Register issueshttps://community.opengroup.org/osdu/platform/system/register/-/issues2023-07-05T09:13:50Zhttps://community.opengroup.org/osdu/platform/system/register/-/issues/42Inconsistent regex patterns2023-07-05T09:13:50ZSiarhei Khaletski (EPAM)Inconsistent regex patternsInconsistent patterns are used for the `entityType` property.
**Model**:
https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register/ddms/model/RegisteredInterface...Inconsistent patterns are used for the `entityType` property.
**Model**:
https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register/ddms/model/RegisteredInterface.java#L54
**RedirectToDDMS endpoint**:
https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register/api/DdmsApi.java#L186M18 - Release 0.21Siarhei Khaletski (EPAM)Siarhei Khaletski (EPAM)https://community.opengroup.org/osdu/platform/system/register/-/issues/41Swagger API parser issue with Register Service openapi2023-05-08T08:14:55ZJeyakumar DevarajuluSwagger API parser issue with Register Service openapiWe validated swagger api using https://apitools.dev/swagger-parser/online/ and getting the below error.
OSDU link - https://community.opengroup.org/osdu/platform/system/register/-/blob/master/docs/api/register_openapi.yaml
![image](/...We validated swagger api using https://apitools.dev/swagger-parser/online/ and getting the below error.
OSDU link - https://community.opengroup.org/osdu/platform/system/register/-/blob/master/docs/api/register_openapi.yaml
![image](/uploads/d80e021e559546882c9141a20e95ad2d/image.png)https://community.opengroup.org/osdu/platform/system/register/-/issues/40GET ddms/{id}/{type}/{localid} localid should allow ":" characters in localid2023-02-21T22:34:56ZArturo Hernandez [EPAM]GET ddms/{id}/{type}/{localid} localid should allow ":" characters in localid* Missing docs and openapi spec for GET /ddms/{id}/{type}/{localid}
To recreate the issue:
1. Register new ddms with following path proposed:
```json
paths": {
"/ddms/v3/wellbores/{wellboreid}": {
...* Missing docs and openapi spec for GET /ddms/{id}/{type}/{localid}
To recreate the issue:
1. Register new ddms with following path proposed:
```json
paths": {
"/ddms/v3/wellbores/{wellboreid}": {
"get": {
"description": "Get Wellbore Id",
"operationId": "get_osdu_wellbore_versions",
"x-ddms-retrieve-entity": true,
```
Nevertheless, latest versions of wellbore as well as other ddms's are using full id: `dp:master-data--Wellbore:ABCD`, previous versions allowed to use only `ABCD` (wellbore v1), this is a limitation when we try to get the ddms id:
`GET {{osdu_endpoint}}/api/register/v1/ddms/wellboreid/wellbore/opendes:master-data--Wellbore:ABCD`
```json
{
"code": 400,
"reason": "Validation error.",
"message": "redirectToDms.localid: must match \"^[A-Za-z0-9-]{2,50}\""
}
```
Regex for localid should allow to use ":" onArturo Hernandez [EPAM]Arturo Hernandez [EPAM]https://community.opengroup.org/osdu/platform/system/register/-/issues/38Get All Topics API returns incorrect response2022-08-18T16:31:04ZAn NgoGet All Topics API returns incorrect responseThe response for Get All Topics API does not reflect the notification topics.The response for Get All Topics API does not reflect the notification topics.https://community.opengroup.org/osdu/platform/system/register/-/issues/35Upgrade to Log4J 2.172021-12-21T03:15:09ZDavid Diederichd.diederich@opengroup.orgUpgrade to Log4J 2.17The Apache Foundation released another Log4j2 update, version 2.17, which address a denial of service vulnerability.
This issue tracks progress to upgrade this dependency for this project.The Apache Foundation released another Log4j2 update, version 2.17, which address a denial of service vulnerability.
This issue tracks progress to upgrade this dependency for this project.https://community.opengroup.org/osdu/platform/system/register/-/issues/34Log4J Expedient Updates and Patches2021-12-17T14:55:40ZDavid Diederichd.diederich@opengroup.orgLog4J Expedient Updates and PatchesThis issue associates MRs that were applied to this project quickly to get a patched version ready as soon as possible. The intent is to provide a reference point for later, more thoughtful, analysis.This issue associates MRs that were applied to this project quickly to get a patched version ready as soon as possible. The intent is to provide a reference point for later, more thoughtful, analysis.David Diederichd.diederich@opengroup.orgDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/register/-/issues/33Upgrade Core Test GCP Dependency2022-02-11T21:57:08ZDavid Diederichd.diederich@opengroup.orgUpgrade Core Test GCP Dependencyhttps://community.opengroup.org/osdu/platform/system/register/-/issues/32Upgrade Core AWS Dependency2022-02-11T21:59:30ZDavid Diederichd.diederich@opengroup.orgUpgrade Core AWS Dependencyhttps://community.opengroup.org/osdu/platform/system/register/-/issues/31Upgrade Core Azure Dependency2022-02-11T21:59:35ZDavid Diederichd.diederich@opengroup.orgUpgrade Core Azure Dependencyhttps://community.opengroup.org/osdu/platform/system/register/-/issues/30Upgrade Core IBM Dependency2022-02-11T21:59:41ZDavid Diederichd.diederich@opengroup.orgUpgrade Core IBM Dependencyhttps://community.opengroup.org/osdu/platform/system/register/-/issues/29Upgrade Core GCP Dependency2022-02-11T21:58:24ZDavid Diederichd.diederich@opengroup.orgUpgrade Core GCP Dependencyhttps://community.opengroup.org/osdu/platform/system/register/-/issues/28Upgrade Core Common Dependency2022-02-11T21:58:29ZDavid Diederichd.diederich@opengroup.orgUpgrade Core Common DependencyDavid Diederichd.diederich@opengroup.orgDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/register/-/issues/26Use friendly topic name during creation a subscription2021-03-15T19:57:30ZAliaksei DarafeyeuUse friendly topic name during creation a subscriptionWhen creating a subscription in the request body the name of the topic should be simple like:
```
{
"name":"Test ",
"description": "Creating subscription manually",
"pushEndpoint":"url",
"topic":**"recordstopic"**,
...When creating a subscription in the request body the name of the topic should be simple like:
```
{
"name":"Test ",
"description": "Creating subscription manually",
"pushEndpoint":"url",
"topic":**"recordstopic"**,
"secret": { "secretType":"HMAC", "value":"xx" }
}
```
instead of
```
{
"name":"Test ",
"description": "Creating subscription manually",
"pushEndpoint":"url",
"topic":**"${azure-resource-group}-grid-recordstopic"**,
"secret": { "secretType":"HMAC", "value":"xx" }
}
```ethiraj krishnamanaiduGary MurphyNitin-slbNeelesh ThakurSanjeev-SLBRobert Chadwick [Schlumberger]ethiraj krishnamanaiduhttps://community.opengroup.org/osdu/platform/system/register/-/issues/25Register's IBM implementation has Google cloud dependencies in it2021-01-06T09:45:44ZAlok JoshiRegister's IBM implementation has Google cloud dependencies in ithttps://community.opengroup.org/osdu/platform/system/register/-/blob/master/provider/register-ibm/src/main/java/org/opengroup/osdu/register/provider/ibm/subscriber/PushSubscription.java
If this is expected, please close the issue.https://community.opengroup.org/osdu/platform/system/register/-/blob/master/provider/register-ibm/src/main/java/org/opengroup/osdu/register/provider/ibm/subscriber/PushSubscription.java
If this is expected, please close the issue.Anuj GuptaAnuj Guptahttps://community.opengroup.org/osdu/platform/system/register/-/issues/24Need for protecting Test endpoints.2021-06-16T22:18:13ZKomal MakkarNeed for protecting Test endpoints.The [test endpoints](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register/api/SubscriberTestListenerApi.java#L72) are no guarded by Istio and have their own i...The [test endpoints](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/register-core/src/main/java/org/opengroup/osdu/register/api/SubscriberTestListenerApi.java#L72) are no guarded by Istio and have their own implementation of JWT validation (Authz and AuthN). The logic for the same is not tested and is prone to accidental change. If there is a change that weakens the validation mechanism, it will make the service vulnerable to attacks.
ITs/UTs should be written to protect the endpoint.https://community.opengroup.org/osdu/platform/system/register/-/issues/23[Register Service] Core integration tests have hardcoded topic2022-12-28T13:50:06ZKomal Makkar[Register Service] Core integration tests have hardcoded topicThe [hardcoded topic name](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/testing/register-test-core/src/main/java/org/opengroup/osdu/register/subscriber/CreateSubscriberDescriptor.java#L57) in IT class Crea...The [hardcoded topic name](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/testing/register-test-core/src/main/java/org/opengroup/osdu/register/subscriber/CreateSubscriberDescriptor.java#L57) in IT class CreateSubscriberDescriptor. This will be a problem for CSPs.Nitin-slbNeelesh ThakurNitin-slbhttps://community.opengroup.org/osdu/platform/system/register/-/issues/22[Register Service]SubscriberTestListenerApi is in core code2020-12-02T21:56:51ZRucha Deshpande[Register Service]SubscriberTestListenerApi is in core codeThe SubscriberTestListenerApi which is a test HTTPS consumer endpoint is in core code.
1. AWS has a 2-part handshake process to confirm a subscription, so we need to customize this endpoint. This needs to be provider specific implementa...The SubscriberTestListenerApi which is a test HTTPS consumer endpoint is in core code.
1. AWS has a 2-part handshake process to confirm a subscription, so we need to customize this endpoint. This needs to be provider specific implementation
2. Since SubscriberTestListenerApi is in core-code, the application needs GCP specific environment variables to be added:
INTEGRATION_TEST_AUDIENCES=xxx;
SUBSCRIBER_PRIVATE_KEY_ID=xxx
3. We should be able to add a custom endpoint and use in for integration testing by adding an environment variable in [Config.java](https://community.opengroup.org/osdu/platform/system/register/-/blob/master/testing/register-test-core/src/main/java/org/opengroup/osdu/register/util/Config.java)M1 - Release 0.1ethiraj krishnamanaiduJoeRucha DeshpandeMatt Wiseethiraj krishnamanaiduhttps://community.opengroup.org/osdu/platform/system/register/-/issues/21[GCP] Register service - ServletWebServerFactory bean is missing2020-10-14T08:10:18ZRiabokon Stanislav(EPAM)[GCP][GCP] Register service - ServletWebServerFactory bean is missingIt was not possible to run Register service in docker.
Error output:
```
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ...It was not possible to run Register service in docker.
Error output:
```
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v2.1.7.RELEASE)2020-10-12 08:46:56.579 INFO 6 --- [ main] o.o.o.r.p.gcp.RegisterApplication : Starting RegisterApplication on e68f739920d8 with PID 6 (/register/register-gcp.jar started by root in /register)
2020-10-12 08:46:56.587 INFO 6 --- [ main] o.o.o.r.p.gcp.RegisterApplication : No active profile set, falling back to default profiles: default
2020-10-12 08:46:58.555 INFO 6 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.security.config.annotation.configuration.ObjectPostProcessorConfiguration' of type [org.springframework.security.config.annotation.configuration.ObjectPostProcessorConfiguration$$EnhancerBySpringCGLIB$$499d6436] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2020-10-12 08:46:58.573 INFO 6 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'objectPostProcessor' of type [org.springframework.security.config.annotation.configuration.AutowireBeanFactoryObjectPostProcessor] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2020-10-12 08:46:58.580 INFO 6 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler@aecb35a' of type [org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2020-10-12 08:46:58.587 INFO 6 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration' of type [org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration$$EnhancerBySpringCGLIB$$6e7206e8] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2020-10-12 08:46:58.598 INFO 6 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'methodSecurityMetadataSource' of type [org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2020-10-12 08:46:58.651 WARN 6 --- [ main] ConfigServletWebServerApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.context.ApplicationContextException: Unable to start web server; nested exception is org.springframework.context.ApplicationContextException: Unable to start ServletWebServerApplicationContext due to missing ServletWebServerFactory bean.
2020-10-12 08:46:58.665 INFO 6 --- [ main] ConditionEvaluationReportLoggingListener :Error starting ApplicationContext. To display the conditions report re-run your application with 'debug' enabled.
2020-10-12 08:46:58.700 ERROR 6 --- [ main] o.s.boot.SpringApplication : Application run failedorg.springframework.context.ApplicationContextException: Unable to start web server; nested exception is org.springframework.context.ApplicationContextException: Unable to start ServletWebServerApplicationContext due to missing ServletWebServerFactory bean.
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.onRefresh(ServletWebServerApplicationContext.java:156) ~[spring-boot-2.1.7.RELEASE.jar!/:2.1.7.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:543) ~[spring-context-5.1.9.RELEASE.jar!/:5.1.9.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:141) ~[spring-boot-2.1.7.RELEASE.jar!/:2.1.7.RELEASE]
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:743) [spring-boot-2.1.7.RELEASE.jar!/:2.1.7.RELEASE]
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:390) [spring-boot-2.1.7.RELEASE.jar!/:2.1.7.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:312) [spring-boot-2.1.7.RELEASE.jar!/:2.1.7.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1214) [spring-boot-2.1.7.RELEASE.jar!/:2.1.7.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1203) [spring-boot-2.1.7.RELEASE.jar!/:2.1.7.RELEASE]
at org.opengroup.osdu.register.provider.gcp.RegisterApplication.main(RegisterApplication.java:16) [classes!/:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_265]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_265]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_265]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_265]
at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:48) [register-gcp.jar:na]
at org.springframework.boot.loader.Launcher.launch(Launcher.java:87) [register-gcp.jar:na]
at org.springframework.boot.loader.Launcher.launch(Launcher.java:51) [register-gcp.jar:na]
at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:52) [register-gcp.jar:na]
Caused by: org.springframework.context.ApplicationContextException: Unable to start ServletWebServerApplicationContext due to missing ServletWebServerFactory bean.
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.getWebServerFactory(ServletWebServerApplicationContext.java:203) ~[spring-boot-2.1.7.RELEASE.jar!/:2.1.7.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.createWebServer(ServletWebServerApplicationContext.java:179) ~[spring-boot-2.1.7.RELEASE.jar!/:2.1.7.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.onRefresh(ServletWebServerApplicationContext.java:153) ~[spring-boot-2.1.7.RELEASE.jar!/:2.1.7.RELEASE]
... 16 common frames omitted
```ethiraj krishnamanaiduDmitriy RudkoRostislav Dublin (EPAM)ethiraj krishnamanaiduhttps://community.opengroup.org/osdu/platform/system/register/-/issues/20[Resgiter Service] Need clarity on the purpose of an integration test2021-06-16T22:18:15ZRucha Deshpande[Resgiter Service] Need clarity on the purpose of an integration testCan we please get clarity on the purpose of this integration test:
```
@Test
public void should_return20X_when_usingCredentialsWithPermissionOps() throws Exception {
this.should_return20X_when_usingCredentialsWithPermission(...Can we please get clarity on the purpose of this integration test:
```
@Test
public void should_return20X_when_usingCredentialsWithPermissionOps() throws Exception {
this.should_return20X_when_usingCredentialsWithPermission(this.testUtils.getOpsAccessToken());
}
public void should_return20X_when_usingCredentialsWithPermission(String token) throws Exception {
this.createResource();
ClientResponse response = this.descriptor.run(this.getId(), token);
this.deleteResource();
Assert.assertEquals("[GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH]", response.getHeaders().getFirst("Access-Control-Allow-Methods"));
Assert.assertEquals("[origin, content-type, accept, authorization, data-partition-id, correlation-id, appkey]", response.getHeaders().getFirst("Access-Control-Allow-Headers"));
Assert.assertEquals("[*]", response.getHeaders().getFirst("Access-Control-Allow-Origin"));
Assert.assertEquals("[true]", response.getHeaders().getFirst("Access-Control-Allow-Credentials"));
Assert.assertEquals("DENY", response.getHeaders().getFirst("X-Frame-Options"));
Assert.assertEquals("1; mode=block", response.getHeaders().getFirst("X-XSS-Protection"));
Assert.assertEquals("nosniff", response.getHeaders().getFirst("X-Content-Type-Options"));
Assert.assertEquals("[no-cache, no-store, must-revalidate]", response.getHeaders().getFirst("Cache-Control"));
Assert.assertEquals("[default-src 'self']", response.getHeaders().getFirst("Content-Security-Policy"));
Assert.assertEquals("[max-age=31536000; includeSubDomains]", response.getHeaders().getFirst("Strict-Transport-Security"));
Assert.assertEquals("[0]", response.getHeaders().getFirst("Expires"));
Assert.assertEquals(this.error(response.getStatus() == 204 ? "" : (String)response.getEntity(String.class)), (long)this.expectedOkResponseCode(), (long)response.getStatus());
}
```M1 - Release 0.1ethiraj krishnamanaiduJoeRucha DeshpandeMatt Wiseethiraj krishnamanaiduhttps://community.opengroup.org/osdu/platform/system/register/-/issues/19[Register Service ] Integration tests expecting a 307 fail2020-12-10T21:15:58ZRucha Deshpande[Register Service ] Integration tests expecting a 307 failThere are about 14 integration tests (should_return307_when_makingHttpRequest()) that fail.
The test validates that an "http://" request returns a "307" HTTP code and is redirected to "https://".
The tests fail because the reverse proxy...There are about 14 integration tests (should_return307_when_makingHttpRequest()) that fail.
The test validates that an "http://" request returns a "307" HTTP code and is redirected to "https://".
The tests fail because the reverse proxy blocks any "http://" requests.
Proposed change:
These tests should be removed from register-test-core.M1 - Release 0.1ethiraj krishnamanaiduJoeRucha DeshpandeMatt Wiseethiraj krishnamanaidu