Register issueshttps://community.opengroup.org/osdu/platform/system/register/-/issues2021-06-16T22:18:17Zhttps://community.opengroup.org/osdu/platform/system/register/-/issues/14[Register Service] TopicsRepository in register-core retrieves topics from a ...2021-06-16T22:18:17ZRucha Deshpande[Register Service] TopicsRepository in register-core retrieves topics from a json fileIn it's current state the `GET api/register/v1/topics` API retrieves topics from a json file which it reads from the classpath.
Code can be found here:
[TopicsRepository](https://community.opengroup.org/osdu/platform/system/register/-/...In it's current state the `GET api/register/v1/topics` API retrieves topics from a json file which it reads from the classpath.
Code can be found here:
[TopicsRepository](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register/subscriber/persistence/TopicsRepository.java)
TopicsRepository should be moved outside core code.
We need some clarity on who would be creating the topics and in that case would we need to add PUT and DELETE APIs for TopicsRepository?M1 - Release 0.1ethiraj krishnamanaiduJoeRucha DeshpandeMatt Wiseethiraj krishnamanaiduhttps://community.opengroup.org/osdu/platform/system/register/-/issues/2[System/Core] Registration2020-12-10T21:10:35ZStephen Whitley (Invited Expert)[System/Core] RegistrationM1 - Release 0.1ethiraj krishnamanaiduethiraj krishnamanaidu2020-10-30https://community.opengroup.org/osdu/platform/system/register/-/issues/19[Register Service ] Integration tests expecting a 307 fail2020-12-10T21:15:58ZRucha Deshpande[Register Service ] Integration tests expecting a 307 failThere are about 14 integration tests (should_return307_when_makingHttpRequest()) that fail.
The test validates that an "http://" request returns a "307" HTTP code and is redirected to "https://".
The tests fail because the reverse proxy...There are about 14 integration tests (should_return307_when_makingHttpRequest()) that fail.
The test validates that an "http://" request returns a "307" HTTP code and is redirected to "https://".
The tests fail because the reverse proxy blocks any "http://" requests.
Proposed change:
These tests should be removed from register-test-core.M1 - Release 0.1ethiraj krishnamanaiduJoeRucha DeshpandeMatt Wiseethiraj krishnamanaiduhttps://community.opengroup.org/osdu/platform/system/register/-/issues/3GCP-Dependencies in register-core2020-07-17T14:54:12Zharshit aggarwalGCP-Dependencies in register-coreCurrently I see the register-core has dependency on core-lib-gcp
Mainly in [ChallengeResponseCheck.java](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register...Currently I see the register-core has dependency on core-lib-gcp
Mainly in [ChallengeResponseCheck.java](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register/subscriber/services/ChallengeResponseCheck.java)
Also I can see injection of Google specific environment variables at core/register/utils
in [AppServiceConfig.Java](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register/utils/AppServiceConfig.java)
Any provider specific dependency should be separated from coreharshit aggarwalharshit aggarwalhttps://community.opengroup.org/osdu/platform/system/register/-/issues/9Register service - Missing Provider Interface2020-08-13T18:04:34Zethiraj krishnamanaiduRegister service - Missing Provider InterfaceDuring code walkthrough, I noticed that Register service is missing provider.interfaces in core. Please follow the OSDU Standards, a good example is storage service.
![image](/uploads/fa4dfe48b4c775b46974429c8461acbe/image.png)During code walkthrough, I noticed that Register service is missing provider.interfaces in core. Please follow the OSDU Standards, a good example is storage service.
![image](/uploads/fa4dfe48b4c775b46974429c8461acbe/image.png)M1 - Release 0.1Nitin-slbNeelesh ThakurNitin-slbhttps://community.opengroup.org/osdu/platform/system/register/-/issues/10Register service - MongoDB implementation2020-08-21T15:54:15Zethiraj krishnamanaiduRegister service - MongoDB implementationThe current implementation is confusing, even though MongoDB is cloud agonistic it shouldn't be in core. We have to make sure it's following the established pattern of SPI and implementation. More details :
https://community.opengroup.o...The current implementation is confusing, even though MongoDB is cloud agonistic it shouldn't be in core. We have to make sure it's following the established pattern of SPI and implementation. More details :
https://community.opengroup.org/osdu/platform/system/register/-/merge_requests/6#note_9923M1 - Release 0.1https://community.opengroup.org/osdu/platform/system/register/-/issues/15[Register Service] Timestamp class used from com.google.cloud package in core...2021-06-16T22:18:16ZRucha Deshpande[Register Service] Timestamp class used from com.google.cloud package in core code[Ddms.java](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register/ddms/model/Ddms.java)
and
[Subscription.java](https://community.opengroup.org/osdu/platform...[Ddms.java](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register/ddms/model/Ddms.java)
and
[Subscription.java](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register/subscriber/model/Subscription.java)
both import the `Timestamp` class from `com.google.cloud` package.
The standard [java.sql.Timestamp](https://docs.oracle.com/javase/8/docs/api/java/sql/Timestamp.html) should be used instead.M1 - Release 0.1ethiraj krishnamanaiduJoeRucha DeshpandeMatt Wiseethiraj krishnamanaidu2021-01-15https://community.opengroup.org/osdu/platform/system/register/-/issues/17Failing Integration tests2021-06-16T22:18:16ZBhushan RadeFailing Integration tests**Issue 1** :
Around 36 integration tests were failing whenever data-partition-id=nonexistenttenant/invalid tenant passed in an HTTP request. expected 401, getting 500.
following test cases were failing for all Resgister service API
...**Issue 1** :
Around 36 integration tests were failing whenever data-partition-id=nonexistenttenant/invalid tenant passed in an HTTP request. expected 401, getting 500.
following test cases were failing for all Resgister service API
1. [should_return401_when_noAccessOnCustomerTenantOps](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/testing/register-test-core/src/main/java/org/opengroup/osdu/register/util/BaseTestTemplate.java)
1. [should_return401_when_noAccessOnCustomerTenantAdm](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/testing/register-test-core/src/main/java/org/opengroup/osdu/register/util/BaseTestTemplate.java)
1. [should_return401_when_noAccessOnCustomerTenantEditor](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/testing/register-test-core/src/main/java/org/opengroup/osdu/register/util/BaseTestTemplate.java)
Analysis -
TenantInfoFactory class throws AppExcpetion 401 as the tenant does not exist. also, there is one more exception created i.e BeanCreationFactory with a cause - AppException 401. and GlobalExceptionMapper maps this exception to default Exception mapper which hides the original exception i.e AppExeption 401 and generates 500 error.
**Issue 2 :**
The below 3 test cases were failing from TestRetrieveActionApi expected 401 whenever the nonexistent tenant passed but getting 500 because AppException raised by [TenantInfoFactory](https://community.opengroup.org/osdu/platform/system/lib/core/os-core-common/-/blob/master/src/main/java/org/opengroup/osdu/core/common/multitenancy/TenantInfoFactory.java) handled in [Action Controller](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register/api/ActionApi.java)
Class : org.opengroup.osdu.register.action.TestRetrieveActionApi (3 test case) -
Test Case 1 - org.opengroup.osdu.register.action.TestRetrieveActionApi
1. should_return401_when_noAccessOnCustomerTenantEditor(org.opengroup.osdu.register.action.TestRetrieveActionApi)
1. should_return401_when_noAccessOnCustomerTenantAdm(org.opengroup.osdu.register.action.TestRetrieveActionApi)
1. should_return401_when_noAccessOnCustomerTenantOps(org.opengroup.osdu.register.action.TestRetrieveActionApi)
Analysis -
TenantFactoy from core-common throws AppException when a tenant does not exist then GlobalExceptionMapper generates an error response for it.
as per the below code snippet because of the catch block in the ActionAPI Controller class, AppException caught in catch-block and it generates 500 error response.
[ActionApi.java](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register/api/ActionApi.java)
```
public ResponseEntity<List<Action>> retrieveAction(@RequestBody JsonNode jsonObject) {
try {
List<Action> query = repo.getAllActions();
List<Action> output = this.retrieveActionService.getActions(query, jsonObject);
return new ResponseEntity<>(output, HttpStatus.OK);
} catch (Exception e) {
this.log.error("retrieve action failed", e);
//throw e;
return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
}
}
```
Proposed Changes -
- remove catch block in Action Controller as we have GlobalExceptionMapper class to handle Exception
- change error response code in Assert statement
- rethrow an exception caught in a catch block
**Issue 3 :**
Currently, there is no data-partition-id/tenant validation in the Core module. Tenant validation logic will not execute unless and until the invocation of the TenantInfo class.
Expected 401, getting 200.
Class - org.opengroup.osdu.register.subscriber.TestListTopicsApi
1. should_return401_when_noAccessOnCustomerTenantEditor(org.opengroup.osdu.register.subscriber.TestListTopicsApi)
1. should_return401_when_noAccessOnCustomerTenantAdm(org.opengroup.osdu.register.subscriber.TestListTopicsApi)
1. should_return401_when_noAccessOnCustomerTenantOps(org.opengroup.osdu.register.subscriber.TestListTopicsApi)
**Issue 4 :**
[Config class](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/testing/register-test-core/src/main/java/org/opengroup/osdu/register/util/Config.java)
as of now, a subscriptionID variable is initialized by hardcoded value. it should be initialized by the environment variable like done for LOCAL environment if-block
` config.subscriptionId = "cmVjb3Jkcy1jaGFuZ2VkaHR0cHM6Ly9vcy1yZWdpc3Rlci1kb3Qtb3BlbmRlcy5hcHBzcG90LmNvbS9hcGkvcmVnaXN0ZXIvdjEvdGVzdC9jaGFsbGVuZ2UvMQ==";`
Proposed Changes -
`config.subscriptionId = System.getProperty("TEST_SUBSCRIPTION_ID", System.getenv("TEST_SUBSCRIPTION_ID"));`M1 - Release 0.1ethiraj krishnamanaiduRucha Deshpandeethiraj krishnamanaiduhttps://community.opengroup.org/osdu/platform/system/register/-/issues/20[Resgiter Service] Need clarity on the purpose of an integration test2021-06-16T22:18:15ZRucha Deshpande[Resgiter Service] Need clarity on the purpose of an integration testCan we please get clarity on the purpose of this integration test:
```
@Test
public void should_return20X_when_usingCredentialsWithPermissionOps() throws Exception {
this.should_return20X_when_usingCredentialsWithPermission(...Can we please get clarity on the purpose of this integration test:
```
@Test
public void should_return20X_when_usingCredentialsWithPermissionOps() throws Exception {
this.should_return20X_when_usingCredentialsWithPermission(this.testUtils.getOpsAccessToken());
}
public void should_return20X_when_usingCredentialsWithPermission(String token) throws Exception {
this.createResource();
ClientResponse response = this.descriptor.run(this.getId(), token);
this.deleteResource();
Assert.assertEquals("[GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH]", response.getHeaders().getFirst("Access-Control-Allow-Methods"));
Assert.assertEquals("[origin, content-type, accept, authorization, data-partition-id, correlation-id, appkey]", response.getHeaders().getFirst("Access-Control-Allow-Headers"));
Assert.assertEquals("[*]", response.getHeaders().getFirst("Access-Control-Allow-Origin"));
Assert.assertEquals("[true]", response.getHeaders().getFirst("Access-Control-Allow-Credentials"));
Assert.assertEquals("DENY", response.getHeaders().getFirst("X-Frame-Options"));
Assert.assertEquals("1; mode=block", response.getHeaders().getFirst("X-XSS-Protection"));
Assert.assertEquals("nosniff", response.getHeaders().getFirst("X-Content-Type-Options"));
Assert.assertEquals("[no-cache, no-store, must-revalidate]", response.getHeaders().getFirst("Cache-Control"));
Assert.assertEquals("[default-src 'self']", response.getHeaders().getFirst("Content-Security-Policy"));
Assert.assertEquals("[max-age=31536000; includeSubDomains]", response.getHeaders().getFirst("Strict-Transport-Security"));
Assert.assertEquals("[0]", response.getHeaders().getFirst("Expires"));
Assert.assertEquals(this.error(response.getStatus() == 204 ? "" : (String)response.getEntity(String.class)), (long)this.expectedOkResponseCode(), (long)response.getStatus());
}
```M1 - Release 0.1ethiraj krishnamanaiduJoeRucha DeshpandeMatt Wiseethiraj krishnamanaiduhttps://community.opengroup.org/osdu/platform/system/register/-/issues/22[Register Service]SubscriberTestListenerApi is in core code2020-12-02T21:56:51ZRucha Deshpande[Register Service]SubscriberTestListenerApi is in core codeThe SubscriberTestListenerApi which is a test HTTPS consumer endpoint is in core code.
1. AWS has a 2-part handshake process to confirm a subscription, so we need to customize this endpoint. This needs to be provider specific implementa...The SubscriberTestListenerApi which is a test HTTPS consumer endpoint is in core code.
1. AWS has a 2-part handshake process to confirm a subscription, so we need to customize this endpoint. This needs to be provider specific implementation
2. Since SubscriberTestListenerApi is in core-code, the application needs GCP specific environment variables to be added:
INTEGRATION_TEST_AUDIENCES=xxx;
SUBSCRIBER_PRIVATE_KEY_ID=xxx
3. We should be able to add a custom endpoint and use in for integration testing by adding an environment variable in [Config.java](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/testing/register-test-core/src/main/java/org/opengroup/osdu/register/util/Config.java)M1 - Release 0.1ethiraj krishnamanaiduJoeRucha DeshpandeMatt Wiseethiraj krishnamanaiduhttps://community.opengroup.org/osdu/platform/system/register/-/issues/23[Register Service] Core integration tests have hardcoded topic2022-12-28T13:50:06ZKomal Makkar[Register Service] Core integration tests have hardcoded topicThe [hardcoded topic name](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/testing/register-test-core/src/main/java/org/opengroup/osdu/register/subscriber/CreateSubscriberDescriptor.java#L57) in IT class Crea...The [hardcoded topic name](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/testing/register-test-core/src/main/java/org/opengroup/osdu/register/subscriber/CreateSubscriberDescriptor.java#L57) in IT class CreateSubscriberDescriptor. This will be a problem for CSPs.Nitin-slbNeelesh ThakurNitin-slbhttps://community.opengroup.org/osdu/platform/system/register/-/issues/16[Register Service] GCP service dependencies in register-core/pom.xml2022-12-28T12:50:52ZRucha Deshpande[Register Service] GCP service dependencies in register-core/pom.xmlGCP service dependencies exist in the register-core/pom.xml
```
<dependency>
<groupId>com.google.cloud</groupId>
<artifactId>google-cloud-pubsub</artifactId>
<version>1.82.0</version>
</depend...GCP service dependencies exist in the register-core/pom.xml
```
<dependency>
<groupId>com.google.cloud</groupId>
<artifactId>google-cloud-pubsub</artifactId>
<version>1.82.0</version>
</dependency>
<dependency>
<groupId>com.google.cloud</groupId>
<artifactId>google-cloud-datastore</artifactId>
<version>1.82.0</version>
<exclusions>
<exclusion>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.google.apis</groupId>
<artifactId>google-api-services-cloudkms</artifactId>
<version>v1-rev86-1.24.1</version>
</dependency>
```M1 - Release 0.1ethiraj krishnamanaiduRucha DeshpandeMatt Wiseethiraj krishnamanaidu2021-01-15https://community.opengroup.org/osdu/platform/system/register/-/issues/18[Register Service] GCP Specific dependencies in register-test-core/pom.xml2022-12-28T12:51:01ZRucha Deshpande[Register Service] GCP Specific dependencies in register-test-core/pom.xmlGCP specific dependencies exist in the register-test-core/pom.xml:
```
<dependency>
<groupId>com.google.auth</groupId>
<artifactId>google-auth-library-oauth2-http</artifactId>
<version>0.15.0</versio...GCP specific dependencies exist in the register-test-core/pom.xml:
```
<dependency>
<groupId>com.google.auth</groupId>
<artifactId>google-auth-library-oauth2-http</artifactId>
<version>0.15.0</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>27.1-jre</version>
</dependency>
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>core-lib-gcp</artifactId>
<version>0.1.21</version>
</dependency>
```M1 - Release 0.1ethiraj krishnamanaiduJoeRucha DeshpandeMatt Wiseethiraj krishnamanaidu2021-01-15https://community.opengroup.org/osdu/platform/system/register/-/issues/27GET /subscription by notificationID should be restricted2021-08-27T21:34:31ZAliaksei DarafeyeuGET /subscription by notificationID should be restrictedRight now, to perform GET `/subscription?notificationId=X` operation user should has one of role (`users.datalake.ops`, `users.datalake.admins`, `users.datalake.editors`) but according security check access to this operation should be re...Right now, to perform GET `/subscription?notificationId=X` operation user should has one of role (`users.datalake.ops`, `users.datalake.admins`, `users.datalake.editors`) but according security check access to this operation should be restricted to only `users.datalake.ops`.ethiraj krishnamanaiduChris ZhangGary MurphyNitin-slbNeelesh ThakurRobert Chadwick [Schlumberger]ethiraj krishnamanaiduhttps://community.opengroup.org/osdu/platform/system/register/-/issues/28Upgrade Core Common Dependency2022-02-11T21:58:29ZDavid Diederichd.diederich@opengroup.orgUpgrade Core Common DependencyDavid Diederichd.diederich@opengroup.orgDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/register/-/issues/40GET ddms/{id}/{type}/{localid} localid should allow ":" characters in localid2023-02-21T22:34:56ZArturo Hernandez [EPAM]GET ddms/{id}/{type}/{localid} localid should allow ":" characters in localid* Missing docs and openapi spec for GET /ddms/{id}/{type}/{localid}
To recreate the issue:
1. Register new ddms with following path proposed:
```json
paths": {
"/ddms/v3/wellbores/{wellboreid}": {
...* Missing docs and openapi spec for GET /ddms/{id}/{type}/{localid}
To recreate the issue:
1. Register new ddms with following path proposed:
```json
paths": {
"/ddms/v3/wellbores/{wellboreid}": {
"get": {
"description": "Get Wellbore Id",
"operationId": "get_osdu_wellbore_versions",
"x-ddms-retrieve-entity": true,
```
Nevertheless, latest versions of wellbore as well as other ddms's are using full id: `dp:master-data--Wellbore:ABCD`, previous versions allowed to use only `ABCD` (wellbore v1), this is a limitation when we try to get the ddms id:
`GET {{osdu_endpoint}}/api/register/v1/ddms/wellboreid/wellbore/opendes:master-data--Wellbore:ABCD`
```json
{
"code": 400,
"reason": "Validation error.",
"message": "redirectToDms.localid: must match \"^[A-Za-z0-9-]{2,50}\""
}
```
Regex for localid should allow to use ":" onArturo Hernandez [EPAM]Arturo Hernandez [EPAM]https://community.opengroup.org/osdu/platform/system/register/-/issues/42Inconsistent regex patterns2023-07-05T09:13:50ZSiarhei Khaletski (EPAM)Inconsistent regex patternsInconsistent patterns are used for the `entityType` property.
**Model**:
https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register/ddms/model/RegisteredInterface...Inconsistent patterns are used for the `entityType` property.
**Model**:
https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register/ddms/model/RegisteredInterface.java#L54
**RedirectToDDMS endpoint**:
https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register/api/DdmsApi.java#L186M18 - Release 0.21Siarhei Khaletski (EPAM)Siarhei Khaletski (EPAM)https://community.opengroup.org/osdu/platform/system/register/-/issues/48Subscription Verification Request Incorrectly Encoded2023-10-30T21:06:16ZDerek HudsonSubscription Verification Request Incorrectly EncodedSubscription verification request (the request that the Register service sends to verify that a Push endpoint is valid) improperly encodes the `hmac` query string parameter, which allows raw `=` in the `hmac` query string parameter, whic...Subscription verification request (the request that the Register service sends to verify that a Push endpoint is valid) improperly encodes the `hmac` query string parameter, which allows raw `=` in the `hmac` query string parameter, which in tern can cause subscription creation to fail.
Testing a fix locally before publishing.M21 - Release 0.24Derek HudsonDerek Hudson