Merge branch 'aws-multitenant-v2' into 'master'

multitenant-v2

See merge request !78

NOTICE

@@ -51,7 +51,6 @@ The following software have components provided under the terms of this license:
 - AWS Java SDK for Amazon SNS (from https://aws.amazon.com/sdkforjava)
 - AWS Java SDK for Amazon SQS (from https://aws.amazon.com/sdkforjava)
 - AWS Java SDK for the AWS Simple Systems Management (SSM) Service (from https://aws.amazon.com/sdkforjava)
-- AWS SDK for Java - BOM (from https://aws.amazon.com/sdkforjava)
 - AWS SDK for Java - Core (from https://aws.amazon.com/sdkforjava)
 - Adapter: RxJava (from )
 - Apache Commons Codec (from http://commons.apache.org/proper/commons-codec/)

provider/notification-aws/pom.xml

@@ -35,7 +35,7 @@
         <java.version>8</java.version>
         <maven.compiler.target>${java.version}</maven.compiler.target>
         <maven.compiler.source>${java.version}</maven.compiler.source>
-        <aws.version>1.11.637</aws.version>
+        <aws.version>1.11.1018</aws.version>
     </properties>
 
     <dependencies>
@@ -48,7 +48,7 @@
         <dependency>
             <groupId>org.opengroup.osdu.core.aws</groupId>
             <artifactId>os-core-lib-aws</artifactId>
-            <version>0.3.17</version>
+            <version>0.9.1-SNAPSHOT</version>
         </dependency>
 
         <!-- https://mvnrepository.com/artifact/com.amazonaws/aws-java-sdk-secretsmanager -->

provider/notification-aws/src/main/java/org/opengroup/osdu/notification/provider/aws/impl/AwsPubsubRequestBodyExtractor.java

@@ -99,7 +99,7 @@ public class AwsPubsubRequestBodyExtractor implements IPubsubRequestBodyExtracto
 
         Map<String, String> attributes = content.getAttributes();
         if (attributes == null || attributes.isEmpty()) {
-            log.error("Incorrect Message: " + message.toString() );
+            log.error("Incorrect Message: " + message );
             throw new AppException(HttpStatus.BAD_REQUEST.value(), INVALID_PUBSUB_MESSAGE, "Attribute map not found");
         }
         String data = content.getData();

provider/notification-aws/src/main/java/org/opengroup/osdu/notification/provider/aws/impl/ServiceAccountJwtAwsClientImpl.java

-// Copyright © 2020 Amazon Web Services
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-package org.opengroup.osdu.notification.provider.aws.impl;
-
-
-import com.amazonaws.auth.AWSCredentialsProvider;
-import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagement;
-import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagementClientBuilder;
-import com.amazonaws.services.simplesystemsmanagement.model.GetParameterRequest;
-import com.amazonaws.services.simplesystemsmanagement.model.GetParameterResult;
-import com.amazonaws.services.simplesystemsmanagement.model.Parameter;
-import lombok.AccessLevel;
-import lombok.Getter;
-import lombok.Setter;
-
-import org.opengroup.osdu.core.aws.entitlements.ServicePrincipal;
-import org.opengroup.osdu.core.aws.iam.IAMConfig;
-import org.opengroup.osdu.core.aws.secrets.SecretsManager;
-import org.opengroup.osdu.core.common.util.IServiceAccountJwtClient;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.stereotype.Component;
-
-import javax.annotation.PostConstruct;
-
-
-@Component
-public class ServiceAccountJwtAwsClientImpl implements IServiceAccountJwtClient {
-
-
-    @Value("${aws.region}")
-    @Getter()
-    @Setter(AccessLevel.PROTECTED)
-    public String amazonRegion;
-
-
-
-    @Value("${aws.ssm}")
-    @Getter()
-    @Setter(AccessLevel.PROTECTED)
-    public Boolean ssmEnabled;
-
-
-    @Value("${aws.environment}")
-    @Getter()
-    @Setter(AccessLevel.PROTECTED)
-    public String environment;
-
-    private String awsOauthCustomScope;
-
-    String client_credentials_secret;
-    String client_credentials_clientid;
-    ServicePrincipal sp;
-
-
-    private AWSCredentialsProvider amazonAWSCredentials;
-    private AWSSimpleSystemsManagement ssmManager;
-
-    @PostConstruct
-    public void init() {
-        if (ssmEnabled) {
-
-            SecretsManager sm = new SecretsManager();
-
-            String oauth_token_url = "/osdu/" + environment + "/oauth-token-uri";
-            String oauth_custom_scope = "/osdu/" + environment + "/oauth-custom-scope";
-
-            String client_credentials_client_id = "/osdu/" + environment + "/client-credentials-client-id";
-            String client_secret_key = "client_credentials_client_secret";
-            String client_secret_secretName = "/osdu/" + environment + "/client_credentials_secret";
-
-            amazonAWSCredentials = IAMConfig.amazonAWSCredentials();
-            ssmManager = AWSSimpleSystemsManagementClientBuilder.standard()
-                    .withCredentials(amazonAWSCredentials)
-                    .withRegion(amazonRegion)
-                    .build();
-
-            client_credentials_clientid = getSsmParameter(client_credentials_client_id);
-
-            client_credentials_secret = sm.getSecret(client_secret_secretName,amazonRegion,client_secret_key);
-
-            String tokenUrl = getSsmParameter(oauth_token_url);
-
-            awsOauthCustomScope = getSsmParameter(oauth_custom_scope);
-
-            sp = new ServicePrincipal(amazonRegion,environment,tokenUrl,awsOauthCustomScope);
-
-        }
-    }
-
-    @Override
-    public String getIdToken(String s) {
-        String token=  sp.getServicePrincipalAccessToken(client_credentials_clientid,client_credentials_secret);
-        return token;
-    }
-
-    private String getSsmParameter(String parameterKey) {
-        GetParameterRequest paramRequest = (new GetParameterRequest()).withName(parameterKey).withWithDecryption(true);
-        GetParameterResult paramResult = ssmManager.getParameter(paramRequest);
-        return paramResult.getParameter().getValue();
-    }
-
-
-}

provider/notification-aws/src/main/java/org/opengroup/osdu/notification/provider/aws/utils/AwsCognitoClient.java

@@ -50,8 +50,6 @@ public class AwsCognitoClient {
         this.awsCognitoAuthParamsUser = awsCognitoAuthParamsUser;
         this.awsCognitoAuthParamsPassword = awsCognitoAuthParamsPassword;
        this.provider = generateCognitoClient(region);
-
-
     }
 
     public String getToken(String username, String password,String tokenType){

provider/notification-aws/src/main/resources/application.properties

@@ -17,16 +17,14 @@ logging.level.org.springframework.web=${LOG_LEVEL:INFO}
 server.servlet.contextPath=/api/notification/v1
 server.port=${APPLICATION_PORT:8080}
 
-AUTHORIZE_API=${ENTITLEMENTS_BASE_URL}/api/entitlements/v1
-
-REGISTER_SERVICE_URL=${REGISTER_BASE_URL}/api/register/v1
+AUTHORIZE_API=${ENTITLEMENTS_BASE_URL}/api/entitlements/v2
+PARTITION_API=${ENTITLEMENTS_BASE_URL}/api/partition/v1
+REGISTER_SERVICE_URL=${ENTITLEMENTS_BASE_URL}/api/register/v1
 
 aws.ssm=${SSM_ENABLED:True}
 aws.environment=${RESOURCE_PREFIX}
-## AWS DynamoDB configuration
-aws.region=${AWS_REGION}
-aws.dynamodb.table.prefix=${RESOURCE_PREFIX}-
-aws.dynamodb.endpoint=dynamodb.${AWS_REGION}.amazonaws.com
+aws.parameter.prefix=/osdu/${RESOURCE_PREFIX}
+aws.primary.region=${aws.parameter.prefix}/primary-region
 
 app.expireTime=300
 app.maxCacheSize=10
@@ -49,4 +47,4 @@ server.ssl.key-store-type=PKCS12
 server.ssl.key-store=${SSL_KEY_STORE_PATH:/certs/osduonaws.p12}
 server.ssl.key-alias=${SSL_KEY_ALIAS:osduonaws}
 server.ssl.key-password=${SSL_KEY_PASSWORD:}
-server.ssl.key-store-password=${SSL_KEY_STORE_PASSWORD:}
\ No newline at end of file
+server.ssl.key-store-password=${SSL_KEY_STORE_PASSWORD:}

provider/notification-aws/src/test/java/org/opengroup/osdu/notification/provider/aws/AwsPubsubRequestBodyExtractorTest.java

@@ -15,13 +15,10 @@
 package org.opengroup.osdu.notification.provider.aws;
 
 
-import com.amazonaws.services.dynamodbv2.datamodeling.DynamoDBDeleteExpression;
-import com.amazonaws.services.dynamodbv2.model.ConditionalCheckFailedException;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
-import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.Mockito;
 import org.mockito.runners.MockitoJUnitRunner;

testing/notification-test-aws/build-aws/prepare-dist.sh

@@ -38,10 +38,10 @@ echo $INTEGRATION_TEST_OUTPUT_BIN_DIR
 rm -rf "$INTEGRATION_TEST_OUTPUT_DIR"
 mkdir -p "$INTEGRATION_TEST_OUTPUT_DIR" && mkdir -p "$INTEGRATION_TEST_OUTPUT_BIN_DIR"
 echo "Building integration testing assemblies and gathering artifacts..."
-mvn install -f "$INTEGRATION_TEST_SOURCE_DIR_CORE"/pom.xml
-mvn install dependency:copy-dependencies -DskipTests -f "$INTEGRATION_TEST_SOURCE_DIR_AWS"/pom.xml -DincludeGroupIds=org.opengroup.osdu -Dmdep.copyPom
+mvn -ntp -B install -f "$INTEGRATION_TEST_SOURCE_DIR_CORE"/pom.xml
+mvn -ntp -B install dependency:copy-dependencies -DskipTests -f "$INTEGRATION_TEST_SOURCE_DIR_AWS"/pom.xml -DincludeGroupIds=org.opengroup.osdu -Dmdep.copyPom
 cp "$INTEGRATION_TEST_SOURCE_DIR_AWS"/target/dependency/* "${INTEGRATION_TEST_OUTPUT_BIN_DIR}"
-(cd "${INTEGRATION_TEST_OUTPUT_BIN_DIR}" && ls *.jar | sed -e 's/\.jar$//' | xargs -I {} echo mvn install:install-file -Dfile={}.jar -DpomFile={}.pom >> install-deps.sh)
+(cd "${INTEGRATION_TEST_OUTPUT_BIN_DIR}" && ls *.jar | sed -e 's/\.jar$//' | xargs -I {} echo mvn -ntp -B install:install-file -Dfile={}.jar -DpomFile={}.pom >> install-deps.sh)
 chmod +x "${INTEGRATION_TEST_OUTPUT_BIN_DIR}"/install-deps.sh
 mvn clean -f "$INTEGRATION_TEST_SOURCE_DIR_AWS"/pom.xml
 cp -R "$INTEGRATION_TEST_SOURCE_DIR_AWS"/* "${INTEGRATION_TEST_OUTPUT_DIR}"/

testing/notification-test-aws/src/test/java/org/opengroup/osdu/notification/api/TestPubsubEndpointHMAC.java

@@ -19,6 +19,7 @@ import org.junit.After;
 import org.junit.AfterClass;
 import org.junit.Before;
 import org.junit.BeforeClass;
+import org.junit.Test;
 import org.opengroup.osdu.notification.util.Config;
 import org.opengroup.osdu.notification.util.AwsTestUtils;
 import org.opengroup.osdu.notification.util.RestDescriptor;
@@ -48,6 +49,11 @@ public class TestPubsubEndpointHMAC extends PubsubEndpointHMACTests {
     public void tearDown() throws Exception {
         this.testUtils = null;
     }
-    
 
+    @Test
+    @Override
+    public void should_return401_when_noAccessOnCustomerTenant() throws Exception {
+        ClientResponse response = descriptor.runOnCustomerTenant(getArg(), getOsduTenantAdminCredentials());
+        assertEquals(error(	response.getEntity(String.class)), 403, response.getStatus());
+    }
 }
\ No newline at end of file