From 7c0e2f563a18dfe7c8f6c2ad66d01775c9468f37 Mon Sep 17 00:00:00 2001 From: Fiete Ostkamp Date: Wed, 16 Aug 2023 07:15:07 +0000 Subject: Consistently use the preferences name in the preferences code base - rename package name from org.onap.portal.prefs to org.onap.portalng.preferences - replace all other occurences of portal-prefs with preferences Other: - remove Sonarqube plugin Issue-ID: PORTALNG-39 Signed-off-by: Fiete Ostkamp Change-Id: Iced79a26460d988c5b22eb5fcac86d350528a1a2 --- README.md | 6 +- app/build.gradle | 16 +- .../onap/portal/prefs/PortalPrefsApplication.java | 37 ---- .../portal/prefs/configuration/BeansConfig.java | 35 ---- .../portal/prefs/configuration/LogInterceptor.java | 59 ------ .../prefs/configuration/PortalPrefsConfig.java | 36 ---- .../portal/prefs/configuration/SecurityConfig.java | 53 ------ .../prefs/controller/PreferencesController.java | 84 --------- .../onap/portal/prefs/entities/PreferencesDto.java | 39 ---- .../portal/prefs/exception/ProblemException.java | 53 ------ .../prefs/repository/PreferencesRepository.java | 28 --- .../portal/prefs/services/PreferencesService.java | 80 --------- .../onap/portal/prefs/util/IdTokenExchange.java | 88 --------- .../java/org/onap/portal/prefs/util/Logger.java | 59 ------ .../preferences/PreferencesApplication.java | 37 ++++ .../preferences/configuration/BeansConfig.java | 35 ++++ .../preferences/configuration/LogInterceptor.java | 59 ++++++ .../configuration/PreferencesConfig.java | 36 ++++ .../preferences/configuration/SecurityConfig.java | 53 ++++++ .../controller/PreferencesController.java | 84 +++++++++ .../preferences/entities/PreferencesDto.java | 39 ++++ .../preferences/exception/ProblemException.java | 53 ++++++ .../repository/PreferencesRepository.java | 28 +++ .../preferences/services/PreferencesService.java | 80 +++++++++ .../portalng/preferences/util/IdTokenExchange.java | 88 +++++++++ .../org/onap/portalng/preferences/util/Logger.java | 59 ++++++ app/src/main/resources/application-local.yml | 4 +- app/src/main/resources/application.yml | 13 +- .../org/onap/portal/prefs/BaseIntegrationTest.java | 155 ---------------- .../java/org/onap/portal/prefs/TokenGenerator.java | 130 -------------- .../prefs/actuator/ActuatorIntegrationTest.java | 48 ----- .../PreferencesControllerIntegrationTest.java | 198 --------------------- .../portalng/preferences/BaseIntegrationTest.java | 155 ++++++++++++++++ .../onap/portalng/preferences/TokenGenerator.java | 130 ++++++++++++++ .../actuator/ActuatorIntegrationTest.java | 48 +++++ .../PreferencesControllerIntegrationTest.java | 198 +++++++++++++++++++++ app/src/test/resources/application.yml | 2 +- openapi/build.gradle | 6 +- renovate.json | 6 - settings.gradle | 9 +- version | 2 +- 41 files changed, 1205 insertions(+), 1223 deletions(-) delete mode 100644 app/src/main/java/org/onap/portal/prefs/PortalPrefsApplication.java delete mode 100644 app/src/main/java/org/onap/portal/prefs/configuration/BeansConfig.java delete mode 100644 app/src/main/java/org/onap/portal/prefs/configuration/LogInterceptor.java delete mode 100644 app/src/main/java/org/onap/portal/prefs/configuration/PortalPrefsConfig.java delete mode 100644 app/src/main/java/org/onap/portal/prefs/configuration/SecurityConfig.java delete mode 100644 app/src/main/java/org/onap/portal/prefs/controller/PreferencesController.java delete mode 100644 app/src/main/java/org/onap/portal/prefs/entities/PreferencesDto.java delete mode 100644 app/src/main/java/org/onap/portal/prefs/exception/ProblemException.java delete mode 100644 app/src/main/java/org/onap/portal/prefs/repository/PreferencesRepository.java delete mode 100644 app/src/main/java/org/onap/portal/prefs/services/PreferencesService.java delete mode 100644 app/src/main/java/org/onap/portal/prefs/util/IdTokenExchange.java delete mode 100644 app/src/main/java/org/onap/portal/prefs/util/Logger.java create mode 100644 app/src/main/java/org/onap/portalng/preferences/PreferencesApplication.java create mode 100644 app/src/main/java/org/onap/portalng/preferences/configuration/BeansConfig.java create mode 100644 app/src/main/java/org/onap/portalng/preferences/configuration/LogInterceptor.java create mode 100644 app/src/main/java/org/onap/portalng/preferences/configuration/PreferencesConfig.java create mode 100644 app/src/main/java/org/onap/portalng/preferences/configuration/SecurityConfig.java create mode 100644 app/src/main/java/org/onap/portalng/preferences/controller/PreferencesController.java create mode 100644 app/src/main/java/org/onap/portalng/preferences/entities/PreferencesDto.java create mode 100644 app/src/main/java/org/onap/portalng/preferences/exception/ProblemException.java create mode 100644 app/src/main/java/org/onap/portalng/preferences/repository/PreferencesRepository.java create mode 100644 app/src/main/java/org/onap/portalng/preferences/services/PreferencesService.java create mode 100644 app/src/main/java/org/onap/portalng/preferences/util/IdTokenExchange.java create mode 100644 app/src/main/java/org/onap/portalng/preferences/util/Logger.java delete mode 100644 app/src/test/java/org/onap/portal/prefs/BaseIntegrationTest.java delete mode 100644 app/src/test/java/org/onap/portal/prefs/TokenGenerator.java delete mode 100644 app/src/test/java/org/onap/portal/prefs/actuator/ActuatorIntegrationTest.java delete mode 100644 app/src/test/java/org/onap/portal/prefs/preferences/PreferencesControllerIntegrationTest.java create mode 100644 app/src/test/java/org/onap/portalng/preferences/BaseIntegrationTest.java create mode 100644 app/src/test/java/org/onap/portalng/preferences/TokenGenerator.java create mode 100644 app/src/test/java/org/onap/portalng/preferences/actuator/ActuatorIntegrationTest.java create mode 100644 app/src/test/java/org/onap/portalng/preferences/preferences/PreferencesControllerIntegrationTest.java delete mode 100644 renovate.json diff --git a/README.md b/README.md index 15bc29d..c5d9c05 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Portal-prefs +# Preferences This microservice manages the user specific config for the `portal-ui` frontend application. It is a Spring Boot application that is build upon a MongoDB and Webflux. ## Build @@ -29,14 +29,14 @@ To start the service execute the `run.sh` in the development folder: development/run.sh ``` -Example request against the portal-prefs service can be run in your preferred IDE with the `request.http` file from the development folder. +Example request against the preferences service can be run in your preferred IDE with the `request.http` file from the development folder. You can access the Keycloak UI via browser. URL: http://localhost:8080 **username:** admin **password:** password -To stop the portal-prefs service, Keycloak and the databases run: +To stop the preferences service, Keycloak and the databases run: ```sh development/stop.sh ``` diff --git a/app/build.gradle b/app/build.gradle index 1d51c30..28e6384 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -5,7 +5,6 @@ plugins { id 'io.spring.dependency-management' id 'org.springframework.boot' id 'jacoco' - id 'org.sonarqube' id 'com.gorylenko.gradle-git-properties' } @@ -15,7 +14,7 @@ sourceCompatibility = '17' targetCompatibility = '17' application { - mainClass = 'org.onap.portal.prefs.PortalPrefsApplication' + mainClass = 'org.onap.portalng.preferences.PreferencesApplication' } configurations { @@ -81,13 +80,6 @@ jacocoTestReport { } } -sonarqube { - properties { - property "sonar.projectKey", "tnap.SONAR.portal.portal-prefs" - property "sonar.projectName", "portal-prefs" - } -} - configurations.implementation.setCanBeResolved(true) // avoid generating X.X.X-plain.jar @@ -98,10 +90,10 @@ jar { springBoot { buildInfo { properties { - artifact = "onap-portal-prefs" + artifact = "onap-portal-ng-preferences" version = rootProject.file('version').text.trim() - group = "org.onap" - name = "Portal user preferences service" + group = "org.onap.portalng" + name = "Portal-ng user preferences service" } } } diff --git a/app/src/main/java/org/onap/portal/prefs/PortalPrefsApplication.java b/app/src/main/java/org/onap/portal/prefs/PortalPrefsApplication.java deleted file mode 100644 index 092c533..0000000 --- a/app/src/main/java/org/onap/portal/prefs/PortalPrefsApplication.java +++ /dev/null @@ -1,37 +0,0 @@ -/* - * - * Copyright (c) 2022. Deutsche Telekom AG - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -package org.onap.portal.prefs; - -import org.onap.portal.prefs.configuration.PortalPrefsConfig; -import org.springframework.boot.SpringApplication; -import org.springframework.boot.autoconfigure.SpringBootApplication; -import org.springframework.boot.context.properties.EnableConfigurationProperties; - -@EnableConfigurationProperties(PortalPrefsConfig.class) -@SpringBootApplication -public class PortalPrefsApplication { - - public static void main(String[] args) { - SpringApplication.run(PortalPrefsApplication.class, args); - } - -} diff --git a/app/src/main/java/org/onap/portal/prefs/configuration/BeansConfig.java b/app/src/main/java/org/onap/portal/prefs/configuration/BeansConfig.java deleted file mode 100644 index 77ef7f0..0000000 --- a/app/src/main/java/org/onap/portal/prefs/configuration/BeansConfig.java +++ /dev/null @@ -1,35 +0,0 @@ -/* - * - * Copyright (c) 2022. Deutsche Telekom AG - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -package org.onap.portal.prefs.configuration; - -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; - -import java.time.Clock; - -@Configuration -public class BeansConfig { - @Bean - Clock clock() { - return Clock.systemUTC(); - } -} diff --git a/app/src/main/java/org/onap/portal/prefs/configuration/LogInterceptor.java b/app/src/main/java/org/onap/portal/prefs/configuration/LogInterceptor.java deleted file mode 100644 index b653fe3..0000000 --- a/app/src/main/java/org/onap/portal/prefs/configuration/LogInterceptor.java +++ /dev/null @@ -1,59 +0,0 @@ -/* - * - * Copyright (c) 2022. Deutsche Telekom AG - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -package org.onap.portal.prefs.configuration; - -import org.onap.portal.prefs.util.Logger; -import org.springframework.stereotype.Component; -import org.springframework.web.filter.reactive.ServerWebExchangeContextFilter; -import org.springframework.web.server.ServerWebExchange; -import org.springframework.web.server.WebFilter; -import org.springframework.web.server.WebFilterChain; -import reactor.core.publisher.Mono; - -import java.util.List; - -@Component -public class LogInterceptor implements WebFilter { - public static final String EXCHANGE_CONTEXT_ATTRIBUTE = - ServerWebExchangeContextFilter.class.getName() + ".EXCHANGE_CONTEXT"; - - public static final String X_REQUEST_ID = "X-Request-Id"; - - @Override - public Mono filter(ServerWebExchange exchange, WebFilterChain chain) { - List xRequestIdList = exchange.getRequest().getHeaders().get(X_REQUEST_ID); - if (xRequestIdList != null && !xRequestIdList.isEmpty()) { - String xRequestId = xRequestIdList.get(0); - Logger.requestLog( - xRequestId, exchange.getRequest().getMethod(), exchange.getRequest().getURI()); - exchange.getResponse().getHeaders().add(X_REQUEST_ID, xRequestId); - exchange.getResponse().beforeCommit(() -> { - Logger.responseLog(xRequestId,exchange.getResponse().getStatusCode()); - return Mono.empty(); - }); - } - - return chain - .filter(exchange) - .contextWrite(cxt -> cxt.put(EXCHANGE_CONTEXT_ATTRIBUTE, exchange)); - } -} diff --git a/app/src/main/java/org/onap/portal/prefs/configuration/PortalPrefsConfig.java b/app/src/main/java/org/onap/portal/prefs/configuration/PortalPrefsConfig.java deleted file mode 100644 index 2d415cd..0000000 --- a/app/src/main/java/org/onap/portal/prefs/configuration/PortalPrefsConfig.java +++ /dev/null @@ -1,36 +0,0 @@ -/* - * - * Copyright (c) 2022. Deutsche Telekom AG - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -package org.onap.portal.prefs.configuration; - -import org.springframework.boot.context.properties.ConfigurationProperties; - -import jakarta.validation.constraints.NotBlank; -import lombok.Data; - -@Data -@ConfigurationProperties("portal-prefs") -public class PortalPrefsConfig { - - @NotBlank - private final String realm; - -} diff --git a/app/src/main/java/org/onap/portal/prefs/configuration/SecurityConfig.java b/app/src/main/java/org/onap/portal/prefs/configuration/SecurityConfig.java deleted file mode 100644 index 531e90b..0000000 --- a/app/src/main/java/org/onap/portal/prefs/configuration/SecurityConfig.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * - * Copyright (c) 2022. Deutsche Telekom AG - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -package org.onap.portal.prefs.configuration; - -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.http.HttpMethod; -import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity; -import org.springframework.security.config.web.server.ServerHttpSecurity; -import org.springframework.security.web.server.SecurityWebFilterChain; - -/** - * Configures the access control of the API endpoints. - */ -// https://hantsy.github.io/spring-reactive-sample/security/config.html -@EnableWebFluxSecurity -@Configuration -public class SecurityConfig { - - @Bean - public SecurityWebFilterChain springSecurityWebFilterChain(ServerHttpSecurity http) { - return http.httpBasic().disable() - .formLogin().disable() - .csrf().disable() - .cors() - .and() - .authorizeExchange() - .pathMatchers(HttpMethod.GET, "/actuator/**").permitAll() - .anyExchange().authenticated() - .and() - .oauth2ResourceServer(ServerHttpSecurity.OAuth2ResourceServerSpec::jwt) - .build(); - } -} diff --git a/app/src/main/java/org/onap/portal/prefs/controller/PreferencesController.java b/app/src/main/java/org/onap/portal/prefs/controller/PreferencesController.java deleted file mode 100644 index f2ae7f9..0000000 --- a/app/src/main/java/org/onap/portal/prefs/controller/PreferencesController.java +++ /dev/null @@ -1,84 +0,0 @@ -/* - * - * Copyright (c) 2022. Deutsche Telekom AG - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -package org.onap.portal.prefs.controller; -import org.onap.portal.prefs.exception.ProblemException; -import org.onap.portal.prefs.openapi.api.PreferencesApi; -import org.onap.portal.prefs.openapi.model.Preferences; -import org.onap.portal.prefs.services.PreferencesService; -import org.onap.portal.prefs.util.IdTokenExchange; -import org.onap.portal.prefs.util.Logger; -import org.springframework.http.HttpStatus; -import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.RestController; -import org.springframework.web.server.ServerWebExchange; - -import reactor.core.publisher.Mono; - -@RestController -public class PreferencesController implements PreferencesApi { - - - private final PreferencesService preferencesService; - - public PreferencesController(PreferencesService getPreferences){ - this.preferencesService = getPreferences; - } - - @Override - public Mono> getPreferences(String xRequestId, ServerWebExchange exchange) { - return IdTokenExchange - .extractUserId(exchange) - .flatMap(userid -> - preferencesService.getPreferences(userid) - .map(ResponseEntity::ok)) - .onErrorResume(ProblemException.class, ex -> { - Logger.errorLog(xRequestId,"user preferences", null, "portal-prefs" ); - return Mono.error(ex); - }) - .onErrorReturn(new ResponseEntity<>(HttpStatus.BAD_REQUEST)); - - } - - @Override - public Mono> savePreferences(String xRequestId, Mono preferences, - ServerWebExchange exchange) { - return IdTokenExchange - .extractUserId(exchange) - .flatMap(userid -> - preferences - .flatMap( pref -> - preferencesService - .savePreferences(xRequestId, userid, pref))) - .map( ResponseEntity::ok) - .onErrorResume(ProblemException.class, ex -> { - Logger.errorLog(xRequestId,"user preferences", null, "portal-prefs" ); - return Mono.error(ex); - }) - .onErrorReturn(new ResponseEntity<>(HttpStatus.BAD_REQUEST)); - } - - @Override - public Mono> updatePreferences(String xRequestId, Mono preferences, ServerWebExchange exchange) { - return savePreferences(xRequestId, preferences, exchange); - } - -} diff --git a/app/src/main/java/org/onap/portal/prefs/entities/PreferencesDto.java b/app/src/main/java/org/onap/portal/prefs/entities/PreferencesDto.java deleted file mode 100644 index 45616a9..0000000 --- a/app/src/main/java/org/onap/portal/prefs/entities/PreferencesDto.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * - * Copyright (c) 2022. Deutsche Telekom AG - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -package org.onap.portal.prefs.entities; - -import lombok.Getter; -import lombok.Setter; -import org.springframework.data.annotation.Id; -import org.springframework.data.mongodb.core.mapping.Document; - -@Document -@Getter -@Setter -public class PreferencesDto { - @Id - private String userId; - - private Object properties; - -} - diff --git a/app/src/main/java/org/onap/portal/prefs/exception/ProblemException.java b/app/src/main/java/org/onap/portal/prefs/exception/ProblemException.java deleted file mode 100644 index b9d2a3d..0000000 --- a/app/src/main/java/org/onap/portal/prefs/exception/ProblemException.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * - * Copyright (c) 2022. Deutsche Telekom AG - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -package org.onap.portal.prefs.exception; - -import lombok.AllArgsConstructor; -import lombok.Builder; -import lombok.Data; -import lombok.EqualsAndHashCode; -import lombok.NoArgsConstructor; -import org.zalando.problem.AbstractThrowableProblem; -import org.zalando.problem.Problem; -import org.zalando.problem.Status; -import org.zalando.problem.StatusType; - -import java.net.URI; - -/** The default portal-prefs exception */ -@Data -@Builder -@AllArgsConstructor -@NoArgsConstructor -@EqualsAndHashCode(callSuper = true) -public class ProblemException extends AbstractThrowableProblem { - @Builder.Default private final URI type = Problem.DEFAULT_TYPE; - - @Builder.Default private final String title = "Bad preferences error"; - - @Builder.Default private final StatusType status = Status.BAD_REQUEST; - - @Builder.Default private final String detail = "Please add more details here"; - - @Builder.Default private final URI instance = null; - -} diff --git a/app/src/main/java/org/onap/portal/prefs/repository/PreferencesRepository.java b/app/src/main/java/org/onap/portal/prefs/repository/PreferencesRepository.java deleted file mode 100644 index 461ee1d..0000000 --- a/app/src/main/java/org/onap/portal/prefs/repository/PreferencesRepository.java +++ /dev/null @@ -1,28 +0,0 @@ -/* - * - * Copyright (c) 2022. Deutsche Telekom AG - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -package org.onap.portal.prefs.repository; - -import org.onap.portal.prefs.entities.PreferencesDto; -import org.springframework.data.mongodb.repository.ReactiveMongoRepository; - -public interface PreferencesRepository extends ReactiveMongoRepository { -} diff --git a/app/src/main/java/org/onap/portal/prefs/services/PreferencesService.java b/app/src/main/java/org/onap/portal/prefs/services/PreferencesService.java deleted file mode 100644 index f96dfea..0000000 --- a/app/src/main/java/org/onap/portal/prefs/services/PreferencesService.java +++ /dev/null @@ -1,80 +0,0 @@ -/* - * - * Copyright (c) 2022. Deutsche Telekom AG - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -package org.onap.portal.prefs.services; - -import org.onap.portal.prefs.entities.PreferencesDto; -import org.onap.portal.prefs.exception.ProblemException; -import org.onap.portal.prefs.openapi.model.Preferences; -import org.onap.portal.prefs.repository.PreferencesRepository; -import org.onap.portal.prefs.util.Logger; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; - -import reactor.core.publisher.Mono; - -@Service -public class PreferencesService { - - @Autowired - private PreferencesRepository repository; - - public Mono getPreferences(String userId){ - return repository - .findById(userId) - .switchIfEmpty(defaultPreferences()) - .map(this::toPreferences); - } - - public Mono savePreferences( String xRequestId, String userId, Preferences preferences){ - - var preferencesDto = new PreferencesDto(); - preferencesDto.setUserId(userId); - preferencesDto.setProperties(preferences.getProperties()); - - return repository - .save(preferencesDto) - .map(this::toPreferences) - .onErrorResume(ProblemException.class, ex -> { - Logger.errorLog(xRequestId,"user prefrences", userId, "portal-prefs" ); - return Mono.error(ex); - }); - - } - - private Preferences toPreferences(PreferencesDto preferencesDto) { - var preferences = new Preferences(); - preferences.setProperties(preferencesDto.getProperties()); - return preferences; - } - - /** - * Get a Preferences object that is initialised with an empty string. - * This is a) for convenience to not handle 404 on the consuming side and - * b) for security reasons - * @return PreferencesDto - */ - private Mono defaultPreferences() { - var preferencesDto = new PreferencesDto(); - preferencesDto.setProperties(""); - return Mono.just(preferencesDto); - } -} diff --git a/app/src/main/java/org/onap/portal/prefs/util/IdTokenExchange.java b/app/src/main/java/org/onap/portal/prefs/util/IdTokenExchange.java deleted file mode 100644 index 9ac2794..0000000 --- a/app/src/main/java/org/onap/portal/prefs/util/IdTokenExchange.java +++ /dev/null @@ -1,88 +0,0 @@ -/* - * - * Copyright (c) 2022. Deutsche Telekom AG - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -package org.onap.portal.prefs.util; - -import com.nimbusds.jwt.JWTClaimsSet; -import com.nimbusds.jwt.JWTParser; - -import java.text.ParseException; - -import org.springframework.web.server.ServerWebExchange; -import reactor.core.publisher.Mono; - -/** - * Represents a function that handles the JWT identity token. - * Use this to check if the incoming requests are authorized to call the given endpoint - */ - -public final class IdTokenExchange { - - public static final String X_AUTH_IDENTITY_HEADER = "X-Auth-Identity"; - public static final String JWT_CLAIM_USERID = "sub"; - - private IdTokenExchange(){ - - } - - /** - * Extract the identity header from the given {@link ServerWebExchange}. - * @param exchange the ServerWebExchange that contains information about the incoming request - * @return the identity header in the form of Bearer {@literal } - */ - private static Mono extractIdentityHeader(ServerWebExchange exchange) { - return Mono.just(exchange.getRequest().getHeaders().getOrEmpty(X_AUTH_IDENTITY_HEADER)) - .map(headers -> headers.get(0)) - .onErrorResume(Exception.class, ex -> Mono.error(ex)); - } - - /** - * Extract the identity token from the given {@link ServerWebExchange}. - * @see OpenId Connect ID Token - * @param exchange the ServerWebExchange that contains information about the incoming request - * @return the identity token that contains user roles - */ - private static Mono extractIdToken(ServerWebExchange exchange) { - return extractIdentityHeader(exchange) - .map(identityHeader -> identityHeader.replace("Bearer ", "")); - } - - /** - * Extract the userId from the given {@link ServerWebExchange} - * @param exchange the ServerWebExchange that contains information about the incoming request - * @return the id of the user - */ - public static Mono extractUserId(ServerWebExchange exchange) { - return extractIdToken(exchange) - .flatMap(idToken -> extractUserClaim(idToken)); - } - - private static Mono extractUserClaim(String idToken) { - JWTClaimsSet jwtClaimSet; - try { - jwtClaimSet = JWTParser.parse(idToken).getJWTClaimsSet(); - } catch (ParseException e) { - return Mono.error(e); - } - return Mono.just(String.class.cast(jwtClaimSet.getClaim(JWT_CLAIM_USERID))); - } -} - diff --git a/app/src/main/java/org/onap/portal/prefs/util/Logger.java b/app/src/main/java/org/onap/portal/prefs/util/Logger.java deleted file mode 100644 index 4026b9f..0000000 --- a/app/src/main/java/org/onap/portal/prefs/util/Logger.java +++ /dev/null @@ -1,59 +0,0 @@ -/* - * - * Copyright (c) 2022. Deutsche Telekom AG - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -package org.onap.portal.prefs.util; - -import java.net.URI; - -import org.springframework.http.HttpMethod; -import org.springframework.http.HttpStatusCode; - -import lombok.extern.slf4j.Slf4j; - -@Slf4j -public class Logger { - - private Logger(){} - - public static void requestLog(String xRequestId, HttpMethod methode, URI path) { - log.info("Portal-prefs - request - X-Request-Id {} {} {}", xRequestId, methode, path); - } - - public static void responseLog(String xRequestId, HttpStatusCode httpStatusCode) { - log.info("Portal-prefs - response - X-Request-Id {} {}", xRequestId, httpStatusCode); - } - - public static void errorLog(String xRequestId, String msg, String id, String app) { - log.info( - "Portal-prefs - error - X-Request-Id {} {} {} not found in {}", xRequestId, msg, id, app); - } - - public static void errorLog( - String xRequestId, String msg, String id, String app, String errorDetails) { - log.info( - "Portal-prefs - error - X-Request-Id {} {} {} not found in {} error message: {}", - xRequestId, - msg, - id, - app, - errorDetails); - } -} diff --git a/app/src/main/java/org/onap/portalng/preferences/PreferencesApplication.java b/app/src/main/java/org/onap/portalng/preferences/PreferencesApplication.java new file mode 100644 index 0000000..67171cd --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/PreferencesApplication.java @@ -0,0 +1,37 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences; + +import org.onap.portalng.preferences.configuration.PreferencesConfig; +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.boot.context.properties.EnableConfigurationProperties; + +@EnableConfigurationProperties(PreferencesConfig.class) +@SpringBootApplication +public class PreferencesApplication { + + public static void main(String[] args) { + SpringApplication.run(PreferencesApplication.class, args); + } + +} diff --git a/app/src/main/java/org/onap/portalng/preferences/configuration/BeansConfig.java b/app/src/main/java/org/onap/portalng/preferences/configuration/BeansConfig.java new file mode 100644 index 0000000..f35d43c --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/configuration/BeansConfig.java @@ -0,0 +1,35 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.configuration; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + +import java.time.Clock; + +@Configuration +public class BeansConfig { + @Bean + Clock clock() { + return Clock.systemUTC(); + } +} diff --git a/app/src/main/java/org/onap/portalng/preferences/configuration/LogInterceptor.java b/app/src/main/java/org/onap/portalng/preferences/configuration/LogInterceptor.java new file mode 100644 index 0000000..7ceee06 --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/configuration/LogInterceptor.java @@ -0,0 +1,59 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.configuration; + +import org.onap.portalng.preferences.util.Logger; +import org.springframework.stereotype.Component; +import org.springframework.web.filter.reactive.ServerWebExchangeContextFilter; +import org.springframework.web.server.ServerWebExchange; +import org.springframework.web.server.WebFilter; +import org.springframework.web.server.WebFilterChain; +import reactor.core.publisher.Mono; + +import java.util.List; + +@Component +public class LogInterceptor implements WebFilter { + public static final String EXCHANGE_CONTEXT_ATTRIBUTE = + ServerWebExchangeContextFilter.class.getName() + ".EXCHANGE_CONTEXT"; + + public static final String X_REQUEST_ID = "X-Request-Id"; + + @Override + public Mono filter(ServerWebExchange exchange, WebFilterChain chain) { + List xRequestIdList = exchange.getRequest().getHeaders().get(X_REQUEST_ID); + if (xRequestIdList != null && !xRequestIdList.isEmpty()) { + String xRequestId = xRequestIdList.get(0); + Logger.requestLog( + xRequestId, exchange.getRequest().getMethod(), exchange.getRequest().getURI()); + exchange.getResponse().getHeaders().add(X_REQUEST_ID, xRequestId); + exchange.getResponse().beforeCommit(() -> { + Logger.responseLog(xRequestId,exchange.getResponse().getStatusCode()); + return Mono.empty(); + }); + } + + return chain + .filter(exchange) + .contextWrite(cxt -> cxt.put(EXCHANGE_CONTEXT_ATTRIBUTE, exchange)); + } +} diff --git a/app/src/main/java/org/onap/portalng/preferences/configuration/PreferencesConfig.java b/app/src/main/java/org/onap/portalng/preferences/configuration/PreferencesConfig.java new file mode 100644 index 0000000..1394fd5 --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/configuration/PreferencesConfig.java @@ -0,0 +1,36 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.configuration; + +import org.springframework.boot.context.properties.ConfigurationProperties; + +import jakarta.validation.constraints.NotBlank; +import lombok.Data; + +@Data +@ConfigurationProperties("preferences") +public class PreferencesConfig { + + @NotBlank + private final String realm; + +} diff --git a/app/src/main/java/org/onap/portalng/preferences/configuration/SecurityConfig.java b/app/src/main/java/org/onap/portalng/preferences/configuration/SecurityConfig.java new file mode 100644 index 0000000..31866fe --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/configuration/SecurityConfig.java @@ -0,0 +1,53 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.configuration; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.http.HttpMethod; +import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity; +import org.springframework.security.config.web.server.ServerHttpSecurity; +import org.springframework.security.web.server.SecurityWebFilterChain; + +/** + * Configures the access control of the API endpoints. + */ +// https://hantsy.github.io/spring-reactive-sample/security/config.html +@EnableWebFluxSecurity +@Configuration +public class SecurityConfig { + + @Bean + public SecurityWebFilterChain springSecurityWebFilterChain(ServerHttpSecurity http) { + return http.httpBasic().disable() + .formLogin().disable() + .csrf().disable() + .cors() + .and() + .authorizeExchange() + .pathMatchers(HttpMethod.GET, "/actuator/**").permitAll() + .anyExchange().authenticated() + .and() + .oauth2ResourceServer(ServerHttpSecurity.OAuth2ResourceServerSpec::jwt) + .build(); + } +} diff --git a/app/src/main/java/org/onap/portalng/preferences/controller/PreferencesController.java b/app/src/main/java/org/onap/portalng/preferences/controller/PreferencesController.java new file mode 100644 index 0000000..02357e4 --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/controller/PreferencesController.java @@ -0,0 +1,84 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.controller; +import org.onap.portalng.preferences.exception.ProblemException; +import org.onap.portalng.preferences.openapi.api.PreferencesApi; +import org.onap.portalng.preferences.openapi.model.Preferences; +import org.onap.portalng.preferences.services.PreferencesService; +import org.onap.portalng.preferences.util.IdTokenExchange; +import org.onap.portalng.preferences.util.Logger; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.server.ServerWebExchange; + +import reactor.core.publisher.Mono; + +@RestController +public class PreferencesController implements PreferencesApi { + + + private final PreferencesService preferencesService; + + public PreferencesController(PreferencesService getPreferences){ + this.preferencesService = getPreferences; + } + + @Override + public Mono> getPreferences(String xRequestId, ServerWebExchange exchange) { + return IdTokenExchange + .extractUserId(exchange) + .flatMap(userid -> + preferencesService.getPreferences(userid) + .map(ResponseEntity::ok)) + .onErrorResume(ProblemException.class, ex -> { + Logger.errorLog(xRequestId,"user preferences", null, "preferences" ); + return Mono.error(ex); + }) + .onErrorReturn(new ResponseEntity<>(HttpStatus.BAD_REQUEST)); + + } + + @Override + public Mono> savePreferences(String xRequestId, Mono preferences, + ServerWebExchange exchange) { + return IdTokenExchange + .extractUserId(exchange) + .flatMap(userid -> + preferences + .flatMap( pref -> + preferencesService + .savePreferences(xRequestId, userid, pref))) + .map( ResponseEntity::ok) + .onErrorResume(ProblemException.class, ex -> { + Logger.errorLog(xRequestId,"user preferences", null, "preferences" ); + return Mono.error(ex); + }) + .onErrorReturn(new ResponseEntity<>(HttpStatus.BAD_REQUEST)); + } + + @Override + public Mono> updatePreferences(String xRequestId, Mono preferences, ServerWebExchange exchange) { + return savePreferences(xRequestId, preferences, exchange); + } + +} diff --git a/app/src/main/java/org/onap/portalng/preferences/entities/PreferencesDto.java b/app/src/main/java/org/onap/portalng/preferences/entities/PreferencesDto.java new file mode 100644 index 0000000..a86c229 --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/entities/PreferencesDto.java @@ -0,0 +1,39 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.entities; + +import lombok.Getter; +import lombok.Setter; +import org.springframework.data.annotation.Id; +import org.springframework.data.mongodb.core.mapping.Document; + +@Document +@Getter +@Setter +public class PreferencesDto { + @Id + private String userId; + + private Object properties; + +} + diff --git a/app/src/main/java/org/onap/portalng/preferences/exception/ProblemException.java b/app/src/main/java/org/onap/portalng/preferences/exception/ProblemException.java new file mode 100644 index 0000000..da7872f --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/exception/ProblemException.java @@ -0,0 +1,53 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.exception; + +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.EqualsAndHashCode; +import lombok.NoArgsConstructor; +import org.zalando.problem.AbstractThrowableProblem; +import org.zalando.problem.Problem; +import org.zalando.problem.Status; +import org.zalando.problem.StatusType; + +import java.net.URI; + +/** The default preferences exception */ +@Data +@Builder +@AllArgsConstructor +@NoArgsConstructor +@EqualsAndHashCode(callSuper = true) +public class ProblemException extends AbstractThrowableProblem { + @Builder.Default private final URI type = Problem.DEFAULT_TYPE; + + @Builder.Default private final String title = "Bad preferences error"; + + @Builder.Default private final StatusType status = Status.BAD_REQUEST; + + @Builder.Default private final String detail = "Please add more details here"; + + @Builder.Default private final URI instance = null; + +} diff --git a/app/src/main/java/org/onap/portalng/preferences/repository/PreferencesRepository.java b/app/src/main/java/org/onap/portalng/preferences/repository/PreferencesRepository.java new file mode 100644 index 0000000..264cdf5 --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/repository/PreferencesRepository.java @@ -0,0 +1,28 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.repository; + +import org.onap.portalng.preferences.entities.PreferencesDto; +import org.springframework.data.mongodb.repository.ReactiveMongoRepository; + +public interface PreferencesRepository extends ReactiveMongoRepository { +} diff --git a/app/src/main/java/org/onap/portalng/preferences/services/PreferencesService.java b/app/src/main/java/org/onap/portalng/preferences/services/PreferencesService.java new file mode 100644 index 0000000..4e7dfb3 --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/services/PreferencesService.java @@ -0,0 +1,80 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.services; + +import org.onap.portalng.preferences.entities.PreferencesDto; +import org.onap.portalng.preferences.exception.ProblemException; +import org.onap.portalng.preferences.openapi.model.Preferences; +import org.onap.portalng.preferences.repository.PreferencesRepository; +import org.onap.portalng.preferences.util.Logger; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import reactor.core.publisher.Mono; + +@Service +public class PreferencesService { + + @Autowired + private PreferencesRepository repository; + + public Mono getPreferences(String userId){ + return repository + .findById(userId) + .switchIfEmpty(defaultPreferences()) + .map(this::toPreferences); + } + + public Mono savePreferences( String xRequestId, String userId, Preferences preferences){ + + var preferencesDto = new PreferencesDto(); + preferencesDto.setUserId(userId); + preferencesDto.setProperties(preferences.getProperties()); + + return repository + .save(preferencesDto) + .map(this::toPreferences) + .onErrorResume(ProblemException.class, ex -> { + Logger.errorLog(xRequestId,"user prefrences", userId, "preferences" ); + return Mono.error(ex); + }); + + } + + private Preferences toPreferences(PreferencesDto preferencesDto) { + var preferences = new Preferences(); + preferences.setProperties(preferencesDto.getProperties()); + return preferences; + } + + /** + * Get a Preferences object that is initialised with an empty string. + * This is a) for convenience to not handle 404 on the consuming side and + * b) for security reasons + * @return PreferencesDto + */ + private Mono defaultPreferences() { + var preferencesDto = new PreferencesDto(); + preferencesDto.setProperties(""); + return Mono.just(preferencesDto); + } +} diff --git a/app/src/main/java/org/onap/portalng/preferences/util/IdTokenExchange.java b/app/src/main/java/org/onap/portalng/preferences/util/IdTokenExchange.java new file mode 100644 index 0000000..7349d53 --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/util/IdTokenExchange.java @@ -0,0 +1,88 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.util; + +import com.nimbusds.jwt.JWTClaimsSet; +import com.nimbusds.jwt.JWTParser; + +import java.text.ParseException; + +import org.springframework.web.server.ServerWebExchange; +import reactor.core.publisher.Mono; + +/** + * Represents a function that handles the JWT identity token. + * Use this to check if the incoming requests are authorized to call the given endpoint + */ + +public final class IdTokenExchange { + + public static final String X_AUTH_IDENTITY_HEADER = "X-Auth-Identity"; + public static final String JWT_CLAIM_USERID = "sub"; + + private IdTokenExchange(){ + + } + + /** + * Extract the identity header from the given {@link ServerWebExchange}. + * @param exchange the ServerWebExchange that contains information about the incoming request + * @return the identity header in the form of Bearer {@literal } + */ + private static Mono extractIdentityHeader(ServerWebExchange exchange) { + return Mono.just(exchange.getRequest().getHeaders().getOrEmpty(X_AUTH_IDENTITY_HEADER)) + .map(headers -> headers.get(0)) + .onErrorResume(Exception.class, ex -> Mono.error(ex)); + } + + /** + * Extract the identity token from the given {@link ServerWebExchange}. + * @see OpenId Connect ID Token + * @param exchange the ServerWebExchange that contains information about the incoming request + * @return the identity token that contains user roles + */ + private static Mono extractIdToken(ServerWebExchange exchange) { + return extractIdentityHeader(exchange) + .map(identityHeader -> identityHeader.replace("Bearer ", "")); + } + + /** + * Extract the userId from the given {@link ServerWebExchange} + * @param exchange the ServerWebExchange that contains information about the incoming request + * @return the id of the user + */ + public static Mono extractUserId(ServerWebExchange exchange) { + return extractIdToken(exchange) + .flatMap(idToken -> extractUserClaim(idToken)); + } + + private static Mono extractUserClaim(String idToken) { + JWTClaimsSet jwtClaimSet; + try { + jwtClaimSet = JWTParser.parse(idToken).getJWTClaimsSet(); + } catch (ParseException e) { + return Mono.error(e); + } + return Mono.just(String.class.cast(jwtClaimSet.getClaim(JWT_CLAIM_USERID))); + } +} + diff --git a/app/src/main/java/org/onap/portalng/preferences/util/Logger.java b/app/src/main/java/org/onap/portalng/preferences/util/Logger.java new file mode 100644 index 0000000..ed8eae3 --- /dev/null +++ b/app/src/main/java/org/onap/portalng/preferences/util/Logger.java @@ -0,0 +1,59 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.util; + +import java.net.URI; + +import org.springframework.http.HttpMethod; +import org.springframework.http.HttpStatusCode; + +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class Logger { + + private Logger(){} + + public static void requestLog(String xRequestId, HttpMethod methode, URI path) { + log.info("Preferences - request - X-Request-Id {} {} {}", xRequestId, methode, path); + } + + public static void responseLog(String xRequestId, HttpStatusCode httpStatusCode) { + log.info("Preferences - response - X-Request-Id {} {}", xRequestId, httpStatusCode); + } + + public static void errorLog(String xRequestId, String msg, String id, String app) { + log.info( + "Preferences - error - X-Request-Id {} {} {} not found in {}", xRequestId, msg, id, app); + } + + public static void errorLog( + String xRequestId, String msg, String id, String app, String errorDetails) { + log.info( + "Preferences - error - X-Request-Id {} {} {} not found in {} error message: {}", + xRequestId, + msg, + id, + app, + errorDetails); + } +} diff --git a/app/src/main/resources/application-local.yml b/app/src/main/resources/application-local.yml index 71fe8db..1ca695e 100644 --- a/app/src/main/resources/application-local.yml +++ b/app/src/main/resources/application-local.yml @@ -14,13 +14,13 @@ spring: jwk-set-uri: http://localhost:8080/auth/realms/ONAP/protocol/openid-connect/certs #Keycloak Endpoint data: mongodb: - database: portal_prefs + database: portal_preferences host: localhost port: 27017 username: root password: password -portal-prefs: +preferences: realm: ONAP management: diff --git a/app/src/main/resources/application.yml b/app/src/main/resources/application.yml index eb5b313..c7afccb 100644 --- a/app/src/main/resources/application.yml +++ b/app/src/main/resources/application.yml @@ -14,15 +14,14 @@ spring: jwk-set-uri: ${KEYCLOAK_URL}/auth/realms/${KEYCLOAK_REALM}/protocol/openid-connect/certs #Keycloak Endpoint data: mongodb: - database: ${PORTALPREFS_DATABASE} - host: ${PORTALPREFS_HOST} - port: ${PORTALPREFS_PORT} - username: ${PORTALPREFS_USERNAME} - password: ${PORTALPREFS_PASSWORD} + database: ${PREFERENCES_DATABASE} + host: ${PREFERENCES_HOST} + port: ${PREFERENCES_PORT} + username: ${PREFERENCES_USERNAME} + password: ${PREFERENCES_PASSWORD} -portal-prefs: +preferences: realm: ${KEYCLOAK_REALM} - management: endpoints: web: diff --git a/app/src/test/java/org/onap/portal/prefs/BaseIntegrationTest.java b/app/src/test/java/org/onap/portal/prefs/BaseIntegrationTest.java deleted file mode 100644 index 104b683..0000000 --- a/app/src/test/java/org/onap/portal/prefs/BaseIntegrationTest.java +++ /dev/null @@ -1,155 +0,0 @@ -/* - * - * Copyright (c) 2022. Deutsche Telekom AG - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -package org.onap.portal.prefs; - -import com.fasterxml.jackson.databind.ObjectMapper; -import com.github.tomakehurst.wiremock.client.WireMock; -import com.nimbusds.jose.jwk.JWKSet; -import org.onap.portal.prefs.util.IdTokenExchange; -import org.onap.portal.prefs.configuration.PortalPrefsConfig; -import io.restassured.RestAssured; -import io.restassured.filter.log.RequestLoggingFilter; -import io.restassured.filter.log.ResponseLoggingFilter; -import io.restassured.specification.RequestSpecification; -import org.junit.jupiter.api.BeforeAll; -import org.junit.jupiter.api.BeforeEach; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.boot.test.web.server.LocalServerPort; -import org.springframework.cloud.contract.wiremock.AutoConfigureWireMock; -import org.springframework.http.MediaType; - -import java.util.List; -import java.util.UUID; - -/** Base class for all tests that has the common config including port, realm, logging and auth. */ -@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) -@AutoConfigureWireMock(port = 0) -public abstract class BaseIntegrationTest { - - @LocalServerPort protected int port; - @Value("${portal-prefs.realm}") - protected String realm; - - @Autowired protected ObjectMapper objectMapper; - @Autowired private TokenGenerator tokenGenerator; - @Autowired protected PortalPrefsConfig portalPrefsConfig; - - @BeforeAll - public static void setup() { - RestAssured.filters(new RequestLoggingFilter(), new ResponseLoggingFilter()); - } - - /** Mocks the OIDC auth flow. */ - @BeforeEach - public void mockAuth() { - WireMock.reset(); - - WireMock.stubFor( - WireMock.get( - WireMock.urlMatching( - String.format("/auth/realms/%s/protocol/openid-connect/certs", realm))) - .willReturn( - WireMock.aResponse() - .withHeader("Content-Type", JWKSet.MIME_TYPE) - .withBody(tokenGenerator.getJwkSet().toString()))); - - final TokenGenerator.TokenGeneratorConfig config = - TokenGenerator.TokenGeneratorConfig.builder().port(port).realm(realm).sub("test-user").build(); - - WireMock.stubFor( - WireMock.post( - WireMock.urlMatching( - String.format("/auth/realms/%s/protocol/openid-connect/token", realm))) - .withBasicAuth("test", "test") - .withRequestBody(WireMock.containing("grant_type=client_credentials")) - .willReturn( - WireMock.aResponse() - .withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE) - .withBody( - objectMapper - .createObjectNode() - .put("token_type", "bearer") - .put("access_token", tokenGenerator.generateToken(config)) - .put("expires_in", config.getExpireIn().getSeconds()) - .put("refresh_token", tokenGenerator.generateToken(config)) - .put("refresh_expires_in", config.getExpireIn().getSeconds()) - .put("not-before-policy", 0) - .put("session_state", UUID.randomUUID().toString()) - .put("scope", "email profile") - .toString()))); - } - - /** - * Builds an OAuth2 configuration including the roles, port and realm. This config can be used to - * generate OAuth2 access tokens. - * - * @param sub the userId - * @param roles the roles used for RBAC - * @return the OAuth2 configuration - */ - protected TokenGenerator.TokenGeneratorConfig getTokenGeneratorConfig(String sub, List roles) { - return TokenGenerator.TokenGeneratorConfig.builder() - .port(port) - .sub(sub) - .realm(realm) - .roles(roles) - .build(); - } - - /** Get a RequestSpecification that does not have an Identity header. */ - protected RequestSpecification unauthenticatedRequestSpecification() { - return RestAssured.given().port(port); - } - - /** - * Object to store common attributes of requests that are going to be made. Adds an Identity - * header for the onap_admin role to the request. - * @return the definition of the incoming request (northbound) - */ - protected RequestSpecification requestSpecification() { - final String idToken = tokenGenerator.generateToken(getTokenGeneratorConfig("test-user", List.of("foo"))); - - return unauthenticatedRequestSpecification() - .auth() - .preemptive() - .oauth2(idToken) - .header(IdTokenExchange.X_AUTH_IDENTITY_HEADER, "Bearer " + idToken); - } - - /** - * Object to store common attributes of requests that are going to be made. Adds an Identity - * header for the onap_admin role to the request. - * @param userId the userId that should be contained in the incoming request - * @return the definition of the incoming request (northbound) - */ - protected RequestSpecification requestSpecification(String userId) { - final String idToken = tokenGenerator.generateToken(getTokenGeneratorConfig(userId, List.of("foo"))); - - return unauthenticatedRequestSpecification() - .auth() - .preemptive() - .oauth2(idToken) - .header(IdTokenExchange.X_AUTH_IDENTITY_HEADER, "Bearer " + idToken); - } -} diff --git a/app/src/test/java/org/onap/portal/prefs/TokenGenerator.java b/app/src/test/java/org/onap/portal/prefs/TokenGenerator.java deleted file mode 100644 index fb3a522..0000000 --- a/app/src/test/java/org/onap/portal/prefs/TokenGenerator.java +++ /dev/null @@ -1,130 +0,0 @@ -/* - * - * Copyright (c) 2022. Deutsche Telekom AG - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -package org.onap.portal.prefs; - -import java.time.Clock; -import java.time.Duration; -import java.time.Instant; -import java.util.Collections; -import java.util.Date; -import java.util.List; -import java.util.UUID; - -import com.nimbusds.jose.JOSEObjectType; -import com.nimbusds.jose.JWSAlgorithm; -import com.nimbusds.jose.JWSHeader; -import com.nimbusds.jose.JWSSigner; -import com.nimbusds.jose.crypto.RSASSASigner; -import com.nimbusds.jose.jwk.JWKSet; -import com.nimbusds.jose.jwk.KeyUse; -import com.nimbusds.jose.jwk.RSAKey; -import com.nimbusds.jose.jwk.gen.RSAKeyGenerator; -import com.nimbusds.jwt.JWTClaimsSet; -import com.nimbusds.jwt.SignedJWT; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Component; - -import lombok.Builder; -import lombok.Getter; -import lombok.NonNull; - -@Component -public class TokenGenerator { - - private static final String ROLES_CLAIM = "roles"; - private static final String USERID_CLAIM = "sub"; - - private final Clock clock; - private final RSAKey jwk; - private final JWKSet jwkSet; - private final JWSSigner signer; - - public TokenGenerator(Clock clock) { - try { - this.clock = clock; - jwk = - new RSAKeyGenerator(2048) - .keyUse(KeyUse.SIGNATURE) - .keyID(UUID.randomUUID().toString()) - .generate(); - jwkSet = new JWKSet(jwk); - signer = new RSASSASigner(jwk); - } catch (Exception e) { - throw new RuntimeException(e); - } - } - - public JWKSet getJwkSet() { - return jwkSet; - } - - public String generateToken(TokenGeneratorConfig config) { - final Instant iat = clock.instant(); - final Instant exp = iat.plus(config.expireIn); - - final JWTClaimsSet claims = - new JWTClaimsSet.Builder() - .jwtID(UUID.randomUUID().toString()) - .subject(UUID.randomUUID().toString()) - .issuer(config.issuer()) - .issueTime(Date.from(iat)) - .expirationTime(Date.from(exp)) - .claim(ROLES_CLAIM, config.getRoles()) - .claim(USERID_CLAIM, config.getSub()) - .build(); - - final SignedJWT jwt = - new SignedJWT( - new JWSHeader.Builder(JWSAlgorithm.RS256) - .keyID(jwk.getKeyID()) - .type(JOSEObjectType.JWT) - .build(), - claims); - - try { - jwt.sign(signer); - } catch (Exception e) { - throw new RuntimeException(e); - } - - return jwt.serialize(); - } - - @Getter - @Builder - public static class TokenGeneratorConfig { - private final int port; - - @NonNull private final String sub; - - @NonNull private final String realm; - - @NonNull @Builder.Default private final Duration expireIn = Duration.ofMinutes(5); - - @Builder.Default private final List roles = Collections.emptyList(); - - public String issuer() { - return String.format("http://localhost:%d/auth/realms/%s", port, realm); - } - } -} diff --git a/app/src/test/java/org/onap/portal/prefs/actuator/ActuatorIntegrationTest.java b/app/src/test/java/org/onap/portal/prefs/actuator/ActuatorIntegrationTest.java deleted file mode 100644 index 95e9b2a..0000000 --- a/app/src/test/java/org/onap/portal/prefs/actuator/ActuatorIntegrationTest.java +++ /dev/null @@ -1,48 +0,0 @@ -/* - * - * Copyright (c) 2022. Deutsche Telekom AG - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -package org.onap.portal.prefs.actuator; - -import static org.assertj.core.api.Assertions.assertThat; - -import org.onap.portal.prefs.BaseIntegrationTest; -import org.junit.jupiter.api.Test; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.availability.ApplicationAvailability; -import org.springframework.boot.availability.LivenessState; -import org.springframework.boot.availability.ReadinessState; - -class ActuatorIntegrationTest extends BaseIntegrationTest { - - @Autowired private ApplicationAvailability applicationAvailability; - - @Test - void livenessProbeIsAvailable() { - assertThat(applicationAvailability.getLivenessState()).isEqualTo(LivenessState.CORRECT); - } - - @Test - void readinessProbeIsAvailable() { - - assertThat(applicationAvailability.getReadinessState()) - .isEqualTo(ReadinessState.ACCEPTING_TRAFFIC); - } -} diff --git a/app/src/test/java/org/onap/portal/prefs/preferences/PreferencesControllerIntegrationTest.java b/app/src/test/java/org/onap/portal/prefs/preferences/PreferencesControllerIntegrationTest.java deleted file mode 100644 index b5f4cf1..0000000 --- a/app/src/test/java/org/onap/portal/prefs/preferences/PreferencesControllerIntegrationTest.java +++ /dev/null @@ -1,198 +0,0 @@ -/* - * - * Copyright (c) 2022. Deutsche Telekom AG - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * - * - */ - -package org.onap.portal.prefs.preferences; - -import static org.assertj.core.api.Assertions.assertThat; - -import org.junit.jupiter.api.Test; -import org.onap.portal.prefs.BaseIntegrationTest; -import org.onap.portal.prefs.openapi.model.Preferences; -import org.onap.portal.prefs.services.PreferencesService; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.HttpStatus; -import org.springframework.http.MediaType; - -import io.restassured.http.ContentType; -import io.restassured.http.Header; - -class PreferencesControllerIntegrationTest extends BaseIntegrationTest { - - protected static final String X_REQUEST_ID = "addf6005-3075-4c80-b7bc-2c70b7d42b57"; - - @Autowired - PreferencesService preferencesService; - - @Test - void thatUserPreferencesCanBeRetrieved() { - // First save a user preference before a GET can run - Preferences expectedResponse = new Preferences() - .properties("{\n" + - " \"properties\": { \"appStarter\": \"value1\",\n" + - " \"dashboard\": {\"key1:\" : \"value2\"}\n" + - " } \n" + - "}"); - preferencesService - .savePreferences(X_REQUEST_ID,"test-user", expectedResponse) - .block(); - - Preferences actualResponse = requestSpecification("test-user") - .given() - .accept(MediaType.APPLICATION_JSON_VALUE) - .header(new Header("X-Request-Id", X_REQUEST_ID)) - .when() - .get("/v1/preferences") - .then() - .statusCode(HttpStatus.OK.value()) - .extract() - .body() - .as(Preferences.class); - - assertThat(actualResponse).isNotNull(); - assertThat(actualResponse.getProperties()).isEqualTo(expectedResponse.getProperties()); - } - - @Test - void thatUserPreferencesCanNotBeRetrieved() { - unauthenticatedRequestSpecification() - .given() - .accept(MediaType.APPLICATION_JSON_VALUE) - .contentType(ContentType.JSON) - .header(new Header("X-Request-Id", X_REQUEST_ID)) - .when() - .get("/v1/preferences") - .then() - .statusCode(HttpStatus.UNAUTHORIZED.value()); - } - - @Test - void thatUserPreferencesCanBeSaved() { - Preferences expectedResponse = new Preferences() - .properties("{\n" + - " \"properties\": { \"appStarter\": \"value1\",\n" + - " \"dashboard\": {\"key1:\" : \"value2\"}\n" + - " } \n" + - "}"); - Preferences actualResponse = requestSpecification() - .given() - .accept(MediaType.APPLICATION_JSON_VALUE) - .contentType(ContentType.JSON) - .header(new Header("X-Request-Id", X_REQUEST_ID)) - .body(expectedResponse) - .when() - .post("/v1/preferences") - .then() - .statusCode(HttpStatus.OK.value()) - .extract() - .body() - .as(Preferences.class); - - assertThat(actualResponse).isNotNull(); - assertThat(actualResponse.getProperties()).isEqualTo(expectedResponse.getProperties()); - } - - @Test - void thatUserPreferencesCanBeUpdated() { - // First save a user preference before a GET can run - Preferences initialPreferences = new Preferences() - .properties("{\n" + - " \"properties\": { \"appStarter\": \"value1\",\n" + - " \"dashboard\": {\"key1:\" : \"value2\"}\n" + - " } \n" + - "}"); - preferencesService - .savePreferences(X_REQUEST_ID,"test-user", initialPreferences) - .block(); - - Preferences expectedResponse = new Preferences() - .properties("{\n" + - " \"properties\": { \"appStarter\": \"value3\",\n" + - " \"dashboard\": {\"key2:\" : \"value4\"}\n" + - " } \n" + - "}"); - Preferences actualResponse = requestSpecification("test-user") - .given() - .accept(MediaType.APPLICATION_JSON_VALUE) - .contentType(ContentType.JSON) - .header(new Header("X-Request-Id", X_REQUEST_ID)) - .body(expectedResponse) - .when() - .put("/v1/preferences") - .then() - .statusCode(HttpStatus.OK.value()) - .extract() - .body() - .as(Preferences.class); - - assertThat(actualResponse).isNotNull(); - assertThat(actualResponse.getProperties()).isEqualTo(expectedResponse.getProperties()); - } - - @Test - void thatUserPreferencesCanNotBeFound() { - - Preferences actualResponse = requestSpecification("test-canNotBeFound") - .given() - .accept(MediaType.APPLICATION_JSON_VALUE) - .header(new Header("X-Request-Id", X_REQUEST_ID)) - .when() - .get("/v1/preferences") - .then() - .statusCode(HttpStatus.OK.value()) - .extract() - .body() - .as(Preferences.class); - - assertThat(actualResponse).isNotNull(); - assertThat(actualResponse.getProperties()).isEqualTo(""); - } - - @Test - void thatUserPreferencesHasXRequestIdHeader() { - - String actualResponse = requestSpecification("test-user") - .given() - .accept(MediaType.APPLICATION_JSON_VALUE) - .header(new Header("X-Request-Id", X_REQUEST_ID)) - .when() - .get("/v1/preferences") - .then() - .statusCode(HttpStatus.OK.value()) - .extract() - .header("X-Request-Id"); - - assertThat(actualResponse).isNotNull().isEqualTo(X_REQUEST_ID); - } - - @Test - void thatUserPreferencesHasNoXRequestIdHeader() { - - requestSpecification("test-user") - .given() - .accept(MediaType.APPLICATION_JSON_VALUE) - .when() - .get("/v1/preferences") - .then() - .statusCode(HttpStatus.BAD_REQUEST.value()); - - - } -} diff --git a/app/src/test/java/org/onap/portalng/preferences/BaseIntegrationTest.java b/app/src/test/java/org/onap/portalng/preferences/BaseIntegrationTest.java new file mode 100644 index 0000000..df8da62 --- /dev/null +++ b/app/src/test/java/org/onap/portalng/preferences/BaseIntegrationTest.java @@ -0,0 +1,155 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences; + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.github.tomakehurst.wiremock.client.WireMock; +import com.nimbusds.jose.jwk.JWKSet; +import org.onap.portalng.preferences.util.IdTokenExchange; +import org.onap.portalng.preferences.configuration.PreferencesConfig; +import io.restassured.RestAssured; +import io.restassured.filter.log.RequestLoggingFilter; +import io.restassured.filter.log.ResponseLoggingFilter; +import io.restassured.specification.RequestSpecification; +import org.junit.jupiter.api.BeforeAll; +import org.junit.jupiter.api.BeforeEach; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.boot.test.web.server.LocalServerPort; +import org.springframework.cloud.contract.wiremock.AutoConfigureWireMock; +import org.springframework.http.MediaType; + +import java.util.List; +import java.util.UUID; + +/** Base class for all tests that has the common config including port, realm, logging and auth. */ +@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) +@AutoConfigureWireMock(port = 0) +public abstract class BaseIntegrationTest { + + @LocalServerPort protected int port; + @Value("${preferences.realm}") + protected String realm; + + @Autowired protected ObjectMapper objectMapper; + @Autowired private TokenGenerator tokenGenerator; + @Autowired protected PreferencesConfig preferencesConfig; + + @BeforeAll + public static void setup() { + RestAssured.filters(new RequestLoggingFilter(), new ResponseLoggingFilter()); + } + + /** Mocks the OIDC auth flow. */ + @BeforeEach + public void mockAuth() { + WireMock.reset(); + + WireMock.stubFor( + WireMock.get( + WireMock.urlMatching( + String.format("/auth/realms/%s/protocol/openid-connect/certs", realm))) + .willReturn( + WireMock.aResponse() + .withHeader("Content-Type", JWKSet.MIME_TYPE) + .withBody(tokenGenerator.getJwkSet().toString()))); + + final TokenGenerator.TokenGeneratorConfig config = + TokenGenerator.TokenGeneratorConfig.builder().port(port).realm(realm).sub("test-user").build(); + + WireMock.stubFor( + WireMock.post( + WireMock.urlMatching( + String.format("/auth/realms/%s/protocol/openid-connect/token", realm))) + .withBasicAuth("test", "test") + .withRequestBody(WireMock.containing("grant_type=client_credentials")) + .willReturn( + WireMock.aResponse() + .withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE) + .withBody( + objectMapper + .createObjectNode() + .put("token_type", "bearer") + .put("access_token", tokenGenerator.generateToken(config)) + .put("expires_in", config.getExpireIn().getSeconds()) + .put("refresh_token", tokenGenerator.generateToken(config)) + .put("refresh_expires_in", config.getExpireIn().getSeconds()) + .put("not-before-policy", 0) + .put("session_state", UUID.randomUUID().toString()) + .put("scope", "email profile") + .toString()))); + } + + /** + * Builds an OAuth2 configuration including the roles, port and realm. This config can be used to + * generate OAuth2 access tokens. + * + * @param sub the userId + * @param roles the roles used for RBAC + * @return the OAuth2 configuration + */ + protected TokenGenerator.TokenGeneratorConfig getTokenGeneratorConfig(String sub, List roles) { + return TokenGenerator.TokenGeneratorConfig.builder() + .port(port) + .sub(sub) + .realm(realm) + .roles(roles) + .build(); + } + + /** Get a RequestSpecification that does not have an Identity header. */ + protected RequestSpecification unauthenticatedRequestSpecification() { + return RestAssured.given().port(port); + } + + /** + * Object to store common attributes of requests that are going to be made. Adds an Identity + * header for the onap_admin role to the request. + * @return the definition of the incoming request (northbound) + */ + protected RequestSpecification requestSpecification() { + final String idToken = tokenGenerator.generateToken(getTokenGeneratorConfig("test-user", List.of("foo"))); + + return unauthenticatedRequestSpecification() + .auth() + .preemptive() + .oauth2(idToken) + .header(IdTokenExchange.X_AUTH_IDENTITY_HEADER, "Bearer " + idToken); + } + + /** + * Object to store common attributes of requests that are going to be made. Adds an Identity + * header for the onap_admin role to the request. + * @param userId the userId that should be contained in the incoming request + * @return the definition of the incoming request (northbound) + */ + protected RequestSpecification requestSpecification(String userId) { + final String idToken = tokenGenerator.generateToken(getTokenGeneratorConfig(userId, List.of("foo"))); + + return unauthenticatedRequestSpecification() + .auth() + .preemptive() + .oauth2(idToken) + .header(IdTokenExchange.X_AUTH_IDENTITY_HEADER, "Bearer " + idToken); + } +} diff --git a/app/src/test/java/org/onap/portalng/preferences/TokenGenerator.java b/app/src/test/java/org/onap/portalng/preferences/TokenGenerator.java new file mode 100644 index 0000000..30ddbdc --- /dev/null +++ b/app/src/test/java/org/onap/portalng/preferences/TokenGenerator.java @@ -0,0 +1,130 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences; + +import java.time.Clock; +import java.time.Duration; +import java.time.Instant; +import java.util.Collections; +import java.util.Date; +import java.util.List; +import java.util.UUID; + +import com.nimbusds.jose.JOSEObjectType; +import com.nimbusds.jose.JWSAlgorithm; +import com.nimbusds.jose.JWSHeader; +import com.nimbusds.jose.JWSSigner; +import com.nimbusds.jose.crypto.RSASSASigner; +import com.nimbusds.jose.jwk.JWKSet; +import com.nimbusds.jose.jwk.KeyUse; +import com.nimbusds.jose.jwk.RSAKey; +import com.nimbusds.jose.jwk.gen.RSAKeyGenerator; +import com.nimbusds.jwt.JWTClaimsSet; +import com.nimbusds.jwt.SignedJWT; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import lombok.Builder; +import lombok.Getter; +import lombok.NonNull; + +@Component +public class TokenGenerator { + + private static final String ROLES_CLAIM = "roles"; + private static final String USERID_CLAIM = "sub"; + + private final Clock clock; + private final RSAKey jwk; + private final JWKSet jwkSet; + private final JWSSigner signer; + + public TokenGenerator(Clock clock) { + try { + this.clock = clock; + jwk = + new RSAKeyGenerator(2048) + .keyUse(KeyUse.SIGNATURE) + .keyID(UUID.randomUUID().toString()) + .generate(); + jwkSet = new JWKSet(jwk); + signer = new RSASSASigner(jwk); + } catch (Exception e) { + throw new RuntimeException(e); + } + } + + public JWKSet getJwkSet() { + return jwkSet; + } + + public String generateToken(TokenGeneratorConfig config) { + final Instant iat = clock.instant(); + final Instant exp = iat.plus(config.expireIn); + + final JWTClaimsSet claims = + new JWTClaimsSet.Builder() + .jwtID(UUID.randomUUID().toString()) + .subject(UUID.randomUUID().toString()) + .issuer(config.issuer()) + .issueTime(Date.from(iat)) + .expirationTime(Date.from(exp)) + .claim(ROLES_CLAIM, config.getRoles()) + .claim(USERID_CLAIM, config.getSub()) + .build(); + + final SignedJWT jwt = + new SignedJWT( + new JWSHeader.Builder(JWSAlgorithm.RS256) + .keyID(jwk.getKeyID()) + .type(JOSEObjectType.JWT) + .build(), + claims); + + try { + jwt.sign(signer); + } catch (Exception e) { + throw new RuntimeException(e); + } + + return jwt.serialize(); + } + + @Getter + @Builder + public static class TokenGeneratorConfig { + private final int port; + + @NonNull private final String sub; + + @NonNull private final String realm; + + @NonNull @Builder.Default private final Duration expireIn = Duration.ofMinutes(5); + + @Builder.Default private final List roles = Collections.emptyList(); + + public String issuer() { + return String.format("http://localhost:%d/auth/realms/%s", port, realm); + } + } +} diff --git a/app/src/test/java/org/onap/portalng/preferences/actuator/ActuatorIntegrationTest.java b/app/src/test/java/org/onap/portalng/preferences/actuator/ActuatorIntegrationTest.java new file mode 100644 index 0000000..e8f22d6 --- /dev/null +++ b/app/src/test/java/org/onap/portalng/preferences/actuator/ActuatorIntegrationTest.java @@ -0,0 +1,48 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.actuator; + +import static org.assertj.core.api.Assertions.assertThat; + +import org.onap.portalng.preferences.BaseIntegrationTest; +import org.junit.jupiter.api.Test; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.availability.ApplicationAvailability; +import org.springframework.boot.availability.LivenessState; +import org.springframework.boot.availability.ReadinessState; + +class ActuatorIntegrationTest extends BaseIntegrationTest { + + @Autowired private ApplicationAvailability applicationAvailability; + + @Test + void livenessProbeIsAvailable() { + assertThat(applicationAvailability.getLivenessState()).isEqualTo(LivenessState.CORRECT); + } + + @Test + void readinessProbeIsAvailable() { + + assertThat(applicationAvailability.getReadinessState()) + .isEqualTo(ReadinessState.ACCEPTING_TRAFFIC); + } +} diff --git a/app/src/test/java/org/onap/portalng/preferences/preferences/PreferencesControllerIntegrationTest.java b/app/src/test/java/org/onap/portalng/preferences/preferences/PreferencesControllerIntegrationTest.java new file mode 100644 index 0000000..6eb1148 --- /dev/null +++ b/app/src/test/java/org/onap/portalng/preferences/preferences/PreferencesControllerIntegrationTest.java @@ -0,0 +1,198 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portalng.preferences.preferences; + +import static org.assertj.core.api.Assertions.assertThat; + +import org.junit.jupiter.api.Test; +import org.onap.portalng.preferences.BaseIntegrationTest; +import org.onap.portalng.preferences.openapi.model.Preferences; +import org.onap.portalng.preferences.services.PreferencesService; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.HttpStatus; +import org.springframework.http.MediaType; + +import io.restassured.http.ContentType; +import io.restassured.http.Header; + +class PreferencesControllerIntegrationTest extends BaseIntegrationTest { + + protected static final String X_REQUEST_ID = "addf6005-3075-4c80-b7bc-2c70b7d42b57"; + + @Autowired + PreferencesService preferencesService; + + @Test + void thatUserPreferencesCanBeRetrieved() { + // First save a user preference before a GET can run + Preferences expectedResponse = new Preferences() + .properties("{\n" + + " \"properties\": { \"appStarter\": \"value1\",\n" + + " \"dashboard\": {\"key1:\" : \"value2\"}\n" + + " } \n" + + "}"); + preferencesService + .savePreferences(X_REQUEST_ID,"test-user", expectedResponse) + .block(); + + Preferences actualResponse = requestSpecification("test-user") + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID)) + .when() + .get("/v1/preferences") + .then() + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(Preferences.class); + + assertThat(actualResponse).isNotNull(); + assertThat(actualResponse.getProperties()).isEqualTo(expectedResponse.getProperties()); + } + + @Test + void thatUserPreferencesCanNotBeRetrieved() { + unauthenticatedRequestSpecification() + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(ContentType.JSON) + .header(new Header("X-Request-Id", X_REQUEST_ID)) + .when() + .get("/v1/preferences") + .then() + .statusCode(HttpStatus.UNAUTHORIZED.value()); + } + + @Test + void thatUserPreferencesCanBeSaved() { + Preferences expectedResponse = new Preferences() + .properties("{\n" + + " \"properties\": { \"appStarter\": \"value1\",\n" + + " \"dashboard\": {\"key1:\" : \"value2\"}\n" + + " } \n" + + "}"); + Preferences actualResponse = requestSpecification() + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(ContentType.JSON) + .header(new Header("X-Request-Id", X_REQUEST_ID)) + .body(expectedResponse) + .when() + .post("/v1/preferences") + .then() + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(Preferences.class); + + assertThat(actualResponse).isNotNull(); + assertThat(actualResponse.getProperties()).isEqualTo(expectedResponse.getProperties()); + } + + @Test + void thatUserPreferencesCanBeUpdated() { + // First save a user preference before a GET can run + Preferences initialPreferences = new Preferences() + .properties("{\n" + + " \"properties\": { \"appStarter\": \"value1\",\n" + + " \"dashboard\": {\"key1:\" : \"value2\"}\n" + + " } \n" + + "}"); + preferencesService + .savePreferences(X_REQUEST_ID,"test-user", initialPreferences) + .block(); + + Preferences expectedResponse = new Preferences() + .properties("{\n" + + " \"properties\": { \"appStarter\": \"value3\",\n" + + " \"dashboard\": {\"key2:\" : \"value4\"}\n" + + " } \n" + + "}"); + Preferences actualResponse = requestSpecification("test-user") + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(ContentType.JSON) + .header(new Header("X-Request-Id", X_REQUEST_ID)) + .body(expectedResponse) + .when() + .put("/v1/preferences") + .then() + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(Preferences.class); + + assertThat(actualResponse).isNotNull(); + assertThat(actualResponse.getProperties()).isEqualTo(expectedResponse.getProperties()); + } + + @Test + void thatUserPreferencesCanNotBeFound() { + + Preferences actualResponse = requestSpecification("test-canNotBeFound") + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID)) + .when() + .get("/v1/preferences") + .then() + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(Preferences.class); + + assertThat(actualResponse).isNotNull(); + assertThat(actualResponse.getProperties()).isEqualTo(""); + } + + @Test + void thatUserPreferencesHasXRequestIdHeader() { + + String actualResponse = requestSpecification("test-user") + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID)) + .when() + .get("/v1/preferences") + .then() + .statusCode(HttpStatus.OK.value()) + .extract() + .header("X-Request-Id"); + + assertThat(actualResponse).isNotNull().isEqualTo(X_REQUEST_ID); + } + + @Test + void thatUserPreferencesHasNoXRequestIdHeader() { + + requestSpecification("test-user") + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .when() + .get("/v1/preferences") + .then() + .statusCode(HttpStatus.BAD_REQUEST.value()); + + + } +} diff --git a/app/src/test/resources/application.yml b/app/src/test/resources/application.yml index bdfadf4..ace8c84 100644 --- a/app/src/test/resources/application.yml +++ b/app/src/test/resources/application.yml @@ -19,7 +19,7 @@ spring: jwt: jwk-set-uri: http://localhost:${wiremock.server.port}/auth/realms/ONAP/protocol/openid-connect/certs #Keycloak Endpoint -portal-prefs: +preferences: realm: ONAP management: diff --git a/openapi/build.gradle b/openapi/build.gradle index 7b7775a..fc5e1dc 100644 --- a/openapi/build.gradle +++ b/openapi/build.gradle @@ -41,9 +41,9 @@ openApiGenerate { generateApiDocumentation = false generateModelTests = false generateModelDocumentation = false - invokerPackage = "org.onap.portal.prefs.openapi" - apiPackage = "org.onap.portal.prefs.openapi.api" - modelPackage = "org.onap.portal.prefs.openapi.model" + invokerPackage = "org.onap.portalng.preferences.openapi" + apiPackage = "org.onap.portalng.preferences.openapi.api" + modelPackage = "org.onap.portalng.preferences.openapi.model" } compileJava { diff --git a/renovate.json b/renovate.json deleted file mode 100644 index 39a2b6e..0000000 --- a/renovate.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "extends": [ - "config:base" - ] -} diff --git a/settings.gradle b/settings.gradle index 1c146af..632c8ef 100644 --- a/settings.gradle +++ b/settings.gradle @@ -2,9 +2,8 @@ pluginManagement { // https://docs.gradle.org/current/userguide/plugins.html#sec:plugin_version_management plugins { - id 'io.spring.dependency-management' version '1.0.13.RELEASE' + id 'io.spring.dependency-management' version '1.1.2' id 'org.springframework.boot' version '3.1.2' - id 'org.sonarqube' version '3.4.0.2513' id 'com.github.hierynomus.license' version '0.16.1' id 'com.gorylenko.gradle-git-properties' version '2.4.1' id 'org.openapi.generator' version '7.0.0-beta' @@ -12,9 +11,7 @@ pluginManagement { // https://docs.gradle.org/current/userguide/plugins.html#sec:custom_plugin_repositories repositories { mavenCentral() - maven { - url "https://plugins.gradle.org/m2/" - } + gradlePluginPortal() } } @@ -37,7 +34,7 @@ pluginManagement { // } // } -rootProject.name = 'portal-prefs' +rootProject.name = 'preferences' include 'openapi' include 'app' diff --git a/version b/version index 6e8bf73..17e51c3 100644 --- a/version +++ b/version @@ -1 +1 @@ -0.1.0 +0.1.1 -- cgit 1.2.3-korg