opensearch-project · kkondaka · Jun 22, 2023 · Jun 20, 2023
@@ -0,0 +1,75 @@
+/*
+ * Copyright OpenSearch Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package org.opensearch.dataprepper.plugins.processor;
+
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.opensearch.dataprepper.plugins.processor.configuration.AwsAuthenticationOptions;
+import org.opensearch.dataprepper.plugins.processor.configuration.KeysConfig;
+import org.opensearch.dataprepper.plugins.processor.configuration.ServiceTypeOptions;
+import org.opensearch.dataprepper.test.helper.ReflectivelySetField;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.MatcherAssert.assertThat;
+
+@ExtendWith(MockitoExtension.class)
+class GeoIPProcessorConfigTest {
+
+    private GeoIPProcessorConfig geoIPProcessorConfig;
+
+    @BeforeEach
+    void setUp() {
+        geoIPProcessorConfig = new GeoIPProcessorConfig();
+    }
+
+    @Test
+    void getAwsAuthenticationOptionsTestPositive() throws NoSuchFieldException, IllegalAccessException {
+        AwsAuthenticationOptions awsAuthenticationOptions = new AwsAuthenticationOptions();
+        ReflectivelySetField.setField(GeoIPProcessorConfig.class,
+                geoIPProcessorConfig, "awsAuthenticationOptions", awsAuthenticationOptions);
+        assertThat(geoIPProcessorConfig.getAwsAuthenticationOptions(), equalTo(awsAuthenticationOptions));
+    }
+
+    @Test
+    void getAwsAuthenticationOptionsTestNegative() {
+        assertThat(new GeoIPProcessorConfig().getAwsAuthenticationOptions(), equalTo(null));
+    }
+
+    @Test
+    void getKeysConfigTestPositive() throws NoSuchFieldException, IllegalAccessException {
+        List<KeysConfig> keysConfigList = new ArrayList<>();
+        keysConfigList.add(new KeysConfig());
+        ReflectivelySetField.setField(GeoIPProcessorConfig.class,
+                geoIPProcessorConfig, "keysConfig", keysConfigList);
+        assertThat(geoIPProcessorConfig.getKeysConfig(), equalTo(keysConfigList));
+
+    }
+
+    @Test
+    void getKeysConfigTestNegative() {
+        assertThat(new GeoIPProcessorConfig().getKeysConfig(), equalTo(null));
+    }
+
+
+    @Test
+    void getServiceTypeTestPositive() throws NoSuchFieldException, IllegalAccessException {
+        ServiceTypeOptions serviceTypeOptions = new ServiceTypeOptions();
+        ReflectivelySetField.setField(GeoIPProcessorConfig.class,
+                geoIPProcessorConfig, "serviceType", serviceTypeOptions);
+        assertThat(geoIPProcessorConfig.getServiceType(), equalTo(serviceTypeOptions));
+    }
+
+    @Test
+    void getServiceTypeNegative() {
+        assertThat(new GeoIPProcessorConfig().getServiceType(), equalTo(null));
+    }
+
+}
@@ -0,0 +1,224 @@
+/*
+ * Copyright OpenSearch Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package org.opensearch.dataprepper.plugins.processor.configuration;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Nested;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.ValueSource;
+import org.mockito.ArgumentCaptor;
+import org.mockito.MockedStatic;
+import org.opensearch.dataprepper.test.helper.ReflectivelySetField;
+import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider;
+import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider;
+import software.amazon.awssdk.awscore.AwsRequestOverrideConfiguration;
+import software.amazon.awssdk.regions.Region;
+import software.amazon.awssdk.services.sts.StsClient;
+import software.amazon.awssdk.services.sts.StsClientBuilder;
+import software.amazon.awssdk.services.sts.model.AssumeRoleRequest;
+
+import java.util.Collections;
+import java.util.Map;
+import java.util.UUID;
+import java.util.function.Consumer;
+
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.CoreMatchers.instanceOf;
+import static org.hamcrest.CoreMatchers.nullValue;
+import static org.hamcrest.CoreMatchers.sameInstance;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.mockStatic;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.verifyNoMoreInteractions;
+import static org.mockito.Mockito.when;
+
+class AwsAuthenticationOptionsTest {
+    private ObjectMapper objectMapper;
+
+    private AwsAuthenticationOptions awsAuthenticationOptions;
+    private final String TEST_ROLE = "arn:aws:iam::123456789012:role/test-role";
+    @BeforeEach
+    void setUp() {
+        objectMapper = new ObjectMapper();
+        awsAuthenticationOptions = new AwsAuthenticationOptions();
+    }
+
+    @ParameterizedTest
+    @ValueSource(strings = {"us-east-1", "us-west-2", "eu-central-1"})
+    void getAwsRegion_returns_Region_of(final String regionString) {
+        final Region expectedRegionObject = Region.of(regionString);
+        final Map<String, Object> jsonMap = Map.of("region", regionString);
+        final AwsAuthenticationOptions objectUnderTest = objectMapper.convertValue(jsonMap, AwsAuthenticationOptions.class);
+        assertThat(objectUnderTest.getAwsRegion(), equalTo(expectedRegionObject));
+    }
+
+    @Test
+    void getAwsRegion_returns_null_when_region_is_null() {
+        final Map<String, Object> jsonMap = Collections.emptyMap();
+        final AwsAuthenticationOptions objectUnderTest = objectMapper.convertValue(jsonMap, AwsAuthenticationOptions.class);
+        assertThat(objectUnderTest.getAwsRegion(), nullValue());
+    }
+
+    @Test
+    void authenticateAWSConfiguration_should_return_s3Client_without_sts_role_arn() throws NoSuchFieldException, IllegalAccessException {
+        ReflectivelySetField.setField(AwsAuthenticationOptions.class, awsAuthenticationOptions, "awsRegion", "us-east-1");
+        ReflectivelySetField.setField(AwsAuthenticationOptions.class, awsAuthenticationOptions, "awsStsRoleArn", null);
+
+        final DefaultCredentialsProvider mockedCredentialsProvider = mock(DefaultCredentialsProvider.class);
+        final AwsCredentialsProvider actualCredentialsProvider;
+        try (final MockedStatic<DefaultCredentialsProvider> defaultCredentialsProviderMockedStatic = mockStatic(DefaultCredentialsProvider.class)) {
+            defaultCredentialsProviderMockedStatic.when(DefaultCredentialsProvider::create)
+                    .thenReturn(mockedCredentialsProvider);
+            actualCredentialsProvider = awsAuthenticationOptions.authenticateAwsConfiguration();
+        }
+
+        assertThat(actualCredentialsProvider, sameInstance(mockedCredentialsProvider));
+    }
+
+    @Nested
+    class WithSts {
+        private StsClient stsClient;
+        private StsClientBuilder stsClientBuilder;
+
+        @BeforeEach
+        void setUp() {
+            stsClient = mock(StsClient.class);
+            stsClientBuilder = mock(StsClientBuilder.class);
+
+            when(stsClientBuilder.build()).thenReturn(stsClient);
+        }
+
+        @Test
+        void authenticateAWSConfiguration_should_return_s3Client_with_sts_role_arn() throws NoSuchFieldException, IllegalAccessException {
+            ReflectivelySetField.setField(AwsAuthenticationOptions.class, awsAuthenticationOptions, "awsRegion", "us-east-1");
+            ReflectivelySetField.setField(AwsAuthenticationOptions.class, awsAuthenticationOptions, "awsStsRoleArn", TEST_ROLE);
+
+            when(stsClientBuilder.region(Region.US_EAST_1)).thenReturn(stsClientBuilder);
+            final AssumeRoleRequest.Builder assumeRoleRequestBuilder = mock(AssumeRoleRequest.Builder.class);
+            when(assumeRoleRequestBuilder.roleSessionName(anyString()))
+                    .thenReturn(assumeRoleRequestBuilder);
+            when(assumeRoleRequestBuilder.roleArn(anyString()))
+                    .thenReturn(assumeRoleRequestBuilder);
+
+            final AwsCredentialsProvider actualCredentialsProvider;
+            try (final MockedStatic<StsClient> stsClientMockedStatic = mockStatic(StsClient.class);
+                 final MockedStatic<AssumeRoleRequest> assumeRoleRequestMockedStatic = mockStatic(AssumeRoleRequest.class)) {
+                stsClientMockedStatic.when(StsClient::builder).thenReturn(stsClientBuilder);
+                assumeRoleRequestMockedStatic.when(AssumeRoleRequest::builder).thenReturn(assumeRoleRequestBuilder);
+                actualCredentialsProvider = awsAuthenticationOptions.authenticateAwsConfiguration();
+            }
+
+            assertThat(actualCredentialsProvider, instanceOf(AwsCredentialsProvider.class));
+
+            verify(assumeRoleRequestBuilder).roleArn(TEST_ROLE);
+            verify(assumeRoleRequestBuilder).roleSessionName(anyString());
+            verify(assumeRoleRequestBuilder).build();
+            verifyNoMoreInteractions(assumeRoleRequestBuilder);
+        }
+
+        @Test
+        void authenticateAWSConfiguration_should_return_s3Client_with_sts_role_arn_when_no_region() throws NoSuchFieldException, IllegalAccessException {
+            ReflectivelySetField.setField(AwsAuthenticationOptions.class, awsAuthenticationOptions, "awsRegion", null);
+            ReflectivelySetField.setField(AwsAuthenticationOptions.class, awsAuthenticationOptions, "awsStsRoleArn", TEST_ROLE);
+            assertThat(awsAuthenticationOptions.getAwsRegion(), equalTo(null));
+
+            when(stsClientBuilder.region(null)).thenReturn(stsClientBuilder);
+
+            final AwsCredentialsProvider actualCredentialsProvider;
+            try (final MockedStatic<StsClient> stsClientMockedStatic = mockStatic(StsClient.class)) {
+                stsClientMockedStatic.when(StsClient::builder).thenReturn(stsClientBuilder);
+                actualCredentialsProvider = awsAuthenticationOptions.authenticateAwsConfiguration();
+            }
+
+            assertThat(actualCredentialsProvider, instanceOf(AwsCredentialsProvider.class));
+        }
+
+        @Test
+        void authenticateAWSConfiguration_should_override_STS_Headers_when_HeaderOverrides_when_set() throws NoSuchFieldException, IllegalAccessException {
+            final String headerName1 = UUID.randomUUID().toString();
+            final String headerValue1 = UUID.randomUUID().toString();
+            final String headerName2 = UUID.randomUUID().toString();
+            final String headerValue2 = UUID.randomUUID().toString();
+            final Map<String, String> overrideHeaders = Map.of(headerName1, headerValue1, headerName2, headerValue2);
+
+            ReflectivelySetField.setField(AwsAuthenticationOptions.class, awsAuthenticationOptions, "awsRegion", "us-east-1");
+            ReflectivelySetField.setField(AwsAuthenticationOptions.class, awsAuthenticationOptions, "awsStsRoleArn", TEST_ROLE);
+            ReflectivelySetField.setField(AwsAuthenticationOptions.class, awsAuthenticationOptions, "awsStsHeaderOverrides", overrideHeaders);
+
+            when(stsClientBuilder.region(Region.US_EAST_1)).thenReturn(stsClientBuilder);
+
+            final AssumeRoleRequest.Builder assumeRoleRequestBuilder = mock(AssumeRoleRequest.Builder.class);
+            when(assumeRoleRequestBuilder.roleSessionName(anyString()))
+                    .thenReturn(assumeRoleRequestBuilder);
+            when(assumeRoleRequestBuilder.roleArn(anyString()))
+                    .thenReturn(assumeRoleRequestBuilder);
+            when(assumeRoleRequestBuilder.overrideConfiguration(any(Consumer.class)))
+                    .thenReturn(assumeRoleRequestBuilder);
+
+            final AwsCredentialsProvider actualCredentialsProvider;
+            try (final MockedStatic<StsClient> stsClientMockedStatic = mockStatic(StsClient.class);
+                 final MockedStatic<AssumeRoleRequest> assumeRoleRequestMockedStatic = mockStatic(AssumeRoleRequest.class)) {
+                stsClientMockedStatic.when(StsClient::builder).thenReturn(stsClientBuilder);
+                assumeRoleRequestMockedStatic.when(AssumeRoleRequest::builder).thenReturn(assumeRoleRequestBuilder);
+                actualCredentialsProvider = awsAuthenticationOptions.authenticateAwsConfiguration();
+            }
+
+            assertThat(actualCredentialsProvider, instanceOf(AwsCredentialsProvider.class));
+
+            final ArgumentCaptor<Consumer<AwsRequestOverrideConfiguration.Builder>> configurationCaptor = ArgumentCaptor.forClass(Consumer.class);
+
+            verify(assumeRoleRequestBuilder).roleArn(TEST_ROLE);
+            verify(assumeRoleRequestBuilder).roleSessionName(anyString());
+            verify(assumeRoleRequestBuilder).overrideConfiguration(configurationCaptor.capture());
+            verify(assumeRoleRequestBuilder).build();
+            verifyNoMoreInteractions(assumeRoleRequestBuilder);
+
+            final Consumer<AwsRequestOverrideConfiguration.Builder> actualOverride = configurationCaptor.getValue();
+
+            final AwsRequestOverrideConfiguration.Builder configurationBuilder = mock(AwsRequestOverrideConfiguration.Builder.class);
+            actualOverride.accept(configurationBuilder);
+            verify(configurationBuilder).putHeader(headerName1, headerValue1);
+            verify(configurationBuilder).putHeader(headerName2, headerValue2);
+            verifyNoMoreInteractions(configurationBuilder);
+        }
+
+        @Test
+        void authenticateAWSConfiguration_should_not_override_STS_Headers_when_HeaderOverrides_are_empty() throws NoSuchFieldException, IllegalAccessException {
+
+            ReflectivelySetField.setField(AwsAuthenticationOptions.class, awsAuthenticationOptions, "awsRegion", "us-east-1");
+            ReflectivelySetField.setField(AwsAuthenticationOptions.class, awsAuthenticationOptions, "awsStsRoleArn", TEST_ROLE);
+            ReflectivelySetField.setField(AwsAuthenticationOptions.class, awsAuthenticationOptions, "awsStsHeaderOverrides", Collections.emptyMap());
+
+            when(stsClientBuilder.region(Region.US_EAST_1)).thenReturn(stsClientBuilder);
+            final AssumeRoleRequest.Builder assumeRoleRequestBuilder = mock(AssumeRoleRequest.Builder.class);
+            when(assumeRoleRequestBuilder.roleSessionName(anyString()))
+                    .thenReturn(assumeRoleRequestBuilder);
+            when(assumeRoleRequestBuilder.roleArn(anyString()))
+                    .thenReturn(assumeRoleRequestBuilder);
+
+            final AwsCredentialsProvider actualCredentialsProvider;
+            try (final MockedStatic<StsClient> stsClientMockedStatic = mockStatic(StsClient.class);
+                 final MockedStatic<AssumeRoleRequest> assumeRoleRequestMockedStatic = mockStatic(AssumeRoleRequest.class)) {
+                stsClientMockedStatic.when(StsClient::builder).thenReturn(stsClientBuilder);
+                assumeRoleRequestMockedStatic.when(AssumeRoleRequest::builder).thenReturn(assumeRoleRequestBuilder);
+                actualCredentialsProvider = awsAuthenticationOptions.authenticateAwsConfiguration();
+            }
+
+            assertThat(actualCredentialsProvider, instanceOf(AwsCredentialsProvider.class));
+
+            verify(assumeRoleRequestBuilder).roleArn(TEST_ROLE);
+            verify(assumeRoleRequestBuilder).roleSessionName(anyString());
+            verify(assumeRoleRequestBuilder).build();
+            verifyNoMoreInteractions(assumeRoleRequestBuilder);
+        }
+    }
+
+}
@@ -0,0 +1,38 @@
+/*
+ * Copyright OpenSearch Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package org.opensearch.dataprepper.plugins.processor.configuration;
+
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.opensearch.dataprepper.test.helper.ReflectivelySetField;
+
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.MatcherAssert.assertThat;
+
+@ExtendWith(MockitoExtension.class)
+class DatabasePathURLConfigTest {
+
+    private static final String URL = "s3://mybucket10012023/GeoLite2";
+    private DatabasePathURLConfig databasePathURLConfig;
+
+    @BeforeEach
+    void setUp() {
+        databasePathURLConfig = new DatabasePathURLConfig();
+    }
+
+    @Test
+    void getUrlTestPositive() throws NoSuchFieldException, IllegalAccessException {
+        ReflectivelySetField.setField(DatabasePathURLConfig.class, databasePathURLConfig, "url", URL);
+        assertThat(databasePathURLConfig.getUrl(), equalTo(URL));
+    }
+
+    @Test
+    void getUrlTestNegative() {
+        assertThat(new DatabasePathURLConfig().getUrl(), equalTo(null));
+    }
+}