[p/contract] Add authentication in postContract

dfssc/testdata/cert.pem

+-----BEGIN CERTIFICATE-----
+MIIBkDCCAToCCQDSSWVk2vWTdjANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJG
+UjENMAsGA1UECgwEREZTUzEbMBkGA1UECwwSREZTUyBQbGF0Zm9ybSB2MC4xMRIw
+EAYDVQQDDAlsb2NhbGhvc3QwIBcNMTYwMTI2MTUzNjUzWhgPNDQ4MDAzMDgxNTM2
+NTNaME8xCzAJBgNVBAYTAkZSMQ0wCwYDVQQKDARERlNTMRkwFwYDVQQLDBBERlNT
+IENsaWVudCB2MC4xMRYwFAYDVQQDDA10ZXN0QHRlc3QuY29tMFwwDQYJKoZIhvcN
+AQEBBQADSwAwSAJBAMxHU0NP/elQbmM5HDZS5iWXr4wllaJ2bWWD0cZPI1p+jty0
+wwkKwxEklPGZCDWq1+/C4EawaqMrtZW4HQVxdu8CAwEAATANBgkqhkiG9w0BAQsF
+AANBACl2/KBGR8N4qzpNecr1yDdyfyE4nGYgr8aktAeHHNWFg53q3/VHokK0jEus
+iM6sQlvDCoaE01s6gXrarE+APfU=
+-----END CERTIFICATE-----

dfssc/testdata/key.pem

+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,3AEE90521B16D55A
+
+3848I///OSqUkY2nNmjP+CRz+mnwg1gTImYfwTQDvGgTeMBZyYh9N7wTir10/3rJ
+AD9hu6SgkZ1N9/jV7m4rVW8uJvBFyL+ZIq2aEvt2lpWwXF4Re9OeZGHrQSpVlLSD
+Kv3ZTQyEaTrQ35LgfMtd6UEd5YO/I+pv3ggUtxaNCJeu2hDsEpBkOhWfslCeidZ7
+m3wR7I3zyXr2rHMO455yusuCrg+puel8/FSMwhGXTOi2GA2C//rRolGn31GZJD8o
+STTjKNbxXzo6wuuuoiubSycOw6iLb/P9S05/CKkcV99cZRW2wjIf2BecXjC1sezP
+hxQs83QuqN06NIfhARGgfibYPny5AtZRP2PyU/JOIgvwLrNL5Z8VjioF0+/ZfXCi
+MhNuq+NLSa0WujUwWEzn4g3EJzrylFx6/RKQju7Y23A=
+-----END RSA PRIVATE KEY-----

dfssp/contract/create_test.go

@@ -3,7 +3,6 @@ package contract_test
 import (
 	"crypto/sha512"
 	"io/ioutil"
-	"os"
 	"path/filepath"
 	"testing"
 	"time"
@@ -55,20 +54,34 @@ func dropDataset() {
 }
 
 func clientTest(t *testing.T) api.PlatformClient {
-	path := filepath.Join(os.Getenv("GOPATH"), "src", "dfss", "dfssp", "testdata", "dfssp_rootCA.pem")
-	CAData, err := ioutil.ReadFile(path)
+	// TODO if anyone needs this function in another test suite, please put it in a separate file
+	// to avoid code duplication
+	caData, _ := ioutil.ReadFile(filepath.Join("..", "testdata", "dfssp_rootCA.pem"))
+	certData, _ := ioutil.ReadFile(filepath.Join("..", "..", "dfssc", "testdata", "cert.pem"))
+	keyData, _ := ioutil.ReadFile(filepath.Join("..", "..", "dfssc", "testdata", "key.pem"))
+	ca, _ := auth.PEMToCertificate(caData)
+	cert, _ := auth.PEMToCertificate(certData)
+	key, _ := auth.EncryptedPEMToPrivateKey(keyData, "password")
+
+	conn, err := net.Connect("localhost:9090", cert, key, ca)
 	if err != nil {
-		t.Fatal("Unable to load CA file:", err)
+		t.Fatal("Unable to connect:", err)
 	}
 
-	CA, err := auth.PEMToCertificate(CAData)
+	return api.NewPlatformClient(conn)
+}
 
-	conn, err := net.Connect("localhost:9090", nil, nil, CA)
+func TestAddContractBadAuth(t *testing.T) {
+	caData, _ := ioutil.ReadFile(filepath.Join("..", "testdata", "dfssp_rootCA.pem"))
+	ca, _ := auth.PEMToCertificate(caData)
+	conn, err := net.Connect("localhost:9090", nil, nil, ca)
 	if err != nil {
 		t.Fatal("Unable to connect:", err)
 	}
-
-	return api.NewPlatformClient(conn)
+	client := api.NewPlatformClient(conn)
+	errorCode, err := client.PostContract(context.Background(), &api.PostContractRequest{})
+	assert.Equal(t, nil, err)
+	assert.Equal(t, api.ErrorCode_BADAUTH, errorCode.Code)
 }
 
 func TestAddContract(t *testing.T) {
@@ -82,12 +95,8 @@ func TestAddContract(t *testing.T) {
 		Signer:   []string{user1.Email, user2.Email},
 		Comment:  "ContractComment",
 	})
-	if err != nil {
-		t.Fatal(err)
-	}
-	if errorCode.Code != api.ErrorCode_SUCCESS {
-		t.Fatal("Unexpected errorCode:", errorCode)
-	}
+	assert.Equal(t, nil, err)
+	assert.Equal(t, api.ErrorCode_SUCCESS, errorCode.Code)
 
 	// Check database content
 	var contracts []entities.Contract

dfssp/server/server.go

@@ -47,6 +47,12 @@ func (s *platformServer) Unregister(ctx context.Context, in *api.Empty) (*api.Er
 //
 // Handle incoming PostContractRequest messages
 func (s *platformServer) PostContract(ctx context.Context, in *api.PostContractRequest) (*api.ErrorCode, error) {
+
+	cn := net.GetCN(&ctx)
+	if len(cn) == 0 {
+		return &api.ErrorCode{Code: api.ErrorCode_BADAUTH}, nil
+	}
+
 	builder := contract.NewContractBuilder(s.DB, in)
 	return builder.Execute(), nil
 }

dfssp/testdata/dfssp_pkey.pem

 -----BEGIN RSA PRIVATE KEY-----
-MIIBOQIBAAJBAKC2KQ/06wgb3+oW8mH/G7dtYam7r38p9AHqRQ3Bs4OKYDGFkBSt
-ekUjDW+5cD30SXjZmPLbb4CwM94UeGA3xykCAwEAAQJAGoLSNUKmvtiyUFBmvYmy
-zchqcvB2G9kU2ngF2iYY8drP2QW7pW52u7mp+JAgeeqUTrCLnpi54YWHS6gXZLU+
-AQIhAMMk/vEnzLLU4Kc5n9YdRRr/zD+zXWiK4IqkA5T8cuRBAiEA0tRF6Y85AVqz
-mEnMkknovcZ85VVE8rVSbI4qrJOECOkCIHG9QHLilaat+Pq+1XCAwuSHr055hroG
-J/Xmvse5lGWBAiB6MU3T8I65mjg9K4jFwNCELWZ2BNXRVgZPpJZXL6h3AQIgN6vj
-D//IL8SzLhzO/NwESUu4WqGb1hR9FETJ+4gdLyc=
+MIIBOwIBAAJBAMGAgCtkRLePYFRTUN0V/0v/6phm0guHGS6f0TkSEas4CGZTKFJV
+TBksMGIBtfyYw3XQx2bO8myeypDN5nV05DcCAwEAAQJAHSdRKDh5KfbOGqZa3pR7
+3GV4YPHM37PBFYc6rJCOXO9W8L4Q1kvEhjKXp7ke18Cge7bVmlKspvxvC62gxSQm
+QQIhAPMYwpp29ZREdk8yU65Sp6w+EbZS9TjZkC+pk3syYjaxAiEAy8XWnnDMsUxb
+6vp1SaaIfxI441AYzh3+8c56CAvt02cCIQDQ2jfvHz7zyDHg7rsILMkTaSwseW9n
+DTwcRtOHZ40LsQIgDWEVAVwopG9+DYSaVNahWa6Jm6szpbzkc136NzMJT3sCIQDv
+T2KSQQIYEvPYZmE+1b9f3rs/w7setrGtqVFkm/fTWQ==
 -----END RSA PRIVATE KEY-----

dfssp/testdata/dfssp_rootCA.pem

 -----BEGIN CERTIFICATE-----
-MIIBoTCCAUugAwIBAgIILsUyirNFSPYwDQYJKoZIhvcNAQELBQAwSjEPMA0GA1UE
-BhMGRnJhbmNlMQ0wCwYDVQQKEwRERlNTMRQwEgYDVQQLEwtJTlNBIFJlbm5lczES
-MBAGA1UEAxMJbG9jYWxob3N0MCAXDTE2MDEzMTIyMjgxMFoYDzMwMTYwMjA4MjIy
-ODEwWjBKMQ8wDQYDVQQGEwZGcmFuY2UxDTALBgNVBAoTBERGU1MxFDASBgNVBAsT
-C0lOU0EgUmVubmVzMRIwEAYDVQQDEwlsb2NhbGhvc3QwXDANBgkqhkiG9w0BAQEF
-AANLADBIAkEAoLYpD/TrCBvf6hbyYf8bt21hqbuvfyn0AepFDcGzg4pgMYWQFK16
-RSMNb7lwPfRJeNmY8ttvgLAz3hR4YDfHKQIDAQABoxMwETAPBgNVHRMBAf8EBTAD
-AQH/MA0GCSqGSIb3DQEBCwUAA0EAiLMTR42DBa8lXs5q1GTQ6UvTMGlnkX90Ua+W
-/JZ1chC6hrUHB9kr3Zo1bz9S0xTouR8IfcxhWEcD/OoBvfW7Vw==
+MIIB5TCCAY+gAwIBAgIJAKId2y6Lo9T8MA0GCSqGSIb3DQEBCwUAME0xCzAJBgNV
+BAYTAkZSMQ0wCwYDVQQKDARERlNTMRswGQYDVQQLDBJERlNTIFBsYXRmb3JtIHYw
+LjExEjAQBgNVBAMMCWxvY2FsaG9zdDAgFw0xNjAxMjYxNTM2NTNaGA80NDgwMDMw
+ODE1MzY1M1owTTELMAkGA1UEBhMCRlIxDTALBgNVBAoMBERGU1MxGzAZBgNVBAsM
+EkRGU1MgUGxhdGZvcm0gdjAuMTESMBAGA1UEAwwJbG9jYWxob3N0MFwwDQYJKoZI
+hvcNAQEBBQADSwAwSAJBAMGAgCtkRLePYFRTUN0V/0v/6phm0guHGS6f0TkSEas4
+CGZTKFJVTBksMGIBtfyYw3XQx2bO8myeypDN5nV05DcCAwEAAaNQME4wHQYDVR0O
+BBYEFO09nxx5/qeLK5Wig1+3kg66gn/mMB8GA1UdIwQYMBaAFO09nxx5/qeLK5Wi
+g1+3kg66gn/mMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADQQCqNSH+rt/Z
+ru2rkabLiHOGjI+AenSOvqWZ2dWAlLksYcyuQHKwjGWgpmqkiQCnkIDwIxZvu69Y
+OBz0ASFn7eym
 -----END CERTIFICATE-----