vulnerability fixing

9879c6bb · Jozsef Barcza · 25c7357d · 9879c6bb · 9879c6bb
Commit 9879c6bb authored 4 months ago by Jozsef Barcza
--- a/build.sbt
+++ b/build.sbt
@@ -18,13 +18,13 @@ coverageFailOnMinimum := true
 //scalacOptions --= Seq("-Ywarn-dead-code")

 val azureDeps = Seq(
-  "org.opengroup.osdu.production" %% "pddms-messaging-connector-interface-lib-azure" % "0.3.0-test-7",
+  "org.opengroup.osdu.production" %% "pddms-messaging-connector-interface-lib-azure" % "0.3.0-test-8",
  "org.opengroup.osdu.production" %% "pddms-security-commons-lib-azure" % "0.3.0-test-5",
  //"org.opengroup.osdu.production" %% "pddms-messaging-connector-interface-lib" % "0.3.0-test-1",
 )

 val gcpDeps = Seq(
-  "org.opengroup.osdu.production" %% "pddms-messaging-connector-interface-lib-gc" % "0.3.0-test-7",
+  "org.opengroup.osdu.production" %% "pddms-messaging-connector-interface-lib-gc" % "0.3.0-test-8",
  "org.opengroup.osdu.production" %% "pddms-security-commons-lib-gc" % "0.3.0-test-5",
  //"org.opengroup.osdu.production" %% "pddms-messaging-connector-interface-lib" % "0.3.0-test-1",
 )
@@ -68,12 +68,12 @@ lazy val core =
        //commonsCodec,
        //"org.opengroup.osdu.production" %% "pddms-messaging-connector-interface-lib-azure" % "0.3.0-test",
        //"org.opengroup.osdu.production" %% "pddms-messaging-connector-interface-lib" % "0.3.0-test",
-        "com.google.protobuf" % "protobuf-java" % "3.24.4" % "protobuf",
+        "com.google.protobuf" % "protobuf-java" % "3.25.5" % "protobuf",
        //"org.opengroup.osdu.production" %% "pddms-security-commons-lib" % "0.3.0-test-1",
        //Newly added
        //"org.json4s" %% "json4s-jackson" % "3.6.5",
        //"org.json4s" %% "json4s-ext" % "3.6.5",
-        "org.opengroup.osdu.production" %% "pddms-integration-lib" % "0.2.0-test-1",
+        "org.opengroup.osdu.production" %% "pddms-integration-lib" % "0.2.0-test-3",
        "org.scala-lang" %% "scala3-staging" % scalaVer,
        "org.opengroup.osdu.production" %% "pddms-observability-lib" % "0.0.20",
        //"com.google.protobuf" % "protobuf-java" % "3.13.0" % "protobuf"

--- a/src/main/scala/org/opengroup/osdu/production/util/VersionInfo.scala
+++ b/src/main/scala/org/opengroup/osdu/production/util/VersionInfo.scala
 package org.opengroup.osdu.production.util

-import com.fasterxml.jackson.databind.ObjectMapper
+import com.github.pjfanning.pekkohttpjson4s.Json4sSupport
+import org.apache.pekko.actor.ActorSystem
+import org.apache.pekko.http.scaladsl.Http
+import org.apache.pekko.http.scaladsl.model.headers.{Authorization, OAuth2BearerToken, RawHeader}
+import org.apache.pekko.http.scaladsl.model.{HttpHeader, HttpMethods, HttpRequest, HttpResponse}
+import org.apache.pekko.http.scaladsl.unmarshalling.Unmarshal
+import org.json4s.{Formats, Serialization}
 import org.opengroup.osdu.production.common.CorrelationIdDirective.CorrelationIdHeader
 import org.slf4j.MDC
-import org.springframework.http.{HttpHeaders, MediaType, RequestEntity}
-import org.springframework.web.client.RestTemplate

 import java.net.URI
+import java.util.concurrent.TimeUnit
 import scala.collection.mutable
+import scala.concurrent.Await
+import scala.concurrent.duration.Duration

-object VersionInfo extends Serializable {
+object VersionInfo extends Serializable with Json4sSupport {
  case class ConnectedOuterService(name: String, version: String)

+  given serialization: Serialization = org.json4s.native.Serialization
+
+  given json4sFormats: Formats = org.json4s.DefaultFormats
+
+
  private val groupId: String = BuildInfo.groupId
  private val artifactId: String = BuildInfo.name
  private val version: String = BuildInfo.version
@@ -29,7 +41,7 @@ object VersionInfo extends Serializable {

  private val defaultConnectedOuterServiceVersion = "N/A"

-  def getVersionInfo(bearerToken: String): mutable.LinkedHashMap[String, Object] = {
+  def getVersionInfo(bearerToken: String)(using as: ActorSystem): mutable.LinkedHashMap[String, Object] = {
    val connectedOuterServices: List[ConnectedOuterService] = List(
      ConnectedOuterService("OSDU Core Entitlement service", getServiceVersion("https://" + entitlementBaseUrl + "/api/entitlements/v2/info", bearerToken)),
      ConnectedOuterService("OSDU Core Storage service", getServiceVersion("https://" + entitlementBaseUrl + "/api/entitlements/v2/info", bearerToken)),
@@ -56,20 +68,40 @@ object VersionInfo extends Serializable {
      "version" -> version)
  }

-  private def getServiceVersion(url: String, token: String) = {
-    val restTemplate = new RestTemplate()
-    try {
-      val headers = new HttpHeaders()
-      headers.setContentType(MediaType.APPLICATION_JSON)
-      val correlationId = MDC.get("correlationId")
-      headers.setBearerAuth(token)
-      headers.add("data-partition-id", "opendes")
-      headers.add(CorrelationIdHeader, correlationId)
-      val versionInfo = restTemplate.exchange(RequestEntity.get(new URI(url)).headers(headers).build, classOf[String]).getBody
-      new ObjectMapper().readTree(versionInfo).get("version").asText
-    } catch {
-      case _: Exception =>
-        defaultConnectedOuterServiceVersion
-    }
+  case class VersionInfoShort(groupId: String, artifactId: String, version: String)
+
+  private def getServiceVersion(url: String, tokenString: String)(using as: ActorSystem) = {
+    val correlationId = MDC.get("correlationId")
+    val contentTypeHeader = RawHeader("Content-Type", "application/json")
+    val token = if tokenString.startsWith("Bearer ") then tokenString.substring(7) else tokenString
+    val authHeader: HttpHeader = Authorization(OAuth2BearerToken(token))
+    val correlationIdHeader: HttpHeader = RawHeader(CorrelationIdHeader, correlationId)
+    val headers = Seq(contentTypeHeader, authHeader, correlationIdHeader)
+
+    val versionInfoResponse: HttpResponse = Await.result(Http().singleRequest(HttpRequest(HttpMethods.GET, url, headers)), Duration(5, TimeUnit.SECONDS))
+
+    val versionInfoParsed = Await.result(Unmarshal(versionInfoResponse).to[VersionInfoShort], Duration(5, TimeUnit.SECONDS))
+    versionInfoParsed.version
+
+
+    /*
+        val restTemplate = new RestTemplate
+        try {
+          val headers = new HttpHeaders
+          val correlationId = MDC.get("correlationId")
+          headers.setContentType(MediaType.APPLICATION_JSON)
+          headers.setBearerAuth(if (token.startsWith("Bearer ")) token.substring(7) else token)
+          headers.add(CorrelationIdHeader, correlationId)
+          val versionInfo = restTemplate.exchange(RequestEntity.get(new URI(url)).headers(headers).build, classOf[String]).getBody
+          new ObjectMapper().readTree(versionInfo).get("version").asText
+        } catch {
+          case _: Exception =>
+            defaultConnectedOuterServiceVersion
+        }
+
+
+     */
  }
+
+
 }