Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc-test-automation / 5e6515e9fa6ea1d0b4b393e63cdf63881826390e / . / redfish / service_root / test_service_root_security.robot
blob: a2090c671c99f19d75ad127910aa03dabdda6d21 [file] [log] [blame]
George Keishing4c394012019-02-01 06:03:02 -0600[diff] [blame]1*** Settings ***
Joy Onyerikwudbfe97d2019-03-11 19:44:56 -0500[diff] [blame]2Documentation Test Redfish service root login security.
3
George Keishing85609902019-02-18 07:24:24 -0600[diff] [blame]4Resource ../../lib/resource.robot
George Keishing4c394012019-02-01 06:03:02 -0600[diff] [blame]5Resource ../../lib/bmc_redfish_resource.robot
George Keishing3298d5c2019-02-12 06:59:25 -0600[diff] [blame]6Resource ../../lib/openbmc_ffdc.robot
7
8Test Teardown FFDC On Test Case Fail
George Keishing97c93942019-03-04 12:45:07 -0600[diff] [blame]9Test Setup Rprintn
George Keishing4c394012019-02-01 06:03:02 -0600[diff] [blame]10
George Keishing374e6842019-02-20 08:57:18 -0600[diff] [blame]11*** Variables ***
12
13${LOGIN_SESSION_COUNT} ${50}
14
George Keishing4c394012019-02-01 06:03:02 -0600[diff] [blame]15*** Test Cases ***
16
George Keishing5ee33d92019-02-02 12:33:25 -0600[diff] [blame]17Redfish Login With Invalid Credentials
George Keishing4c394012019-02-01 06:03:02 -0600[diff] [blame]18 [Documentation] Login to BMC web using invalid credential.
George Keishing5ee33d92019-02-02 12:33:25 -0600[diff] [blame]19 [Tags] Redfish_Login_With_Invalid_Credentials
George Keishing4c394012019-02-01 06:03:02 -0600[diff] [blame]20 [Template] Login And Verify Redfish Response
21
22 # Expect status Username Password
23 InvalidCredentialsError* ${OPENBMC_USERNAME} deadpassword
24 InvalidCredentialsError* groot ${OPENBMC_PASSWORD}
25 InvalidCredentialsError* ${EMPTY} ${OPENBMC_PASSWORD}
26 InvalidCredentialsError* ${OPENBMC_USERNAME} ${EMPTY}
27 InvalidCredentialsError* ${EMPTY} ${EMPTY}
28
29
George Keishing5ee33d92019-02-02 12:33:25 -0600[diff] [blame]30Redfish Login Using Unsecured HTTP
George Keishinga8116932019-02-05 11:51:47 -0600[diff] [blame]31 [Documentation] Login to BMC web through http unsecured.
George Keishing5ee33d92019-02-02 12:33:25 -0600[diff] [blame]32 [Tags] Redfish_Login_Using_Unsecured_HTTP
George Keishinga8116932019-02-05 11:51:47 -0600[diff] [blame]33
34 Create Session openbmc http://${OPENBMC_HOST}
35 ${data}= Create Dictionary
36 ... UserName=${OPENBMC_USERNAME} Password=${OPENBMC_PASSWORD}
37
38 ${headers}= Create Dictionary Content-Type=application/json
39
40 Run Keyword And Expect Error *Connection refused*
41 ... Post Request openbmc /redfish/v1/SessionService/Sessions
42 ... data=${data} headers=${headers}
43
44
George Keishingb2f07342019-02-09 05:21:45 -0600[diff] [blame]45Redfish Login Using HTTPS Wrong Port 80 Protocol
46 [Documentation] Login to BMC web through wrong protocol port 80.
47 [Tags] Redfish_Login_Using_HTTPS_Wrong_Port_80_Protocol
48
49 Create Session openbmc https://${OPENBMC_HOST}:80
50 ${data}= Create Dictionary
51 ... UserName=${OPENBMC_USERNAME} Password=${OPENBMC_PASSWORD}
52
53 ${headers}= Create Dictionary Content-Type=application/json
54
55 Run Keyword And Expect Error *Connection refused*
56 ... Post Request openbmc /redfish/v1/SessionService/Sessions
57 ... data=${data} headers=${headers}
58
59
George Keishing374e6842019-02-20 08:57:18 -0600[diff] [blame]60Create Multiple Login Sessions And Verify
61 [Documentation] Create 50 login instances and verify.
62 [Tags] Create_Multiple_Login_Sessions_And_Verify
63 [Teardown] Multiple Session Cleanup
64
George Keishing97c93942019-03-04 12:45:07 -0600[diff] [blame]65 Redfish.Login
George Keishing374e6842019-02-20 08:57:18 -0600[diff] [blame]66 # Example:
67 # {
68 # 'key': 'L0XEsZAXpNdF147jJaOD',
69 # 'location': '/redfish/v1/SessionService/Sessions/qWn2JOJSOs'
70 # }
George Keishing0b9d8ab2019-02-20 14:02:41 -0600[diff] [blame]71 ${saved_session_info}= Get Redfish Session Info
George Keishing374e6842019-02-20 08:57:18 -0600[diff] [blame]72
73 # Sessions book keeping for cleanup once done.
74 ${session_list}= Create List
75 Set Test Variable ${session_list}
76
77 Repeat Keyword ${LOGIN_SESSION_COUNT} times Create New Login Session
78
79 # Update the redfish session object with the first login key and location
80 # and verify if it is still working.
George Keishing97c93942019-03-04 12:45:07 -0600[diff] [blame]81 Redfish.Set Session Key ${saved_session_info["key"]}
82 Redfish.Set Session Location ${saved_session_info["location"]}
83 Redfish.Get ${saved_session_info["location"]}
George Keishing374e6842019-02-20 08:57:18 -0600[diff] [blame]84
85
George Keishing0b9d8ab2019-02-20 14:02:41 -0600[diff] [blame]86Attempt Login With Expired Session
87 [Documentation] Authenticate to redfish, then log out and attempt to
88 ... use the session.
89 [Tags] Attempt_Login_With_Expired_Session
90
George Keishing97c93942019-03-04 12:45:07 -0600[diff] [blame]91 Redfish.Login
George Keishing0b9d8ab2019-02-20 14:02:41 -0600[diff] [blame]92 ${saved_session_info}= Get Redfish Session Info
George Keishing97c93942019-03-04 12:45:07 -0600[diff] [blame]93 Redfish.Logout
George Keishing0b9d8ab2019-02-20 14:02:41 -0600[diff] [blame]94
95 # Attempt login with expired session.
96 # By default 60 minutes of inactivity closes the session.
George Keishing97c93942019-03-04 12:45:07 -0600[diff] [blame]97 Redfish.Set Session Key ${saved_session_info["key"]}
98 Redfish.Set Session Location ${saved_session_info["location"]}
George Keishing0b9d8ab2019-02-20 14:02:41 -0600[diff] [blame]99
George Keishing97c93942019-03-04 12:45:07 -0600[diff] [blame]100 Redfish.Get ${saved_session_info["location"]} valid_status_codes=[${HTTP_UNAUTHORIZED}]
George Keishing0b9d8ab2019-02-20 14:02:41 -0600[diff] [blame]101
102
George Keishing4c394012019-02-01 06:03:02 -0600[diff] [blame]103*** Keywords ***
104
105Login And Verify Redfish Response
106 [Documentation] Login and verify redfish response.
107 [Arguments] ${expected_response} ${username} ${password}
108
109 # Description of arguments:
110 # expected_response Expected REST status.
111 # username The username to be used to connect to the server.
112 # password The password to be used to connect to the server.
113
George Keishing5e6515e2019-03-12 14:22:33 -0500[diff] [blame^]114 # The redfish object may preserve a valid username or password from the
115 # last failed login attempt. If we then try to login with a null username
116 # or password value, the redfish object may prefer the preserved value.
117 # Since we're testing bad path, we wish to avoid this scenario so we will
118 # clear these values.
119
120 Redfish.Set Username ${EMPTY}
121 Redfish.Set Password ${EMPTY}
122
123 Run Keyword And Expect Error ${expected_response}
124 ... Redfish.Login ${username} ${password}
George Keishing374e6842019-02-20 08:57:18 -0600[diff] [blame]125
126
127Create New Login Session
128 [Documentation] Multiple login session keys.
129
George Keishing97c93942019-03-04 12:45:07 -0600[diff] [blame]130 Redfish.Login
George Keishing374e6842019-02-20 08:57:18 -0600[diff] [blame]131 ${session_info}= Get Redfish Session Info
132
133 # Append the session location to the list.
134 # ['/redfish/v1/SessionService/Sessions/uDzihgDecs',
135 # '/redfish/v1/SessionService/Sessions/PaHF5brPPd']
136 Append To List ${session_list} ${session_info["location"]}
137
138
139Multiple Session Cleanup
140 [Documentation] Do the teardown for multiple sessions.
141
142 FFDC On Test Case Fail
143
144 :FOR ${item} IN @{session_list}
George Keishing97c93942019-03-04 12:45:07 -0600[diff] [blame]145 \ Redfish.Delete ${item}