aboutsummaryrefslogtreecommitdiffstats
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/LICENSE201
-rw-r--r--app/LICENSE_HEADER20
-rw-r--r--app/build.gradle109
-rw-r--r--app/src/main/java/org/onap/portal/prefs/PortalPrefsApplication.java37
-rw-r--r--app/src/main/java/org/onap/portal/prefs/configuration/BeansConfig.java35
-rw-r--r--app/src/main/java/org/onap/portal/prefs/configuration/LogInterceptor.java59
-rw-r--r--app/src/main/java/org/onap/portal/prefs/configuration/PortalPrefsConfig.java39
-rw-r--r--app/src/main/java/org/onap/portal/prefs/configuration/SecurityConfig.java53
-rw-r--r--app/src/main/java/org/onap/portal/prefs/controller/PreferencesController.java88
-rw-r--r--app/src/main/java/org/onap/portal/prefs/entities/PreferencesDto.java39
-rw-r--r--app/src/main/java/org/onap/portal/prefs/exception/ProblemException.java53
-rw-r--r--app/src/main/java/org/onap/portal/prefs/repository/PreferencesRepository.java28
-rw-r--r--app/src/main/java/org/onap/portal/prefs/services/PreferencesService.java80
-rw-r--r--app/src/main/java/org/onap/portal/prefs/util/IdTokenExchange.java91
-rw-r--r--app/src/main/java/org/onap/portal/prefs/util/Logger.java58
-rw-r--r--app/src/main/resources/application-local.yml39
-rw-r--r--app/src/main/resources/application.yml39
-rw-r--r--app/src/main/resources/logback-spring.xml13
-rw-r--r--app/src/test/java/org/onap/portal/prefs/BaseIntegrationTest.java163
-rw-r--r--app/src/test/java/org/onap/portal/prefs/TokenGenerator.java130
-rw-r--r--app/src/test/java/org/onap/portal/prefs/actuator/ActuatorIntegrationTest.java48
-rw-r--r--app/src/test/java/org/onap/portal/prefs/preferences/PreferencesControllerIntegrationTest.java198
-rw-r--r--app/src/test/resources/application.yml35
-rw-r--r--app/src/test/resources/logback-spring.xml13
24 files changed, 1668 insertions, 0 deletions
diff --git a/app/LICENSE b/app/LICENSE
new file mode 100644
index 0000000..abe3069
--- /dev/null
+++ b/app/LICENSE
@@ -0,0 +1,201 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright 2021 TNAP / development / system-team
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/app/LICENSE_HEADER b/app/LICENSE_HEADER
new file mode 100644
index 0000000..66e028a
--- /dev/null
+++ b/app/LICENSE_HEADER
@@ -0,0 +1,20 @@
+/*
+ *
+ * Copyright (c) ${year}. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
diff --git a/app/build.gradle b/app/build.gradle
new file mode 100644
index 0000000..1551d9e
--- /dev/null
+++ b/app/build.gradle
@@ -0,0 +1,109 @@
+plugins {
+ id 'java'
+ id 'idea'
+ id 'application'
+ id 'io.spring.dependency-management'
+ id 'org.springframework.boot'
+ id 'jacoco'
+ id 'org.sonarqube'
+ id 'com.gorylenko.gradle-git-properties'
+}
+
+group = 'org.onap'
+version = '0.1.1'
+sourceCompatibility = '17'
+targetCompatibility = '17'
+
+application {
+ mainClass = 'org.onap.portal.prefs.PortalPrefsApplication'
+}
+
+configurations {
+ compileOnly {
+ extendsFrom annotationProcessor
+ }
+
+ // avoid "LoggerFactory is not a Logback LoggerContext but Logback is on the classpath" error
+ all*.exclude module : 'logback-classic'
+}
+
+repositories {
+ mavenCentral()
+ maven {
+ url "https://plugins.gradle.org/m2/"
+ }
+}
+
+ext {
+ vavrVersion = '0.10.4'
+ problemVersion = '0.27.1'
+ logstashLogbackVersion = '7.2'
+ embedMongoVersion = '3.2.8'
+ embedMongoIntegrationVersion = '1.1.0-spring27x'
+ springCloudWiremockVersion = '3.1.0'
+}
+
+dependencies {
+ implementation project(':openapi')
+ implementation 'org.springframework.boot:spring-boot-starter-actuator'
+ implementation 'org.springframework.boot:spring-boot-starter-data-mongodb-reactive'
+ implementation 'org.springframework.boot:spring-boot-starter-oauth2-resource-server'
+ implementation 'org.springframework.boot:spring-boot-starter-security'
+ implementation 'org.springframework.boot:spring-boot-starter-webflux'
+ implementation 'org.springframework.boot:spring-boot-starter-validation'
+ implementation "io.vavr:vavr:$vavrVersion"
+ implementation "org.zalando:problem:$problemVersion"
+ implementation "net.logstash.logback:logstash-logback-encoder:$logstashLogbackVersion"
+
+ compileOnly 'org.projectlombok:lombok'
+
+ developmentOnly 'org.springframework.boot:spring-boot-devtools'
+
+ annotationProcessor 'org.springframework.boot:spring-boot-configuration-processor'
+ annotationProcessor 'org.projectlombok:lombok'
+
+ testImplementation 'org.springframework.boot:spring-boot-starter-test'
+ testImplementation 'io.projectreactor:reactor-test'
+ testImplementation 'io.rest-assured:rest-assured'
+ testImplementation "org.springframework.cloud:spring-cloud-contract-wiremock:$springCloudWiremockVersion"
+ testImplementation "de.flapdoodle.embed:de.flapdoodle.embed.mongo:$embedMongoVersion"
+ testImplementation "de.flapdoodle.embed:de.flapdoodle.embed.mongo.spring:$embedMongoIntegrationVersion"
+ testCompileOnly 'org.projectlombok:lombok'
+ testAnnotationProcessor 'org.projectlombok:lombok'
+}
+
+test {
+ useJUnitPlatform()
+ finalizedBy(jacocoTestReport)
+}
+
+jacocoTestReport {
+ reports {
+ xml.enabled true
+ }
+}
+
+sonarqube {
+ properties {
+ property "sonar.projectKey", "tnap.SONAR.portal.portal-prefs"
+ property "sonar.projectName", "portal-prefs"
+ }
+}
+
+configurations.implementation.setCanBeResolved(true)
+
+// avoid generating X.X.X-plain.jar
+jar {
+ enabled = false
+}
+
+springBoot {
+ buildInfo {
+ properties {
+ artifact = "onap-portal-prefs"
+ version = rootProject.file('version').text.trim()
+ group = "org.onap"
+ name = "Portal user preferences service"
+ }
+ }
+}
diff --git a/app/src/main/java/org/onap/portal/prefs/PortalPrefsApplication.java b/app/src/main/java/org/onap/portal/prefs/PortalPrefsApplication.java
new file mode 100644
index 0000000..092c533
--- /dev/null
+++ b/app/src/main/java/org/onap/portal/prefs/PortalPrefsApplication.java
@@ -0,0 +1,37 @@
+/*
+ *
+ * Copyright (c) 2022. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
+
+package org.onap.portal.prefs;
+
+import org.onap.portal.prefs.configuration.PortalPrefsConfig;
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+
+@EnableConfigurationProperties(PortalPrefsConfig.class)
+@SpringBootApplication
+public class PortalPrefsApplication {
+
+ public static void main(String[] args) {
+ SpringApplication.run(PortalPrefsApplication.class, args);
+ }
+
+}
diff --git a/app/src/main/java/org/onap/portal/prefs/configuration/BeansConfig.java b/app/src/main/java/org/onap/portal/prefs/configuration/BeansConfig.java
new file mode 100644
index 0000000..77ef7f0
--- /dev/null
+++ b/app/src/main/java/org/onap/portal/prefs/configuration/BeansConfig.java
@@ -0,0 +1,35 @@
+/*
+ *
+ * Copyright (c) 2022. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
+
+package org.onap.portal.prefs.configuration;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import java.time.Clock;
+
+@Configuration
+public class BeansConfig {
+ @Bean
+ Clock clock() {
+ return Clock.systemUTC();
+ }
+}
diff --git a/app/src/main/java/org/onap/portal/prefs/configuration/LogInterceptor.java b/app/src/main/java/org/onap/portal/prefs/configuration/LogInterceptor.java
new file mode 100644
index 0000000..b653fe3
--- /dev/null
+++ b/app/src/main/java/org/onap/portal/prefs/configuration/LogInterceptor.java
@@ -0,0 +1,59 @@
+/*
+ *
+ * Copyright (c) 2022. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
+
+package org.onap.portal.prefs.configuration;
+
+import org.onap.portal.prefs.util.Logger;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.reactive.ServerWebExchangeContextFilter;
+import org.springframework.web.server.ServerWebExchange;
+import org.springframework.web.server.WebFilter;
+import org.springframework.web.server.WebFilterChain;
+import reactor.core.publisher.Mono;
+
+import java.util.List;
+
+@Component
+public class LogInterceptor implements WebFilter {
+ public static final String EXCHANGE_CONTEXT_ATTRIBUTE =
+ ServerWebExchangeContextFilter.class.getName() + ".EXCHANGE_CONTEXT";
+
+ public static final String X_REQUEST_ID = "X-Request-Id";
+
+ @Override
+ public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
+ List<String> xRequestIdList = exchange.getRequest().getHeaders().get(X_REQUEST_ID);
+ if (xRequestIdList != null && !xRequestIdList.isEmpty()) {
+ String xRequestId = xRequestIdList.get(0);
+ Logger.requestLog(
+ xRequestId, exchange.getRequest().getMethod(), exchange.getRequest().getURI());
+ exchange.getResponse().getHeaders().add(X_REQUEST_ID, xRequestId);
+ exchange.getResponse().beforeCommit(() -> {
+ Logger.responseLog(xRequestId,exchange.getResponse().getStatusCode());
+ return Mono.empty();
+ });
+ }
+
+ return chain
+ .filter(exchange)
+ .contextWrite(cxt -> cxt.put(EXCHANGE_CONTEXT_ATTRIBUTE, exchange));
+ }
+}
diff --git a/app/src/main/java/org/onap/portal/prefs/configuration/PortalPrefsConfig.java b/app/src/main/java/org/onap/portal/prefs/configuration/PortalPrefsConfig.java
new file mode 100644
index 0000000..3c03673
--- /dev/null
+++ b/app/src/main/java/org/onap/portal/prefs/configuration/PortalPrefsConfig.java
@@ -0,0 +1,39 @@
+/*
+ *
+ * Copyright (c) 2022. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
+
+package org.onap.portal.prefs.configuration;
+
+import javax.validation.constraints.NotBlank;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.boot.context.properties.ConstructorBinding;
+
+import lombok.Data;
+
+@Data
+@ConstructorBinding
+@ConfigurationProperties("portal-prefs")
+public class PortalPrefsConfig {
+
+ @NotBlank
+ private final String realm;
+
+}
diff --git a/app/src/main/java/org/onap/portal/prefs/configuration/SecurityConfig.java b/app/src/main/java/org/onap/portal/prefs/configuration/SecurityConfig.java
new file mode 100644
index 0000000..531e90b
--- /dev/null
+++ b/app/src/main/java/org/onap/portal/prefs/configuration/SecurityConfig.java
@@ -0,0 +1,53 @@
+/*
+ *
+ * Copyright (c) 2022. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
+
+package org.onap.portal.prefs.configuration;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
+import org.springframework.security.config.web.server.ServerHttpSecurity;
+import org.springframework.security.web.server.SecurityWebFilterChain;
+
+/**
+ * Configures the access control of the API endpoints.
+ */
+// https://hantsy.github.io/spring-reactive-sample/security/config.html
+@EnableWebFluxSecurity
+@Configuration
+public class SecurityConfig {
+
+ @Bean
+ public SecurityWebFilterChain springSecurityWebFilterChain(ServerHttpSecurity http) {
+ return http.httpBasic().disable()
+ .formLogin().disable()
+ .csrf().disable()
+ .cors()
+ .and()
+ .authorizeExchange()
+ .pathMatchers(HttpMethod.GET, "/actuator/**").permitAll()
+ .anyExchange().authenticated()
+ .and()
+ .oauth2ResourceServer(ServerHttpSecurity.OAuth2ResourceServerSpec::jwt)
+ .build();
+ }
+}
diff --git a/app/src/main/java/org/onap/portal/prefs/controller/PreferencesController.java b/app/src/main/java/org/onap/portal/prefs/controller/PreferencesController.java
new file mode 100644
index 0000000..584b3b4
--- /dev/null
+++ b/app/src/main/java/org/onap/portal/prefs/controller/PreferencesController.java
@@ -0,0 +1,88 @@
+/*
+ *
+ * Copyright (c) 2022. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
+
+package org.onap.portal.prefs.controller;
+
+
+import javax.validation.Valid;
+
+import org.onap.portal.prefs.exception.ProblemException;
+import org.onap.portal.prefs.openapi.api.PreferencesApi;
+import org.onap.portal.prefs.openapi.model.Preferences;
+import org.onap.portal.prefs.services.PreferencesService;
+import org.onap.portal.prefs.util.IdTokenExchange;
+import org.onap.portal.prefs.util.Logger;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.server.ServerWebExchange;
+
+import reactor.core.publisher.Mono;
+
+@RestController
+public class PreferencesController implements PreferencesApi {
+
+
+ private final PreferencesService preferencesService;
+
+ public PreferencesController(PreferencesService getPreferences){
+ this.preferencesService = getPreferences;
+ }
+
+ @Override
+ public Mono<ResponseEntity<Preferences>> getPreferences(String xRequestId, ServerWebExchange exchange) {
+ return IdTokenExchange
+ .extractUserId(exchange)
+ .flatMap(userid ->
+ preferencesService.getPreferences(userid)
+ .map(ResponseEntity::ok))
+ .onErrorResume(ProblemException.class, ex -> {
+ Logger.errorLog(xRequestId,"user preferences", null, "portal-prefs" );
+ return Mono.error(ex);
+ })
+ .onErrorReturn(new ResponseEntity<>(HttpStatus.BAD_REQUEST));
+
+ }
+
+ @Override
+ public Mono<ResponseEntity<Preferences>> savePreferences(String xRequestId, @Valid Mono<Preferences> preferences,
+ ServerWebExchange exchange) {
+ return IdTokenExchange
+ .extractUserId(exchange)
+ .flatMap(userid ->
+ preferences
+ .flatMap( pref ->
+ preferencesService
+ .savePreferences(xRequestId, userid, pref)))
+ .map( ResponseEntity::ok)
+ .onErrorResume(ProblemException.class, ex -> {
+ Logger.errorLog(xRequestId,"user preferences", null, "portal-prefs" );
+ return Mono.error(ex);
+ })
+ .onErrorReturn(new ResponseEntity<>(HttpStatus.BAD_REQUEST));
+ }
+
+ @Override
+ public Mono<ResponseEntity<Preferences>> updatePreferences(String xRequestId, @Valid Mono<Preferences> preferences, ServerWebExchange exchange) {
+ return savePreferences(xRequestId, preferences, exchange);
+ }
+
+}
diff --git a/app/src/main/java/org/onap/portal/prefs/entities/PreferencesDto.java b/app/src/main/java/org/onap/portal/prefs/entities/PreferencesDto.java
new file mode 100644
index 0000000..45616a9
--- /dev/null
+++ b/app/src/main/java/org/onap/portal/prefs/entities/PreferencesDto.java
@@ -0,0 +1,39 @@
+/*
+ *
+ * Copyright (c) 2022. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
+
+package org.onap.portal.prefs.entities;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.data.annotation.Id;
+import org.springframework.data.mongodb.core.mapping.Document;
+
+@Document
+@Getter
+@Setter
+public class PreferencesDto {
+ @Id
+ private String userId;
+
+ private Object properties;
+
+}
+
diff --git a/app/src/main/java/org/onap/portal/prefs/exception/ProblemException.java b/app/src/main/java/org/onap/portal/prefs/exception/ProblemException.java
new file mode 100644
index 0000000..b9d2a3d
--- /dev/null
+++ b/app/src/main/java/org/onap/portal/prefs/exception/ProblemException.java
@@ -0,0 +1,53 @@
+/*
+ *
+ * Copyright (c) 2022. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
+
+package org.onap.portal.prefs.exception;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import lombok.NoArgsConstructor;
+import org.zalando.problem.AbstractThrowableProblem;
+import org.zalando.problem.Problem;
+import org.zalando.problem.Status;
+import org.zalando.problem.StatusType;
+
+import java.net.URI;
+
+/** The default portal-prefs exception */
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+@EqualsAndHashCode(callSuper = true)
+public class ProblemException extends AbstractThrowableProblem {
+ @Builder.Default private final URI type = Problem.DEFAULT_TYPE;
+
+ @Builder.Default private final String title = "Bad preferences error";
+
+ @Builder.Default private final StatusType status = Status.BAD_REQUEST;
+
+ @Builder.Default private final String detail = "Please add more details here";
+
+ @Builder.Default private final URI instance = null;
+
+}
diff --git a/app/src/main/java/org/onap/portal/prefs/repository/PreferencesRepository.java b/app/src/main/java/org/onap/portal/prefs/repository/PreferencesRepository.java
new file mode 100644
index 0000000..461ee1d
--- /dev/null
+++ b/app/src/main/java/org/onap/portal/prefs/repository/PreferencesRepository.java
@@ -0,0 +1,28 @@
+/*
+ *
+ * Copyright (c) 2022. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
+
+package org.onap.portal.prefs.repository;
+
+import org.onap.portal.prefs.entities.PreferencesDto;
+import org.springframework.data.mongodb.repository.ReactiveMongoRepository;
+
+public interface PreferencesRepository extends ReactiveMongoRepository<PreferencesDto, String> {
+}
diff --git a/app/src/main/java/org/onap/portal/prefs/services/PreferencesService.java b/app/src/main/java/org/onap/portal/prefs/services/PreferencesService.java
new file mode 100644
index 0000000..f96dfea
--- /dev/null
+++ b/app/src/main/java/org/onap/portal/prefs/services/PreferencesService.java
@@ -0,0 +1,80 @@
+/*
+ *
+ * Copyright (c) 2022. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
+
+package org.onap.portal.prefs.services;
+
+import org.onap.portal.prefs.entities.PreferencesDto;
+import org.onap.portal.prefs.exception.ProblemException;
+import org.onap.portal.prefs.openapi.model.Preferences;
+import org.onap.portal.prefs.repository.PreferencesRepository;
+import org.onap.portal.prefs.util.Logger;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import reactor.core.publisher.Mono;
+
+@Service
+public class PreferencesService {
+
+ @Autowired
+ private PreferencesRepository repository;
+
+ public Mono<Preferences> getPreferences(String userId){
+ return repository
+ .findById(userId)
+ .switchIfEmpty(defaultPreferences())
+ .map(this::toPreferences);
+ }
+
+ public Mono<Preferences> savePreferences( String xRequestId, String userId, Preferences preferences){
+
+ var preferencesDto = new PreferencesDto();
+ preferencesDto.setUserId(userId);
+ preferencesDto.setProperties(preferences.getProperties());
+
+ return repository
+ .save(preferencesDto)
+ .map(this::toPreferences)
+ .onErrorResume(ProblemException.class, ex -> {
+ Logger.errorLog(xRequestId,"user prefrences", userId, "portal-prefs" );
+ return Mono.error(ex);
+ });
+
+ }
+
+ private Preferences toPreferences(PreferencesDto preferencesDto) {
+ var preferences = new Preferences();
+ preferences.setProperties(preferencesDto.getProperties());
+ return preferences;
+ }
+
+ /**
+ * Get a Preferences object that is initialised with an empty string.
+ * This is a) for convenience to not handle 404 on the consuming side and
+ * b) for security reasons
+ * @return PreferencesDto
+ */
+ private Mono<PreferencesDto> defaultPreferences() {
+ var preferencesDto = new PreferencesDto();
+ preferencesDto.setProperties("");
+ return Mono.just(preferencesDto);
+ }
+}
diff --git a/app/src/main/java/org/onap/portal/prefs/util/IdTokenExchange.java b/app/src/main/java/org/onap/portal/prefs/util/IdTokenExchange.java
new file mode 100644
index 0000000..20f1581
--- /dev/null
+++ b/app/src/main/java/org/onap/portal/prefs/util/IdTokenExchange.java
@@ -0,0 +1,91 @@
+/*
+ *
+ * Copyright (c) 2022. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
+
+package org.onap.portal.prefs.util;
+
+import com.nimbusds.jwt.JWTParser;
+import io.vavr.control.Option;
+import io.vavr.control.Try;
+import org.springframework.web.server.ServerWebExchange;
+import org.zalando.problem.Problem;
+import org.zalando.problem.Status;
+import reactor.core.publisher.Mono;
+
+/**
+ * Represents a function that handles the <a href="https://jwt.io/introduction">JWT</a> identity token.
+ * Use this to check if the incoming requests are authorized to call the given endpoint
+ */
+
+public final class IdTokenExchange {
+
+ public static final String X_AUTH_IDENTITY_HEADER = "X-Auth-Identity";
+ public static final String JWT_CLAIM_USERID = "sub";
+
+ private IdTokenExchange(){
+
+ }
+
+ /**
+ * Extract the identity header from the given {@link ServerWebExchange}.
+ * @param exchange the ServerWebExchange that contains information about the incoming request
+ * @return the identity header in the form of <code>Bearer {@literal <Token>}<c/ode>
+ */
+ private static Mono<String> extractIdentityHeader(ServerWebExchange exchange) {
+ return io.vavr.collection.List.ofAll(
+ exchange.getRequest().getHeaders().getOrEmpty(X_AUTH_IDENTITY_HEADER))
+ .headOption()
+ .map(Mono::just)
+ .getOrElse(Mono.error(Problem.valueOf(Status.FORBIDDEN, "ID token is missing")));
+ }
+
+ /**
+ * Extract the identity token from the given {@link ServerWebExchange}.
+ * @see <a href="https://openid.net/specs/openid-connect-core-1_0.html#IDToken">OpenId Connect ID Token</a>
+ * @param exchange the ServerWebExchange that contains information about the incoming request
+ * @return the identity token that contains user roles
+ */
+ private static Mono<String> extractIdToken(ServerWebExchange exchange) {
+ return extractIdentityHeader(exchange)
+ .map(identityHeader -> identityHeader.replace("Bearer ", ""));
+ }
+
+ /**
+ * Extract the <code>userId</code> from the given {@link ServerWebExchange}
+ * @param exchange the ServerWebExchange that contains information about the incoming request
+ * @return the id of the user
+ */
+ public static Mono<String> extractUserId(ServerWebExchange exchange) {
+ return extractIdToken(exchange)
+ .flatMap(
+ idToken ->
+ Try.of(() -> JWTParser.parse(idToken))
+ .mapTry(jwt -> Option.of(jwt.getJWTClaimsSet()))
+ .map(
+ optionJwtClaimSet ->
+ optionJwtClaimSet
+ .flatMap(
+ jwtClaimSet ->
+ Option.of(jwtClaimSet.getClaim(JWT_CLAIM_USERID)))
+ .map(String.class::cast)
+ .map( Mono::just).get())
+ .getOrElseGet(Mono::error));
+ }
+}
diff --git a/app/src/main/java/org/onap/portal/prefs/util/Logger.java b/app/src/main/java/org/onap/portal/prefs/util/Logger.java
new file mode 100644
index 0000000..4f4ac6c
--- /dev/null
+++ b/app/src/main/java/org/onap/portal/prefs/util/Logger.java
@@ -0,0 +1,58 @@
+/*
+ *
+ * Copyright (c) 2022. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
+
+package org.onap.portal.prefs.util;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.HttpStatus;
+
+import java.net.URI;
+
+@Slf4j
+public class Logger {
+
+ private Logger(){}
+
+ public static void requestLog(String xRequestId, HttpMethod methode, URI path) {
+ log.info("Portal-prefs - request - X-Request-Id {} {} {}", xRequestId, methode, path);
+ }
+
+ public static void responseLog(String xRequestId, HttpStatus code) {
+ log.info("Portal-prefs - response - X-Request-Id {} {}", xRequestId, code);
+ }
+
+ public static void errorLog(String xRequestId, String msg, String id, String app) {
+ log.info(
+ "Portal-prefs - error - X-Request-Id {} {} {} not found in {}", xRequestId, msg, id, app);
+ }
+
+ public static void errorLog(
+ String xRequestId, String msg, String id, String app, String errorDetails) {
+ log.info(
+ "Portal-prefs - error - X-Request-Id {} {} {} not found in {} error message: {}",
+ xRequestId,
+ msg,
+ id,
+ app,
+ errorDetails);
+ }
+}
diff --git a/app/src/main/resources/application-local.yml b/app/src/main/resources/application-local.yml
new file mode 100644
index 0000000..71fe8db
--- /dev/null
+++ b/app/src/main/resources/application-local.yml
@@ -0,0 +1,39 @@
+server:
+ port: 9001
+ address: 0.0.0.0
+
+spring:
+ jackson:
+ serialization:
+ # needed for serializing objects of type object
+ FAIL_ON_EMPTY_BEANS: false
+ security:
+ oauth2:
+ resourceserver:
+ jwt:
+ jwk-set-uri: http://localhost:8080/auth/realms/ONAP/protocol/openid-connect/certs #Keycloak Endpoint
+ data:
+ mongodb:
+ database: portal_prefs
+ host: localhost
+ port: 27017
+ username: root
+ password: password
+
+portal-prefs:
+ realm: ONAP
+
+management:
+ endpoints:
+ web:
+ exposure:
+ include: "*"
+ info:
+ build:
+ enabled: true
+ env:
+ enabled: true
+ git:
+ enabled: true
+ java:
+ enabled: true
diff --git a/app/src/main/resources/application.yml b/app/src/main/resources/application.yml
new file mode 100644
index 0000000..eb5b313
--- /dev/null
+++ b/app/src/main/resources/application.yml
@@ -0,0 +1,39 @@
+server:
+ port: 9001
+ address: 0.0.0.0
+
+spring:
+ jackson:
+ serialization:
+ # needed for serializing objects of type object
+ FAIL_ON_EMPTY_BEANS: false
+ security:
+ oauth2:
+ resourceserver:
+ jwt:
+ jwk-set-uri: ${KEYCLOAK_URL}/auth/realms/${KEYCLOAK_REALM}/protocol/openid-connect/certs #Keycloak Endpoint
+ data:
+ mongodb:
+ database: ${PORTALPREFS_DATABASE}
+ host: ${PORTALPREFS_HOST}
+ port: ${PORTALPREFS_PORT}
+ username: ${PORTALPREFS_USERNAME}
+ password: ${PORTALPREFS_PASSWORD}
+
+portal-prefs:
+ realm: ${KEYCLOAK_REALM}
+
+management:
+ endpoints:
+ web:
+ exposure:
+ include: "*"
+ info:
+ build:
+ enabled: true
+ env:
+ enabled: true
+ git:
+ enabled: true
+ java:
+ enabled: true
diff --git a/app/src/main/resources/logback-spring.xml b/app/src/main/resources/logback-spring.xml
new file mode 100644
index 0000000..05503bc
--- /dev/null
+++ b/app/src/main/resources/logback-spring.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration scan="true">
+ <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>${LOGBACK_LEVEL:-info}</level>
+ </filter>
+ <encoder class="net.logstash.logback.encoder.LogstashEncoder"/>
+ </appender>
+
+ <root level="all">
+ <appender-ref ref="stdout"/>
+ </root>
+</configuration>
diff --git a/app/src/test/java/org/onap/portal/prefs/BaseIntegrationTest.java b/app/src/test/java/org/onap/portal/prefs/BaseIntegrationTest.java
new file mode 100644
index 0000000..7852c41
--- /dev/null
+++ b/app/src/test/java/org/onap/portal/prefs/BaseIntegrationTest.java
@@ -0,0 +1,163 @@
+/*
+ *
+ * Copyright (c) 2022. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
+
+package org.onap.portal.prefs;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.github.tomakehurst.wiremock.client.WireMock;
+import com.nimbusds.jose.jwk.JWKSet;
+import org.onap.portal.prefs.util.IdTokenExchange;
+import org.onap.portal.prefs.configuration.PortalPrefsConfig;
+import io.restassured.RestAssured;
+import io.restassured.filter.log.RequestLoggingFilter;
+import io.restassured.filter.log.ResponseLoggingFilter;
+import io.restassured.specification.RequestSpecification;
+import io.vavr.collection.List;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.BeforeEach;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.web.server.LocalServerPort;
+import org.springframework.cloud.contract.wiremock.AutoConfigureWireMock;
+import org.springframework.http.MediaType;
+
+import java.util.UUID;
+
+/** Base class for all tests that has the common config including port, realm, logging and auth. */
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
+@AutoConfigureWireMock(port = 0)
+public abstract class BaseIntegrationTest {
+
+// @TestConfiguration
+// public static class Config {
+// @Bean
+// WireMockConfigurationCustomizer optionsCustomizer() {
+// return options -> options.extensions(new ResponseTemplateTransformer(true));
+// }
+// }
+
+ @LocalServerPort protected int port;
+ @Value("${portal-prefs.realm}")
+ protected String realm;
+
+ @Autowired protected ObjectMapper objectMapper;
+ @Autowired private TokenGenerator tokenGenerator;
+ @Autowired protected PortalPrefsConfig portalPrefsConfig;
+
+ @BeforeAll
+ public static void setup() {
+ RestAssured.filters(new RequestLoggingFilter(), new ResponseLoggingFilter());
+ }
+
+ /** Mocks the OIDC auth flow. */
+ @BeforeEach
+ public void mockAuth() {
+ WireMock.reset();
+
+ WireMock.stubFor(
+ WireMock.get(
+ WireMock.urlMatching(
+ String.format("/auth/realms/%s/protocol/openid-connect/certs", realm)))
+ .willReturn(
+ WireMock.aResponse()
+ .withHeader("Content-Type", JWKSet.MIME_TYPE)
+ .withBody(tokenGenerator.getJwkSet().toString())));
+
+ final TokenGenerator.TokenGeneratorConfig config =
+ TokenGenerator.TokenGeneratorConfig.builder().port(port).realm(realm).sub("test-user").build();
+
+ WireMock.stubFor(
+ WireMock.post(
+ WireMock.urlMatching(
+ String.format("/auth/realms/%s/protocol/openid-connect/token", realm)))
+ .withBasicAuth("test", "test")
+ .withRequestBody(WireMock.containing("grant_type=client_credentials"))
+ .willReturn(
+ WireMock.aResponse()
+ .withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE)
+ .withBody(
+ objectMapper
+ .createObjectNode()
+ .put("token_type", "bearer")
+ .put("access_token", tokenGenerator.generateToken(config))
+ .put("expires_in", config.getExpireIn().getSeconds())
+ .put("refresh_token", tokenGenerator.generateToken(config))
+ .put("refresh_expires_in", config.getExpireIn().getSeconds())
+ .put("not-before-policy", 0)
+ .put("session_state", UUID.randomUUID().toString())
+ .put("scope", "email profile")
+ .toString())));
+ }
+
+ /**
+ * Builds an OAuth2 configuration including the roles, port and realm. This config can be used to
+ * generate OAuth2 access tokens.
+ *
+ * @param sub the userId
+ * @param roles the roles used for RBAC
+ * @return the OAuth2 configuration
+ */
+ protected TokenGenerator.TokenGeneratorConfig getTokenGeneratorConfig(String sub, List<String> roles) {
+ return TokenGenerator.TokenGeneratorConfig.builder()
+ .port(port)
+ .sub(sub)
+ .realm(realm)
+ .roles(roles)
+ .build();
+ }
+
+ /** Get a RequestSpecification that does not have an Identity header. */
+ protected RequestSpecification unauthenticatedRequestSpecification() {
+ return RestAssured.given().port(port);
+ }
+
+ /**
+ * Object to store common attributes of requests that are going to be made. Adds an Identity
+ * header for the <code>onap_admin</code> role to the request.
+ * @return the definition of the incoming request (northbound)
+ */
+ protected RequestSpecification requestSpecification() {
+ final String idToken = tokenGenerator.generateToken(getTokenGeneratorConfig("test-user", List.of("foo")));
+
+ return unauthenticatedRequestSpecification()
+ .auth()
+ .preemptive()
+ .oauth2(idToken)
+ .header(IdTokenExchange.X_AUTH_IDENTITY_HEADER, "Bearer " + idToken);
+ }
+
+ /**
+ * Object to store common attributes of requests that are going to be made. Adds an Identity
+ * header for the <code>onap_admin</code> role to the request.
+ * @param userId the userId that should be contained in the incoming request
+ * @return the definition of the incoming request (northbound)
+ */
+ protected RequestSpecification requestSpecification(String userId) {
+ final String idToken = tokenGenerator.generateToken(getTokenGeneratorConfig(userId, List.of("foo")));
+
+ return unauthenticatedRequestSpecification()
+ .auth()
+ .preemptive()
+ .oauth2(idToken)
+ .header(IdTokenExchange.X_AUTH_IDENTITY_HEADER, "Bearer " + idToken);
+ }
+}
diff --git a/app/src/test/java/org/onap/portal/prefs/TokenGenerator.java b/app/src/test/java/org/onap/portal/prefs/TokenGenerator.java
new file mode 100644
index 0000000..6883064
--- /dev/null
+++ b/app/src/test/java/org/onap/portal/prefs/TokenGenerator.java
@@ -0,0 +1,130 @@
+/*
+ *
+ * Copyright (c) 2022. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
+
+package org.onap.portal.prefs;
+
+import java.time.Clock;
+import java.time.Duration;
+import java.time.Instant;
+import java.util.Date;
+import java.util.UUID;
+
+import com.nimbusds.jose.JOSEObjectType;
+import com.nimbusds.jose.JWSAlgorithm;
+import com.nimbusds.jose.JWSHeader;
+import com.nimbusds.jose.JWSSigner;
+import com.nimbusds.jose.crypto.RSASSASigner;
+import com.nimbusds.jose.jwk.JWKSet;
+import com.nimbusds.jose.jwk.KeyUse;
+import com.nimbusds.jose.jwk.RSAKey;
+import com.nimbusds.jose.jwk.gen.RSAKeyGenerator;
+import com.nimbusds.jwt.JWTClaimsSet;
+import com.nimbusds.jwt.SignedJWT;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import io.vavr.collection.List;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NonNull;
+
+@Component
+public class TokenGenerator {
+
+ private static final String ROLES_CLAIM = "roles";
+ private static final String USERID_CLAIM = "sub";
+
+ private final Clock clock;
+ private final RSAKey jwk;
+ private final JWKSet jwkSet;
+ private final JWSSigner signer;
+
+ @Autowired
+ public TokenGenerator(Clock clock) {
+ try {
+ this.clock = clock;
+ jwk =
+ new RSAKeyGenerator(2048)
+ .keyUse(KeyUse.SIGNATURE)
+ .keyID(UUID.randomUUID().toString())
+ .generate();
+ jwkSet = new JWKSet(jwk);
+ signer = new RSASSASigner(jwk);
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public JWKSet getJwkSet() {
+ return jwkSet;
+ }
+
+ public String generateToken(TokenGeneratorConfig config) {
+ final Instant iat = clock.instant();
+ final Instant exp = iat.plus(config.expireIn);
+
+ final JWTClaimsSet claims =
+ new JWTClaimsSet.Builder()
+ .jwtID(UUID.randomUUID().toString())
+ .subject(UUID.randomUUID().toString())
+ .issuer(config.issuer())
+ .issueTime(Date.from(iat))
+ .expirationTime(Date.from(exp))
+ .claim(ROLES_CLAIM, config.getRoles())
+ .claim(USERID_CLAIM, config.getSub())
+ .build();
+
+ final SignedJWT jwt =
+ new SignedJWT(
+ new JWSHeader.Builder(JWSAlgorithm.RS256)
+ .keyID(jwk.getKeyID())
+ .type(JOSEObjectType.JWT)
+ .build(),
+ claims);
+
+ try {
+ jwt.sign(signer);
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+
+ return jwt.serialize();
+ }
+
+ @Getter
+ @Builder
+ public static class TokenGeneratorConfig {
+ private final int port;
+
+ @NonNull private final String sub;
+
+ @NonNull private final String realm;
+
+ @NonNull @Builder.Default private final Duration expireIn = Duration.ofMinutes(5);
+
+ @Builder.Default private final List<String> roles = List.empty();
+
+ public String issuer() {
+ return String.format("http://localhost:%d/auth/realms/%s", port, realm);
+ }
+ }
+}
diff --git a/app/src/test/java/org/onap/portal/prefs/actuator/ActuatorIntegrationTest.java b/app/src/test/java/org/onap/portal/prefs/actuator/ActuatorIntegrationTest.java
new file mode 100644
index 0000000..95e9b2a
--- /dev/null
+++ b/app/src/test/java/org/onap/portal/prefs/actuator/ActuatorIntegrationTest.java
@@ -0,0 +1,48 @@
+/*
+ *
+ * Copyright (c) 2022. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
+
+package org.onap.portal.prefs.actuator;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+import org.onap.portal.prefs.BaseIntegrationTest;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.availability.ApplicationAvailability;
+import org.springframework.boot.availability.LivenessState;
+import org.springframework.boot.availability.ReadinessState;
+
+class ActuatorIntegrationTest extends BaseIntegrationTest {
+
+ @Autowired private ApplicationAvailability applicationAvailability;
+
+ @Test
+ void livenessProbeIsAvailable() {
+ assertThat(applicationAvailability.getLivenessState()).isEqualTo(LivenessState.CORRECT);
+ }
+
+ @Test
+ void readinessProbeIsAvailable() {
+
+ assertThat(applicationAvailability.getReadinessState())
+ .isEqualTo(ReadinessState.ACCEPTING_TRAFFIC);
+ }
+}
diff --git a/app/src/test/java/org/onap/portal/prefs/preferences/PreferencesControllerIntegrationTest.java b/app/src/test/java/org/onap/portal/prefs/preferences/PreferencesControllerIntegrationTest.java
new file mode 100644
index 0000000..b5f4cf1
--- /dev/null
+++ b/app/src/test/java/org/onap/portal/prefs/preferences/PreferencesControllerIntegrationTest.java
@@ -0,0 +1,198 @@
+/*
+ *
+ * Copyright (c) 2022. Deutsche Telekom AG
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ *
+ */
+
+package org.onap.portal.prefs.preferences;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+import org.junit.jupiter.api.Test;
+import org.onap.portal.prefs.BaseIntegrationTest;
+import org.onap.portal.prefs.openapi.model.Preferences;
+import org.onap.portal.prefs.services.PreferencesService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+
+import io.restassured.http.ContentType;
+import io.restassured.http.Header;
+
+class PreferencesControllerIntegrationTest extends BaseIntegrationTest {
+
+ protected static final String X_REQUEST_ID = "addf6005-3075-4c80-b7bc-2c70b7d42b57";
+
+ @Autowired
+ PreferencesService preferencesService;
+
+ @Test
+ void thatUserPreferencesCanBeRetrieved() {
+ // First save a user preference before a GET can run
+ Preferences expectedResponse = new Preferences()
+ .properties("{\n" +
+ " \"properties\": { \"appStarter\": \"value1\",\n" +
+ " \"dashboard\": {\"key1:\" : \"value2\"}\n" +
+ " } \n" +
+ "}");
+ preferencesService
+ .savePreferences(X_REQUEST_ID,"test-user", expectedResponse)
+ .block();
+
+ Preferences actualResponse = requestSpecification("test-user")
+ .given()
+ .accept(MediaType.APPLICATION_JSON_VALUE)
+ .header(new Header("X-Request-Id", X_REQUEST_ID))
+ .when()
+ .get("/v1/preferences")
+ .then()
+ .statusCode(HttpStatus.OK.value())
+ .extract()
+ .body()
+ .as(Preferences.class);
+
+ assertThat(actualResponse).isNotNull();
+ assertThat(actualResponse.getProperties()).isEqualTo(expectedResponse.getProperties());
+ }
+
+ @Test
+ void thatUserPreferencesCanNotBeRetrieved() {
+ unauthenticatedRequestSpecification()
+ .given()
+ .accept(MediaType.APPLICATION_JSON_VALUE)
+ .contentType(ContentType.JSON)
+ .header(new Header("X-Request-Id", X_REQUEST_ID))
+ .when()
+ .get("/v1/preferences")
+ .then()
+ .statusCode(HttpStatus.UNAUTHORIZED.value());
+ }
+
+ @Test
+ void thatUserPreferencesCanBeSaved() {
+ Preferences expectedResponse = new Preferences()
+ .properties("{\n" +
+ " \"properties\": { \"appStarter\": \"value1\",\n" +
+ " \"dashboard\": {\"key1:\" : \"value2\"}\n" +
+ " } \n" +
+ "}");
+ Preferences actualResponse = requestSpecification()
+ .given()
+ .accept(MediaType.APPLICATION_JSON_VALUE)
+ .contentType(ContentType.JSON)
+ .header(new Header("X-Request-Id", X_REQUEST_ID))
+ .body(expectedResponse)
+ .when()
+ .post("/v1/preferences")
+ .then()
+ .statusCode(HttpStatus.OK.value())
+ .extract()
+ .body()
+ .as(Preferences.class);
+
+ assertThat(actualResponse).isNotNull();
+ assertThat(actualResponse.getProperties()).isEqualTo(expectedResponse.getProperties());
+ }
+
+ @Test
+ void thatUserPreferencesCanBeUpdated() {
+ // First save a user preference before a GET can run
+ Preferences initialPreferences = new Preferences()
+ .properties("{\n" +
+ " \"properties\": { \"appStarter\": \"value1\",\n" +
+ " \"dashboard\": {\"key1:\" : \"value2\"}\n" +
+ " } \n" +
+ "}");
+ preferencesService
+ .savePreferences(X_REQUEST_ID,"test-user", initialPreferences)
+ .block();
+
+ Preferences expectedResponse = new Preferences()
+ .properties("{\n" +
+ " \"properties\": { \"appStarter\": \"value3\",\n" +
+ " \"dashboard\": {\"key2:\" : \"value4\"}\n" +
+ " } \n" +
+ "}");
+ Preferences actualResponse = requestSpecification("test-user")
+ .given()
+ .accept(MediaType.APPLICATION_JSON_VALUE)
+ .contentType(ContentType.JSON)
+ .header(new Header("X-Request-Id", X_REQUEST_ID))
+ .body(expectedResponse)
+ .when()
+ .put("/v1/preferences")
+ .then()
+ .statusCode(HttpStatus.OK.value())
+ .extract()
+ .body()
+ .as(Preferences.class);
+
+ assertThat(actualResponse).isNotNull();
+ assertThat(actualResponse.getProperties()).isEqualTo(expectedResponse.getProperties());
+ }
+
+ @Test
+ void thatUserPreferencesCanNotBeFound() {
+
+ Preferences actualResponse = requestSpecification("test-canNotBeFound")
+ .given()
+ .accept(MediaType.APPLICATION_JSON_VALUE)
+ .header(new Header("X-Request-Id", X_REQUEST_ID))
+ .when()
+ .get("/v1/preferences")
+ .then()
+ .statusCode(HttpStatus.OK.value())
+ .extract()
+ .body()
+ .as(Preferences.class);
+
+ assertThat(actualResponse).isNotNull();
+ assertThat(actualResponse.getProperties()).isEqualTo("");
+ }
+
+ @Test
+ void thatUserPreferencesHasXRequestIdHeader() {
+
+ String actualResponse = requestSpecification("test-user")
+ .given()
+ .accept(MediaType.APPLICATION_JSON_VALUE)
+ .header(new Header("X-Request-Id", X_REQUEST_ID))
+ .when()
+ .get("/v1/preferences")
+ .then()
+ .statusCode(HttpStatus.OK.value())
+ .extract()
+ .header("X-Request-Id");
+
+ assertThat(actualResponse).isNotNull().isEqualTo(X_REQUEST_ID);
+ }
+
+ @Test
+ void thatUserPreferencesHasNoXRequestIdHeader() {
+
+ requestSpecification("test-user")
+ .given()
+ .accept(MediaType.APPLICATION_JSON_VALUE)
+ .when()
+ .get("/v1/preferences")
+ .then()
+ .statusCode(HttpStatus.BAD_REQUEST.value());
+
+
+ }
+}
diff --git a/app/src/test/resources/application.yml b/app/src/test/resources/application.yml
new file mode 100644
index 0000000..3316c0d
--- /dev/null
+++ b/app/src/test/resources/application.yml
@@ -0,0 +1,35 @@
+server:
+ port: 9001
+ address: 0.0.0.0
+
+spring:
+ mongodb:
+ embedded:
+ version: 3.2.8
+ jackson:
+ serialization:
+ # needed for serializing objects of type object
+ FAIL_ON_EMPTY_BEANS: false
+ security:
+ oauth2:
+ resourceserver:
+ jwt:
+ jwk-set-uri: http://localhost:${wiremock.server.port}/auth/realms/ONAP/protocol/openid-connect/certs #Keycloak Endpoint
+
+portal-prefs:
+ realm: ONAP
+
+management:
+ endpoints:
+ web:
+ exposure:
+ include: "*"
+ info:
+ build:
+ enabled: true
+ env:
+ enabled: true
+ git:
+ enabled: true
+ java:
+ enabled: true
diff --git a/app/src/test/resources/logback-spring.xml b/app/src/test/resources/logback-spring.xml
new file mode 100644
index 0000000..05503bc
--- /dev/null
+++ b/app/src/test/resources/logback-spring.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration scan="true">
+ <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>${LOGBACK_LEVEL:-info}</level>
+ </filter>
+ <encoder class="net.logstash.logback.encoder.LogstashEncoder"/>
+ </appender>
+
+ <root level="all">
+ <appender-ref ref="stdout"/>
+ </root>
+</configuration>