diff --git a/devops/azure/chart/values.yaml b/devops/azure/chart/values.yaml
index dedff49947ecc41623bc569a3ea6555ca7451213..8bce3bedb1abb97fcd6c04ed31d9abdce31c32b3 100644
--- a/devops/azure/chart/values.yaml
+++ b/devops/azure/chart/values.yaml
@@ -24,7 +24,7 @@ image:
branch: master
tag: latest
-istioDnsHost: ""
+istioDnsHost: "contoso.com"
env: demo
diff --git a/provider/partition-ibm/src/main/java/org/opengroup/osdu/partition/provider/ibm/security/AuthorizationService.java b/provider/partition-ibm/src/main/java/org/opengroup/osdu/partition/provider/ibm/security/AuthorizationService.java
index bf7676e5c993ab512a30c204b10690d0a1084981..e25b142ffb5059ed1ccbdf278b78ab35dc98939f 100644
--- a/provider/partition-ibm/src/main/java/org/opengroup/osdu/partition/provider/ibm/security/AuthorizationService.java
+++ b/provider/partition-ibm/src/main/java/org/opengroup/osdu/partition/provider/ibm/security/AuthorizationService.java
@@ -4,7 +4,9 @@
package org.opengroup.osdu.partition.provider.ibm.security;
import org.opengroup.osdu.core.common.model.http.AppException;
+import org.opengroup.osdu.core.common.model.http.DpsHeaders;
import org.opengroup.osdu.partition.provider.interfaces.IAuthorizationService;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.security.core.Authentication;
@@ -20,6 +22,9 @@ import lombok.extern.slf4j.Slf4j;
@Slf4j
public class AuthorizationService implements IAuthorizationService {
+ @Autowired
+ DpsHeaders dpsheaders;
+
@Value("${service.partition.admin.user}")
String partitionAdminUser;
@@ -27,20 +32,15 @@ public class AuthorizationService implements IAuthorizationService {
@Override
public boolean isDomainAdminServiceAccount() {
try {
- final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
- Jwt principal = (Jwt) authentication.getPrincipal();
- String memberEmail = principal.getClaimAsString("email");
-// @SuppressWarnings("unchecked")
-// KeycloakPrincipal<KeycloakSecurityContext> principal = (KeycloakPrincipal<KeycloakSecurityContext>) auth.getPrincipal();
-// String upn = principal.getName();
- log.debug("email : "+memberEmail);
- if(memberEmail.equals(partitionAdminUser)) {
+
+ String userId = dpsheaders.getUserId();
+ log.debug("logged in email : " + userId);
+ if(userId != null && partitionAdminUser != null && userId.equals(partitionAdminUser)) {
return true;
- }
- else {
+ } else {
throw AppException.createUnauthorized("Unauthorized. The user is not Service Principal");
}
-
+
}
catch (AppException e) {
throw e;
diff --git a/provider/partition-ibm/src/main/java/org/opengroup/osdu/partition/provider/ibm/security/SecurityConfig.java b/provider/partition-ibm/src/main/java/org/opengroup/osdu/partition/provider/ibm/security/SecurityConfig.java
index 0c899dfb1fe95325ce2c9669b2f3e9cec17165f5..54218f3ce3acf56c3432ef517c4b5816c234b17e 100644
--- a/provider/partition-ibm/src/main/java/org/opengroup/osdu/partition/provider/ibm/security/SecurityConfig.java
+++ b/provider/partition-ibm/src/main/java/org/opengroup/osdu/partition/provider/ibm/security/SecurityConfig.java
@@ -15,8 +15,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic().disable()
- .csrf().disable().authorizeRequests().anyRequest()
- .authenticated().and().oauth2ResourceServer().jwt();
+ .csrf().disable();
+ //.authorizeRequests().anyRequest()
+ //.authenticated().and().oauth2ResourceServer().jwt();
}
}
diff --git a/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestCreatePartition.java b/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestCreatePartition.java
index 38292e7425ba84e9d228a990449b4226627f9a88..9f4b9f109f8047261c31659d57b31caef99ec150 100644
--- a/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestCreatePartition.java
+++ b/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestCreatePartition.java
@@ -3,10 +3,14 @@
package org.opengroup.osdu.partition.api;
+import static org.junit.Assert.assertEquals;
+
import org.junit.After;
import org.junit.Before;
import org.opengroup.osdu.partition.util.IBMTestUtils;
+import com.sun.jersey.api.client.ClientResponse;
+
public class TestCreatePartition extends CreatePartitionTest {
@Before
@@ -20,6 +24,14 @@ public class TestCreatePartition extends CreatePartitionTest {
public void tearDown() {
this.testUtils = null;
}
-
+ //servicemesh changes response code - 403
+ @Override
+ public void should_return401_when_makingHttpRequestWithoutToken() throws Exception {
+ ClientResponse response = descriptor.run(getId(), "");
+ assertEquals(error(response.getEntity(String.class)), 403, response.getStatus());
+ }
+
+
+
}
diff --git a/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestDeletePartition.java b/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestDeletePartition.java
index 3edcc15fda767afe3868569aac23cc1f56655471..26ce98ab6936589f2ad9cbc7c845f2c6fd306dab 100644
--- a/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestDeletePartition.java
+++ b/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestDeletePartition.java
@@ -3,10 +3,14 @@
package org.opengroup.osdu.partition.api;
+import static org.junit.Assert.assertEquals;
+
import org.junit.After;
import org.junit.Before;
import org.opengroup.osdu.partition.util.IBMTestUtils;
+import com.sun.jersey.api.client.ClientResponse;
+
public class TestDeletePartition extends DeletePartitionTest {
@Before
@@ -20,5 +24,12 @@ public class TestDeletePartition extends DeletePartitionTest {
public void tearDown() {
this.testUtils = null;
}
+
+ //servicemesh changes response code - 403
+ @Override
+ public void should_return401_when_makingHttpRequestWithoutToken() throws Exception {
+ ClientResponse response = descriptor.run(getId(), "");
+ assertEquals(error(response.getEntity(String.class)), 403, response.getStatus());
+ }
}
diff --git a/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestGetPartitionById.java b/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestGetPartitionById.java
index dd9247dcf7e06cae89911fee0cfea91660fea2e7..3faed4d5a76df67796d683358fa4696b219a5021 100644
--- a/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestGetPartitionById.java
+++ b/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestGetPartitionById.java
@@ -25,5 +25,12 @@ public class TestGetPartitionById extends GetPartitionByIdApitTest {
public void tearDown() {
this.testUtils = null;
}
+
+ //servicemesh changes response code - 403
+ @Override
+ public void should_return401_when_makingHttpRequestWithoutToken() throws Exception {
+ ClientResponse response = descriptor.run(getId(), "");
+ assertEquals(error(response.getEntity(String.class)), 403, response.getStatus());
+ }
}
diff --git a/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestListPartitions.java b/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestListPartitions.java
index 7f325d538abefa7ab4ad3286306a2ab265f11d8b..826354c7ad8a5c0c4d0069ddd3cd0634329bd855 100644
--- a/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestListPartitions.java
+++ b/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestListPartitions.java
@@ -3,10 +3,14 @@
package org.opengroup.osdu.partition.api;
+import static org.junit.Assert.assertEquals;
+
import org.junit.After;
import org.junit.Before;
import org.opengroup.osdu.partition.util.IBMTestUtils;
+import com.sun.jersey.api.client.ClientResponse;
+
public class TestListPartitions extends ListPartitionsApitTest {
@Before
@@ -20,5 +24,13 @@ public class TestListPartitions extends ListPartitionsApitTest {
public void tearDown() {
this.testUtils = null;
}
+
+ //servicemesh changes response code - 403
+ @Override
+ public void should_return401_when_makingHttpRequestWithoutToken() throws Exception {
+ ClientResponse response = descriptor.run(getId(), "");
+ assertEquals(error(response.getEntity(String.class)), 403, response.getStatus());
+ }
+
}
diff --git a/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestUpdatePartition.java b/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestUpdatePartition.java
index 62bc2289bea5153a55384479787c005859ff90b6..159e17965384d734fa3de7695b29c224c5efdde9 100644
--- a/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestUpdatePartition.java
+++ b/testing/partition-test-ibm/src/test/java/org/opengroup/osdu/partition/api/TestUpdatePartition.java
@@ -25,5 +25,13 @@ public class TestUpdatePartition extends UpdatePartitionTest {
public void tearDown() {
this.testUtils = null;
}
+
+ //servicemesh changes response code - 403
+ @Override
+ public void should_return401_when_makingHttpRequestWithoutToken() throws Exception {
+ ClientResponse response = descriptor.run(getId(), "");
+ assertEquals(error(response.getEntity(String.class)), 403, response.getStatus());
+ }
+
}