From 2fec88b7a8f1dcb7532112af1907edc65f7b124d Mon Sep 17 00:00:00 2001
From: neelesh thakur <nthakur4@slb.com>
Date: Fri, 17 Jul 2020 10:53:04 -0400
Subject: [PATCH] remove gcp dependency from core
---
pom.xml | 5 ---
provider/register-gcp/pom.xml | 1 +
.../register-gcp/src/main/appengine/app.yaml | 2 +-
.../gcp/subscriber/DatastoreAccess.java | 4 +-
.../gcp/util/GcpAppServiceConfig.java | 40 +++++++++++++++++
.../gcp/util/GoogleServiceAccountImpl.java | 43 +++++++++++++++++++
.../main/resources/application-dev.properties | 2 +-
.../resources/application-local.properties | 2 +-
register-core/pom.xml | 4 --
.../api/SubscriberTestListenerApi.java | 2 +-
.../services/ChallengeResponseCheck.java | 15 +++----
.../osdu/register/utils/AppServiceConfig.java | 20 ++-------
.../register/utils/IGoogleServiceAccount.java | 24 +++++++++++
13 files changed, 125 insertions(+), 39 deletions(-)
create mode 100644 provider/register-gcp/src/main/java/org/opengroup/osdu/register/provider/gcp/util/GcpAppServiceConfig.java
create mode 100644 provider/register-gcp/src/main/java/org/opengroup/osdu/register/provider/gcp/util/GoogleServiceAccountImpl.java
create mode 100644 register-core/src/main/java/org/opengroup/osdu/register/utils/IGoogleServiceAccount.java
diff --git a/pom.xml b/pom.xml
index bb5b63e2a..342e9aab3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -56,11 +56,6 @@
<artifactId>os-core-common</artifactId>
<version>0.0.20</version>
</dependency>
- <dependency>
- <groupId>org.opengroup.osdu</groupId>
- <artifactId>core-lib-gcp</artifactId>
- <version>0.1.21</version>
- </dependency>
</dependencies>
</dependencyManagement>
diff --git a/provider/register-gcp/pom.xml b/provider/register-gcp/pom.xml
index dd84b8bda..92abcc3ae 100644
--- a/provider/register-gcp/pom.xml
+++ b/provider/register-gcp/pom.xml
@@ -37,6 +37,7 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>core-lib-gcp</artifactId>
+ <version>0.1.21</version>
</dependency>
<dependency>
diff --git a/provider/register-gcp/src/main/appengine/app.yaml b/provider/register-gcp/src/main/appengine/app.yaml
index be8764732..f57bdeae5 100644
--- a/provider/register-gcp/src/main/appengine/app.yaml
+++ b/provider/register-gcp/src/main/appengine/app.yaml
@@ -38,6 +38,6 @@ env_variables:
JETTY_MODULES_ENABLE: 'gzip'
JAVA_OPTS: -Xms2048m -Xmx3072m
SPRING_PROFILES_ACTIVE: 'dev'
- GOOGLE_AUDIENCES: "GOOGLE-AUDIENCES"
+ INTEGRATION_TEST_AUDIENCES: "GOOGLE-AUDIENCES"
SUBSCRIBER_SECRET: "SUBSCRIBER-SECRET"
SUBSCRIBER_PRIVATE_KEY_ID: "SUBSCRIBER-PRIVATE-KEY-ID"
\ No newline at end of file
diff --git a/provider/register-gcp/src/main/java/org/opengroup/osdu/register/provider/gcp/subscriber/DatastoreAccess.java b/provider/register-gcp/src/main/java/org/opengroup/osdu/register/provider/gcp/subscriber/DatastoreAccess.java
index dcc3ffb5a..ffba27613 100644
--- a/provider/register-gcp/src/main/java/org/opengroup/osdu/register/provider/gcp/subscriber/DatastoreAccess.java
+++ b/provider/register-gcp/src/main/java/org/opengroup/osdu/register/provider/gcp/subscriber/DatastoreAccess.java
@@ -20,9 +20,9 @@ import com.google.cloud.datastore.*;
import org.opengroup.osdu.core.common.model.http.AppException;
import org.opengroup.osdu.core.common.model.tenant.TenantInfo;
import org.opengroup.osdu.register.provider.gcp.ddms.datastore.DatastoreMultiTenantAccess;
+import org.opengroup.osdu.register.provider.gcp.util.GcpAppServiceConfig;
import org.opengroup.osdu.register.subscriber.model.Secret;
import org.opengroup.osdu.register.subscriber.model.Subscription;
-import org.opengroup.osdu.register.utils.AppServiceConfig;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Repository;
@@ -42,7 +42,7 @@ public class DatastoreAccess implements IDatastoreAccess {
@Autowired
private ModelEntityHelper modelEntityHelper;
@Autowired
- private AppServiceConfig config;
+ private GcpAppServiceConfig config;
private static final String NAMESPACE = "DE";
private static final String KIND = "SUBSCRIPTION";
diff --git a/provider/register-gcp/src/main/java/org/opengroup/osdu/register/provider/gcp/util/GcpAppServiceConfig.java b/provider/register-gcp/src/main/java/org/opengroup/osdu/register/provider/gcp/util/GcpAppServiceConfig.java
new file mode 100644
index 000000000..1c91de2bb
--- /dev/null
+++ b/provider/register-gcp/src/main/java/org/opengroup/osdu/register/provider/gcp/util/GcpAppServiceConfig.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2017-2020, Schlumberger
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.opengroup.osdu.register.provider.gcp.util;
+
+import org.opengroup.osdu.register.utils.AppServiceConfig;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Primary;
+import org.springframework.stereotype.Component;
+
+@Component
+@Primary
+public class GcpAppServiceConfig extends AppServiceConfig {
+
+ @Value("${GOOGLE_CLOUD_PROJECT}")
+ private String googleCloudProject;
+ @Value("${SERVICE_IDENTITY}")
+ private String serviceIdentity;
+
+ public String getGoogleCloudProject() {
+ return googleCloudProject;
+ }
+
+ public String getServiceAccountIdentity() {
+ return String.format("%s@%s.iam.gserviceaccount.com", serviceIdentity, googleCloudProject);
+ }
+}
\ No newline at end of file
diff --git a/provider/register-gcp/src/main/java/org/opengroup/osdu/register/provider/gcp/util/GoogleServiceAccountImpl.java b/provider/register-gcp/src/main/java/org/opengroup/osdu/register/provider/gcp/util/GoogleServiceAccountImpl.java
new file mode 100644
index 000000000..471b48541
--- /dev/null
+++ b/provider/register-gcp/src/main/java/org/opengroup/osdu/register/provider/gcp/util/GoogleServiceAccountImpl.java
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2017-2020, Schlumberger
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.opengroup.osdu.register.provider.gcp.util;
+
+import lombok.SneakyThrows;
+import org.apache.http.impl.client.HttpClients;
+import org.opengroup.osdu.core.gcp.GoogleIdToken.IGoogleIdTokenFactory;
+import org.opengroup.osdu.register.utils.IGoogleServiceAccount;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+@Component
+public class GoogleServiceAccountImpl implements IGoogleServiceAccount {
+
+ @Autowired
+ private IGoogleIdTokenFactory googleIdTokenFactory;
+
+ @SneakyThrows
+ @Override
+ public String getIdToken(String keyString, String audience) {
+ return this.googleIdTokenFactory.getGoogleIdToken(keyString, audience, HttpClients.createDefault());
+ }
+
+ @SneakyThrows
+ @Override
+ public String getPrivateKeyId(String keyString) {
+ return this.googleIdTokenFactory.getPrivateKeyId(keyString);
+ }
+}
\ No newline at end of file
diff --git a/provider/register-gcp/src/main/resources/application-dev.properties b/provider/register-gcp/src/main/resources/application-dev.properties
index 63d399a19..2747cdcba 100644
--- a/provider/register-gcp/src/main/resources/application-dev.properties
+++ b/provider/register-gcp/src/main/resources/application-dev.properties
@@ -5,7 +5,7 @@ STORAGE_API=https://os-storage-dot-opendes.appspot.com/api/storage/v2
RECORDS_CHANGE_PUBSUB_ENDPOINT=https://os-notification-dot-opendes.appspot.com/push-handlers/records-changed
GOOGLE_CLOUD_PROJECT=opendes
GCLOUD_REGION=us-central
-GOOGLE_AUDIENCES={GOOGLE_AUDIENCES}
+INTEGRATION_TEST_AUDIENCES={GOOGLE_AUDIENCES}
SUBSCRIBER_SECRET={SUBSCRIBER_SECRET}
SUBSCRIBER_PRIVATE_KEY_ID={SUBSCRIBER_PRIVATE_KEY_ID}
enable.appengine.log.factory=true
\ No newline at end of file
diff --git a/provider/register-gcp/src/main/resources/application-local.properties b/provider/register-gcp/src/main/resources/application-local.properties
index 3d82959e2..eb9225053 100644
--- a/provider/register-gcp/src/main/resources/application-local.properties
+++ b/provider/register-gcp/src/main/resources/application-local.properties
@@ -5,7 +5,7 @@ STORAGE_API=https://os-storage-dot-opendes.appspot.com/api/storage/v2
RECORDS_CHANGE_PUBSUB_ENDPOINT=https://os-notification-dot-opendes.appspot.com/push-handlers/records-changed
GOOGLE_CLOUD_PROJECT=opendes
GCLOUD_REGION=us-central
-GOOGLE_AUDIENCES=245464679631-ktfdfpl147m1mjpbutl00b3cmffissgq.apps.googleusercontent.com
+INTEGRATION_TEST_AUDIENCES=245464679631-ktfdfpl147m1mjpbutl00b3cmffissgq.apps.googleusercontent.com
SUBSCRIBER_SECRET={SUBSCRIBER_SECRET}
SUBSCRIBER_PRIVATE_KEY_ID={SUBSCRIBER_PRIVATE_KEY_ID}
enable.appengine.log.factory=false
\ No newline at end of file
diff --git a/register-core/pom.xml b/register-core/pom.xml
index 01745ce18..41ebb643c 100644
--- a/register-core/pom.xml
+++ b/register-core/pom.xml
@@ -82,10 +82,6 @@
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-core-common</artifactId>
</dependency>
- <dependency>
- <groupId>org.opengroup.osdu</groupId>
- <artifactId>core-lib-gcp</artifactId>
- </dependency>
<dependency>
<groupId>com.google.api</groupId>
<artifactId>gax-grpc</artifactId>
diff --git a/register-core/src/main/java/org/opengroup/osdu/register/api/SubscriberTestListenerApi.java b/register-core/src/main/java/org/opengroup/osdu/register/api/SubscriberTestListenerApi.java
index 4fa6a0de7..d96068121 100644
--- a/register-core/src/main/java/org/opengroup/osdu/register/api/SubscriberTestListenerApi.java
+++ b/register-core/src/main/java/org/opengroup/osdu/register/api/SubscriberTestListenerApi.java
@@ -113,7 +113,7 @@ public class SubscriberTestListenerApi {
try {
GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(new NetHttpTransport(), JacksonFactory.getDefaultInstance())
- .setAudience(Collections.singletonList(this.serviceConfig.getGoogleAudiences()))
+ .setAudience(Collections.singletonList(this.serviceConfig.getIntegrationTestJwtAudiences()))
.build();
GoogleIdToken idToken = verifier.verify(headers.getAuthorization());
return idToken != null;
diff --git a/register-core/src/main/java/org/opengroup/osdu/register/subscriber/services/ChallengeResponseCheck.java b/register-core/src/main/java/org/opengroup/osdu/register/subscriber/services/ChallengeResponseCheck.java
index c29192b25..0f734231e 100644
--- a/register-core/src/main/java/org/opengroup/osdu/register/subscriber/services/ChallengeResponseCheck.java
+++ b/register-core/src/main/java/org/opengroup/osdu/register/subscriber/services/ChallengeResponseCheck.java
@@ -19,20 +19,19 @@ package org.opengroup.osdu.register.subscriber.services;
import com.google.common.hash.Hashing;
import com.google.gson.JsonElement;
import com.google.gson.JsonParser;
-import org.apache.http.impl.client.HttpClients;
+import org.opengroup.osdu.core.common.cryptographic.ISignatureService;
import org.opengroup.osdu.core.common.http.HttpRequest;
import org.opengroup.osdu.core.common.http.HttpResponse;
import org.opengroup.osdu.core.common.http.IHttpClient;
import org.opengroup.osdu.core.common.logging.JaxRsDpsLog;
import org.opengroup.osdu.core.common.model.http.DpsHeaders;
-import org.opengroup.osdu.core.common.cryptographic.ISignatureService;
-import org.opengroup.osdu.core.gcp.GoogleIdToken.IGoogleIdTokenFactory;
-import org.opengroup.osdu.register.utils.AppServiceConfig;
-import org.opengroup.osdu.register.utils.Constants;
import org.opengroup.osdu.register.subscriber.model.GsaSecret;
import org.opengroup.osdu.register.subscriber.model.HmacSecret;
import org.opengroup.osdu.register.subscriber.model.Secret;
import org.opengroup.osdu.register.subscriber.model.Subscription;
+import org.opengroup.osdu.register.utils.AppServiceConfig;
+import org.opengroup.osdu.register.utils.Constants;
+import org.opengroup.osdu.register.utils.IGoogleServiceAccount;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@@ -51,7 +50,7 @@ public class ChallengeResponseCheck {
@Autowired
private ISignatureService signatureService;
@Autowired
- private IGoogleIdTokenFactory googleIdTokenFactory;
+ private IGoogleServiceAccount googleServiceAccount;
@Autowired
private AppServiceConfig serviceConfig;
@Autowired
@@ -89,8 +88,8 @@ public class ChallengeResponseCheck {
JsonParser jsonParser = new JsonParser();
JsonElement root = jsonParser.parse(gsaSecret.getValue().getKey());
String keyString = root.getAsJsonObject().toString();
- String idToken = this.googleIdTokenFactory.getGoogleIdToken(keyString, gsaSecret.getValue().getAudience(), HttpClients.createDefault());
- secretString = this.googleIdTokenFactory.getPrivateKeyId(keyString);
+ String idToken = this.googleServiceAccount.getIdToken(keyString, gsaSecret.getValue().getAudience());
+ secretString = this.googleServiceAccount.getPrivateKeyId(keyString);
// send gsa challange with idtoken in header
response = sendGsaChallenge(input, crc, idToken);
diff --git a/register-core/src/main/java/org/opengroup/osdu/register/utils/AppServiceConfig.java b/register-core/src/main/java/org/opengroup/osdu/register/utils/AppServiceConfig.java
index c4f4f46f5..9c2bb3b6b 100644
--- a/register-core/src/main/java/org/opengroup/osdu/register/utils/AppServiceConfig.java
+++ b/register-core/src/main/java/org/opengroup/osdu/register/utils/AppServiceConfig.java
@@ -22,18 +22,14 @@ import org.springframework.stereotype.Component;
@Component
public class AppServiceConfig {
- @Value("${GOOGLE_CLOUD_PROJECT}")
- private String googleCloudProject;
- @Value("${GOOGLE_AUDIENCES}")
- private String googleAudiences;
+ @Value("${INTEGRATION_TEST_AUDIENCES}")
+ private String integrationTestJwtAudiences;
@Value("${CRON_JOB_EXPECTED_IP}")
private String cronJobExpectedIp;
@Value("${ACCEPT_HTTP:false}")
private boolean acceptHttp;
@Value("${ENVIRONMENT}")
private String environment;
- @Value("${SERVICE_IDENTITY}")
- private String serviceIdentity;
@Value("${PERSISTENCE:CLOUD_NATIVE}")
private String persistence;
@Value("${ENTITLEMENTS_API}")
@@ -45,12 +41,8 @@ public class AppServiceConfig {
@Value("${SUBSCRIBER_SECRET}")
private String subscriberSecret;
- public String getGoogleCloudProject() {
- return googleCloudProject;
- }
-
- public String getGoogleAudiences() {
- return googleAudiences;
+ public String getIntegrationTestJwtAudiences() {
+ return integrationTestJwtAudiences;
}
public boolean getAcceptHttp() {
@@ -86,10 +78,6 @@ public class AppServiceConfig {
"TEST".equalsIgnoreCase(environment) || "P4D".equalsIgnoreCase(environment);
}
- public String getServiceAccountIdentity() {
- return String.format("%s@%s.iam.gserviceaccount.com", serviceIdentity, googleCloudProject);
- }
-
public String getMongoDatabaseName() {
return String.format("ddms-db-%s", getDeploymentEnvironment()).toLowerCase();
}
diff --git a/register-core/src/main/java/org/opengroup/osdu/register/utils/IGoogleServiceAccount.java b/register-core/src/main/java/org/opengroup/osdu/register/utils/IGoogleServiceAccount.java
new file mode 100644
index 000000000..c8ccc89a9
--- /dev/null
+++ b/register-core/src/main/java/org/opengroup/osdu/register/utils/IGoogleServiceAccount.java
@@ -0,0 +1,24 @@
+/*
+ * Copyright 2017-2020, Schlumberger
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.opengroup.osdu.register.utils;
+
+public interface IGoogleServiceAccount {
+
+ String getIdToken(String keyString, String audience);
+
+ String getPrivateKeyId(String keyString);
+}
\ No newline at end of file
--
GitLab