github.com/akamai/AkamaiOPEN-edgegrid-golang/v8@v8.1.0/pkg/cps/deployments_test.go (about) 1 package cps 2 3 import ( 4 "context" 5 "errors" 6 "net/http" 7 "net/http/httptest" 8 "testing" 9 10 "github.com/akamai/AkamaiOPEN-edgegrid-golang/v8/pkg/tools" 11 "github.com/stretchr/testify/assert" 12 "github.com/stretchr/testify/require" 13 ) 14 15 func TestListDeployments(t *testing.T) { 16 tests := map[string]struct { 17 params ListDeploymentsRequest 18 responseStatus int 19 responseBody string 20 expectedPath string 21 expectedHeaders map[string]string 22 expectedResponse *ListDeploymentsResponse 23 withError func(*testing.T, error) 24 }{ 25 "200 OK": { 26 params: ListDeploymentsRequest{EnrollmentID: 10}, 27 responseStatus: http.StatusOK, 28 responseBody: `{ 29 "production": { 30 "ocspStapled": false, 31 "ocspUris": [], 32 "networkConfiguration": { 33 "geography": "core", 34 "mustHaveCiphers": "ak-akamai-2020q1", 35 "ocspStapling": "on", 36 "preferredCiphers": "ak-akamai-2020q1", 37 "quicEnabled": false, 38 "secureNetwork": "standard-tls", 39 "sniOnly": true, 40 "disallowedTlsVersions": [ 41 "TLSv1", 42 "TLSv1_1" 43 ], 44 "dnsNames": [ 45 "san2.example.com", 46 "san1.example.com" 47 ] 48 }, 49 "primaryCertificate": { 50 "certificate": "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... 93Nvw==\n-----END CERTIFICATE-----", 51 "expiry": "2022-02-05T13:21:21Z", 52 "signatureAlgorithm": "SHA-256", 53 "trustChain": "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... Qs/v0=\n-----END CERTIFICATE-----" 54 }, 55 "multiStackedCertificates": [ 56 { 57 "certificate": "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... nMweq/\n-----END CERTIFICATE-----", 58 "expiry": "2022-02-05T13:21:20Z", 59 "signatureAlgorithm": "SHA-256", 60 "trustChain": "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... KEUp0=\n-----END CERTIFICATE-----" 61 } 62 ] 63 }, 64 "staging": { 65 "ocspStapled": false, 66 "ocspUris": [], 67 "networkConfiguration": { 68 "geography": "core", 69 "mustHaveCiphers": "ak-akamai-2020q1", 70 "ocspStapling": "on", 71 "preferredCiphers": "ak-akamai-2020q1", 72 "quicEnabled": false, 73 "secureNetwork": "standard-tls", 74 "sniOnly": true, 75 "disallowedTlsVersions": [ 76 "TLSv1", 77 "TLSv1_1" 78 ], 79 "dnsNames": [ 80 "san2.example.com", 81 "san1.example.com" 82 ] 83 }, 84 "primaryCertificate": { 85 "certificate": "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... 93Nvw==\n-----END CERTIFICATE-----", 86 "expiry": "2022-02-05T13:21:21Z", 87 "signatureAlgorithm": "SHA-256", 88 "trustChain": "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... 9JQs/v0=\n-----END CERTIFICATE-----" 89 }, 90 "multiStackedCertificates": [ 91 { 92 "certificate": "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... nMweq/\n-----END CERTIFICATE-----", 93 "expiry": "2022-02-05T13:21:20Z", 94 "signatureAlgorithm": "SHA-256", 95 "trustChain": "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... KEUp0=\n-----END CERTIFICATE-----" 96 } 97 ] 98 } 99 }`, 100 expectedPath: "/cps/v2/enrollments/10/deployments", 101 expectedHeaders: map[string]string{ 102 "Accept": "application/vnd.akamai.cps.deployments.v8+json", 103 }, 104 expectedResponse: &ListDeploymentsResponse{ 105 Production: &Deployment{ 106 OCSPStapled: tools.BoolPtr(false), 107 OCSPURIs: []string{}, 108 NetworkConfiguration: DeploymentNetworkConfiguration{ 109 Geography: "core", 110 MustHaveCiphers: "ak-akamai-2020q1", 111 OCSPStapling: "on", 112 PreferredCiphers: "ak-akamai-2020q1", 113 QUICEnabled: false, 114 SecureNetwork: "standard-tls", 115 SNIOnly: true, 116 DisallowedTLSVersions: []string{ 117 "TLSv1", 118 "TLSv1_1", 119 }, 120 DNSNames: []string{ 121 "san2.example.com", 122 "san1.example.com", 123 }, 124 }, 125 PrimaryCertificate: DeploymentCertificate{ 126 Certificate: "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... 93Nvw==\n-----END CERTIFICATE-----", 127 Expiry: "2022-02-05T13:21:21Z", 128 SignatureAlgorithm: "SHA-256", 129 TrustChain: "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... Qs/v0=\n-----END CERTIFICATE-----", 130 }, 131 MultiStackedCertificates: []DeploymentCertificate{ 132 { 133 Certificate: "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... nMweq/\n-----END CERTIFICATE-----", 134 Expiry: "2022-02-05T13:21:20Z", 135 SignatureAlgorithm: "SHA-256", 136 TrustChain: "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... KEUp0=\n-----END CERTIFICATE-----", 137 }, 138 }, 139 }, 140 Staging: &Deployment{ 141 OCSPStapled: tools.BoolPtr(false), 142 OCSPURIs: []string{}, 143 NetworkConfiguration: DeploymentNetworkConfiguration{ 144 Geography: "core", 145 MustHaveCiphers: "ak-akamai-2020q1", 146 OCSPStapling: "on", 147 PreferredCiphers: "ak-akamai-2020q1", 148 QUICEnabled: false, 149 SecureNetwork: "standard-tls", 150 SNIOnly: true, 151 DisallowedTLSVersions: []string{ 152 "TLSv1", 153 "TLSv1_1", 154 }, 155 DNSNames: []string{ 156 "san2.example.com", 157 "san1.example.com", 158 }, 159 }, 160 PrimaryCertificate: DeploymentCertificate{ 161 Certificate: "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... 93Nvw==\n-----END CERTIFICATE-----", 162 Expiry: "2022-02-05T13:21:21Z", 163 SignatureAlgorithm: "SHA-256", 164 TrustChain: "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... 9JQs/v0=\n-----END CERTIFICATE-----", 165 }, 166 MultiStackedCertificates: []DeploymentCertificate{ 167 { 168 Certificate: "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... nMweq/\n-----END CERTIFICATE-----", 169 Expiry: "2022-02-05T13:21:20Z", 170 SignatureAlgorithm: "SHA-256", 171 TrustChain: "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... KEUp0=\n-----END CERTIFICATE-----", 172 }, 173 }, 174 }, 175 }, 176 }, 177 "500 internal server error": { 178 params: ListDeploymentsRequest{EnrollmentID: 500}, 179 responseStatus: http.StatusInternalServerError, 180 responseBody: ` 181 { 182 "type": "internal_error", 183 "title": "Internal Server Error", 184 "detail": "Error making request", 185 "status": 500 186 }`, 187 expectedPath: "/cps/v2/enrollments/500/deployments", 188 expectedHeaders: map[string]string{ 189 "Accept": "application/vnd.akamai.cps.deployments.v8+json", 190 }, 191 withError: func(t *testing.T, err error) { 192 want := &Error{ 193 Type: "internal_error", 194 Title: "Internal Server Error", 195 Detail: "Error making request", 196 StatusCode: http.StatusInternalServerError, 197 } 198 assert.True(t, errors.Is(err, want), "want: %s; got: %s", want, err) 199 }, 200 }, 201 } 202 203 for name, test := range tests { 204 t.Run(name, func(t *testing.T) { 205 mockServer := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 206 assert.Equal(t, test.expectedPath, r.URL.String()) 207 assert.Equal(t, http.MethodGet, r.Method) 208 for k, v := range test.expectedHeaders { 209 assert.Equal(t, v, r.Header.Get(k)) 210 } 211 w.WriteHeader(test.responseStatus) 212 _, err := w.Write([]byte(test.responseBody)) 213 assert.NoError(t, err) 214 })) 215 client := mockAPIClient(t, mockServer) 216 result, err := client.ListDeployments(context.Background(), test.params) 217 if test.withError != nil { 218 test.withError(t, err) 219 return 220 } 221 require.NoError(t, err) 222 assert.Equal(t, test.expectedResponse, result) 223 }) 224 } 225 } 226 227 func TestGetProductionDeployment(t *testing.T) { 228 tests := map[string]struct { 229 params GetDeploymentRequest 230 responseStatus int 231 responseBody string 232 expectedPath string 233 expectedHeaders map[string]string 234 expectedResponse *GetProductionDeploymentResponse 235 withError func(*testing.T, error) 236 }{ 237 "200 OK": { 238 params: GetDeploymentRequest{EnrollmentID: 10}, 239 responseStatus: http.StatusOK, 240 responseBody: `{ 241 "ocspStapled": false, 242 "ocspUris": [], 243 "networkConfiguration": { 244 "geography": "core", 245 "mustHaveCiphers": "ak-akamai-2020q1", 246 "ocspStapling": "on", 247 "preferredCiphers": "ak-akamai-2020q1", 248 "quicEnabled": false, 249 "secureNetwork": "standard-tls", 250 "sniOnly": true, 251 "disallowedTlsVersions": [ 252 "TLSv1", 253 "TLSv1_1" 254 ], 255 "dnsNames": [ 256 "san2.example.com", 257 "san1.example.com" 258 ] 259 }, 260 "primaryCertificate": { 261 "certificate": "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... 93Nvw==\n-----END CERTIFICATE-----", 262 "expiry": "2022-02-05T13:21:21Z", 263 "signatureAlgorithm": "SHA-256", 264 "trustChain": "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... Qs/v0=\n-----END CERTIFICATE-----" 265 }, 266 "multiStackedCertificates": [ 267 { 268 "certificate": "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... nMweq/\n-----END CERTIFICATE-----", 269 "expiry": "2022-02-05T13:21:20Z", 270 "signatureAlgorithm": "SHA-256", 271 "trustChain": "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... KEUp0=\n-----END CERTIFICATE-----" 272 } 273 ] 274 }`, 275 expectedPath: "/cps/v2/enrollments/10/deployments/production", 276 expectedHeaders: map[string]string{ 277 "Accept": "application/vnd.akamai.cps.deployment.v8+json", 278 }, 279 expectedResponse: &GetProductionDeploymentResponse{ 280 OCSPStapled: tools.BoolPtr(false), 281 OCSPURIs: []string{}, 282 NetworkConfiguration: DeploymentNetworkConfiguration{ 283 Geography: "core", 284 MustHaveCiphers: "ak-akamai-2020q1", 285 OCSPStapling: "on", 286 PreferredCiphers: "ak-akamai-2020q1", 287 QUICEnabled: false, 288 SecureNetwork: "standard-tls", 289 SNIOnly: true, 290 DisallowedTLSVersions: []string{ 291 "TLSv1", 292 "TLSv1_1", 293 }, 294 DNSNames: []string{ 295 "san2.example.com", 296 "san1.example.com", 297 }, 298 }, 299 PrimaryCertificate: DeploymentCertificate{ 300 Certificate: "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... 93Nvw==\n-----END CERTIFICATE-----", 301 Expiry: "2022-02-05T13:21:21Z", 302 SignatureAlgorithm: "SHA-256", 303 TrustChain: "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... Qs/v0=\n-----END CERTIFICATE-----", 304 }, 305 MultiStackedCertificates: []DeploymentCertificate{ 306 { 307 Certificate: "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... nMweq/\n-----END CERTIFICATE-----", 308 Expiry: "2022-02-05T13:21:20Z", 309 SignatureAlgorithm: "SHA-256", 310 TrustChain: "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... KEUp0=\n-----END CERTIFICATE-----", 311 }, 312 }, 313 }, 314 }, 315 "500 internal server error": { 316 params: GetDeploymentRequest{EnrollmentID: 500}, 317 responseStatus: http.StatusInternalServerError, 318 responseBody: ` 319 { 320 "type": "internal_error", 321 "title": "Internal Server Error", 322 "detail": "Error making request", 323 "status": 500 324 }`, 325 expectedPath: "/cps/v2/enrollments/500/deployments/production", 326 expectedHeaders: map[string]string{ 327 "Accept": "application/vnd.akamai.cps.deployment.v8+json", 328 }, 329 withError: func(t *testing.T, err error) { 330 want := &Error{ 331 Type: "internal_error", 332 Title: "Internal Server Error", 333 Detail: "Error making request", 334 StatusCode: http.StatusInternalServerError, 335 } 336 assert.True(t, errors.Is(err, want), "want: %s; got: %s", want, err) 337 }, 338 }, 339 "validation error": { 340 params: GetDeploymentRequest{}, 341 withError: func(t *testing.T, err error) { 342 assert.True(t, errors.Is(err, ErrStructValidation), "want: %s; got: %s", ErrStructValidation, err) 343 }, 344 }, 345 } 346 347 for name, test := range tests { 348 t.Run(name, func(t *testing.T) { 349 mockServer := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 350 assert.Equal(t, test.expectedPath, r.URL.String()) 351 assert.Equal(t, http.MethodGet, r.Method) 352 for k, v := range test.expectedHeaders { 353 assert.Equal(t, v, r.Header.Get(k)) 354 } 355 w.WriteHeader(test.responseStatus) 356 _, err := w.Write([]byte(test.responseBody)) 357 assert.NoError(t, err) 358 })) 359 client := mockAPIClient(t, mockServer) 360 result, err := client.GetProductionDeployment(context.Background(), test.params) 361 if test.withError != nil { 362 test.withError(t, err) 363 return 364 } 365 require.NoError(t, err) 366 assert.Equal(t, test.expectedResponse, result) 367 }) 368 } 369 } 370 371 func TestGetStagingDeployment(t *testing.T) { 372 tests := map[string]struct { 373 params GetDeploymentRequest 374 responseStatus int 375 responseBody string 376 expectedPath string 377 expectedHeaders map[string]string 378 expectedResponse *GetStagingDeploymentResponse 379 withError func(*testing.T, error) 380 }{ 381 "200 OK": { 382 params: GetDeploymentRequest{EnrollmentID: 10}, 383 responseStatus: http.StatusOK, 384 responseBody: `{ 385 "ocspStapled": false, 386 "ocspUris": [], 387 "networkConfiguration": { 388 "geography": "core", 389 "mustHaveCiphers": "ak-akamai-2020q1", 390 "ocspStapling": "on", 391 "preferredCiphers": "ak-akamai-2020q1", 392 "quicEnabled": false, 393 "secureNetwork": "standard-tls", 394 "sniOnly": true, 395 "disallowedTlsVersions": [ 396 "TLSv1", 397 "TLSv1_1" 398 ], 399 "dnsNames": [ 400 "san2.example.com", 401 "san1.example.com" 402 ] 403 }, 404 "primaryCertificate": { 405 "certificate": "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... 93Nvw==\n-----END CERTIFICATE-----", 406 "expiry": "2022-02-05T13:21:21Z", 407 "signatureAlgorithm": "SHA-256", 408 "trustChain": "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... Qs/v0=\n-----END CERTIFICATE-----" 409 }, 410 "multiStackedCertificates": [ 411 { 412 "certificate": "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... nMweq/\n-----END CERTIFICATE-----", 413 "expiry": "2022-02-05T13:21:20Z", 414 "signatureAlgorithm": "SHA-256", 415 "trustChain": "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... KEUp0=\n-----END CERTIFICATE-----" 416 } 417 ] 418 }`, 419 expectedPath: "/cps/v2/enrollments/10/deployments/staging", 420 expectedHeaders: map[string]string{ 421 "Accept": "application/vnd.akamai.cps.deployment.v8+json", 422 }, 423 expectedResponse: &GetStagingDeploymentResponse{ 424 425 OCSPStapled: tools.BoolPtr(false), 426 OCSPURIs: []string{}, 427 NetworkConfiguration: DeploymentNetworkConfiguration{ 428 Geography: "core", 429 MustHaveCiphers: "ak-akamai-2020q1", 430 OCSPStapling: "on", 431 PreferredCiphers: "ak-akamai-2020q1", 432 QUICEnabled: false, 433 SecureNetwork: "standard-tls", 434 SNIOnly: true, 435 DisallowedTLSVersions: []string{ 436 "TLSv1", 437 "TLSv1_1", 438 }, 439 DNSNames: []string{ 440 "san2.example.com", 441 "san1.example.com", 442 }, 443 }, 444 PrimaryCertificate: DeploymentCertificate{ 445 Certificate: "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... 93Nvw==\n-----END CERTIFICATE-----", 446 Expiry: "2022-02-05T13:21:21Z", 447 SignatureAlgorithm: "SHA-256", 448 TrustChain: "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... Qs/v0=\n-----END CERTIFICATE-----", 449 }, 450 MultiStackedCertificates: []DeploymentCertificate{ 451 { 452 Certificate: "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... nMweq/\n-----END CERTIFICATE-----", 453 Expiry: "2022-02-05T13:21:20Z", 454 SignatureAlgorithm: "SHA-256", 455 TrustChain: "-----BEGIN CERTIFICATE-----\nMIID <sample - removed for readability> .... KEUp0=\n-----END CERTIFICATE-----", 456 }, 457 }, 458 }, 459 }, 460 "500 internal server error": { 461 params: GetDeploymentRequest{EnrollmentID: 500}, 462 responseStatus: http.StatusInternalServerError, 463 responseBody: ` 464 { 465 "type": "internal_error", 466 "title": "Internal Server Error", 467 "detail": "Error making request", 468 "status": 500 469 }`, 470 expectedPath: "/cps/v2/enrollments/500/deployments/staging", 471 expectedHeaders: map[string]string{ 472 "Accept": "application/vnd.akamai.cps.deployment.v8+json", 473 }, 474 withError: func(t *testing.T, err error) { 475 want := &Error{ 476 Type: "internal_error", 477 Title: "Internal Server Error", 478 Detail: "Error making request", 479 StatusCode: http.StatusInternalServerError, 480 } 481 assert.True(t, errors.Is(err, want), "want: %s; got: %s", want, err) 482 }, 483 }, 484 "validation error": { 485 params: GetDeploymentRequest{}, 486 withError: func(t *testing.T, err error) { 487 assert.True(t, errors.Is(err, ErrStructValidation), "want: %s; got: %s", ErrStructValidation, err) 488 }, 489 }, 490 } 491 492 for name, test := range tests { 493 t.Run(name, func(t *testing.T) { 494 mockServer := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 495 assert.Equal(t, test.expectedPath, r.URL.String()) 496 assert.Equal(t, http.MethodGet, r.Method) 497 for k, v := range test.expectedHeaders { 498 assert.Equal(t, v, r.Header.Get(k)) 499 } 500 w.WriteHeader(test.responseStatus) 501 _, err := w.Write([]byte(test.responseBody)) 502 assert.NoError(t, err) 503 })) 504 client := mockAPIClient(t, mockServer) 505 result, err := client.GetStagingDeployment(context.Background(), test.params) 506 if test.withError != nil { 507 test.withError(t, err) 508 return 509 } 510 require.NoError(t, err) 511 assert.Equal(t, test.expectedResponse, result) 512 }) 513 } 514 }