Commit 08cb652f authored by Rostislav Vatolin [SLB]'s avatar Rostislav Vatolin [SLB]
Browse files

Revert "add trufflehog exclude"

This reverts commit 2146d9c9.
parent 1d1ac82d
{
"tool": "Credential Scanner",
"suppressions": [
{
"file": "JwtClaimExtractorTest.java",
"_justification": "Unit test contains fake tokens."
}
]
}
\ No newline at end of file
variables:
AZURE_SERVICE: entitlements
AZURE_SERVICE: entitlements-v2
AZURE_BUILD_SUBDIR: provider/entitlements-v2-azure
AZURE_TEST_SUBDIR: testing/entitlements-v2-test-azure
......
......@@ -9,6 +9,13 @@ The following software have components provided under the terms of this license:
- Android SDK (from https://www.android.com/)
========================================================================
Apache-1.1
========================================================================
The following software have components provided under the terms of this license:
- StAX (from http://stax.codehaus.org/)
========================================================================
Apache-2.0
========================================================================
......@@ -18,16 +25,11 @@ The following software have components provided under the terms of this license:
- ASM based accessors helper used by json-smart (from )
- Adapter: RxJava (from )
- Admin Directory API directory_v1-rev77-1.22.0 (from )
- Apache Commons BeanUtils (from http://commons.apache.org/proper/commons-beanutils/)
- Apache Commons Codec (from http://commons.apache.org/proper/commons-codec/)
- Apache Commons Codec (from http://commons.apache.org/proper/commons-codec/)
- Apache Commons Collections (from http://commons.apache.org/proper/commons-collections/)
- Apache Commons Configuration (from http://commons.apache.org/configuration/)
- Apache Commons Lang (from http://commons.apache.org/proper/commons-lang/)
- Apache Commons Logging (from http://commons.apache.org/proper/commons-logging/)
- Apache Commons Pool (from http://commons.apache.org/proper/commons-pool/)
- Apache Commons Text (from http://commons.apache.org/proper/commons-text/)
- Apache Commons Validator (from http://commons.apache.org/proper/commons-validator/)
- Apache Groovy (from http://groovy-lang.org)
- Apache Groovy (from http://groovy-lang.org)
- Apache Groovy (from http://groovy-lang.org)
......@@ -53,14 +55,13 @@ The following software have components provided under the terms of this license:
- Asynchronous Http Client (from )
- Asynchronous Http Client Netty Utils (from )
- AutoValue Annotations (from )
- Azure Metrics Spring Boot Starter (from https://github.com/Microsoft/azure-spring-boot)
- Bean Validation API (from http://beanvalidation.org)
- Byte Buddy (without dependencies) (from )
- Byte Buddy Java agent (from )
- Caffeine cache (from https://github.com/ben-manes/caffeine)
- ClassMate (from http://github.com/cowtowncoder/java-classmate)
- Cloud Storage JSON API v1-rev58-1.21.0 (from )
- Commons Digester (from http://commons.apache.org/digester/)
- Commons IO (from http://commons.apache.org/io/)
- Commons IO (from http://commons.apache.org/io/)
- Commons Lang (from http://commons.apache.org/lang/)
- Converter: Jackson (from )
......@@ -90,6 +91,7 @@ The following software have components provided under the terms of this license:
- HPPC Collections (from http://labs.carrotsearch.com)
- Hibernate Validator Engine (from )
- Identity and Access Management (IAM) API v1-rev247-1.23.0 (from )
- IntelliJ IDEA Annotations (from http://www.jetbrains.org)
- J2ObjC Annotations (from https://github.com/google/j2objc/)
- JBoss Logging 3 (from http://www.jboss.org)
- JBoss Marshalling API (from )
......@@ -115,6 +117,7 @@ The following software have components provided under the terms of this license:
- Jackson-dataformat-YAML (from https://github.com/FasterXML/jackson)
- Jackson-datatype-Joda (from http://wiki.fasterxml.com/JacksonModuleJoda)
- Jackson-datatype-jdk8 (from )
- Jackson-module-Afterburner (from http://wiki.fasterxml.com/JacksonHome)
- Jackson-module-JAXB-annotations (from http://wiki.fasterxml.com/JacksonJAXBAnnotations)
- Jackson-module-parameter-names (from )
- Jakarta Bean Validation API (from https://beanvalidation.org)
......@@ -122,12 +125,17 @@ The following software have components provided under the terms of this license:
- Java Native Access Platform (from https://github.com/java-native-access/jna)
- Java Servlet 4.0 API (from )
- Java Servlet API (from https://projects.eclipse.org/projects/ee4j.servlet)
- Java UUID Generator (from http://wiki.fasterxml.com/JugHome)
- JavaPoet (from http://github.com/square/javapoet/)
- Javassist (from http://www.javassist.org/)
- Javassist (from http://www.javassist.org/)
- Joda-Time (from http://www.joda.org/joda-time/)
- Json Path (from https://github.com/jayway/JsonPath)
- KeePassJava2 :: All (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2)
- KeePassJava2 :: DOM (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2-dom)
- KeePassJava2 :: JAXB (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2-jaxb)
- KeePassJava2 :: KDB (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2-kdb)
- KeePassJava2 :: KDBX (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2-kdbx)
- KeePassJava2 :: Simple (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2-simple)
- Lettuce (from http://github.com/lettuce-io/lettuce-core)
- Lucene Common Analyzers (from )
- Lucene Core (from )
......@@ -140,7 +148,6 @@ The following software have components provided under the terms of this license:
- Lucene Queries (from )
- Lucene QueryParsers (from )
- Lucene Sandbox (from )
- Lucene Spatial (from )
- Lucene Spatial 3D (from )
- Lucene Spatial Extras (from )
- Lucene Suggest (from )
......@@ -151,6 +158,7 @@ The following software have components provided under the terms of this license:
- Microsoft Application Insights Java SDK Web Module (from https://github.com/Microsoft/ApplicationInsights-Java)
- Microsoft Application Insights Log4j 2 Appender (from https://github.com/Microsoft/ApplicationInsights-Java)
- Microsoft Azure Netty HTTP Client Library (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure SDK for SQL API of Azure Cosmos DB Service (from https://github.com/Azure/azure-sdk-for-java)
- Mockito (from http://mockito.org)
- Mockito (from http://www.mockito.org)
- Netty Reactive Streams Implementation (from )
......@@ -184,12 +192,14 @@ The following software have components provided under the terms of this license:
- OpenCensus (from https://github.com/census-instrumentation/opencensus-java)
- OpenCensus (from https://github.com/census-instrumentation/opencensus-java)
- OpenCensus (from https://github.com/census-instrumentation/opencensus-java)
- PWDB :: Database (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/database)
- PowerMock (from http://www.powermock.org)
- Protocol Buffer extensions to the Google HTTP Client Library for Java. (from )
- Reactive Object Pool (from https://github.com/reactor/reactor-pool)
- Reactive Streams Netty driver (from https://github.com/reactor/reactor-netty)
- Redisson (from http://redisson.org)
- Retrofit (from )
- Simple XML (from http://simple.sourceforge.net)
- SnakeYAML (from http://www.snakeyaml.org)
- SnakeYAML (from http://www.snakeyaml.org)
- Spring AOP (from https://github.com/spring-projects/spring-framework)
- Spring Beans (from https://github.com/spring-projects/spring-framework)
......@@ -220,6 +230,8 @@ The following software have components provided under the terms of this license:
- Spring Transaction (from https://github.com/spring-projects/spring-framework)
- Spring Web (from https://github.com/spring-projects/spring-framework)
- Spring Web MVC (from https://github.com/spring-projects/spring-framework)
- StAX (from http://stax.codehaus.org/)
- StAX API (from http://stax.codehaus.org/)
- T-Digest (from https://github.com/tdunning/t-digest)
- Undertow Core (from )
- Undertow Servlet (from )
......@@ -230,6 +242,7 @@ The following software have components provided under the terms of this license:
- Woodstox (from https://github.com/FasterXML/woodstox)
- XNIO API (from http://www.jboss.org/xnio)
- XNIO NIO Implementation (from )
- aalto-xml (from )
- aggs-matrix-stats (from https://github.com/elastic/elasticsearch)
- cli (from https://github.com/elastic/elasticsearch)
- com.google.api.grpc:proto-google-cloud-monitoring-v3 (from https://github.com/googleapis/googleapis)
......@@ -327,6 +340,8 @@ The following software have components provided under the terms of this license:
- Jodd BeanUtil (from http://jodd.org)
- Jodd Core (from http://jodd.org)
- Lucene Common Analyzers (from )
- Lucene Core (from )
- StAX (from http://stax.codehaus.org/)
- Stax2 API (from http://github.com/FasterXML/stax2-api)
- ThreeTen backport (from https://www.threeten.org/threetenbp)
......@@ -338,7 +353,6 @@ The following software have components provided under the terms of this license:
- API Common (from https://github.com/googleapis)
- ASM Core (from )
- Apache Commons Codec (from http://commons.apache.org/proper/commons-codec/)
- Apache Commons Codec (from http://commons.apache.org/proper/commons-codec/)
- Apache Ivy (from http://ant.apache.org/ivy/)
- DSL Platform JSON (Java 8 API) (from https://github.com/ngs-doo/dsl-json)
- DSL Platform JSON (core) (from https://github.com/ngs-doo/dsl-json)
......@@ -370,6 +384,7 @@ The following software have components provided under the terms of this license:
- Redisson (from http://redisson.org)
- Reflections (from http://github.com/ronmamo/reflections)
- SnakeYAML (from http://www.snakeyaml.org)
- SnakeYAML (from http://www.snakeyaml.org)
- Spring Core (from https://github.com/spring-projects/spring-framework)
- Stax2 API (from http://github.com/FasterXML/stax2-api)
- ThreeTen backport (from https://www.threeten.org/threetenbp)
......@@ -408,7 +423,6 @@ CDDL-1.0
========================================================================
The following software have components provided under the terms of this license:
- JavaMail API (from )
- javax.annotation-api (from http://jcp.org/en/jsr/detail?id=250)
========================================================================
......@@ -417,7 +431,6 @@ CDDL-1.1
The following software have components provided under the terms of this license:
- JavaBeans Activation Framework (from )
- JavaBeans(TM) Activation Framework (from http://java.sun.com/javase/technologies/desktop/javabeans/jaf/index.jsp)
- tomcat-embed-core (from http://tomcat.apache.org/)
- tomcat-embed-core (from http://tomcat.apache.org/)
......@@ -447,6 +460,7 @@ The following software have components provided under the terms of this license:
- Microsoft Application Insights Java SDK Web Module (from https://github.com/Microsoft/ApplicationInsights-Java)
- Microsoft Application Insights Log4j 2 Appender (from https://github.com/Microsoft/ApplicationInsights-Java)
- SnakeYAML (from http://www.snakeyaml.org)
- SnakeYAML (from http://www.snakeyaml.org)
- jakarta.annotation-api (from https://projects.eclipse.org/projects/ee4j.ca)
- org.junit.jupiter:junit-jupiter-api (from http://junit.org/junit5/)
- org.junit.jupiter:junit-jupiter-engine (from http://junit.org/junit5/)
......@@ -479,7 +493,6 @@ The following software have components provided under the terms of this license:
- Commons Lang (from http://commons.apache.org/lang/)
- JavaBeans Activation Framework (from )
- JavaMail API (from )
- javax.annotation-api (from http://jcp.org/en/jsr/detail?id=250)
- tomcat-embed-core (from http://tomcat.apache.org/)
- tomcat-embed-core (from http://tomcat.apache.org/)
......@@ -489,6 +502,7 @@ GPL-2.0-or-later
========================================================================
The following software have components provided under the terms of this license:
- SnakeYAML (from http://www.snakeyaml.org)
- SnakeYAML (from http://www.snakeyaml.org)
========================================================================
......@@ -503,7 +517,6 @@ The following software have components provided under the terms of this license:
- Java Servlet API (from https://projects.eclipse.org/projects/ee4j.servlet)
- Java(TM) API for WebSocket (from )
- JavaBeans Activation Framework (from )
- JavaMail API (from )
- jakarta.annotation-api (from https://projects.eclipse.org/projects/ee4j.ca)
- javax.annotation-api (from http://jcp.org/en/jsr/detail?id=250)
- tomcat-embed-core (from http://tomcat.apache.org/)
......@@ -518,7 +531,6 @@ The following software have components provided under the terms of this license:
- Expression Language 3.0 (from https://projects.eclipse.org/projects/ee4j.el)
- Java Servlet 4.0 API (from )
- Java Servlet API (from https://projects.eclipse.org/projects/ee4j.servlet)
- Netty/Codec (from )
- Project Lombok (from https://projectlombok.org)
- Project Lombok (from https://projectlombok.org)
- jakarta.annotation-api (from https://projects.eclipse.org/projects/ee4j.ca)
......@@ -556,6 +568,7 @@ The following software have components provided under the terms of this license:
- JBoss Threads (from )
- Javassist (from http://www.javassist.org/)
- SnakeYAML (from http://www.snakeyaml.org)
- SnakeYAML (from http://www.snakeyaml.org)
========================================================================
LGPL-3.0-only
......@@ -575,7 +588,6 @@ The following software have components provided under the terms of this license:
- Azure Java Client Runtime for AutoRest (from https://github.com/Azure/autorest-clientruntime-for-java)
- Azure Metrics Spring Boot Starter (from https://github.com/Microsoft/azure-spring-boot)
- Azure Spring Boot AutoConfigure (from https://github.com/Microsoft/azure-spring-boot)
- Azure Spring Boot Starter (from https://github.com/Microsoft/azure-spring-boot)
- Checker Qual (from https://checkerframework.org)
- Checker Qual (from https://checkerframework.org)
- Extensions on Apache Proton-J library (from https://github.com/Azure/qpid-proton-j-extensions)
......@@ -585,7 +597,6 @@ The following software have components provided under the terms of this license:
- Java JWT (from http://www.jwt.io)
- Jodd Core (from http://jodd.org)
- Lucene Core (from )
- Lucene Sandbox (from )
- Microsoft Application Insights Java SDK Core (from https://github.com/Microsoft/ApplicationInsights-Java)
- Microsoft Application Insights Java SDK Spring Boot starter (from https://github.com/Microsoft/ApplicationInsights-Java)
- Microsoft Application Insights Java SDK Web Module (from https://github.com/Microsoft/ApplicationInsights-Java)
......@@ -595,25 +606,29 @@ The following software have components provided under the terms of this license:
- Microsoft Azure SDK annotations (from https://github.com/Microsoft/java-api-annotations)
- Microsoft Azure SDK for SQL API of Azure Cosmos DB Service (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure SDK for Service Bus (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure SDK for eventgrid (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure client library for Blob Storage (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure client library for Identity (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure client library for KeyVault Secrets (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure common module for Storage (from https://github.com/Azure/azure-sdk-for-java)
- Mockito (from http://www.mockito.org)
- Microsoft Azure internal Avro module for Storage (from https://github.com/Azure/azure-sdk-for-java)
- Mockito (from http://mockito.org)
- Mockito (from http://www.mockito.org)
- Netty/All-in-One (from )
- Netty/Codec/HTTP (from )
- Netty/Common (from )
- Netty/Transport/Native/Unix/Common (from )
- Project Lombok (from https://projectlombok.org)
- Project Lombok (from https://projectlombok.org)
- SLF4J API Module (from http://www.slf4j.org)
- Spongy Castle (from http://rtyley.github.io/spongycastle/)
- Spring Data Gremlin (from https://github.com/Microsoft/spring-data-gremlin)
- Spring Data for Azure Cosmos DB SQL API (from https://github.com/Azure/azure-sdk-for-java/tree/master/sdk/cosmos/azure-spring-data-cosmos)
- adal4j (from https://github.com/AzureAD/azure-activedirectory-library-for-java)
- jbcrypt (from http://www.mindrot.org/)
- micrometer-core (from https://github.com/micrometer-metrics/micrometer)
- mockito-junit-jupiter (from https://github.com/mockito/mockito)
- msal4j (from https://github.com/AzureAD/microsoft-authentication-library-for-java)
- msal4j-persistence-extension (from https://github.com/AzureAD/microsoft-authentication-extensions-for-java)
- spring-security-core (from http://spring.io/spring-security)
========================================================================
......@@ -648,6 +663,7 @@ The following software have components provided under the terms of this license:
- HdrHistogram (from http://hdrhistogram.github.io/HdrHistogram/)
- LatencyUtils (from http://latencyutils.github.io/LatencyUtils/)
- Spongy Castle (from http://rtyley.github.io/spongycastle/)
========================================================================
SPL-1.0
......@@ -680,6 +696,8 @@ The following software have components provided under the terms of this license:
- Project Lombok (from https://projectlombok.org)
- Project Lombok (from https://projectlombok.org)
- Spring Web (from https://github.com/spring-projects/spring-framework)
- StAX API (from http://stax.codehaus.org/)
- msal4j (from https://github.com/AzureAD/microsoft-authentication-library-for-java)
- reactive-streams (from http://www.reactive-streams.org/)
========================================================================
......@@ -693,7 +711,7 @@ The following software have components provided under the terms of this license:
- JUnit (from http://junit.org)
- JUnit Jupiter (Aggregator) (from https://junit.org/junit5/)
- JavaBeans Activation Framework API jar (from )
- JavaMail API (from )
- Spongy Castle (from http://rtyley.github.io/spongycastle/)
- jakarta.xml.bind-api (from )
- org.junit.jupiter:junit-jupiter-api (from http://junit.org/junit5/)
- org.junit.jupiter:junit-jupiter-engine (from http://junit.org/junit5/)
......
......@@ -13,7 +13,7 @@
# limitations under the License.
apiVersion: v2
name: entitlements-v2
name: entitlements
appVersion: "latest"
description: Helm Chart for installing entitlements-v2 service.
version: 0.1.0
......
......@@ -16,14 +16,3 @@ image:
server:
servlet:
contextPath: /entitlements/v2
app:
gremlin:
endpoint: #{GREMLIN_ENDPOINT}#
username: #{GREMLIN_USERNAME}#
cosmosdb:
cosmosDbAccountName: #{COSMOS_DB_ACCOUNT_NAME}#
resourceGroup: #{AZURE_RESOURCE_GROUP}#
subscriptionId: #{AZURE_SUBSCRIPTION_ID}#
integration:
tester: #{INTEGRATION_TESTER}#
......@@ -15,7 +15,7 @@
apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
name: {{ .Chart.Name }}-jwt-authz
name: {{ .Chart.Name }}-v2-jwt-authz
namespace: osdu
spec:
selector:
......
......@@ -71,19 +71,7 @@ spec:
key: appinsights
- name: partition_service_endpoint
value: http://partition/api/partition/v1
- name: GREMLIN_ENDPOINT
value: {{ .Values.app.gremlin.endpoint }}
- name: GREMLIN_USERNAME
value: {{ .Values.app.gremlin.username }}
- name: cosmosdb_database
value: osdu-db
- name: COSMOS_DB_ACCOUNT_NAME
value: {{ .Values.app.cosmosdb.cosmosDbAccountName }}
- name: AZURE_RESOURCE_GROUP
value: {{ .Values.app.cosmosdb.resourceGroup }}
- name: AZURE_SUBSCRIPTION_ID
value: {{ .Values.app.cosmosdb.subscriptionId }}
- name: INTEGRATION_TESTER
value: {{ .Values.app.integration.tester}}
- name: azure_istioauth_enabled
value: "true"
\ No newline at end of file
......@@ -23,16 +23,3 @@ image:
server:
servlet:
contextPath: /entitlements/v2
app:
gremlin:
endpoint: ""
port: 8901
username: ""
sslEnabled: true
cosmosdb:
cosmosDbAccountName: ""
resourceGroup: ""
subscriptionId: ""
integration:
tester: ""
\ No newline at end of file
......@@ -47,14 +47,15 @@ variables:
value: $[ resources.repositories['FluxRepo'].name ]
- name: SKIP_TESTS
value: 'false'
- name: 'MAVEN_CACHE_FOLDER'
value: $(Pipeline.Workspace)/.m2/repository
stages:
- template: /devops/build-stage.yml@TemplateRepo
parameters:
mavenGoal: 'package'
mavenPublishJUnitResults: true
serviceCoreMavenOptions: '-P entitlements-v2-core'
mavenOptions: '-P entitlements-v2-azure'
mavenOptions: '-pl provider/entitlements-v2-azure -am -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
copyFileContents: |
pom.xml
provider/entitlements-v2-azure/maven/settings.xml
......
......@@ -47,14 +47,15 @@ variables:
value: $[ resources.repositories['FluxRepo'].name ]
- name: SKIP_TESTS
value: 'false'
- name: 'MAVEN_CACHE_FOLDER'
value: $(Pipeline.Workspace)/.m2/repository
stages:
- template: /devops/build-stage.yml@TemplateRepo
parameters:
mavenGoal: 'package'
mavenPublishJUnitResults: true
serviceCoreMavenOptions: '-P entitlements-v2-core'
mavenOptions: '-P entitlements-v2-azure'
mavenOptions: '-pl provider/entitlements-v2-azure -am -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
copyFileContents: |
pom.xml
provider/entitlements-v2-azure/maven/settings.xml
......@@ -71,7 +72,7 @@ stages:
chartPath: ${{ variables.chartPath }}
valuesFile: ${{ variables.valuesFile }}
testCoreMavenPomFile: 'testing/entitlements-v2-test-core/pom.xml'
testCoreMavenOptions: ''
testCoreMavenOptions: '-Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
skipDeploy: ${{ variables.SKIP_DEPLOY }}
skipTest: ${{ variables.SKIP_TESTS }}
providers:
......
......@@ -16,8 +16,6 @@ public abstract class AppProperties {
private String domain;
@Value("${ACCEPT_HTTP:false}")
private boolean httpAccepted;
@Value("${app.integration.tester}")
private String integrationTester;
public String getProjectId() {
return projectId;
......@@ -31,10 +29,6 @@ public abstract class AppProperties {
return httpAccepted;
}
public String getIntegrationTester() {
return integrationTester;
}
public List<String> getInitialGroups() {
List<String> initialGroups = new ArrayList<>(3);
initialGroups.add("/provisioning/groups/datalake_user_groups.json");
......
......@@ -36,12 +36,14 @@ public class ListGroupService {
log.info(String.format("ListGroupService#run cache look up done timestamp: %d", System.currentTimeMillis()));
try {
String serviceAccount = requestInfo.getTenantInfo().getServiceAccount();
if (serviceAccount.equalsIgnoreCase(requesterId) || Strings.isNullOrEmpty(listGroupServiceDto.getAppId())) {
// TODO: Uncomment when AppId filter is optimized. The current logic is RU expensive,
// so we temporarily disable for now. US https://dev.azure.com/slb-swt/data-at-rest/_workitems/edit/599488
// if (serviceAccount.equalsIgnoreCase(requesterId) || Strings.isNullOrEmpty(listGroupServiceDto.getAppId())) {
auditLogger.listGroup(AuditStatus.SUCCESS, fetchParentIds(groups));
return groups;
} else {
return filterGroupsByAppId(groups, listGroupServiceDto);
}
// } else {
// return filterGroupsByAppId(groups, listGroupServiceDto);
// }
} catch (Exception e) {
auditLogger.listGroup(AuditStatus.FAILURE, new ArrayList<>());
throw e;
......
......@@ -26,13 +26,7 @@ public class RequestInfoUtilService {
}
public String getUserId(final DpsHeaders dpsHeaders) {
String userId = jwtClaimExtractor.extract(dpsHeaders.getAuthorization()).getUserId();
// TODO: remove this temporary logic after integration tester's permission is properly set up
String integrationTesterId = appProperties.getIntegrationTester();
if (userId.equalsIgnoreCase(integrationTesterId)) {
userId = "integration_tester_entitlements@desid.com";
}
return userId;
return jwtClaimExtractor.extract(dpsHeaders.getAuthorization()).getUserId();
}
public String getDomain(final String partitionId) {
......
package org.opengroup.osdu.entitlements.v2.service;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.opengroup.osdu.core.common.logging.JaxRsDpsLog;
......@@ -132,6 +133,8 @@ public class ListGroupServiceTests {
verify(auditLogger).listGroup(eq(AuditStatus.SUCCESS), any());
}
// TODO: Unignore when AppId filter is enabled. US https://dev.azure.com/slb-swt/data-at-rest/_workitems/edit/599488
@Ignore
@Test
public void should_filterByAppId_ifNormalCaller() {
List<String> partitionIds = Arrays.asList("dp", "dp1");
......
package org.opengroup.osdu.entitlements.v2.azure;
import com.azure.security.keyvault.secrets.SecretClient;
import lombok.Getter;
import org.opengroup.osdu.azure.KeyVaultFacade;
import org.opengroup.osdu.entitlements.v2.AppProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
@Component
@Getter
public class AzureAppProperties extends AppProperties {
@Value("${app.gremlin.endpoint}")
private String gremlinEndpoint;
@Value("${app.gremlin.port}")
private int gremlinPort;
@Value("${app.gremlin.username}")
private String gremlinUsername;
@Value("${app.gremlin.password}")
private String gremlinPassword;
@Value("${app.gremlin.sslEnabled}")
private boolean gremlinSslEnabled;
@Autowired
private SecretClient secretClient;
@Value("${app.graph.db.port}")
private int graphDbPort;
@Value("${app.graph.db.username}")
private String graphDbUsername;
@Value("${app.graph.db.sslEnabled}")
private boolean graphDbSslEnabled;
@Value("${tenantInfo.container.name}")
private String tenantInfoContainerName;
@Value("${azure.cosmosdb.database}")
private String cosmosDbName;
@Value("${app.cosmosdb.subscriptionId}")
private String subscriptionId;
@Value("${app.cosmosdb.resourceGroup}")
private String resourceGroup;
@Value("${app.cosmosdb.cosmosDbAccountName}")
private String cosmosDbAccountName;
public boolean hasCosmosDbConfig() {
return !(subscriptionId.isEmpty() && resourceGroup.isEmpty() && cosmosDbAccountName.isEmpty());
}
public String getGremlinEndpoint() {
return gremlinEndpoint;
}
public int getGremlinPort() {
return gremlinPort;
}
public String getGremlinUsername() {
return gremlinUsername;
}
public String getGremlinPassword() {
return gremlinPassword;
}
public boolean isGremlinSslEnabled() {
return gremlinSslEnabled;
}
public String getTenantInfoContainerName() {
return tenantInfoContainerName;
}
public String getCosmosDbName() {
return cosmosDbName;
}
public String getSubscriptionId() {
return subscriptionId;
}
public String getResourceGroup() {
return resourceGroup;
public String getGraphDbPassword() {
return KeyVaultFacade.getSecretWithValidation(secretClient, "graph-db-primary-key");
}
public String getCosmosDbAccountName() {
return cosmosDbAccountName;
public String getGraphDbEndpoint() {
return KeyVaultFacade.getSecretWithValidation(secretClient, "graph-db-endpoint");
}
}
package org.opengroup.osdu.entitlements.v2.azure.spi.gremlin.connection;
import com.azure.core.http.HttpClient;
import com.azure.core.http.HttpMethod;
import com.azure.core.http.HttpRequest;
import com.azure.core.http.HttpResponse;
import com.google.gson.Gson;
import com.google.gson.JsonObject;
import lombok.RequiredArgsConstructor;
import org.apache.tinkerpop.gremlin.driver.Client;
import org.apache.tinkerpop.gremlin.driver.Cluster;
......@@ -26,12 +20,10 @@ import org.opengroup.osdu.entitlements.v2.azure.model.NodeVertex;
import org.opengroup.osdu.entitlements.v2.azure.service.VertexUtilService;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Component;
import reactor.core.publisher.Mono;
import javax.annotation.PostConstruct;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.ExecutionException;
......@@ -43,11 +35,16 @@ public class ClusterGremlinConnector implements GremlinConnector {
private static final int MAX_IN_PROCESS = 16;
private static final String TRAVERSAL_SUBMIT_ERROR_MESSAGE = "Error submitting traversal";
private static final String RETRIEVING_RESULT_SET_ERROR_MESSAGE = "Error retrieving ResultSet object";
private static final String MSI_HOST = "http://169.254.169.254/";