Commit b135a400 authored by Komal Makkar's avatar Komal Makkar
Browse files

Merged master changes.

parents 8b65d8c5 19677ab8
Pipeline #6533 failed with stage
in 7 seconds
## Type of change
- [ ] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [YES/NO]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [ ] Azure
- [ ] GCP
- [ ] IBM
## Does this introduce a breaking change?
- [YES/NO]
## What is the current behavior?
## What is the new/expected behavior?
## Have you added/updated Unit Tests and Integration Tests?
## Any other useful information
......@@ -37,6 +37,7 @@
<java.version>8</java.version>
<maven.compiler.target>${java.version}</maven.compiler.target>
<maven.compiler.source>${java.version}</maven.compiler.source>
<springfox-version>2.7.0</springfox-version>
</properties>
<repositories>
......@@ -187,6 +188,24 @@
<version>2.8.5</version>
</dependency>
<!-- swagger dependencies -->
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger2</artifactId>
<version>${springfox-version}</version>
<exclusions>
<exclusion>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger-ui</artifactId>
<version>${springfox-version}</version>
</dependency>
<dependency>
<groupId>org.powermock</groupId>
<artifactId>powermock-api-mockito2</artifactId>
......@@ -211,6 +230,11 @@
<version>4.12</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
......
......@@ -34,10 +34,10 @@ import org.opengroup.osdu.core.common.notification.ISubscriptionFactory;
import org.opengroup.osdu.core.common.notification.ISubscriptionService;
import org.opengroup.osdu.core.common.notification.SubscriptionException;
import org.opengroup.osdu.notification.di.SubscriptionCacheFactory;
import org.opengroup.osdu.notification.pubsub.IPubsubHandshakeHandler;
import org.opengroup.osdu.notification.pubsub.IPubsubRequestBodyExtractor;
import org.opengroup.osdu.notification.provider.interfaces.IPubsubHandshakeHandler;
import org.opengroup.osdu.notification.provider.interfaces.IPubsubRequestBodyExtractor;
import org.opengroup.osdu.notification.utils.Config;
import org.opengroup.osdu.notification.utils.IGoogleServiceAccount;
import org.opengroup.osdu.notification.provider.interfaces.IGoogleServiceAccount;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
......@@ -87,7 +87,8 @@ public class PubsubEndpoint {
@PreAuthorize("@authorizationFilter.hasAnyPermission('" + Config.OPS + "', '" + Config.PUBSUB + "')")
public ResponseEntity recordChanged() throws Exception {
if(this.pubsubRequestBodyExtractor.isHandshakeRequest()) {
return ResponseEntity.ok(this.pubsubHandshakeHandler.getHandshakeResponse());
String handshakeResponse = this.pubsubHandshakeHandler.getHandshakeResponse();
return ResponseEntity.ok(handshakeResponse);
}
String notificationId = this.pubsubRequestBodyExtractor.extractNotificationIdFromRequestBody();
......
......@@ -23,11 +23,12 @@ import org.opengroup.osdu.core.common.model.http.DpsHeaders;
import org.opengroup.osdu.core.common.provider.interfaces.IAuthorizationService;
import org.opengroup.osdu.notification.di.RequestInfoExt;
import org.opengroup.osdu.notification.utils.Config;
import org.opengroup.osdu.notification.utils.ServiceAccountValidator;
import org.opengroup.osdu.notification.provider.interfaces.IServiceAccountValidator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.context.annotation.RequestScope;
import javax.servlet.http.HttpServletRequest;
import java.util.Arrays;
@Component("authorizationFilter")
......@@ -35,12 +36,14 @@ import java.util.Arrays;
public class AuthorizationFilter {
private static final String BEARER_PREFIX = "Bearer ";
@Autowired
private HttpServletRequest request;
@Autowired
private IAuthorizationService authService;
@Autowired
private RequestInfoExt requestInfoExt;
@Autowired
private ServiceAccountValidator validator;
private IServiceAccountValidator validator;
public boolean hasAnyPermission(String... requiredRoles) {
DpsHeaders dpsHeaders = requestInfoExt.getHeaders();
......@@ -51,6 +54,13 @@ public class AuthorizationFilter {
requestInfoExt.assignPartitionIdIfNotInHeader();
}
String path = request.getServletPath();
if ("GET".equals(request.getMethod())) {
if (path.equals("/swagger-ui.html")) {
return true;
}
}
if (Arrays.asList(requiredRoles).contains(Config.CRON) && requestInfoExt.isCronRequest()) {
dpsHeaders.put(DpsHeaders.USER_EMAIL, Config.CRON);
requestInfoExt.setHeaders(dpsHeaders);
......
......@@ -19,7 +19,7 @@ package org.opengroup.osdu.notification.auth;
import org.opengroup.osdu.core.common.entitlements.EntitlementsAPIConfig;
import org.opengroup.osdu.core.common.entitlements.EntitlementsFactory;
import org.opengroup.osdu.core.common.entitlements.IEntitlementsFactory;
import org.opengroup.osdu.notification.utils.IAppProperties;
import org.opengroup.osdu.notification.provider.interfaces.IAppProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.config.AbstractFactoryBean;
import org.springframework.stereotype.Component;
......
......@@ -18,8 +18,7 @@ package org.opengroup.osdu.notification.di;
import org.opengroup.osdu.core.common.model.http.DpsHeaders;
import org.opengroup.osdu.core.common.util.IServiceAccountJwtClient;
import org.opengroup.osdu.notification.pubsub.IPubsubRequestBodyExtractor;
import org.opengroup.osdu.notification.utils.IAppProperties;
import org.opengroup.osdu.notification.provider.interfaces.IPubsubRequestBodyExtractor;
import org.springframework.beans.factory.FactoryBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Primary;
......
......@@ -19,7 +19,7 @@ package org.opengroup.osdu.notification.di;
import com.google.api.client.util.Strings;
import org.opengroup.osdu.core.common.model.http.DpsHeaders;
import org.opengroup.osdu.core.common.model.http.RequestInfo;
import org.opengroup.osdu.notification.pubsub.IPubsubRequestBodyExtractor;
import org.opengroup.osdu.notification.provider.interfaces.IPubsubRequestBodyExtractor;
import org.springframework.context.annotation.Primary;
import org.springframework.stereotype.Component;
import org.springframework.web.context.annotation.RequestScope;
......@@ -27,8 +27,6 @@ import org.springframework.web.context.annotation.RequestScope;
import javax.annotation.PostConstruct;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import java.io.BufferedReader;
import java.io.IOException;
import java.util.Collections;
import java.util.Map;
import java.util.stream.Collectors;
......
......@@ -16,17 +16,13 @@
package org.opengroup.osdu.notification.di;
import org.opengroup.osdu.core.common.notification.ISubscriptionFactory;
import org.opengroup.osdu.core.common.notification.SubscriptionAPIConfig;
import org.opengroup.osdu.core.common.notification.SubscriptionFactory;
import org.opengroup.osdu.notification.utils.IAppProperties;
import org.opengroup.osdu.notification.provider.interfaces.IAppProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.beans.factory.config.AbstractFactoryBean;
import org.springframework.beans.factory.config.ConfigurableBeanFactory;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
import org.opengroup.osdu.core.common.notification.ISubscriptionFactory;
import org.opengroup.osdu.core.common.model.notification.*;
@Component
public class SubscriptionClientFactory extends AbstractFactoryBean<ISubscriptionFactory> {
......
......@@ -14,10 +14,11 @@
* limitations under the License.
*/
package org.opengroup.osdu.notification.auth;
package org.opengroup.osdu.notification.provider.interfaces;
import org.opengroup.osdu.core.common.model.http.DpsHeaders;
public interface IAppProperties {
public interface AuthorizationService {
String authorizeAny(DpsHeaders headers, String... roles);
}
String getAuthorizeAPI();
String getRegisterAPI();
}
\ No newline at end of file
......@@ -14,7 +14,7 @@
* limitations under the License.
*/
package org.opengroup.osdu.notification.utils;
package org.opengroup.osdu.notification.provider.interfaces;
public interface IGoogleServiceAccount {
......
package org.opengroup.osdu.notification.provider.interfaces;
public interface IPubsubHandshakeHandler {
String getHandshakeResponse();
}
package org.opengroup.osdu.notification.provider.interfaces;
import org.springframework.stereotype.Component;
import org.springframework.http.ResponseEntity;
import java.util.Map;
public interface IPubsubRequestBodyExtractor {
Map<String, String> extractAttributesFromRequestBody() ;
String extractDataFromRequestBody();
String extractNotificationIdFromRequestBody() ;
boolean isHandshakeRequest();
}
......@@ -14,9 +14,10 @@
* limitations under the License.
*/
package org.opengroup.osdu.notification.utils;
package org.opengroup.osdu.notification.provider.interfaces;
public interface IServiceAccountValidator {
public interface ServiceAccountValidator {
boolean isValidPublisherServiceAccount(String jwt);
boolean isValidServiceAccount(String jwt, String userIdentity, String... audiences);
......
package org.opengroup.osdu.notification.swagger;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
public class HomeController {
@RequestMapping(value = {"/", "/swagger"})
public String swagger() {
System.out.println("swagger-ui.html");
return "redirect:swagger-ui.html";
}
}
package org.opengroup.osdu.notification.swagger;
import org.opengroup.osdu.core.common.model.http.DpsHeaders;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.ParameterBuilder;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.schema.ModelRef;
import springfox.documentation.service.ApiKey;
import springfox.documentation.service.AuthorizationScope;
import springfox.documentation.service.Parameter;
import springfox.documentation.service.SecurityReference;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spi.service.contexts.SecurityContext;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
@Configuration
@EnableSwagger2
public class SwaggerDocumentationConfig {
public static final String AUTHORIZATION_HEADER = "Authorization";
public static final String DEFAULT_INCLUDE_PATTERN = "/.*";
@Bean
public Docket api() {
ParameterBuilder builder = new ParameterBuilder();
List<Parameter> parameters = new ArrayList<>();
builder.name(DpsHeaders.DATA_PARTITION_ID)
.description("tenant")
.defaultValue("common")
.modelRef(new ModelRef("string"))
.parameterType("header")
.required(true)
.build();
parameters.add(builder.build());
return new Docket(DocumentationType.SWAGGER_2)
.globalOperationParameters(parameters)
.select()
.apis(RequestHandlerSelectors.basePackage("org.opengroup.osdu.notification.api"))
.build()
.securityContexts(Collections.singletonList(securityContext()))
.securitySchemes(Collections.singletonList(apiKey()));
}
private ApiKey apiKey() {
return new ApiKey("JWT", AUTHORIZATION_HEADER, "header");
}
private SecurityContext securityContext() {
return SecurityContext.builder()
.securityReferences(defaultAuth())
.forPaths(PathSelectors.regex(DEFAULT_INCLUDE_PATTERN))
.build();
}
List<SecurityReference> defaultAuth() {
AuthorizationScope authorizationScope
= new AuthorizationScope("global", "accessEverything");
AuthorizationScope[] authorizationScopes =
new AuthorizationScope[]{authorizationScope};
return Collections.singletonList(
new SecurityReference("JWT", authorizationScopes));
}
}
\ No newline at end of file
package org.opengroup.osdu.notification.utils;
public interface IAppProperties {
String getAuthorizeAPI();
String getRegisterAPI();
}
\ No newline at end of file
......@@ -36,8 +36,8 @@ import org.opengroup.osdu.core.common.notification.SubscriptionFactory;
import org.opengroup.osdu.core.common.notification.SubscriptionService;
import org.opengroup.osdu.notification.di.CredentialHeadersProvider;
import org.opengroup.osdu.notification.di.SubscriptionCacheFactory;
import org.opengroup.osdu.notification.pubsub.IPubsubRequestBodyExtractor;
import org.opengroup.osdu.notification.utils.IGoogleServiceAccount;
import org.opengroup.osdu.notification.provider.interfaces.IGoogleServiceAccount;
import org.opengroup.osdu.notification.provider.interfaces.IPubsubRequestBodyExtractor;
import org.powermock.modules.junit4.PowerMockRunner;
import org.springframework.http.ResponseEntity;
......
......@@ -26,11 +26,12 @@ import org.opengroup.osdu.core.common.model.http.AppException;
import org.opengroup.osdu.core.common.model.http.DpsHeaders;
import org.opengroup.osdu.core.common.provider.interfaces.IAuthorizationService;
import org.opengroup.osdu.notification.di.RequestInfoExt;
import org.opengroup.osdu.notification.pubsub.IPubsubRequestBodyExtractor;
import org.opengroup.osdu.notification.provider.interfaces.IPubsubRequestBodyExtractor;
import org.opengroup.osdu.notification.utils.Config;
import org.opengroup.osdu.notification.utils.ServiceAccountValidator;
import org.opengroup.osdu.notification.provider.interfaces.IServiceAccountValidator;
import org.powermock.modules.junit4.PowerMockRunner;
import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.Map;
......@@ -53,11 +54,13 @@ public class AuthorizationFilterTest {
@Mock
private DpsHeaders headers;
@Mock
private HttpServletRequest request;
@Mock
private RequestInfoExt requestInfo;
@Mock
private IAuthorizationService authorizationService;
@Mock
private ServiceAccountValidator validator;
private IServiceAccountValidator validator;
@Mock
private IPubsubRequestBodyExtractor extractor;
@InjectMocks
......
......@@ -20,7 +20,7 @@ import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.opengroup.osdu.notification.utils.IAppProperties;
import org.opengroup.osdu.notification.provider.interfaces.IAppProperties;
import org.powermock.modules.junit4.PowerMockRunner;
import javax.servlet.http.HttpServletRequest;
......
package org.opengroup.osdu.notification.swagger;
import org.junit.Before;
import org.junit.Test;
import org.springframework.http.MediaType;
import org.springframework.test.web.servlet.MockMvc;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
import static org.springframework.test.web.servlet.setup.MockMvcBuilders.standaloneSetup;
public class HomeControllerTest {
private MockMvc mockMvc;
@Before
public void setup() {
mockMvc = standaloneSetup(HomeController.class).build();
}
@Test
public void testSwaggerFound() throws Exception {
mockMvc.perform(get("/swagger")
.contentType(MediaType.APPLICATION_JSON)
.accept(MediaType.APPLICATION_JSON))
.andExpect(status().isFound());
mockMvc.perform(get("/")
.contentType(MediaType.APPLICATION_JSON)
.accept(MediaType.APPLICATION_JSON))
.andExpect(status().isFound());
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment