fortress-api-server 1.0.1

REST API server for Fortress secure database system
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159

use fortress_server::grpc::{GrpcServer, FortressGrpcService};
use fortress_core::encryption::EncryptionManager;
use fortress_server::grpc::fortress::{
    fortress_service_client::FortressServiceClient,
    CreateDatabaseRequest, DatabaseConfig, EncryptRequest, DecryptRequest,
    HealthCheckRequest,
};
use std::sync::Arc;
use tokio::time::{timeout, Duration};
use tonic::transport::Channel;
use tonic::Request;

async fn setup_test_server() -> (String, FortressGrpcService) {
    let encryption_manager = Arc::new(EncryptionManager::default());
    let service = FortressGrpcService::new(encryption_manager);
    
    // Start server on a random port
    let server = GrpcServer::new("127.0.0.1:0".parse().unwrap(), Arc::new(service.clone()));
    let addr = server.start().await.unwrap();
    
    (format!("http://{}", addr), service)
}

async fn create_client(addr: &str) -> FortressServiceClient<Channel> {
    FortressServiceClient::connect(addr.to_string()).await.unwrap()
}

#[tokio::test]
async fn test_health_check() {
    let (addr, _) = setup_test_server().await;
    let mut client = create_client(&addr).await;

    let request = Request::new(HealthCheckRequest {});
    let response = client.health_check(request).await;

    assert!(response.is_ok());
    let health_response = response.unwrap().into_inner();
    assert_eq!(health_response.status, 1); // Healthy
    assert_eq!(health_response.version, "0.1.0");
}

#[tokio::test]
async fn test_create_database() {
    let (addr, _) = setup_test_server().await;
    let mut client = create_client(&addr).await;

    let request = Request::new(CreateDatabaseRequest {
        name: "test-db".to_string(),
        description: "Test database".to_string(),
        config: Some(DatabaseConfig {
            encryption_algorithm: "aes-256-gcm".to_string(),
            key_rotation_interval_days: 30,
            enable_audit_logging: true,
            custom_settings: std::collections::HashMap::new(),
        }),
    });

    let response = client.create_database(request).await;
    assert!(response.is_ok());
    
    let db_response = response.unwrap().into_inner();
    let database = db_response.database.unwrap();
    assert_eq!(database.name, "test-db");
    assert_eq!(database.description, "Test database");
    assert!(!database.id.is_empty());
}

#[tokio::test]
async fn test_encrypt_decrypt_data() {
    let (addr, _) = setup_test_server().await;
    let mut client = create_client(&addr).await;

    let database_id = "test-db-id".to_string();
    let plaintext = b"Hello, gRPC World!".to_vec();

    // Test encryption
    let encrypt_request = Request::new(EncryptRequest {
        database_id: database_id.clone(),
        plaintext: plaintext.clone(),
        key_id: "".to_string(),
        metadata: std::collections::HashMap::new(),
    });

    let encrypt_response = client.encrypt_data(encrypt_request).await;
    assert!(encrypt_response.is_ok());
    
    let encrypt_result = encrypt_response.unwrap().into_inner();
    let ciphertext = encrypt_result.ciphertext;
    let key_id = encrypt_result.key_id;
    assert!(!ciphertext.is_empty());
    assert!(!key_id.is_empty());

    // Test decryption
    let decrypt_request = Request::new(DecryptRequest {
        database_id,
        ciphertext,
        key_id,
    });

    let decrypt_response = client.decrypt_data(decrypt_request).await;
    assert!(decrypt_response.is_ok());
    
    let decrypt_result = decrypt_response.unwrap().into_inner();
    let decrypted_plaintext = decrypt_result.plaintext;
    assert_eq!(decrypted_plaintext, plaintext);
}

#[tokio::test]
async fn test_batch_operations_timeout() {
    let (addr, _) = setup_test_server().await;
    let mut client = create_client(&addr).await;

    // Test that batch operations don't hang indefinitely
    let result = timeout(
        Duration::from_secs(5),
        async {
            let _stream = client.batch_encrypt(Request::new(
                tokio_stream::empty()
            )).await;
        }
    ).await;

    assert!(result.is_ok(), "Batch operation should complete or timeout within 5 seconds");
}

#[tokio::test]
async fn test_error_handling() {
    let (addr, _) = setup_test_server().await;
    let mut client = create_client(&addr).await;

    // Test getting non-existent database
    let request = Request::new(fortress_server::grpc::fortress::GetDatabaseRequest {
        database_id: "non-existent".to_string(),
    });

    let response = client.get_database(request).await;
    assert!(response.is_err());
    
    let status = response.unwrap_err();
    assert_eq!(status.code(), tonic::Code::NotFound);
}

#[tokio::test]
async fn test_metrics_endpoint() {
    let (addr, _) = setup_test_server().await;
    let mut client = create_client(&addr).await;

    let request = Request::new(fortress_server::grpc::fortress::MetricsRequest {});
    let response = client.get_metrics(request).await;

    assert!(response.is_ok());
    
    let metrics_response = response.unwrap().into_inner();
    assert!(metrics_response.timestamp.is_some());
    // Metrics should be empty initially but structure should be valid
    assert!(metrics_response.counters.is_empty());
    assert!(metrics_response.gauges.is_empty());
    assert!(metrics_response.histograms.is_empty());
}