[incubator-shenyu] branch master updated: Add integrated test for waf plugin (#1864)

Thu, 05 Aug 2021 05:22:52 -0700 

This is an automated email from the ASF dual-hosted git repository.

sabersola pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-shenyu.git


The following commit(s) were added to refs/heads/master by this push:
     new 9c7b1f3  Add integrated test for waf plugin (#1864)
9c7b1f3 is described below

commit 9c7b1f30defe47d0537e08cd756daf3a28574b88
Author: dengliming <[email protected]>
AuthorDate: Thu Aug 5 20:22:36 2021 +0800

    Add integrated test for waf plugin (#1864)
---
 .../http/controller/HttpTestController.java        | 16 ++++++++
 .../admin-config/schema.sql                        | 33 ++++++++++------
 .../shenyu-integrated-test-http/pom.xml            | 10 ++++-
 .../apache/shenyu/integratedtest/http/WafTest.java | 44 ++++++++++++++++++++++
 4 files changed, 90 insertions(+), 13 deletions(-)

diff --git 
a/shenyu-examples/shenyu-examples-http/src/main/java/org/apache/shenyu/examples/http/controller/HttpTestController.java
 
b/shenyu-examples/shenyu-examples-http/src/main/java/org/apache/shenyu/examples/http/controller/HttpTestController.java
index 94b70fe..9d239b7 100644
--- 
a/shenyu-examples/shenyu-examples-http/src/main/java/org/apache/shenyu/examples/http/controller/HttpTestController.java
+++ 
b/shenyu-examples/shenyu-examples-http/src/main/java/org/apache/shenyu/examples/http/controller/HttpTestController.java
@@ -19,6 +19,7 @@ package org.apache.shenyu.examples.http.controller;
 
 import org.apache.shenyu.client.springmvc.annotation.ShenyuSpringMvcClient;
 import org.apache.shenyu.examples.http.dto.UserDTO;
+import org.apache.shenyu.examples.http.result.ResultBean;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -106,4 +107,19 @@ public class HttpTestController {
         return userDTO;
     }
 
+    @PostMapping("/waf/pass")
+    public ResultBean pass() {
+        ResultBean response = new ResultBean();
+        response.setCode(200);
+        response.setMsg("pass");
+        return response;
+    }
+
+    @PostMapping("/waf/deny")
+    public ResultBean deny() {
+        ResultBean response = new ResultBean();
+        response.setCode(403);
+        response.setMsg("deny");
+        return response;
+    }
 }
diff --git 
a/shenyu-integrated-test/shenyu-integrated-test-http/admin-config/schema.sql 
b/shenyu-integrated-test/shenyu-integrated-test-http/admin-config/schema.sql
index 7513d6d..8de59d4 100644
--- a/shenyu-integrated-test/shenyu-integrated-test-http/admin-config/schema.sql
+++ b/shenyu-integrated-test/shenyu-integrated-test-http/admin-config/schema.sql
@@ -18,20 +18,29 @@
 
 /** prepare rate limit **/
 DELETE FROM plugin WHERE id = '4';
-INSERT INTO plugin (id, name, config, role, enabled, date_created, 
date_updated) VALUES ('4', 'rate_limiter', 
'{"mode":"standalone","master":"mymaster","url":"shenyu-redis:6379","password":"abc"}',
 1, 1, '2018-06-23 10:26:37', '2021-06-12 13:10:09');
+INSERT IGNORE INTO plugin (id, name, config, role, enabled, date_created, 
date_updated) VALUES ('4', 'rate_limiter', 
'{"mode":"standalone","master":"mymaster","url":"shenyu-redis:6379","password":"abc"}',
 1, 1, '2018-06-23 10:26:37', '2021-06-12 13:10:09');
 
-INSERT INTO selector (id, plugin_id, name, match_mode, type, sort, handle, 
enabled, loged, continued, date_created, date_updated) VALUES 
('1403700859048841216', '4', 'http-ratelimit-slidingwindow', 0, 1, 1, null, 1, 
1, 1, '2021-06-12 13:08:59', '2021-06-12 13:08:59');
+INSERT IGNORE INTO selector (id, plugin_id, name, match_mode, type, sort, 
handle, enabled, loged, continued, date_created, date_updated) VALUES 
('1403700859048841216', '4', 'http-ratelimit-slidingwindow', 0, 1, 1, null, 1, 
1, 1, '2021-06-12 13:08:59', '2021-06-12 13:08:59');
 
-INSERT INTO rule (id, selector_id, match_mode, name, enabled, loged, sort, 
handle, date_created, date_updated) VALUES ('1403701003857186816', 
'1403700859048841216', 0, 'http-ratelimit-slidingwindow', 1, 1, 1, 
'{"algorithmName":"slidingWindow","replenishRate":"1","burstCapacity":"1"}', 
'2021-06-12 13:09:33', '2021-06-12 13:09:33');
-INSERT INTO rule_condition (id, rule_id, param_type, operator, param_name, 
param_value, date_created, date_updated) VALUES ('1403701003865575424', 
'1403701003857186816', 'uri', '=', '/', '/http/test/path/123', '2021-06-12 
13:09:33', '2021-06-12 13:09:33');
-INSERT INTO selector_condition (id, selector_id, param_type, operator, 
param_name, param_value, date_created, date_updated) VALUES 
('1403700859057229824', '1403700859048841216', 'uri', '=', '/', 
'/http/test/path/123', '2021-06-12 13:08:59', '2021-06-12 13:08:59');
+INSERT IGNORE INTO rule (id, selector_id, match_mode, name, enabled, loged, 
sort, handle, date_created, date_updated) VALUES ('1403701003857186816', 
'1403700859048841216', 0, 'http-ratelimit-slidingwindow', 1, 1, 1, 
'{"algorithmName":"slidingWindow","replenishRate":"1","burstCapacity":"1"}', 
'2021-06-12 13:09:33', '2021-06-12 13:09:33');
+INSERT IGNORE INTO rule_condition (id, rule_id, param_type, operator, 
param_name, param_value, date_created, date_updated) VALUES 
('1403701003865575424', '1403701003857186816', 'uri', '=', '/', 
'/http/test/path/123', '2021-06-12 13:09:33', '2021-06-12 13:09:33');
+INSERT IGNORE INTO selector_condition (id, selector_id, param_type, operator, 
param_name, param_value, date_created, date_updated) VALUES 
('1403700859057229824', '1403700859048841216', 'uri', '=', '/', 
'/http/test/path/123', '2021-06-12 13:08:59', '2021-06-12 13:08:59');
 
 /** prepare sign **/
 UPDATE plugin SET enabled = 1 WHERE id = '1';
-INSERT INTO selector (id, plugin_id, name, match_mode, type, sort, handle, 
enabled, loged, continued,date_created, date_updated) VALUES 
('1412234272995270656', '1', 'http-sign', 0, 1, 1, null, 1, 1, 1,'2021-07-06 
13:09:3','2021-07-06 13:09:33');
-INSERT INTO rule (id, selector_id, match_mode, name, enabled, loged, 
sort,date_created, date_updated) VALUES ('1412234425227534336', 
'1412234272995270656', 0, 'http-sign', 1, 1, 1,'2021-07-06 13:09:3','2021-07-06 
13:09:33');
-INSERT INTO rule_condition (id, rule_id, param_type, operator, param_name, 
param_value,date_created, date_updated) VALUES ('1412234425256894464', 
'1412234425227534336', 'uri', '=', '/', '/http/test/path/456','2021-07-06 
13:09:3','2021-07-06 13:09:33');
-INSERT INTO selector_condition (id, selector_id, param_type, operator, 
param_name, param_value,date_created, date_updated) VALUES 
('1412234273020436480', '1412234272995270656', 'uri', '=', '/', 
'/http/test/path/456','2021-07-06 13:09:3','2021-07-06 13:09:33');
-INSERT INTO app_auth(id,app_key,app_secret,open,enabled,date_created, 
date_updated) VALUES 
('1412239238157819904','108C27175A2C43C1BC29B1E483D57E3D','061521A73DD94A3FA873C25D050685BB',1,1,'2021-07-06
 13:09:3','2021-07-06 13:09:33');
-INSERT INTO auth_param(id,auth_id,app_name,date_created, date_updated) VALUES 
('1412246190984257536','1412239238157819904','http-sign','2021-07-06 
13:09:3','2021-07-06 13:09:33');
-INSERT INTO auth_path(id,auth_id,app_name,path,enabled,date_created, 
date_updated) VALUES 
('1412255231079411712','1412239238157819904','http-sign','/http/test/path/456',1,'2021-07-06
 13:09:3','2021-07-06 13:09:33');
+INSERT IGNORE INTO selector (id, plugin_id, name, match_mode, type, sort, 
handle, enabled, loged, continued,date_created, date_updated) VALUES 
('1412234272995270656', '1', 'http-sign', 0, 1, 1, null, 1, 1, 1,'2021-07-06 
13:09:3','2021-07-06 13:09:33');
+INSERT IGNORE INTO rule (id, selector_id, match_mode, name, enabled, loged, 
sort,date_created, date_updated) VALUES ('1412234425227534336', 
'1412234272995270656', 0, 'http-sign', 1, 1, 1,'2021-07-06 13:09:3','2021-07-06 
13:09:33');
+INSERT IGNORE INTO rule_condition (id, rule_id, param_type, operator, 
param_name, param_value,date_created, date_updated) VALUES 
('1412234425256894464', '1412234425227534336', 'uri', '=', '/', 
'/http/test/path/456','2021-07-06 13:09:3','2021-07-06 13:09:33');
+INSERT IGNORE INTO selector_condition (id, selector_id, param_type, operator, 
param_name, param_value,date_created, date_updated) VALUES 
('1412234273020436480', '1412234272995270656', 'uri', '=', '/', 
'/http/test/path/456','2021-07-06 13:09:3','2021-07-06 13:09:33');
+INSERT IGNORE INTO app_auth(id,app_key,app_secret,open,enabled,date_created, 
date_updated) VALUES 
('1412239238157819904','108C27175A2C43C1BC29B1E483D57E3D','061521A73DD94A3FA873C25D050685BB',1,1,'2021-07-06
 13:09:3','2021-07-06 13:09:33');
+INSERT IGNORE INTO auth_param(id,auth_id,app_name,date_created, date_updated) 
VALUES ('1412246190984257536','1412239238157819904','http-sign','2021-07-06 
13:09:3','2021-07-06 13:09:33');
+INSERT IGNORE INTO auth_path(id,auth_id,app_name,path,enabled,date_created, 
date_updated) VALUES 
('1412255231079411712','1412239238157819904','http-sign','/http/test/path/456',1,'2021-07-06
 13:09:3','2021-07-06 13:09:33');
+
+/** prepare waf **/
+UPDATE plugin SET enabled = 1 WHERE id = '2';
+INSERT IGNORE INTO selector (id, plugin_id, name, match_mode, type, sort, 
handle, enabled, loged, continued, date_created, date_updated) VALUES 
('1422826261990641664', '2', '/http/test/waf', 0, 1, 1, null, 1, 1, 
1,'2021-08-04 13:09:32','2021-08-04 13:09:32');
+INSERT IGNORE INTO selector_condition (id, selector_id, param_type, operator, 
param_name, param_value, date_created, date_updated) VALUES 
('1422826261999030272', '1422826261990641664', 'uri', 'match', '/', 
'/http/test/waf/**','2021-08-04 13:09:32','2021-08-04 13:09:32');
+INSERT IGNORE INTO rule (id, selector_id, match_mode, name, enabled, loged, 
sort, handle, date_created, date_updated) VALUES ('1422826330114527232', 
'1422826261990641664', 0, '/http/test/waf/pass', 1, 1, 1, 
'{"permission":"allow","statusCode":"200"}', '2021-08-04 13:09:32','2021-08-04 
13:09:32');
+INSERT IGNORE INTO rule (id, selector_id, match_mode, name, enabled, loged, 
sort, handle, date_created, date_updated) VALUES ('1422826385177350144', 
'1422826261990641664', 0, '/http/test/waf/deny', 1, 1, 1, 
'{"permission":"reject","statusCode":"403"}', '2021-08-04 13:09:32','2021-08-04 
13:09:32');
+INSERT IGNORE INTO rule_condition (id, rule_id, param_type, operator, 
param_name, param_value, date_created, date_updated) VALUES 
('1422826330122915840', '1422826330114527232', 'uri', '=', '/', 
'/http/test/waf/pass','2021-08-04 13:09:32','2021-08-04 13:09:32');
+INSERT IGNORE INTO rule_condition (id, rule_id, param_type, operator, 
param_name, param_value, date_created, date_updated) VALUES 
('1422826385185738752', '1422826385177350144', 'uri', '=', '/', 
'/http/test/waf/deny','2021-08-04 13:09:32','2021-08-04 13:09:32');
diff --git a/shenyu-integrated-test/shenyu-integrated-test-http/pom.xml 
b/shenyu-integrated-test/shenyu-integrated-test-http/pom.xml
index b3b61d0..c82e941 100644
--- a/shenyu-integrated-test/shenyu-integrated-test-http/pom.xml
+++ b/shenyu-integrated-test/shenyu-integrated-test-http/pom.xml
@@ -31,7 +31,6 @@
 <!--  <packaging>jar</packaging>-->
 
   <name>shenyu-integrated-test-http</name>
-  <!-- FIXME change it to the project's website -->
   <url>https://shenyu.apache.org</url>
 
   <properties>
@@ -66,6 +65,14 @@
       <version>${project.version}</version>
     </dependency>
 
+    <!-- shenyu waf plugin starter-->
+    <dependency>
+      <groupId>org.apache.shenyu</groupId>
+      <artifactId>shenyu-spring-boot-starter-plugin-waf</artifactId>
+      <version>${project.version}</version>
+    </dependency>
+    <!-- shenyu waf plugin end-->
+
     <!--shenyu data sync start use websocket-->
     <dependency>
       <groupId>org.apache.shenyu</groupId>
@@ -128,6 +135,7 @@
       <plugin>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-maven-plugin</artifactId>
+        <version>${spring-boot.version}</version>
         <executions>
           <execution>
             <phase>package</phase>
diff --git 
a/shenyu-integrated-test/shenyu-integrated-test-http/src/test/java/org/apache/shenyu/integratedtest/http/WafTest.java
 
b/shenyu-integrated-test/shenyu-integrated-test-http/src/test/java/org/apache/shenyu/integratedtest/http/WafTest.java
new file mode 100644
index 0000000..bbb223c
--- /dev/null
+++ 
b/shenyu-integrated-test/shenyu-integrated-test-http/src/test/java/org/apache/shenyu/integratedtest/http/WafTest.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.shenyu.integratedtest.http;
+
+import org.apache.shenyu.integratedtest.http.helper.HttpHelper;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.util.Map;
+
+import static org.hamcrest.CoreMatchers.containsString;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertThat;
+
+public final class WafTest extends AbstractTest {
+
+    @Test
+    public void test() throws IOException {
+        Map<String, Object> result = 
HttpHelper.INSTANCE.postGateway("/http/test/waf/pass", "", Map.class);
+        assertNotNull(result);
+        assertEquals("pass", result.get("msg"));
+
+        result = HttpHelper.INSTANCE.postGateway("/http/test/waf/deny", "", 
Map.class);
+        assertNotNull(result);
+        assertThat(String.valueOf(result.get("message")), containsString("You 
are forbidden to visit"));
+    }
+
+}

Reply via email to