github.com/opentelekomcloud/gophertelekomcloud@v0.9.3/acceptance/openstack/waf/v1/domains_test.go (about) 1 package v1 2 3 import ( 4 "strings" 5 "testing" 6 7 golangsdk "github.com/opentelekomcloud/gophertelekomcloud" 8 "github.com/opentelekomcloud/gophertelekomcloud/acceptance/clients" 9 "github.com/opentelekomcloud/gophertelekomcloud/acceptance/tools" 10 "github.com/opentelekomcloud/gophertelekomcloud/openstack/networking/v2/extensions/layer3/floatingips" 11 "github.com/opentelekomcloud/gophertelekomcloud/openstack/waf/v1/certificates" 12 "github.com/opentelekomcloud/gophertelekomcloud/openstack/waf/v1/domains" 13 "github.com/opentelekomcloud/gophertelekomcloud/openstack/waf/v1/policies" 14 th "github.com/opentelekomcloud/gophertelekomcloud/testhelper" 15 ) 16 17 var contentText = `"<!DOCTYPE html>\n<html>\n<head>\n\t<meta charset=\"UTF-8\">\n\t<title>Error</title>\n</head>\n 18 <body>\n\t<style>\n\t\t.center {\n\t\t margin: 0;\n\t\t position: absolute;\n\t\t top: 50%;\n\t\t left: 50%;\n\t\t 19 -ms-transform: translate(-50%, -50%);\n\t\t transform: translate(-50%, -50%);\n\t\t}\n\t</style>\n\t<div class=\"center\ 20 ">\n\t\t<center>\n\t\t\t<h1>Your request is suspected to be an attack.</h1><br>\n\t\t\t<p>Event ID: ${waf_event_id}</p>\n 21 \t\t</center>\n\t</div>\n</body>\n</html>"` 22 23 func prepareIp(t *testing.T) *floatingips.FloatingIP { 24 client, err := clients.NewNetworkV2Client() 25 th.AssertNoErr(t, err) 26 ip, err := floatingips.Create(client, floatingips.CreateOpts{ 27 FloatingNetworkID: "0a2228f2-7f8a-45f1-8e09-9039e1d09975", // this value is hardcoded in tf OTC provider 28 }).Extract() 29 th.AssertNoErr(t, err) 30 return ip 31 } 32 33 func preparePolicy(t *testing.T, client *golangsdk.ServiceClient) *policies.Policy { 34 randomName := tools.RandomString("waf_policy_", 3) 35 cert, err := policies.Create(client, policies.CreateOpts{Name: randomName}).Extract() 36 th.AssertNoErr(t, err) 37 return cert 38 } 39 40 func prepareCertificate(t *testing.T, client *golangsdk.ServiceClient) *certificates.Certificate { 41 randomName := tools.RandomString("waf_cert_", 3) 42 cert, err := certificates.Create(client, certificates.CreateOpts{ 43 Name: randomName, 44 Content: testCert, 45 Key: testKey, 46 }).Extract() 47 th.AssertNoErr(t, err) 48 return cert 49 } 50 51 func cleanupIP(t *testing.T, ipID string) { 52 client, err := clients.NewNetworkV2Client() 53 th.AssertNoErr(t, err) 54 err = floatingips.Delete(client, ipID).ExtractErr() 55 th.AssertNoErr(t, err) 56 } 57 58 func cleanupPolicy(t *testing.T, client *golangsdk.ServiceClient, policyID string) { 59 err := policies.Delete(client, policyID).ExtractErr() 60 th.AssertNoErr(t, err) 61 } 62 63 func cleanupCertificate(t *testing.T, client *golangsdk.ServiceClient, certID string) { 64 err := certificates.Delete(client, certID).ExtractErr() 65 th.AssertNoErr(t, err) 66 } 67 68 // TestDomainLifecycle is simple "all-in-one" test for waf domain 69 func TestDomainLifecycle(t *testing.T) { 70 client, err := clients.NewWafV1Client() 71 th.AssertNoErr(t, err) 72 73 ip := prepareIp(t) 74 defer cleanupIP(t, ip.ID) 75 76 cert := prepareCertificate(t, client) 77 defer cleanupCertificate(t, client, cert.Id) 78 cert2 := prepareCertificate(t, client) 79 defer cleanupCertificate(t, client, cert2.Id) 80 81 policy := preparePolicy(t, client) 82 defer cleanupPolicy(t, client, policy.Id) 83 84 iTrue := true 85 createOpts := domains.CreateOpts{ 86 HostName: strings.ToLower(tools.RandomString("", 3)) + ".com", 87 CertificateId: cert.Id, 88 Server: []domains.ServerOpts{ 89 { 90 ClientProtocol: "HTTPS", 91 ServerProtocol: "HTTPS", 92 Address: ip.FloatingIP, 93 Port: 443, 94 }, 95 }, 96 Cipher: "cipher_2", 97 Proxy: &iTrue, 98 SipHeaderName: "default", 99 SipHeaderList: []string{"X-Forwarded-For"}, 100 } 101 102 domain, err := domains.Create(client, createOpts).Extract() 103 th.AssertNoErr(t, err) 104 defer func() { 105 err = domains.Delete(client, domain.Id).ExtractErr() 106 th.AssertNoErr(t, err) 107 }() 108 109 th.AssertEquals(t, createOpts.HostName, domain.HostName) 110 th.AssertEquals(t, cert.Id, domain.CertificateId) 111 th.AssertEquals(t, len(createOpts.Server), len(domain.Server)) 112 th.AssertEquals(t, createOpts.Cipher, domain.Cipher) 113 th.AssertEquals(t, domain.BlockPage.Template, "default") 114 115 updateOpts := domains.UpdateOpts{ 116 TLS: "TLS v1.1", 117 Cipher: "cipher_1", 118 CertificateId: cert2.Id, 119 BlockPage: &domains.BlockPage{ 120 Template: "custom", 121 CustomPage: &domains.CustomPage{ 122 StatusCode: "400", 123 ContentType: "text/html", 124 Content: contentText, 125 }, 126 }, 127 } 128 domain, err = domains.Update(client, domain.Id, updateOpts).Extract() 129 th.AssertNoErr(t, err) 130 th.AssertEquals(t, updateOpts.Cipher, domain.Cipher) 131 th.AssertEquals(t, domain.BlockPage.Template, "custom") 132 th.AssertEquals(t, domain.BlockPage.CustomPage.StatusCode, updateOpts.BlockPage.CustomPage.StatusCode) 133 th.AssertEquals(t, domain.BlockPage.CustomPage.ContentType, updateOpts.BlockPage.CustomPage.ContentType) 134 135 domain, err = domains.Get(client, domain.Id).Extract() 136 th.AssertNoErr(t, err) 137 th.AssertEquals(t, cert2.Id, domain.CertificateId) 138 th.AssertEquals(t, domain.BlockPage.Template, "custom") 139 th.AssertEquals(t, domain.BlockPage.CustomPage.StatusCode, updateOpts.BlockPage.CustomPage.StatusCode) 140 th.AssertEquals(t, domain.BlockPage.CustomPage.ContentType, updateOpts.BlockPage.CustomPage.ContentType) 141 }