Revert "add trufflehog exclude"

This reverts commit 2146d9c9.

.config/CredScanSuppressions.json

+{
+  "tool": "Credential Scanner",
+  "suppressions": [
+    {
+      "file": "JwtClaimExtractorTest.java",
+      "_justification": "Unit test contains fake tokens."
+    }
+  ]
+}
\ No newline at end of file

.gitlab-ci.yml

 variables:
-  AZURE_SERVICE: entitlements
+  AZURE_SERVICE: entitlements-v2
   AZURE_BUILD_SUBDIR: provider/entitlements-v2-azure
   AZURE_TEST_SUBDIR: testing/entitlements-v2-test-azure
 

NOTICE

@@ -9,6 +9,13 @@ The following software have components provided under the terms of this license:
 
 - Android SDK (from https://www.android.com/)
 
+========================================================================
+Apache-1.1
+========================================================================
+The following software have components provided under the terms of this license:
+
+- StAX (from http://stax.codehaus.org/)
+
 ========================================================================
 Apache-2.0
 ========================================================================
@@ -18,16 +25,11 @@ The following software have components provided under the terms of this license:
 - ASM based accessors helper used by json-smart (from )
 - Adapter: RxJava (from )
 - Admin Directory API directory_v1-rev77-1.22.0 (from )
-- Apache Commons BeanUtils (from http://commons.apache.org/proper/commons-beanutils/)
-- Apache Commons Codec (from http://commons.apache.org/proper/commons-codec/)
 - Apache Commons Codec (from http://commons.apache.org/proper/commons-codec/)
-- Apache Commons Collections (from http://commons.apache.org/proper/commons-collections/)
 - Apache Commons Configuration (from http://commons.apache.org/configuration/)
 - Apache Commons Lang (from http://commons.apache.org/proper/commons-lang/)
 - Apache Commons Logging (from http://commons.apache.org/proper/commons-logging/)
 - Apache Commons Pool (from http://commons.apache.org/proper/commons-pool/)
-- Apache Commons Text (from http://commons.apache.org/proper/commons-text/)
-- Apache Commons Validator (from http://commons.apache.org/proper/commons-validator/)
 - Apache Groovy (from http://groovy-lang.org)
 - Apache Groovy (from http://groovy-lang.org)
 - Apache Groovy (from http://groovy-lang.org)
@@ -53,14 +55,13 @@ The following software have components provided under the terms of this license:
 - Asynchronous Http Client (from )
 - Asynchronous Http Client Netty Utils (from )
 - AutoValue Annotations (from )
+- Azure Metrics Spring Boot Starter (from https://github.com/Microsoft/azure-spring-boot)
 - Bean Validation API (from http://beanvalidation.org)
 - Byte Buddy (without dependencies) (from )
 - Byte Buddy Java agent (from )
 - Caffeine cache (from https://github.com/ben-manes/caffeine)
 - ClassMate (from http://github.com/cowtowncoder/java-classmate)
 - Cloud Storage JSON API v1-rev58-1.21.0 (from )
-- Commons Digester (from http://commons.apache.org/digester/)
-- Commons IO (from http://commons.apache.org/io/)
 - Commons IO (from http://commons.apache.org/io/)
 - Commons Lang (from http://commons.apache.org/lang/)
 - Converter: Jackson (from )
@@ -90,6 +91,7 @@ The following software have components provided under the terms of this license:
 - HPPC Collections (from http://labs.carrotsearch.com)
 - Hibernate Validator Engine (from )
 - Identity and Access Management (IAM) API v1-rev247-1.23.0 (from )
+- IntelliJ IDEA Annotations (from http://www.jetbrains.org)
 - J2ObjC Annotations (from https://github.com/google/j2objc/)
 - JBoss Logging 3 (from http://www.jboss.org)
 - JBoss Marshalling API (from )
@@ -115,6 +117,7 @@ The following software have components provided under the terms of this license:
 - Jackson-dataformat-YAML (from https://github.com/FasterXML/jackson)
 - Jackson-datatype-Joda (from http://wiki.fasterxml.com/JacksonModuleJoda)
 - Jackson-datatype-jdk8 (from )
+- Jackson-module-Afterburner (from http://wiki.fasterxml.com/JacksonHome)
 - Jackson-module-JAXB-annotations (from http://wiki.fasterxml.com/JacksonJAXBAnnotations)
 - Jackson-module-parameter-names (from )
 - Jakarta Bean Validation API (from https://beanvalidation.org)
@@ -122,12 +125,17 @@ The following software have components provided under the terms of this license:
 - Java Native Access Platform (from https://github.com/java-native-access/jna)
 - Java Servlet 4.0 API (from )
 - Java Servlet API (from https://projects.eclipse.org/projects/ee4j.servlet)
-- Java UUID Generator (from http://wiki.fasterxml.com/JugHome)
 - JavaPoet (from http://github.com/square/javapoet/)
 - Javassist (from http://www.javassist.org/)
 - Javassist (from http://www.javassist.org/)
 - Joda-Time (from http://www.joda.org/joda-time/)
 - Json Path (from https://github.com/jayway/JsonPath)
+- KeePassJava2 :: All (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2)
+- KeePassJava2 :: DOM (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2-dom)
+- KeePassJava2 :: JAXB (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2-jaxb)
+- KeePassJava2 :: KDB (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2-kdb)
+- KeePassJava2 :: KDBX (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2-kdbx)
+- KeePassJava2 :: Simple (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2-simple)
 - Lettuce (from http://github.com/lettuce-io/lettuce-core)
 - Lucene Common Analyzers (from )
 - Lucene Core (from )
@@ -140,7 +148,6 @@ The following software have components provided under the terms of this license:
 - Lucene Queries (from )
 - Lucene QueryParsers (from )
 - Lucene Sandbox (from )
-- Lucene Spatial (from )
 - Lucene Spatial 3D (from )
 - Lucene Spatial Extras (from )
 - Lucene Suggest (from )
@@ -151,6 +158,7 @@ The following software have components provided under the terms of this license:
 - Microsoft Application Insights Java SDK Web Module (from https://github.com/Microsoft/ApplicationInsights-Java)
 - Microsoft Application Insights Log4j 2 Appender (from https://github.com/Microsoft/ApplicationInsights-Java)
 - Microsoft Azure Netty HTTP Client Library (from https://github.com/Azure/azure-sdk-for-java)
+- Microsoft Azure SDK for SQL API of Azure Cosmos DB Service (from https://github.com/Azure/azure-sdk-for-java)
 - Mockito (from http://mockito.org)
 - Mockito (from http://www.mockito.org)
 - Netty Reactive Streams Implementation (from )
@@ -184,12 +192,14 @@ The following software have components provided under the terms of this license:
 - OpenCensus (from https://github.com/census-instrumentation/opencensus-java)
 - OpenCensus (from https://github.com/census-instrumentation/opencensus-java)
 - OpenCensus (from https://github.com/census-instrumentation/opencensus-java)
+- PWDB :: Database (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/database)
 - PowerMock (from http://www.powermock.org)
 - Protocol Buffer extensions to the Google HTTP Client Library for Java. (from )
-- Reactive Object Pool (from https://github.com/reactor/reactor-pool)
 - Reactive Streams Netty driver (from https://github.com/reactor/reactor-netty)
 - Redisson (from http://redisson.org)
 - Retrofit (from )
+- Simple XML (from http://simple.sourceforge.net)
+- SnakeYAML (from http://www.snakeyaml.org)
 - SnakeYAML (from http://www.snakeyaml.org)
 - Spring AOP (from https://github.com/spring-projects/spring-framework)
 - Spring Beans (from https://github.com/spring-projects/spring-framework)
@@ -220,6 +230,8 @@ The following software have components provided under the terms of this license:
 - Spring Transaction (from https://github.com/spring-projects/spring-framework)
 - Spring Web (from https://github.com/spring-projects/spring-framework)
 - Spring Web MVC (from https://github.com/spring-projects/spring-framework)
+- StAX (from http://stax.codehaus.org/)
+- StAX API (from http://stax.codehaus.org/)
 - T-Digest (from https://github.com/tdunning/t-digest)
 - Undertow Core (from )
 - Undertow Servlet (from )
@@ -230,6 +242,7 @@ The following software have components provided under the terms of this license:
 - Woodstox (from https://github.com/FasterXML/woodstox)
 - XNIO API (from http://www.jboss.org/xnio)
 - XNIO NIO Implementation (from )
+- aalto-xml (from )
 - aggs-matrix-stats (from https://github.com/elastic/elasticsearch)
 - cli (from https://github.com/elastic/elasticsearch)
 - com.google.api.grpc:proto-google-cloud-monitoring-v3 (from https://github.com/googleapis/googleapis)
@@ -327,6 +340,8 @@ The following software have components provided under the terms of this license:
 - Jodd BeanUtil (from http://jodd.org)
 - Jodd Core (from http://jodd.org)
 - Lucene Common Analyzers (from )
+- Lucene Core (from )
+- StAX (from http://stax.codehaus.org/)
 - Stax2 API (from http://github.com/FasterXML/stax2-api)
 - ThreeTen backport (from https://www.threeten.org/threetenbp)
 
@@ -338,7 +353,6 @@ The following software have components provided under the terms of this license:
 - API Common (from https://github.com/googleapis)
 - ASM Core (from )
 - Apache Commons Codec (from http://commons.apache.org/proper/commons-codec/)
-- Apache Commons Codec (from http://commons.apache.org/proper/commons-codec/)
 - Apache Ivy (from http://ant.apache.org/ivy/)
 - DSL Platform JSON (Java 8 API) (from https://github.com/ngs-doo/dsl-json)
 - DSL Platform JSON (core) (from https://github.com/ngs-doo/dsl-json)
@@ -370,6 +384,7 @@ The following software have components provided under the terms of this license:
 - Redisson (from http://redisson.org)
 - Reflections (from http://github.com/ronmamo/reflections)
 - SnakeYAML (from http://www.snakeyaml.org)
+- SnakeYAML (from http://www.snakeyaml.org)
 - Spring Core (from https://github.com/spring-projects/spring-framework)
 - Stax2 API (from http://github.com/FasterXML/stax2-api)
 - ThreeTen backport (from https://www.threeten.org/threetenbp)
@@ -408,7 +423,6 @@ CDDL-1.0
 ========================================================================
 The following software have components provided under the terms of this license:
 
-- JavaMail API (from )
 - javax.annotation-api (from http://jcp.org/en/jsr/detail?id=250)
 
 ========================================================================
@@ -417,7 +431,6 @@ CDDL-1.1
 The following software have components provided under the terms of this license:
 
 - JavaBeans Activation Framework (from )
-- JavaBeans(TM) Activation Framework (from http://java.sun.com/javase/technologies/desktop/javabeans/jaf/index.jsp)
 - tomcat-embed-core (from http://tomcat.apache.org/)
 - tomcat-embed-core (from http://tomcat.apache.org/)
 
@@ -447,6 +460,7 @@ The following software have components provided under the terms of this license:
 - Microsoft Application Insights Java SDK Web Module (from https://github.com/Microsoft/ApplicationInsights-Java)
 - Microsoft Application Insights Log4j 2 Appender (from https://github.com/Microsoft/ApplicationInsights-Java)
 - SnakeYAML (from http://www.snakeyaml.org)
+- SnakeYAML (from http://www.snakeyaml.org)
 - jakarta.annotation-api (from https://projects.eclipse.org/projects/ee4j.ca)
 - org.junit.jupiter:junit-jupiter-api (from http://junit.org/junit5/)
 - org.junit.jupiter:junit-jupiter-engine (from http://junit.org/junit5/)
@@ -479,7 +493,6 @@ The following software have components provided under the terms of this license:
 
 - Commons Lang (from http://commons.apache.org/lang/)
 - JavaBeans Activation Framework (from )
-- JavaMail API (from )
 - javax.annotation-api (from http://jcp.org/en/jsr/detail?id=250)
 - tomcat-embed-core (from http://tomcat.apache.org/)
 - tomcat-embed-core (from http://tomcat.apache.org/)
@@ -489,6 +502,7 @@ GPL-2.0-or-later
 ========================================================================
 The following software have components provided under the terms of this license:
 
+- SnakeYAML (from http://www.snakeyaml.org)
 - SnakeYAML (from http://www.snakeyaml.org)
 
 ========================================================================
@@ -503,7 +517,6 @@ The following software have components provided under the terms of this license:
 - Java Servlet API (from https://projects.eclipse.org/projects/ee4j.servlet)
 - Java(TM) API for WebSocket (from )
 - JavaBeans Activation Framework (from )
-- JavaMail API (from )
 - jakarta.annotation-api (from https://projects.eclipse.org/projects/ee4j.ca)
 - javax.annotation-api (from http://jcp.org/en/jsr/detail?id=250)
 - tomcat-embed-core (from http://tomcat.apache.org/)
@@ -518,7 +531,6 @@ The following software have components provided under the terms of this license:
 - Expression Language 3.0 (from https://projects.eclipse.org/projects/ee4j.el)
 - Java Servlet 4.0 API (from )
 - Java Servlet API (from https://projects.eclipse.org/projects/ee4j.servlet)
-- Netty/Codec (from )
 - Project Lombok (from https://projectlombok.org)
 - Project Lombok (from https://projectlombok.org)
 - jakarta.annotation-api (from https://projects.eclipse.org/projects/ee4j.ca)
@@ -556,6 +568,7 @@ The following software have components provided under the terms of this license:
 - JBoss Threads (from )
 - Javassist (from http://www.javassist.org/)
 - SnakeYAML (from http://www.snakeyaml.org)
+- SnakeYAML (from http://www.snakeyaml.org)
 
 ========================================================================
 LGPL-3.0-only
@@ -575,7 +588,6 @@ The following software have components provided under the terms of this license:
 - Azure Java Client Runtime for AutoRest (from https://github.com/Azure/autorest-clientruntime-for-java)
 - Azure Metrics Spring Boot Starter (from https://github.com/Microsoft/azure-spring-boot)
 - Azure Spring Boot AutoConfigure (from https://github.com/Microsoft/azure-spring-boot)
-- Azure Spring Boot Starter (from https://github.com/Microsoft/azure-spring-boot)
 - Checker Qual (from https://checkerframework.org)
 - Checker Qual (from https://checkerframework.org)
 - Extensions on Apache Proton-J library (from https://github.com/Azure/qpid-proton-j-extensions)
@@ -585,7 +597,6 @@ The following software have components provided under the terms of this license:
 - Java JWT (from http://www.jwt.io)
 - Jodd Core (from http://jodd.org)
 - Lucene Core (from )
-- Lucene Sandbox (from )
 - Microsoft Application Insights Java SDK Core (from https://github.com/Microsoft/ApplicationInsights-Java)
 - Microsoft Application Insights Java SDK Spring Boot starter (from https://github.com/Microsoft/ApplicationInsights-Java)
 - Microsoft Application Insights Java SDK Web Module (from https://github.com/Microsoft/ApplicationInsights-Java)
@@ -595,25 +606,29 @@ The following software have components provided under the terms of this license:
 - Microsoft Azure SDK annotations (from https://github.com/Microsoft/java-api-annotations)
 - Microsoft Azure SDK for SQL API of Azure Cosmos DB Service (from https://github.com/Azure/azure-sdk-for-java)
 - Microsoft Azure SDK for Service Bus (from https://github.com/Azure/azure-sdk-for-java)
+- Microsoft Azure SDK for eventgrid (from https://github.com/Azure/azure-sdk-for-java)
 - Microsoft Azure client library for Blob Storage (from https://github.com/Azure/azure-sdk-for-java)
 - Microsoft Azure client library for Identity (from https://github.com/Azure/azure-sdk-for-java)
 - Microsoft Azure client library for KeyVault Secrets (from https://github.com/Azure/azure-sdk-for-java)
 - Microsoft Azure common module for Storage (from https://github.com/Azure/azure-sdk-for-java)
-- Mockito (from http://www.mockito.org)
+- Microsoft Azure internal Avro module for Storage (from https://github.com/Azure/azure-sdk-for-java)
 - Mockito (from http://mockito.org)
+- Mockito (from http://www.mockito.org)
 - Netty/All-in-One (from )
 - Netty/Codec/HTTP (from )
 - Netty/Common (from )
-- Netty/Transport/Native/Unix/Common (from )
 - Project Lombok (from https://projectlombok.org)
 - Project Lombok (from https://projectlombok.org)
 - SLF4J API Module (from http://www.slf4j.org)
+- Spongy Castle (from http://rtyley.github.io/spongycastle/)
 - Spring Data Gremlin (from https://github.com/Microsoft/spring-data-gremlin)
+- Spring Data for Azure Cosmos DB SQL API (from https://github.com/Azure/azure-sdk-for-java/tree/master/sdk/cosmos/azure-spring-data-cosmos)
 - adal4j (from https://github.com/AzureAD/azure-activedirectory-library-for-java)
 - jbcrypt (from http://www.mindrot.org/)
 - micrometer-core (from https://github.com/micrometer-metrics/micrometer)
 - mockito-junit-jupiter (from https://github.com/mockito/mockito)
 - msal4j (from https://github.com/AzureAD/microsoft-authentication-library-for-java)
+- msal4j-persistence-extension (from https://github.com/AzureAD/microsoft-authentication-extensions-for-java)
 - spring-security-core (from http://spring.io/spring-security)
 
 ========================================================================
@@ -648,6 +663,7 @@ The following software have components provided under the terms of this license:
 
 - HdrHistogram (from http://hdrhistogram.github.io/HdrHistogram/)
 - LatencyUtils (from http://latencyutils.github.io/LatencyUtils/)
+- Spongy Castle (from http://rtyley.github.io/spongycastle/)
 
 ========================================================================
 SPL-1.0
@@ -680,6 +696,8 @@ The following software have components provided under the terms of this license:
 - Project Lombok (from https://projectlombok.org)
 - Project Lombok (from https://projectlombok.org)
 - Spring Web (from https://github.com/spring-projects/spring-framework)
+- StAX API (from http://stax.codehaus.org/)
+- msal4j (from https://github.com/AzureAD/microsoft-authentication-library-for-java)
 - reactive-streams (from http://www.reactive-streams.org/)
 
 ========================================================================
@@ -693,7 +711,7 @@ The following software have components provided under the terms of this license:
 - JUnit (from http://junit.org)
 - JUnit Jupiter (Aggregator) (from https://junit.org/junit5/)
 - JavaBeans Activation Framework API jar (from )
-- JavaMail API (from )
+- Spongy Castle (from http://rtyley.github.io/spongycastle/)
 - jakarta.xml.bind-api (from )
 - org.junit.jupiter:junit-jupiter-api (from http://junit.org/junit5/)
 - org.junit.jupiter:junit-jupiter-engine (from http://junit.org/junit5/)

devops/azure/chart/Chart.yaml

@@ -13,7 +13,7 @@
 #  limitations under the License.
 
 apiVersion: v2
-name: entitlements-v2
+name: entitlements
 appVersion: "latest"
 description: Helm Chart for installing entitlements-v2 service.
 version: 0.1.0

devops/azure/chart/helm-config.yaml

@@ -16,14 +16,3 @@ image:
 server:
   servlet:
     contextPath: /entitlements/v2
-
-app:
-  gremlin:
-    endpoint: #{GREMLIN_ENDPOINT}#
-    username: #{GREMLIN_USERNAME}#
-  cosmosdb:
-    cosmosDbAccountName: #{COSMOS_DB_ACCOUNT_NAME}#
-    resourceGroup: #{AZURE_RESOURCE_GROUP}#
-    subscriptionId: #{AZURE_SUBSCRIPTION_ID}#
-  integration:
-    tester: #{INTEGRATION_TESTER}#

devops/azure/chart/templates/azure-istio-auth-policy.yaml

@@ -15,7 +15,7 @@
 apiVersion: security.istio.io/v1beta1
 kind: AuthorizationPolicy
 metadata:
-  name: {{ .Chart.Name }}-jwt-authz
+  name: {{ .Chart.Name }}-v2-jwt-authz
   namespace: osdu
 spec:
   selector:

devops/azure/chart/templates/deployment.yaml

@@ -71,19 +71,7 @@ spec:
                   key: appinsights
             - name: partition_service_endpoint
               value: http://partition/api/partition/v1
-            - name: GREMLIN_ENDPOINT
-              value: {{ .Values.app.gremlin.endpoint }}
-            - name: GREMLIN_USERNAME
-              value: {{ .Values.app.gremlin.username }}
             - name: cosmosdb_database
               value: osdu-db
-            - name: COSMOS_DB_ACCOUNT_NAME
-              value: {{ .Values.app.cosmosdb.cosmosDbAccountName }}
-            - name: AZURE_RESOURCE_GROUP
-              value: {{ .Values.app.cosmosdb.resourceGroup }}
-            - name: AZURE_SUBSCRIPTION_ID
-              value: {{ .Values.app.cosmosdb.subscriptionId }}
-            - name: INTEGRATION_TESTER
-              value: {{ .Values.app.integration.tester}}
             - name: azure_istioauth_enabled
               value: "true"
\ No newline at end of file

devops/azure/chart/values.yaml

@@ -23,16 +23,3 @@ image:
 server:
   servlet:
     contextPath: /entitlements/v2
-
-app:
-  gremlin:
-    endpoint: ""
-    port: 8901
-    username: ""
-    sslEnabled: true
-  cosmosdb:
-    cosmosDbAccountName: ""
-    resourceGroup: ""
-    subscriptionId: ""
-  integration:
-    tester: ""
\ No newline at end of file

devops/azure/development-pipeline.yml

@@ -47,14 +47,15 @@ variables:
     value: $[ resources.repositories['FluxRepo'].name ]
   - name: SKIP_TESTS
     value: 'false'
+  - name: 'MAVEN_CACHE_FOLDER'
+    value: $(Pipeline.Workspace)/.m2/repository
 
 stages:
   - template: /devops/build-stage.yml@TemplateRepo
     parameters:
       mavenGoal: 'package'
       mavenPublishJUnitResults: true
-      serviceCoreMavenOptions: '-P entitlements-v2-core'
-      mavenOptions: '-P entitlements-v2-azure'
+      mavenOptions: '-pl provider/entitlements-v2-azure -am -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
       copyFileContents: |
         pom.xml
         provider/entitlements-v2-azure/maven/settings.xml

devops/azure/pipeline.yml

@@ -47,14 +47,15 @@ variables:
     value: $[ resources.repositories['FluxRepo'].name ]
   - name: SKIP_TESTS
     value: 'false'
+  - name: 'MAVEN_CACHE_FOLDER'
+    value: $(Pipeline.Workspace)/.m2/repository
 
 stages:
   - template: /devops/build-stage.yml@TemplateRepo
     parameters:
       mavenGoal: 'package'
       mavenPublishJUnitResults: true
-      serviceCoreMavenOptions: '-P entitlements-v2-core'
-      mavenOptions: '-P entitlements-v2-azure'
+      mavenOptions: '-pl provider/entitlements-v2-azure -am -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
       copyFileContents: |
         pom.xml
         provider/entitlements-v2-azure/maven/settings.xml
@@ -71,7 +72,7 @@ stages:
       chartPath: ${{ variables.chartPath }}
       valuesFile: ${{ variables.valuesFile }}
       testCoreMavenPomFile: 'testing/entitlements-v2-test-core/pom.xml'
-      testCoreMavenOptions: ''
+      testCoreMavenOptions: '-Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
       skipDeploy: ${{ variables.SKIP_DEPLOY }}
       skipTest: ${{ variables.SKIP_TESTS }}
       providers:

entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/AppProperties.java

@@ -16,8 +16,6 @@ public abstract class AppProperties {
     private String domain;
     @Value("${ACCEPT_HTTP:false}")
     private boolean httpAccepted;
-    @Value("${app.integration.tester}")
-    private String integrationTester;
 
     public String getProjectId() {
         return projectId;
@@ -31,10 +29,6 @@ public abstract class AppProperties {
         return httpAccepted;
     }
 
-    public String getIntegrationTester() {
-        return integrationTester;
-    }
-
     public List<String> getInitialGroups() {
         List<String> initialGroups = new ArrayList<>(3);
         initialGroups.add("/provisioning/groups/datalake_user_groups.json");

entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/ListGroupService.java

@@ -36,12 +36,14 @@ public class ListGroupService {
         log.info(String.format("ListGroupService#run cache look up done timestamp: %d", System.currentTimeMillis()));
         try {
             String serviceAccount = requestInfo.getTenantInfo().getServiceAccount();
-            if (serviceAccount.equalsIgnoreCase(requesterId) || Strings.isNullOrEmpty(listGroupServiceDto.getAppId())) {
+            // TODO: Uncomment when AppId filter is optimized. The current logic is RU expensive,
+            //  so we temporarily disable for now. US https://dev.azure.com/slb-swt/data-at-rest/_workitems/edit/599488
+//            if (serviceAccount.equalsIgnoreCase(requesterId) || Strings.isNullOrEmpty(listGroupServiceDto.getAppId())) {
                 auditLogger.listGroup(AuditStatus.SUCCESS, fetchParentIds(groups));
                 return groups;
-            } else {
-                return filterGroupsByAppId(groups, listGroupServiceDto);
-            }
+//            } else {
+//                return filterGroupsByAppId(groups, listGroupServiceDto);
+//            }
         } catch (Exception e) {
             auditLogger.listGroup(AuditStatus.FAILURE, new ArrayList<>());
             throw e;

entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/util/RequestInfoUtilService.java

@@ -26,13 +26,7 @@ public class RequestInfoUtilService {
     }
 
     public String getUserId(final DpsHeaders dpsHeaders) {
-        String userId = jwtClaimExtractor.extract(dpsHeaders.getAuthorization()).getUserId();
-        // TODO: remove this temporary logic after integration tester's permission is properly set up
-        String integrationTesterId = appProperties.getIntegrationTester();
-        if (userId.equalsIgnoreCase(integrationTesterId)) {
-            userId = "integration_tester_entitlements@desid.com";
-        }
-        return userId;
+        return jwtClaimExtractor.extract(dpsHeaders.getAuthorization()).getUserId();
     }
 
     public String getDomain(final String partitionId) {

entitlements-v2-core/src/test/java/org/opengroup/osdu/entitlements/v2/service/ListGroupServiceTests.java

 package org.opengroup.osdu.entitlements.v2.service;
 
 import org.junit.Before;
+import org.junit.Ignore;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.opengroup.osdu.core.common.logging.JaxRsDpsLog;
@@ -132,6 +133,8 @@ public class ListGroupServiceTests {
         verify(auditLogger).listGroup(eq(AuditStatus.SUCCESS), any());
     }
 
+    // TODO: Unignore when AppId filter is enabled. US https://dev.azure.com/slb-swt/data-at-rest/_workitems/edit/599488
+    @Ignore
     @Test
     public void should_filterByAppId_ifNormalCaller() {
         List<String> partitionIds = Arrays.asList("dp", "dp1");

provider/entitlements-v2-azure/src/main/java/org/opengroup/osdu/entitlements/v2/azure/AzureAppProperties.java

 package org.opengroup.osdu.entitlements.v2.azure;
 
+import com.azure.security.keyvault.secrets.SecretClient;
+import lombok.Getter;
+import org.opengroup.osdu.azure.KeyVaultFacade;
 import org.opengroup.osdu.entitlements.v2.AppProperties;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
 
 @Component
+@Getter
 public class AzureAppProperties extends AppProperties {
-    @Value("${app.gremlin.endpoint}")
-    private String gremlinEndpoint;
-    @Value("${app.gremlin.port}")
-    private int gremlinPort;
-    @Value("${app.gremlin.username}")
-    private String gremlinUsername;
-    @Value("${app.gremlin.password}")
-    private String gremlinPassword;
-    @Value("${app.gremlin.sslEnabled}")
-    private boolean gremlinSslEnabled;
+
+    @Autowired
+    private SecretClient secretClient;
+    @Value("${app.graph.db.port}")
+    private int graphDbPort;
+    @Value("${app.graph.db.username}")
+    private String graphDbUsername;
+    @Value("${app.graph.db.sslEnabled}")
+    private boolean graphDbSslEnabled;
     @Value("${tenantInfo.container.name}")
     private String tenantInfoContainerName;
     @Value("${azure.cosmosdb.database}")
     private String cosmosDbName;
-    @Value("${app.cosmosdb.subscriptionId}")
-    private String subscriptionId;
-    @Value("${app.cosmosdb.resourceGroup}")
-    private String resourceGroup;
-    @Value("${app.cosmosdb.cosmosDbAccountName}")
-    private String cosmosDbAccountName;
-
-    public boolean hasCosmosDbConfig() {
-        return !(subscriptionId.isEmpty() && resourceGroup.isEmpty() && cosmosDbAccountName.isEmpty());
-    }
-
-    public String getGremlinEndpoint() {
-        return gremlinEndpoint;
-    }
-
-    public int getGremlinPort() {
-        return gremlinPort;
-    }
-
-    public String getGremlinUsername() {
-        return gremlinUsername;
-    }
-
-    public String getGremlinPassword() {
-        return gremlinPassword;
-    }
-
-    public boolean isGremlinSslEnabled() {
-        return gremlinSslEnabled;
-    }
-
-    public String getTenantInfoContainerName() {
-        return tenantInfoContainerName;
-    }
-
-    public String getCosmosDbName() {
-        return cosmosDbName;
-    }
-
-    public String getSubscriptionId() {
-        return subscriptionId;
-    }
 
-    public String getResourceGroup() {
-        return resourceGroup;
+    public String getGraphDbPassword() {
+        return KeyVaultFacade.getSecretWithValidation(secretClient, "graph-db-primary-key");
     }
 
-    public String getCosmosDbAccountName() {
-        return cosmosDbAccountName;
+    public String getGraphDbEndpoint() {
+        return KeyVaultFacade.getSecretWithValidation(secretClient, "graph-db-endpoint");
     }
 }

provider/entitlements-v2-azure/src/main/java/org/opengroup/osdu/entitlements/v2/azure/spi/gremlin/connection/ClusterGremlinConnector.java

 package org.opengroup.osdu.entitlements.v2.azure.spi.gremlin.connection;
 
-import com.azure.core.http.HttpClient;
-import com.azure.core.http.HttpMethod;
-import com.azure.core.http.HttpRequest;
-import com.azure.core.http.HttpResponse;
-import com.google.gson.Gson;
-import com.google.gson.JsonObject;
 import lombok.RequiredArgsConstructor;
 import org.apache.tinkerpop.gremlin.driver.Client;
 import org.apache.tinkerpop.gremlin.driver.Cluster;
@@ -26,12 +20,10 @@ import org.opengroup.osdu.entitlements.v2.azure.model.NodeVertex;
 import org.opengroup.osdu.entitlements.v2.azure.service.VertexUtilService;
 import org.springframework.http.HttpStatus;
 import org.springframework.stereotype.Component;
-import reactor.core.publisher.Mono;
 
 import javax.annotation.PostConstruct;
 import java.util.List;
 import java.util.Map;
-import java.util.Objects;
 import java.util.Optional;
 import java.util.concurrent.CompletableFuture;
 import java.util.concurrent.ExecutionException;
@@ -43,11 +35,16 @@ public class ClusterGremlinConnector implements GremlinConnector {
     private static final int MAX_IN_PROCESS = 16;
     private static final String TRAVERSAL_SUBMIT_ERROR_MESSAGE = "Error submitting traversal";
     private static final String RETRIEVING_RESULT_SET_ERROR_MESSAGE = "Error retrieving ResultSet object";
-    private static final String MSI_HOST = "http://169.254.169.254/";
-