diff options
Diffstat (limited to 'app/src/main/java/org/onap/portalng/preferences')
12 files changed, 651 insertions, 0 deletions
diff --git a/app/src/main/java/org/onap/portalng/preferences/PreferencesApplication.java b/app/src/main/java/org/onap/portalng/preferences/PreferencesApplication.java new file mode 100644 index 0000000..67171cd --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/PreferencesApplication.java @@ -0,0 +1,37 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences; + +import org.onap.portalng.preferences.configuration.PreferencesConfig; +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.boot.context.properties.EnableConfigurationProperties; + +@EnableConfigurationProperties(PreferencesConfig.class) +@SpringBootApplication +public class PreferencesApplication { + + public static void main(String[] args) { + SpringApplication.run(PreferencesApplication.class, args); + } + +} diff --git a/app/src/main/java/org/onap/portalng/preferences/configuration/BeansConfig.java b/app/src/main/java/org/onap/portalng/preferences/configuration/BeansConfig.java new file mode 100644 index 0000000..f35d43c --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/configuration/BeansConfig.java @@ -0,0 +1,35 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.configuration; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + +import java.time.Clock; + +@Configuration +public class BeansConfig { + @Bean + Clock clock() { + return Clock.systemUTC(); + } +} diff --git a/app/src/main/java/org/onap/portalng/preferences/configuration/LogInterceptor.java b/app/src/main/java/org/onap/portalng/preferences/configuration/LogInterceptor.java new file mode 100644 index 0000000..7ceee06 --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/configuration/LogInterceptor.java @@ -0,0 +1,59 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.configuration; + +import org.onap.portalng.preferences.util.Logger; +import org.springframework.stereotype.Component; +import org.springframework.web.filter.reactive.ServerWebExchangeContextFilter; +import org.springframework.web.server.ServerWebExchange; +import org.springframework.web.server.WebFilter; +import org.springframework.web.server.WebFilterChain; +import reactor.core.publisher.Mono; + +import java.util.List; + +@Component +public class LogInterceptor implements WebFilter { + public static final String EXCHANGE_CONTEXT_ATTRIBUTE = + ServerWebExchangeContextFilter.class.getName() + ".EXCHANGE_CONTEXT"; + + public static final String X_REQUEST_ID = "X-Request-Id"; + + @Override + public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) { + List<String> xRequestIdList = exchange.getRequest().getHeaders().get(X_REQUEST_ID); + if (xRequestIdList != null && !xRequestIdList.isEmpty()) { + String xRequestId = xRequestIdList.get(0); + Logger.requestLog( + xRequestId, exchange.getRequest().getMethod(), exchange.getRequest().getURI()); + exchange.getResponse().getHeaders().add(X_REQUEST_ID, xRequestId); + exchange.getResponse().beforeCommit(() -> { + Logger.responseLog(xRequestId,exchange.getResponse().getStatusCode()); + return Mono.empty(); + }); + } + + return chain + .filter(exchange) + .contextWrite(cxt -> cxt.put(EXCHANGE_CONTEXT_ATTRIBUTE, exchange)); + } +} diff --git a/app/src/main/java/org/onap/portalng/preferences/configuration/PreferencesConfig.java b/app/src/main/java/org/onap/portalng/preferences/configuration/PreferencesConfig.java new file mode 100644 index 0000000..1394fd5 --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/configuration/PreferencesConfig.java @@ -0,0 +1,36 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.configuration; + +import org.springframework.boot.context.properties.ConfigurationProperties; + +import jakarta.validation.constraints.NotBlank; +import lombok.Data; + +@Data +@ConfigurationProperties("preferences") +public class PreferencesConfig { + + @NotBlank + private final String realm; + +} diff --git a/app/src/main/java/org/onap/portalng/preferences/configuration/SecurityConfig.java b/app/src/main/java/org/onap/portalng/preferences/configuration/SecurityConfig.java new file mode 100644 index 0000000..31866fe --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/configuration/SecurityConfig.java @@ -0,0 +1,53 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.configuration; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.http.HttpMethod; +import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity; +import org.springframework.security.config.web.server.ServerHttpSecurity; +import org.springframework.security.web.server.SecurityWebFilterChain; + +/** + * Configures the access control of the API endpoints. + */ +// https://hantsy.github.io/spring-reactive-sample/security/config.html +@EnableWebFluxSecurity +@Configuration +public class SecurityConfig { + + @Bean + public SecurityWebFilterChain springSecurityWebFilterChain(ServerHttpSecurity http) { + return http.httpBasic().disable() + .formLogin().disable() + .csrf().disable() + .cors() + .and() + .authorizeExchange() + .pathMatchers(HttpMethod.GET, "/actuator/**").permitAll() + .anyExchange().authenticated() + .and() + .oauth2ResourceServer(ServerHttpSecurity.OAuth2ResourceServerSpec::jwt) + .build(); + } +} diff --git a/app/src/main/java/org/onap/portalng/preferences/controller/PreferencesController.java b/app/src/main/java/org/onap/portalng/preferences/controller/PreferencesController.java new file mode 100644 index 0000000..02357e4 --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/controller/PreferencesController.java @@ -0,0 +1,84 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.controller; +import org.onap.portalng.preferences.exception.ProblemException; +import org.onap.portalng.preferences.openapi.api.PreferencesApi; +import org.onap.portalng.preferences.openapi.model.Preferences; +import org.onap.portalng.preferences.services.PreferencesService; +import org.onap.portalng.preferences.util.IdTokenExchange; +import org.onap.portalng.preferences.util.Logger; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.server.ServerWebExchange; + +import reactor.core.publisher.Mono; + +@RestController +public class PreferencesController implements PreferencesApi { + + + private final PreferencesService preferencesService; + + public PreferencesController(PreferencesService getPreferences){ + this.preferencesService = getPreferences; + } + + @Override + public Mono<ResponseEntity<Preferences>> getPreferences(String xRequestId, ServerWebExchange exchange) { + return IdTokenExchange + .extractUserId(exchange) + .flatMap(userid -> + preferencesService.getPreferences(userid) + .map(ResponseEntity::ok)) + .onErrorResume(ProblemException.class, ex -> { + Logger.errorLog(xRequestId,"user preferences", null, "preferences" ); + return Mono.error(ex); + }) + .onErrorReturn(new ResponseEntity<>(HttpStatus.BAD_REQUEST)); + + } + + @Override + public Mono<ResponseEntity<Preferences>> savePreferences(String xRequestId, Mono<Preferences> preferences, + ServerWebExchange exchange) { + return IdTokenExchange + .extractUserId(exchange) + .flatMap(userid -> + preferences + .flatMap( pref -> + preferencesService + .savePreferences(xRequestId, userid, pref))) + .map( ResponseEntity::ok) + .onErrorResume(ProblemException.class, ex -> { + Logger.errorLog(xRequestId,"user preferences", null, "preferences" ); + return Mono.error(ex); + }) + .onErrorReturn(new ResponseEntity<>(HttpStatus.BAD_REQUEST)); + } + + @Override + public Mono<ResponseEntity<Preferences>> updatePreferences(String xRequestId, Mono<Preferences> preferences, ServerWebExchange exchange) { + return savePreferences(xRequestId, preferences, exchange); + } + +} diff --git a/app/src/main/java/org/onap/portalng/preferences/entities/PreferencesDto.java b/app/src/main/java/org/onap/portalng/preferences/entities/PreferencesDto.java new file mode 100644 index 0000000..a86c229 --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/entities/PreferencesDto.java @@ -0,0 +1,39 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.entities; + +import lombok.Getter; +import lombok.Setter; +import org.springframework.data.annotation.Id; +import org.springframework.data.mongodb.core.mapping.Document; + +@Document +@Getter +@Setter +public class PreferencesDto { + @Id + private String userId; + + private Object properties; + +} + diff --git a/app/src/main/java/org/onap/portalng/preferences/exception/ProblemException.java b/app/src/main/java/org/onap/portalng/preferences/exception/ProblemException.java new file mode 100644 index 0000000..da7872f --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/exception/ProblemException.java @@ -0,0 +1,53 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.exception; + +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.EqualsAndHashCode; +import lombok.NoArgsConstructor; +import org.zalando.problem.AbstractThrowableProblem; +import org.zalando.problem.Problem; +import org.zalando.problem.Status; +import org.zalando.problem.StatusType; + +import java.net.URI; + +/** The default preferences exception */ +@Data +@Builder +@AllArgsConstructor +@NoArgsConstructor +@EqualsAndHashCode(callSuper = true) +public class ProblemException extends AbstractThrowableProblem { + @Builder.Default private final URI type = Problem.DEFAULT_TYPE; + + @Builder.Default private final String title = "Bad preferences error"; + + @Builder.Default private final StatusType status = Status.BAD_REQUEST; + + @Builder.Default private final String detail = "Please add more details here"; + + @Builder.Default private final URI instance = null; + +} diff --git a/app/src/main/java/org/onap/portalng/preferences/repository/PreferencesRepository.java b/app/src/main/java/org/onap/portalng/preferences/repository/PreferencesRepository.java new file mode 100644 index 0000000..264cdf5 --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/repository/PreferencesRepository.java @@ -0,0 +1,28 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.repository; + +import org.onap.portalng.preferences.entities.PreferencesDto; +import org.springframework.data.mongodb.repository.ReactiveMongoRepository; + +public interface PreferencesRepository extends ReactiveMongoRepository<PreferencesDto, String> { +} diff --git a/app/src/main/java/org/onap/portalng/preferences/services/PreferencesService.java b/app/src/main/java/org/onap/portalng/preferences/services/PreferencesService.java new file mode 100644 index 0000000..4e7dfb3 --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/services/PreferencesService.java @@ -0,0 +1,80 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.services; + +import org.onap.portalng.preferences.entities.PreferencesDto; +import org.onap.portalng.preferences.exception.ProblemException; +import org.onap.portalng.preferences.openapi.model.Preferences; +import org.onap.portalng.preferences.repository.PreferencesRepository; +import org.onap.portalng.preferences.util.Logger; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import reactor.core.publisher.Mono; + +@Service +public class PreferencesService { + + @Autowired + private PreferencesRepository repository; + + public Mono<Preferences> getPreferences(String userId){ + return repository + .findById(userId) + .switchIfEmpty(defaultPreferences()) + .map(this::toPreferences); + } + + public Mono<Preferences> savePreferences( String xRequestId, String userId, Preferences preferences){ + + var preferencesDto = new PreferencesDto(); + preferencesDto.setUserId(userId); + preferencesDto.setProperties(preferences.getProperties()); + + return repository + .save(preferencesDto) + .map(this::toPreferences) + .onErrorResume(ProblemException.class, ex -> { + Logger.errorLog(xRequestId,"user prefrences", userId, "preferences" ); + return Mono.error(ex); + }); + + } + + private Preferences toPreferences(PreferencesDto preferencesDto) { + var preferences = new Preferences(); + preferences.setProperties(preferencesDto.getProperties()); + return preferences; + } + + /** + * Get a Preferences object that is initialised with an empty string. + * This is a) for convenience to not handle 404 on the consuming side and + * b) for security reasons + * @return PreferencesDto + */ + private Mono<PreferencesDto> defaultPreferences() { + var preferencesDto = new PreferencesDto(); + preferencesDto.setProperties(""); + return Mono.just(preferencesDto); + } +} diff --git a/app/src/main/java/org/onap/portalng/preferences/util/IdTokenExchange.java b/app/src/main/java/org/onap/portalng/preferences/util/IdTokenExchange.java new file mode 100644 index 0000000..7349d53 --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/util/IdTokenExchange.java @@ -0,0 +1,88 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.util; + +import com.nimbusds.jwt.JWTClaimsSet; +import com.nimbusds.jwt.JWTParser; + +import java.text.ParseException; + +import org.springframework.web.server.ServerWebExchange; +import reactor.core.publisher.Mono; + +/** + * Represents a function that handles the <a href="https://jwt.io/introduction">JWT</a> identity token. + * Use this to check if the incoming requests are authorized to call the given endpoint + */ + +public final class IdTokenExchange { + + public static final String X_AUTH_IDENTITY_HEADER = "X-Auth-Identity"; + public static final String JWT_CLAIM_USERID = "sub"; + + private IdTokenExchange(){ + + } + + /** + * Extract the identity header from the given {@link ServerWebExchange}. + * @param exchange the ServerWebExchange that contains information about the incoming request + * @return the identity header in the form of <code>Bearer {@literal <Token>}<c/ode> + */ + private static Mono<String> extractIdentityHeader(ServerWebExchange exchange) { + return Mono.just(exchange.getRequest().getHeaders().getOrEmpty(X_AUTH_IDENTITY_HEADER)) + .map(headers -> headers.get(0)) + .onErrorResume(Exception.class, ex -> Mono.error(ex)); + } + + /** + * Extract the identity token from the given {@link ServerWebExchange}. + * @see <a href="https://openid.net/specs/openid-connect-core-1_0.html#IDToken">OpenId Connect ID Token</a> + * @param exchange the ServerWebExchange that contains information about the incoming request + * @return the identity token that contains user roles + */ + private static Mono<String> extractIdToken(ServerWebExchange exchange) { + return extractIdentityHeader(exchange) + .map(identityHeader -> identityHeader.replace("Bearer ", "")); + } + + /** + * Extract the <code>userId</code> from the given {@link ServerWebExchange} + * @param exchange the ServerWebExchange that contains information about the incoming request + * @return the id of the user + */ + public static Mono<String> extractUserId(ServerWebExchange exchange) { + return extractIdToken(exchange) + .flatMap(idToken -> extractUserClaim(idToken)); + } + + private static Mono<String> extractUserClaim(String idToken) { + JWTClaimsSet jwtClaimSet; + try { + jwtClaimSet = JWTParser.parse(idToken).getJWTClaimsSet(); + } catch (ParseException e) { + return Mono.error(e); + } + return Mono.just(String.class.cast(jwtClaimSet.getClaim(JWT_CLAIM_USERID))); + } +} + diff --git a/app/src/main/java/org/onap/portalng/preferences/util/Logger.java b/app/src/main/java/org/onap/portalng/preferences/util/Logger.java new file mode 100644 index 0000000..ed8eae3 --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/util/Logger.java @@ -0,0 +1,59 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.util; + +import java.net.URI; + +import org.springframework.http.HttpMethod; +import org.springframework.http.HttpStatusCode; + +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class Logger { + + private Logger(){} + + public static void requestLog(String xRequestId, HttpMethod methode, URI path) { + log.info("Preferences - request - X-Request-Id {} {} {}", xRequestId, methode, path); + } + + public static void responseLog(String xRequestId, HttpStatusCode httpStatusCode) { + log.info("Preferences - response - X-Request-Id {} {}", xRequestId, httpStatusCode); + } + + public static void errorLog(String xRequestId, String msg, String id, String app) { + log.info( + "Preferences - error - X-Request-Id {} {} {} not found in {}", xRequestId, msg, id, app); + } + + public static void errorLog( + String xRequestId, String msg, String id, String app, String errorDetails) { + log.info( + "Preferences - error - X-Request-Id {} {} {} not found in {} error message: {}", + xRequestId, + msg, + id, + app, + errorDetails); + } +} |