MQE-1070: Hide Sensitive Creds in Allure Report

- encrypt creds for display and decrypt on execution

Author: imeron2433

dev/tests/functional/_bootstrap.php

@@ -4,7 +4,7 @@
  * See COPYING.txt for license details.
  */
 
-define('PROJECT_ROOT', dirname(dirname(dirname(__DIR__))));
+defined('PROJECT_ROOT') || define('PROJECT_ROOT', dirname(dirname(dirname(__DIR__))));
 require_once realpath(PROJECT_ROOT . '/vendor/autoload.php');
 
 //Load constants from .env file

dev/tests/unit/Magento/FunctionalTestFramework/Test/Util/ActionObjectExtractorTest.php

@@ -48,9 +48,9 @@ public function testInvalidMergeOrderReference()
         try {
             $this->testActionObjectExtractor->extractActions($invalidArray, 'TestWithSelfReferencingStepKey');
         } catch (\Exception $e) {
-            TestLoggingUtil::getInstance()->validateMockLogStatement(
+            TestLoggingUtil::getInstance()->validateMockLogStatmentRegex(
                 'error',
-                'Line 108: Invalid ordering configuration in test',
+                '/Line \d*: Invalid ordering configuration in test/',
                 [
                     'test' => 'TestWithSelfReferencingStepKey',
                     'stepKey' => ['invalidTestAction1']

dev/tests/unit/Util/TestLoggingUtil.php

@@ -82,6 +82,15 @@ public function validateMockLogStatement($type, $message, $context)
         $this->assertEquals($context, $record['context']);
     }
 
+    public function validateMockLogStatmentRegex($type, $regex, $context)
+    {
+        $records = $this->testLogHandler->getRecords();
+        $record = $records[count($records)-1]; // we assume the latest record is what requires validation
+        $this->assertEquals(strtoupper($type), $record['level_name']);
+        $this->assertRegExp($regex, $record['message']);
+        $this->assertEquals($context, $record['context']);
+    }
+
     /**
      * Function which clears the test logger context from the LogginUtil class. Should be run after a test class has
      * executed.

dev/tests/verification/Resources/PersistedReplacementTest.txt

@@ -53,7 +53,7 @@ class PersistedReplacementTestCest
 		$I->fillField("#selector", "StringBefore " . $createdData->getCreatedDataByName('firstname') . " StringAfter");
 		$I->fillField("#" . $createdData->getCreatedDataByName('firstname'), "input");
 		$I->fillField("#" . getenv("MAGENTO_BASE_URL") . "#" . $createdData->getCreatedDataByName('firstname'), "input");
-		$I->fillField("#" . CredentialStore::getInstance()->getSecret("SECRET_PARAM") . "#" . $createdData->getCreatedDataByName('firstname'), "input");
+		$I->fillSecretField("#" . CredentialStore::getInstance()->getSecret("SECRET_PARAM") . "#" . $createdData->getCreatedDataByName('firstname'), "input");
 		$I->dragAndDrop("#" . $createdData->getCreatedDataByName('firstname'), $createdData->getCreatedDataByName('lastname'));
 		$I->conditionalClick($createdData->getCreatedDataByName('lastname'), "#" . $createdData->getCreatedDataByName('firstname'), true);
 		$I->amOnUrl($createdData->getCreatedDataByName('firstname') . ".html");

src/Magento/FunctionalTestingFramework/Console/RunTestCommand.php

@@ -13,6 +13,7 @@
 use Symfony\Component\Console\Input\InputInterface;
 use Symfony\Component\Console\Input\InputOption;
 use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Debug\Debug;
 use Symfony\Component\Process\Process;
 
 class RunTestCommand extends Command

src/Magento/FunctionalTestingFramework/DataGenerator/Handlers/CredentialStore.php

@@ -14,12 +14,19 @@
 class CredentialStore
 {
     /**
-     * Singletone instnace
+     * Singleton instance
      *
      * @var CredentialStore
      */
     private static $INSTANCE = null;
 
+    /**
+     * Initial vector for open_ssl encryption.
+     *
+     * @var string
+     */
+    private $iv = null;
+
     /**
      * Key/Value paris of credential names and their corresponding values
      *
@@ -47,6 +54,7 @@ public static function getInstance()
     private function __construct()
     {
         $this->readInCredentialsFile();
+        $this->encryptionKey = openssl_random_pseudo_bytes(16);
     }
 
     /**
@@ -103,8 +111,19 @@ private function readInCredentialsFile()
 
             list($key, $value) = explode("=", $credValue);
             if (!empty($value)) {
-                $this->credentials[$key] = $value;
+                $this->credentials[$key] = openssl_encrypt($value, "AES-128-ECB", 0, $this->iv);
             }
         }
     }
+
+    /**
+     * Takes a value encrypted at runtime and descrypts using the object's initial vector.
+     *
+     * @param string $value
+     * @return string
+     */
+    public function decryptSecretValue($value)
+    {
+        return openssl_decrypt($value, "AES-128-ECB", 0, $this->iv);
+    }
 }

src/Magento/FunctionalTestingFramework/Module/MagentoWebDriver.php

@@ -6,25 +6,18 @@
 
 namespace Magento\FunctionalTestingFramework\Module;
 
-use Codeception\Events;
 use Codeception\Module\WebDriver;
 use Codeception\Test\Descriptor;
 use Codeception\TestInterface;
-use Facebook\WebDriver\WebDriverSelect;
-use Facebook\WebDriver\WebDriverBy;
-use Facebook\WebDriver\Exception\NoSuchElementException;
 use Facebook\WebDriver\Interactions\WebDriverActions;
-use Codeception\Exception\ElementNotFound;
 use Codeception\Exception\ModuleConfigException;
 use Codeception\Exception\ModuleException;
 use Codeception\Util\Uri;
-use Codeception\Util\ActionSequence;
+use Magento\FunctionalTestingFramework\DataGenerator\Handlers\CredentialStore;
 use Magento\FunctionalTestingFramework\DataGenerator\Persist\Curl\WebapiExecutor;
 use Magento\FunctionalTestingFramework\Util\Protocol\CurlTransport;
 use Magento\FunctionalTestingFramework\Util\Protocol\CurlInterface;
-use Magento\Setup\Exception;
 use Magento\FunctionalTestingFramework\Util\ConfigSanitizerUtil;
-use Yandex\Allure\Adapter\Event\TestCaseFinishedEvent;
 use Yandex\Allure\Adapter\Support\AttachmentSupport;
 
 /**
@@ -44,6 +37,8 @@
  *             password: admin_password
  *             browser: chrome
  * ```
+ *
+ * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
  */
 class MagentoWebDriver extends WebDriver
 {
@@ -61,6 +56,8 @@ class MagentoWebDriver extends WebDriver
         '//div[@data-role="spinner"]'
     ];
 
+    const STEP_OBJ_BACKTRACE_POS = 2;
+
     /**
      * The module required fields, to be set in the suite .yml configuration file.
      *
@@ -596,6 +593,19 @@ public function dragAndDrop($source, $target, $xOffset = null, $yOffset = null)
         }
     }
 
+    /**
+     * @param $field
+     * @param $value
+     */
+    public function fillSecretField($field, $value)
+    {
+        // to protect any secrets from being printed to console the values are executed only at the webdriver level as a
+        // decrypted value
+
+        $decryptedValue = CredentialStore::getInstance()->decryptSecretValue($value);
+        $this->fillField($field, $decryptedValue);
+    }
+
     /**
      * Override for _failed method in Codeception method. Adds png and html attachments to allure report
      * following parent execution of test failure processing.

src/Magento/FunctionalTestingFramework/Test/Objects/TestObject.php

@@ -9,6 +9,8 @@
 use Magento\FunctionalTestingFramework\Test\Handlers\ActionGroupObjectHandler;
 use Magento\FunctionalTestingFramework\Test\Util\ActionMergeUtil;
 use Magento\FunctionalTestingFramework\Test\Util\ActionObjectExtractor;
+use Magento\FunctionalTestingFramework\Test\Util\TestHookObjectExtractor;
+use Magento\FunctionalTestingFramework\Test\Util\TestObjectExtractor;
 
 /**
  * Class TestObject
@@ -183,12 +185,10 @@ public function getEstimatedDuration()
         }
 
         $hookTime = 0;
-        if (array_key_exists('before', $this->hooks)) {
-            $hookTime += $this->calculateWeightedActionTimes($this->hooks['before']->getActions());
-        }
-
-        if (array_key_exists('after', $this->hooks)) {
-            $hookTime += $this->calculateWeightedActionTimes($this->hooks['after']->getActions());
+        foreach ([TestObjectExtractor::TEST_BEFORE_HOOK, TestObjectExtractor::TEST_AFTER_HOOK] as $hookName) {
+            if (array_key_exists($hookName, $this->hooks)) {
+                $hookTime += $this->calculateWeightedActionTimes($this->hooks[$hookName]->getActions());
+            }
         }
 
         $testTime = $this->calculateWeightedActionTimes($this->getOrderedActions());

src/Magento/FunctionalTestingFramework/Test/Util/ActionMergeUtil.php

@@ -83,7 +83,66 @@ public function resolveActionSteps($parsedSteps, $skipActionGroupResolution = fa
             return $this->orderedSteps;
         }
 
-        return $this->resolveActionGroups($this->orderedSteps);
+        $resolvedActions = $this->resolveActionGroups($this->orderedSteps);
+        return $this->resolveSecretFieldAccess($resolvedActions);
+    }
+
+    /**
+     * Takes an array of actions and resolves any references to secret fields. The function then validates whether the
+     * refernece is valid and replaces the function name accordingly to hide arguments at runtime.
+     *
+     * @param ActionObject[] $resolvedActions
+     * @return ActionObject[]
+     * @throws TestReferenceException
+     */
+    private function resolveSecretFieldAccess($resolvedActions)
+    {
+        $actions = [];
+        foreach ($resolvedActions as $resolvedAction) {
+            $action = $resolvedAction;
+            $hasSecretRef = $this->actionAttributeContainsSecretRef($resolvedAction->getCustomActionAttributes());
+
+            if ($resolvedAction->getType() !== 'fillField' && $hasSecretRef) {
+                throw new TestReferenceException("You cannot reference secret data outside of fill field actions");
+            }
+
+            if ($resolvedAction->getType() === 'fillField' && $hasSecretRef) {
+                $action = new ActionObject(
+                    $action->getStepKey(),
+                    'fillSecretField',
+                    $action->getCustomActionAttributes(),
+                    $action->getLinkedAction(),
+                    $action->getActionOrigin()
+                );
+            }
+
+            $actions[$action->getStepKey()] = $action;
+        }
+
+        return $actions;
+    }
+
+    /**
+     * Returns a boolean based on whether or not the action attributes contain a reference to a secret field.
+     *
+     * @param array $actionAttributes
+     * @return bool
+     */
+    private function actionAttributeContainsSecretRef($actionAttributes)
+    {
+        foreach ($actionAttributes as $actionAttribute) {
+            if (is_array($actionAttribute)) {
+                return $this->actionAttributeContainsSecretRef($actionAttribute);
+            }
+
+            preg_match_all("/{{_CREDS\.([\w]+)}}/", $actionAttribute, $matches);
+
+            if (!empty($matches[0])) {
+                return true;
+            }
+        }
+
+        return false;
     }
 
     /**

src/Magento/FunctionalTestingFramework/Test/Util/ActionObjectExtractor.php

@@ -59,6 +59,7 @@ public function extractActions($testActions, $testName = null)
 
         foreach ($testActions as $actionName => $actionData) {
             $stepKey = $actionData[self::TEST_STEP_MERGE_KEY];
+            $actionType = $actionData[self::NODE_NAME];
 
             if (empty($stepKey)) {
                 throw new XmlException(sprintf(self::STEP_KEY_EMPTY_ERROR_MSG, $actionData['nodeName']));
@@ -79,10 +80,7 @@ public function extractActions($testActions, $testName = null)
                 $actionAttributes['parameterArray'] = $actionData['array']['value'];
             }
 
-            if ($actionData[self::NODE_NAME] === self::ACTION_GROUP_TAG) {
-                $actionAttributes = $this->processActionGroupArgs($actionAttributes);
-            }
-
+            $actionAttributes = $this->processActionGroupArgs($actionType, $actionAttributes);
             $linkedAction = $this->processLinkedActions($actionName, $actionData);
             $actions = $this->extractFieldActions($actionData, $actions);
             $actionAttributes = $this->extractFieldReferences($actionData, $actionAttributes);
@@ -98,7 +96,7 @@ public function extractActions($testActions, $testName = null)
 
             $actions[$stepKey] = new ActionObject(
                 $stepKey,
-                $actionData[self::NODE_NAME],
+                $actionType,
                 $actionAttributes,
                 $linkedAction['stepKey'],
                 $linkedAction['order']
@@ -142,11 +140,16 @@ private function processLinkedActions($actionName, $actionData)
      * Takes the action group reference and parses out arguments as an array that can be passed to override defaults
      * defined in the action group xml.
      *
+     * @param string $actionType
      * @param array $actionAttributeData
      * @return array
      */
-    private function processActionGroupArgs($actionAttributeData)
+    private function processActionGroupArgs($actionType, $actionAttributeData)
     {
+        if ($actionType !== self::ACTION_GROUP_TAG) {
+            return $actionAttributeData;
+        }
+
         $actionAttributeArgData = [];
         foreach ($actionAttributeData as $attributeDataKey => $attributeDataValues) {
             if ($attributeDataKey == self::ACTION_GROUP_REF) {

src/Magento/FunctionalTestingFramework/Test/etc/actionTypeTags.xsd

@@ -37,6 +37,7 @@
             <xs:element type="executeInSeleniumType" name="executeInSelenium" minOccurs="0" maxOccurs="unbounded"/>
             <xs:element type="executeJSType" name="executeJS" minOccurs="0" maxOccurs="unbounded"/>
             <xs:element type="fillFieldType" name="fillField" minOccurs="0" maxOccurs="unbounded"/>
+            <xs:element type="fillFieldType" name="fillSecretField" minOccurs="0" maxOccurs="unbounded"/>
             <xs:element type="loadSessionSnapshotType" name="loadSessionSnapshot" minOccurs="0" maxOccurs="unbounded"/>
             <xs:element type="makeScreenshotType" name="makeScreenshot" minOccurs="0" maxOccurs="unbounded"/>
             <xs:element type="maximizeWindowType" name="maximizeWindow" minOccurs="0" maxOccurs="unbounded"/>

src/Magento/FunctionalTestingFramework/Util/Iterator/File.php

@@ -37,6 +37,10 @@ public function __construct(array $paths)
      */
     public function getFilename()
     {
+        if ($this->current == null) {
+            return null;
+        }
+
         return $this->data[$this->key()];
     }
 

src/Magento/FunctionalTestingFramework/Util/TestGenerator.php

@@ -210,7 +210,7 @@ private function assembleTestPhp($testObject)
             $hookPhp = $this->generateHooksPhp($testObject->getHooks());
             $testsPhp = $this->generateTestPhp($testObject);
         } catch (TestReferenceException $e) {
-            throw new TestReferenceException($e->getMessage() . " in Test \"" . $testObject->getName() . "\"");
+            throw new TestReferenceException($e->getMessage() . "\n" . $testObject->getFilename());
         }
 
         $cestPhp = "<?php\n";