From d48c066a15a194d8c6f7a91093df8de6ab86f655 Mon Sep 17 00:00:00 2001 From: Seamus McShane Date: Tue, 16 Jul 2024 09:42:37 +0100 Subject: [PATCH] LIME-1071 Update to CRI 3.0.2 and align with service changes Removed ClientFactoryService, and switch to CRI Lib ClientProviderFactory. Align with contructor changes in CRI Lib services. Added netty-http client to the build exclusions and placed them in the each lambda sub project (to fully take effect) Remove versions specified for the main Jackson dependencies and defer to the ones pull in from software.amazon.awssdk:bom. There is a breakage in a later jackson version, which crashes in the sdk classes which expect the older versions. Note : jackson-datatype-jsr310 and jackson-datatype-jdk8 are not in the aws sdk and are custom dependencies these version have been set at the aws pom versions to avoid a mismatch. Version Changes Correct missing aws platform bom AWS SDK 2.20.162 -> 2.26.16 New Aws Crt Http Client aligned with AWS SDK 2.26.16 AWS Lambda Events 3.11.0 -> 3.11.6 Jackson 2.17.1 -> 2.15.2 (needs to track the aws sdk version of jackson) --- build.gradle | 23 +++--- infrastructure/lambda/template.yaml | 19 +++++ lambdas/certexpiryreminder/build.gradle | 17 +++-- .../handler/CertExpiryReminderHandler.java | 7 +- lambdas/checkpassport/build.gradle | 27 ++++--- .../services/ThirdPartyAPIServiceFactory.java | 10 +-- .../handler/CheckPassportHandlerTest.java | 7 +- lambdas/issuecredential/build.gradle | 18 +++-- .../handler/IssueCredentialHandler.java | 2 +- .../pact/IssueCredentialHandlerTest.java | 24 +++--- lib-dvad/build.gradle | 42 +++++++---- .../DVADCloseableHttpClientFactory.java | 17 +++-- .../DVADCloseableHttpClientFactoryTest.java | 4 +- lib/build.gradle | 34 +++++---- ...va => ApacheHTTPClientFactoryService.java} | 73 +------------------ .../service/ParameterStoreService.java | 5 +- .../library/service/ServiceFactory.java | 48 ++++++++---- ...> ApacheHTTPClientFactoryServiceTest.java} | 69 +++++------------- .../service/ParameterStoreServiceTest.java | 5 +- .../library/service/ServiceFactoryTest.java | 24 ++++-- 20 files changed, 232 insertions(+), 243 deletions(-) rename lib/src/main/java/uk/gov/di/ipv/cri/passport/library/service/{ClientFactoryService.java => ApacheHTTPClientFactoryService.java} (52%) rename lib/src/test/java/uk/gov/di/ipv/cri/passport/library/service/{ClientFactoryServiceTest.java => ApacheHTTPClientFactoryServiceTest.java} (65%) diff --git a/build.gradle b/build.gradle index 86a31e86..4b2e88b7 100644 --- a/build.gradle +++ b/build.gradle @@ -25,13 +25,13 @@ ext { // cri_common_lib dependencies should match the ipv-cri-lib version // Workaround until dependency resolution is fixed. // --------------------------------------------------------- - cri_common_lib_version : "1.6.2", + cri_common_lib_version : "3.0.2", - // CRI_LIB aws - aws_sdk_version : "2.20.162", - aws_lambda_events_version : "3.11.0", + // AWS SDK + aws_sdk_version : "2.26.16", + aws_lambda_events_version : "3.11.6", - // CRI_LIB nimbus + // Nimbus Oauth nimbusds_oauth_version : "11.10.1", nimbusds_jwt_version : "9.37.3", @@ -46,11 +46,8 @@ ext { // AWS aws-lambda-java-libs see https://github.com/aws/aws-lambda-java-libs aws_lambda_core_version : "1.2.1", - // Object mapper - jackson_version : "2.17.1", - // GSON only Used in DCS pathway remove with DCS removal - gson_version : "2.8.9", - + // Jackson Addons/ needs to track the aws sdk version of jackson + jackson_version : "2.15.2", // Code weaving (lombok+powertools) aspectjrt_version : "1.9.21", @@ -62,12 +59,14 @@ ext { junit_version : "5.10.2", hamcrest_version : "2.2", mockito_version : "4.3.1", - webcompere_version : "2.0.2", + wiremock_version : "3.0.1", + webcompere_version : "2.1.6", // testFixturesImplementation // Contract Tests - pact_provider_version : "4.6.9", + pact_provider_version : "4.6.4", + slf4j_log4j12_version : "2.0.13", // For contract test debug ] // Sets the version used on the lambda + lib (ac tests have separate dependencies) diff --git a/infrastructure/lambda/template.yaml b/infrastructure/lambda/template.yaml index 96ecf303..78aae7e5 100644 --- a/infrastructure/lambda/template.yaml +++ b/infrastructure/lambda/template.yaml @@ -240,6 +240,23 @@ Mappings: integration: "false" production: "false" + FeatureFlagMapping: + dev: + VcExpiryRemoved: "true" + VcContainsUniqueIdMapping: "true" + build: + VcExpiryRemoved: "true" + VcContainsUniqueIdMapping: "true" + staging: + VcExpiryRemoved: "true" + VcContainsUniqueIdMapping: "true" + integration: + VcExpiryRemoved: "true" + VcContainsUniqueIdMapping: "true" + production: + VcExpiryRemoved: "true" + VcContainsUniqueIdMapping: "true" + Resources: #################################################################### @@ -581,6 +598,8 @@ Resources: Variables: POWERTOOLS_SERVICE_NAME: !Sub "${CriIdentifier}-issuecredential" ENVIRONMENT: !Ref Environment + ENV_VAR_FEATURE_FLAG_VC_EXPIRY_REMOVED: !FindInMap [ FeatureFlagMapping, !Ref Environment, VcExpiryRemoved ] + ENV_VAR_FEATURE_FLAG_VC_CONTAINS_UNIQUE_ID: !FindInMap [ FeatureFlagMapping, !Ref Environment, VcContainsUniqueIdMapping ] Policies: - DynamoDBReadPolicy: TableName: !Sub "{{resolve:ssm:/${CommonStackName}/SessionTableName}}" diff --git a/lambdas/certexpiryreminder/build.gradle b/lambdas/certexpiryreminder/build.gradle index b7df4813..043dcaaf 100644 --- a/lambdas/certexpiryreminder/build.gradle +++ b/lambdas/certexpiryreminder/build.gradle @@ -8,8 +8,15 @@ plugins { id 'io.freefair.aspectj.post-compile-weaving' version '8.4' } +configurations.all { + // https://aws.amazon.com/blogs/developer/tuning-the-aws-java-sdk-2-x-to-reduce-startup-time/ + exclude group:"software.amazon.awssdk", module: "apache-client" + exclude group:"software.amazon.awssdk", module: "netty-nio-client" +} + dependencies { - implementation project(":lib"),project(":lib-dvad"), + implementation platform("software.amazon.awssdk:bom:${dependencyVersions.aws_sdk_version}"), + project(":lib"),project(":lib-dvad"), "uk.gov.account:cri-common-lib:${dependencyVersions.cri_common_lib_version}", "com.nimbusds:oauth2-oidc-sdk:${dependencyVersions.nimbusds_oauth_version}", "com.nimbusds:nimbus-jose-jwt:${dependencyVersions.nimbusds_jwt_version}", @@ -17,11 +24,11 @@ dependencies { "com.amazonaws:aws-lambda-java-events:${dependencyVersions.aws_lambda_events_version}", "software.amazon.awssdk:lambda:${dependencyVersions.aws_sdk_version}", "software.amazon.awssdk:kms:${dependencyVersions.aws_sdk_version}", - "com.fasterxml.jackson.core:jackson-core:${dependencyVersions.jackson_version}", + "com.fasterxml.jackson.core:jackson-core", + "com.fasterxml.jackson.core:jackson-databind", + "com.fasterxml.jackson.core:jackson-annotations", "com.fasterxml.jackson.datatype:jackson-datatype-jsr310:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.datatype:jackson-datatype-jdk8:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.core:jackson-databind:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.core:jackson-annotations:${dependencyVersions.jackson_version}" + "com.fasterxml.jackson.datatype:jackson-datatype-jdk8:${dependencyVersions.jackson_version}" aspect "software.amazon.lambda:powertools-logging:${dependencyVersions.aws_powertools_logging_version}", "software.amazon.lambda:powertools-metrics:${dependencyVersions.aws_powertools_metrics_version}", diff --git a/lambdas/certexpiryreminder/src/main/java/uk/gov/di/ipv/cri/passport/certexpiryreminder/handler/CertExpiryReminderHandler.java b/lambdas/certexpiryreminder/src/main/java/uk/gov/di/ipv/cri/passport/certexpiryreminder/handler/CertExpiryReminderHandler.java index f224403c..395934e2 100644 --- a/lambdas/certexpiryreminder/src/main/java/uk/gov/di/ipv/cri/passport/certexpiryreminder/handler/CertExpiryReminderHandler.java +++ b/lambdas/certexpiryreminder/src/main/java/uk/gov/di/ipv/cri/passport/certexpiryreminder/handler/CertExpiryReminderHandler.java @@ -8,9 +8,9 @@ import software.amazon.lambda.powertools.logging.Logging; import software.amazon.lambda.powertools.metrics.Metrics; import uk.gov.di.ipv.cri.common.library.annotations.ExcludeFromGeneratedCoverageReport; +import uk.gov.di.ipv.cri.common.library.util.ClientProviderFactory; import uk.gov.di.ipv.cri.common.library.util.EventProbe; import uk.gov.di.ipv.cri.passport.certexpiryreminder.handler.config.CertExpiryReminderConfig; -import uk.gov.di.ipv.cri.passport.library.service.ClientFactoryService; import uk.gov.di.ipv.cri.passport.library.service.ParameterStoreService; import java.security.cert.CertificateException; @@ -36,9 +36,10 @@ public class CertExpiryReminderHandler implements RequestHandler @ExcludeFromGeneratedCoverageReport public CertExpiryReminderHandler() { - ClientFactoryService clientFactoryService = new ClientFactoryService(); + ClientProviderFactory clientProviderFactory = new ClientProviderFactory(); - this.parameterStoreService = new ParameterStoreService(clientFactoryService); + this.parameterStoreService = + new ParameterStoreService(clientProviderFactory.getSSMProvider()); this.certExpiryReminderConfig = new CertExpiryReminderConfig(parameterStoreService); diff --git a/lambdas/checkpassport/build.gradle b/lambdas/checkpassport/build.gradle index 34d8a9a9..fb1c0cd6 100644 --- a/lambdas/checkpassport/build.gradle +++ b/lambdas/checkpassport/build.gradle @@ -9,8 +9,15 @@ plugins { id 'java-test-fixtures' } +configurations.all { + // https://aws.amazon.com/blogs/developer/tuning-the-aws-java-sdk-2-x-to-reduce-startup-time/ + exclude group:"software.amazon.awssdk", module: "apache-client" + exclude group:"software.amazon.awssdk", module: "netty-nio-client" +} + dependencies { - implementation project(":lib"), project(":lib-dvad"), + implementation platform("software.amazon.awssdk:bom:${dependencyVersions.aws_sdk_version}"), + project(":lib"), project(":lib-dvad"), "uk.gov.account:cri-common-lib:${dependencyVersions.cri_common_lib_version}", "com.nimbusds:oauth2-oidc-sdk:${dependencyVersions.nimbusds_oauth_version}", "com.nimbusds:nimbus-jose-jwt:${dependencyVersions.nimbusds_jwt_version}", @@ -18,21 +25,23 @@ dependencies { "com.amazonaws:aws-lambda-java-events:${dependencyVersions.aws_lambda_events_version}", "software.amazon.awssdk:lambda:${dependencyVersions.aws_sdk_version}", "software.amazon.awssdk:dynamodb-enhanced:${dependencyVersions.aws_sdk_version}", - "com.fasterxml.jackson.core:jackson-core:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.datatype:jackson-datatype-jsr310:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.datatype:jackson-datatype-jdk8:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.core:jackson-databind:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.core:jackson-annotations:${dependencyVersions.jackson_version}", + "software.amazon.awssdk:sqs:${dependencyVersions.aws_sdk_version}", + "software.amazon.awssdk:aws-crt-client:${dependencyVersions.aws_sdk_version}", "org.apache.httpcomponents:httpcore:${dependencyVersions.httpcomponents_core_version}", "org.apache.httpcomponents:httpclient:${dependencyVersions.httpcomponents_client_version}", - "com.google.code.gson:gson:${dependencyVersions.gson_version}", - "org.aspectj:aspectjrt:${dependencyVersions.aspectjrt_version}" + "org.aspectj:aspectjrt:${dependencyVersions.aspectjrt_version}", + "com.fasterxml.jackson.core:jackson-core", + "com.fasterxml.jackson.core:jackson-databind", + "com.fasterxml.jackson.core:jackson-annotations", + "com.fasterxml.jackson.datatype:jackson-datatype-jsr310:${dependencyVersions.jackson_version}", + "com.fasterxml.jackson.datatype:jackson-datatype-jdk8:${dependencyVersions.jackson_version}" aspect "software.amazon.lambda:powertools-logging:${dependencyVersions.aws_powertools_logging_version}", "software.amazon.lambda:powertools-metrics:${dependencyVersions.aws_powertools_metrics_version}", "software.amazon.lambda:powertools-parameters:${dependencyVersions.aws_powertools_parameters_version}" - testImplementation testFixtures(project(":lib")), testFixtures(this.project),"org.junit.jupiter:junit-jupiter-engine:${dependencyVersions.junit_version}", + testImplementation testFixtures(project(":lib")), testFixtures(this.project), + "org.junit.jupiter:junit-jupiter-engine:${dependencyVersions.junit_version}", "org.junit.jupiter:junit-jupiter-api:${dependencyVersions.junit_version}", "org.junit.jupiter:junit-jupiter-params:${dependencyVersions.junit_version}", "org.mockito:mockito-junit-jupiter:${dependencyVersions.mockito_version}", diff --git a/lambdas/checkpassport/src/main/java/uk/gov/di/ipv/cri/passport/checkpassport/services/ThirdPartyAPIServiceFactory.java b/lambdas/checkpassport/src/main/java/uk/gov/di/ipv/cri/passport/checkpassport/services/ThirdPartyAPIServiceFactory.java index dc65b365..d7650f87 100644 --- a/lambdas/checkpassport/src/main/java/uk/gov/di/ipv/cri/passport/checkpassport/services/ThirdPartyAPIServiceFactory.java +++ b/lambdas/checkpassport/src/main/java/uk/gov/di/ipv/cri/passport/checkpassport/services/ThirdPartyAPIServiceFactory.java @@ -7,7 +7,7 @@ import uk.gov.di.ipv.cri.passport.library.dvad.services.DVADCloseableHttpClientFactory; import uk.gov.di.ipv.cri.passport.library.dvad.services.DvadThirdPartyAPIService; import uk.gov.di.ipv.cri.passport.library.dvad.services.endpoints.DvadAPIEndpointFactory; -import uk.gov.di.ipv.cri.passport.library.service.ClientFactoryService; +import uk.gov.di.ipv.cri.passport.library.service.ApacheHTTPClientFactoryService; import uk.gov.di.ipv.cri.passport.library.service.ParameterStoreService; import uk.gov.di.ipv.cri.passport.library.service.ServiceFactory; import uk.gov.di.ipv.cri.passport.library.service.ThirdPartyAPIService; @@ -18,7 +18,7 @@ public class ThirdPartyAPIServiceFactory { private final ParameterStoreService parameterStoreService; - public final ClientFactoryService clientFactoryService; + public final ApacheHTTPClientFactoryService apacheHTTPClientFactoryService; // UAT/LIVE DVAD(0) - STUB DVAD(1) private static final int DVAD = 0; @@ -30,7 +30,7 @@ public ThirdPartyAPIServiceFactory(ServiceFactory serviceFactory) this.parameterStoreService = serviceFactory.getParameterStoreService(); this.eventProbe = serviceFactory.getEventProbe(); this.objectMapper = serviceFactory.getObjectMapper(); - this.clientFactoryService = serviceFactory.getClientFactoryService(); + this.apacheHTTPClientFactoryService = serviceFactory.getApacheHTTPClientFactoryService(); // Done this way to allow switching if needed to lazy init + singletons thirdPartyAPIServices[DVAD] = createDvadThirdPartyAPIService(); @@ -41,7 +41,7 @@ private ThirdPartyAPIService createDvadThirdPartyAPIService() throws JsonProcess CloseableHttpClient closeableHttpClient = new DVADCloseableHttpClientFactory() - .getClient(true, parameterStoreService, clientFactoryService); + .getClient(true, parameterStoreService, apacheHTTPClientFactoryService); // Reduces constructor load in DvadThirdPartyAPIService and allow endpoints to be mocked DvadAPIEndpointFactory dvadAPIEndpointFactory = @@ -60,7 +60,7 @@ private ThirdPartyAPIService createDvadThirdPartyAPIServiceForStub() CloseableHttpClient closeableHttpClient = new DVADCloseableHttpClientFactory() - .getClient(false, parameterStoreService, clientFactoryService); + .getClient(false, parameterStoreService, apacheHTTPClientFactoryService); // Reduces constructor load in DvadThirdPartyAPIService and allow endpoints to be mocked DvadAPIEndpointFactory dvadAPIEndpointFactory = diff --git a/lambdas/checkpassport/src/test/java/uk/gov/di/ipv/cri/passport/checkpassport/handler/CheckPassportHandlerTest.java b/lambdas/checkpassport/src/test/java/uk/gov/di/ipv/cri/passport/checkpassport/handler/CheckPassportHandlerTest.java index a3bf8328..d059ef37 100644 --- a/lambdas/checkpassport/src/test/java/uk/gov/di/ipv/cri/passport/checkpassport/handler/CheckPassportHandlerTest.java +++ b/lambdas/checkpassport/src/test/java/uk/gov/di/ipv/cri/passport/checkpassport/handler/CheckPassportHandlerTest.java @@ -35,7 +35,7 @@ import uk.gov.di.ipv.cri.passport.library.error.CommonExpressOAuthError; import uk.gov.di.ipv.cri.passport.library.exceptions.OAuthErrorResponseException; import uk.gov.di.ipv.cri.passport.library.persistence.DocumentCheckResultItem; -import uk.gov.di.ipv.cri.passport.library.service.ClientFactoryService; +import uk.gov.di.ipv.cri.passport.library.service.ApacheHTTPClientFactoryService; import uk.gov.di.ipv.cri.passport.library.service.ParameterStoreService; import uk.gov.di.ipv.cri.passport.library.service.ServiceFactory; import uk.gov.di.ipv.cri.passport.library.service.ThirdPartyAPIService; @@ -92,7 +92,7 @@ class CheckPassportHandlerTest { // Returned via the ServiceFactory @Mock private EventProbe mockEventProbe; - @Mock private ClientFactoryService mockClientFactoryService; + @Mock private ApacheHTTPClientFactoryService mockApacheHTTPClientFactoryService; @Mock private ParameterStoreService mockParameterStoreService; @Mock private SessionService mockSessionService; @Mock private PersonIdentityService mockPersonIdentityService; @@ -583,7 +583,8 @@ private void mockServiceFactoryBehaviour() { when(mockServiceFactory.getObjectMapper()).thenReturn(realObjectMapper); when(mockServiceFactory.getEventProbe()).thenReturn(mockEventProbe); - when(mockServiceFactory.getClientFactoryService()).thenReturn(mockClientFactoryService); + when(mockServiceFactory.getApacheHTTPClientFactoryService()) + .thenReturn(mockApacheHTTPClientFactoryService); when(mockServiceFactory.getParameterStoreService()).thenReturn(mockParameterStoreService); diff --git a/lambdas/issuecredential/build.gradle b/lambdas/issuecredential/build.gradle index 291e5a8f..1f775855 100644 --- a/lambdas/issuecredential/build.gradle +++ b/lambdas/issuecredential/build.gradle @@ -9,20 +9,23 @@ plugins { } dependencies { - implementation project(":lib"), + implementation platform("software.amazon.awssdk:bom:${dependencyVersions.aws_sdk_version}"), project(":lib"), "uk.gov.account:cri-common-lib:${dependencyVersions.cri_common_lib_version}", "com.nimbusds:oauth2-oidc-sdk:${dependencyVersions.nimbusds_oauth_version}", "com.nimbusds:nimbus-jose-jwt:${dependencyVersions.nimbusds_jwt_version}", "com.amazonaws:aws-lambda-java-core:${dependencyVersions.aws_lambda_core_version}", "com.amazonaws:aws-lambda-java-events:${dependencyVersions.aws_lambda_events_version}", "software.amazon.awssdk:lambda:${dependencyVersions.aws_sdk_version}", + "software.amazon.awssdk:dynamodb-enhanced:${dependencyVersions.aws_sdk_version}", "software.amazon.awssdk:kms:${dependencyVersions.aws_sdk_version}", - "com.fasterxml.jackson.core:jackson-core:${dependencyVersions.jackson_version}", + "software.amazon.awssdk:sqs:${dependencyVersions.aws_sdk_version}", + "software.amazon.awssdk:aws-crt-client:${dependencyVersions.aws_sdk_version}", + "org.aspectj:aspectjrt:${dependencyVersions.aspectjrt_version}", + "com.fasterxml.jackson.core:jackson-core", + "com.fasterxml.jackson.core:jackson-databind", + "com.fasterxml.jackson.core:jackson-annotations", "com.fasterxml.jackson.datatype:jackson-datatype-jsr310:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.datatype:jackson-datatype-jdk8:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.core:jackson-databind:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.core:jackson-annotations:${dependencyVersions.jackson_version}", - "org.aspectj:aspectjrt:${dependencyVersions.aspectjrt_version}" + "com.fasterxml.jackson.datatype:jackson-datatype-jdk8:${dependencyVersions.jackson_version}" aspect "software.amazon.lambda:powertools-logging:${dependencyVersions.aws_powertools_logging_version}", "software.amazon.lambda:powertools-metrics:${dependencyVersions.aws_powertools_metrics_version}", @@ -34,11 +37,12 @@ dependencies { "org.mockito:mockito-junit-jupiter:${dependencyVersions.mockito_version}", "org.mockito:mockito-inline:${dependencyVersions.mockito_version}", "org.hamcrest:hamcrest:${dependencyVersions.hamcrest_version}", + "com.github.tomakehurst:wiremock-jre8:${dependencyVersions.wiremock_version}", "uk.org.webcompere:system-stubs-core:${dependencyVersions.webcompere_version}", "uk.org.webcompere:system-stubs-jupiter:${dependencyVersions.webcompere_version}", "au.com.dius.pact:provider:${dependencyVersions.pact_provider_version}", "au.com.dius.pact.provider:junit5:${dependencyVersions.pact_provider_version}", - "software.amazon.awssdk:dynamodb:${dependencyVersions.aws_sdk_version}" + "org.slf4j:slf4j-log4j12:${dependencyVersions.slf4j_log4j12_version}" } tasks.register('buildZip', Zip) { diff --git a/lambdas/issuecredential/src/main/java/uk/gov/di/ipv/cri/passport/issuecredential/handler/IssueCredentialHandler.java b/lambdas/issuecredential/src/main/java/uk/gov/di/ipv/cri/passport/issuecredential/handler/IssueCredentialHandler.java index 567f49e3..a204892a 100644 --- a/lambdas/issuecredential/src/main/java/uk/gov/di/ipv/cri/passport/issuecredential/handler/IssueCredentialHandler.java +++ b/lambdas/issuecredential/src/main/java/uk/gov/di/ipv/cri/passport/issuecredential/handler/IssueCredentialHandler.java @@ -91,7 +91,7 @@ public IssueCredentialHandler() { serviceFactory .getCommonLibConfigurationService() .getVerifiableCredentialKmsSigningKeyId(), - serviceFactory.getClientFactoryService().getKMSClient()); + serviceFactory.getClientProviderFactory().getKMSClient()); // VerifiableCredentialService is internal to IssueCredentialHandler VerifiableCredentialService verifiableCredentialServiceNotAssignedYet = diff --git a/lambdas/issuecredential/src/test/java/uk/gov/di/ipv/cri/passport/issuecredential/pact/IssueCredentialHandlerTest.java b/lambdas/issuecredential/src/test/java/uk/gov/di/ipv/cri/passport/issuecredential/pact/IssueCredentialHandlerTest.java index cd20627f..8a368161 100644 --- a/lambdas/issuecredential/src/test/java/uk/gov/di/ipv/cri/passport/issuecredential/pact/IssueCredentialHandlerTest.java +++ b/lambdas/issuecredential/src/test/java/uk/gov/di/ipv/cri/passport/issuecredential/pact/IssueCredentialHandlerTest.java @@ -38,7 +38,6 @@ import uk.gov.di.ipv.cri.common.library.service.PersonIdentityService; import uk.gov.di.ipv.cri.common.library.service.SessionService; import uk.gov.di.ipv.cri.common.library.util.EventProbe; -import uk.gov.di.ipv.cri.common.library.util.ListUtil; import uk.gov.di.ipv.cri.passport.issuecredential.handler.IssueCredentialHandler; import uk.gov.di.ipv.cri.passport.issuecredential.pact.utils.Injector; import uk.gov.di.ipv.cri.passport.issuecredential.pact.utils.MockHttpServer; @@ -46,6 +45,9 @@ import uk.gov.di.ipv.cri.passport.library.persistence.DocumentCheckResultItem; import uk.gov.di.ipv.cri.passport.library.service.ParameterStoreService; import uk.gov.di.ipv.cri.passport.library.service.ServiceFactory; +import uk.org.webcompere.systemstubs.environment.EnvironmentVariables; +import uk.org.webcompere.systemstubs.jupiter.SystemStub; +import uk.org.webcompere.systemstubs.jupiter.SystemStubsExtension; import java.io.IOException; import java.net.URI; @@ -69,6 +71,8 @@ import static org.mockito.Mockito.doNothing; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; +import static uk.gov.di.ipv.cri.common.library.util.VerifiableCredentialClaimsSetBuilder.ENV_VAR_FEATURE_FLAG_VC_CONTAINS_UNIQUE_ID; +import static uk.gov.di.ipv.cri.common.library.util.VerifiableCredentialClaimsSetBuilder.ENV_VAR_FEATURE_FLAG_VC_EXPIRY_REMOVED; import static uk.gov.di.ipv.cri.passport.library.config.ParameterStoreParameters.MAX_JWT_TTL_UNIT; @Tag("Pact") @@ -80,10 +84,14 @@ username = "${PACT_BROKER_USERNAME}", password = "${PACT_BROKER_PASSWORD}")) @ExtendWith(MockitoExtension.class) +@ExtendWith(SystemStubsExtension.class) class IssueCredentialHandlerTest { private static final int PORT = 5050; + // Needs to be created here + @SystemStub private EnvironmentVariables environmentVariables = new EnvironmentVariables(); + @Mock private ServiceFactory mockServiceFactory; @Mock private EventProbe mockEventProbe; @Mock private ConfigurationService mockCommonLibConfigurationService; @@ -113,6 +121,9 @@ static void setupServer() { void pactSetup(PactVerificationContext context) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, JOSEException { + environmentVariables.set(ENV_VAR_FEATURE_FLAG_VC_EXPIRY_REMOVED, true); + environmentVariables.set(ENV_VAR_FEATURE_FLAG_VC_CONTAINS_UNIQUE_ID, true); + mockServiceFactoryBehaviour(); KeyFactory kf = KeyFactory.getInstance("EC"); @@ -359,10 +370,7 @@ private void mockServiceFactoryBehaviour() { .thenReturn(mockCommonLibConfigurationService); sessionService = new SessionService( - sessionItemDataStore, - mockCommonLibConfigurationService, - Clock.systemUTC(), - new ListUtil()); + sessionItemDataStore, mockCommonLibConfigurationService, Clock.systemUTC()); when(mockServiceFactory.getSessionService()).thenReturn(sessionService); when(mockServiceFactory.getAuditService()).thenReturn(mockAuditService); when(mockServiceFactory.getPersonIdentityService()) @@ -390,11 +398,5 @@ private void mockHappyPathVcParameters() { .thenReturn("HOURS"); when(mockCommonLibConfigurationService.getVerifiableCredentialIssuer()) .thenReturn("dummyPassportComponentId"); - when(mockCommonLibConfigurationService.getParameterValueByAbsoluteName( - "/release-flags/vc-expiry-removed")) - .thenReturn("true"); - when(mockCommonLibConfigurationService.getParameterValue( - "release-flags/vc-contains-unique-id")) - .thenReturn("true"); } } diff --git a/lib-dvad/build.gradle b/lib-dvad/build.gradle index 5f6869d8..7f280c0d 100644 --- a/lib-dvad/build.gradle +++ b/lib-dvad/build.gradle @@ -9,23 +9,34 @@ plugins { id 'java-test-fixtures' } +configurations.all { + // https://aws.amazon.com/blogs/developer/tuning-the-aws-java-sdk-2-x-to-reduce-startup-time/ + exclude group:"software.amazon.awssdk", module: "apache-client" + exclude group:"software.amazon.awssdk", module: "netty-nio-client" +} + dependencies { - implementation project(":lib"), + implementation platform("software.amazon.awssdk:bom:${dependencyVersions.aws_sdk_version}"), + project(":lib"), "uk.gov.account:cri-common-lib:${dependencyVersions.cri_common_lib_version}", "com.nimbusds:oauth2-oidc-sdk:${dependencyVersions.nimbusds_oauth_version}", + "com.nimbusds:nimbus-jose-jwt:${dependencyVersions.nimbusds_jwt_version}", + "com.amazonaws:aws-lambda-java-core:${dependencyVersions.aws_lambda_core_version}", + "com.amazonaws:aws-lambda-java-events:${dependencyVersions.aws_lambda_events_version}", "software.amazon.awssdk:lambda:${dependencyVersions.aws_sdk_version}", - "software.amazon.awssdk:dynamodb:${dependencyVersions.aws_sdk_version}", "software.amazon.awssdk:dynamodb-enhanced:${dependencyVersions.aws_sdk_version}", - "software.amazon.awssdk:apache-client:${dependencyVersions.aws_sdk_version}", - "software.amazon.awssdk:kms:${dependencyVersions.aws_sdk_version}", "software.amazon.awssdk:sqs:${dependencyVersions.aws_sdk_version}", - "com.fasterxml.jackson.core:jackson-core:${dependencyVersions.jackson_version}", + "software.amazon.awssdk:aws-crt-client:${dependencyVersions.aws_sdk_version}", + "org.aspectj:aspectjrt:${dependencyVersions.aspectjrt_version}", + "com.fasterxml.jackson.core:jackson-core", + "com.fasterxml.jackson.core:jackson-databind", + "com.fasterxml.jackson.core:jackson-annotations", "com.fasterxml.jackson.datatype:jackson-datatype-jsr310:${dependencyVersions.jackson_version}", "com.fasterxml.jackson.datatype:jackson-datatype-jdk8:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.core:jackson-databind:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.core:jackson-annotations:${dependencyVersions.jackson_version}", - "org.aspectj:aspectjrt:${dependencyVersions.aspectjrt_version}" + "org.apache.httpcomponents:httpcore:${dependencyVersions.httpcomponents_core_version}", + "org.apache.httpcomponents:httpclient:${dependencyVersions.httpcomponents_client_version}", + "org.apache.httpcomponents:httpclient:${dependencyVersions.httpcomponents_client_version}" aspect "software.amazon.lambda:powertools-logging:${dependencyVersions.aws_powertools_logging_version}", "software.amazon.lambda:powertools-metrics:${dependencyVersions.aws_powertools_metrics_version}", @@ -40,14 +51,15 @@ dependencies { "uk.org.webcompere:system-stubs-core:${dependencyVersions.webcompere_version}", "uk.org.webcompere:system-stubs-jupiter:${dependencyVersions.webcompere_version}" - testFixturesImplementation testFixtures(project(":lib")), "org.aspectj:aspectjrt:${dependencyVersions.aspectjrt_version}", - "com.fasterxml.jackson.core:jackson-core:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.datatype:jackson-datatype-jsr310:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.datatype:jackson-datatype-jdk8:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.core:jackson-databind:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.core:jackson-annotations:${dependencyVersions.jackson_version}", + testFixturesImplementation testFixtures(project(":lib")), + "org.aspectj:aspectjrt:${dependencyVersions.aspectjrt_version}", "org.apache.httpcomponents:httpcore:${dependencyVersions.httpcomponents_core_version}", - "org.apache.httpcomponents:httpclient:${dependencyVersions.httpcomponents_client_version}" + "org.apache.httpcomponents:httpclient:${dependencyVersions.httpcomponents_client_version}", + "com.fasterxml.jackson.core:jackson-core", + "com.fasterxml.jackson.core:jackson-databind", + "com.fasterxml.jackson.core:jackson-annotations", + "com.fasterxml.jackson.datatype:jackson-datatype-jsr310:${dependencyVersions.jackson_version}", + "com.fasterxml.jackson.datatype:jackson-datatype-jdk8:${dependencyVersions.jackson_version}" } tasks.named("jar") { diff --git a/lib-dvad/src/main/java/uk/gov/di/ipv/cri/passport/library/dvad/services/DVADCloseableHttpClientFactory.java b/lib-dvad/src/main/java/uk/gov/di/ipv/cri/passport/library/dvad/services/DVADCloseableHttpClientFactory.java index 031e0987..c4e2067b 100644 --- a/lib-dvad/src/main/java/uk/gov/di/ipv/cri/passport/library/dvad/services/DVADCloseableHttpClientFactory.java +++ b/lib-dvad/src/main/java/uk/gov/di/ipv/cri/passport/library/dvad/services/DVADCloseableHttpClientFactory.java @@ -3,7 +3,7 @@ import org.apache.http.impl.client.CloseableHttpClient; import uk.gov.di.ipv.cri.passport.library.config.ParameterStoreParameters; import uk.gov.di.ipv.cri.passport.library.exceptions.HttpClientException; -import uk.gov.di.ipv.cri.passport.library.service.ClientFactoryService; +import uk.gov.di.ipv.cri.passport.library.service.ApacheHTTPClientFactoryService; import uk.gov.di.ipv.cri.passport.library.service.ParameterStoreService; import java.io.IOException; @@ -24,7 +24,7 @@ public class DVADCloseableHttpClientFactory { public CloseableHttpClient getClient( boolean tlsOn, ParameterStoreService parameterStoreService, - ClientFactoryService clientFactoryService) { + ApacheHTTPClientFactoryService apacheHTTPClientFactoryService) { try { if (tlsOn) { Map dvadHtpClientCertsKeysMap = @@ -41,13 +41,14 @@ public CloseableHttpClient getClient( final String base64TLSIntCertString = dvadHtpClientCertsKeysMap.get(MAP_KEY_TLS_INT_CERT); - return clientFactoryService.generateHTTPClientFromExternalApacheHttpClient( - base64TLSCertString, - base64TLSKeyString, - base64TLSRootCertString, - base64TLSIntCertString); + return apacheHTTPClientFactoryService + .generateHTTPClientFromExternalApacheHttpClient( + base64TLSCertString, + base64TLSKeyString, + base64TLSRootCertString, + base64TLSIntCertString); } else { - return new ClientFactoryService().generatePublicHttpClient(); + return apacheHTTPClientFactoryService.generatePublicHttpClient(); } } catch (NoSuchAlgorithmException | InvalidKeySpecException diff --git a/lib-dvad/src/test/java/uk/gov/di/ipv/cri/passport/library/dvad/services/DVADCloseableHttpClientFactoryTest.java b/lib-dvad/src/test/java/uk/gov/di/ipv/cri/passport/library/dvad/services/DVADCloseableHttpClientFactoryTest.java index b35d7fd6..9b3e3bf3 100644 --- a/lib-dvad/src/test/java/uk/gov/di/ipv/cri/passport/library/dvad/services/DVADCloseableHttpClientFactoryTest.java +++ b/lib-dvad/src/test/java/uk/gov/di/ipv/cri/passport/library/dvad/services/DVADCloseableHttpClientFactoryTest.java @@ -8,7 +8,7 @@ import org.mockito.Mock; import org.mockito.junit.jupiter.MockitoExtension; import uk.gov.di.ipv.cri.passport.library.config.ParameterStoreParameters; -import uk.gov.di.ipv.cri.passport.library.service.ClientFactoryService; +import uk.gov.di.ipv.cri.passport.library.service.ApacheHTTPClientFactoryService; import uk.gov.di.ipv.cri.passport.library.service.ParameterStoreService; import uk.org.webcompere.systemstubs.environment.EnvironmentVariables; import uk.org.webcompere.systemstubs.jupiter.SystemStub; @@ -68,7 +68,7 @@ void shouldGetClientFromDVADCloseableHttpClientFactory(boolean tlsOn) { dvadCloseableHttpClientFactory.getClient( tlsOn, mockParameterStoreService, - new ClientFactoryService())); + new ApacheHTTPClientFactoryService())); assertNotNull(closeableHttpClient); } diff --git a/lib/build.gradle b/lib/build.gradle index 5c2e9426..45a8ecbf 100644 --- a/lib/build.gradle +++ b/lib/build.gradle @@ -9,22 +9,30 @@ plugins { id 'java-test-fixtures' } +configurations.all { + // https://aws.amazon.com/blogs/developer/tuning-the-aws-java-sdk-2-x-to-reduce-startup-time/ + exclude group:"software.amazon.awssdk", module: "apache-client" + exclude group:"software.amazon.awssdk", module: "netty-nio-client" +} + dependencies { - implementation "uk.gov.account:cri-common-lib:${dependencyVersions.cri_common_lib_version}", + implementation platform("software.amazon.awssdk:bom:${dependencyVersions.aws_sdk_version}"), + "uk.gov.account:cri-common-lib:${dependencyVersions.cri_common_lib_version}", "com.nimbusds:oauth2-oidc-sdk:${dependencyVersions.nimbusds_oauth_version}", - "software.amazon.awssdk:lambda:${dependencyVersions.aws_sdk_version}", "software.amazon.awssdk:dynamodb:${dependencyVersions.aws_sdk_version}", "software.amazon.awssdk:dynamodb-enhanced:${dependencyVersions.aws_sdk_version}", - "software.amazon.awssdk:apache-client:${dependencyVersions.aws_sdk_version}", "software.amazon.awssdk:kms:${dependencyVersions.aws_sdk_version}", "software.amazon.awssdk:sqs:${dependencyVersions.aws_sdk_version}", - "com.fasterxml.jackson.core:jackson-core:${dependencyVersions.jackson_version}", + "software.amazon.awssdk:aws-crt-client:${dependencyVersions.aws_sdk_version}", + "org.aspectj:aspectjrt:${dependencyVersions.aspectjrt_version}", + "com.fasterxml.jackson.core:jackson-core", + "com.fasterxml.jackson.core:jackson-databind", + "com.fasterxml.jackson.core:jackson-annotations", "com.fasterxml.jackson.datatype:jackson-datatype-jsr310:${dependencyVersions.jackson_version}", "com.fasterxml.jackson.datatype:jackson-datatype-jdk8:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.core:jackson-databind:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.core:jackson-annotations:${dependencyVersions.jackson_version}", - "org.aspectj:aspectjrt:${dependencyVersions.aspectjrt_version}" + "org.apache.httpcomponents:httpclient:${dependencyVersions.httpcomponents_client_version}", + "org.apache.httpcomponents:httpclient:${dependencyVersions.httpcomponents_client_version}" aspect "software.amazon.lambda:powertools-logging:${dependencyVersions.aws_powertools_logging_version}", "software.amazon.lambda:powertools-metrics:${dependencyVersions.aws_powertools_metrics_version}", @@ -40,13 +48,13 @@ dependencies { "uk.org.webcompere:system-stubs-jupiter:${dependencyVersions.webcompere_version}" testFixturesImplementation "org.aspectj:aspectjrt:${dependencyVersions.aspectjrt_version}", - "com.fasterxml.jackson.core:jackson-core:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.datatype:jackson-datatype-jsr310:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.datatype:jackson-datatype-jdk8:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.core:jackson-databind:${dependencyVersions.jackson_version}", - "com.fasterxml.jackson.core:jackson-annotations:${dependencyVersions.jackson_version}", "org.apache.httpcomponents:httpcore:${dependencyVersions.httpcomponents_core_version}", - "org.apache.httpcomponents:httpclient:${dependencyVersions.httpcomponents_client_version}" + "org.apache.httpcomponents:httpclient:${dependencyVersions.httpcomponents_client_version}", + "com.fasterxml.jackson.core:jackson-core", + "com.fasterxml.jackson.core:jackson-databind", + "com.fasterxml.jackson.core:jackson-annotations", + "com.fasterxml.jackson.datatype:jackson-datatype-jsr310:${dependencyVersions.jackson_version}", + "com.fasterxml.jackson.datatype:jackson-datatype-jdk8:${dependencyVersions.jackson_version}" } tasks.named("jar") { diff --git a/lib/src/main/java/uk/gov/di/ipv/cri/passport/library/service/ClientFactoryService.java b/lib/src/main/java/uk/gov/di/ipv/cri/passport/library/service/ApacheHTTPClientFactoryService.java similarity index 52% rename from lib/src/main/java/uk/gov/di/ipv/cri/passport/library/service/ClientFactoryService.java rename to lib/src/main/java/uk/gov/di/ipv/cri/passport/library/service/ApacheHTTPClientFactoryService.java index f2552423..6bb3fe10 100644 --- a/lib/src/main/java/uk/gov/di/ipv/cri/passport/library/service/ClientFactoryService.java +++ b/lib/src/main/java/uk/gov/di/ipv/cri/passport/library/service/ApacheHTTPClientFactoryService.java @@ -3,18 +3,6 @@ import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.apache.http.ssl.SSLContexts; -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; -import software.amazon.awssdk.auth.credentials.EnvironmentVariableCredentialsProvider; -import software.amazon.awssdk.http.SdkHttpClient; -import software.amazon.awssdk.http.urlconnection.UrlConnectionHttpClient; -import software.amazon.awssdk.regions.Region; -import software.amazon.awssdk.services.kms.KmsClient; -import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient; -import software.amazon.awssdk.services.sqs.SqsClient; -import software.amazon.awssdk.services.ssm.SsmClient; -import software.amazon.lambda.powertools.parameters.ParamManager; -import software.amazon.lambda.powertools.parameters.SSMProvider; import uk.gov.di.ipv.cri.passport.library.helpers.KeyCertHelper; import javax.net.ssl.SSLContext; @@ -30,73 +18,14 @@ import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.spec.InvalidKeySpecException; -import java.time.temporal.ChronoUnit; import java.util.UUID; -import java.util.concurrent.ThreadLocalRandom; -// See https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/http-configuration.html -// If an explicit client choice is not made the SDK default will be used *if it is the only one* in -// the -// classpath -// If there is more than one of the same HTTP client type a conflict will occur for these clients. -// To prevent this, the exact http clients are now being specified for each client. -// DataStore (Dynamo) from CRI-lib his has this already done in CRI lib. -public class ClientFactoryService { - private static final Logger LOGGER = LogManager.getLogger(); - - private final Region awsRegion; +public class ApacheHTTPClientFactoryService { // Used internally at runtime when loading/retrieving keys into/from the SSL Keystore private static final char[] RANDOM_RUN_TIME_KEYSTORE_PASSWORD = UUID.randomUUID().toString().toCharArray(); - // https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/best-practices.html#bestpractice1 - private static final SdkHttpClient sdkHttpClient = UrlConnectionHttpClient.create(); - - public ClientFactoryService() { - awsRegion = Region.of(System.getenv("AWS_REGION")); - } - - public ClientFactoryService(Region awsRegion) { - this.awsRegion = awsRegion; - } - - public KmsClient getKMSClient() { - return KmsClient.builder() - .region(awsRegion) - .httpClient(sdkHttpClient) - .credentialsProvider(EnvironmentVariableCredentialsProvider.create()) - .build(); - } - - public SqsClient getSqsClient() { - return SqsClient.builder().httpClient(sdkHttpClient).region(awsRegion).build(); - } - - // ThreadLocalRandom not used cryptographically here - @java.lang.SuppressWarnings("java:S2245") - public SSMProvider getSSMProvider() { - SsmClient ssmClient = - SsmClient.builder().region(awsRegion).httpClient(sdkHttpClient).build(); - - // A random cache age between 5-15 minutes (in seconds) - // Avoids multiple scaling lambdas expiring their caches at the exact same time - int maxCacheAge = ThreadLocalRandom.current().nextInt(900 - 300 + 1) + 300; - - LOGGER.info("PowerTools SSMProvider defaultMaxAge selected as {} seconds", maxCacheAge); - - return ParamManager.getSsmProvider(ssmClient) - .defaultMaxAge(maxCacheAge, ChronoUnit.SECONDS); - } - - public SecretsManagerClient getSecretsManagerClient() { - return SecretsManagerClient.builder() - .region(awsRegion) - .httpClient(sdkHttpClient) - .credentialsProvider(EnvironmentVariableCredentialsProvider.create()) - .build(); - } - public CloseableHttpClient generatePublicHttpClient() { return HttpClients.custom().build(); } diff --git a/lib/src/main/java/uk/gov/di/ipv/cri/passport/library/service/ParameterStoreService.java b/lib/src/main/java/uk/gov/di/ipv/cri/passport/library/service/ParameterStoreService.java index 23d2255e..92ddaa10 100644 --- a/lib/src/main/java/uk/gov/di/ipv/cri/passport/library/service/ParameterStoreService.java +++ b/lib/src/main/java/uk/gov/di/ipv/cri/passport/library/service/ParameterStoreService.java @@ -21,9 +21,8 @@ public class ParameterStoreService { private final SSMProvider ssmProvider; - public ParameterStoreService(ClientFactoryService clientFactoryService) { - - this.ssmProvider = clientFactoryService.getSSMProvider(); + public ParameterStoreService(SSMProvider ssmProvider) { + this.ssmProvider = ssmProvider; this.parameterPrefix = Optional.ofNullable(System.getenv("PARAMETER_PREFIX")) diff --git a/lib/src/main/java/uk/gov/di/ipv/cri/passport/library/service/ServiceFactory.java b/lib/src/main/java/uk/gov/di/ipv/cri/passport/library/service/ServiceFactory.java index e24612e1..a0da4e03 100644 --- a/lib/src/main/java/uk/gov/di/ipv/cri/passport/library/service/ServiceFactory.java +++ b/lib/src/main/java/uk/gov/di/ipv/cri/passport/library/service/ServiceFactory.java @@ -9,6 +9,7 @@ import uk.gov.di.ipv.cri.common.library.service.ConfigurationService; import uk.gov.di.ipv.cri.common.library.service.PersonIdentityService; import uk.gov.di.ipv.cri.common.library.service.SessionService; +import uk.gov.di.ipv.cri.common.library.util.ClientProviderFactory; import uk.gov.di.ipv.cri.common.library.util.EventProbe; import uk.gov.di.ipv.cri.passport.library.persistence.DocumentCheckResultItem; @@ -20,7 +21,8 @@ public class ServiceFactory { private ObjectMapper objectMapper; private EventProbe eventProbe; - private ClientFactoryService clientFactoryService; + private ClientProviderFactory clientProviderFactory; + private ApacheHTTPClientFactoryService apacheHTTPClientFactoryService; private ParameterStoreService parameterStoreService; private ConfigurationService commonLibConfigurationService; private SessionService sessionService; @@ -42,7 +44,7 @@ public ServiceFactory() { public ServiceFactory( ObjectMapper objectMapper, EventProbe eventProbe, - ClientFactoryService clientFactoryService, + ClientProviderFactory clientProviderFactory, ParameterStoreService parameterStoreService, SessionService sessionService, AuditService auditService, @@ -50,7 +52,7 @@ public ServiceFactory( DataStore documentCheckResultStore) { this.objectMapper = objectMapper; this.eventProbe = eventProbe; - this.clientFactoryService = clientFactoryService; + this.clientProviderFactory = clientProviderFactory; this.parameterStoreService = parameterStoreService; this.sessionService = sessionService; this.auditService = auditService; @@ -76,19 +78,28 @@ public EventProbe getEventProbe() { return eventProbe; } - public ClientFactoryService getClientFactoryService() { + public ClientProviderFactory getClientProviderFactory() { - if (clientFactoryService == null) { - clientFactoryService = new ClientFactoryService(); + if (clientProviderFactory == null) { + clientProviderFactory = new ClientProviderFactory(); } - return clientFactoryService; + return clientProviderFactory; + } + + public ApacheHTTPClientFactoryService getApacheHTTPClientFactoryService() { + if (apacheHTTPClientFactoryService == null) { + apacheHTTPClientFactoryService = new ApacheHTTPClientFactoryService(); + } + + return apacheHTTPClientFactoryService; } public ParameterStoreService getParameterStoreService() { if (parameterStoreService == null) { - parameterStoreService = new ParameterStoreService(getClientFactoryService()); + parameterStoreService = + new ParameterStoreService(getClientProviderFactory().getSSMProvider()); } return parameterStoreService; @@ -97,7 +108,10 @@ public ParameterStoreService getParameterStoreService() { public SessionService getSessionService() { if (sessionService == null) { - sessionService = new SessionService(getCommonLibConfigurationService()); + sessionService = + new SessionService( + getCommonLibConfigurationService(), + getClientProviderFactory().getDynamoDbEnhancedClient()); } return sessionService; @@ -108,7 +122,7 @@ public AuditService getAuditService() { if (auditService == null) { auditService = new AuditService( - getClientFactoryService().getSqsClient(), + getClientProviderFactory().getSqsClient(), getCommonLibConfigurationService(), getObjectMapper(), new AuditEventFactory( @@ -121,7 +135,10 @@ public AuditService getAuditService() { public PersonIdentityService getPersonIdentityService() { if (personIdentityService == null) { - personIdentityService = new PersonIdentityService(getCommonLibConfigurationService()); + this.personIdentityService = + new PersonIdentityService( + getCommonLibConfigurationService(), + getClientProviderFactory().getDynamoDbEnhancedClient()); } return personIdentityService; @@ -130,9 +147,10 @@ public PersonIdentityService getPersonIdentityService() { public ConfigurationService getCommonLibConfigurationService() { if (commonLibConfigurationService == null) { - // Note SSM parameter gets via this service use a 5min cache time commonLibConfigurationService = - new uk.gov.di.ipv.cri.common.library.service.ConfigurationService(); + new uk.gov.di.ipv.cri.common.library.service.ConfigurationService( + getClientProviderFactory().getSSMProvider(), + getClientProviderFactory().getSecretsProvider()); } return commonLibConfigurationService; @@ -147,7 +165,9 @@ public DataStore getDocumentCheckResultStore() { documentCheckResultStore = new DataStore<>( - tableName, DocumentCheckResultItem.class, DataStore.getClient()); + tableName, + DocumentCheckResultItem.class, + getClientProviderFactory().getDynamoDbEnhancedClient()); } return documentCheckResultStore; diff --git a/lib/src/test/java/uk/gov/di/ipv/cri/passport/library/service/ClientFactoryServiceTest.java b/lib/src/test/java/uk/gov/di/ipv/cri/passport/library/service/ApacheHTTPClientFactoryServiceTest.java similarity index 65% rename from lib/src/test/java/uk/gov/di/ipv/cri/passport/library/service/ClientFactoryServiceTest.java rename to lib/src/test/java/uk/gov/di/ipv/cri/passport/library/service/ApacheHTTPClientFactoryServiceTest.java index 7406842f..6a616a2d 100644 --- a/lib/src/test/java/uk/gov/di/ipv/cri/passport/library/service/ClientFactoryServiceTest.java +++ b/lib/src/test/java/uk/gov/di/ipv/cri/passport/library/service/ApacheHTTPClientFactoryServiceTest.java @@ -6,12 +6,7 @@ import org.junit.jupiter.api.extension.ExtendWith; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.CsvSource; -import org.mockito.Mock; import org.mockito.junit.jupiter.MockitoExtension; -import software.amazon.awssdk.regions.Region; -import software.amazon.awssdk.services.kms.KmsClient; -import software.amazon.awssdk.services.sqs.SqsClient; -import software.amazon.lambda.powertools.parameters.SSMProvider; import uk.org.webcompere.systemstubs.environment.EnvironmentVariables; import uk.org.webcompere.systemstubs.jupiter.SystemStub; import uk.org.webcompere.systemstubs.jupiter.SystemStubsExtension; @@ -30,61 +25,28 @@ @ExtendWith(MockitoExtension.class) @ExtendWith(SystemStubsExtension.class) -class ClientFactoryServiceTest { +class ApacheHTTPClientFactoryServiceTest { @SystemStub private EnvironmentVariables environmentVariables = new EnvironmentVariables(); - @Mock private ParameterStoreService mockParameterStoreService; - - private ClientFactoryService clientFactoryService; + private ApacheHTTPClientFactoryService apacheHTTPClientFactoryService; @BeforeEach void setUp() { environmentVariables.set("AWS_REGION", "eu-west-2"); environmentVariables.set("AWS_STACK_NAME", "TEST_STACK"); - clientFactoryService = new ClientFactoryService(); - } - - @Test - void shouldReturnKMSClient() { - - KmsClient kmsClient = clientFactoryService.getKMSClient(); - - assertNotNull(kmsClient); - } - - @Test - void shouldReturnSSMProvider() { - - SSMProvider ssmProvider = clientFactoryService.getSSMProvider(); - - assertNotNull(ssmProvider); - } - - @Test - void shouldReturnSqsClient() { - - SqsClient sqsClient = clientFactoryService.getSqsClient(); - - assertNotNull(sqsClient); + apacheHTTPClientFactoryService = new ApacheHTTPClientFactoryService(); } @Test void shouldReturnHttpClientWithNoSSL() { - CloseableHttpClient closeableHttpClient = clientFactoryService.generatePublicHttpClient(); + CloseableHttpClient closeableHttpClient = + apacheHTTPClientFactoryService.generatePublicHttpClient(); assertNotNull(closeableHttpClient); } - @Test - void shouldReturnClientWithRegionManuallySet() { - ClientFactoryService clientFactoryServiceManual = - new ClientFactoryService(Region.EU_WEST_2); - - assertNotNull(clientFactoryServiceManual); - } - @ParameterizedTest @CsvSource({ "CertificateException, true", @@ -119,6 +81,8 @@ void shouldCatchExceptionAndThrowHttpClientExceptionForExceptionsGettingHttpClie expectedExceptionClass = InvalidKeySpecException.class; break; + default: + break; } String finalBase64TLSCertString = base64TLSCertString; @@ -127,11 +91,12 @@ void shouldCatchExceptionAndThrowHttpClientExceptionForExceptionsGettingHttpClie assertThrows( expectedExceptionClass, () -> - clientFactoryService.generateHTTPClientFromExternalApacheHttpClient( - finalBase64TLSCertString, - finalBase64TLSKeyString, - base64TLSRootCertString, - base64TLSIntCertString), + apacheHTTPClientFactoryService + .generateHTTPClientFromExternalApacheHttpClient( + finalBase64TLSCertString, + finalBase64TLSKeyString, + base64TLSRootCertString, + base64TLSIntCertString), "An Error Message"); assert expectedExceptionClass != null; @@ -144,8 +109,12 @@ void shouldReturnHTTPClientWithSSL() { CloseableHttpClient closeableHttpClient = assertDoesNotThrow( () -> - clientFactoryService.generateHTTPClientFromExternalApacheHttpClient( - TEST_TLS_CRT, TEST_TLS_KEY, TEST_ROOT_CRT, TEST_TLS_CRT)); + apacheHTTPClientFactoryService + .generateHTTPClientFromExternalApacheHttpClient( + TEST_TLS_CRT, + TEST_TLS_KEY, + TEST_ROOT_CRT, + TEST_TLS_CRT)); assertNotNull(closeableHttpClient); } diff --git a/lib/src/test/java/uk/gov/di/ipv/cri/passport/library/service/ParameterStoreServiceTest.java b/lib/src/test/java/uk/gov/di/ipv/cri/passport/library/service/ParameterStoreServiceTest.java index d82177e9..bc22d703 100644 --- a/lib/src/test/java/uk/gov/di/ipv/cri/passport/library/service/ParameterStoreServiceTest.java +++ b/lib/src/test/java/uk/gov/di/ipv/cri/passport/library/service/ParameterStoreServiceTest.java @@ -25,7 +25,6 @@ class ParameterStoreServiceTest { @SystemStub private EnvironmentVariables environmentVariables = new EnvironmentVariables(); - @Mock private ClientFactoryService mockClientFactoryService; @Mock SSMProvider mockSSMProvider; private final String AWS_STACK_NAME = "passport-api-dev"; @@ -41,9 +40,7 @@ void setUp() { environmentVariables.set("AWS_STACK_NAME", AWS_STACK_NAME); environmentVariables.set("COMMON_PARAMETER_NAME_PREFIX", COMMON_PARAMETER_NAME_PREFIX); - when(mockClientFactoryService.getSSMProvider()).thenReturn(mockSSMProvider); - - parameterStoreService = new ParameterStoreService(mockClientFactoryService); + parameterStoreService = new ParameterStoreService(mockSSMProvider); } @Test diff --git a/lib/src/test/java/uk/gov/di/ipv/cri/passport/library/service/ServiceFactoryTest.java b/lib/src/test/java/uk/gov/di/ipv/cri/passport/library/service/ServiceFactoryTest.java index b0c19b0a..0dfffd96 100644 --- a/lib/src/test/java/uk/gov/di/ipv/cri/passport/library/service/ServiceFactoryTest.java +++ b/lib/src/test/java/uk/gov/di/ipv/cri/passport/library/service/ServiceFactoryTest.java @@ -12,6 +12,7 @@ import uk.gov.di.ipv.cri.common.library.service.ConfigurationService; import uk.gov.di.ipv.cri.common.library.service.PersonIdentityService; import uk.gov.di.ipv.cri.common.library.service.SessionService; +import uk.gov.di.ipv.cri.common.library.util.ClientProviderFactory; import uk.gov.di.ipv.cri.common.library.util.EventProbe; import uk.gov.di.ipv.cri.passport.library.persistence.DocumentCheckResultItem; import uk.org.webcompere.systemstubs.environment.EnvironmentVariables; @@ -63,12 +64,23 @@ void shouldReturnEventProbe() { } @Test - void shouldReturnClientFactoryService() { - ClientFactoryService clientFactoryService = serviceFactory.getClientFactoryService(); - assertNotNull(clientFactoryService); + void shouldReturnClientProviderFactory() { + ClientProviderFactory clientProviderFactory1 = serviceFactory.getClientProviderFactory(); + assertNotNull(clientProviderFactory1); - ClientFactoryService clientFactoryService2 = serviceFactory.getClientFactoryService(); - assertEquals(clientFactoryService, clientFactoryService2); + ClientProviderFactory clientProviderFactory2 = serviceFactory.getClientProviderFactory(); + assertEquals(clientProviderFactory1, clientProviderFactory2); + } + + @Test + void shouldReturnApacheHTTPClientFactoryService() { + ApacheHTTPClientFactoryService apacheHTTPClientFactoryService1 = + serviceFactory.getApacheHTTPClientFactoryService(); + assertNotNull(apacheHTTPClientFactoryService1); + + ApacheHTTPClientFactoryService apacheHTTPClientFactoryService2 = + serviceFactory.getApacheHTTPClientFactoryService(); + assertEquals(apacheHTTPClientFactoryService1, apacheHTTPClientFactoryService2); } @Test @@ -124,7 +136,7 @@ void shouldReturnAuditService() throws NoSuchFieldException, IllegalAccessExcept } @Test - void shouldReturnPersonIdentityService() throws NoSuchFieldException, IllegalAccessException { + void shouldReturnPersonIdentityService() { try (MockedConstruction personIdentityServiceMockedConstruction = mockConstruction(PersonIdentityService.class)) {