP default-qa.gw.wso2.com" | sudo tee -a /etc/hosts
 sudo echo "$IP default-dev.gw.wso2.com" | sudo tee -a /etc/hosts
+sudo echo "$IP org3-qa.gw.wso2.com" | sudo tee -a /etc/hosts
+sudo echo "$IP org4-qa.gw.wso2.com" | sudo tee -a /etc/hosts
+sudo echo "$IP org4-dev.gw.wso2.com" | sudo tee -a /etc/hosts
 sudo echo "255.255.255.255 broadcasthost" | sudo tee -a /etc/hosts
 sudo echo "::1 localhost" | sudo tee -a /etc/hosts
diff --git a/test/cucumber-tests/src/test/resources/artifacts/apk-confs/multi-env/employees_conf.yaml b/test/cucumber-tests/src/test/resources/artifacts/apk-confs/multi-env/employees_conf.yaml
@@ -0,0 +1,27 @@
+---
+name: "EmployeeServiceAPIDev"
+basePath: "/withoutenv"
+version: "3.14"
+id: "without-env-api"
+type: "REST"
+defaultVersion: false
+endpointConfigurations:
+ production:
+ endpoint: "http:https://backend:80/anything"
+operations:
+ - target: "/employee"
+ verb: "GET"
+ secured: true
+ scopes: []
+ - target: "/employee"
+ verb: "POST"
+ secured: true
+ scopes: []
+ - target: "/employee/{employeeId}"
+ verb: "PUT"
+ secured: true
+ scopes: []
+ - target: "/employee/{employeeId}"
+ verb: "DELETE"
+ secured: true
+ scopes: []
diff --git a/test/cucumber-tests/src/test/resources/tests/api/MultiEnvironment.feature b/test/cucumber-tests/src/test/resources/tests/api/MultiEnvironment.feature
@@ -1,37 +1,106 @@
 Feature: Deploy APIs in multiple environments
- Scenario: Deploying an API in Dev Environment for Organization, test123
+ Scenario: Deploying an API without specifing an Environment and token issuer has no environments.
  Given The system is ready
  And I have a valid subscription
- When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_dev.yaml"
+ When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf.yaml"
  And the definition file "artifacts/definitions/employees_api.json"
  And make the API deployment request
  Then the response status code should be 200
  Then I set headers
  |Authorization|bearer ${accessToken}|
- And I send "GET" request to "https://default-dev.gw.wso2.com:9095/multienv/3.14/employee/" with body ""
+ And I send "GET" request to "https://default.gw.wso2.com:9095/withoutenv/3.14/employee/" with body ""
+ And I eventually receive 200 response code, not accepting
+ |429|
+ When I undeploy the API whose ID is "without-env-api"
+ Then the response status code should be 202
+
+ Scenario: Deploying an API without specifing an Environment and token issuer has all(*) environments.
+ Given The system is ready
+ And I have a valid token for organization "org3"
+ When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf.yaml"
+ And the definition file "artifacts/definitions/employees_api.json"
+ And make the API deployment request for organization "org3"
+ Then the response status code should be 200
+ Then I set headers
+ |Authorization|bearer ${org3}|
+ And I send "GET" request to "https://org3.gw.wso2.com:9095/withoutenv/3.14/employee/" with body ""
  And I eventually receive 200 response code, not accepting
  |429|
-
- Scenario: Deploying the same API in QA Environment for Organization, test123
+ When I undeploy the API whose ID is "without-env-api" and organization "org3"
+ Then the response status code should be 202
+
+ Scenario: Deploying an API without specifing an Environment and token issuer has only dev environment.
+ Given The system is ready
+ And I have a valid token for organization "org4"
+ When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf.yaml"
+ And the definition file "artifacts/definitions/employees_api.json"
+ And make the API deployment request for organization "org4"
+ Then the response status code should be 200
+ Then I set headers
+ |Authorization|bearer ${org4}|
+ And I send "GET" request to "https://org4.gw.wso2.com:9095/withoutenv/3.14/employee/" with body ""
+ And I eventually receive 401 response code, not accepting
+ |200|
+ When I undeploy the API whose ID is "without-env-api" and organization "org4"
+ Then the response status code should be 202
+
+ Scenario: Deploying an API in Dev environment and token issuer has no environments.
  Given The system is ready
  And I have a valid subscription
- When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_qa.yaml"
+ When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_dev.yaml"
  And the definition file "artifacts/definitions/employees_api.json"
  And make the API deployment request
  Then the response status code should be 200
  Then I set headers
  |Authorization|bearer ${accessToken}|
- And I send "GET" request to "https://default-qa.gw.wso2.com:9095/multienv/3.14/employee/" with body ""
+ And I send "GET" request to "https://default-dev.gw.wso2.com:9095/multienv/3.14/employee/" with body ""
  And I eventually receive 200 response code, not accepting
  |429|
-
- Scenario Outline: Undeploy API
+ When I undeploy the API whose ID is "multi-env-dev-api"
+ Then the response status code should be 202
+
+ Scenario: Deploying an API in QA environment and token issuer has all(*) environments.
  Given The system is ready
- And I have a valid subscription
- When I undeploy the API whose ID is "<apiID>"
- Then the response status code should be <expectedStatusCode>
+ And I have a valid token for organization "org3"
+ When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_qa.yaml"
+ And the definition file "artifacts/definitions/employees_api.json"
+ And make the API deployment request for organization "org3"
+ Then the response status code should be 200
+ Then I set headers
+ |Authorization|bearer ${org3}|
+ And I send "GET" request to "https://org3-qa.gw.wso2.com:9095/multienv/3.14/employee/" with body ""
+ And I eventually receive 200 response code, not accepting
+ |401|
+ When I undeploy the API whose ID is "multi-env-qa-api" and organization "org3"
+ Then the response status code should be 202
+
+ Scenario: Deploying an API in QA environment and token issuer has only Dev environment.
+ Given The system is ready
+ And I have a valid token for organization "org4"
+ When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_qa.yaml"
+ And the definition file "artifacts/definitions/employees_api.json"
+ And make the API deployment request for organization "org4"
+ Then the response status code should be 200
+ Then I set headers
+ |Authorization|bearer ${org4}|
+ And I send "GET" request to "https://org4-qa.gw.wso2.com:9095/multienv/3.14/employee/" with body ""
+ And I eventually receive 401 response code, not accepting
+ |200|
+ When I undeploy the API whose ID is "multi-env-qa-api" and organization "org4"
+ Then the response status code should be 202
 
- Examples:
- | apiID | expectedStatusCode |
- | multi-env-dev-api | 202 |
- | multi-env-qa-api | 202 |
+ Scenario: Deploying an API in Dev environment and token issuer has only Dev environment.
+ Given The system is ready
+ And I have a valid token for organization "org4"
+ When I use the APK Conf file "artifacts/apk-confs/multi-env/employees_conf_dev.yaml"
+ And the definition file "artifacts/definitions/employees_api.json"
+ And make the API deployment request for organization "org4"
+ Then the response status code should be 200
+ Then I set headers
+ |Authorization|bearer ${org4}|
+ And I send "GET" request to "https://org4-dev.gw.wso2.com:9095/multienv/3.14/employee/" with body ""
+ And I eventually receive 200 response code, not accepting
+ |401|
+ When I undeploy the API whose ID is "multi-env-dev-api" and organization "org4"
+ Then the response status code should be 202
+