fix: branch 'master' into slb/dm3/fix-splen-mex

f054e12e · Diego Molteni · 1b58d86c · 3362c0ad · f054e12e · f054e12e
Commit f054e12e authored Nov 09, 2021 by Diego Molteni
--- a/app/sdms/NOTICE
+++ b/app/sdms/NOTICE
@@ -510,6 +510,7 @@ The following software have components provided under the terms of this license:
 - has-tostringtag (from https://www.npmjs.com/package/has-tostringtag)
 - has-unicode (from https://www.npmjs.com/package/has-unicode)
 - hash-stream-validation (from https://www.npmjs.com/package/hash-stream-validation)
+- hpropagate (from https://www.npmjs.com/package/hpropagate)
 - http-errors (from https://www.npmjs.com/package/http-errors)
 - http-proxy-agent (from https://www.npmjs.com/package/http-proxy-agent)
 - http-proxy-agent (from https://www.npmjs.com/package/http-proxy-agent)
@@ -550,8 +551,8 @@ The following software have components provided under the terms of this license:
 - isarray (from https://www.npmjs.com/package/isarray)
 - isarray (from https://www.npmjs.com/package/isarray)
 - isstream (from https://github.com/rvagg/isstream)
- jmespath (from https://github.com/jmespath/jmespath.py)
 - jmespath (from https://www.npmjs.com/package/jmespath)
+- jmespath (from https://github.com/jmespath/jmespath.py)
 - js-sha256 (from https://www.npmjs.com/package/js-sha256)
 - jsbn (from https://www.npmjs.com/package/jsbn)
 - json-bigint (from https://www.npmjs.com/package/json-bigint)

--- a/app/sdms/npm-shrinkwrap.json
+++ b/app/sdms/npm-shrinkwrap.json
@@ -5443,6 +5443,14 @@
            "lru-cache": "^6.0.0"
         }
      },
+      "hpropagate": {
+         "version": "1.0.1",
+         "resolved": "https://registry.npmjs.org/hpropagate/-/hpropagate-1.0.1.tgz",
+         "integrity": "sha512-Xly46CxtBodZzlZVGyNTRwq9YhW8RZvsTTcCa8EjxlVEfGdcy9z2Oh6bVQgfXiJg6LY6+iS88RW3FDTJbMYPOA==",
+         "requires": {
+            "uuid": "^8.3.2"
+         }
+      },
      "href-content": {
         "version": "2.0.0",
         "resolved": "https://registry.npmjs.org/href-content/-/href-content-2.0.0.tgz",

--- a/app/sdms/package.json
+++ b/app/sdms/package.json
@@ -73,6 +73,7 @@
    "dotenv": "^10.0.0",
    "express": "4.17.1",
    "extend": "^3.0.2",
+    "hpropagate": "^1.0.1",
    "ioredis": "^4.28.0",
    "jsonwebtoken": "8.5.1",
    "jwtproxy": "^1.6.8",

--- a/app/sdms/src/cloud/config.ts
+++ b/app/sdms/src/cloud/config.ts
@@ -66,6 +66,7 @@ export interface ConfigModel {
    FEATURE_FLAG_CCM_INTERACTION: boolean;
    CCM_SERVICE_URL: string;
    CCM_TOKEN_SCOPE: string;
+    CALLER_FORWARD_HEADERS: string;
    USER_ID_CLAIM_FOR_SDMS: string;
    USER_ID_CLAIM_FOR_ENTITLEMENTS_SVC: string;
    USER_ASSOCIATION_SVC_PROVIDER: string;
@@ -196,11 +197,16 @@ export abstract class Config implements IConfig {
    public static CCM_SERVICE_URL = undefined;
    public static CCM_TOKEN_SCOPE = undefined;

+    // list of caller headers to forward to downstream service call (DE Core Service like entitlement/storage...)
+    // if specified the default forwarded headers list will be override. (ref, https://www.npmjs.com/package/hpropagate)
+    // provided as comma separated strings
+    public static CALLER_FORWARD_HEADERS:string = undefined;
+
    // Principal Identifier for Seismic DMS and Entitlements Svc
    public static USER_ID_CLAIM_FOR_SDMS: string;
    public static USER_ID_CLAIM_FOR_ENTITLEMENTS_SVC: string;

-    // Function to convert principal identiifer to user using CCM
+    // Function to convert principal identifier to user using CCM
    public static USER_ASSOCIATION_SVC_PROVIDER: string;

    public static setCloudProvider(cloudProvider: string) {
@@ -309,6 +315,9 @@ export abstract class Config implements IConfig {
        Config.ORGANIZATION_NS = Config.ORGANIZATION_NS + '-' + Config.SERVICE_ENV;
        Config.SEISMIC_STORE_NS = Config.SEISMIC_STORE_NS + '-' + Config.SERVICE_ENV;

+        // caller headers to forward to the downstream services
+        Config.CALLER_FORWARD_HEADERS = model.CALLER_FORWARD_HEADERS
+
    }

    // must be implemented in the provider

--- a/app/sdms/src/cloud/providers/aws/config.ts
+++ b/app/sdms/src/cloud/providers/aws/config.ts
@@ -24,7 +24,7 @@ export class AWSConfig extends Config {
    public static AWS_ENVIRONMENT: string;
    public static AWS_BUCKET: string;
    // Logger
-    public static LOGGER_LEVEL;
+    public static LOGGER_LEVEL: string;
    // max len for a group name in DE
    public static DES_GROUP_CHAR_LIMIT = 256;

@@ -87,6 +87,7 @@ export class AWSConfig extends Config {
                process.env.FEATURE_FLAG_CCM_INTERACTION === 'true' : false,
            CCM_SERVICE_URL: process.env.CCM_SERVICE_URL || '',
            CCM_TOKEN_SCOPE: process.env.CCM_TOKEN_SCOPE || '',
+            CALLER_FORWARD_HEADERS: process.env.CALLER_FORWARD_HEADERS,
            USER_ID_CLAIM_FOR_SDMS: process.env.USER_ID_CLAIM_FOR_SDMS ? process.env.USER_ID_CLAIM_FOR_SDMS : 'subid',
            USER_ID_CLAIM_FOR_ENTITLEMENTS_SVC: process.env.USER_ID_CLAIM_FOR_ENTITLEMENTS_SVC ?
                process.env.USER_ID_CLAIM_FOR_ENTITLEMENTS_SVC : 'email',

--- a/app/sdms/src/cloud/providers/azure/config.ts
+++ b/app/sdms/src/cloud/providers/azure/config.ts
@@ -140,6 +140,7 @@ export class AzureConfig extends Config {
                    process.env.FEATURE_FLAG_CCM_INTERACTION === 'true' : false,
                CCM_SERVICE_URL: AzureConfig.CCM_SERVICE_URL,
                CCM_TOKEN_SCOPE: AzureConfig.CCM_TOKEN_SCOPE,
+                CALLER_FORWARD_HEADERS: process.env.CALLER_FORWARD_HEADERS,
                USER_ID_CLAIM_FOR_SDMS: process.env.USER_ID_CLAIM_FOR_SDMS ? process.env.USER_ID_CLAIM_FOR_SDMS : 'subid',
                USER_ID_CLAIM_FOR_ENTITLEMENTS_SVC: process.env.USER_ID_CLAIM_FOR_ENTITLEMENTS_SVC ?
                    process.env.USER_ID_CLAIM_FOR_ENTITLEMENTS_SVC : 'email',

--- a/app/sdms/src/cloud/providers/google/config.ts
+++ b/app/sdms/src/cloud/providers/google/config.ts
@@ -157,6 +157,7 @@ export class ConfigGoogle extends Config {
                    process.env.FEATURE_FLAG_CCM_INTERACTION === 'true' : false,
                CCM_SERVICE_URL: process.env.CCM_SERVICE_URL,
                CCM_TOKEN_SCOPE: process.env.CCM_TOKEN_SCOPE,
+                CALLER_FORWARD_HEADERS: process.env.CALLER_FORWARD_HEADERS,
                USER_ID_CLAIM_FOR_SDMS: process.env.USER_ID_CLAIM_FOR_SDMS ? process.env.USER_ID_CLAIM_FOR_SDMS : 'subid',
                USER_ID_CLAIM_FOR_ENTITLEMENTS_SVC: process.env.USER_ID_CLAIM_FOR_ENTITLEMENTS_SVC ?
                    process.env.USER_ID_CLAIM_FOR_ENTITLEMENTS_SVC : 'email',

--- a/app/sdms/src/cloud/providers/ibm/config.ts
+++ b/app/sdms/src/cloud/providers/ibm/config.ts
@@ -59,6 +59,11 @@ export class IbmConfig extends Config {
    public static STORAGE_CONTEXT_PATH: string;
    public static CCM_USER_ASSOC_CONTEXT_PATH: string;

+    // list of caller headers to forward to downstream service call (DE Core Service like entitlement/storage...)
+    // if specified the default forwarded headers list will be override. (ref, https://www.npmjs.com/package/hpropagate)
+    // provided as comma separated strings
+    public static CALLER_FORWARD_HEADERS: string;
+
    public async init(): Promise<void> {

        // data ecosystem host url and appkey
@@ -68,6 +73,9 @@ export class IbmConfig extends Config {
        IbmConfig.IMP_SERVICE_ACCOUNT_SIGNER = process.env.IMP_SERVICE_ACCOUNT_SIGNER;
        IbmConfig.CCM_SERVICE_URL = process.env.CCM_SERVICE_URL;

+        // caller forwarded headers to the downstream service
+        IbmConfig.CALLER_FORWARD_HEADERS = process.env.CALLER_FORWARD_HEADERS;
+
        // DES service context path
        IbmConfig.ENTITLEMENT_CONTEXT_PATH = process.env.ENTITLEMENT_CONTEXT_PATH;
        IbmConfig.COMPLIANCE_CONTEXT_PATH = process.env.COMPLIANCE_CONTEXT_PATH;
@@ -179,6 +187,7 @@ export class IbmConfig extends Config {
                process.env.FEATURE_FLAG_CCM_INTERACTION === 'true' : false,
            CCM_SERVICE_URL: IbmConfig.CCM_SERVICE_URL,
            CCM_TOKEN_SCOPE: IbmConfig.CCM_TOKEN_SCOPE,
+            CALLER_FORWARD_HEADERS: IbmConfig.CALLER_FORWARD_HEADERS,
            USER_ID_CLAIM_FOR_SDMS: process.env.USER_ID_CLAIM_FOR_SDMS ? process.env.USER_ID_CLAIM_FOR_SDMS : 'subid',
            USER_ID_CLAIM_FOR_ENTITLEMENTS_SVC: process.env.USER_ID_CLAIM_FOR_ENTITLEMENTS_SVC ?
                process.env.USER_ID_CLAIM_FOR_ENTITLEMENTS_SVC : 'email',

--- a/app/sdms/src/server/server.ts
+++ b/app/sdms/src/server/server.ts
@@ -23,13 +23,13 @@ import replaceInFile from 'replace-in-file';
 import swaggerUi from 'swagger-ui-express';
 import { v4 as uuidv4 } from 'uuid';
 import YAML from 'yamljs';
+import hpropagate from 'hpropagate'
+
 import { AuthProviderFactory } from '../auth';
 import { Config, LoggerFactory } from '../cloud';
 import { ServiceRouter } from '../services';
 import { Cache, Error, Feature, FeatureFlags, Response, Utils } from '../shared';

-
-
 // -------------------------------------------------------------------
 // Seismic Store Service
 // -------------------------------------------------------------------
@@ -100,6 +100,15 @@ export class Server {
            console.error('Error occurred:', error);
        }

+        // set the caller headers to forward to the downstream services
+        if (Config.CALLER_FORWARD_HEADERS) {
+            hpropagate({
+                headersToPropagate: Config.CALLER_FORWARD_HEADERS.split(',')
+            });
+        } else {
+            hpropagate()
+        }
+
        this.app = express();
        this.app.use(express.urlencoded({ extended: false }));
        this.app.use(express.json());