Gitiles
Code Review Sign In
gerrit.opencord.org / aaa / cf847b8c1994a0a2be13bdb852785ff8d068d983 / . / app / src / test / java / org / opencord / aaa / impl / AaaIntegrationTest.java
blob: 8ded2f8358da8aea1a65adb6fc525d62fef00f5f [file] [log] [blame]
Ray Milkey967776a2015-10-07 14:37:17 -0700[diff] [blame]1/*
Brian O'Connor4e33be22017-08-03 22:45:46 -0700[diff] [blame]2 * Copyright 2015-present Open Networking Foundation
Ray Milkey967776a2015-10-07 14:37:17 -0700[diff] [blame]3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
Matteo Scandolocf847b82019-04-26 15:00:00 -0700[diff] [blame^]16package org.opencord.aaa.impl;
Ray Milkey967776a2015-10-07 14:37:17 -0700[diff] [blame]17
18import org.junit.Before;
19import org.junit.Ignore;
20import org.junit.Test;
21import org.onlab.packet.EAP;
22import org.onlab.packet.EAPOL;
23import org.onlab.packet.Ethernet;
24import org.onosproject.core.CoreServiceAdapter;
25import org.onosproject.net.config.Config;
26import org.onosproject.net.config.NetworkConfigRegistryAdapter;
Matteo Scandolocf847b82019-04-26 15:00:00 -0700[diff] [blame^]27import org.opencord.aaa.AaaConfig;
Ray Milkey967776a2015-10-07 14:37:17 -0700[diff] [blame]28
29import static org.hamcrest.Matchers.is;
30import static org.hamcrest.Matchers.notNullValue;
31import static org.junit.Assert.assertThat;
32
33/**
34 * Set of tests of the ONOS application component. These use an existing RADIUS
35 * server and sends live packets over the network to it.
36 */
37@Ignore ("This should not be run as part of the standard build")
Jonathan Hart092dfb22015-11-16 23:05:21 -0800[diff] [blame]38public class AaaIntegrationTest extends AaaTestBase {
Ray Milkey967776a2015-10-07 14:37:17 -0700[diff] [blame]39
Jonathan Hart092dfb22015-11-16 23:05:21 -0800[diff] [blame]40 private AaaManager aaa;
Ray Milkey967776a2015-10-07 14:37:17 -0700[diff] [blame]41
42 /**
43 * Mocks the network config registry.
44 */
45 @SuppressWarnings("unchecked")
46 static final class TestNetworkConfigRegistry
47 extends NetworkConfigRegistryAdapter {
48 @Override
49 public <S, C extends Config<S>> C getConfig(S subject, Class<C> configClass) {
Jonathan Hart092dfb22015-11-16 23:05:21 -0800[diff] [blame]50 return (C) new AaaConfig();
Ray Milkey967776a2015-10-07 14:37:17 -0700[diff] [blame]51 }
52 }
53
54 /**
55 * Sets up the services required by the AAA application.
56 */
57 @Before
58 public void setUp() {
Jonathan Hart092dfb22015-11-16 23:05:21 -0800[diff] [blame]59 aaa = new AaaManager();
Ray Milkey967776a2015-10-07 14:37:17 -0700[diff] [blame]60 aaa.netCfgService = new TestNetworkConfigRegistry();
61 aaa.coreService = new CoreServiceAdapter();
62 aaa.packetService = new MockPacketService();
63 aaa.activate();
64 }
65
66 /**
67 * Fetches the sent packet at the given index. The requested packet
68 * must be the last packet on the list.
69 *
70 * @param index index into sent packets array
71 * @return packet
72 */
73 private Ethernet fetchPacket(int index) {
74 for (int iteration = 0; iteration < 20; iteration++) {
75 if (savedPackets.size() > index) {
76 return (Ethernet) savedPackets.get(index);
77 } else {
78 try {
79 Thread.sleep(250);
80 } catch (Exception ex) {
81 return null;
82 }
83 }
84 }
85 return null;
86 }
87
88 /**
89 * Tests the authentication path through the AAA application by sending
90 * packets to the RADIUS server and checking the state machine
91 * transitions.
92 *
93 * @throws Exception when an unhandled error occurs
94 */
95 @Test
96 public void testAuthentication() throws Exception {
97
98 // (1) Supplicant start up
99
100 Ethernet startPacket = constructSupplicantStartPacket();
101 sendPacket(startPacket);
102
103 Ethernet responsePacket = fetchPacket(0);
104 assertThat(responsePacket, notNullValue());
105 checkRadiusPacket(aaa, responsePacket, EAP.REQUEST);
106
107 // (2) Supplicant identify
108
109 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
110 sendPacket(identifyPacket);
111
112 // State machine should have been created by now
113
114 StateMachine stateMachine =
115 StateMachine.lookupStateMachineBySessionId(SESSION_ID);
116 assertThat(stateMachine, notNullValue());
117 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
118
119 // (3) RADIUS MD5 challenge
120
121 Ethernet radiusChallengeMD5Packet = fetchPacket(1);
122 assertThat(radiusChallengeMD5Packet, notNullValue());
123 checkRadiusPacket(aaa, radiusChallengeMD5Packet, EAP.REQUEST);
124
125
126 // (4) Supplicant MD5 response
127
128 Ethernet md5RadiusPacket =
129 constructSupplicantIdentifyPacket(stateMachine,
130 EAP.ATTR_MD5,
131 stateMachine.challengeIdentifier(),
132 radiusChallengeMD5Packet);
133 sendPacket(md5RadiusPacket);
134
135
136 // (5) RADIUS Success
137
138 Ethernet successRadiusPacket = fetchPacket(2);
139 assertThat(successRadiusPacket, notNullValue());
Jonathan Hart092dfb22015-11-16 23:05:21 -0800[diff] [blame]140 EAPOL successEapol = (EAPOL) successRadiusPacket.getPayload();
141 EAP successEap = (EAP) successEapol.getPayload();
142 assertThat(successEap.getCode(), is(EAP.SUCCESS));
Ray Milkey967776a2015-10-07 14:37:17 -0700[diff] [blame]143
144 // State machine should be in authorized state
145
146 assertThat(stateMachine, notNullValue());
147 assertThat(stateMachine.state(), is(StateMachine.STATE_AUTHORIZED));
148
149 }
150
151}
152