Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
Open Subsurface Data Universe Software
Platform
Security and Compliance
Entitlements
Commits
08cb652f
Commit
08cb652f
authored
Jan 29, 2021
by
Rostislav Vatolin
Browse files
Revert "add trufflehog exclude"
This reverts commit
2146d9c9
.
parent
1d1ac82d
Changes
33
Hide whitespace changes
Inline
Side-by-side
.config/CredScanSuppressions.json
0 → 100644
View file @
08cb652f
{
"tool"
:
"Credential Scanner"
,
"suppressions"
:
[
{
"file"
:
"JwtClaimExtractorTest.java"
,
"_justification"
:
"Unit test contains fake tokens."
}
]
}
\ No newline at end of file
.gitlab-ci.yml
View file @
08cb652f
variables
:
AZURE_SERVICE
:
entitlements
AZURE_SERVICE
:
entitlements
-v2
AZURE_BUILD_SUBDIR
:
provider/entitlements-v2-azure
AZURE_TEST_SUBDIR
:
testing/entitlements-v2-test-azure
...
...
NOTICE
View file @
08cb652f
...
...
@@ -9,6 +9,13 @@ The following software have components provided under the terms of this license:
- Android SDK (from https://www.android.com/)
========================================================================
Apache-1.1
========================================================================
The following software have components provided under the terms of this license:
- StAX (from http://stax.codehaus.org/)
========================================================================
Apache-2.0
========================================================================
...
...
@@ -18,16 +25,11 @@ The following software have components provided under the terms of this license:
- ASM based accessors helper used by json-smart (from )
- Adapter: RxJava (from )
- Admin Directory API directory_v1-rev77-1.22.0 (from )
- Apache Commons BeanUtils (from http://commons.apache.org/proper/commons-beanutils/)
- Apache Commons Codec (from http://commons.apache.org/proper/commons-codec/)
- Apache Commons Codec (from http://commons.apache.org/proper/commons-codec/)
- Apache Commons Collections (from http://commons.apache.org/proper/commons-collections/)
- Apache Commons Configuration (from http://commons.apache.org/configuration/)
- Apache Commons Lang (from http://commons.apache.org/proper/commons-lang/)
- Apache Commons Logging (from http://commons.apache.org/proper/commons-logging/)
- Apache Commons Pool (from http://commons.apache.org/proper/commons-pool/)
- Apache Commons Text (from http://commons.apache.org/proper/commons-text/)
- Apache Commons Validator (from http://commons.apache.org/proper/commons-validator/)
- Apache Groovy (from http://groovy-lang.org)
- Apache Groovy (from http://groovy-lang.org)
- Apache Groovy (from http://groovy-lang.org)
...
...
@@ -53,14 +55,13 @@ The following software have components provided under the terms of this license:
- Asynchronous Http Client (from )
- Asynchronous Http Client Netty Utils (from )
- AutoValue Annotations (from )
- Azure Metrics Spring Boot Starter (from https://github.com/Microsoft/azure-spring-boot)
- Bean Validation API (from http://beanvalidation.org)
- Byte Buddy (without dependencies) (from )
- Byte Buddy Java agent (from )
- Caffeine cache (from https://github.com/ben-manes/caffeine)
- ClassMate (from http://github.com/cowtowncoder/java-classmate)
- Cloud Storage JSON API v1-rev58-1.21.0 (from )
- Commons Digester (from http://commons.apache.org/digester/)
- Commons IO (from http://commons.apache.org/io/)
- Commons IO (from http://commons.apache.org/io/)
- Commons Lang (from http://commons.apache.org/lang/)
- Converter: Jackson (from )
...
...
@@ -90,6 +91,7 @@ The following software have components provided under the terms of this license:
- HPPC Collections (from http://labs.carrotsearch.com)
- Hibernate Validator Engine (from )
- Identity and Access Management (IAM) API v1-rev247-1.23.0 (from )
- IntelliJ IDEA Annotations (from http://www.jetbrains.org)
- J2ObjC Annotations (from https://github.com/google/j2objc/)
- JBoss Logging 3 (from http://www.jboss.org)
- JBoss Marshalling API (from )
...
...
@@ -115,6 +117,7 @@ The following software have components provided under the terms of this license:
- Jackson-dataformat-YAML (from https://github.com/FasterXML/jackson)
- Jackson-datatype-Joda (from http://wiki.fasterxml.com/JacksonModuleJoda)
- Jackson-datatype-jdk8 (from )
- Jackson-module-Afterburner (from http://wiki.fasterxml.com/JacksonHome)
- Jackson-module-JAXB-annotations (from http://wiki.fasterxml.com/JacksonJAXBAnnotations)
- Jackson-module-parameter-names (from )
- Jakarta Bean Validation API (from https://beanvalidation.org)
...
...
@@ -122,12 +125,17 @@ The following software have components provided under the terms of this license:
- Java Native Access Platform (from https://github.com/java-native-access/jna)
- Java Servlet 4.0 API (from )
- Java Servlet API (from https://projects.eclipse.org/projects/ee4j.servlet)
- Java UUID Generator (from http://wiki.fasterxml.com/JugHome)
- JavaPoet (from http://github.com/square/javapoet/)
- Javassist (from http://www.javassist.org/)
- Javassist (from http://www.javassist.org/)
- Joda-Time (from http://www.joda.org/joda-time/)
- Json Path (from https://github.com/jayway/JsonPath)
- KeePassJava2 :: All (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2)
- KeePassJava2 :: DOM (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2-dom)
- KeePassJava2 :: JAXB (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2-jaxb)
- KeePassJava2 :: KDB (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2-kdb)
- KeePassJava2 :: KDBX (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2-kdbx)
- KeePassJava2 :: Simple (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2-simple)
- Lettuce (from http://github.com/lettuce-io/lettuce-core)
- Lucene Common Analyzers (from )
- Lucene Core (from )
...
...
@@ -140,7 +148,6 @@ The following software have components provided under the terms of this license:
- Lucene Queries (from )
- Lucene QueryParsers (from )
- Lucene Sandbox (from )
- Lucene Spatial (from )
- Lucene Spatial 3D (from )
- Lucene Spatial Extras (from )
- Lucene Suggest (from )
...
...
@@ -151,6 +158,7 @@ The following software have components provided under the terms of this license:
- Microsoft Application Insights Java SDK Web Module (from https://github.com/Microsoft/ApplicationInsights-Java)
- Microsoft Application Insights Log4j 2 Appender (from https://github.com/Microsoft/ApplicationInsights-Java)
- Microsoft Azure Netty HTTP Client Library (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure SDK for SQL API of Azure Cosmos DB Service (from https://github.com/Azure/azure-sdk-for-java)
- Mockito (from http://mockito.org)
- Mockito (from http://www.mockito.org)
- Netty Reactive Streams Implementation (from )
...
...
@@ -184,12 +192,14 @@ The following software have components provided under the terms of this license:
- OpenCensus (from https://github.com/census-instrumentation/opencensus-java)
- OpenCensus (from https://github.com/census-instrumentation/opencensus-java)
- OpenCensus (from https://github.com/census-instrumentation/opencensus-java)
- PWDB :: Database (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/database)
- PowerMock (from http://www.powermock.org)
- Protocol Buffer extensions to the Google HTTP Client Library for Java. (from )
- Reactive Object Pool (from https://github.com/reactor/reactor-pool)
- Reactive Streams Netty driver (from https://github.com/reactor/reactor-netty)
- Redisson (from http://redisson.org)
- Retrofit (from )
- Simple XML (from http://simple.sourceforge.net)
- SnakeYAML (from http://www.snakeyaml.org)
- SnakeYAML (from http://www.snakeyaml.org)
- Spring AOP (from https://github.com/spring-projects/spring-framework)
- Spring Beans (from https://github.com/spring-projects/spring-framework)
...
...
@@ -220,6 +230,8 @@ The following software have components provided under the terms of this license:
- Spring Transaction (from https://github.com/spring-projects/spring-framework)
- Spring Web (from https://github.com/spring-projects/spring-framework)
- Spring Web MVC (from https://github.com/spring-projects/spring-framework)
- StAX (from http://stax.codehaus.org/)
- StAX API (from http://stax.codehaus.org/)
- T-Digest (from https://github.com/tdunning/t-digest)
- Undertow Core (from )
- Undertow Servlet (from )
...
...
@@ -230,6 +242,7 @@ The following software have components provided under the terms of this license:
- Woodstox (from https://github.com/FasterXML/woodstox)
- XNIO API (from http://www.jboss.org/xnio)
- XNIO NIO Implementation (from )
- aalto-xml (from )
- aggs-matrix-stats (from https://github.com/elastic/elasticsearch)
- cli (from https://github.com/elastic/elasticsearch)
- com.google.api.grpc:proto-google-cloud-monitoring-v3 (from https://github.com/googleapis/googleapis)
...
...
@@ -327,6 +340,8 @@ The following software have components provided under the terms of this license:
- Jodd BeanUtil (from http://jodd.org)
- Jodd Core (from http://jodd.org)
- Lucene Common Analyzers (from )
- Lucene Core (from )
- StAX (from http://stax.codehaus.org/)
- Stax2 API (from http://github.com/FasterXML/stax2-api)
- ThreeTen backport (from https://www.threeten.org/threetenbp)
...
...
@@ -338,7 +353,6 @@ The following software have components provided under the terms of this license:
- API Common (from https://github.com/googleapis)
- ASM Core (from )
- Apache Commons Codec (from http://commons.apache.org/proper/commons-codec/)
- Apache Commons Codec (from http://commons.apache.org/proper/commons-codec/)
- Apache Ivy (from http://ant.apache.org/ivy/)
- DSL Platform JSON (Java 8 API) (from https://github.com/ngs-doo/dsl-json)
- DSL Platform JSON (core) (from https://github.com/ngs-doo/dsl-json)
...
...
@@ -370,6 +384,7 @@ The following software have components provided under the terms of this license:
- Redisson (from http://redisson.org)
- Reflections (from http://github.com/ronmamo/reflections)
- SnakeYAML (from http://www.snakeyaml.org)
- SnakeYAML (from http://www.snakeyaml.org)
- Spring Core (from https://github.com/spring-projects/spring-framework)
- Stax2 API (from http://github.com/FasterXML/stax2-api)
- ThreeTen backport (from https://www.threeten.org/threetenbp)
...
...
@@ -408,7 +423,6 @@ CDDL-1.0
========================================================================
The following software have components provided under the terms of this license:
- JavaMail API (from )
- javax.annotation-api (from http://jcp.org/en/jsr/detail?id=250)
========================================================================
...
...
@@ -417,7 +431,6 @@ CDDL-1.1
The following software have components provided under the terms of this license:
- JavaBeans Activation Framework (from )
- JavaBeans(TM) Activation Framework (from http://java.sun.com/javase/technologies/desktop/javabeans/jaf/index.jsp)
- tomcat-embed-core (from http://tomcat.apache.org/)
- tomcat-embed-core (from http://tomcat.apache.org/)
...
...
@@ -447,6 +460,7 @@ The following software have components provided under the terms of this license:
- Microsoft Application Insights Java SDK Web Module (from https://github.com/Microsoft/ApplicationInsights-Java)
- Microsoft Application Insights Log4j 2 Appender (from https://github.com/Microsoft/ApplicationInsights-Java)
- SnakeYAML (from http://www.snakeyaml.org)
- SnakeYAML (from http://www.snakeyaml.org)
- jakarta.annotation-api (from https://projects.eclipse.org/projects/ee4j.ca)
- org.junit.jupiter:junit-jupiter-api (from http://junit.org/junit5/)
- org.junit.jupiter:junit-jupiter-engine (from http://junit.org/junit5/)
...
...
@@ -479,7 +493,6 @@ The following software have components provided under the terms of this license:
- Commons Lang (from http://commons.apache.org/lang/)
- JavaBeans Activation Framework (from )
- JavaMail API (from )
- javax.annotation-api (from http://jcp.org/en/jsr/detail?id=250)
- tomcat-embed-core (from http://tomcat.apache.org/)
- tomcat-embed-core (from http://tomcat.apache.org/)
...
...
@@ -489,6 +502,7 @@ GPL-2.0-or-later
========================================================================
The following software have components provided under the terms of this license:
- SnakeYAML (from http://www.snakeyaml.org)
- SnakeYAML (from http://www.snakeyaml.org)
========================================================================
...
...
@@ -503,7 +517,6 @@ The following software have components provided under the terms of this license:
- Java Servlet API (from https://projects.eclipse.org/projects/ee4j.servlet)
- Java(TM) API for WebSocket (from )
- JavaBeans Activation Framework (from )
- JavaMail API (from )
- jakarta.annotation-api (from https://projects.eclipse.org/projects/ee4j.ca)
- javax.annotation-api (from http://jcp.org/en/jsr/detail?id=250)
- tomcat-embed-core (from http://tomcat.apache.org/)
...
...
@@ -518,7 +531,6 @@ The following software have components provided under the terms of this license:
- Expression Language 3.0 (from https://projects.eclipse.org/projects/ee4j.el)
- Java Servlet 4.0 API (from )
- Java Servlet API (from https://projects.eclipse.org/projects/ee4j.servlet)
- Netty/Codec (from )
- Project Lombok (from https://projectlombok.org)
- Project Lombok (from https://projectlombok.org)
- jakarta.annotation-api (from https://projects.eclipse.org/projects/ee4j.ca)
...
...
@@ -556,6 +568,7 @@ The following software have components provided under the terms of this license:
- JBoss Threads (from )
- Javassist (from http://www.javassist.org/)
- SnakeYAML (from http://www.snakeyaml.org)
- SnakeYAML (from http://www.snakeyaml.org)
========================================================================
LGPL-3.0-only
...
...
@@ -575,7 +588,6 @@ The following software have components provided under the terms of this license:
- Azure Java Client Runtime for AutoRest (from https://github.com/Azure/autorest-clientruntime-for-java)
- Azure Metrics Spring Boot Starter (from https://github.com/Microsoft/azure-spring-boot)
- Azure Spring Boot AutoConfigure (from https://github.com/Microsoft/azure-spring-boot)
- Azure Spring Boot Starter (from https://github.com/Microsoft/azure-spring-boot)
- Checker Qual (from https://checkerframework.org)
- Checker Qual (from https://checkerframework.org)
- Extensions on Apache Proton-J library (from https://github.com/Azure/qpid-proton-j-extensions)
...
...
@@ -585,7 +597,6 @@ The following software have components provided under the terms of this license:
- Java JWT (from http://www.jwt.io)
- Jodd Core (from http://jodd.org)
- Lucene Core (from )
- Lucene Sandbox (from )
- Microsoft Application Insights Java SDK Core (from https://github.com/Microsoft/ApplicationInsights-Java)
- Microsoft Application Insights Java SDK Spring Boot starter (from https://github.com/Microsoft/ApplicationInsights-Java)
- Microsoft Application Insights Java SDK Web Module (from https://github.com/Microsoft/ApplicationInsights-Java)
...
...
@@ -595,25 +606,29 @@ The following software have components provided under the terms of this license:
- Microsoft Azure SDK annotations (from https://github.com/Microsoft/java-api-annotations)
- Microsoft Azure SDK for SQL API of Azure Cosmos DB Service (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure SDK for Service Bus (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure SDK for eventgrid (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure client library for Blob Storage (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure client library for Identity (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure client library for KeyVault Secrets (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure common module for Storage (from https://github.com/Azure/azure-sdk-for-java)
- M
ockito
(from http://
www.mockito.org
)
- M
icrosoft Azure internal Avro module for Storage
(from http
s
://
github.com/Azure/azure-sdk-for-java
)
- Mockito (from http://mockito.org)
- Mockito (from http://www.mockito.org)
- Netty/All-in-One (from )
- Netty/Codec/HTTP (from )
- Netty/Common (from )
- Netty/Transport/Native/Unix/Common (from )
- Project Lombok (from https://projectlombok.org)
- Project Lombok (from https://projectlombok.org)
- SLF4J API Module (from http://www.slf4j.org)
- Spongy Castle (from http://rtyley.github.io/spongycastle/)
- Spring Data Gremlin (from https://github.com/Microsoft/spring-data-gremlin)
- Spring Data for Azure Cosmos DB SQL API (from https://github.com/Azure/azure-sdk-for-java/tree/master/sdk/cosmos/azure-spring-data-cosmos)
- adal4j (from https://github.com/AzureAD/azure-activedirectory-library-for-java)
- jbcrypt (from http://www.mindrot.org/)
- micrometer-core (from https://github.com/micrometer-metrics/micrometer)
- mockito-junit-jupiter (from https://github.com/mockito/mockito)
- msal4j (from https://github.com/AzureAD/microsoft-authentication-library-for-java)
- msal4j-persistence-extension (from https://github.com/AzureAD/microsoft-authentication-extensions-for-java)
- spring-security-core (from http://spring.io/spring-security)
========================================================================
...
...
@@ -648,6 +663,7 @@ The following software have components provided under the terms of this license:
- HdrHistogram (from http://hdrhistogram.github.io/HdrHistogram/)
- LatencyUtils (from http://latencyutils.github.io/LatencyUtils/)
- Spongy Castle (from http://rtyley.github.io/spongycastle/)
========================================================================
SPL-1.0
...
...
@@ -680,6 +696,8 @@ The following software have components provided under the terms of this license:
- Project Lombok (from https://projectlombok.org)
- Project Lombok (from https://projectlombok.org)
- Spring Web (from https://github.com/spring-projects/spring-framework)
- StAX API (from http://stax.codehaus.org/)
- msal4j (from https://github.com/AzureAD/microsoft-authentication-library-for-java)
- reactive-streams (from http://www.reactive-streams.org/)
========================================================================
...
...
@@ -693,7 +711,7 @@ The following software have components provided under the terms of this license:
- JUnit (from http://junit.org)
- JUnit Jupiter (Aggregator) (from https://junit.org/junit5/)
- JavaBeans Activation Framework API jar (from )
-
JavaMail API (from
)
-
Spongy Castle (from http://rtyley.github.io/spongycastle/
)
- jakarta.xml.bind-api (from )
- org.junit.jupiter:junit-jupiter-api (from http://junit.org/junit5/)
- org.junit.jupiter:junit-jupiter-engine (from http://junit.org/junit5/)
...
...
devops/azure/chart/Chart.yaml
View file @
08cb652f
...
...
@@ -13,7 +13,7 @@
# limitations under the License.
apiVersion
:
v2
name
:
entitlements
-v2
name
:
entitlements
appVersion
:
"
latest"
description
:
Helm Chart for installing entitlements-v2 service.
version
:
0.1.0
...
...
devops/azure/chart/helm-config.yaml
View file @
08cb652f
...
...
@@ -16,14 +16,3 @@ image:
server
:
servlet
:
contextPath
:
/entitlements/v2
app
:
gremlin
:
endpoint
:
#{GREMLIN_ENDPOINT}#
username
:
#{GREMLIN_USERNAME}#
cosmosdb
:
cosmosDbAccountName
:
#{COSMOS_DB_ACCOUNT_NAME}#
resourceGroup
:
#{AZURE_RESOURCE_GROUP}#
subscriptionId
:
#{AZURE_SUBSCRIPTION_ID}#
integration
:
tester
:
#{INTEGRATION_TESTER}#
devops/azure/chart/templates/azure-istio-auth-policy.yaml
View file @
08cb652f
...
...
@@ -15,7 +15,7 @@
apiVersion
:
security.istio.io/v1beta1
kind
:
AuthorizationPolicy
metadata
:
name
:
{{
.Chart.Name
}}
-jwt-authz
name
:
{{
.Chart.Name
}}
-
v2-
jwt-authz
namespace
:
osdu
spec
:
selector
:
...
...
devops/azure/chart/templates/deployment.yaml
View file @
08cb652f
...
...
@@ -71,19 +71,7 @@ spec:
key
:
appinsights
-
name
:
partition_service_endpoint
value
:
http://partition/api/partition/v1
-
name
:
GREMLIN_ENDPOINT
value
:
{{
.Values.app.gremlin.endpoint
}}
-
name
:
GREMLIN_USERNAME
value
:
{{
.Values.app.gremlin.username
}}
-
name
:
cosmosdb_database
value
:
osdu-db
-
name
:
COSMOS_DB_ACCOUNT_NAME
value
:
{{
.Values.app.cosmosdb.cosmosDbAccountName
}}
-
name
:
AZURE_RESOURCE_GROUP
value
:
{{
.Values.app.cosmosdb.resourceGroup
}}
-
name
:
AZURE_SUBSCRIPTION_ID
value
:
{{
.Values.app.cosmosdb.subscriptionId
}}
-
name
:
INTEGRATION_TESTER
value
:
{{
.Values.app.integration.tester
}}
-
name
:
azure_istioauth_enabled
value
:
"
true"
\ No newline at end of file
devops/azure/chart/values.yaml
View file @
08cb652f
...
...
@@ -23,16 +23,3 @@ image:
server
:
servlet
:
contextPath
:
/entitlements/v2
app
:
gremlin
:
endpoint
:
"
"
port
:
8901
username
:
"
"
sslEnabled
:
true
cosmosdb
:
cosmosDbAccountName
:
"
"
resourceGroup
:
"
"
subscriptionId
:
"
"
integration
:
tester
:
"
"
\ No newline at end of file
devops/azure/development-pipeline.yml
View file @
08cb652f
...
...
@@ -47,14 +47,15 @@ variables:
value
:
$[ resources.repositories['FluxRepo'].name ]
-
name
:
SKIP_TESTS
value
:
'
false'
-
name
:
'
MAVEN_CACHE_FOLDER'
value
:
$(Pipeline.Workspace)/.m2/repository
stages
:
-
template
:
/devops/build-stage.yml@TemplateRepo
parameters
:
mavenGoal
:
'
package'
mavenPublishJUnitResults
:
true
serviceCoreMavenOptions
:
'
-P
entitlements-v2-core'
mavenOptions
:
'
-P
entitlements-v2-azure'
mavenOptions
:
'
-pl
provider/entitlements-v2-azure
-am
-Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
copyFileContents
:
|
pom.xml
provider/entitlements-v2-azure/maven/settings.xml
...
...
devops/azure/pipeline.yml
View file @
08cb652f
...
...
@@ -47,14 +47,15 @@ variables:
value
:
$[ resources.repositories['FluxRepo'].name ]
-
name
:
SKIP_TESTS
value
:
'
false'
-
name
:
'
MAVEN_CACHE_FOLDER'
value
:
$(Pipeline.Workspace)/.m2/repository
stages
:
-
template
:
/devops/build-stage.yml@TemplateRepo
parameters
:
mavenGoal
:
'
package'
mavenPublishJUnitResults
:
true
serviceCoreMavenOptions
:
'
-P
entitlements-v2-core'
mavenOptions
:
'
-P
entitlements-v2-azure'
mavenOptions
:
'
-pl
provider/entitlements-v2-azure
-am
-Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
copyFileContents
:
|
pom.xml
provider/entitlements-v2-azure/maven/settings.xml
...
...
@@ -71,7 +72,7 @@ stages:
chartPath
:
${{ variables.chartPath }}
valuesFile
:
${{ variables.valuesFile }}
testCoreMavenPomFile
:
'
testing/entitlements-v2-test-core/pom.xml'
testCoreMavenOptions
:
'
'
testCoreMavenOptions
:
'
-Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)
'
skipDeploy
:
${{ variables.SKIP_DEPLOY }}
skipTest
:
${{ variables.SKIP_TESTS }}
providers
:
...
...
entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/AppProperties.java
View file @
08cb652f
...
...
@@ -16,8 +16,6 @@ public abstract class AppProperties {
private
String
domain
;
@Value
(
"${ACCEPT_HTTP:false}"
)
private
boolean
httpAccepted
;
@Value
(
"${app.integration.tester}"
)
private
String
integrationTester
;
public
String
getProjectId
()
{
return
projectId
;
...
...
@@ -31,10 +29,6 @@ public abstract class AppProperties {
return
httpAccepted
;
}
public
String
getIntegrationTester
()
{
return
integrationTester
;
}
public
List
<
String
>
getInitialGroups
()
{
List
<
String
>
initialGroups
=
new
ArrayList
<>(
3
);
initialGroups
.
add
(
"/provisioning/groups/datalake_user_groups.json"
);
...
...
entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/ListGroupService.java
View file @
08cb652f
...
...
@@ -36,12 +36,14 @@ public class ListGroupService {
log
.
info
(
String
.
format
(
"ListGroupService#run cache look up done timestamp: %d"
,
System
.
currentTimeMillis
()));
try
{
String
serviceAccount
=
requestInfo
.
getTenantInfo
().
getServiceAccount
();
if
(
serviceAccount
.
equalsIgnoreCase
(
requesterId
)
||
Strings
.
isNullOrEmpty
(
listGroupServiceDto
.
getAppId
()))
{
// TODO: Uncomment when AppId filter is optimized. The current logic is RU expensive,
// so we temporarily disable for now. US https://dev.azure.com/slb-swt/data-at-rest/_workitems/edit/599488
// if (serviceAccount.equalsIgnoreCase(requesterId) || Strings.isNullOrEmpty(listGroupServiceDto.getAppId())) {
auditLogger
.
listGroup
(
AuditStatus
.
SUCCESS
,
fetchParentIds
(
groups
));
return
groups
;
}
else
{
return
filterGroupsByAppId
(
groups
,
listGroupServiceDto
);
}
//
} else {
//
return filterGroupsByAppId(groups, listGroupServiceDto);
//
}
}
catch
(
Exception
e
)
{
auditLogger
.
listGroup
(
AuditStatus
.
FAILURE
,
new
ArrayList
<>());
throw
e
;
...
...
entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/util/RequestInfoUtilService.java
View file @
08cb652f
...
...
@@ -26,13 +26,7 @@ public class RequestInfoUtilService {
}
public
String
getUserId
(
final
DpsHeaders
dpsHeaders
)
{
String
userId
=
jwtClaimExtractor
.
extract
(
dpsHeaders
.
getAuthorization
()).
getUserId
();
// TODO: remove this temporary logic after integration tester's permission is properly set up
String
integrationTesterId
=
appProperties
.
getIntegrationTester
();
if
(
userId
.
equalsIgnoreCase
(
integrationTesterId
))
{
userId
=
"integration_tester_entitlements@desid.com"
;
}
return
userId
;
return
jwtClaimExtractor
.
extract
(
dpsHeaders
.
getAuthorization
()).
getUserId
();
}
public
String
getDomain
(
final
String
partitionId
)
{
...
...
entitlements-v2-core/src/test/java/org/opengroup/osdu/entitlements/v2/service/ListGroupServiceTests.java
View file @
08cb652f
package
org.opengroup.osdu.entitlements.v2.service
;
import
org.junit.Before
;
import
org.junit.Ignore
;
import
org.junit.Test
;
import
org.junit.runner.RunWith
;
import
org.opengroup.osdu.core.common.logging.JaxRsDpsLog
;
...
...
@@ -132,6 +133,8 @@ public class ListGroupServiceTests {
verify
(
auditLogger
).
listGroup
(
eq
(
AuditStatus
.
SUCCESS
),
any
());
}
// TODO: Unignore when AppId filter is enabled. US https://dev.azure.com/slb-swt/data-at-rest/_workitems/edit/599488
@Ignore
@Test
public
void
should_filterByAppId_ifNormalCaller
()
{
List
<
String
>
partitionIds
=
Arrays
.
asList
(
"dp"
,
"dp1"
);
...
...
provider/entitlements-v2-azure/src/main/java/org/opengroup/osdu/entitlements/v2/azure/AzureAppProperties.java
View file @
08cb652f
package
org.opengroup.osdu.entitlements.v2.azure
;
import
com.azure.security.keyvault.secrets.SecretClient
;
import
lombok.Getter
;
import
org.opengroup.osdu.azure.KeyVaultFacade
;
import
org.opengroup.osdu.entitlements.v2.AppProperties
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.stereotype.Component
;
@Component
@Getter
public
class
AzureAppProperties
extends
AppProperties
{
@Value
(
"${app.gremlin.endpoint}"
)
private
String
gremlinEndpoint
;
@Value
(
"${app.gremlin.port}"
)
private
int
gremlinPort
;
@Value
(
"${app.gremlin.username}"
)
private
String
gremlinUsername
;
@Value
(
"${app.gremlin.password}"
)
private
String
gremlinPassword
;
@Value
(
"${app.gremlin.sslEnabled}"
)
private
boolean
gremlinSslEnabled
;
@Autowired
private
SecretClient
secretClient
;
@Value
(
"${app.graph.db.port}"
)
private
int
graphDbPort
;
@Value
(
"${app.graph.db.username}"
)
private
String
graphDbUsername
;
@Value
(
"${app.graph.db.sslEnabled}"
)
private
boolean
graphDbSslEnabled
;
@Value
(
"${tenantInfo.container.name}"
)
private
String
tenantInfoContainerName
;
@Value
(
"${azure.cosmosdb.database}"
)
private
String
cosmosDbName
;
@Value
(
"${app.cosmosdb.subscriptionId}"
)
private
String
subscriptionId
;
@Value
(
"${app.cosmosdb.resourceGroup}"
)
private
String
resourceGroup
;
@Value
(
"${app.cosmosdb.cosmosDbAccountName}"
)
private
String
cosmosDbAccountName
;
public
boolean
hasCosmosDbConfig
()
{
return
!(
subscriptionId
.
isEmpty
()
&&
resourceGroup
.
isEmpty
()
&&
cosmosDbAccountName
.
isEmpty
());
}
public
String
getGremlinEndpoint
()
{
return
gremlinEndpoint
;
}
public
int
getGremlinPort
()
{
return
gremlinPort
;
}
public
String
getGremlinUsername
()
{
return
gremlinUsername
;
}
public
String
getGremlinPassword
()
{
return
gremlinPassword
;
}
public
boolean
isGremlinSslEnabled
()
{
return
gremlinSslEnabled
;
}
public
String
getTenantInfoContainerName
()
{
return
tenantInfoContainerName
;
}
public
String
getCosmosDbName
()
{
return
cosmosDbName
;
}
public
String
getSubscriptionId
()
{
return
subscriptionId
;
}
public
String
get
ResourceGroup
()
{
return
resourceGroup
;
public
String
get
GraphDbPassword
()
{
return
KeyVaultFacade
.
getSecretWithValidation
(
secretClient
,
"graph-db-primary-key"
)
;
}
public
String
get
CosmosDbAccountName
()
{
return
cosmosDbAccountName
;
public
String
get
GraphDbEndpoint
()
{
return
KeyVaultFacade
.
getSecretWithValidation
(
secretClient
,
"graph-db-endpoint"
)
;
}
}
provider/entitlements-v2-azure/src/main/java/org/opengroup/osdu/entitlements/v2/azure/spi/gremlin/connection/ClusterGremlinConnector.java
View file @
08cb652f
package
org.opengroup.osdu.entitlements.v2.azure.spi.gremlin.connection
;
import
com.azure.core.http.HttpClient
;
import
com.azure.core.http.HttpMethod
;
import
com.azure.core.http.HttpRequest
;
import
com.azure.core.http.HttpResponse
;
import
com.google.gson.Gson
;
import
com.google.gson.JsonObject
;
import
lombok.RequiredArgsConstructor
;
import
org.apache.tinkerpop.gremlin.driver.Client
;
import
org.apache.tinkerpop.gremlin.driver.Cluster
;
...
...
@@ -26,12 +20,10 @@ import org.opengroup.osdu.entitlements.v2.azure.model.NodeVertex;
import
org.opengroup.osdu.entitlements.v2.azure.service.VertexUtilService
;
import
org.springframework.http.HttpStatus
;
import
org.springframework.stereotype.Component
;
import
reactor.core.publisher.Mono
;
import
javax.annotation.PostConstruct
;
import
java.util.List
;
import
java.util.Map
;
import
java.util.Objects
;
import
java.util.Optional
;
import
java.util.concurrent.CompletableFuture
;
import
java.util.concurrent.ExecutionException
;
...
...
@@ -43,11 +35,16 @@ public class ClusterGremlinConnector implements GremlinConnector {
private
static
final
int
MAX_IN_PROCESS
=
16
;
private
static
final
String
TRAVERSAL_SUBMIT_ERROR_MESSAGE
=
"Error submitting traversal"
;
private
static
final
String
RETRIEVING_RESULT_SET_ERROR_MESSAGE
=
"Error retrieving ResultSet object"
;
private
static
final
String
MSI_HOST
=
"http://169.254.169.254/"
;