@Test(
groups = {"wso2.am"},
description = "test invocation of api under tier Silver.",
dependsOnMethods = "testEditAPITierToSilver")
public void testInvokingWithSilverTier()
throws APIManagerIntegrationTestException, InterruptedException, IOException {
applicationNameSilver = APPLICATION_NAME + TIER_SILVER;
// create new application
apiStoreClientUser1.addApplication(applicationNameSilver, TIER_GOLD, "", "");
apiIdentifier.setTier(TIER_SILVER);
// Do a API Silver subscription.
subscribeToAPI(apiIdentifier, applicationNameSilver, apiStoreClientUser1);
// get access token
String accessToken =
generateApplicationKeys(apiStoreClientUser1, applicationNameSilver).getAccessToken();
// Create requestHeaders
Map<String, String> requestHeadersSilverTier = new HashMap<String, String>();
requestHeadersSilverTier.put("accept", "text/xml");
requestHeadersSilverTier.put("Authorization", "Bearer " + accessToken);
// millisecond to expire the throttling block
Thread.sleep(THROTTLING_UNIT_TIME + THROTTLING_ADDITIONAL_WAIT_TIME);
long startTime = System.currentTimeMillis();
long currentTime;
for (int invocationCount = 1;
invocationCount <= SILVER_INVOCATION_LIMIT_PER_MIN;
invocationCount++) {
currentTime = System.currentTimeMillis();
// Invoke API
HttpResponse invokeResponse =
HttpRequestUtil.doGet(
gatewayWebAppUrl + API_CONTEXT + "/" + API_VERSION_1_0_0 + API_END_POINT_METHOD,
requestHeadersSilverTier);
assertEquals(
invokeResponse.getResponseCode(),
HTTP_RESPONSE_CODE_OK,
"Response code mismatched. "
+ "Invocation attempt:"
+ invocationCount
+ " failed during :"
+ (currentTime - startTime)
+ " milliseconds under Silver API level tier");
assertTrue(
invokeResponse.getData().contains(API_RESPONSE_DATA),
"Response data mismatched."
+ " Invocation attempt:"
+ invocationCount
+ " failed during :"
+ (currentTime - startTime)
+ " milliseconds under Silver API level tier");
}
currentTime = System.currentTimeMillis();
HttpResponse invokeResponse =
HttpRequestUtil.doGet(
gatewayWebAppUrl + API_CONTEXT + "/" + API_VERSION_1_0_0 + API_END_POINT_METHOD,
requestHeadersSilverTier);
assertEquals(
invokeResponse.getResponseCode(),
HTTP_RESPONSE_CODE_SERVICE_UNAVAILABLE,
"Response code mismatched. Invocation attempt:"
+ (SILVER_INVOCATION_LIMIT_PER_MIN + 1)
+ " passed during :"
+ (currentTime - startTime)
+ " milliseconds under Silver API level tier");
assertTrue(
invokeResponse.getData().contains(MESSAGE_THROTTLED_OUT),
"Response data mismatched. Invocation attempt:"
+ (SILVER_INVOCATION_LIMIT_PER_MIN + 1)
+ " passed during :"
+ (currentTime - startTime)
+ " milliseconds under Silver API level tier");
}
@Test(
groups = {"wso2.am"},
description =
"Test the API with endpoint security enabled with simple password"
+ " that only has characters and numbers")
public void testInvokeGETResourceWithSecuredEndPointPasswordOnlyNumbersAndLetters()
throws Exception {
String endpointUsername = "******";
char[] endpointPassword = {'a', 'd', 'm', 'i', 'n', '1', '2', '3'};
byte[] userNamePasswordByteArray =
(endpointUsername + ":" + String.valueOf(endpointPassword)).getBytes();
String encodedUserNamePassword = DatatypeConverter.printBase64Binary(userNamePasswordByteArray);
APICreationRequestBean apiCreationRequestBean =
new APICreationRequestBean(
API_NAME, API_CONTEXT, API_VERSION_1_0_0, providerName, new URL(apiEndPointUrl));
apiCreationRequestBean.setTags(API_TAGS);
apiCreationRequestBean.setDescription(API_DESCRIPTION);
apiCreationRequestBean.setEndpointType("secured");
apiCreationRequestBean.setEpUsername(endpointUsername);
apiCreationRequestBean.setEpPassword(String.valueOf(endpointPassword));
apiCreationRequestBean.setTier(TIER_UNLIMITED);
apiCreationRequestBean.setTiersCollection(TIER_UNLIMITED);
APIIdentifier apiIdentifier = new APIIdentifier(providerName, API_NAME, API_VERSION_1_0_0);
apiIdentifier.setTier(TIER_UNLIMITED);
createPublishAndSubscribeToAPI(
apiIdentifier,
apiCreationRequestBean,
apiPublisherClientUser1,
apiStoreClientUser1,
APPLICATION_NAME);
waitForAPIDeploymentSync(
user.getUserName(), API_NAME, API_VERSION_1_0_0, APIMIntegrationConstants.IS_API_EXISTS);
String accessToken =
generateApplicationKeys(apiStoreClientUser1, APPLICATION_NAME).getAccessToken();
requestHeadersGet.put("Authorization", "Bearer " + accessToken);
HttpResponse httpResponseGet =
HttpRequestUtil.doGet(
getAPIInvocationURLHttp(API_CONTEXT, API_VERSION_1_0_0) + "/sec", requestHeadersGet);
assertEquals(
httpResponseGet.getResponseCode(),
HTTP_RESPONSE_CODE_OK,
"Invocation fails for GET request for "
+ "endpoint type secured. username:"******" password:"******"Response Data not match for GET"
+ " request for endpoint type secured. Expected value :"
+ encodedUserNamePassword
+ " not contains in "
+ "response data:"
+ httpResponseGet.getData()
+ "username:"******" password:"
+ String.valueOf(endpointPassword));
}
@BeforeClass(alwaysRun = true)
public void setEnvironment() throws Exception {
super.init(userMode);
// Load the back-end dummy API
if (TestUserMode.SUPER_TENANT_ADMIN == userMode) {
String gatewaySessionCookie = createSession(gatewayContextMgt);
loadSynapseConfigurationFromClasspath(
"artifacts"
+ File.separator
+ "AM"
+ File.separator
+ "synapseconfigs"
+ File.separator
+ "rest"
+ File.separator
+ "dummy_api.xml",
gatewayContextMgt,
gatewaySessionCookie);
}
publisherURLHttp = getPublisherURLHttp();
apiPublisher = new APIPublisherRestClient(publisherURLHttp);
apiPublisher.login(user.getUserName(), user.getPassword());
String providerName = user.getUserName();
URL endpointUrl = new URL(getSuperTenantAPIInvocationURLHttp("response", "1.0.0"));
ArrayList<APIResourceBean> resourceBeanList = new ArrayList<APIResourceBean>();
resourceBeanList.add(
new APIResourceBean(
APIMIntegrationConstants.HTTP_VERB_GET,
APIMIntegrationConstants.RESOURCE_AUTH_TYPE_APPLICATION_AND_APPLICATION_USER,
APIMIntegrationConstants.RESOURCE_TIER.UNLIMITED,
"/*"));
apiCreationRequestBean =
new APICreationRequestBean(
API_NAME, API_CONTEXT, API_VERSION, providerName, endpointUrl, resourceBeanList);
apiCreationRequestBean.setTags(TAGS);
apiCreationRequestBean.setDescription(DESCRIPTION);
String publisherURLHttp = getPublisherURLHttp();
String storeURLHttp = getStoreURLHttp();
apiPublisherClientUser1 = new APIPublisherRestClient(publisherURLHttp);
apiStoreClientUser1 = new APIStoreRestClient(storeURLHttp);
// Login to API Publisher with admin
apiPublisherClientUser1.login(user.getUserName(), user.getPassword());
// Login to API Store with admin
apiStoreClientUser1.login(user.getUserName(), user.getPassword());
apiIdentifier = new APIIdentifier(providerName, API_NAME, API_VERSION);
apiIdentifier.setTier(APIMIntegrationConstants.API_TIER.GOLD);
// Create application
apiStoreClientUser1.addApplication(
APPLICATION_NAME, APIMIntegrationConstants.APPLICATION_TIER.LARGE, "", "");
accessToken = generateApplicationKeys(apiStoreClientUser1, APPLICATION_NAME).getAccessToken();
createPublishAndSubscribeToAPI(
apiIdentifier,
apiCreationRequestBean,
apiPublisherClientUser1,
apiStoreClientUser1,
APPLICATION_NAME);
waitForAPIDeploymentSync(
user.getUserName(), API_NAME, API_VERSION, APIMIntegrationConstants.IS_API_EXISTS);
}