Update functional tests for prevent external POST

prebid · Oct 23, 2024 · 274ca21 · 274ca21
1 parent fd7c185
commit 274ca21
Show file tree

Hide file tree

Showing 4 changed files with 197 additions and 61 deletions.
diff --git a/src/test/kotlin/org/prebid/cache/functional/AuthenticationCacheSpec.kt b/src/test/kotlin/org/prebid/cache/functional/AuthenticationCacheSpec.kt
@@ -0,0 +1,184 @@
+package org.prebid.cache.functional
+
+import io.kotest.assertions.assertSoftly
+import io.kotest.assertions.throwables.shouldThrowExactly
+import io.kotest.core.spec.style.ShouldSpec
+import io.kotest.matchers.shouldBe
+import io.kotest.matchers.string.beEmpty
+import io.ktor.client.statement.bodyAsText
+import io.ktor.http.contentType
+import org.prebid.cache.functional.BaseSpec.Companion.prebidCacheConfig
+import org.prebid.cache.functional.mapper.objectMapper
+import org.prebid.cache.functional.model.request.RequestObject
+import org.prebid.cache.functional.model.request.TransferValue
+import org.prebid.cache.functional.service.ApiException
+import org.prebid.cache.functional.util.getRandomString
+import org.springframework.http.HttpStatus.UNAUTHORIZED
+
+class AuthenticationCacheSpec : ShouldSpec({
+
+    should("should save JSON transfer value without api-key in header when cache-write-secured is disabled") {
+        // given: Prebid Cache with api.cache-write-secured=false property
+        val prebidCacheApi = BaseSpec.getPrebidCacheApi(
+            prebidCacheConfig.getBaseRedisConfig(
+                allowExternalUuid = true,
+                cacheWriteSecured = false,
+                apiKey = getRandomString()
+            )
+        )
+
+        // and: Request object with JSON transfer value
+        val requestObject = RequestObject.getDefaultJsonRequestObject()
+        val requestTransferValue = objectMapper.readValue(requestObject.puts[0].value, TransferValue::class.java)
+
+        // when: POST cache endpoint is called
+        val postResponse = prebidCacheApi.postCache(requestObject, apiKey = null)
+
+        // when: GET cache endpoint is called
+        val getCacheResponse = BaseSpec.getPrebidCacheApi().getCache(postResponse.responses[0].uuid)
+
+        // then: response content type is the same as request object type
+        getCacheResponse.contentType()?.contentType shouldBe "application"
+        getCacheResponse.contentType()?.contentSubtype shouldBe requestObject.puts[0].type.getValue()
+
+        // and: transfer value is returned
+        val responseTransferValue = objectMapper.readValue(getCacheResponse.bodyAsText(), TransferValue::class.java)
+
+        assertSoftly {
+            responseTransferValue.adm shouldBe requestTransferValue.adm
+            responseTransferValue.width shouldBe requestTransferValue.width
+            responseTransferValue.height shouldBe requestTransferValue.height
+        }
+    }
+
+    should("should save JSON transfer value without api-key in header when cache-write-secured is enabled") {
+        // given: Prebid Cache with api.cache-write-secured=true property
+        val prebidApiKey = getRandomString()
+        val prebidCacheApi = BaseSpec.getPrebidCacheApi(
+            prebidCacheConfig.getBaseRedisConfig(
+                allowExternalUuid = true,
+                cacheWriteSecured = true,
+                apiKey = prebidApiKey
+            )
+        )
+
+        // and: Request object with JSON transfer value
+        val requestObject = RequestObject.getDefaultJsonRequestObject()
+        val requestTransferValue = objectMapper.readValue(requestObject.puts[0].value, TransferValue::class.java)
+
+        // when: POST cache endpoint is called
+        val postResponse = prebidCacheApi.postCache(requestObject, apiKey = prebidApiKey)
+
+        // when: GET cache endpoint is called
+        val getCacheResponse = BaseSpec.getPrebidCacheApi().getCache(postResponse.responses[0].uuid)
+
+        // then: response content type is the same as request object type
+        getCacheResponse.contentType()?.contentType shouldBe "application"
+        getCacheResponse.contentType()?.contentSubtype shouldBe requestObject.puts[0].type.getValue()
+
+        // and: transfer value is returned
+        val responseTransferValue = objectMapper.readValue(getCacheResponse.bodyAsText(), TransferValue::class.java)
+
+        assertSoftly {
+            responseTransferValue.adm shouldBe requestTransferValue.adm
+            responseTransferValue.width shouldBe requestTransferValue.width
+            responseTransferValue.height shouldBe requestTransferValue.height
+        }
+    }
+
+    should("should throw exception when cache-write-secured is enabled and trying to save payload transfer without api-key") {
+        // given: Prebid Cache with api.cache-write-secured=true property
+        val prebidCacheApi = BaseSpec.getPrebidCacheApi(
+            prebidCacheConfig.getBaseRedisConfig(
+                allowExternalUuid = true,
+                cacheWriteSecured = true,
+                apiKey = getRandomString()
+            )
+        )
+
+        // and: Request object with JSON transfer value
+        val requestObject = RequestObject.getDefaultJsonRequestObject()
+
+        // when: POST cache endpoint is called
+        val exception = shouldThrowExactly<ApiException> { prebidCacheApi.postCache(requestObject, apiKey = null) }
+
+        // then: Bad Request exception is thrown
+        assertSoftly {
+            exception.statusCode shouldBe UNAUTHORIZED.value()
+            exception.responseBody should beEmpty()
+        }
+    }
+
+    should("should throw exception when cache-write-secured is enabled and trying to save payload transfer with empty api-key") {
+        // given: Prebid Cache with api.cache-write-secured=true property
+        val prebidCacheApi = BaseSpec.getPrebidCacheApi(
+            prebidCacheConfig.getBaseRedisConfig(
+                allowExternalUuid = true,
+                cacheWriteSecured = true,
+                apiKey = getRandomString()
+            )
+        )
+
+        // and: Request object with JSON transfer value
+        val requestObject = RequestObject.getDefaultJsonRequestObject()
+
+        // when: POST cache endpoint is called
+        val exception =
+            shouldThrowExactly<ApiException> { prebidCacheApi.postCache(requestObject, apiKey = "") }
+
+        // then: Bad Request exception is thrown
+        assertSoftly {
+            exception.statusCode shouldBe UNAUTHORIZED.value()
+            exception.responseBody should beEmpty()
+        }
+    }
+
+    should("should throw exception when cache-write-secured is enabled and trying to save payload transfer with invalid api-key") {
+        // given: Prebid Cache with api.cache-write-secured=true property
+        val prebidCacheApi = BaseSpec.getPrebidCacheApi(
+            prebidCacheConfig.getBaseRedisConfig(
+                allowExternalUuid = true,
+                cacheWriteSecured = true,
+                apiKey = getRandomString()
+            )
+        )
+
+        // and: Request object with JSON transfer value
+        val requestObject = RequestObject.getDefaultJsonRequestObject()
+
+        // when: POST cache endpoint is called
+        val exception =
+            shouldThrowExactly<ApiException> { prebidCacheApi.postCache(requestObject, apiKey = getRandomString()) }
+
+        // then: Bad Request exception is thrown
+        assertSoftly {
+            exception.statusCode shouldBe UNAUTHORIZED.value()
+            exception.responseBody should beEmpty()
+        }
+    }
+
+    should("should throw exception when cache-write-secured is enabled and trying to save payload transfer with different case strategy api-key") {
+        // given: Prebid Cache with api.cache-write-secured=true property
+        val prebidApiKey = getRandomString()
+        val prebidCacheApi = BaseSpec.getPrebidCacheApi(
+            prebidCacheConfig.getBaseRedisConfig(
+                allowExternalUuid = true,
+                cacheWriteSecured = true,
+                apiKey = prebidApiKey
+            )
+        )
+
+        // and: Request object with JSON transfer value
+        val requestObject = RequestObject.getDefaultJsonRequestObject()
+
+        // when: POST cache endpoint is called
+        val exception =
+            shouldThrowExactly<ApiException> { prebidCacheApi.postCache(requestObject, apiKey = prebidApiKey.uppercase()) }
+
+        // then: Bad Request exception is thrown
+        assertSoftly {
+            exception.statusCode shouldBe UNAUTHORIZED.value()
+            exception.responseBody should beEmpty()
+        }
+    }
+})
diff --git a/src/test/kotlin/org/prebid/cache/functional/GeneralCacheSpec.kt b/src/test/kotlin/org/prebid/cache/functional/GeneralCacheSpec.kt
@@ -99,12 +99,9 @@ class GeneralCacheSpec : ShouldSpec({
         }
     }
 
-    should("return the same JSON transfer value which was saved to cache  when routes.allow_public_write is enabled") {
+    should("return the same JSON transfer value which was saved to cache") {
         // given: Prebid Cache with routes.allow_public_write=true property
-        val prebidCacheApi = BaseSpec.getPrebidCacheApi(prebidCacheConfig.getBaseRedisConfig(
-            allowExternalUuid = true,
-            cacheWriteSecured = true
-        ))
+        val prebidCacheApi = BaseSpec.getPrebidCacheApi(prebidCacheConfig.getBaseRedisConfig(true))
 
         // and: Request object with JSON transfer value
         val requestObject = RequestObject.getDefaultJsonRequestObject()
@@ -130,58 +127,6 @@ class GeneralCacheSpec : ShouldSpec({
         }
     }
 
-    should("return the same JSON transfer value which was saved to admin cache when routes.allow_public_write is disabled") {
-        // given: Prebid Cache with routes.allow_public_write=true property
-        val prebidCacheApi = BaseSpec.getPrebidCacheApi(prebidCacheConfig.getBaseRedisConfig(
-            allowExternalUuid = true,
-            cacheWriteSecured = false
-        ))
-
-        // and: Request object with JSON transfer value
-        val requestObject = RequestObject.getDefaultJsonRequestObject()
-        val requestTransferValue = objectMapper.readValue(requestObject.puts[0].value, TransferValue::class.java)
-
-        // and: POST cache endpoint is called
-
-        val postResponse = prebidCacheApi.postCache(requestObject)
-
-        // when: GET cache endpoint is called
-        val getCacheResponse = prebidCacheApi.getCache(postResponse.responses[0].uuid)
-
-        // then: response content type is the same as request object type
-        getCacheResponse.contentType()?.contentType shouldBe "application"
-        getCacheResponse.contentType()?.contentSubtype shouldBe requestObject.puts[0].type.getValue()
-
-        // and: transfer value is returned
-        val responseTransferValue = objectMapper.readValue(getCacheResponse.bodyAsText(), TransferValue::class.java)
-
-        assertSoftly {
-            responseTransferValue.adm shouldBe requestTransferValue.adm
-            responseTransferValue.width shouldBe requestTransferValue.width
-            responseTransferValue.height shouldBe requestTransferValue.height
-        }
-    }
-
-    should("throw an exception when routes.allow_public_write is disabled and trying to save payload transfer by general cache") {
-        // given: Prebid Cache with routes.allow_public_write=true property
-        val prebidCacheApi = BaseSpec.getPrebidCacheApi(prebidCacheConfig.getBaseRedisConfig(
-            allowExternalUuid = true,
-            cacheWriteSecured = false
-        ))
-
-        // and: Request object with JSON transfer value
-        val requestObject = RequestObject.getDefaultJsonRequestObject()
-
-        // when: POST cache endpoint is called
-        val exception = shouldThrowExactly<ApiException> { prebidCacheApi.postCache(requestObject) }
-
-        // then: Bad Request exception is thrown
-        assertSoftly {
-            exception.statusCode shouldBe BAD_REQUEST.value()
-            exception.responseBody shouldContain "Main server will only accept GET requests"
-        }
-    }
-
     should("return the same XML transfer value which was saved to cache") {
         // given: Request object with XML transfer value
         val requestObject = RequestObject.getDefaultXmlRequestObject()

diff --git a/src/test/kotlin/org/prebid/cache/functional/service/PrebidCacheApi.kt b/src/test/kotlin/org/prebid/cache/functional/service/PrebidCacheApi.kt
@@ -32,10 +32,17 @@ class PrebidCacheApi(
         get(endpoint = CACHE_ENDPOINT,
             parameters = mapOf(UUID_QUERY_PARAMETER to uuid, PROXY_CACHE_HOST_QUERY_PARAMETER to proxyCacheHost))
 
-    suspend fun postCache(requestObject: RequestObject, secondaryCache: String? = null): ResponseObject =
-        post(endpoint = CACHE_ENDPOINT,
+    suspend fun postCache(
+        requestObject: RequestObject,
+        secondaryCache: String? = null,
+        apiKey: String? = null
+    ): ResponseObject =
+        post(
+            endpoint = CACHE_ENDPOINT,
             requestObject = requestObject,
-            parameters = mapOf(SECONDARY_CACHE_QUERY_PARAMETER to secondaryCache)).body()
+            parameters = mapOf(SECONDARY_CACHE_QUERY_PARAMETER to secondaryCache),
+            headers = mapOf(API_KEY_PARAMETER to apiKey)
+        ).body()
 
     suspend fun getStorageCache(
         payloadTransferKey: String?,

diff --git a/src/test/kotlin/org/prebid/cache/functional/testcontainers/container/AerospikeContainer.kt b/src/test/kotlin/org/prebid/cache/functional/testcontainers/container/AerospikeContainer.kt
@@ -24,7 +24,7 @@ class AerospikeContainer(imageName: String) : GenericContainer<AerospikeContaine
     }
 
     companion object {
-        const val PORT = 3002
+        const val PORT = 3000
         const val NAMESPACE = "prebid_cache"
     }
 }