Commit 92c7b2f6 authored by Enriko Käsper's avatar Enriko Käsper
Browse files

Merge branch 'develop' into 'master'

Release: merge 'develop' into 'master' created by Enriko Käsper

See merge request teis/common-api-gateway!140
parents 32d97980 e3386096
Pipeline #1090 failed
...@@ -7,6 +7,7 @@ import ee.sm.ti.teis.servicerequest.RequestMetaDTO; ...@@ -7,6 +7,7 @@ import ee.sm.ti.teis.servicerequest.RequestMetaDTO;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import static java.util.UUID.randomUUID;
import static org.junit.jupiter.api.Assertions.assertThrows; import static org.junit.jupiter.api.Assertions.assertThrows;
class ViolationControllerTest extends CommonApiGatewayTestBase { class ViolationControllerTest extends CommonApiGatewayTestBase {
...@@ -17,13 +18,13 @@ class ViolationControllerTest extends CommonApiGatewayTestBase { ...@@ -17,13 +18,13 @@ class ViolationControllerTest extends CommonApiGatewayTestBase {
@Test @Test
void getViolations_badRequest() { void getViolations_badRequest() {
assertThrows(NoResponseFromRabbitException.class, () -> assertThrows(NoResponseFromRabbitException.class, () ->
controller.getViolations("", "", new RequestMetaDTO())); controller.getViolations(randomUUID(), randomUUID(), new RequestMetaDTO()));
} }
@Test @Test
void getViolation_badRequest() { void getViolation_badRequest() {
assertThrows(NoResponseFromRabbitException.class, () -> assertThrows(NoResponseFromRabbitException.class, () ->
controller.getViolation("", new RequestMetaDTO())); controller.getViolation(randomUUID(), new RequestMetaDTO()));
} }
} }
...@@ -7,6 +7,7 @@ import ee.sm.ti.teis.servicecommon.config.PropertyLogger; ...@@ -7,6 +7,7 @@ import ee.sm.ti.teis.servicecommon.config.PropertyLogger;
import org.camunda.bpm.spring.boot.starter.annotation.EnableProcessApplication; import org.camunda.bpm.spring.boot.starter.annotation.EnableProcessApplication;
import org.springframework.boot.SpringApplication; import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Import; import org.springframework.context.annotation.Import;
@SpringBootApplication @SpringBootApplication
...@@ -15,6 +16,7 @@ import org.springframework.context.annotation.Import; ...@@ -15,6 +16,7 @@ import org.springframework.context.annotation.Import;
ExchangeConfig.class, ExchangeConfig.class,
QueueConfigurator.class, QueueConfigurator.class,
DataSourceConfig.class}) DataSourceConfig.class})
@EnableConfigurationProperties
public class CommonApiGateway { public class CommonApiGateway {
public static void main(String[] args) { public static void main(String[] args) {
SpringApplication.run(CommonApiGateway.class, args); SpringApplication.run(CommonApiGateway.class, args);
......
...@@ -44,7 +44,7 @@ public class FileContentService { ...@@ -44,7 +44,7 @@ public class FileContentService {
private final FileMetaProcessingService fileMetaProcessingService; private final FileMetaProcessingService fileMetaProcessingService;
private final FileProcessingService fileProcessingService; private final FileProcessingService fileProcessingService;
@Value("${teis.file.file-reference.update-timeout}") @Value("${teis.file.file-reference.update-timeout}")
private final int fileReferenceUpdateTimeout = 5000; private int fileReferenceUpdateTimeout;
@Value("${minio.bucket}") @Value("${minio.bucket}")
private String bucketName; private String bucketName;
@Value("${minio.bucket-thumbnail}") @Value("${minio.bucket-thumbnail}")
......
...@@ -28,7 +28,7 @@ public class MessageController extends TeisBaseController { ...@@ -28,7 +28,7 @@ public class MessageController extends TeisBaseController {
@ApiResponses(value = { @ApiResponses(value = {
@ApiResponse(code = 400, message = "Sisendi parameetrid ei vasta nõuetele")}) @ApiResponse(code = 400, message = "Sisendi parameetrid ei vasta nõuetele")})
@GetMapping(value = "{dataObjectId}") @GetMapping(value = "{dataObjectId}")
public List<MessageDto> getMessages(@PathVariable String dataObjectId, @ApiIgnore RequestMetaDTO requestMetaDTO) { public List<MessageDto> getMessages(@PathVariable UUID dataObjectId, @ApiIgnore RequestMetaDTO requestMetaDTO) {
MessagesRequest request = new MessagesRequest(); MessagesRequest request = new MessagesRequest();
request.setPayload(dataObjectId, requestMetaDTO); request.setPayload(dataObjectId, requestMetaDTO);
...@@ -68,7 +68,7 @@ public class MessageController extends TeisBaseController { ...@@ -68,7 +68,7 @@ public class MessageController extends TeisBaseController {
@ApiResponse(code = 403, message = "Kasutajal ei ole õigust andmeobjekti pärida"), @ApiResponse(code = 403, message = "Kasutajal ei ole õigust andmeobjekti pärida"),
@ApiResponse(code = 404, message = "Sisendis esitatud andmetega objekti ei eksisteeri")}) @ApiResponse(code = 404, message = "Sisendis esitatud andmetega objekti ei eksisteeri")})
@DeleteMapping(value = "{id}") @DeleteMapping(value = "{id}")
public void delete(@PathVariable String id, @ApiIgnore RequestMetaDTO requestMetaDTO) { public void delete(@PathVariable UUID id, @ApiIgnore RequestMetaDTO requestMetaDTO) {
DeleteMessageRequest request = new DeleteMessageRequest(); DeleteMessageRequest request = new DeleteMessageRequest();
request.setPayload(id, requestMetaDTO); request.setPayload(id, requestMetaDTO);
......
...@@ -32,7 +32,7 @@ public class ProceedingInspectionDocumentController extends TeisBaseController { ...@@ -32,7 +32,7 @@ public class ProceedingInspectionDocumentController extends TeisBaseController {
@ApiResponse(code = 404, message = "Sisendis esitatud andmetega andmeobjekti ei eksisteeri")}) @ApiResponse(code = 404, message = "Sisendis esitatud andmetega andmeobjekti ei eksisteeri")})
@ApiImplicitParams(@ApiImplicitParam(name = "id", value = "${teis.api.messages.proceeding.get-proceeding-inspection-item-id}")) @ApiImplicitParams(@ApiImplicitParam(name = "id", value = "${teis.api.messages.proceeding.get-proceeding-inspection-item-id}"))
@GetMapping(value = "proceedings/{id}/inspection-documents", produces = APPLICATION_JSON_VALUE) @GetMapping(value = "proceedings/{id}/inspection-documents", produces = APPLICATION_JSON_VALUE)
public List<ProceedingInspectionDocumentPublicDto> getDocuments(@PathVariable String id, @ApiIgnore RequestMetaDTO requestMetaDTO) { public List<ProceedingInspectionDocumentPublicDto> getDocuments(@PathVariable UUID id, @ApiIgnore RequestMetaDTO requestMetaDTO) {
ProceedingInspectionDocumentsPublicRequest request = new ProceedingInspectionDocumentsPublicRequest(); ProceedingInspectionDocumentsPublicRequest request = new ProceedingInspectionDocumentsPublicRequest();
request.setPayload(id, requestMetaDTO); request.setPayload(id, requestMetaDTO);
...@@ -45,7 +45,7 @@ public class ProceedingInspectionDocumentController extends TeisBaseController { ...@@ -45,7 +45,7 @@ public class ProceedingInspectionDocumentController extends TeisBaseController {
@ApiResponse(code = 400, message = "Sisendi parameetrid ei vasta nõuetele"), @ApiResponse(code = 400, message = "Sisendi parameetrid ei vasta nõuetele"),
@ApiResponse(code = 404, message = "Sisendis esitatud andmetega andmeobjekti ei eksisteeri")}) @ApiResponse(code = 404, message = "Sisendis esitatud andmetega andmeobjekti ei eksisteeri")})
@PostMapping(value = "proceedings/{id}/inspection-documents", produces = APPLICATION_JSON_VALUE) @PostMapping(value = "proceedings/{id}/inspection-documents", produces = APPLICATION_JSON_VALUE)
public ProceedingInspectionDocumentPublicDto createDocument(@PathVariable String id, @RequestBody ClassifierItemLightDto document, @ApiIgnore RequestMetaDTO requestMetaDTO) { public ProceedingInspectionDocumentPublicDto createDocument(@PathVariable UUID id, @RequestBody ClassifierItemLightDto document, @ApiIgnore RequestMetaDTO requestMetaDTO) {
CreateProceedingInspectionDocumentPublicRequest request = new CreateProceedingInspectionDocumentPublicRequest(); CreateProceedingInspectionDocumentPublicRequest request = new CreateProceedingInspectionDocumentPublicRequest();
CreateProceedingInspectionDocumentPublicRequest.Parameters payload = new CreateProceedingInspectionDocumentPublicRequest.Parameters(); CreateProceedingInspectionDocumentPublicRequest.Parameters payload = new CreateProceedingInspectionDocumentPublicRequest.Parameters();
payload.setDocumentId(document.getCode()); payload.setDocumentId(document.getCode());
...@@ -62,7 +62,7 @@ public class ProceedingInspectionDocumentController extends TeisBaseController { ...@@ -62,7 +62,7 @@ public class ProceedingInspectionDocumentController extends TeisBaseController {
@ApiResponse(code = 404, message = "Sisendis esitatud andmetega andmeobjekti ei eksisteeri")}) @ApiResponse(code = 404, message = "Sisendis esitatud andmetega andmeobjekti ei eksisteeri")})
@ApiImplicitParams(@ApiImplicitParam(name = "id", value = "${teis.api.messages.proceeding.inspection-document-id}")) @ApiImplicitParams(@ApiImplicitParam(name = "id", value = "${teis.api.messages.proceeding.inspection-document-id}"))
@PostMapping(value = "proceeding-inspection-documents/{id}/weblink", produces = APPLICATION_JSON_VALUE) @PostMapping(value = "proceeding-inspection-documents/{id}/weblink", produces = APPLICATION_JSON_VALUE)
public List<WebLinkDto> createWebLinks(@PathVariable String id, @RequestBody List<String> url, @ApiIgnore RequestMetaDTO requestMetaDTO) { public List<WebLinkDto> createWebLinks(@PathVariable UUID id, @RequestBody List<String> url, @ApiIgnore RequestMetaDTO requestMetaDTO) {
CreateWebLinkRequest request = new CreateWebLinkRequest(); CreateWebLinkRequest request = new CreateWebLinkRequest();
request.setPayload(new CreateWebLinkRequest.Parameters(url, id), requestMetaDTO); request.setPayload(new CreateWebLinkRequest.Parameters(url, id), requestMetaDTO);
...@@ -74,9 +74,9 @@ public class ProceedingInspectionDocumentController extends TeisBaseController { ...@@ -74,9 +74,9 @@ public class ProceedingInspectionDocumentController extends TeisBaseController {
@ApiResponse(code = 400, message = "Sisendi parameetrid ei vasta nõuetele"), @ApiResponse(code = 400, message = "Sisendi parameetrid ei vasta nõuetele"),
@ApiResponse(code = 404, message = "Sisendis esitatud andmetega andmeobjekti ei eksisteeri")}) @ApiResponse(code = 404, message = "Sisendis esitatud andmetega andmeobjekti ei eksisteeri")})
@DeleteMapping(value = "proceeding-inspection-documents/{documentId}/weblink/{webLinkId}", produces = APPLICATION_JSON_VALUE) @DeleteMapping(value = "proceeding-inspection-documents/{documentId}/weblink/{webLinkId}", produces = APPLICATION_JSON_VALUE)
public void deleteWebLink(@PathVariable String documentId, @PathVariable String webLinkId, @ApiIgnore RequestMetaDTO requestMetaDTO) { public void deleteWebLink(@PathVariable UUID documentId, @PathVariable UUID webLinkId, @ApiIgnore RequestMetaDTO requestMetaDTO) {
DeleteWebLinkRequest request = new DeleteWebLinkRequest(); DeleteWebLinkRequest request = new DeleteWebLinkRequest();
request.setPayload(new DeleteWebLinkRequest.Parameters(UUID.fromString(documentId), UUID.fromString(webLinkId)), requestMetaDTO); request.setPayload(new DeleteWebLinkRequest.Parameters(documentId, webLinkId), requestMetaDTO);
processingService.deleteWebLink(request); processingService.deleteWebLink(request);
} }
......
...@@ -16,6 +16,7 @@ import org.springframework.web.bind.annotation.RestController; ...@@ -16,6 +16,7 @@ import org.springframework.web.bind.annotation.RestController;
import springfox.documentation.annotations.ApiIgnore; import springfox.documentation.annotations.ApiIgnore;
import java.util.List; import java.util.List;
import java.util.UUID;
@Profile({"dev", "test", "local", "integtest"}) @Profile({"dev", "test", "local", "integtest"})
@RestController @RestController
...@@ -31,7 +32,7 @@ public class ProceedingInspectionDocumentTestController extends TeisBaseControll ...@@ -31,7 +32,7 @@ public class ProceedingInspectionDocumentTestController extends TeisBaseControll
@ApiResponse(code = 400, message = "Sisendi parameetrid ei vasta nõuetele"), @ApiResponse(code = 400, message = "Sisendi parameetrid ei vasta nõuetele"),
@ApiResponse(code = 404, message = "Sisendis esitatud andmetega andmeobjekti ei eksisteeri")}) @ApiResponse(code = 404, message = "Sisendis esitatud andmetega andmeobjekti ei eksisteeri")})
@GetMapping @GetMapping
public List<WebLinkDto> getWebLinks(@PathVariable String documentId, @ApiIgnore RequestMetaDTO requestMetaDTO) { public List<WebLinkDto> getWebLinks(@PathVariable UUID documentId, @ApiIgnore RequestMetaDTO requestMetaDTO) {
WebLinksTestRequest request = new WebLinksTestRequest(); WebLinksTestRequest request = new WebLinksTestRequest();
request.setPayload(documentId, requestMetaDTO); request.setPayload(documentId, requestMetaDTO);
......
...@@ -11,6 +11,7 @@ import org.springframework.web.bind.annotation.*; ...@@ -11,6 +11,7 @@ import org.springframework.web.bind.annotation.*;
import springfox.documentation.annotations.ApiIgnore; import springfox.documentation.annotations.ApiIgnore;
import java.util.List; import java.util.List;
import java.util.UUID;
import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE; import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
...@@ -27,8 +28,8 @@ public class ViolationController extends TeisBaseController { ...@@ -27,8 +28,8 @@ public class ViolationController extends TeisBaseController {
@ApiResponse(code = 403, message = "Kasutajal ei ole õigust andmeobjekti pärida"), @ApiResponse(code = 403, message = "Kasutajal ei ole õigust andmeobjekti pärida"),
@ApiResponse(code = 404, message = "Sisendis esitatud andmetega objekti ei eksisteeri")}) @ApiResponse(code = 404, message = "Sisendis esitatud andmetega objekti ei eksisteeri")})
@GetMapping(produces = APPLICATION_JSON_VALUE) @GetMapping(produces = APPLICATION_JSON_VALUE)
public List<ViolationPublicDto> getViolations(@RequestParam(value = "proceduralActId", required = false) String proceduralActId, public List<ViolationPublicDto> getViolations(@RequestParam(value = "proceduralActId", required = false) UUID proceduralActId,
@RequestParam(value = "proceedingId", required = false) String proceedingId, @RequestParam(value = "proceedingId", required = false) UUID proceedingId,
@ApiIgnore RequestMetaDTO requestMetaDTO) { @ApiIgnore RequestMetaDTO requestMetaDTO) {
ViolationsPublicRequest request = new ViolationsPublicRequest(); ViolationsPublicRequest request = new ViolationsPublicRequest();
request.setPayload(new ViolationsPublicRequest.Parameters(proceduralActId, proceedingId), requestMetaDTO); request.setPayload(new ViolationsPublicRequest.Parameters(proceduralActId, proceedingId), requestMetaDTO);
...@@ -41,10 +42,10 @@ public class ViolationController extends TeisBaseController { ...@@ -41,10 +42,10 @@ public class ViolationController extends TeisBaseController {
@ApiResponse(code = 400, message = "Sisendi parameetrid ei vasta nõuetele"), @ApiResponse(code = 400, message = "Sisendi parameetrid ei vasta nõuetele"),
@ApiResponse(code = 403, message = "Kasutajal ei ole õigust andmeobjekti pärida"), @ApiResponse(code = 403, message = "Kasutajal ei ole õigust andmeobjekti pärida"),
@ApiResponse(code = 404, message = "Sisendis esitatud andmetega objekti ei eksisteeri")}) @ApiResponse(code = 404, message = "Sisendis esitatud andmetega objekti ei eksisteeri")})
@GetMapping(value ="/{id}", produces = APPLICATION_JSON_VALUE) @GetMapping(value = "/{id}", produces = APPLICATION_JSON_VALUE)
public ViolationPublicDto getViolation(@PathVariable(value = "id") String violationId, @ApiIgnore RequestMetaDTO requestMetaDTO) { public ViolationPublicDto getViolation(@PathVariable UUID id, @ApiIgnore RequestMetaDTO requestMetaDTO) {
ViolationPublicRequest request = new ViolationPublicRequest(); ViolationPublicRequest request = new ViolationPublicRequest();
request.setPayload(new ViolationPublicRequest.Parameters(violationId), requestMetaDTO); request.setPayload(id, requestMetaDTO);
return service.getViolation(request); return service.getViolation(request);
} }
......
...@@ -23,7 +23,6 @@ public class AuthPublicController extends TeisBaseController { ...@@ -23,7 +23,6 @@ public class AuthPublicController extends TeisBaseController {
return keycloakTokenService.getAuthConfig(); return keycloakTokenService.getAuthConfig();
} }
@ApiOperation(value = "${teis.api.messages.auth-token}", response = String.class) @ApiOperation(value = "${teis.api.messages.auth-token}", response = String.class)
@ApiResponses(value = {@ApiResponse(code = 200, message = "Tagastatakse nii access_token, kui refreshToken ja nende eluajad."), @ApiResponses(value = {@ApiResponse(code = 200, message = "Tagastatakse nii access_token, kui refreshToken ja nende eluajad."),
@ApiResponse(code = 400, message = "Sisendparameetrid on vigased.")}) @ApiResponse(code = 400, message = "Sisendparameetrid on vigased.")})
...@@ -31,7 +30,8 @@ public class AuthPublicController extends TeisBaseController { ...@@ -31,7 +30,8 @@ public class AuthPublicController extends TeisBaseController {
consumes = MediaType.APPLICATION_JSON_VALUE) consumes = MediaType.APPLICATION_JSON_VALUE)
@ResponseBody @ResponseBody
public OAuthToken getAccessToken( public OAuthToken getAccessToken(
@ApiParam(name = "tokenRequest", value = "Kui grantType='authorization_code', siis peab olema täidetud 'code';<br> Kui grantType='refreshToken', siis peab olema täidetud 'refreshToken';", required = true) @ApiParam(name = "tokenRequest", value = "Kui grantType='authorization_code', siis peab olema täidetud " +
"'code';<br> Kui grantType='refreshToken', siis peab olema täidetud 'refreshToken';", required = true)
@RequestBody TokenRequest tokenRequest, @ApiIgnore RequestMetaDTO requestMetaDTO) { @RequestBody TokenRequest tokenRequest, @ApiIgnore RequestMetaDTO requestMetaDTO) {
return keycloakTokenService.exchangeAccessTokenRequest(tokenRequest, requestMetaDTO); return keycloakTokenService.exchangeAccessTokenRequest(tokenRequest, requestMetaDTO);
} }
......
package ee.sm.ti.teis.commongateway.security.auth;
import lombok.Getter;
import lombok.Setter;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;
@Component
@ConfigurationProperties(prefix = "teis.auth-user-info-api")
@Getter
@Setter
public class AuthUserInfoProperties {
private String url;
private String secret;
private String userInfoPath;
private String mockUserInfoPath;
private String officeUserInfoPath;
private String mockOfficeUserInfoPath;
}
...@@ -23,9 +23,12 @@ import java.util.Arrays; ...@@ -23,9 +23,12 @@ import java.util.Arrays;
import java.util.LinkedList; import java.util.LinkedList;
import java.util.List; import java.util.List;
import static ee.sm.ti.teis.commongateway.security.auth.GrantType.AUTHORIZATION_CODE;
import static ee.sm.ti.teis.commongateway.security.auth.GrantType.REFRESH_TOKEN;
import static ee.sm.ti.teis.servicerequest.UserType.SYSTEM; import static ee.sm.ti.teis.servicerequest.UserType.SYSTEM;
import static org.apache.commons.lang.StringUtils.defaultString; import static org.apache.commons.lang.StringUtils.defaultString;
import static org.apache.commons.lang.StringUtils.isEmpty; import static org.apache.commons.lang.StringUtils.isEmpty;
import static org.springframework.http.MediaType.APPLICATION_FORM_URLENCODED;
@Service @Service
@Slf4j @Slf4j
...@@ -33,10 +36,12 @@ public class KeycloakTokenService { ...@@ -33,10 +36,12 @@ public class KeycloakTokenService {
private static final String OFFICE_ROLES_SCOPE = "TeIS_Office_Roles"; private static final String OFFICE_ROLES_SCOPE = "TeIS_Office_Roles";
private static final String PORTAL_ROLES_SCOPE = "TeIS_Roles"; private static final String PORTAL_ROLES_SCOPE = "TeIS_Roles";
private final JwtDecoder jwtDecoder; private final JwtDecoder jwtDecoder;
private final PersonProcessingService personProcessingService; private final PersonProcessingService personProcessingService;
private final AuthProperties authProperties; private final AuthProperties authProperties;
private final AuthConfig authConfig; private final AuthConfig authConfig;
@Value("${teis.system.name}") @Value("${teis.system.name}")
private String systemName; private String systemName;
...@@ -61,7 +66,7 @@ public class KeycloakTokenService { ...@@ -61,7 +66,7 @@ public class KeycloakTokenService {
public OAuthToken exchangeAccessTokenRequest(TokenRequest tokenRequest, RequestMetaDTO requestMetaDTO) { public OAuthToken exchangeAccessTokenRequest(TokenRequest tokenRequest, RequestMetaDTO requestMetaDTO) {
RestTemplate restTemplate = new RestTemplate(); RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = getHttpHeaders(MediaType.APPLICATION_FORM_URLENCODED); HttpHeaders headers = getHttpHeaders(APPLICATION_FORM_URLENCODED);
MultiValueMap<String, String> keycloakTokenRequest = getAccessTokenRequestParams(tokenRequest); MultiValueMap<String, String> keycloakTokenRequest = getAccessTokenRequestParams(tokenRequest);
HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(keycloakTokenRequest, headers); HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(keycloakTokenRequest, headers);
log.debug("Get access token with parameters: " + keycloakTokenRequest.toString()); log.debug("Get access token with parameters: " + keycloakTokenRequest.toString());
...@@ -69,12 +74,15 @@ public class KeycloakTokenService { ...@@ -69,12 +74,15 @@ public class KeycloakTokenService {
ResponseEntity<OAuthToken> response = restTemplate.exchange(getAuthConfig().getTokenEndpoint(), ResponseEntity<OAuthToken> response = restTemplate.exchange(getAuthConfig().getTokenEndpoint(),
HttpMethod.POST, request, OAuthToken.class); HttpMethod.POST, request, OAuthToken.class);
OAuthToken keycloakToken = response.getBody(); OAuthToken keycloakToken = response.getBody();
if (tokenRequest.getGrantType() == GrantType.AUTHORIZATION_CODE if (keycloakToken == null) {
throw new IllegalArgumentException("Key cloak token missing from request");
}
if (tokenRequest.getGrantType() == AUTHORIZATION_CODE
&& isPortalRequest(tokenRequest.getClientId())) { && isPortalRequest(tokenRequest.getClientId())) {
boolean personNameUpdated = updatePersonNameIfChanged(keycloakToken, requestMetaDTO); boolean personNameUpdated = updatePersonNameIfChanged(keycloakToken, requestMetaDTO);
if (personNameUpdated) { if (personNameUpdated) {
tokenRequest.setRefreshToken(keycloakToken.getRefreshToken()); tokenRequest.setRefreshToken(keycloakToken.getRefreshToken());
tokenRequest.setGrantType(GrantType.REFRESH_TOKEN); tokenRequest.setGrantType(REFRESH_TOKEN);
keycloakTokenRequest = getAccessTokenRequestParams(tokenRequest); keycloakTokenRequest = getAccessTokenRequestParams(tokenRequest);
request = new HttpEntity<>(keycloakTokenRequest, headers); request = new HttpEntity<>(keycloakTokenRequest, headers);
log.info("Get new access token with updated Person name using refresh token with parameters: " log.info("Get new access token with updated Person name using refresh token with parameters: "
...@@ -93,7 +101,7 @@ public class KeycloakTokenService { ...@@ -93,7 +101,7 @@ public class KeycloakTokenService {
public void logout(LogoutRequest logoutRequest, RequestMetaDTO requestMetaDTO) { public void logout(LogoutRequest logoutRequest, RequestMetaDTO requestMetaDTO) {
RestTemplate restTemplate = new RestTemplate(); RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = getHttpHeaders(MediaType.APPLICATION_FORM_URLENCODED); HttpHeaders headers = getHttpHeaders(APPLICATION_FORM_URLENCODED);
MultiValueMap<String, String> keycloakLogoutRequest = getLogoutRequestParams(logoutRequest); MultiValueMap<String, String> keycloakLogoutRequest = getLogoutRequestParams(logoutRequest);
HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(keycloakLogoutRequest, headers); HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(keycloakLogoutRequest, headers);
log.debug("Logout user with parameters: " + keycloakLogoutRequest.toString()); log.debug("Logout user with parameters: " + keycloakLogoutRequest.toString());
...@@ -153,10 +161,10 @@ public class KeycloakTokenService { ...@@ -153,10 +161,10 @@ public class KeycloakTokenService {
MultiValueMap<String, String> requestParams = new LinkedMultiValueMap<>(); MultiValueMap<String, String> requestParams = new LinkedMultiValueMap<>();
addClientIdParam(tokenRequest.getClientId(), requestParams); addClientIdParam(tokenRequest.getClientId(), requestParams);
requestParams.add("grant_type", tokenRequest.getGrantType().getValue()); requestParams.add("grant_type", tokenRequest.getGrantType().getValue());
if (tokenRequest.getGrantType() == GrantType.AUTHORIZATION_CODE) { if (tokenRequest.getGrantType() == AUTHORIZATION_CODE) {
requestParams.add("redirect_uri", tokenRequest.getRedirectUri()); requestParams.add("redirect_uri", tokenRequest.getRedirectUri());
requestParams.add("code", tokenRequest.getCode()); requestParams.add("code", tokenRequest.getCode());
} else if (tokenRequest.getGrantType() == GrantType.REFRESH_TOKEN) { } else if (tokenRequest.getGrantType() == REFRESH_TOKEN) {
requestParams.add("refresh_token", tokenRequest.getRefreshToken()); requestParams.add("refresh_token", tokenRequest.getRefreshToken());
} }
String scopesStr = defaultString(tokenRequest.getScope()); String scopesStr = defaultString(tokenRequest.getScope());
......
...@@ -5,10 +5,12 @@ import ee.sm.ti.teis.commongateway.auth.UserCompanySelectionDto; ...@@ -5,10 +5,12 @@ import ee.sm.ti.teis.commongateway.auth.UserCompanySelectionDto;
import ee.sm.ti.teis.commongateway.security.auth.AuthProcessingService; import ee.sm.ti.teis.commongateway.security.auth.AuthProcessingService;
import ee.sm.ti.teis.gatewaycommon.controller.TeisBaseController; import ee.sm.ti.teis.gatewaycommon.controller.TeisBaseController;
import ee.sm.ti.teis.servicerequest.RequestMetaDTO; import ee.sm.ti.teis.servicerequest.RequestMetaDTO;
import io.swagger.annotations.*; import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Profile; import org.springframework.context.annotation.Profile;
import org.springframework.http.MediaType;
import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestHeader; import org.springframework.web.bind.annotation.RequestHeader;
...@@ -31,18 +33,6 @@ public class AuthMockController extends TeisBaseController { ...@@ -31,18 +33,6 @@ public class AuthMockController extends TeisBaseController {
@ApiOperation(value = "${teis.api.messages.post-mock-auth}", response = String.class) @ApiOperation(value = "${teis.api.messages.post-mock-auth}", response = String.class)
@ApiResponses(value = {@ApiResponse(code = 200, message = "Mock autentimine õnnestus."), @ApiResponses(value = {@ApiResponse(code = 200, message = "Mock autentimine õnnestus."),
@ApiResponse(code = 404, message = "Sisendis esitatud andmetega isikut või riiki ei eksisteeri.")}) @ApiResponse(code = 404, message = "Sisendis esitatud andmetega isikut või riiki ei eksisteeri.")})
// TODO: Need further investigation. Request body example doesn't work, although
// it's done by the book: http://springfox.github.io/springfox/docs/snapshot/#q27
@ApiImplicitParams({
@ApiImplicitParam(
name = "mockUser",
dataType = "MockUserLoginRequest",
examples = @Example(
value = {
@ExampleProperty(value = "{'countryCode's: 'EE', 'idCode': '48806060014'}",
mediaType = MediaType.APPLICATION_XML_VALUE)
}))
})
@PostMapping(value = "/public/mock/auth") @PostMapping(value = "/public/mock/auth")
public MockAuthResponse authenticate(@Valid @RequestBody MockUserLoginRequest mockUser, public MockAuthResponse authenticate(@Valid @RequestBody MockUserLoginRequest mockUser,
@ApiIgnore RequestMetaDTO requestMetaDTO) { @ApiIgnore RequestMetaDTO requestMetaDTO) {
...@@ -53,9 +43,8 @@ public class AuthMockController extends TeisBaseController { ...@@ -53,9 +43,8 @@ public class AuthMockController extends TeisBaseController {
@ApiResponses(value = {@ApiResponse(code = 200, message = "Mock autentimine õnnestus."), @ApiResponses(value = {@ApiResponse(code = 200, message = "Mock autentimine õnnestus."),
@ApiResponse(code = 404, message = "Sisendis esitatud andmetega isikut või riiki ei eksisteeri.")}) @ApiResponse(code = 404, message = "Sisendis esitatud andmetega isikut või riiki ei eksisteeri.")})
@PostMapping(value = "/public/mock/office/auth") @PostMapping(value = "/public/mock/office/auth")
public MockAuthResponse authenticateOfficeUser(@Valid @RequestBody MockUserLoginRequest mockUser, public MockAuthResponse authenticateOfficeUser(@Valid @RequestBody MockUserLoginRequest mockUser) {
@ApiIgnore RequestMetaDTO requestMetaDTO) { return mockAuthService.createOfficeMockAuthResponse(mockUser);
return mockAuthService.createOfficeMockAuthResponse(mockUser, requestMetaDTO);
} }
@ApiOperation(value = "${teis.api.messages.post-mock-auth-select-company}", response = String.class) @ApiOperation(value = "${teis.api.messages.post-mock-auth-select-company}", response = String.class)
......
package ee.sm.ti.teis.commongateway.security.mock;
import lombok.Getter;
import lombok.Setter;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;
@Component
@ConfigurationProperties(prefix = "teis.mockauth")
@Getter
@Setter
public class MockAuthProperties {
private String tokenSecret;
private Long expire;
}
...@@ -4,15 +4,16 @@ import com.fasterxml.jackson.databind.ObjectMapper; ...@@ -4,15 +4,16 @@ import com.fasterxml.jackson.databind.ObjectMapper;
import ee.sm.ti.teis.ErrorDTO; import ee.sm.ti.teis.ErrorDTO;
import ee.sm.ti.teis.commongateway.auth.AuthServiceUserInfo; import ee.sm.ti.teis.commongateway.auth.AuthServiceUserInfo;
import ee.sm.ti.teis.commongateway.person.PersonProcessingService; import ee.sm.ti.teis.commongateway.person.PersonProcessingService;
import ee.sm.ti.teis.commongateway.security.auth.AuthUserInfoProperties;
import ee.sm.ti.teis.exceptions.TeisRestException; import ee.sm.ti.teis.exceptions.TeisRestException;
import ee.sm.ti.teis.security.JwtUserInfo; import ee.sm.ti.teis.security.JwtUserInfo;
import ee.sm.ti.teis.servicerequest.RequestMetaDTO; import ee.sm.ti.teis.servicerequest.RequestMetaDTO;
import io.jsonwebtoken.Claims; import io.jsonwebtoken.Claims;
import io.jsonwebtoken.JwtParser; import io.jsonwebtoken.JwtParser;
import io.jsonwebtoken.Jwts; import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm; import io.jsonwebtoken.security.Keys;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Profile; import org.springframework.context.annotation.Profile;
import org.springframework.http.HttpEntity; import org.springframework.http.HttpEntity;
...@@ -23,63 +24,25 @@ import org.springframework.web.client.HttpStatusCodeException; ...@@ -23,63 +24,25 @@ import org.springframework.web.client.HttpStatusCodeException;
import org.springframework.web.client.RestTemplate; import org.springframework.web.client.RestTemplate;
import org.springframework.web.util.UriComponentsBuilder; import org.springframework.web.util.UriComponentsBuilder;
import java.security.Key;
import java.util.Date; import java.util.Date;
import java.util.Map; import java.util.Map;
import static io.jsonwebtoken.io.Decoders.BASE64;
import static org.apache.commons.lang3.StringUtils.isEmpty; import static org.apache.commons.lang3.StringUtils.isEmpty;
@Component @Component
@Profile({"mockauth", "local", "integtest"}) @Profile({"mockauth", "local", "integtest"})
@Slf4j @Slf4j
@SuppressWarnings("unchecked") @RequiredArgsConstructor
public class MockAuthService {