Add support for TLS and config file enhanced

TLS support for connection between client and COP server, and COP server and database is now supported. Simplified the cop server start command by reading the CA cert and CA key from config rather than command line parameters. Cleaned up testcases to remove redundant code README updated with instruction on how to configure TLS. https://jira.hyperledger.org/browse/FAB-1383 Change-Id: I2a80b1844bcaa4ab0e2f9c3ec978f647406f99d7 Signed-off-by: Saad Karim <[email protected]>
hyperledger · Jan 4, 2017 · 6fc7615 · 6fc7615
1 parent 107fdff
commit 6fc7615
Show file tree

Hide file tree

Showing 29 changed files with 850 additions and 441 deletions.
diff --git a/README.md b/README.md
diff --git a/api/error.go b/api/error.go
@@ -48,6 +48,7 @@ const (
 	EnrollingUserError
 	RegisteringUserError
 	DatabaseError
+	TLSError
 )
 
 // Error is an interface with a Code method

diff --git a/cli/client/client_test.go b/cli/client/client_test.go
@@ -18,7 +18,9 @@ package client
 
 import (
 	"fmt"
+	"io/ioutil"
 	"os"
+	"path/filepath"
 	"testing"
 	"time"
 
@@ -28,14 +30,15 @@ import (
 
 var serverStarted bool
 var serverExitCode = 0
+var dir string
 
 const (
-	clientPath = "/tmp/clientTesting"
+	ClientTLSConfig string = "cop_client.json"
 )
 
 // TestNewClient tests constructing a client
 func TestNewClient(t *testing.T) {
-	_, err := NewClient("http://127.0.0.1:8888")
+	_, err := NewClient("https://127.0.0.1:8888")
 	if err != nil {
 		t.Errorf("Failed to create a client: %s", err)
 	}
@@ -44,9 +47,12 @@ func TestNewClient(t *testing.T) {
 func TestEnrollCLI(t *testing.T) {
 	startServer()
 
+	clientConfig := filepath.Join(dir, ClientTLSConfig)
+	os.Link("../../testdata/cop_client2.json", clientConfig)
+
 	c := new(cli.Config)
 
-	args := []string{"admin", "adminpw", "http://localhost:8888"}
+	args := []string{"admin", "adminpw", "https://localhost:8888"}
 
 	err := enrollMain(args, *c)
 	if err != nil {
@@ -58,7 +64,7 @@ func TestEnrollCLI(t *testing.T) {
 func TestReenrollCLI(t *testing.T) {
 	c := new(cli.Config)
 
-	args := []string{"http://localhost:8888"}
+	args := []string{"https://localhost:8888"}
 
 	err := reenrollMain(args, *c)
 	if err != nil {
@@ -71,7 +77,7 @@ func TestRegister(t *testing.T) {
 
 	c := new(cli.Config)
 
-	args := []string{"../../testdata/registerrequest.json", "http://localhost:8888"}
+	args := []string{"../../testdata/registerrequest.json", "https://localhost:8888"}
 
 	err := registerMain(args, *c)
 	if err != nil {
@@ -95,7 +101,7 @@ func TestRegisterNotEnoughArgs(t *testing.T) {
 func TestRegisterNoJSON(t *testing.T) {
 	c := new(cli.Config)
 
-	args := []string{"", "admin", "http://localhost:8888"}
+	args := []string{"", "admin", "https://localhost:8888"}
 
 	err := registerMain(args, *c)
 	if err == nil {
@@ -108,7 +114,7 @@ func TestRegisterMissingRegistrar(t *testing.T) {
 	c := new(cli.Config)
 
 	// os.Setenv("COP_HOME", "/tmp")
-	args := []string{"", "", "http://localhost:8888"}
+	args := []string{"", "", "https://localhost:8888"}
 
 	err := registerMain(args, *c)
 	if err == nil {
@@ -121,7 +127,7 @@ func TestRevoke(t *testing.T) {
 
 	c := new(cli.Config)
 
-	args := []string{"http://localhost:8888", "admin"}
+	args := []string{"https://localhost:8888", "admin"}
 
 	err := revokeMain(args, *c)
 	if err != nil {
@@ -147,7 +153,7 @@ func TestEnrollCLIWithCSR(t *testing.T) {
 
 	c := new(cli.Config)
 
-	args := []string{"notadmin", "pass", "http://localhost:8888", "../../testdata/csr.json"}
+	args := []string{"notadmin", "pass", "https://localhost:8888", "../../testdata/csr.json"}
 
 	err := enrollMain(args, *c)
 	if err != nil {
@@ -160,7 +166,7 @@ func TestReenrollCLIWithCSR(t *testing.T) {
 
 	c := new(cli.Config)
 
-	args := []string{"http://localhost:8888", "../../testdata/csr.json"}
+	args := []string{"https://localhost:8888", "../../testdata/csr.json"}
 
 	err := reenrollMain(args, *c)
 	if err != nil {
@@ -172,7 +178,7 @@ func TestRevokeNoArg(t *testing.T) {
 
 	c := new(cli.Config)
 
-	args := []string{"http://localhost:8888"}
+	args := []string{"https://localhost:8888"}
 
 	err := revokeMain(args, *c)
 	if err == nil {
@@ -184,14 +190,14 @@ func TestRevokeNotAdmin(t *testing.T) {
 
 	c := new(cli.Config)
 
-	args := []string{"http://localhost:8888", "admin"}
+	args := []string{"https://localhost:8888", "admin"}
 
 	err := revokeMain(args, *c)
 	if err == nil {
 		t.Error("TestRevokeNotAdmin should have failed but didn't")
 	}
 
-	os.RemoveAll(clientPath)
+	// os.RemoveAll(clientPath)
 }
 
 func TestBogusCommand(t *testing.T) {
@@ -201,30 +207,32 @@ func TestBogusCommand(t *testing.T) {
 	}
 }
 
+func TestLast(t *testing.T) {
+	// Cleanup
+	os.RemoveAll(dir)
+}
+
 func runServer() {
 	os.Setenv("COP_DEBUG", "true")
-	server.Start("../../testdata")
+	server.Start("../../testdata", "testconfig2.json")
 }
 
-func startServer() int {
-	if _, err := os.Stat(clientPath); err != nil {
-		if os.IsNotExist(err) {
-			os.MkdirAll(clientPath, 0755)
-		}
-	} else {
-		os.RemoveAll(clientPath)
-		os.MkdirAll(clientPath, 0755)
+func startServer() {
+	var err error
+	dir, err = ioutil.TempDir("", "client")
+	if err != nil {
+		fmt.Printf("Failed to create temp directory [error: %s]", err)
+		return
 	}
 
 	if !serverStarted {
 		serverStarted = true
 		fmt.Println("starting COP server ...")
-		os.Setenv("COP_HOME", clientPath)
+		os.Setenv("COP_HOME", dir)
 		go runServer()
-		time.Sleep(5 * time.Second)
+		time.Sleep(10 * time.Second)
 		fmt.Println("COP server started")
 	} else {
 		fmt.Println("COP server already started")
 	}
-	return serverExitCode
 }
diff --git a/cli/cop_test.go b/cli/cop_test.go
@@ -16,97 +16,27 @@ limitations under the License.
 
 package main
 
-import (
-	"fmt"
-	"os"
-	"testing"
-	"time"
+import "testing"
 
-	cop "github.com/hyperledger/fabric-cop/api"
-	server "github.com/hyperledger/fabric-cop/cli/server"
-	"github.com/hyperledger/fabric-cop/idp"
-)
-
-type Admin struct {
-	User       string
-	Pass       []byte
-	Type       string
-	Group      string
-	Attributes []idp.Attribute
-}
-
-const (
-	CERT     string = "../testdata/ec.pem"
-	KEY      string = "../testdata/ec-key.pem"
-	CFG      string = "../testdata/testconfig.json"
-	CSR      string = "../testdata/csr.json"
-	REG      string = "../testdata/registerrequest.json"
-	DBCONFIG string = "../testdata/enrolltest.json"
-)
-
-var (
-	Registrar  = Admin{User: "admin", Pass: []byte("adminpw"), Type: "User", Group: "bank_a", Attributes: []idp.Attribute{idp.Attribute{Name: "hf.Registrar.DelegateRoles", Value: "client,validator,auditor"}}}
-	testEnroll = cop.RegisterRequest{User: "testEnroll", Type: "client", Group: "bank_a", Attributes: []idp.Attribute{idp.Attribute{Name: "role", Value: "client"}}}
-)
-
-var serverStarted bool
-var serverExitCode = 0
-
-const (
-	enrollPath = "/tmp/enrolltest"
-)
-
-// Test the server start command
-func TestStartServer(t *testing.T) {
-	fmt.Println("running TestStartServer ...")
-	os.RemoveAll("/tmp/enrollTest")
-	rtn := startServer()
-	if rtn != 0 {
-		t.Errorf("Failed to start server with return code: %d", rtn)
-		t.FailNow()
-	}
-	fmt.Println("passed TestStartServer")
-}
-
-func TestRegister(t *testing.T) {
-	fmt.Println("running TestRegister ...")
-	r := server.NewRegisterUser()
-	_, err := r.RegisterUser(testEnroll.User, testEnroll.Type, testEnroll.Group, testEnroll.Attributes, Registrar.User)
-	if err != nil {
-		fmt.Printf("RegisterUser failed: %s\n", err)
-		t.Errorf("Failed to register user: %s, err: %s", testEnroll.User, err)
-	}
-	fmt.Println("passed TestRegister")
-}
-
-func TestEnroll(t *testing.T) {
-	fmt.Println("running TestEnroll ...")
-	rtn := enroll("admin", "adminpw")
-	if rtn != 0 {
-		fmt.Printf("enroll failed: rtn=%d\n", rtn)
-		t.Errorf("Failed to enroll with return code: %d", rtn)
+func TestClientCommand(t *testing.T) {
+	rtn := COPMain([]string{"cop", "client"})
+	if rtn == 0 {
+		t.Error("TestClientCommand passed but should have failed")
 	}
-	fmt.Println("passed TestEnroll")
 }
 
-func TestReenroll(t *testing.T) {
-	fmt.Println("running TestReenroll ...")
-	rtn := reenroll()
-	if rtn != 0 {
-		fmt.Printf("reenroll failed: rtn=%d\n", rtn)
-		t.Errorf("Failed to reenroll with return code: %d", rtn)
+func TestServerCommand(t *testing.T) {
+	rtn := COPMain([]string{"cop", "server"})
+	if rtn == 0 {
+		t.Error("TestServerCommand passed but should have failed")
 	}
-	fmt.Println("passed TestReenroll")
 }
 
-func TestCFSSL(t *testing.T) {
-	fmt.Println("running TestCFSSL ...")
-	rtn := cfssl()
-	if rtn != 0 {
-		fmt.Printf("TestCFSSL failed: rtn=%d\n", rtn)
-		t.Errorf("Failed to test CFSSL with return code: %d", rtn)
+func TestCFSSLCommand(t *testing.T) {
+	rtn := COPMain([]string{"cop", "cfssl"})
+	if rtn == 0 {
+		t.Error("TestCFSSLCommand passed but should have failed")
 	}
-	fmt.Println("passed TestCFSSL")
 }
 
 func TestBogusCommand(t *testing.T) {
@@ -115,51 +45,3 @@ func TestBogusCommand(t *testing.T) {
 		t.Error("TestBogusCommand passed but should have failed")
 	}
 }
-
-func startServer() int {
-	if !serverStarted {
-		serverStarted = true
-		fmt.Println("starting COP server ...")
-		os.Setenv("COP_HOME", enrollPath)
-		go runServer()
-		time.Sleep(3 * time.Second)
-		fmt.Println("COP server started")
-	} else {
-		fmt.Println("COP server already started")
-	}
-	return serverExitCode
-}
-
-func runServer() {
-	os.Setenv("COP_DEBUG", "true")
-	os.Setenv("COP_HOME", enrollPath)
-	serverExitCode = COPMain([]string{"cop", "server", "start", "-ca", CERT, "-ca-key", KEY, "-config", CFG, "-db-config", DBCONFIG})
-}
-
-func enroll(user, pass string) int {
-	fmt.Printf("enrolling user '%s' with password '%s' ...\n", user, pass)
-	rtn := COPMain([]string{"cop", "client", "enroll", user, pass, "http://localhost:8888", CSR})
-	fmt.Printf("enroll result is '%d'\n", rtn)
-	return rtn
-}
-
-func reenroll() int {
-	fmt.Println("reenrolling ...")
-	rtn := COPMain([]string{"cop", "client", "reenroll", "http://localhost:8888", CSR})
-	fmt.Printf("reenroll result is '%d'\n", rtn)
-	return rtn
-}
-
-func cfssl() int {
-	fmt.Println("cfssl ...")
-	rtn := COPMain([]string{"cop", "cfssl", "version"})
-	fmt.Printf("cfssl result is '%d'\n", rtn)
-	return rtn
-}
-
-func register(file string) int {
-	fmt.Printf("register file '%s' ...\n", file)
-	rtn := COPMain([]string{"cop", "client", "register", file, "http://localhost:8888", "loglevel=0"})
-	fmt.Printf("register result is '%d'\n", rtn)
-	return rtn
-}