support Junit4 run, add missing files, change new tests from Junit4 t…

…o Junit5

pom.xml

@@ -189,6 +189,18 @@
             <version>${junit-jupiter.version}</version>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>org.junit.vintage</groupId>
+            <artifactId>junit-vintage-engine</artifactId>
+            <version>${junit-jupiter.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.mockito</groupId>
+            <artifactId>mockito-junit-jupiter</artifactId>
+            <version>5.3.1</version>
+            <scope>test</scope>
+        </dependency>
         <dependency>
             <groupId>org.assertj</groupId>
             <artifactId>assertj-core</artifactId>

src/test/java/com/uid2/shared/secure/GcpOidcAttestationProviderTest.java

@@ -5,11 +5,13 @@
 import com.uid2.shared.secure.gcpoidc.TokenPayload;
 import io.vertx.core.AsyncResult;
 import io.vertx.core.Handler;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.Mock;
-import org.mockito.junit.MockitoJUnitRunner;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.mockito.junit.jupiter.MockitoSettings;
+import org.mockito.quality.Strictness;
 
 import java.nio.charset.StandardCharsets;
 import java.util.Arrays;
@@ -19,7 +21,8 @@
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.when;
 
-@RunWith(MockitoJUnitRunner.class)
+@ExtendWith(MockitoExtension.class)
+@MockitoSettings(strictness = Strictness.LENIENT)
 public class GcpOidcAttestationProviderTest {
     private static final String ATTESTATION_REQUEST = "test-attestation-request";
     private static final String PUBLIC_KEY = "test-public-key";
@@ -30,17 +33,22 @@ public class GcpOidcAttestationProviderTest {
 
     private static final TokenPayload VALID_TOKEN_PAYLOAD = TokenPayload.builder().build();
 
-    @Mock private ITokenSignatureValidator alwaysPassTokenValidator;
-    @Mock private ITokenSignatureValidator alwaysFailTokenValidator;
+    @Mock
+    private ITokenSignatureValidator alwaysPassTokenValidator;
+    @Mock
+    private ITokenSignatureValidator alwaysFailTokenValidator;
 
-    @Mock private IPolicyValidator alwaysPassPolicyValidator1;
+    @Mock
+    private IPolicyValidator alwaysPassPolicyValidator1;
 
-    @Mock private IPolicyValidator alwaysPassPolicyValidator2;
+    @Mock
+    private IPolicyValidator alwaysPassPolicyValidator2;
 
-    @Mock private IPolicyValidator alwaysFailPolicyValidator;
+    @Mock
+    private IPolicyValidator alwaysFailPolicyValidator;
 
 
-    @Before
+    @BeforeEach
     public void setup() throws AttestationException {
         when(alwaysPassTokenValidator.validate(any())).thenReturn(VALID_TOKEN_PAYLOAD);
         when(alwaysFailTokenValidator.validate(any())).thenThrow(new AttestationException("token signature validation failed"));

src/test/java/com/uid2/shared/secure/gcpoidc/OidcPayloadValidationTest.java

@@ -1,6 +1,6 @@
 package com.uid2.shared.secure.gcpoidc;
 
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 
 import static com.uid2.shared.secure.gcpoidc.TestUtils.loadFromJson;
 import static com.uid2.shared.secure.gcpoidc.TestUtils.validateAndParseToken;

src/test/java/com/uid2/shared/secure/gcpoidc/PolicyValidatorTest.java

@@ -1,13 +1,13 @@
 package com.uid2.shared.secure.gcpoidc;
 
 import com.uid2.shared.secure.AttestationException;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
-import static org.junit.Assert.*;
+import static org.junit.jupiter.api.Assertions.*;
 
 public class PolicyValidatorTest {
     @Test

src/test/java/com/uid2/shared/secure/gcpoidc/TokenSignatureValidatorTest.java

@@ -3,7 +3,7 @@
 import com.uid2.shared.secure.AttestationException;
 import org.apache.commons.collections4.CollectionUtils;
 import org.apache.commons.collections4.MapUtils;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 
 import static com.uid2.shared.secure.gcpoidc.TestUtils.loadFromJson;
 import static com.uid2.shared.secure.gcpoidc.TestUtils.validateAndParseToken;

src/test/resources/com.uid2.shared/test/secure/gcpoidc/jwt_payload_full.json

@@ -0,0 +1,60 @@
+{
+  "aud": "https://sts.googleapis.com",
+  "exp": 1688132564,
+  "iat": 1688128964,
+  "iss": "https://confidentialcomputing.googleapis.com",
+  "nbf": 1688128964,
+  "sub": "https://www.googleapis.com/compute/v1/projects/someone-secundus-bank/zones/us-west1-b/instances/secundus-initial-vm",
+  "secboot": true,
+  "oemid": 11129,
+  "hwmodel": "GCP_AMD_SEV",
+  "swname": "CONFIDENTIAL_SPACE",
+  "swversion": [
+    "230600"
+  ],
+  "dbgstat": "disabled-since-boot",
+  "submods": {
+    "confidential_space": {
+      "support_attributes": [
+        "LATEST",
+        "STABLE",
+        "USABLE"
+      ]
+    },
+    "container": {
+      "image_reference": "us-docker.pkg.dev/someone-primus-bank/primus-workloads/initial-workload-container:latest",
+      "image_digest": "sha256:fedbd6eaf93394d5eb98d7e52d4cce17e0ea23f7fac1a6bd68e097ca85a4fffb",
+      "restart_policy": "Never",
+      "image_id": "sha256:5be33a19451733a45ea1bdb340fcb858a0fc733e91ca0a0d99638652f6dcabd0",
+      "env_override": {
+        "env1": "value1",
+        "env2": "value2"
+      },
+      "cmd_override": [
+        "count-location",
+        "Seattle",
+        "gs://yishi-secundus-bank-results-storage/seattle-result"
+      ],
+      "env": {
+        "HOSTNAME": "secundus-initial-vm",
+        "PATH": "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+      },
+      "args": [
+        "/test/initial_workload",
+        "count-location",
+        "Seattle",
+        "gs://someone-secundus-bank-results-storage/seattle-result"
+      ]
+    },
+    "gce": {
+      "zone": "us-west1-b",
+      "project_id": "someone-secundus-bank",
+      "project_number": "600005144714",
+      "instance_name": "secundus-initial-vm",
+      "instance_id": "5180554646064952245"
+    }
+  },
+  "google_service_accounts": [
+    "run-confidential-vm@someone-secundus-bank.iam.gserviceaccount.com"
+  ]
+}

src/test/resources/com.uid2.shared/test/secure/gcpoidc/jwt_payload_null.json

@@ -0,0 +1,49 @@
+{
+  "aud": "https://sts.googleapis.com",
+  "exp": 1688132564,
+  "iat": 1688128964,
+  "iss": "https://confidentialcomputing.googleapis.com",
+  "nbf": 1688128964,
+  "sub": "https://www.googleapis.com/compute/v1/projects/someone-secundus-bank/zones/us-west1-b/instances/secundus-initial-vm",
+  "secboot": true,
+  "oemid": 11129,
+  "hwmodel": "GCP_AMD_SEV",
+  "swname": "CONFIDENTIAL_SPACE",
+  "swversion": [
+    "230600"
+  ],
+  "dbgstat": "disabled-since-boot",
+  "submods": {
+    "confidential_space": {
+      "support_attributes": null
+    },
+    "container": {
+      "image_reference": "us-docker.pkg.dev/someone-primus-bank/primus-workloads/initial-workload-container:latest",
+      "image_digest": "sha256:fedbd6eaf93394d5eb98d7e52d4cce17e0ea23f7fac1a6bd68e097ca85a4fffb",
+      "restart_policy": "Never",
+      "image_id": "sha256:5be33a19451733a45ea1bdb340fcb858a0fc733e91ca0a0d99638652f6dcabd0",
+      "env_override": null,
+      "cmd_override": null,
+      "env": {
+        "HOSTNAME": "secundus-initial-vm",
+        "PATH": "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+      },
+      "args": [
+        "/test/initial_workload",
+        "count-location",
+        "Seattle",
+        "gs://someone-secundus-bank-results-storage/seattle-result"
+      ]
+    },
+    "gce": {
+      "zone": "us-west1-b",
+      "project_id": "someone-secundus-bank",
+      "project_number": "600005144714",
+      "instance_name": "secundus-initial-vm",
+      "instance_id": "5180554646064952245"
+    }
+  },
+  "google_service_accounts": [
+    "run-confidential-vm@someone-secundus-bank.iam.gserviceaccount.com"
+  ]
+}

src/test/resources/com.uid2.shared/test/secure/gcpoidc/jwt_payload_policy_valid.json

@@ -0,0 +1,57 @@
+{
+  "aud": "https://sts.googleapis.com",
+  "exp": 1688132564,
+  "iat": 1688128964,
+  "iss": "https://confidentialcomputing.googleapis.com",
+  "nbf": 1688128964,
+  "sub": "https://www.googleapis.com/compute/v1/projects/someone-secundus-bank/zones/us-west1-b/instances/secundus-initial-vm",
+  "secboot": true,
+  "oemid": 11129,
+  "hwmodel": "GCP_AMD_SEV",
+  "swname": "CONFIDENTIAL_SPACE",
+  "swversion": [
+    "230600"
+  ],
+  "dbgstat": "disabled-since-boot",
+  "submods": {
+    "confidential_space": {
+      "support_attributes": [
+        "LATEST",
+        "STABLE",
+        "USABLE"
+      ]
+    },
+    "container": {
+      "image_reference": "us-docker.pkg.dev/someone-primus-bank/primus-workloads/initial-workload-container:latest",
+      "image_digest": "sha256:fedbd6eaf93394d5eb98d7e52d4cce17e0ea23f7fac1a6bd68e097ca85a4fffb",
+      "restart_policy": "Never",
+      "image_id": "sha256:5be33a19451733a45ea1bdb340fcb858a0fc733e91ca0a0d99638652f6dcabd0",
+      "env_override": {
+        "DEPLOYMENT_ENVIRONMENT": "prod",
+        "IDENTITY_SCOPE": "uid2",
+        "API_TOKEN": "dummy"
+      },
+      "cmd_override": null,
+      "env": {
+        "HOSTNAME": "secundus-initial-vm",
+        "PATH": "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+      },
+      "args": [
+        "/test/initial_workload",
+        "count-location",
+        "Seattle",
+        "gs://someone-secundus-bank-results-storage/seattle-result"
+      ]
+    },
+    "gce": {
+      "zone": "us-west1-b",
+      "project_id": "someone-secundus-bank",
+      "project_number": "600005144714",
+      "instance_name": "secundus-initial-vm",
+      "instance_id": "5180554646064952245"
+    }
+  },
+  "google_service_accounts": [
+    "run-confidential-vm@someone-secundus-bank.iam.gserviceaccount.com"
+  ]
+}