Commit a4cd7b2c authored by Sacha Brants's avatar Sacha Brants
Browse files

Merge branch 'slb/vm/convert-subid-to-email' into 'master'

feat: enable subid to email conversion

See merge request !214
parents 9918bdf7 19919ebe
Pipeline #67824 failed with stages
in 14 minutes and 47 seconds
......@@ -941,5 +941,3 @@ The following software have components provided under the terms of this license:
- json-schema (from https://www.npmjs.com/package/json-schema)
- querystring (from https://www.npmjs.com/package/querystring)
- sax (from https://www.npmjs.com/package/sax)
......@@ -179,6 +179,14 @@ paths:
name: seismicmeta
required: false
type: boolean
- description: 'If the dataset creator value is a subid, then enable conversion of it to email'
name: subid-to-email
in: query
type: boolean
default: true
enum:
- true
- false
responses:
200:
description: "Metadata of the dataset."
......@@ -1150,6 +1158,14 @@ paths:
name: tenantid
required: true
type: string
- description: 'Convert subid value of subproject admin to email'
name: subid-to-email
in: query
type: boolean
default: true
enum:
- true
- false
responses:
200:
description: "Retrieved subproject metadata successfully."
......
......@@ -189,6 +189,14 @@ paths:
name: seismicmeta
required: false
type: boolean
- description: 'If the dataset creator value is a subid, then enable conversion of it to email'
name: subid-to-email
default: true
in: query
type: boolean
enum:
- true
- false
responses:
200:
description: "Metadata of the dataset"
......@@ -1154,6 +1162,14 @@ paths:
required: true
type: string
default: common
- description: 'Convert subid value of subproject admin to email'
name: subid-to-email
default: true
in: query
type: boolean
enum:
- true
- false
responses:
200:
description: "Retrieved subproject metadata successfully"
......
......@@ -146,4 +146,4 @@
"path": "./app/sdms/node_modules/cz-conventional-changelog"
}
}
}
\ No newline at end of file
}
......@@ -15,7 +15,6 @@
// ============================================================================
import { createHash } from 'crypto';
import { Config } from '../cloud';
import { DESCompliance, DESUtils } from '../dataecosystem';
import { ImpersonationTokenContextModel, ImpersonationTokenModel } from '../services/impersonation_token/model';
......@@ -42,7 +41,7 @@ export class AuthProviderFactoryBuilder {
};
}
public static build(providerLabel: string, referenceAbstraction: any, args: { [key: string]: any } = {}) {
public static build(providerLabel: string, referenceAbstraction: any, args: { [key: string]: any; } = {}) {
if (providerLabel === undefined || providerLabel === 'unknown') {
throw (Error.make(Error.Status.UNKNOWN,
`Unrecognized auth provider: ${providerLabel}`));
......@@ -56,7 +55,7 @@ export class AuthProviderFactoryBuilder {
`The auth provider builder that extend ${referenceAbstraction} has not been found`));
}
private static providers: { [key: string]: any[] } = {};
private static providers: { [key: string]: any[]; } = {};
}
......@@ -104,7 +103,7 @@ export class Auth {
esd: string, appkey: string, mustThrow = true): Promise<boolean> {
if (!this._cache) {
this._cache = new Cache<boolean>('auth')
this._cache = new Cache<boolean>('auth');
}
const cacheKey = (
......
......@@ -20,7 +20,6 @@ import { AbstractAuthProvider, AuthProviderFactory } from '../../auth';
@AuthProviderFactory.register('generic')
export class GenericAuthProvider extends AbstractAuthProvider {
public async generateAuthCredential(): Promise<any> {
throw (Error.make(Error.Status.NOT_IMPLEMENTED,
'The required feature is not supported, the credential auth provider has not been found.'));
......
......@@ -63,6 +63,9 @@ export interface ConfigModel {
FEATURE_FLAG_TRACE: boolean;
FEATURE_FLAG_LOGGING: boolean;
FEATURE_FLAG_STACKDRIVER_EXPORTER: boolean;
FEATURE_FLAG_CCM_INTERACTION: boolean;
CCM_SERVICE_URL: string;
CCM_TOKEN_SCOPE: string;
}
export abstract class Config implements IConfig {
......@@ -89,7 +92,7 @@ export abstract class Config implements IConfig {
public static DATASETS_KIND = 'datasets';
public static SEISMICMETA_KIND = 'seismicmeta';
public static APPS_KIND = 'apps';
public static IMPERSONATION_TOKEN_SIGNATURE_KIND = 'imptoken_signatures'
public static IMPERSONATION_TOKEN_SIGNATURE_KIND = 'imptoken_signatures';
// Listing modes
public static LS_MODE = { ALL: 'all', DATASETS: 'datasets', DIRS: 'dirs' };
......@@ -137,6 +140,7 @@ export abstract class Config implements IConfig {
public static FEATURE_FLAG_TRACE = true;
public static FEATURE_FLAG_LOGGING = true;
public static FEATURE_FLAG_STACKDRIVER_EXPORTER = true;
public static FEATURE_FLAG_CCM_INTERACTION = undefined;
// DataGroups prefix
public static DATAGROUPS_PREFIX = 'data.sdms';
......@@ -185,6 +189,10 @@ export abstract class Config implements IConfig {
public static ENABLE_DE_TOKEN_EXCHANGE = false;
public static DES_TARGET_AUDIENCE = undefined;
// CCM service url and token scope
public static CCM_SERVICE_URL = undefined;
public static CCM_TOKEN_SCOPE = undefined;
public static setCloudProvider(cloudProvider: string) {
Config.CLOUDPROVIDER = cloudProvider;
if (Config.CLOUDPROVIDER === undefined) {
......@@ -222,6 +230,7 @@ export abstract class Config implements IConfig {
Config.FEATURE_FLAG_TRACE = model.FEATURE_FLAG_TRACE;
Config.FEATURE_FLAG_LOGGING = model.FEATURE_FLAG_LOGGING;
Config.FEATURE_FLAG_STACKDRIVER_EXPORTER = model.FEATURE_FLAG_STACKDRIVER_EXPORTER;
Config.FEATURE_FLAG_CCM_INTERACTION = model.FEATURE_FLAG_CCM_INTERACTION;
Config.DES_SERVICE_HOST_ENTITLEMENT = model.DES_SERVICE_HOST_ENTITLEMENT;
Config.DES_SERVICE_HOST_COMPLIANCE = model.DES_SERVICE_HOST_COMPLIANCE;
......@@ -265,6 +274,14 @@ export abstract class Config implements IConfig {
Config.checkRequiredConfig(Config.DES_ENTITLEMENT_DELETE_ENDPOINT_PATH, 'DES_ENTITLEMENT_DELETE_ENDPOINT_PATH');
Config.checkRequiredConfig(Config.DES_SERVICE_APPKEY, 'DES_SERVICE_APPKEY');
// CCM interaction
if (Config.FEATURE_FLAG_CCM_INTERACTION) {
Config.CCM_SERVICE_URL = model.CCM_SERVICE_URL;
Config.CCM_TOKEN_SCOPE = model.CCM_TOKEN_SCOPE;
Config.checkRequiredConfig(Config.CCM_SERVICE_URL, 'CCM_SERVICE_URL');
Config.checkRequiredConfig(Config.CCM_TOKEN_SCOPE, 'CCM_TOKEN_SCOPE');
}
// JWT validation
if (Config.JWT_ENABLE_FEATURE) {
Config.checkRequiredConfig(Config.JWKS_URL, 'JWKS_URL');
......@@ -296,4 +313,4 @@ export class ConfigFactory extends CloudFactory {
}
// Set the Utest flag correctly as soon as the config class get loaded
Config.UTEST = process.env.UTEST;
Config.UTEST = process.env.UTEST;
\ No newline at end of file
......@@ -38,8 +38,9 @@ export interface IDataEcosystemCore {
getEntitlementBaseUrlPath(): string;
getComplianceBaseUrlPath(): string;
getStorageBaseUrlPath(): string;
getUserAssociationSvcBaseUrlPath(): string;
fixGroupMembersResponse(groupMembers: any): IDESEntitlementGroupMembersModel;
getUserAddBodyRequest(userEmail: string, role: string): {email: string, role: string} | string[];
getUserAddBodyRequest(userEmail: string, role: string): { email: string, role: string; } | string[];
tenantNameAndDataPartitionIDShouldMatch(): boolean;
}
......@@ -49,13 +50,14 @@ export abstract class AbstractDataEcosystemCore implements IDataEcosystemCore {
public abstract getEntitlementBaseUrlPath(): string;
public abstract getComplianceBaseUrlPath(): string;
public abstract getStorageBaseUrlPath(): string;
public abstract getUserAssociationSvcBaseUrlPath(): string;
public abstract fixGroupMembersResponse(groupMembers: any): IDESEntitlementGroupMembersModel;
public abstract getUserAddBodyRequest(userEmail: string, role: string): {email: string, role: string} | string[];
public abstract getUserAddBodyRequest(userEmail: string, role: string): { email: string, role: string; } | string[];
public abstract tenantNameAndDataPartitionIDShouldMatch(): boolean;
}
export class DataEcosystemCoreFactory extends CloudFactory {
public static build(providerLabel: string, args: { [key: string]: any } = {}): IDataEcosystemCore {
public static build(providerLabel: string, args: { [key: string]: any; } = {}): IDataEcosystemCore {
return CloudFactory.build(providerLabel, AbstractDataEcosystemCore, args) as IDataEcosystemCore;
}
}
......@@ -13,7 +13,7 @@
// limitations under the License.
import { Config, ConfigFactory } from '../../config';
import {AWSSSMhelper} from './ssmhelper';
import { AWSSSMhelper } from './ssmhelper';
@ConfigFactory.register('aws')
export class AWSConfig extends Config {
// scopes
......@@ -36,7 +36,7 @@ export class AWSConfig extends Config {
AWSConfig.AWS_ENVIRONMENT = process.env.ENVIRONMENT;
const awsSSMHelper = new AWSSSMhelper();
AWSConfig.AWS_BUCKET = await awsSSMHelper.getSSMParameter('/osdu/'+AWSConfig.AWS_ENVIRONMENT+'/seismic-store/seismic-s3-bucket-name');
AWSConfig.AWS_BUCKET = await awsSSMHelper.getSSMParameter('/osdu/' + AWSConfig.AWS_ENVIRONMENT + '/seismic-store/seismic-s3-bucket-name');
// Logger
AWSConfig.LOGGER_LEVEL = process.env.LOGGER_LEVEL || 'info';
......@@ -45,10 +45,10 @@ export class AWSConfig extends Config {
SERVICE_ENV: process.env.SERVICE_ENV,
SERVICE_PORT: +process.env.PORT || 5000,
API_BASE_PATH: process.env.API_BASE_PATH,
IMP_SERVICE_ACCOUNT_SIGNER: process.env.IMP_SERVICE_ACCOUNT_SIGNER||'',
IMP_SERVICE_ACCOUNT_SIGNER: process.env.IMP_SERVICE_ACCOUNT_SIGNER || '',
LOCKSMAP_REDIS_INSTANCE_ADDRESS: process.env.LOCKSMAP_REDIS_INSTANCE_ADDRESS,
LOCKSMAP_REDIS_INSTANCE_PORT: +process.env.LOCKSMAP_REDIS_INSTANCE_PORT,
LOCKSMAP_REDIS_INSTANCE_KEY: process.env.LOCKSMAP_REDIS_INSTANCE_KEY||'',
LOCKSMAP_REDIS_INSTANCE_KEY: process.env.LOCKSMAP_REDIS_INSTANCE_KEY || '',
DES_REDIS_INSTANCE_ADDRESS: process.env.DES_REDIS_INSTANCE_ADDRESS,
DES_REDIS_INSTANCE_PORT: +process.env.DES_REDIS_INSTANCE_PORT,
DES_REDIS_INSTANCE_KEY: process.env.DES_REDIS_INSTANCE_KEY,
......@@ -56,11 +56,11 @@ export class AWSConfig extends Config {
DES_SERVICE_HOST_ENTITLEMENT: process.env.ENTITLEMENTS_BASE_URL,
DES_SERVICE_HOST_STORAGE: process.env.STORAGE_BASE_URL,
DES_SERVICE_HOST_PARTITION: process.env.PARTITION_BASE_URL,
DES_SERVICE_APPKEY: process.env.DES_SERVICE_APPKEY||'',
DES_SERVICE_APPKEY: process.env.DES_SERVICE_APPKEY || '',
DES_GROUP_CHAR_LIMIT: AWSConfig.DES_GROUP_CHAR_LIMIT,
JWKS_URL: process.env.JWKS_URL,
JWT_EXCLUDE_PATHS: process.env.JWT_EXCLUDE_PATHS||'',
JWT_AUDIENCE: process.env.JWT_AUDIENCE||'',
JWT_EXCLUDE_PATHS: process.env.JWT_EXCLUDE_PATHS || '',
JWT_AUDIENCE: process.env.JWT_AUDIENCE || '',
JWT_ENABLE_FEATURE: process.env.JWT_ENABLE_FEATURE ? process.env.JWT_ENABLE_FEATURE === 'true' : false,
TENANT_JOURNAL_ON_DATA_PARTITION: true,
SSL_ENABLED: process.env.SSL_ENABLED === 'true',
......@@ -81,7 +81,11 @@ export class AWSConfig extends Config {
FEATURE_FLAG_LOGGING: process.env.FEATURE_FLAG_LOGGING !== undefined ?
process.env.FEATURE_FLAG_LOGGING !== 'false' : true,
FEATURE_FLAG_STACKDRIVER_EXPORTER: process.env.FEATURE_FLAG_STACKDRIVER_EXPORTER !== undefined ?
process.env.FEATURE_FLAG_STACKDRIVER_EXPORTER !== 'false' : true
process.env.FEATURE_FLAG_STACKDRIVER_EXPORTER !== 'false' : true,
FEATURE_FLAG_CCM_INTERACTION: process.env.FEATURE_FLAG_CCM_INTERACTION ?
process.env.FEATURE_FLAG_CCM_INTERACTION === 'true' : false,
CCM_SERVICE_URL: process.env.CCM_SERVICE_URL || '',
CCM_TOKEN_SCOPE: process.env.CCM_TOKEN_SCOPE || ''
});
}
......
......@@ -15,15 +15,17 @@
import {
AbstractDataEcosystemCore,
DataEcosystemCoreFactory,
IDESEntitlementGroupMembersModel } from '../../dataecosystem';
import { AWSCredentials } from './credentials';
IDESEntitlementGroupMembersModel
} from '../../dataecosystem';
@DataEcosystemCoreFactory.register('aws')
export class AWSDataEcosystemServices extends AbstractDataEcosystemCore {
public getDataPartitionIDRestHeaderName(): string { return 'data-partition-id'; }
public getEntitlementBaseUrlPath(): string { return '/api/entitlements/v2'; };
public getComplianceBaseUrlPath(): string { return '/api/legal/v1'; };
public getStorageBaseUrlPath(): string { return '/api/storage/v2'; };
public getUserAssociationSvcBaseUrlPath(): string { return 'userAssociation/v1'; }
public async getAuthorizationHeader(userToken: string): Promise<string> {
return userToken.startsWith('Bearer') ? userToken : 'Bearer ' + userToken;
......@@ -33,8 +35,8 @@ export class AWSDataEcosystemServices extends AbstractDataEcosystemCore {
return groupMembers as IDESEntitlementGroupMembersModel;
}
public getUserAddBodyRequest(userEmail: string, role: string): {email: string, role: string} | string[] {
return { email: userEmail, role }
public getUserAddBodyRequest(userEmail: string, role: string): { email: string, role: string; } | string[] {
return { email: userEmail, role };
}
public tenantNameAndDataPartitionIDShouldMatch() {
......
......@@ -58,6 +58,8 @@ export class AzureConfig extends Config {
AzureConfig.DES_SERVICE_HOST_PARTITION = process.env.DES_SERVICE_HOST;
AzureConfig.DES_ENTITLEMENT_DELETE_ENDPOINT_PATH = process.env.DES_ENTITLEMENT_DELETE_ENDPOINT_PATH;
AzureConfig.DES_SERVICE_APPKEY = 'undefined';
AzureConfig.CCM_SERVICE_URL = process.env.CCM_SERVICE_URL;
AzureConfig.CCM_TOKEN_SCOPE = process.env.CCM_TOKEN_SCOPE;
Config.checkRequiredConfig(AzureConfig.DES_SERVICE_HOST_COMPLIANCE, 'DES_SERVICE_HOST');
Config.checkRequiredConfig(AzureConfig.DES_SERVICE_HOST_ENTITLEMENT, 'DES_SERVICE_HOST');
Config.checkRequiredConfig(AzureConfig.DES_SERVICE_HOST_STORAGE, 'DES_SERVICE_HOST');
......@@ -126,6 +128,10 @@ export class AzureConfig extends Config {
process.env.FEATURE_FLAG_LOGGING !== 'false' : true,
FEATURE_FLAG_STACKDRIVER_EXPORTER: process.env.FEATURE_FLAG_STACKDRIVER_EXPORTER !== undefined ?
process.env.FEATURE_FLAG_STACKDRIVER_EXPORTER !== 'false' : true,
FEATURE_FLAG_CCM_INTERACTION: process.env.FEATURE_FLAG_CCM_INTERACTION ?
process.env.FEATURE_FLAG_CCM_INTERACTION === 'true' : false,
CCM_SERVICE_URL: AzureConfig.CCM_SERVICE_URL,
CCM_TOKEN_SCOPE: AzureConfig.CCM_TOKEN_SCOPE
});
// initialize app insight
......
......@@ -14,25 +14,25 @@
// limitations under the License.
// ============================================================================
import request from 'request-promise';
import { Cache, Error } from '../../../shared';
import {
AbstractDataEcosystemCore,
DataEcosystemCoreFactory,
IDESEntitlementGroupMembersModel
} from '../../dataecosystem';
import { AzureCredentials } from './credentials';
import { AzureConfig } from './config';
import { Error, Cache } from '../../../shared';
import { AzureCredentials } from './credentials';
import { Keyvault } from './keyvault';
import request from 'request-promise'
@DataEcosystemCoreFactory.register('azure')
export class AzureDataEcosystemServices extends AbstractDataEcosystemCore {
private static _storageConfigs: Cache<string>;
private static _cosmosConfigs: Cache<string>;
private static _storageConfigs: Cache<string>
private static _cosmosConfigs: Cache<string>
public getUserAssociationSvcBaseUrlPath(): string { return 'userAssociation/v1'; }
public getDataPartitionIDRestHeaderName(): string { return 'data-partition-id'; }
public getEntitlementBaseUrlPath(): string { return '/api/entitlements/v2'; };
public getComplianceBaseUrlPath(): string { return '/api/legal/v1'; };
......@@ -46,8 +46,8 @@ export class AzureDataEcosystemServices extends AbstractDataEcosystemCore {
return groupMembers as IDESEntitlementGroupMembersModel;
}
public getUserAddBodyRequest(userEmail: string, role: string): { email: string, role: string } | string[] {
return { email: userEmail, role }
public getUserAddBodyRequest(userEmail: string, role: string): { email: string, role: string; } | string[] {
return { email: userEmail, role };
}
public tenantNameAndDataPartitionIDShouldMatch() {
......@@ -75,15 +75,15 @@ export class AzureDataEcosystemServices extends AbstractDataEcosystemCore {
public static async getStorageAccountName(dataPartitionID: string): Promise<string> {
if (!this._storageConfigs) {
this._storageConfigs = new Cache<string>('storage')
this._storageConfigs = new Cache<string>('storage');
}
const res = await this._storageConfigs.get(dataPartitionID);
if (res !== undefined) { return res };
if (res !== undefined) { return res; };
const dataPartitionConfigurations = await AzureDataEcosystemServices.getPartitionConfiguration(dataPartitionID);
const storageConfigs = (dataPartitionConfigurations[Keyvault.DATA_PARTITION_STORAGE_ACCOUNT_NAME] as {
sensitive: boolean, value: string
sensitive: boolean, value: string;
});
if (storageConfigs.sensitive) {
storageConfigs.value = (await Keyvault.CreateSecretClient().getSecret(storageConfigs.value)).value;
......@@ -93,10 +93,10 @@ export class AzureDataEcosystemServices extends AbstractDataEcosystemCore {
}
public static async getCosmosConnectionParams(
dataPartitionID: string): Promise<{ endpoint: string, key: string }> {
dataPartitionID: string): Promise<{ endpoint: string, key: string; }> {
if (!this._cosmosConfigs) {
this._cosmosConfigs = new Cache<string>('cosmos')
this._cosmosConfigs = new Cache<string>('cosmos');
}
const res = await this._cosmosConfigs.get(dataPartitionID);
......@@ -105,7 +105,7 @@ export class AzureDataEcosystemServices extends AbstractDataEcosystemCore {
const dataPartitionConfigurations = await AzureDataEcosystemServices.getPartitionConfiguration(dataPartitionID);
const cosomsEndpointConfigs = (dataPartitionConfigurations[Keyvault.DATA_PARTITION_COSMOS_ENDPOINT] as {
sensitive: boolean, value: string
sensitive: boolean, value: string;
});
if (cosomsEndpointConfigs.sensitive) {
cosomsEndpointConfigs.value = (await Keyvault.CreateSecretClient().getSecret(
......@@ -113,7 +113,7 @@ export class AzureDataEcosystemServices extends AbstractDataEcosystemCore {
}
const cosomsKeyConfigs = (dataPartitionConfigurations[Keyvault.DATA_PARTITION_COSMOS_PRIMARY_KEY] as {
sensitive: boolean, value: string
sensitive: boolean, value: string;
});
if (cosomsKeyConfigs.sensitive) {
cosomsKeyConfigs.value = (await Keyvault.CreateSecretClient().getSecret(
......
......@@ -153,6 +153,10 @@ export class ConfigGoogle extends Config {
process.env.FEATURE_FLAG_LOGGING !== 'false' : true,
FEATURE_FLAG_STACKDRIVER_EXPORTER: process.env.FEATURE_FLAG_STACKDRIVER_EXPORTER !== undefined ?
process.env.FEATURE_FLAG_STACKDRIVER_EXPORTER !== 'false' : true,
FEATURE_FLAG_CCM_INTERACTION: process.env.FEATURE_FLAG_CCM_INTERACTION ?
process.env.FEATURE_FLAG_CCM_INTERACTION === 'true' : false,
CCM_SERVICE_URL: process.env.CCM_SERVICE_URL,
CCM_TOKEN_SCOPE: process.env.CCM_TOKEN_SCOPE
});
}
......
......@@ -17,16 +17,19 @@
import {
AbstractDataEcosystemCore,
DataEcosystemCoreFactory,
IDESEntitlementGroupMembersModel } from '../../dataecosystem';
IDESEntitlementGroupMembersModel
} from '../../dataecosystem';
import { ConfigGoogle } from './config';
import { Credentials } from './credentials';
@DataEcosystemCoreFactory.register('google')
export class GoogleDataEcosystemServices extends AbstractDataEcosystemCore {
public getDataPartitionIDRestHeaderName(): string { return ConfigGoogle.DATA_PARTITION_REST_HEADER_KEY; }
public getEntitlementBaseUrlPath(): string { return ConfigGoogle.ENTITLEMENT_BASE_URL_PATH };
public getEntitlementBaseUrlPath(): string { return ConfigGoogle.ENTITLEMENT_BASE_URL_PATH; };
public getComplianceBaseUrlPath(): string { return '/legal/v1'; };
public getStorageBaseUrlPath(): string { return '/storage/v2'; };
public getUserAssociationSvcBaseUrlPath(): string { return 'userAssociation/v1'; }
public async getAuthorizationHeader(userToken: string): Promise<string> {
return 'Bearer ' + await new Credentials().getServiceCredentials();
......@@ -36,8 +39,8 @@ export class GoogleDataEcosystemServices extends AbstractDataEcosystemCore {
return groupMembers as IDESEntitlementGroupMembersModel;
}
public getUserAddBodyRequest(userEmail: string, role: string): {email: string, role: string} | string[] {
return { email: userEmail, role }
public getUserAddBodyRequest(userEmail: string, role: string): { email: string, role: string; } | string[] {
return { email: userEmail, role };
}
public tenantNameAndDataPartitionIDShouldMatch() {
......
......@@ -20,16 +20,16 @@ export class IbmConfig extends Config {
public static IBM_REGION: string;
// IBM COS
public static COS_ACCESS_KEY_ID: string;
public static COS_SECRET_ACCESS_KEY: string;
public static COS_ENDPOINT: string;
public static COS_S3_FORCEPATHSTYLE: boolean;
public static COS_SIGNATUREVERSION: string;
public static COS_ACCESS_KEY_ID: string;
public static COS_SECRET_ACCESS_KEY: string;
public static COS_ENDPOINT: string;
public static COS_S3_FORCEPATHSTYLE: boolean;
public static COS_SIGNATUREVERSION: string;
public static COS_SUBUSER_ACCESS_KEY_ID: string;
public static COS_SUBUSER_SECRET_ACCESS_KEY: string;
public static COS_SUBUSER_SECRET_ACCESS_KEY: string;
public static COS_TEMP_CRED_EXPITY: string;
// IBM Keycloak
// IBM Keycloak
public static KEYCLOAK_BASEURL: string;
public static KEYCLOAK_URL_TOKEN: string;
public static KEYCLOAK_REALM: string;
......@@ -58,6 +58,7 @@ export class IbmConfig extends Config {
public static ENTITLEMENT_CONTEXT_PATH: string;
public static COMPLIANCE_CONTEXT_PATH: string;
public static STORAGE_CONTEXT_PATH: string;
public static CCM_USER_ASSOC_CONTEXT_PATH: string;
public async init(): Promise<void> {
......@@ -66,12 +67,18 @@ export class IbmConfig extends Config {
IbmConfig.DES_SERVICE_HOST_ENTITLEMENT = process.env.DES_SERVICE_HOST_ENTITLEMENT;
IbmConfig.DES_SERVICE_HOST_STORAGE = process.env.DES_SERVICE_HOST_STORAGE;
IbmConfig.IMP_SERVICE_ACCOUNT_SIGNER = process.env.IMP_SERVICE_ACCOUNT_SIGNER;
IbmConfig.CCM_SERVICE_URL = process.env.CCM_SERVICE_URL;
// DES service context path
IbmConfig.ENTITLEMENT_CONTEXT_PATH = process.env.ENTITLEMENT_CONTEXT_PATH
IbmConfig.COMPLIANCE_CONTEXT_PATH = process.env.COMPLIANCE_CONTEXT_PATH
IbmConfig.STORAGE_CONTEXT_PATH = process.env.STORAGE_CONTEXT_PATH
IbmConfig.DES_ENTITLEMENT_DELETE_ENDPOINT_PATH = '/groups/'
IbmConfig.ENTITLEMENT_CONTEXT_PATH = process.env.ENTITLEMENT_CONTEXT_PATH;
IbmConfig.COMPLIANCE_CONTEXT_PATH = process.env.COMPLIANCE_CONTEXT_PATH;
IbmConfig.STORAGE_CONTEXT_PATH = process.env.STORAGE_CONTEXT_PATH;
IbmConfig.DES_ENTITLEMENT_DELETE_ENDPOINT_PATH = '/groups/';
// CCM values
IbmConfig.CCM_SERVICE_URL = process.env.CCM_SERVICE_URL;
IbmConfig.CCM_TOKEN_SCOPE = process.env.CCM_TOKEN_SCOPE;
IbmConfig.CCM_USER_ASSOC_CONTEXT_PATH = process.env.CCM_USER_ASSOC_CONTEXT_PATH;
// DES_SERVICE_HOST replaced by new variable ENTITLEMENT_HOST
IbmConfig.ENTITLEMENT_HOST = process.env.ENTITLEMENT_HOST;
......@@ -79,23 +86,23 @@ export class IbmConfig extends Config {
IbmConfig.STORAGE_HOST = process.env.STORAGE_HOST;// DES_SERVICE_HOST replaced by new variable LEGAL_HOST
// IBM COS
IbmConfig.COS_ACCESS_KEY_ID = process.env.COS_ACCESS_KEY_ID;
IbmConfig.COS_SECRET_ACCESS_KEY = process.env.COS_SECRET_ACCESS_KEY;
IbmConfig.COS_ENDPOINT = process.env.COS_ENDPOINT;
IbmConfig.COS_S3_FORCEPATHSTYLE = process.env.COS_S3_FORCEPATHSTYLE === 'true';// string to boolean
IbmConfig.COS_SIGNATUREVERSION = process.env.COS_SIGNATUREVERSION;
IbmConfig.COS_ACCESS_KEY_ID = process.env.COS_ACCESS_KEY_ID;
IbmConfig.COS_SECRET_ACCESS_KEY = process.env.COS_SECRET_ACCESS_KEY;
IbmConfig.COS_ENDPOINT = process.env.COS_ENDPOINT;
IbmConfig.COS_S3_FORCEPATHSTYLE = process.env.COS_S3_FORCEPATHSTYLE === 'true';// string to boolean
IbmConfig.COS_SIGNATUREVERSION = process.env.COS_SIGNATUREVERSION;
IbmConfig.COS_SUBUSER_ACCESS_KEY_ID = process.env.COS_SUBUSER_ACCESS_KEY_ID;
IbmConfig.COS_SUBUSER_SECRET_ACCESS_KEY = process.env.COS_SUBUSER_SECRET_ACCESS_KEY;
IbmConfig.COS_TEMP_CRED_EXPITY = process.env.COS_TEMP_CRED_EXPITY;
// IBM Keycloak
IbmConfig.KEYCLOAK_BASEURL = process.env.KEYCLOAK_BASEURL;
IbmConfig.KEYCLOAK_URL_TOKEN = process.env.KEYCLOAK_URL_TOKEN;
IbmConfig.KEYCLOAK_USERNAME = process.env.KEYCLOAK_USERNAME;
IbmConfig.KEYCLOAK_PASSWORD = process.env.KEYCLOAK_PASSWORD;
IbmConfig.KEYCLOAK_GRANTTYPE = process.env.KEYCLOAK_GRANTTYPE;
IbmConfig.KEYCLOAK_CLIENTID = process.env.KEYCLOAK_CLIENTID;
IbmConfig.KEYCLOAK_CLIENTSECRET = process.env.KEYCLOAK_CLIENTSECRET;
// IBM Keycloak
IbmConfig.KEYCLOAK_BASEURL = process.env.KEYCLOAK_BASEURL;
IbmConfig.KEYCLOAK_URL_TOKEN = process.env.KEYCLOAK_URL_TOKEN;
IbmConfig.KEYCLOAK_USERNAME = process.env.KEYCLOAK_USERNAME;
IbmConfig.KEYCLOAK_PASSWORD = process.env.KEYCLOAK_PASSWORD;
IbmConfig.KEYCLOAK_GRANTTYPE = process.env.KEYCLOAK_GRANTTYPE;
IbmConfig.KEYCLOAK_CLIENTID = process.env.KEYCLOAK_CLIENTID;
IbmConfig.KEYCLOAK_CLIENTSECRET = process.env.KEYCLOAK_CLIENTSECRET;
IbmConfig.KEYCLOAK_REALM = process.env.KEYCLOAK_REALM;
// IBM Document DB
......@@ -105,22 +112,22 @@ export class IbmConfig extends Config {
IbmConfig.DOC_DB_QUERY_RESULT_LIMIT = process.env.DOC_DB_QUERY_RESULT_LIMIT;
IbmConfig.DOC_DB_QUERY_RESULT_LIMIT_VALUE = parseInt(process.env.DOC_DB_QUERY_RESULT_LIMIT_VALUE, 10);
///////////////////////////////////////
IbmConfig.DES_SERVICE_APPKEY = 'na'
IbmConfig.DES_SERVICE_APPKEY = 'na';
Config.checkRequiredConfig(IbmConfig.DES_SERVICE_HOST_COMPLIANCE, 'DES_SERVICE_HOST_COMPLIANCE');
Config.checkRequiredConfig(IbmConfig.DES_SERVICE_HOST_ENTITLEMENT, 'DES_SERVICE_HOST_ENTITLEMENT');
Config.checkRequiredConfig(IbmConfig.DES_SERVICE_HOST_STORAGE, 'DES_SERVICE_HOST_STORAGE');
Config.checkRequiredConfig(IbmConfig.DES_SERVICE_APPKEY, 'DES_SERVICE_APPKEY');
// redis cache port for locks (the port as env variable)
IbmConfig.LOCKSMAP_REDIS_INSTANCE_PORT = +process.env.REDIS_INSTANCE_PORT
IbmConfig.LOCKSMAP_REDIS_INSTANCE_ADDRESS = process.env.LOCKSMAP_REDIS_INSTANCE_ADDRESS
IbmConfig.LOCKSMAP_REDIS_INSTANCE_KEY = process.env.LOCKSMAP_REDIS_INSTANCE_KEY
IbmConfig.LOCKSMAP_REDIS_INSTANCE_TLS_DISABLE = process.env.CACHE_TLS_DISABLE ? true : false
IbmConfig.LOCKSMAP_REDIS_INSTANCE_PORT = +process.env.REDIS_INSTANCE_PORT;
IbmConfig.LOCKSMAP_REDIS_INSTANCE_ADDRESS = process.env.LOCKSMAP_REDIS_INSTANCE_ADDRESS;
IbmConfig.LOCKSMAP_REDIS_INSTANCE_KEY = process.env.LOCKSMAP_REDIS_INSTANCE_KEY;
IbmConfig.LOCKSMAP_REDIS_INSTANCE_TLS_DISABLE = process.env.CACHE_TLS_DISABLE ? true : false;