MQE-1070: Hide Sensitive Creds in Allure Report

- CR/QA review feedback
- Fix merge conflicts

Author: imeron2433

dev/tests/unit/Magento/FunctionalTestFramework/DataGenerator/Handlers/CredentialStoreTest.php

@@ -0,0 +1,38 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace tests\unit\Magento\FunctionalTestFramework\DataGenerator\Handlers;
+
+use Magento\FunctionalTestingFramework\DataGenerator\Handlers\CredentialStore;
+use Magento\FunctionalTestingFramework\Util\MagentoTestCase;
+use AspectMock\Test as AspectMock;
+
+class CredentialStoreTest extends MagentoTestCase
+{
+
+    /**
+     * Test basic encryption/decryption functionality in CredentialStore class.
+     */
+    public function testBasicEncryptDecrypt()
+    {
+        $testKey = 'myKey';
+        $testValue = 'myValue';
+
+        AspectMock::double(CredentialStore::class, [
+            'readInCredentialsFile' => ["$testKey=$testValue"]
+        ]);
+
+        $encryptedCred = CredentialStore::getInstance()->getSecret($testKey);
+
+        // assert the value we've gotten is in fact not identical to our test value
+        $this->assertNotEquals($testValue, $encryptedCred);
+
+        $actualValue = CredentialStore::getInstance()->decryptSecretValue($encryptedCred);
+
+        // assert that we are able to successfully decrypt our secret value
+        $this->assertEquals($testValue, $actualValue);
+    }
+}

src/Magento/FunctionalTestingFramework/Config/Reader/MftfFilesystem.php

@@ -48,7 +48,9 @@ public function readFiles($fileList)
             }
         }
         $exceptionCollector->throwException();
-        $this->validateSchema($configMerger, $fileList->getFilename());
+        if ($fileList->valid()) {
+            $this->validateSchema($configMerger, $fileList->getFilename());
+        }
 
         $output = [];
         if ($configMerger) {

src/Magento/FunctionalTestingFramework/DataGenerator/Handlers/CredentialStore.php

@@ -13,6 +13,8 @@
 
 class CredentialStore
 {
+    const ENCRYPTION_ALGO = "AES-256-CBC";
+
     /**
      * Singleton instance
      *
@@ -27,6 +29,13 @@ class CredentialStore
      */
     private $iv = null;
 
+    /**
+     * Key for open_ssl encryption/decryption
+     *
+     * @var string
+     */
+    private $encodedKey = null;
+
     /**
      * Key/Value paris of credential names and their corresponding values
      *
@@ -53,8 +62,10 @@ public static function getInstance()
      */
     private function __construct()
     {
-        $this->readInCredentialsFile();
-        $this->encryptionKey = openssl_random_pseudo_bytes(16);
+        $this->encodedKey = base64_encode(openssl_random_pseudo_bytes(16));
+        $this->iv = substr(hash('sha256', $this->encodedKey), 0, 16);
+        $creds = $this->readInCredentialsFile();
+        $this->credentials = $this->encryptCredFileContents($creds);
     }
 
     /**
@@ -85,7 +96,7 @@ public function getSecret($key)
     /**
      * Private function which reads in secret key/values from .credentials file and stores in memory as key/value pair.
      *
-     * @return void
+     * @return array
      * @throws TestFrameworkException
      */
     private function readInCredentialsFile()
@@ -103,17 +114,36 @@ private function readInCredentialsFile()
             );
         }
 
-        $credContents = file($credsFilePath, FILE_IGNORE_NEW_LINES);
+        return file($credsFilePath, FILE_IGNORE_NEW_LINES);
+    }
+
+    /**
+     * Function which takes the contents of the credentials file and encrypts the entries.
+     *
+     * @param array $credContents
+     * @return array
+     */
+    private function encryptCredFileContents($credContents)
+    {
+        $encryptedCreds = [];
         foreach ($credContents as $credValue) {
             if (substr($credValue, 0, 1) === '#' || empty($credValue)) {
                 continue;
             }
 
             list($key, $value) = explode("=", $credValue);
             if (!empty($value)) {
-                $this->credentials[$key] = openssl_encrypt($value, "AES-128-ECB", 0, $this->iv);
+                $encryptedCreds[$key] = openssl_encrypt(
+                    $value,
+                    self::ENCRYPTION_ALGO,
+                    $this->encodedKey,
+                    0,
+                    $this->iv
+                );
             }
         }
+
+        return $encryptedCreds;
     }
 
     /**
@@ -124,6 +154,6 @@ private function readInCredentialsFile()
      */
     public function decryptSecretValue($value)
     {
-        return openssl_decrypt($value, "AES-128-ECB", 0, $this->iv);
+        return openssl_decrypt($value, self::ENCRYPTION_ALGO, $this->encodedKey, 0, $this->iv);
     }
 }

src/Magento/FunctionalTestingFramework/Module/MagentoWebDriver.php

@@ -56,8 +56,6 @@ class MagentoWebDriver extends WebDriver
         '//div[@data-role="spinner"]'
     ];
 
-    const STEP_OBJ_BACKTRACE_POS = 2;
-
     /**
      * The module required fields, to be set in the suite .yml configuration file.
      *
@@ -594,8 +592,12 @@ public function dragAndDrop($source, $target, $xOffset = null, $yOffset = null)
     }
 
     /**
-     * @param $field
-     * @param $value
+     * Function used to fill sensitive crednetials with user data, data is decrypted immediately prior to fill to avoid
+     * exposure in console or log.
+     *
+     * @param string $field
+     * @param string $value
+     * @return void
      */
     public function fillSecretField($field, $value)
     {

src/Magento/FunctionalTestingFramework/Test/Util/ActionMergeUtil.php

@@ -126,7 +126,7 @@ private function resolveSecretFieldAccess($resolvedActions)
      * Returns a boolean based on whether or not the action attributes contain a reference to a secret field.
      *
      * @param array $actionAttributes
-     * @return bool
+     * @return boolean
      */
     private function actionAttributeContainsSecretRef($actionAttributes)
     {

src/Magento/FunctionalTestingFramework/Test/Util/ActionObjectExtractor.php

@@ -141,7 +141,7 @@ private function processLinkedActions($actionName, $actionData)
      * defined in the action group xml.
      *
      * @param string $actionType
-     * @param array $actionAttributeData
+     * @param array  $actionAttributeData
      * @return array
      */
     private function processActionGroupArgs($actionType, $actionAttributeData)

src/Magento/FunctionalTestingFramework/Util/Iterator/File.php

@@ -37,10 +37,6 @@ public function __construct(array $paths)
      */
     public function getFilename()
     {
-        if ($this->current == null) {
-            return null;
-        }
-
         return $this->data[$this->key()];
     }