From 6dda65de609eb94f9ec19120cf59ac3be0a4a971 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Thu, 21 Nov 2024 09:30:45 +0100 Subject: [PATCH 01/36] P4ADEV-1341 retrieve access token --- build.gradle.kts | 10 ++++ gradle.lockfile | 4 ++ helm/values-dev.yaml | 8 +++ .../pagopa/payhub/pdnd/config/PdndConfig.java | 17 ++++++ .../payhub/pdnd/dto/AccessTokenDTO.java | 21 +++++++ .../payhub/pdnd/service/PdndClient.java | 7 +++ .../payhub/pdnd/service/PdndClientImpl.java | 46 +++++++++++++++ .../pagopa/payhub/pdnd/utils/CertUtils.java | 32 ++++++++++ .../pagopa/payhub/pdnd/utils/PdndUtils.java | 58 +++++++++++++++++++ src/main/resources/application.yml | 12 +++- 10 files changed, 214 insertions(+), 1 deletion(-) create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndConfig.java create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/dto/AccessTokenDTO.java create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClient.java create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/utils/CertUtils.java create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtils.java diff --git a/build.gradle.kts b/build.gradle.kts index 36663a4..689ccde 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -31,6 +31,10 @@ repositories { val springDocOpenApiVersion = "2.6.0" val openApiToolsVersion = "0.2.6" val findbugsVersion = "3.0.2" +val javaJwtVersion = "4.4.0" +val jwksRsaVersion = "0.22.1" +val nimbusJoseJwtVersion = "9.47" +val jjwtVersion = "0.12.6" dependencies { implementation("org.springframework.boot:spring-boot-starter") @@ -45,6 +49,12 @@ dependencies { compileOnly("org.projectlombok:lombok") annotationProcessor("org.projectlombok:lombok") + // validation token jwt + implementation("com.auth0:java-jwt:$javaJwtVersion") + implementation("com.auth0:jwks-rsa:$jwksRsaVersion") + implementation("com.nimbusds:nimbus-jose-jwt:$nimbusJoseJwtVersion") + implementation("io.jsonwebtoken:jjwt-api:$jjwtVersion") + // Testing testImplementation("org.springframework.boot:spring-boot-starter-test") testImplementation("org.springframework.security:spring-security-test") diff --git a/gradle.lockfile b/gradle.lockfile index 103046d..8088d6b 100644 --- a/gradle.lockfile +++ b/gradle.lockfile @@ -3,6 +3,8 @@ # This file is expected to be part of source control. ch.qos.logback:logback-classic:1.5.11=compileClasspath ch.qos.logback:logback-core:1.5.11=compileClasspath +com.auth0:java-jwt:4.4.0=compileClasspath +com.auth0:jwks-rsa:0.22.1=compileClasspath com.fasterxml.jackson.core:jackson-annotations:2.17.2=compileClasspath com.fasterxml.jackson.core:jackson-core:2.17.2=compileClasspath com.fasterxml.jackson.core:jackson-databind:2.17.2=compileClasspath @@ -12,6 +14,8 @@ com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.17.2=compileClasspath com.fasterxml.jackson.module:jackson-module-parameter-names:2.17.2=compileClasspath com.fasterxml.jackson:jackson-bom:2.17.2=compileClasspath com.google.code.findbugs:jsr305:3.0.2=compileClasspath +com.nimbusds:nimbus-jose-jwt:9.47=compileClasspath +io.jsonwebtoken:jjwt-api:0.12.6=compileClasspath io.micrometer:micrometer-commons:1.13.6=compileClasspath io.micrometer:micrometer-core:1.13.6=compileClasspath io.micrometer:micrometer-jakarta9:1.13.6=compileClasspath diff --git a/helm/values-dev.yaml b/helm/values-dev.yaml index b650303..f4e1b81 100644 --- a/helm/values-dev.yaml +++ b/helm/values-dev.yaml @@ -31,6 +31,14 @@ microservice-chart: ENV: "DEV" JAVA_TOOL_OPTIONS: "-Xms128m -Xmx4g -Djava.util.concurrent.ForkJoinPool.common.parallelism=7 -javaagent:/app/applicationinsights-agent.jar -Dapplicationinsights.configuration.file=/mnt/file-config-external/appinsights-config/applicationinsights.json -agentlib:jdwp=transport=dt_socket,server=y,address=8001,suspend=n -Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.port=3002 -Dcom.sun.management.jmxremote.rmi.port=3003 -Djava.rmi.server.hostname=127.0.0.1 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false" + PDND_BASE_URL: http://idpay-mock-microservice-chart:8080/idpay/mock/pdnd + PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion + + #This should be removed once read from initiative + PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 5df9f218-df34-4f05-a9c4-e4a74b2a8e3f + PAGOPA_PDND_CONFIGURATION_KID: r3ee8wZ39fxq71LinbYDgpoHeywbuzLyc4ynVldEAKY + PAGOPA_PDND_CONFIGURATION_PURPOSE_ID: 8af4c795-8066-4407-a0b3-c95c2daefd6c + keyvault: name: "p4pa-d-payhub-kv" tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d" \ No newline at end of file diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndConfig.java new file mode 100644 index 0000000..be9bb3e --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndConfig.java @@ -0,0 +1,17 @@ +package it.gov.pagopa.payhub.pdnd.config; + +import lombok.Data; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +@Configuration +@ConfigurationProperties(prefix = "app.pdnd.config") +@Data +public class PdndConfig { + private String audience; + private String clientId; + private String kid; + private String purposeId; + private String key; + private String publicKey; +} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/dto/AccessTokenDTO.java b/src/main/java/it/gov/pagopa/payhub/pdnd/dto/AccessTokenDTO.java new file mode 100644 index 0000000..a2bcef7 --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/dto/AccessTokenDTO.java @@ -0,0 +1,21 @@ +package it.gov.pagopa.payhub.pdnd.dto; + +import com.fasterxml.jackson.annotation.JsonProperty; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.RequiredArgsConstructor; + +@Data +@Builder +@AllArgsConstructor +@RequiredArgsConstructor +public class AccessTokenDTO { + + @JsonProperty("access_token") + private String accessToken; + @JsonProperty("token_type") + private String tokenType; + @JsonProperty("expires_in") + private Integer expiresIn; +} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClient.java b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClient.java new file mode 100644 index 0000000..6f64199 --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClient.java @@ -0,0 +1,7 @@ +package it.gov.pagopa.payhub.pdnd.service; + +import it.gov.pagopa.payhub.pdnd.dto.AccessTokenDTO; + +public interface PdndClient { + AccessTokenDTO getAccessToken() throws Exception; +} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java new file mode 100644 index 0000000..27b2bc7 --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java @@ -0,0 +1,46 @@ +package it.gov.pagopa.payhub.pdnd.service; + +import it.gov.pagopa.payhub.pdnd.dto.AccessTokenDTO; +import it.gov.pagopa.payhub.pdnd.utils.PdndUtils; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.boot.web.client.RestTemplateBuilder; +import org.springframework.http.HttpEntity; +import org.springframework.http.HttpHeaders; +import org.springframework.http.MediaType; +import org.springframework.stereotype.Service; +import org.springframework.util.LinkedMultiValueMap; +import org.springframework.util.MultiValueMap; +import org.springframework.web.client.RestTemplate; + +@Service +public class PdndClientImpl implements PdndClient { + + private static final String CLIENT_ASSERTION_TYPE = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"; + private static final String GRANT_TYPE = "client_credentials"; + private final RestTemplate restTemplate; + private final PdndUtils pdndUtils; + private final String pdndBaseUrl; + + public PdndClientImpl(RestTemplateBuilder restTemplateBuilder, PdndUtils pdndUtils, + @Value("${app.pdnd.base-url}") String pdndBaseUrl) { + this.restTemplate = restTemplateBuilder.build(); + this.pdndUtils = pdndUtils; + this.pdndBaseUrl = pdndBaseUrl; + } + + @Override + public AccessTokenDTO getAccessToken() throws Exception { + String clientAssertion = pdndUtils.buildPdndClientAssertion(); + + MultiValueMap formData = new LinkedMultiValueMap<>(); + formData.add("grant_type", GRANT_TYPE); + formData.add("client_assertion_type", CLIENT_ASSERTION_TYPE); + formData.add("client_assertion", clientAssertion); + + HttpHeaders headers = new HttpHeaders(); + headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); + HttpEntity> request = new HttpEntity<>(formData, headers); + + return restTemplate.postForObject(pdndBaseUrl, request, AccessTokenDTO.class); + } +} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/utils/CertUtils.java b/src/main/java/it/gov/pagopa/payhub/pdnd/utils/CertUtils.java new file mode 100644 index 0000000..bbd2c60 --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/utils/CertUtils.java @@ -0,0 +1,32 @@ +package it.gov.pagopa.payhub.pdnd.utils; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.security.KeyFactory; +import java.security.NoSuchAlgorithmException; +import java.security.interfaces.RSAPrivateKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.PKCS8EncodedKeySpec; +import java.util.Base64; + +public class CertUtils { + + public static RSAPrivateKey pemKey2PrivateKey(String privateKey) throws InvalidKeySpecException, NoSuchAlgorithmException, IOException { + String keyStringFormat = extractInlinePemBody(privateKey); + try( + InputStream is = new ByteArrayInputStream(Base64.getDecoder().decode(keyStringFormat)) + ) { + PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(is.readAllBytes()); + KeyFactory kf = KeyFactory.getInstance("RSA"); + return (RSAPrivateKey) kf.generatePrivate(encodedKeySpec); + } + } + + public static String extractInlinePemBody(String target) { + return target + .replaceAll("^-----BEGIN[A-Z|\\s]+-----", "") + .replaceAll("\\s+", "") + .replaceAll("-----END[A-Z|\\s]+-----$", ""); + } +} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtils.java b/src/main/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtils.java new file mode 100644 index 0000000..f9397f6 --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtils.java @@ -0,0 +1,58 @@ +package it.gov.pagopa.payhub.pdnd.utils; + +import com.nimbusds.jose.JOSEObjectType; +import com.nimbusds.jose.JWSAlgorithm; +import com.nimbusds.jose.JWSHeader; +import com.nimbusds.jose.JWSSigner; +import com.nimbusds.jose.crypto.RSASSASigner; +import com.nimbusds.jwt.JWTClaimsSet; +import com.nimbusds.jwt.SignedJWT; +import it.gov.pagopa.payhub.pdnd.config.PdndConfig; +import java.io.IOException; +import java.security.NoSuchAlgorithmException; +import java.security.spec.InvalidKeySpecException; +import java.util.Date; +import java.util.UUID; +import org.springframework.stereotype.Service; + +@Service +public class PdndUtils { + + private final PdndConfig pdndConfig; + + public PdndUtils(PdndConfig pdndConfig) { + this.pdndConfig = pdndConfig; + } + + public String buildPdndClientAssertion() + throws Exception { + JWTClaimsSet claims = setPdndClientAssertionClaims(); + return signPdndJWT(claims); + } + + private JWTClaimsSet setPdndClientAssertionClaims() { + long now = System.currentTimeMillis() / 1000; + return new JWTClaimsSet.Builder() + .issuer(pdndConfig.getClientId()) + .subject(pdndConfig.getClientId()) + .audience(pdndConfig.getAudience()) + .claim("purposeId",pdndConfig.getPurposeId()) + .issueTime(new Date(now * 1000)) + .expirationTime(new Date((now + 300) * 1000)) + .jwtID(UUID.randomUUID().toString()) + .build(); + } + + private String signPdndJWT(JWTClaimsSet claims) throws Exception { + JWSSigner signer = new RSASSASigner(CertUtils.pemKey2PrivateKey(pdndConfig.getKey())); + SignedJWT signedJWT = new SignedJWT( + new JWSHeader.Builder(JWSAlgorithm.RS256) + .type(JOSEObjectType.JWT) + .keyID(pdndConfig.getKid()) + .build(), + claims + ); + signedJWT.sign(signer); + return signedJWT.serialize(); + } +} diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 18977c6..f20a1e4 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -14,4 +14,14 @@ management: jmx: exposure.include: "*" web: - exposure.include: info, health \ No newline at end of file + exposure.include: info, health +app: + pdnd: + base-url: "\${PDND_BASE_URL:https://auth.uat.interop.pagopa.it/token.oauth2}" + config: + audience: "\${PDND_ACCESS_TOKEN_AUDIENCE:auth.uat.interop.pagopa.it/client-assertion}" + client-id: "\${PAGOPA_PDND_CONFIGURATION_CLIENT_ID:890b7ca9-b402-4dce-9e8d-9a333d22d76d}" + kid: "\${PAGOPA_PDND_CONFIGURATION_KID:jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8}" + purpose-id: "\${PAGOPA_PDND_CONFIGURATION_PURPOSE_ID:87520bd5-207a-4616-85d9-10d7bb3e88b8}" + key: "\${PDND_PRIVATE_KEY:}" + publicKey: "\${PDND_PUBLIC_KEY:}" \ No newline at end of file From b28d4c32bfacd06a3438ede8e7d171e21774af88 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Thu, 21 Nov 2024 10:36:32 +0100 Subject: [PATCH 02/36] P4ADEV-1341 edit helm variables --- helm/values-dev.yaml | 11 ++++++----- helm/values-prod.yaml | 9 +++++++++ helm/values-uat.yaml | 9 +++++++++ 3 files changed, 24 insertions(+), 5 deletions(-) diff --git a/helm/values-dev.yaml b/helm/values-dev.yaml index f4e1b81..66b4c73 100644 --- a/helm/values-dev.yaml +++ b/helm/values-dev.yaml @@ -31,13 +31,14 @@ microservice-chart: ENV: "DEV" JAVA_TOOL_OPTIONS: "-Xms128m -Xmx4g -Djava.util.concurrent.ForkJoinPool.common.parallelism=7 -javaagent:/app/applicationinsights-agent.jar -Dapplicationinsights.configuration.file=/mnt/file-config-external/appinsights-config/applicationinsights.json -agentlib:jdwp=transport=dt_socket,server=y,address=8001,suspend=n -Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.port=3002 -Dcom.sun.management.jmxremote.rmi.port=3003 -Djava.rmi.server.hostname=127.0.0.1 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false" - PDND_BASE_URL: http://idpay-mock-microservice-chart:8080/idpay/mock/pdnd + PDND_BASE_URL: https://auth.uat.interop.pagopa.it/token.oauth2 PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion - #This should be removed once read from initiative - PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 5df9f218-df34-4f05-a9c4-e4a74b2a8e3f - PAGOPA_PDND_CONFIGURATION_KID: r3ee8wZ39fxq71LinbYDgpoHeywbuzLyc4ynVldEAKY - PAGOPA_PDND_CONFIGURATION_PURPOSE_ID: 8af4c795-8066-4407-a0b3-c95c2daefd6c + PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d + PAGOPA_PDND_CONFIGURATION_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 + PAGOPA_PDND_CONFIGURATION_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 + PDND_PRIVATE_KEY: piattaforma-unitaria-interop-priv + PDND_PUBLIC_KEY: piattaforma-unitaria-interop-pub keyvault: name: "p4pa-d-payhub-kv" diff --git a/helm/values-prod.yaml b/helm/values-prod.yaml index dd30049..415e764 100644 --- a/helm/values-prod.yaml +++ b/helm/values-prod.yaml @@ -31,6 +31,15 @@ microservice-chart: ENV: "PROD" JAVA_TOOL_OPTIONS: "-Xms128m -Xmx4g -Djava.util.concurrent.ForkJoinPool.common.parallelism=7 -javaagent:/app/applicationinsights-agent.jar -Dapplicationinsights.configuration.file=/mnt/file-config-external/appinsights-config/applicationinsights.json -agentlib:jdwp=transport=dt_socket,server=y,address=8001,suspend=n -Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.port=3002 -Dcom.sun.management.jmxremote.rmi.port=3003 -Djava.rmi.server.hostname=127.0.0.1 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false" + PDND_BASE_URL: https://auth.uat.interop.pagopa.it/token.oauth2 + PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion + + PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d + PAGOPA_PDND_CONFIGURATION_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 + PAGOPA_PDND_CONFIGURATION_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 + PDND_PRIVATE_KEY: piattaforma-unitaria-interop-priv + PDND_PUBLIC_KEY: piattaforma-unitaria-interop-pub + keyvault: name: "p4pa-p-payhub-kv" tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d" diff --git a/helm/values-uat.yaml b/helm/values-uat.yaml index 2a878cc..5254c11 100644 --- a/helm/values-uat.yaml +++ b/helm/values-uat.yaml @@ -31,6 +31,15 @@ microservice-chart: ENV: "UAT" JAVA_TOOL_OPTIONS: "-Xms128m -Xmx4g -Djava.util.concurrent.ForkJoinPool.common.parallelism=7 -javaagent:/app/applicationinsights-agent.jar -Dapplicationinsights.configuration.file=/mnt/file-config-external/appinsights-config/applicationinsights.json -agentlib:jdwp=transport=dt_socket,server=y,address=8001,suspend=n -Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.port=3002 -Dcom.sun.management.jmxremote.rmi.port=3003 -Djava.rmi.server.hostname=127.0.0.1 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false" + PDND_BASE_URL: https://auth.uat.interop.pagopa.it/token.oauth2 + PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion + + PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d + PAGOPA_PDND_CONFIGURATION_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 + PAGOPA_PDND_CONFIGURATION_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 + PDND_PRIVATE_KEY: piattaforma-unitaria-interop-priv + PDND_PUBLIC_KEY: piattaforma-unitaria-interop-pub + keyvault: name: "p4pa-u-payhub-kv" tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d" From 3c14c087492b3e9ee5fab27f534bbbd73e94121b Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Thu, 21 Nov 2024 10:40:59 +0100 Subject: [PATCH 03/36] P4ADEV-1341 edit helm variables --- helm/values-dev.yaml | 2 +- helm/values-prod.yaml | 2 +- helm/values-uat.yaml | 2 +- .../java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java | 2 +- src/main/resources/application.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/helm/values-dev.yaml b/helm/values-dev.yaml index 66b4c73..24a8465 100644 --- a/helm/values-dev.yaml +++ b/helm/values-dev.yaml @@ -31,7 +31,7 @@ microservice-chart: ENV: "DEV" JAVA_TOOL_OPTIONS: "-Xms128m -Xmx4g -Djava.util.concurrent.ForkJoinPool.common.parallelism=7 -javaagent:/app/applicationinsights-agent.jar -Dapplicationinsights.configuration.file=/mnt/file-config-external/appinsights-config/applicationinsights.json -agentlib:jdwp=transport=dt_socket,server=y,address=8001,suspend=n -Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.port=3002 -Dcom.sun.management.jmxremote.rmi.port=3003 -Djava.rmi.server.hostname=127.0.0.1 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false" - PDND_BASE_URL: https://auth.uat.interop.pagopa.it/token.oauth2 + PDND_BASE_URL: https://auth.uat.interop.pagopa.it PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d diff --git a/helm/values-prod.yaml b/helm/values-prod.yaml index 415e764..a3a939f 100644 --- a/helm/values-prod.yaml +++ b/helm/values-prod.yaml @@ -31,7 +31,7 @@ microservice-chart: ENV: "PROD" JAVA_TOOL_OPTIONS: "-Xms128m -Xmx4g -Djava.util.concurrent.ForkJoinPool.common.parallelism=7 -javaagent:/app/applicationinsights-agent.jar -Dapplicationinsights.configuration.file=/mnt/file-config-external/appinsights-config/applicationinsights.json -agentlib:jdwp=transport=dt_socket,server=y,address=8001,suspend=n -Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.port=3002 -Dcom.sun.management.jmxremote.rmi.port=3003 -Djava.rmi.server.hostname=127.0.0.1 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false" - PDND_BASE_URL: https://auth.uat.interop.pagopa.it/token.oauth2 + PDND_BASE_URL: https://auth.uat.interop.pagopa.it PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d diff --git a/helm/values-uat.yaml b/helm/values-uat.yaml index 5254c11..67dbdf5 100644 --- a/helm/values-uat.yaml +++ b/helm/values-uat.yaml @@ -31,7 +31,7 @@ microservice-chart: ENV: "UAT" JAVA_TOOL_OPTIONS: "-Xms128m -Xmx4g -Djava.util.concurrent.ForkJoinPool.common.parallelism=7 -javaagent:/app/applicationinsights-agent.jar -Dapplicationinsights.configuration.file=/mnt/file-config-external/appinsights-config/applicationinsights.json -agentlib:jdwp=transport=dt_socket,server=y,address=8001,suspend=n -Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.port=3002 -Dcom.sun.management.jmxremote.rmi.port=3003 -Djava.rmi.server.hostname=127.0.0.1 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false" - PDND_BASE_URL: https://auth.uat.interop.pagopa.it/token.oauth2 + PDND_BASE_URL: https://auth.uat.interop.pagopa.it PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java index 27b2bc7..7476cff 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java @@ -41,6 +41,6 @@ public AccessTokenDTO getAccessToken() throws Exception { headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); HttpEntity> request = new HttpEntity<>(formData, headers); - return restTemplate.postForObject(pdndBaseUrl, request, AccessTokenDTO.class); + return restTemplate.postForObject(pdndBaseUrl+"/token.oauth2", request, AccessTokenDTO.class); } } diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index f20a1e4..05b4dbe 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -17,7 +17,7 @@ management: exposure.include: info, health app: pdnd: - base-url: "\${PDND_BASE_URL:https://auth.uat.interop.pagopa.it/token.oauth2}" + base-url: "\${PDND_BASE_URL:https://auth.uat.interop.pagopa.it}" config: audience: "\${PDND_ACCESS_TOKEN_AUDIENCE:auth.uat.interop.pagopa.it/client-assertion}" client-id: "\${PAGOPA_PDND_CONFIGURATION_CLIENT_ID:890b7ca9-b402-4dce-9e8d-9a333d22d76d}" From 3729434284a6453dd671cf27607049c168c0fc6f Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Thu, 21 Nov 2024 13:25:02 +0100 Subject: [PATCH 04/36] P4ADEV-1341 add PdndClientImplTest --- .../pdnd/PayhubPdndApplicationTests.java | 13 --- .../pdnd/service/PdndClientImplTest.java | 81 +++++++++++++++++++ 2 files changed, 81 insertions(+), 13 deletions(-) delete mode 100644 src/test/java/it/gov/pagopa/payhub/pdnd/PayhubPdndApplicationTests.java create mode 100644 src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/PayhubPdndApplicationTests.java b/src/test/java/it/gov/pagopa/payhub/pdnd/PayhubPdndApplicationTests.java deleted file mode 100644 index 1206415..0000000 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/PayhubPdndApplicationTests.java +++ /dev/null @@ -1,13 +0,0 @@ -package it.gov.pagopa.payhub.pdnd; - -import org.junit.jupiter.api.Test; -import org.springframework.boot.test.context.SpringBootTest; - -@SpringBootTest -class PayhubPdndApplicationTests { - - @Test - public void main() { - PayhubPdndApplication.main(new String[] {}); - } -} diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java new file mode 100644 index 0000000..22d30a0 --- /dev/null +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java @@ -0,0 +1,81 @@ +package it.gov.pagopa.payhub.pdnd.service; + +import static org.junit.jupiter.api.Assertions.*; + +import it.gov.pagopa.payhub.pdnd.dto.AccessTokenDTO; +import it.gov.pagopa.payhub.pdnd.utils.PdndUtils; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; +import org.mockito.InjectMocks; +import org.mockito.Mock; +import org.mockito.Mockito; +import org.mockito.junit.jupiter.MockitoExtension; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.boot.web.client.RestTemplateBuilder; +import org.springframework.http.HttpEntity; +import org.springframework.web.client.RestClientException; +import org.springframework.web.client.RestTemplate; + +@ExtendWith(MockitoExtension.class) +class PdndClientImplTest { + + @InjectMocks + private PdndClientImpl pdndClient; + + @Mock + private RestTemplate restTemplate; + + @Mock + private RestTemplateBuilder restTemplateBuilder; + + @Mock + private PdndUtils pdndUtils; + + @Value("${app.pdnd.base-url}") + private String pdndBaseUrl = "https://pdnd.it"; + + @BeforeEach + void setUp() { + Mockito.when(restTemplateBuilder.build()).thenReturn(restTemplate); + pdndClient = new PdndClientImpl(restTemplateBuilder, pdndUtils, pdndBaseUrl); + } + + @Test + void whenGetAccessTokenThenSuccess() throws Exception { + // Given + String mockAssertion = "ASSERTION"; + AccessTokenDTO mockAccessToken = new AccessTokenDTO(); + mockAccessToken.setAccessToken("TOKEN"); + + // When + Mockito.when(pdndUtils.buildPdndClientAssertion()).thenReturn(mockAssertion); + Mockito.when(restTemplate.postForObject( + Mockito.eq(pdndBaseUrl + "/token.oauth2"), + Mockito.any(HttpEntity.class), + Mockito.eq(AccessTokenDTO.class) + )).thenReturn(mockAccessToken); + + // Then + AccessTokenDTO result = pdndClient.getAccessToken(); + assertEquals("TOKEN", result.getAccessToken()); + } + + @Test + void whenGetAccessTokenThenException() throws Exception { + // Given + String mockAssertion = "ASSERTION"; + + // When + Mockito.when(pdndUtils.buildPdndClientAssertion()).thenReturn(mockAssertion); + Mockito.when(restTemplate.postForObject( + Mockito.eq(pdndBaseUrl + "/token.oauth2"), + Mockito.any(HttpEntity.class), + Mockito.eq(AccessTokenDTO.class) + )).thenThrow(new RestClientException("Error during HTTP request")); + + // Then + Exception exception = assertThrows(RestClientException.class, () -> pdndClient.getAccessToken()); + assertEquals("Error during HTTP request", exception.getMessage()); + } +} \ No newline at end of file From 7f98030bd3f6626569c24f8e12cebe399e78f38e Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Thu, 21 Nov 2024 13:39:37 +0100 Subject: [PATCH 05/36] P4ADEV-1341 add CertUtilsTest --- .../payhub/pdnd/utils/CertUtilsTest.java | 95 +++++++++++++++++++ 1 file changed, 95 insertions(+) create mode 100644 src/test/java/it/gov/pagopa/payhub/pdnd/utils/CertUtilsTest.java diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/utils/CertUtilsTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/CertUtilsTest.java new file mode 100644 index 0000000..f1f7458 --- /dev/null +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/CertUtilsTest.java @@ -0,0 +1,95 @@ +package it.gov.pagopa.payhub.pdnd.utils; + +import static org.junit.jupiter.api.Assertions.*; + +import java.io.IOException; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.spec.InvalidKeySpecException; +import org.junit.jupiter.api.Test; + +class CertUtilsTest { + + @Test + void whenPemKey2PrivateKeyThenValidKey() throws InvalidKeySpecException, NoSuchAlgorithmException, IOException { + // Given + String pemKey = """ + -----BEGIN PRIVATE KEY----- + MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCT5fdA/ZKoyLas + R5/kxfFm8KBz4v3i8k76Xd8j2vh8kBaapzn9hAHWJXOJ+GOUFOxkw1bnI2PUtZjj + tw49XrjcxQ37sOV407+B3ko49zZjNB97OPFQyZx9V3uNcBjKnM3UqNbcBwdIIlVW + Egt0Cao7gEGE1CKsaXpuZkofVgGo5f8K8IdETLJPFuspDTR4UPofDraL2HCxbsVx + dE0UBFXgB9vQmBMkPk27cz+Ze6j5wgSGME/A+YCCp1uvJqWK/uRfGxMRyVYInR5H + bDiI06iZwiLLW1Pf6gE3CCYSUw42VnPHODaitjJ6XLkolB5xsUprkttIg+UrRGSa + 9J3xg3gNAgMBAAECggEASKjRCS/KjntVK1xg1F7e0yjiWyyoeId8f4oApzfbni6X + vFDtr3vb/x4VHjJWkZiZ7oL9Pb7oO8cfnrf/Ge1gOq3gycdFZU/6JM5VfpkNMj2Y + Pcxi2cLCy91fyMPKmjfg81ojfKNDU4/yhr+EuvRImsTO63fgtP149aXxQmXZmOTu + TFjSNTRfvtMgHN0Em1PUgQxO8oUh3Djf5spjAJ/w+gVBSYsYSv5sOOi2H/qZSALZ + hc1t4GfzNKZuyG8FxNwH1SIVkKTYQnDhyiE9426tq6Kiuqvh2MspVJcRGpbaxgr2 + q++ZZrAl60ma5U2hUEgG5oLGjyrgQjEyroZhEokgLQKBgQDKIeAJ/FYdEX4cvHhS + kuUpHQjpZtwOwC+vr4ojudpjLDOTTdkFXzd7jeCmjp4r1/arRxx1KZWP0fxlUEov + 0LDiaU0zBeol/q0ayq5XnhJNVngCyKjQQ+Np1eIGTIIGOkAm8LlnEsvlQLbuOYZ4 + eeeplBW3h321MFKgch7IyqBb5wKBgQC7UBG/ypw6RWPUOHYdtY1nLCQQJjvKCOMT + DolkFB2UUuNfNGK6PDUL9KbPIsrHJLw0oGoqQyBkInVMG5jJb/bHdH0spiKGn51u + orMk/xsA990Kqt+DT1Z5fEpoPchGMc529JR5h43n1n5s8/6jyDa5JNLFnS9xKZTm + IvV/Nayt6wKBgGxpSs5QRqeEkE09UJOJMduhNPxqLLDEp07lKYQL1HPIa0kgQbu9 + 2/YqnEj4ySDezfADTeIREaR3jZWRQJjwp05oB/3LuE/0jkeGWYeowkw0il2D3fcF + 0l0bWATk2AAbEflQtz/vNuiYkwSmWdcYGwY65ILw6p1Zc5eWXah39RYVAoGAI93Y + GDZupcXFsMxC6btq4ReVrDX1+uCqwmplKnGjnFQmz4MTaH/A1JI7IqyR0YIaO6V/ + zqnd2O60MSeToPa8dUK7+UGymL6VgarLzMjAXfYYMEO52sXlVAvVn5I8+BvvYd3B + VGf9ZyguOySZXLkoqVkAtvA7Nlr09QA6q+oWL5MCgYAsLS2PEMY/HMR1Z5P/uMxw + q7eQ7K3YYKcJpbM2da7r38UaZc/HhtiaU/XOdTnT/M/eF4hoW0yxO5YKfgurgosz + OjAnn7+Ed5S5Sh8E4EHUGCcawErZEZCtlsns0fNPGfNjadZAjq0X+5VP1EVXca0B + VrSp9ZTif3cvyxNTOogbgA== + -----END PRIVATE KEY----- + """; + + // When + PrivateKey privateKey = CertUtils.pemKey2PrivateKey(pemKey); + + // Then + assertNotNull(privateKey); + assertTrue(privateKey instanceof java.security.interfaces.RSAPrivateKey); + } + + @Test + void whenPemKey2PrivateKeyThenInvalidKey() { + // Given + String invalidPemKey = """ + -----BEGIN PRIVATE KEY----- + NOT VALID KEY + -----END PRIVATE KEY----- + """; + + // Then + assertThrows(InvalidKeySpecException.class, () -> CertUtils.pemKey2PrivateKey(invalidPemKey)); + } + + @Test + void whenPemKey2PrivateKeyThenNullKey() { + // Given + String nullKey = null; + + // Then + assertThrows(NullPointerException.class, () -> CertUtils.pemKey2PrivateKey(nullKey)); + } + + @Test + void whenExtractInlinePemBodyThenValidPem() { + // Given + String pemKey = """ + -----BEGIN PRIVATE KEY----- + MIIEvQIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBALzbdGZIkI5wsRwl + OjiZlQCvdS8/JXbbE29AQSkCAwEAAQ== + -----END PRIVATE KEY----- + """; + + // When + String extractedBody = CertUtils.extractInlinePemBody(pemKey); + + // Then + assertFalse(extractedBody.contains("BEGIN PRIVATE KEY")); + assertFalse(extractedBody.contains("END PRIVATE KEY")); + assertFalse(extractedBody.contains("\n")); + } +} \ No newline at end of file From 84691ee591ac50a68a4a442a248545fe67214967 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Thu, 21 Nov 2024 15:50:22 +0100 Subject: [PATCH 06/36] P4ADEV-1341 add PdndUtilsTest --- .../pagopa/payhub/pdnd/utils/CertUtils.java | 1 + .../pagopa/payhub/pdnd/utils/PdndUtils.java | 9 +- .../payhub/pdnd/utils/PdndUtilsTest.java | 118 ++++++++++++++++++ 3 files changed, 122 insertions(+), 6 deletions(-) create mode 100644 src/test/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtilsTest.java diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/utils/CertUtils.java b/src/main/java/it/gov/pagopa/payhub/pdnd/utils/CertUtils.java index bbd2c60..5d9158a 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/utils/CertUtils.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/utils/CertUtils.java @@ -11,6 +11,7 @@ import java.util.Base64; public class CertUtils { + private CertUtils(){} public static RSAPrivateKey pemKey2PrivateKey(String privateKey) throws InvalidKeySpecException, NoSuchAlgorithmException, IOException { String keyStringFormat = extractInlinePemBody(privateKey); diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtils.java b/src/main/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtils.java index f9397f6..6e0a07c 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtils.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtils.java @@ -8,9 +8,6 @@ import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.SignedJWT; import it.gov.pagopa.payhub.pdnd.config.PdndConfig; -import java.io.IOException; -import java.security.NoSuchAlgorithmException; -import java.security.spec.InvalidKeySpecException; import java.util.Date; import java.util.UUID; import org.springframework.stereotype.Service; @@ -26,11 +23,11 @@ public PdndUtils(PdndConfig pdndConfig) { public String buildPdndClientAssertion() throws Exception { - JWTClaimsSet claims = setPdndClientAssertionClaims(); + JWTClaimsSet claims = buildPdndClientAssertionClaims(); return signPdndJWT(claims); } - private JWTClaimsSet setPdndClientAssertionClaims() { + public JWTClaimsSet buildPdndClientAssertionClaims() { long now = System.currentTimeMillis() / 1000; return new JWTClaimsSet.Builder() .issuer(pdndConfig.getClientId()) @@ -43,7 +40,7 @@ private JWTClaimsSet setPdndClientAssertionClaims() { .build(); } - private String signPdndJWT(JWTClaimsSet claims) throws Exception { + public String signPdndJWT(JWTClaimsSet claims) throws Exception { JWSSigner signer = new RSASSASigner(CertUtils.pemKey2PrivateKey(pdndConfig.getKey())); SignedJWT signedJWT = new SignedJWT( new JWSHeader.Builder(JWSAlgorithm.RS256) diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtilsTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtilsTest.java new file mode 100644 index 0000000..5d29876 --- /dev/null +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtilsTest.java @@ -0,0 +1,118 @@ +package it.gov.pagopa.payhub.pdnd.utils; + +import static org.junit.jupiter.api.Assertions.*; +import static org.mockito.Mockito.times; + +import com.nimbusds.jwt.JWTClaimsSet; +import com.nimbusds.jwt.SignedJWT; +import it.gov.pagopa.payhub.pdnd.config.PdndConfig; +import java.util.Date; +import java.util.UUID; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; +import org.mockito.InjectMocks; +import org.mockito.Mock; +import org.mockito.Mockito; +import org.mockito.junit.jupiter.MockitoExtension; + +@ExtendWith(MockitoExtension.class) +class PdndUtilsTest { + + @InjectMocks + private PdndUtils pdndUtils; + + @Mock + private PdndConfig pdndConfig; + + private String pemKey = """ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCT5fdA/ZKoyLas +R5/kxfFm8KBz4v3i8k76Xd8j2vh8kBaapzn9hAHWJXOJ+GOUFOxkw1bnI2PUtZjj +tw49XrjcxQ37sOV407+B3ko49zZjNB97OPFQyZx9V3uNcBjKnM3UqNbcBwdIIlVW +Egt0Cao7gEGE1CKsaXpuZkofVgGo5f8K8IdETLJPFuspDTR4UPofDraL2HCxbsVx +dE0UBFXgB9vQmBMkPk27cz+Ze6j5wgSGME/A+YCCp1uvJqWK/uRfGxMRyVYInR5H +bDiI06iZwiLLW1Pf6gE3CCYSUw42VnPHODaitjJ6XLkolB5xsUprkttIg+UrRGSa +9J3xg3gNAgMBAAECggEASKjRCS/KjntVK1xg1F7e0yjiWyyoeId8f4oApzfbni6X +vFDtr3vb/x4VHjJWkZiZ7oL9Pb7oO8cfnrf/Ge1gOq3gycdFZU/6JM5VfpkNMj2Y +Pcxi2cLCy91fyMPKmjfg81ojfKNDU4/yhr+EuvRImsTO63fgtP149aXxQmXZmOTu +TFjSNTRfvtMgHN0Em1PUgQxO8oUh3Djf5spjAJ/w+gVBSYsYSv5sOOi2H/qZSALZ +hc1t4GfzNKZuyG8FxNwH1SIVkKTYQnDhyiE9426tq6Kiuqvh2MspVJcRGpbaxgr2 +q++ZZrAl60ma5U2hUEgG5oLGjyrgQjEyroZhEokgLQKBgQDKIeAJ/FYdEX4cvHhS +kuUpHQjpZtwOwC+vr4ojudpjLDOTTdkFXzd7jeCmjp4r1/arRxx1KZWP0fxlUEov +0LDiaU0zBeol/q0ayq5XnhJNVngCyKjQQ+Np1eIGTIIGOkAm8LlnEsvlQLbuOYZ4 +eeeplBW3h321MFKgch7IyqBb5wKBgQC7UBG/ypw6RWPUOHYdtY1nLCQQJjvKCOMT +DolkFB2UUuNfNGK6PDUL9KbPIsrHJLw0oGoqQyBkInVMG5jJb/bHdH0spiKGn51u +orMk/xsA990Kqt+DT1Z5fEpoPchGMc529JR5h43n1n5s8/6jyDa5JNLFnS9xKZTm +IvV/Nayt6wKBgGxpSs5QRqeEkE09UJOJMduhNPxqLLDEp07lKYQL1HPIa0kgQbu9 +2/YqnEj4ySDezfADTeIREaR3jZWRQJjwp05oB/3LuE/0jkeGWYeowkw0il2D3fcF +0l0bWATk2AAbEflQtz/vNuiYkwSmWdcYGwY65ILw6p1Zc5eWXah39RYVAoGAI93Y +GDZupcXFsMxC6btq4ReVrDX1+uCqwmplKnGjnFQmz4MTaH/A1JI7IqyR0YIaO6V/ +zqnd2O60MSeToPa8dUK7+UGymL6VgarLzMjAXfYYMEO52sXlVAvVn5I8+BvvYd3B +VGf9ZyguOySZXLkoqVkAtvA7Nlr09QA6q+oWL5MCgYAsLS2PEMY/HMR1Z5P/uMxw +q7eQ7K3YYKcJpbM2da7r38UaZc/HhtiaU/XOdTnT/M/eF4hoW0yxO5YKfgurgosz +OjAnn7+Ed5S5Sh8E4EHUGCcawErZEZCtlsns0fNPGfNjadZAjq0X+5VP1EVXca0B +VrSp9ZTif3cvyxNTOogbgA== +-----END PRIVATE KEY----- + """; + + + @Test + void whenBuildPdndClientAssertionThesVerify() throws Exception { + // When + Mockito.when(pdndConfig.getClientId()).thenReturn("CLIENTID"); + Mockito.when(pdndConfig.getAudience()).thenReturn("AUDIENCE"); + Mockito.when(pdndConfig.getPurposeId()).thenReturn("PURPOSEID"); + Mockito.when(pdndConfig.getKey()).thenReturn(pemKey); + Mockito.when(pdndConfig.getKid()).thenReturn("KID"); + + String token = pdndUtils.buildPdndClientAssertion(); + + // Then + assertNotNull(token); + Mockito.verify(pdndConfig, times(2)).getClientId(); + Mockito.verify(pdndConfig).getAudience(); + Mockito.verify(pdndConfig).getPurposeId(); + Mockito.verify(pdndConfig).getKey(); + Mockito.verify(pdndConfig).getKid(); + } + + @Test + void whenBuildPdndClientAssertionClaimsThenVerify() { + // Given + Mockito.when(pdndConfig.getClientId()).thenReturn("CLIENTID"); + Mockito.when(pdndConfig.getAudience()).thenReturn("AUDIENCE"); + Mockito.when(pdndConfig.getPurposeId()).thenReturn("PURPOSEID"); + // When + JWTClaimsSet claims = pdndUtils.buildPdndClientAssertionClaims(); + + // Then + assertNotNull(claims); + assertEquals("CLIENTID", claims.getIssuer()); + assertEquals("CLIENTID", claims.getSubject()); + assertEquals("AUDIENCE", claims.getAudience().get(0)); + assertEquals("PURPOSEID", claims.getClaim("purposeId")); + assertNotNull(claims.getIssueTime()); + assertNotNull(claims.getExpirationTime()); + assertNotNull(claims.getJWTID()); + } + + @Test + void whenSignPdndJWTThenVerify() throws Exception { + Mockito.when(pdndConfig.getKey()).thenReturn(pemKey); + + JWTClaimsSet claims = new JWTClaimsSet.Builder() + .issuer("CLIENTID") + .subject("SUBJECT") + .audience("AUDIENCE") + .issueTime(new Date()) + .expirationTime(new Date(System.currentTimeMillis() + 300000)) + .jwtID(UUID.randomUUID().toString()) + .build(); + + String signedJWT = pdndUtils.signPdndJWT(claims); + + SignedJWT parsedJWT = SignedJWT.parse(signedJWT); + assertNotNull(parsedJWT); + assertEquals("CLIENTID", parsedJWT.getJWTClaimsSet().getIssuer()); + } +} \ No newline at end of file From 096811b4ef82634c691883475fdcc99d81061042 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Thu, 21 Nov 2024 16:07:34 +0100 Subject: [PATCH 07/36] P4ADEV-1341 change generic exception --- .../gov/pagopa/payhub/pdnd/service/PdndClientImpl.java | 8 +++++++- .../java/it/gov/pagopa/payhub/pdnd/utils/PdndUtils.java | 9 +++++++-- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java index 7476cff..9e11a25 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java @@ -1,7 +1,11 @@ package it.gov.pagopa.payhub.pdnd.service; +import com.nimbusds.jose.JOSEException; import it.gov.pagopa.payhub.pdnd.dto.AccessTokenDTO; import it.gov.pagopa.payhub.pdnd.utils.PdndUtils; +import java.io.IOException; +import java.security.NoSuchAlgorithmException; +import java.security.spec.InvalidKeySpecException; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.web.client.RestTemplateBuilder; import org.springframework.http.HttpEntity; @@ -10,6 +14,7 @@ import org.springframework.stereotype.Service; import org.springframework.util.LinkedMultiValueMap; import org.springframework.util.MultiValueMap; +import org.springframework.web.client.HttpClientErrorException; import org.springframework.web.client.RestTemplate; @Service @@ -29,7 +34,8 @@ public PdndClientImpl(RestTemplateBuilder restTemplateBuilder, PdndUtils pdndUti } @Override - public AccessTokenDTO getAccessToken() throws Exception { + public AccessTokenDTO getAccessToken() + throws HttpClientErrorException, InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { String clientAssertion = pdndUtils.buildPdndClientAssertion(); MultiValueMap formData = new LinkedMultiValueMap<>(); diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtils.java b/src/main/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtils.java index 6e0a07c..8f290e6 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtils.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtils.java @@ -1,5 +1,6 @@ package it.gov.pagopa.payhub.pdnd.utils; +import com.nimbusds.jose.JOSEException; import com.nimbusds.jose.JOSEObjectType; import com.nimbusds.jose.JWSAlgorithm; import com.nimbusds.jose.JWSHeader; @@ -8,6 +9,9 @@ import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.SignedJWT; import it.gov.pagopa.payhub.pdnd.config.PdndConfig; +import java.io.IOException; +import java.security.NoSuchAlgorithmException; +import java.security.spec.InvalidKeySpecException; import java.util.Date; import java.util.UUID; import org.springframework.stereotype.Service; @@ -22,7 +26,7 @@ public PdndUtils(PdndConfig pdndConfig) { } public String buildPdndClientAssertion() - throws Exception { + throws InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { JWTClaimsSet claims = buildPdndClientAssertionClaims(); return signPdndJWT(claims); } @@ -40,7 +44,8 @@ public JWTClaimsSet buildPdndClientAssertionClaims() { .build(); } - public String signPdndJWT(JWTClaimsSet claims) throws Exception { + public String signPdndJWT(JWTClaimsSet claims) + throws InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { JWSSigner signer = new RSASSASigner(CertUtils.pemKey2PrivateKey(pdndConfig.getKey())); SignedJWT signedJWT = new SignedJWT( new JWSHeader.Builder(JWSAlgorithm.RS256) From b3dd11601306e8d16b9008730a2629e60a70226d Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Thu, 21 Nov 2024 16:11:19 +0100 Subject: [PATCH 08/36] P4ADEV-1341 fix issues --- .../java/it/gov/pagopa/payhub/pdnd/service/PdndClient.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClient.java b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClient.java index 6f64199..efb2ba1 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClient.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClient.java @@ -1,7 +1,12 @@ package it.gov.pagopa.payhub.pdnd.service; +import com.nimbusds.jose.JOSEException; import it.gov.pagopa.payhub.pdnd.dto.AccessTokenDTO; +import java.io.IOException; +import java.security.NoSuchAlgorithmException; +import java.security.spec.InvalidKeySpecException; +import org.springframework.web.client.HttpClientErrorException; public interface PdndClient { - AccessTokenDTO getAccessToken() throws Exception; + AccessTokenDTO getAccessToken() throws HttpClientErrorException, InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException; } From 878d5e2a56b962496416f7c5d3ed58e42f3f77cb Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Fri, 22 Nov 2024 10:26:30 +0100 Subject: [PATCH 09/36] P4ADEV-1341 refactor --- build.gradle.kts | 34 ++- helm/values-dev.yaml | 3 - helm/values-prod.yaml | 4 +- helm/values-uat.yaml | 7 +- helm/values.yaml | 3 + .../pagopa/payhub/pdnd/config/AnprConfig.java | 10 + .../pagopa/payhub/pdnd/config/PdndConfig.java | 3 - .../connector/pdnd/client/PdndClient.java | 7 + .../connector/pdnd/client/PdndClientImpl.java | 31 +++ .../PdndClientAssertionBuilderService.java} | 26 ++- .../payhub/pdnd/dto/AccessTokenDTO.java | 21 -- .../payhub/pdnd/model/PdndGenericConfig.java | 14 ++ .../payhub/pdnd/service/PdndClient.java | 12 - .../payhub/pdnd/service/PdndClientImpl.java | 52 ----- .../payhub/pdnd/service/PdndService.java | 29 +++ src/main/resources/application.yml | 10 +- src/main/resources/pdnd/pdnd-v1.yaml | 210 ++++++++++++++++++ .../pdnd/service/PdndClientImplTest.java | 54 +---- .../payhub/pdnd/utils/PdndUtilsTest.java | 12 +- 19 files changed, 372 insertions(+), 170 deletions(-) create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/config/AnprConfig.java create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClient.java create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClientImpl.java rename src/main/java/it/gov/pagopa/payhub/pdnd/{utils/PdndUtils.java => connector/pdnd/service/PdndClientAssertionBuilderService.java} (64%) delete mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/dto/AccessTokenDTO.java create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/model/PdndGenericConfig.java delete mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClient.java delete mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java create mode 100644 src/main/resources/pdnd/pdnd-v1.yaml diff --git a/build.gradle.kts b/build.gradle.kts index 689ccde..4f1b0cb 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -94,13 +94,13 @@ configurations { } tasks.compileJava { - dependsOn("openApiGenerate") + dependsOn("openApiGeneratePayhub","openApiGeneratePdndClient") } - configure { named("main") { java.srcDir("$projectDir/build/generated/src/main/java") + java.srcDir("$projectDir/build/generated/pdnd-client/src/main/java") } } @@ -108,7 +108,10 @@ springBoot { mainClass.value("it.gov.pagopa.payhub.pdnd.PayhubPdndApplication") } -openApiGenerate { +tasks.register("openApiGeneratePayhub") { + group = "openapi" + description = "description" + generatorName.set("spring") inputSpec.set("$rootDir/openapi/p4pa-pdnd.openapi.yaml") outputDir.set("$projectDir/build/generated") @@ -122,6 +125,29 @@ openApiGenerate { "useTags" to "true", "generateConstructorWithAllArgs" to "false", "generatedConstructorWithRequiredArgs" to "false", - "additionalModelTypeAnnotations" to "@lombok.Data @lombok.Builder @lombok.AllArgsConstructor @lombok.RequiredArgsConstructor" + "additionalModelTypeAnnotations" to "@lombok.Data @lombok.Builder @lombok.AllArgsConstructor @lombok.RequiredArgsConstructor", + "serializationLibrary" to "jackson" + )) +} + +tasks.register("openApiGeneratePdndClient") { + group = "openapi" + description = "description" + + generatorName.set("java") + inputSpec.set("$rootDir/src/main/resources/pdnd/pdnd-v1.yaml") + outputDir.set("$projectDir/build/generated/pdnd-client") + apiPackage.set("it.gov.pagopa.common.pdnd.generated.api") + modelPackage.set("it.gov.pagopa.common.pdnd.generated.dto") + modelNameSuffix.set("DTO") + configOptions.set(mapOf( + "swaggerAnnotations" to "false", + "openApiNullable" to "false", + "dateLibrary" to "java17", + "useSpringBoot3" to "true", + "useJakartaEe" to "true", + "serializationLibrary" to "jackson", + "generateSupportingFiles" to "true" )) + library.set("resttemplate") } \ No newline at end of file diff --git a/helm/values-dev.yaml b/helm/values-dev.yaml index 24a8465..71ccaaa 100644 --- a/helm/values-dev.yaml +++ b/helm/values-dev.yaml @@ -33,12 +33,9 @@ microservice-chart: PDND_BASE_URL: https://auth.uat.interop.pagopa.it PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion - PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d PAGOPA_PDND_CONFIGURATION_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 PAGOPA_PDND_CONFIGURATION_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 - PDND_PRIVATE_KEY: piattaforma-unitaria-interop-priv - PDND_PUBLIC_KEY: piattaforma-unitaria-interop-pub keyvault: name: "p4pa-d-payhub-kv" diff --git a/helm/values-prod.yaml b/helm/values-prod.yaml index a3a939f..18d4a3b 100644 --- a/helm/values-prod.yaml +++ b/helm/values-prod.yaml @@ -31,14 +31,12 @@ microservice-chart: ENV: "PROD" JAVA_TOOL_OPTIONS: "-Xms128m -Xmx4g -Djava.util.concurrent.ForkJoinPool.common.parallelism=7 -javaagent:/app/applicationinsights-agent.jar -Dapplicationinsights.configuration.file=/mnt/file-config-external/appinsights-config/applicationinsights.json -agentlib:jdwp=transport=dt_socket,server=y,address=8001,suspend=n -Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.port=3002 -Dcom.sun.management.jmxremote.rmi.port=3003 -Djava.rmi.server.hostname=127.0.0.1 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false" + #TODO edit with real env when prod is ready P4ADEV-1518 PDND_BASE_URL: https://auth.uat.interop.pagopa.it PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion - PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d PAGOPA_PDND_CONFIGURATION_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 PAGOPA_PDND_CONFIGURATION_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 - PDND_PRIVATE_KEY: piattaforma-unitaria-interop-priv - PDND_PUBLIC_KEY: piattaforma-unitaria-interop-pub keyvault: name: "p4pa-p-payhub-kv" diff --git a/helm/values-uat.yaml b/helm/values-uat.yaml index 67dbdf5..6138192 100644 --- a/helm/values-uat.yaml +++ b/helm/values-uat.yaml @@ -33,12 +33,9 @@ microservice-chart: PDND_BASE_URL: https://auth.uat.interop.pagopa.it PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion - - PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d - PAGOPA_PDND_CONFIGURATION_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 + PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 685e6542-8d1b-4837-a555-130e92c9dc6c + PAGOPA_PDND_CONFIGURATION_KID: y80rvmuzGPyfMw0n6v5K-yWsyUVYXiICG2zzNPAJg64 PAGOPA_PDND_CONFIGURATION_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 - PDND_PRIVATE_KEY: piattaforma-unitaria-interop-priv - PDND_PUBLIC_KEY: piattaforma-unitaria-interop-pub keyvault: name: "p4pa-u-payhub-kv" diff --git a/helm/values.yaml b/helm/values.yaml index e77227a..3b518ed 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -65,6 +65,9 @@ microservice-chart: envSecret: APPLICATIONINSIGHTS_CONNECTION_STRING: appinsights-connection-string + PDND_PRIVATE_KEY: piattaforma-unitaria-interop-priv + PDND_PUBLIC_KEY: piattaforma-unitaria-interop-pub + # nodeSelector: {} # tolerations: [] diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/AnprConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/AnprConfig.java new file mode 100644 index 0000000..dc11de3 --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/AnprConfig.java @@ -0,0 +1,10 @@ +package it.gov.pagopa.payhub.pdnd.config; + +import it.gov.pagopa.payhub.pdnd.model.PdndGenericConfig; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +@Configuration +@ConfigurationProperties(prefix = "app.pdnd.anpr.config") +public class AnprConfig extends PdndGenericConfig { +} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndConfig.java index be9bb3e..1c2fbe8 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndConfig.java @@ -9,9 +9,6 @@ @Data public class PdndConfig { private String audience; - private String clientId; - private String kid; - private String purposeId; private String key; private String publicKey; } diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClient.java b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClient.java new file mode 100644 index 0000000..037a4ed --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClient.java @@ -0,0 +1,7 @@ +package it.gov.pagopa.payhub.pdnd.connector.pdnd.client; + +import it.gov.pagopa.common.pdnd.generated.dto.ClientCredentialsResponseDTO; + +public interface PdndClient { + ClientCredentialsResponseDTO getAccessToken(String clientId, String assertions); +} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClientImpl.java b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClientImpl.java new file mode 100644 index 0000000..27c2126 --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClientImpl.java @@ -0,0 +1,31 @@ +package it.gov.pagopa.payhub.pdnd.connector.pdnd.client; + +import it.gov.pagopa.common.pdnd.generated.ApiClient; +import it.gov.pagopa.common.pdnd.generated.api.AuthApi; +import it.gov.pagopa.common.pdnd.generated.dto.ClientCredentialsResponseDTO; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.boot.web.client.RestTemplateBuilder; +import org.springframework.stereotype.Service; +import org.springframework.web.client.RestTemplate; + +@Service +public class PdndClientImpl implements PdndClient { + + private static final String CLIENT_ASSERTION_TYPE = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"; + private static final String GRANT_TYPE = "client_credentials"; + private final AuthApi authApi; + + public PdndClientImpl(RestTemplateBuilder restTemplateBuilder, + @Value("${app.pdnd.base-url}") String pdndBaseUrl) { + RestTemplate restTemplate = restTemplateBuilder.build(); + + ApiClient apiClient = new ApiClient(restTemplate); + apiClient.setBasePath(pdndBaseUrl); + authApi = new AuthApi(apiClient); + } + + @Override + public ClientCredentialsResponseDTO getAccessToken(String clientId, String assertions) { + return authApi.createToken(assertions, CLIENT_ASSERTION_TYPE, GRANT_TYPE, clientId); + } +} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtils.java b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java similarity index 64% rename from src/main/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtils.java rename to src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java index 8f290e6..4d41cdd 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtils.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java @@ -1,4 +1,4 @@ -package it.gov.pagopa.payhub.pdnd.utils; +package it.gov.pagopa.payhub.pdnd.connector.pdnd.service; import com.nimbusds.jose.JOSEException; import com.nimbusds.jose.JOSEObjectType; @@ -9,6 +9,8 @@ import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.SignedJWT; import it.gov.pagopa.payhub.pdnd.config.PdndConfig; +import it.gov.pagopa.payhub.pdnd.model.PdndGenericConfig; +import it.gov.pagopa.payhub.pdnd.utils.CertUtils; import java.io.IOException; import java.security.NoSuchAlgorithmException; import java.security.spec.InvalidKeySpecException; @@ -17,40 +19,40 @@ import org.springframework.stereotype.Service; @Service -public class PdndUtils { +public class PdndClientAssertionBuilderService { private final PdndConfig pdndConfig; - public PdndUtils(PdndConfig pdndConfig) { + public PdndClientAssertionBuilderService(PdndConfig pdndConfig) { this.pdndConfig = pdndConfig; } - public String buildPdndClientAssertion() + public String buildPdndClientAssertion(PdndGenericConfig pdndGenericConfig) throws InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { - JWTClaimsSet claims = buildPdndClientAssertionClaims(); - return signPdndJWT(claims); + JWTClaimsSet claims = buildPdndClientAssertionClaims(pdndGenericConfig.getClientId(), pdndGenericConfig.getPurposeId()); + return signPdndJWT(pdndGenericConfig.getKid(), claims); } - public JWTClaimsSet buildPdndClientAssertionClaims() { + private JWTClaimsSet buildPdndClientAssertionClaims(String clientId, String purposeId) { long now = System.currentTimeMillis() / 1000; return new JWTClaimsSet.Builder() - .issuer(pdndConfig.getClientId()) - .subject(pdndConfig.getClientId()) + .issuer(clientId) + .subject(clientId) .audience(pdndConfig.getAudience()) - .claim("purposeId",pdndConfig.getPurposeId()) + .claim("purposeId",purposeId) .issueTime(new Date(now * 1000)) .expirationTime(new Date((now + 300) * 1000)) .jwtID(UUID.randomUUID().toString()) .build(); } - public String signPdndJWT(JWTClaimsSet claims) + private String signPdndJWT(String kid, JWTClaimsSet claims) throws InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { JWSSigner signer = new RSASSASigner(CertUtils.pemKey2PrivateKey(pdndConfig.getKey())); SignedJWT signedJWT = new SignedJWT( new JWSHeader.Builder(JWSAlgorithm.RS256) .type(JOSEObjectType.JWT) - .keyID(pdndConfig.getKid()) + .keyID(kid) .build(), claims ); diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/dto/AccessTokenDTO.java b/src/main/java/it/gov/pagopa/payhub/pdnd/dto/AccessTokenDTO.java deleted file mode 100644 index a2bcef7..0000000 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/dto/AccessTokenDTO.java +++ /dev/null @@ -1,21 +0,0 @@ -package it.gov.pagopa.payhub.pdnd.dto; - -import com.fasterxml.jackson.annotation.JsonProperty; -import lombok.AllArgsConstructor; -import lombok.Builder; -import lombok.Data; -import lombok.RequiredArgsConstructor; - -@Data -@Builder -@AllArgsConstructor -@RequiredArgsConstructor -public class AccessTokenDTO { - - @JsonProperty("access_token") - private String accessToken; - @JsonProperty("token_type") - private String tokenType; - @JsonProperty("expires_in") - private Integer expiresIn; -} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/model/PdndGenericConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/model/PdndGenericConfig.java new file mode 100644 index 0000000..9a3e43a --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/model/PdndGenericConfig.java @@ -0,0 +1,14 @@ +package it.gov.pagopa.payhub.pdnd.model; + +import lombok.AllArgsConstructor; +import lombok.Data; +import lombok.NoArgsConstructor; + +@Data +@AllArgsConstructor +@NoArgsConstructor +public class PdndGenericConfig { + private String clientId; + private String kid; + private String purposeId; +} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClient.java b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClient.java deleted file mode 100644 index efb2ba1..0000000 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClient.java +++ /dev/null @@ -1,12 +0,0 @@ -package it.gov.pagopa.payhub.pdnd.service; - -import com.nimbusds.jose.JOSEException; -import it.gov.pagopa.payhub.pdnd.dto.AccessTokenDTO; -import java.io.IOException; -import java.security.NoSuchAlgorithmException; -import java.security.spec.InvalidKeySpecException; -import org.springframework.web.client.HttpClientErrorException; - -public interface PdndClient { - AccessTokenDTO getAccessToken() throws HttpClientErrorException, InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException; -} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java deleted file mode 100644 index 9e11a25..0000000 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImpl.java +++ /dev/null @@ -1,52 +0,0 @@ -package it.gov.pagopa.payhub.pdnd.service; - -import com.nimbusds.jose.JOSEException; -import it.gov.pagopa.payhub.pdnd.dto.AccessTokenDTO; -import it.gov.pagopa.payhub.pdnd.utils.PdndUtils; -import java.io.IOException; -import java.security.NoSuchAlgorithmException; -import java.security.spec.InvalidKeySpecException; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.boot.web.client.RestTemplateBuilder; -import org.springframework.http.HttpEntity; -import org.springframework.http.HttpHeaders; -import org.springframework.http.MediaType; -import org.springframework.stereotype.Service; -import org.springframework.util.LinkedMultiValueMap; -import org.springframework.util.MultiValueMap; -import org.springframework.web.client.HttpClientErrorException; -import org.springframework.web.client.RestTemplate; - -@Service -public class PdndClientImpl implements PdndClient { - - private static final String CLIENT_ASSERTION_TYPE = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"; - private static final String GRANT_TYPE = "client_credentials"; - private final RestTemplate restTemplate; - private final PdndUtils pdndUtils; - private final String pdndBaseUrl; - - public PdndClientImpl(RestTemplateBuilder restTemplateBuilder, PdndUtils pdndUtils, - @Value("${app.pdnd.base-url}") String pdndBaseUrl) { - this.restTemplate = restTemplateBuilder.build(); - this.pdndUtils = pdndUtils; - this.pdndBaseUrl = pdndBaseUrl; - } - - @Override - public AccessTokenDTO getAccessToken() - throws HttpClientErrorException, InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { - String clientAssertion = pdndUtils.buildPdndClientAssertion(); - - MultiValueMap formData = new LinkedMultiValueMap<>(); - formData.add("grant_type", GRANT_TYPE); - formData.add("client_assertion_type", CLIENT_ASSERTION_TYPE); - formData.add("client_assertion", clientAssertion); - - HttpHeaders headers = new HttpHeaders(); - headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); - HttpEntity> request = new HttpEntity<>(formData, headers); - - return restTemplate.postForObject(pdndBaseUrl+"/token.oauth2", request, AccessTokenDTO.class); - } -} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java new file mode 100644 index 0000000..2eab6dd --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java @@ -0,0 +1,29 @@ +package it.gov.pagopa.payhub.pdnd.service; + +import com.nimbusds.jose.JOSEException; +import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; +import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; +import it.gov.pagopa.payhub.pdnd.model.PdndGenericConfig; +import java.io.IOException; +import java.security.NoSuchAlgorithmException; +import java.security.spec.InvalidKeySpecException; +import org.springframework.stereotype.Service; + +@Service +public class PdndService { + + private final PdndClientImpl pdndClientImpl; + private final PdndClientAssertionBuilderService pdndClientAssertionBuilderService; + + public PdndService(PdndClientImpl pdndClientImpl, + PdndClientAssertionBuilderService pdndClientAssertionBuilderService) { + this.pdndClientImpl = pdndClientImpl; + this.pdndClientAssertionBuilderService = pdndClientAssertionBuilderService; + } + + public String generateToken(PdndGenericConfig pdndGenericConfig) + throws InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { + String clientAssertion = pdndClientAssertionBuilderService.buildPdndClientAssertion(pdndGenericConfig); + return pdndClientImpl.getAccessToken(pdndGenericConfig.getClientId(), clientAssertion).getAccessToken(); + } +} diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 05b4dbe..9cfe347 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -20,8 +20,10 @@ app: base-url: "\${PDND_BASE_URL:https://auth.uat.interop.pagopa.it}" config: audience: "\${PDND_ACCESS_TOKEN_AUDIENCE:auth.uat.interop.pagopa.it/client-assertion}" - client-id: "\${PAGOPA_PDND_CONFIGURATION_CLIENT_ID:890b7ca9-b402-4dce-9e8d-9a333d22d76d}" - kid: "\${PAGOPA_PDND_CONFIGURATION_KID:jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8}" - purpose-id: "\${PAGOPA_PDND_CONFIGURATION_PURPOSE_ID:87520bd5-207a-4616-85d9-10d7bb3e88b8}" key: "\${PDND_PRIVATE_KEY:}" - publicKey: "\${PDND_PUBLIC_KEY:}" \ No newline at end of file + publicKey: "\${PDND_PUBLIC_KEY:}" + anpr: + config: + client-id: "\${PAGOPA_PDND_CONFIGURATION_CLIENT_ID:890b7ca9-b402-4dce-9e8d-9a333d22d76d}" + kid: "\${PAGOPA_PDND_CONFIGURATION_KID:jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8}" + purpose-id: "\${PAGOPA_PDND_CONFIGURATION_PURPOSE_ID:87520bd5-207a-4616-85d9-10d7bb3e88b8}" \ No newline at end of file diff --git a/src/main/resources/pdnd/pdnd-v1.yaml b/src/main/resources/pdnd/pdnd-v1.yaml new file mode 100644 index 0000000..5ceb454 --- /dev/null +++ b/src/main/resources/pdnd/pdnd-v1.yaml @@ -0,0 +1,210 @@ +openapi: 3.0.3 +info: + title: Interoperability Authorization Server Micro Service + description: Provides endpoints to request an interoperability token + version: '0.1.0' + contact: + name: API Support + url: 'http://www.example.com/support' + email: support@example.com + termsOfService: 'http://swagger.io/terms/' + x-api-id: an x-api-id + x-summary: an x-summary +servers: + - url: 'http://authorization-server' + description: Interoperability Authorization Server +tags: + - name: auth + description: Get security information + externalDocs: + description: Find out more + url: http://swagger.io + - name: health + description: Verify service status + externalDocs: + description: Find out more + url: http://swagger.io +paths: + '/token.oauth2': + post: + tags: + - auth + summary: Create a new access token + description: Return the generated access token + operationId: createToken + requestBody: + required: true + content: + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AccessTokenRequest' + responses: + '200': + description: The Access token + headers: + Cache-Control: + schema: + type: string + default: no-cache, no-store + description: no-cache, no-store + 'X-Rate-Limit-Limit': + schema: + type: integer + description: Max allowed requests within time interval + 'X-Rate-Limit-Remaining': + schema: + type: integer + description: Remaining requests within time interval + 'X-Rate-Limit-Interval': + schema: + type: integer + description: Time interval in milliseconds. Allowed requests will be constantly replenished during the interval. At the end of the interval the max allowed requests will be available + content: + application/json: + schema: + $ref: '#/components/schemas/ClientCredentialsResponse' + '400': + description: Bad request + x-noqa: RFC6749 + content: + application/json: + schema: + $ref: '#/components/schemas/Problem' + '401': + description: Unauthorized + x-noqa: RFC6749 + content: + application/json: + schema: + $ref: '#/components/schemas/Problem' + '429': + description: Too Many Requests + content: + application/json: + schema: + $ref: '#/components/schemas/Problem' + headers: + 'X-Rate-Limit-Limit': + schema: + type: integer + description: Max allowed requests within time interval + 'X-Rate-Limit-Remaining': + schema: + type: integer + description: Remaining requests within time interval + 'X-Rate-Limit-Interval': + schema: + type: integer + description: Time interval in milliseconds. Allowed requests will be constantly replenished during the interval. At the end of the interval the max allowed requests will be available + /status: + get: + security: [] + summary: Returns the application status + description: Returns the application status + operationId: get_status + tags: + - health + responses: + '200': + description: This is the valid status from the server. + content: + application/problem+json: + schema: + $ref: '#/components/schemas/Problem' +components: + schemas: + AccessTokenRequest: + type: object + required: + - client_assertion + - client_assertion_type + - grant_type + properties: + client_id: + type: string + example: e58035ce-c753-4f72-b613-46f8a17b71cc + client_assertion: + type: string + format: jws + client_assertion_type: + type: string + example: urn:ietf:params:oauth:client-assertion-type:jwt-bearer + grant_type: + type: string + enum: + - client_credentials + TokenType: + type: string + description: Represents the token type + enum: + - Bearer + ClientCredentialsResponse: + type: object + required: + - access_token + - token_type + - expires_in + properties: + access_token: + type: string + format: jws + token_type: + $ref: '#/components/schemas/TokenType' + expires_in: + type: integer + format: int32 + maximum: 600 + Problem: + properties: + type: + description: URI reference of type definition + type: string + status: + description: The HTTP status code generated by the origin server for this occurrence of the problem. + example: 400 + exclusiveMaximum: true + format: int32 + maximum: 600 + minimum: 100 + type: integer + title: + description: A short, summary of the problem type. Written in english and readable + example: Service Unavailable + maxLength: 64 + pattern: '^[ -~]{0,64}$' + type: string + detail: + description: A human readable explanation of the problem. + example: Request took too long to complete. + maxLength: 4096 + pattern: '^.{0,1024}$' + type: string + errors: + type: array + minItems: 0 + items: + $ref: '#/components/schemas/ProblemError' + additionalProperties: false + required: + - type + - status + - title + - errors + ProblemError: + properties: + code: + description: Internal code of the error + example: 123-4567 + minLength: 8 + maxLength: 8 + pattern: '^[0-9]{3}-[0-9]{4}$' + type: string + detail: + description: A human readable explanation specific to this occurrence of the problem. + example: Parameter not valid + maxLength: 4096 + pattern: '^.{0,1024}$' + type: string + required: + - code + - detail \ No newline at end of file diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java index 22d30a0..81baea7 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java @@ -1,11 +1,9 @@ package it.gov.pagopa.payhub.pdnd.service; -import static org.junit.jupiter.api.Assertions.*; - -import it.gov.pagopa.payhub.pdnd.dto.AccessTokenDTO; -import it.gov.pagopa.payhub.pdnd.utils.PdndUtils; +import it.gov.pagopa.payhub.pdnd.config.PdndConfig; +import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; +import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.InjectMocks; import org.mockito.Mock; @@ -13,8 +11,6 @@ import org.mockito.junit.jupiter.MockitoExtension; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.web.client.RestTemplateBuilder; -import org.springframework.http.HttpEntity; -import org.springframework.web.client.RestClientException; import org.springframework.web.client.RestTemplate; @ExtendWith(MockitoExtension.class) @@ -26,11 +22,14 @@ class PdndClientImplTest { @Mock private RestTemplate restTemplate; + @Mock + private PdndConfig pdndConfig; + @Mock private RestTemplateBuilder restTemplateBuilder; @Mock - private PdndUtils pdndUtils; + private PdndClientAssertionBuilderService pdndClientAssertionBuilderService; @Value("${app.pdnd.base-url}") private String pdndBaseUrl = "https://pdnd.it"; @@ -38,44 +37,7 @@ class PdndClientImplTest { @BeforeEach void setUp() { Mockito.when(restTemplateBuilder.build()).thenReturn(restTemplate); - pdndClient = new PdndClientImpl(restTemplateBuilder, pdndUtils, pdndBaseUrl); - } - - @Test - void whenGetAccessTokenThenSuccess() throws Exception { - // Given - String mockAssertion = "ASSERTION"; - AccessTokenDTO mockAccessToken = new AccessTokenDTO(); - mockAccessToken.setAccessToken("TOKEN"); - - // When - Mockito.when(pdndUtils.buildPdndClientAssertion()).thenReturn(mockAssertion); - Mockito.when(restTemplate.postForObject( - Mockito.eq(pdndBaseUrl + "/token.oauth2"), - Mockito.any(HttpEntity.class), - Mockito.eq(AccessTokenDTO.class) - )).thenReturn(mockAccessToken); - - // Then - AccessTokenDTO result = pdndClient.getAccessToken(); - assertEquals("TOKEN", result.getAccessToken()); + pdndClient = new PdndClientImpl(restTemplateBuilder, pdndBaseUrl); } - @Test - void whenGetAccessTokenThenException() throws Exception { - // Given - String mockAssertion = "ASSERTION"; - - // When - Mockito.when(pdndUtils.buildPdndClientAssertion()).thenReturn(mockAssertion); - Mockito.when(restTemplate.postForObject( - Mockito.eq(pdndBaseUrl + "/token.oauth2"), - Mockito.any(HttpEntity.class), - Mockito.eq(AccessTokenDTO.class) - )).thenThrow(new RestClientException("Error during HTTP request")); - - // Then - Exception exception = assertThrows(RestClientException.class, () -> pdndClient.getAccessToken()); - assertEquals("Error during HTTP request", exception.getMessage()); - } } \ No newline at end of file diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtilsTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtilsTest.java index 5d29876..cb8c633 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtilsTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtilsTest.java @@ -6,6 +6,7 @@ import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.SignedJWT; import it.gov.pagopa.payhub.pdnd.config.PdndConfig; +import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; import java.util.Date; import java.util.UUID; import org.junit.jupiter.api.Test; @@ -19,7 +20,7 @@ class PdndUtilsTest { @InjectMocks - private PdndUtils pdndUtils; + private PdndClientAssertionBuilderService pdndClientAssertionBuilderService; @Mock private PdndConfig pdndConfig; @@ -55,7 +56,7 @@ class PdndUtilsTest { -----END PRIVATE KEY----- """; - +/* @Test void whenBuildPdndClientAssertionThesVerify() throws Exception { // When @@ -65,7 +66,7 @@ void whenBuildPdndClientAssertionThesVerify() throws Exception { Mockito.when(pdndConfig.getKey()).thenReturn(pemKey); Mockito.when(pdndConfig.getKid()).thenReturn("KID"); - String token = pdndUtils.buildPdndClientAssertion(); + String token = pdndClientAssertionBuilderService.buildPdndClientAssertion(); // Then assertNotNull(token); @@ -83,7 +84,7 @@ void whenBuildPdndClientAssertionClaimsThenVerify() { Mockito.when(pdndConfig.getAudience()).thenReturn("AUDIENCE"); Mockito.when(pdndConfig.getPurposeId()).thenReturn("PURPOSEID"); // When - JWTClaimsSet claims = pdndUtils.buildPdndClientAssertionClaims(); + JWTClaimsSet claims = pdndClientAssertionBuilderService.buildPdndClientAssertionClaims(pdndConfig.getPurposeId()); // Then assertNotNull(claims); @@ -109,10 +110,11 @@ void whenSignPdndJWTThenVerify() throws Exception { .jwtID(UUID.randomUUID().toString()) .build(); - String signedJWT = pdndUtils.signPdndJWT(claims); + String signedJWT = pdndClientAssertionBuilderService.signPdndJWT(claims); SignedJWT parsedJWT = SignedJWT.parse(signedJWT); assertNotNull(parsedJWT); assertEquals("CLIENTID", parsedJWT.getJWTClaimsSet().getIssuer()); } + */ } \ No newline at end of file From 717efe0adc581aaaa2489bdf61bcfcf5c71f661e Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Fri, 22 Nov 2024 11:13:56 +0100 Subject: [PATCH 10/36] P4ADEV-1341 introduced cache token --- .../payhub/pdnd/service/PdndService.java | 24 +++++++++++++++---- .../pagopa/payhub/pdnd/utils/JWTUtils.java | 21 ++++++++++++++++ 2 files changed, 41 insertions(+), 4 deletions(-) create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtils.java diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java index 2eab6dd..7de2f3d 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java @@ -4,16 +4,21 @@ import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; import it.gov.pagopa.payhub.pdnd.model.PdndGenericConfig; +import it.gov.pagopa.payhub.pdnd.utils.JWTUtils; import java.io.IOException; import java.security.NoSuchAlgorithmException; import java.security.spec.InvalidKeySpecException; +import java.util.concurrent.ConcurrentHashMap; +import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Service; @Service +@Slf4j public class PdndService { private final PdndClientImpl pdndClientImpl; private final PdndClientAssertionBuilderService pdndClientAssertionBuilderService; + private final ConcurrentHashMap jwtCache = new ConcurrentHashMap<>(); public PdndService(PdndClientImpl pdndClientImpl, PdndClientAssertionBuilderService pdndClientAssertionBuilderService) { @@ -21,9 +26,20 @@ public PdndService(PdndClientImpl pdndClientImpl, this.pdndClientAssertionBuilderService = pdndClientAssertionBuilderService; } - public String generateToken(PdndGenericConfig pdndGenericConfig) - throws InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { - String clientAssertion = pdndClientAssertionBuilderService.buildPdndClientAssertion(pdndGenericConfig); - return pdndClientImpl.getAccessToken(pdndGenericConfig.getClientId(), clientAssertion).getAccessToken(); + public String generateToken(PdndGenericConfig pdndGenericConfig) { + return jwtCache.compute(pdndGenericConfig, (key, existingJwt) -> { + log.debug("Check cache for token exists and not expired"); + if(existingJwt == null || JWTUtils.isJWTExpired(existingJwt)) { + try { + log.debug("Token not present or expired, generate new one"); + String clientAssertion = pdndClientAssertionBuilderService.buildPdndClientAssertion(key); + return pdndClientImpl.getAccessToken(key.getClientId(), clientAssertion).getAccessToken(); + } catch (InvalidKeySpecException | NoSuchAlgorithmException | IOException | JOSEException e) { + throw new RuntimeException(e); + } + } + log.debug("Token is present in cache"); + return existingJwt; + }); } } diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtils.java b/src/main/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtils.java new file mode 100644 index 0000000..2953918 --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtils.java @@ -0,0 +1,21 @@ +package it.gov.pagopa.payhub.pdnd.utils; + +import com.auth0.jwt.JWT; +import com.auth0.jwt.exceptions.JWTDecodeException; +import com.auth0.jwt.interfaces.DecodedJWT; +import java.util.Date; + +public class JWTUtils { + private JWTUtils() { + } + + public static boolean isJWTExpired(String token) { + try { + DecodedJWT decodedJWT = JWT.decode(token); + Date expiresAt = decodedJWT.getExpiresAt(); + return expiresAt.before(new Date()); + } catch (JWTDecodeException e) { + throw new JWTDecodeException(e.getMessage()); + } + } +} From 3020f1689c1f52502c202ecb5c2fadb32540596b Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Fri, 22 Nov 2024 11:25:15 +0100 Subject: [PATCH 11/36] P4ADEV-1341 add JWTUtilsTest --- .../payhub/pdnd/utils/JWTUtilsTest.java | 42 +++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 src/test/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java new file mode 100644 index 0000000..5dc8829 --- /dev/null +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java @@ -0,0 +1,42 @@ +package it.gov.pagopa.payhub.pdnd.utils; + +import static org.junit.jupiter.api.Assertions.*; + +import com.auth0.jwt.JWT; +import com.auth0.jwt.exceptions.JWTDecodeException; +import java.util.Date; +import org.junit.jupiter.api.Test; + +class JWTUtilsTest { + + @Test + public void givenValidTokenWhenIsJWTExpiredThenTokenNotExpired() { + // Given + Date futureDate = new Date(System.currentTimeMillis() + 3600 * 1000); // 1 hour from now + String token = JWT.create() + .withExpiresAt(futureDate) + .sign(com.auth0.jwt.algorithms.Algorithm.HMAC256("secret")); + + // Then + assertFalse(JWTUtils.isJWTExpired(token)); + } + + @Test + public void givenExpiredTokenWhenIsJWTExpiredThenTokenExpired() { + // Given + Date pastDate = new Date(System.currentTimeMillis() - 3600 * 1000); // 1 hour ago + String token = JWT.create() + .withExpiresAt(pastDate) + .sign(com.auth0.jwt.algorithms.Algorithm.HMAC256("secret")); + // Then + assertTrue(JWTUtils.isJWTExpired(token)); + } + + @Test + public void givenInvalidTokenWhenIsJWTExpiredThenException() { + // Given + String invalidtoken = "INVALIDTOKEN"; + // Then + assertThrows(JWTDecodeException.class, () -> JWTUtils.isJWTExpired(invalidtoken)); + } +} \ No newline at end of file From 9f5c044e547450535296edfd3c5626691a23d846 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Fri, 22 Nov 2024 11:38:11 +0100 Subject: [PATCH 12/36] P4ADEV-1341 add excludes to codereview --- .github/workflows/codereview.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/codereview.yml b/.github/workflows/codereview.yml index 67f164f..0f4f1e7 100644 --- a/.github/workflows/codereview.yml +++ b/.github/workflows/codereview.yml @@ -46,3 +46,4 @@ jobs: -Dsonar.sources=src/main -Dsonar.tests=src/test -Dsonar.coverage.jacoco.xmlReportPaths=build/reports/jacoco/test/jacocoTestReport.xml + -Dsonar.exclusions='**/enums/**, **/model/**, **/dto/**, **/*Constant*, **/*Config.java, **/*Scheduler.java, **/*Application.java, **/src/test/**, **/Dummy*.java' From 9516cd068330ca81c00704d4865cc53a4a5a6b6f Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Fri, 22 Nov 2024 16:04:15 +0100 Subject: [PATCH 13/36] P4ADEV-1341 add unitTest --- build.gradle.kts | 4 + .../connector/pdnd/client/PdndClientImpl.java | 1 - ...PdndClientAssertionBuilderServiceTest.java | 73 +++++++++++ .../payhub/pdnd/utils/CertUtilsTest.java | 8 +- .../payhub/pdnd/utils/JWTUtilsTest.java | 6 +- .../payhub/pdnd/utils/PdndUtilsTest.java | 120 ------------------ 6 files changed, 84 insertions(+), 128 deletions(-) create mode 100644 src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java delete mode 100644 src/test/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtilsTest.java diff --git a/build.gradle.kts b/build.gradle.kts index 4f1b0cb..bb85b2a 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -35,6 +35,7 @@ val javaJwtVersion = "4.4.0" val jwksRsaVersion = "0.22.1" val nimbusJoseJwtVersion = "9.47" val jjwtVersion = "0.12.6" +val wiremockVersion = "3.9.2" dependencies { implementation("org.springframework.boot:spring-boot-starter") @@ -58,8 +59,11 @@ dependencies { // Testing testImplementation("org.springframework.boot:spring-boot-starter-test") testImplementation("org.springframework.security:spring-security-test") + testImplementation("org.junit.jupiter:junit-jupiter-api") + testImplementation("org.junit.jupiter:junit-jupiter-engine") testImplementation("org.mockito:mockito-core") testImplementation ("org.projectlombok:lombok") + testImplementation ("org.wiremock:wiremock-standalone:$wiremockVersion") } tasks.withType { diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClientImpl.java b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClientImpl.java index 27c2126..9b525a8 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClientImpl.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClientImpl.java @@ -18,7 +18,6 @@ public class PdndClientImpl implements PdndClient { public PdndClientImpl(RestTemplateBuilder restTemplateBuilder, @Value("${app.pdnd.base-url}") String pdndBaseUrl) { RestTemplate restTemplate = restTemplateBuilder.build(); - ApiClient apiClient = new ApiClient(restTemplate); apiClient.setBasePath(pdndBaseUrl); authApi = new AuthApi(apiClient); diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java new file mode 100644 index 0000000..bb53481 --- /dev/null +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java @@ -0,0 +1,73 @@ +package it.gov.pagopa.payhub.pdnd.connector.pdnd.service; + +import static org.junit.jupiter.api.Assertions.*; + +import it.gov.pagopa.payhub.pdnd.config.PdndConfig; +import it.gov.pagopa.payhub.pdnd.model.PdndGenericConfig; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; +import org.mockito.InjectMocks; +import org.mockito.Mock; +import org.mockito.Mockito; +import org.mockito.junit.jupiter.MockitoExtension; + +@ExtendWith(MockitoExtension.class) +class PdndClientAssertionBuilderServiceTest { + + + @Mock + private PdndConfig pdndConfig; + + @Mock + private PdndGenericConfig pdndGenericConfig; + + @InjectMocks + private PdndClientAssertionBuilderService pdndClientAssertionBuilderService; + + private String pemKey = """ + -----BEGIN PRIVATE KEY----- + MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCT5fdA/ZKoyLas + R5/kxfFm8KBz4v3i8k76Xd8j2vh8kBaapzn9hAHWJXOJ+GOUFOxkw1bnI2PUtZjj + tw49XrjcxQ37sOV407+B3ko49zZjNB97OPFQyZx9V3uNcBjKnM3UqNbcBwdIIlVW + Egt0Cao7gEGE1CKsaXpuZkofVgGo5f8K8IdETLJPFuspDTR4UPofDraL2HCxbsVx + dE0UBFXgB9vQmBMkPk27cz+Ze6j5wgSGME/A+YCCp1uvJqWK/uRfGxMRyVYInR5H + bDiI06iZwiLLW1Pf6gE3CCYSUw42VnPHODaitjJ6XLkolB5xsUprkttIg+UrRGSa + 9J3xg3gNAgMBAAECggEASKjRCS/KjntVK1xg1F7e0yjiWyyoeId8f4oApzfbni6X + vFDtr3vb/x4VHjJWkZiZ7oL9Pb7oO8cfnrf/Ge1gOq3gycdFZU/6JM5VfpkNMj2Y + Pcxi2cLCy91fyMPKmjfg81ojfKNDU4/yhr+EuvRImsTO63fgtP149aXxQmXZmOTu + TFjSNTRfvtMgHN0Em1PUgQxO8oUh3Djf5spjAJ/w+gVBSYsYSv5sOOi2H/qZSALZ + hc1t4GfzNKZuyG8FxNwH1SIVkKTYQnDhyiE9426tq6Kiuqvh2MspVJcRGpbaxgr2 + q++ZZrAl60ma5U2hUEgG5oLGjyrgQjEyroZhEokgLQKBgQDKIeAJ/FYdEX4cvHhS + kuUpHQjpZtwOwC+vr4ojudpjLDOTTdkFXzd7jeCmjp4r1/arRxx1KZWP0fxlUEov + 0LDiaU0zBeol/q0ayq5XnhJNVngCyKjQQ+Np1eIGTIIGOkAm8LlnEsvlQLbuOYZ4 + eeeplBW3h321MFKgch7IyqBb5wKBgQC7UBG/ypw6RWPUOHYdtY1nLCQQJjvKCOMT + DolkFB2UUuNfNGK6PDUL9KbPIsrHJLw0oGoqQyBkInVMG5jJb/bHdH0spiKGn51u + orMk/xsA990Kqt+DT1Z5fEpoPchGMc529JR5h43n1n5s8/6jyDa5JNLFnS9xKZTm + IvV/Nayt6wKBgGxpSs5QRqeEkE09UJOJMduhNPxqLLDEp07lKYQL1HPIa0kgQbu9 + 2/YqnEj4ySDezfADTeIREaR3jZWRQJjwp05oB/3LuE/0jkeGWYeowkw0il2D3fcF + 0l0bWATk2AAbEflQtz/vNuiYkwSmWdcYGwY65ILw6p1Zc5eWXah39RYVAoGAI93Y + GDZupcXFsMxC6btq4ReVrDX1+uCqwmplKnGjnFQmz4MTaH/A1JI7IqyR0YIaO6V/ + zqnd2O60MSeToPa8dUK7+UGymL6VgarLzMjAXfYYMEO52sXlVAvVn5I8+BvvYd3B + VGf9ZyguOySZXLkoqVkAtvA7Nlr09QA6q+oWL5MCgYAsLS2PEMY/HMR1Z5P/uMxw + q7eQ7K3YYKcJpbM2da7r38UaZc/HhtiaU/XOdTnT/M/eF4hoW0yxO5YKfgurgosz + OjAnn7+Ed5S5Sh8E4EHUGCcawErZEZCtlsns0fNPGfNjadZAjq0X+5VP1EVXca0B + VrSp9ZTif3cvyxNTOogbgA== + -----END PRIVATE KEY----- + """; + + @Test + void givenValidPDNDConfigWhenBuildPdndClientAssertionThenVerifyToken() throws Exception { + // Given + Mockito.when(pdndConfig.getAudience()).thenReturn("AUDIENCE"); + Mockito.when(pdndConfig.getKey()).thenReturn(pemKey); + + Mockito.when(pdndGenericConfig.getClientId()).thenReturn("CLIENTID"); + Mockito.when(pdndGenericConfig.getPurposeId()).thenReturn("PURPOSEID"); + Mockito.when(pdndGenericConfig.getKid()).thenReturn("KID"); + // When + String token = pdndClientAssertionBuilderService.buildPdndClientAssertion(pdndGenericConfig); + + // Then + assertNotNull(token); + } +} \ No newline at end of file diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/utils/CertUtilsTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/CertUtilsTest.java index f1f7458..025f2fa 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/utils/CertUtilsTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/CertUtilsTest.java @@ -11,7 +11,7 @@ class CertUtilsTest { @Test - void whenPemKey2PrivateKeyThenValidKey() throws InvalidKeySpecException, NoSuchAlgorithmException, IOException { + void givenValidPrivateKeyWhenPemKey2PrivateKeyThenValidKey() throws InvalidKeySpecException, NoSuchAlgorithmException, IOException { // Given String pemKey = """ -----BEGIN PRIVATE KEY----- @@ -53,7 +53,7 @@ void whenPemKey2PrivateKeyThenValidKey() throws InvalidKeySpecException, NoSuchA } @Test - void whenPemKey2PrivateKeyThenInvalidKey() { + void givenInvalidPrivateKeyWhenPemKey2PrivateKeyThenInvalidKey() { // Given String invalidPemKey = """ -----BEGIN PRIVATE KEY----- @@ -66,7 +66,7 @@ void whenPemKey2PrivateKeyThenInvalidKey() { } @Test - void whenPemKey2PrivateKeyThenNullKey() { + void givenNullPrivateKeyWhenPemKey2PrivateKeyThenNullKey() { // Given String nullKey = null; @@ -75,7 +75,7 @@ void whenPemKey2PrivateKeyThenNullKey() { } @Test - void whenExtractInlinePemBodyThenValidPem() { + void givenValidPemWhenExtractInlinePemBodyThenValidPem() { // Given String pemKey = """ -----BEGIN PRIVATE KEY----- diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java index 5dc8829..6603edd 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java @@ -10,7 +10,7 @@ class JWTUtilsTest { @Test - public void givenValidTokenWhenIsJWTExpiredThenTokenNotExpired() { + void givenValidTokenWhenIsJWTExpiredThenTokenNotExpired() { // Given Date futureDate = new Date(System.currentTimeMillis() + 3600 * 1000); // 1 hour from now String token = JWT.create() @@ -22,7 +22,7 @@ public void givenValidTokenWhenIsJWTExpiredThenTokenNotExpired() { } @Test - public void givenExpiredTokenWhenIsJWTExpiredThenTokenExpired() { + void givenExpiredTokenWhenIsJWTExpiredThenTokenExpired() { // Given Date pastDate = new Date(System.currentTimeMillis() - 3600 * 1000); // 1 hour ago String token = JWT.create() @@ -33,7 +33,7 @@ public void givenExpiredTokenWhenIsJWTExpiredThenTokenExpired() { } @Test - public void givenInvalidTokenWhenIsJWTExpiredThenException() { + void givenInvalidTokenWhenIsJWTExpiredThenException() { // Given String invalidtoken = "INVALIDTOKEN"; // Then diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtilsTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtilsTest.java deleted file mode 100644 index cb8c633..0000000 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/utils/PdndUtilsTest.java +++ /dev/null @@ -1,120 +0,0 @@ -package it.gov.pagopa.payhub.pdnd.utils; - -import static org.junit.jupiter.api.Assertions.*; -import static org.mockito.Mockito.times; - -import com.nimbusds.jwt.JWTClaimsSet; -import com.nimbusds.jwt.SignedJWT; -import it.gov.pagopa.payhub.pdnd.config.PdndConfig; -import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; -import java.util.Date; -import java.util.UUID; -import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.extension.ExtendWith; -import org.mockito.InjectMocks; -import org.mockito.Mock; -import org.mockito.Mockito; -import org.mockito.junit.jupiter.MockitoExtension; - -@ExtendWith(MockitoExtension.class) -class PdndUtilsTest { - - @InjectMocks - private PdndClientAssertionBuilderService pdndClientAssertionBuilderService; - - @Mock - private PdndConfig pdndConfig; - - private String pemKey = """ ------BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCT5fdA/ZKoyLas -R5/kxfFm8KBz4v3i8k76Xd8j2vh8kBaapzn9hAHWJXOJ+GOUFOxkw1bnI2PUtZjj -tw49XrjcxQ37sOV407+B3ko49zZjNB97OPFQyZx9V3uNcBjKnM3UqNbcBwdIIlVW -Egt0Cao7gEGE1CKsaXpuZkofVgGo5f8K8IdETLJPFuspDTR4UPofDraL2HCxbsVx -dE0UBFXgB9vQmBMkPk27cz+Ze6j5wgSGME/A+YCCp1uvJqWK/uRfGxMRyVYInR5H -bDiI06iZwiLLW1Pf6gE3CCYSUw42VnPHODaitjJ6XLkolB5xsUprkttIg+UrRGSa -9J3xg3gNAgMBAAECggEASKjRCS/KjntVK1xg1F7e0yjiWyyoeId8f4oApzfbni6X -vFDtr3vb/x4VHjJWkZiZ7oL9Pb7oO8cfnrf/Ge1gOq3gycdFZU/6JM5VfpkNMj2Y -Pcxi2cLCy91fyMPKmjfg81ojfKNDU4/yhr+EuvRImsTO63fgtP149aXxQmXZmOTu -TFjSNTRfvtMgHN0Em1PUgQxO8oUh3Djf5spjAJ/w+gVBSYsYSv5sOOi2H/qZSALZ -hc1t4GfzNKZuyG8FxNwH1SIVkKTYQnDhyiE9426tq6Kiuqvh2MspVJcRGpbaxgr2 -q++ZZrAl60ma5U2hUEgG5oLGjyrgQjEyroZhEokgLQKBgQDKIeAJ/FYdEX4cvHhS -kuUpHQjpZtwOwC+vr4ojudpjLDOTTdkFXzd7jeCmjp4r1/arRxx1KZWP0fxlUEov -0LDiaU0zBeol/q0ayq5XnhJNVngCyKjQQ+Np1eIGTIIGOkAm8LlnEsvlQLbuOYZ4 -eeeplBW3h321MFKgch7IyqBb5wKBgQC7UBG/ypw6RWPUOHYdtY1nLCQQJjvKCOMT -DolkFB2UUuNfNGK6PDUL9KbPIsrHJLw0oGoqQyBkInVMG5jJb/bHdH0spiKGn51u -orMk/xsA990Kqt+DT1Z5fEpoPchGMc529JR5h43n1n5s8/6jyDa5JNLFnS9xKZTm -IvV/Nayt6wKBgGxpSs5QRqeEkE09UJOJMduhNPxqLLDEp07lKYQL1HPIa0kgQbu9 -2/YqnEj4ySDezfADTeIREaR3jZWRQJjwp05oB/3LuE/0jkeGWYeowkw0il2D3fcF -0l0bWATk2AAbEflQtz/vNuiYkwSmWdcYGwY65ILw6p1Zc5eWXah39RYVAoGAI93Y -GDZupcXFsMxC6btq4ReVrDX1+uCqwmplKnGjnFQmz4MTaH/A1JI7IqyR0YIaO6V/ -zqnd2O60MSeToPa8dUK7+UGymL6VgarLzMjAXfYYMEO52sXlVAvVn5I8+BvvYd3B -VGf9ZyguOySZXLkoqVkAtvA7Nlr09QA6q+oWL5MCgYAsLS2PEMY/HMR1Z5P/uMxw -q7eQ7K3YYKcJpbM2da7r38UaZc/HhtiaU/XOdTnT/M/eF4hoW0yxO5YKfgurgosz -OjAnn7+Ed5S5Sh8E4EHUGCcawErZEZCtlsns0fNPGfNjadZAjq0X+5VP1EVXca0B -VrSp9ZTif3cvyxNTOogbgA== ------END PRIVATE KEY----- - """; - -/* - @Test - void whenBuildPdndClientAssertionThesVerify() throws Exception { - // When - Mockito.when(pdndConfig.getClientId()).thenReturn("CLIENTID"); - Mockito.when(pdndConfig.getAudience()).thenReturn("AUDIENCE"); - Mockito.when(pdndConfig.getPurposeId()).thenReturn("PURPOSEID"); - Mockito.when(pdndConfig.getKey()).thenReturn(pemKey); - Mockito.when(pdndConfig.getKid()).thenReturn("KID"); - - String token = pdndClientAssertionBuilderService.buildPdndClientAssertion(); - - // Then - assertNotNull(token); - Mockito.verify(pdndConfig, times(2)).getClientId(); - Mockito.verify(pdndConfig).getAudience(); - Mockito.verify(pdndConfig).getPurposeId(); - Mockito.verify(pdndConfig).getKey(); - Mockito.verify(pdndConfig).getKid(); - } - - @Test - void whenBuildPdndClientAssertionClaimsThenVerify() { - // Given - Mockito.when(pdndConfig.getClientId()).thenReturn("CLIENTID"); - Mockito.when(pdndConfig.getAudience()).thenReturn("AUDIENCE"); - Mockito.when(pdndConfig.getPurposeId()).thenReturn("PURPOSEID"); - // When - JWTClaimsSet claims = pdndClientAssertionBuilderService.buildPdndClientAssertionClaims(pdndConfig.getPurposeId()); - - // Then - assertNotNull(claims); - assertEquals("CLIENTID", claims.getIssuer()); - assertEquals("CLIENTID", claims.getSubject()); - assertEquals("AUDIENCE", claims.getAudience().get(0)); - assertEquals("PURPOSEID", claims.getClaim("purposeId")); - assertNotNull(claims.getIssueTime()); - assertNotNull(claims.getExpirationTime()); - assertNotNull(claims.getJWTID()); - } - - @Test - void whenSignPdndJWTThenVerify() throws Exception { - Mockito.when(pdndConfig.getKey()).thenReturn(pemKey); - - JWTClaimsSet claims = new JWTClaimsSet.Builder() - .issuer("CLIENTID") - .subject("SUBJECT") - .audience("AUDIENCE") - .issueTime(new Date()) - .expirationTime(new Date(System.currentTimeMillis() + 300000)) - .jwtID(UUID.randomUUID().toString()) - .build(); - - String signedJWT = pdndClientAssertionBuilderService.signPdndJWT(claims); - - SignedJWT parsedJWT = SignedJWT.parse(signedJWT); - assertNotNull(parsedJWT); - assertEquals("CLIENTID", parsedJWT.getJWTClaimsSet().getIssuer()); - } - */ -} \ No newline at end of file From 7bc0622d1f211b6ec291cacbee6b4ea3302e35b8 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Fri, 22 Nov 2024 16:40:47 +0100 Subject: [PATCH 14/36] P4ADEV-1341 add PdndServiceTest --- .../custom/JwtClaimBuildException.java | 7 ++ .../payhub/pdnd/service/PdndService.java | 3 +- ...PdndClientAssertionBuilderServiceTest.java | 2 +- .../payhub/pdnd/service/PdndServiceTest.java | 99 +++++++++++++++++++ 4 files changed, 109 insertions(+), 2 deletions(-) create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/exception/custom/JwtClaimBuildException.java create mode 100644 src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/exception/custom/JwtClaimBuildException.java b/src/main/java/it/gov/pagopa/payhub/pdnd/exception/custom/JwtClaimBuildException.java new file mode 100644 index 0000000..de28a98 --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/exception/custom/JwtClaimBuildException.java @@ -0,0 +1,7 @@ +package it.gov.pagopa.payhub.pdnd.exception.custom; + +public class JwtClaimBuildException extends RuntimeException { + public JwtClaimBuildException(String message, Throwable cause) { + super(message, cause); + } +} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java index 7de2f3d..4492cbd 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java @@ -3,6 +3,7 @@ import com.nimbusds.jose.JOSEException; import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; +import it.gov.pagopa.payhub.pdnd.exception.custom.JwtClaimBuildException; import it.gov.pagopa.payhub.pdnd.model.PdndGenericConfig; import it.gov.pagopa.payhub.pdnd.utils.JWTUtils; import java.io.IOException; @@ -35,7 +36,7 @@ public String generateToken(PdndGenericConfig pdndGenericConfig) { String clientAssertion = pdndClientAssertionBuilderService.buildPdndClientAssertion(key); return pdndClientImpl.getAccessToken(key.getClientId(), clientAssertion).getAccessToken(); } catch (InvalidKeySpecException | NoSuchAlgorithmException | IOException | JOSEException e) { - throw new RuntimeException(e); + throw new JwtClaimBuildException("Error building JWT claims", e); } } log.debug("Token is present in cache"); diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java index bb53481..6f95241 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java @@ -66,7 +66,7 @@ void givenValidPDNDConfigWhenBuildPdndClientAssertionThenVerifyToken() throws Ex Mockito.when(pdndGenericConfig.getKid()).thenReturn("KID"); // When String token = pdndClientAssertionBuilderService.buildPdndClientAssertion(pdndGenericConfig); - + // Then assertNotNull(token); } diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java new file mode 100644 index 0000000..06ceead --- /dev/null +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java @@ -0,0 +1,99 @@ +package it.gov.pagopa.payhub.pdnd.service; + +import static org.junit.jupiter.api.Assertions.*; + +import com.nimbusds.jose.JOSEException; +import it.gov.pagopa.common.pdnd.generated.dto.ClientCredentialsResponseDTO; +import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; +import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; +import it.gov.pagopa.payhub.pdnd.exception.custom.JwtClaimBuildException; +import it.gov.pagopa.payhub.pdnd.model.PdndGenericConfig; +import it.gov.pagopa.payhub.pdnd.utils.JWTUtils; +import java.io.IOException; +import java.security.NoSuchAlgorithmException; +import java.security.spec.InvalidKeySpecException; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; +import org.mockito.Mock; +import org.mockito.Mockito; +import org.mockito.junit.jupiter.MockitoExtension; + +@ExtendWith(MockitoExtension.class) +class PdndServiceTest { + + @Mock + private PdndClientImpl pdndClientImpl; + + @Mock + private PdndClientAssertionBuilderService pdndClientAssertionBuilderService; + + private PdndService pdndService; + + @BeforeEach + void setUp() { + pdndService = new PdndService(pdndClientImpl, pdndClientAssertionBuilderService); + } + + @Test + void givenValidConfigWhenGenerateTokenThenGeneratesNewToken() throws Exception { + // Given + PdndGenericConfig config = Mockito.mock(PdndGenericConfig.class); + String clientId = "CLIENTID"; + String clientAssertion = "ASSERTION"; + ClientCredentialsResponseDTO newAccessToken = new ClientCredentialsResponseDTO(); + + // When + Mockito.when(config.getClientId()).thenReturn(clientId); + Mockito.when(pdndClientAssertionBuilderService.buildPdndClientAssertion(config)).thenReturn(clientAssertion); + Mockito.when(pdndClientImpl.getAccessToken(clientId, clientAssertion)) + .thenReturn(newAccessToken); + + String token = pdndService.generateToken(config); + + // Then + assertEquals(newAccessToken.getAccessToken(), token); + Mockito.verify(pdndClientAssertionBuilderService, Mockito.times(1)).buildPdndClientAssertion(config); + Mockito.verify(pdndClientImpl, Mockito.times(1)).getAccessToken(clientId, clientAssertion); + } + + @Test + void givenValidConfigWhenGenerateTokenThenReturnCachedToken() + throws InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { + // Given + PdndGenericConfig config = Mockito.mock(PdndGenericConfig.class); + String clientAssertion = "ASSERTION"; + String clientId = "CLIENTID"; + ClientCredentialsResponseDTO cachedToken = new ClientCredentialsResponseDTO(); + cachedToken.setAccessToken("CACHEDTOKEN"); + + // When + Mockito.when(config.getClientId()).thenReturn(clientId); + Mockito.mockStatic(JWTUtils.class).when(() -> JWTUtils.isJWTExpired(cachedToken.getAccessToken())).thenReturn(false); + Mockito.when(pdndClientAssertionBuilderService.buildPdndClientAssertion(config)).thenReturn(clientAssertion); + Mockito.when(pdndClientImpl.getAccessToken(clientId, clientAssertion)) + .thenReturn(cachedToken); + String token = pdndService.generateToken(config); + + // Then + assertEquals(cachedToken.getAccessToken(), token); + } + + @Test + void givenInvalidAssertionWhenGenerateTokenThenException() throws Exception { + // Given + PdndGenericConfig config = Mockito.mock(PdndGenericConfig.class); + // When + Mockito.when(pdndClientAssertionBuilderService.buildPdndClientAssertion(config)) + .thenThrow(new InvalidKeySpecException("Key spec error")); + + // Then + JwtClaimBuildException exception = assertThrows(JwtClaimBuildException.class, () -> { + pdndService.generateToken(config); + }); + + assertEquals("Error building JWT claims", exception.getMessage()); + assertInstanceOf(InvalidKeySpecException.class, exception.getCause()); + } + +} \ No newline at end of file From 19c2570ec04e22d2913dda9c545664da8515fa8c Mon Sep 17 00:00:00 2001 From: LarissaASLeite Date: Fri, 22 Nov 2024 17:24:03 +0100 Subject: [PATCH 15/36] P4ADEV-1341_retrievePDNDAccessToken --- .../java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java index 6603edd..2f73182 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java @@ -5,10 +5,17 @@ import com.auth0.jwt.JWT; import com.auth0.jwt.exceptions.JWTDecodeException; import java.util.Date; + +import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; class JWTUtilsTest { + @BeforeEach + void init(){ + System.clearProperty("jwt"); + } + @Test void givenValidTokenWhenIsJWTExpiredThenTokenNotExpired() { // Given From 94f943cb7753cea068839b8c4ec5c8b31c1a9ee3 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Fri, 22 Nov 2024 17:30:11 +0100 Subject: [PATCH 16/36] P4ADEV-1341 fix PdndServiceTest --- .../it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java index 06ceead..46f89f1 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java @@ -16,6 +16,7 @@ import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.Mock; +import org.mockito.MockedStatic; import org.mockito.Mockito; import org.mockito.junit.jupiter.MockitoExtension; @@ -68,8 +69,9 @@ void givenValidConfigWhenGenerateTokenThenReturnCachedToken() cachedToken.setAccessToken("CACHEDTOKEN"); // When + MockedStatic mockedStatic = Mockito.mockStatic(JWTUtils.class); Mockito.when(config.getClientId()).thenReturn(clientId); - Mockito.mockStatic(JWTUtils.class).when(() -> JWTUtils.isJWTExpired(cachedToken.getAccessToken())).thenReturn(false); + mockedStatic.when(() -> JWTUtils.isJWTExpired(cachedToken.getAccessToken())).thenReturn(false); Mockito.when(pdndClientAssertionBuilderService.buildPdndClientAssertion(config)).thenReturn(clientAssertion); Mockito.when(pdndClientImpl.getAccessToken(clientId, clientAssertion)) .thenReturn(cachedToken); @@ -77,6 +79,7 @@ void givenValidConfigWhenGenerateTokenThenReturnCachedToken() // Then assertEquals(cachedToken.getAccessToken(), token); + mockedStatic.close(); } @Test From b441102f51472025e686081b99827c556f8db28c Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Fri, 22 Nov 2024 17:32:34 +0100 Subject: [PATCH 17/36] P4ADEV-1341 fix PdndServiceTest --- .../java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java | 7 ------- 1 file changed, 7 deletions(-) diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java index 2f73182..6603edd 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/utils/JWTUtilsTest.java @@ -5,17 +5,10 @@ import com.auth0.jwt.JWT; import com.auth0.jwt.exceptions.JWTDecodeException; import java.util.Date; - -import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; class JWTUtilsTest { - @BeforeEach - void init(){ - System.clearProperty("jwt"); - } - @Test void givenValidTokenWhenIsJWTExpiredThenTokenNotExpired() { // Given From 08fde8a4a60ea83c3fcbcd123afe53580d5dbb5a Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Fri, 22 Nov 2024 17:40:52 +0100 Subject: [PATCH 18/36] P4ADEV-1341 fix PdndServiceTest --- .../payhub/pdnd/service/PdndServiceTest.java | 23 ------------------- 1 file changed, 23 deletions(-) diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java index 46f89f1..434fcee 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java @@ -58,29 +58,6 @@ void givenValidConfigWhenGenerateTokenThenGeneratesNewToken() throws Exception { Mockito.verify(pdndClientImpl, Mockito.times(1)).getAccessToken(clientId, clientAssertion); } - @Test - void givenValidConfigWhenGenerateTokenThenReturnCachedToken() - throws InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { - // Given - PdndGenericConfig config = Mockito.mock(PdndGenericConfig.class); - String clientAssertion = "ASSERTION"; - String clientId = "CLIENTID"; - ClientCredentialsResponseDTO cachedToken = new ClientCredentialsResponseDTO(); - cachedToken.setAccessToken("CACHEDTOKEN"); - - // When - MockedStatic mockedStatic = Mockito.mockStatic(JWTUtils.class); - Mockito.when(config.getClientId()).thenReturn(clientId); - mockedStatic.when(() -> JWTUtils.isJWTExpired(cachedToken.getAccessToken())).thenReturn(false); - Mockito.when(pdndClientAssertionBuilderService.buildPdndClientAssertion(config)).thenReturn(clientAssertion); - Mockito.when(pdndClientImpl.getAccessToken(clientId, clientAssertion)) - .thenReturn(cachedToken); - String token = pdndService.generateToken(config); - - // Then - assertEquals(cachedToken.getAccessToken(), token); - mockedStatic.close(); - } @Test void givenInvalidAssertionWhenGenerateTokenThenException() throws Exception { From cf54c2fec5adf254475698b7aba63757100f2ed8 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Fri, 22 Nov 2024 17:50:55 +0100 Subject: [PATCH 19/36] P4ADEV-1341 fix PdndServiceTest and Dockerfile --- Dockerfile | 4 +++- .../payhub/pdnd/service/PdndService.java | 2 +- .../payhub/pdnd/service/PdndServiceTest.java | 19 ++++++++++++++++--- 3 files changed, 20 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index ee3557a..64ddf9c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -101,7 +101,9 @@ RUN mkdir -p src/main/java && \ USER ${APP_USER} -RUN gradle openApiGenerate dependencies --no-daemon +RUN gradle openApiGeneratePayhub dependencies --no-daemon + +RUN gradle openApiGeneratePdndClient dependencies --no-daemon # # 🏗️ Build Stage diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java index 4492cbd..9b8b1e0 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java @@ -19,7 +19,7 @@ public class PdndService { private final PdndClientImpl pdndClientImpl; private final PdndClientAssertionBuilderService pdndClientAssertionBuilderService; - private final ConcurrentHashMap jwtCache = new ConcurrentHashMap<>(); + protected final ConcurrentHashMap jwtCache = new ConcurrentHashMap<>(); public PdndService(PdndClientImpl pdndClientImpl, PdndClientAssertionBuilderService pdndClientAssertionBuilderService) { diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java index 434fcee..2ca16a5 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java @@ -2,15 +2,12 @@ import static org.junit.jupiter.api.Assertions.*; -import com.nimbusds.jose.JOSEException; import it.gov.pagopa.common.pdnd.generated.dto.ClientCredentialsResponseDTO; import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; import it.gov.pagopa.payhub.pdnd.exception.custom.JwtClaimBuildException; import it.gov.pagopa.payhub.pdnd.model.PdndGenericConfig; import it.gov.pagopa.payhub.pdnd.utils.JWTUtils; -import java.io.IOException; -import java.security.NoSuchAlgorithmException; import java.security.spec.InvalidKeySpecException; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; @@ -58,6 +55,22 @@ void givenValidConfigWhenGenerateTokenThenGeneratesNewToken() throws Exception { Mockito.verify(pdndClientImpl, Mockito.times(1)).getAccessToken(clientId, clientAssertion); } + @Test + void givenTokenInCacheWhenGenerateTokenThenReturnCachedToken() { + // Given + PdndGenericConfig config = Mockito.mock(PdndGenericConfig.class); + String cachedToken = "CACHED_TOKEN"; + pdndService.jwtCache.put(config, cachedToken); + + try (MockedStatic mockedStatic = Mockito.mockStatic(JWTUtils.class)) { + // When + mockedStatic.when(() -> JWTUtils.isJWTExpired(cachedToken)).thenReturn(false); + String token = pdndService.generateToken(config); + + // Then + assertEquals(cachedToken, token); + } + } @Test void givenInvalidAssertionWhenGenerateTokenThenException() throws Exception { From 3ff7eca6ece7320fa3d708c91089bebff03af8dc Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Fri, 22 Nov 2024 18:08:16 +0100 Subject: [PATCH 20/36] P4ADEV-1341 fix Dockerfile --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index 64ddf9c..50b3bd1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -93,6 +93,7 @@ WORKDIR /build COPY --chown=${APP_USER}:${APP_GROUP} build.gradle.kts settings.gradle.kts ./ COPY --chown=${APP_USER}:${APP_GROUP} gradle.lockfile ./ COPY --chown=${APP_USER}:${APP_GROUP} openapi openapi/ +COPY --chown=${APP_USER}:${APP_GROUP} src/main/resources src/main/resources # Generate OpenAPI stubs and download dependencies RUN mkdir -p src/main/java && \ From 4b5d6fab8a97dddf02d5f278fb2f4749b9f3d7fe Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Fri, 22 Nov 2024 20:05:23 +0100 Subject: [PATCH 21/36] P4ADEV-1341 add PdndClientImplTest --- build.gradle.kts | 4 +- .../pdnd/service/PdndClientImplTest.java | 59 +++++++++++-------- .../pdnd/mappings/pdndPostAccessToken.json | 25 ++++++++ 3 files changed, 60 insertions(+), 28 deletions(-) create mode 100644 src/test/resources/wiremock/pdnd/mappings/pdndPostAccessToken.json diff --git a/build.gradle.kts b/build.gradle.kts index bb85b2a..eed0416 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -36,6 +36,7 @@ val jwksRsaVersion = "0.22.1" val nimbusJoseJwtVersion = "9.47" val jjwtVersion = "0.12.6" val wiremockVersion = "3.9.2" +val wiremockSpringBootVersion = "2.1.3" dependencies { implementation("org.springframework.boot:spring-boot-starter") @@ -59,11 +60,10 @@ dependencies { // Testing testImplementation("org.springframework.boot:spring-boot-starter-test") testImplementation("org.springframework.security:spring-security-test") - testImplementation("org.junit.jupiter:junit-jupiter-api") - testImplementation("org.junit.jupiter:junit-jupiter-engine") testImplementation("org.mockito:mockito-core") testImplementation ("org.projectlombok:lombok") testImplementation ("org.wiremock:wiremock-standalone:$wiremockVersion") + testImplementation ("com.maciejwalkowiak.spring:wiremock-spring-boot:$wiremockSpringBootVersion") } tasks.withType { diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java index 81baea7..b269166 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java @@ -1,43 +1,50 @@ package it.gov.pagopa.payhub.pdnd.service; -import it.gov.pagopa.payhub.pdnd.config.PdndConfig; +import com.github.tomakehurst.wiremock.WireMockServer; +import com.maciejwalkowiak.wiremock.spring.ConfigureWireMock; +import com.maciejwalkowiak.wiremock.spring.EnableWireMock; +import com.maciejwalkowiak.wiremock.spring.InjectWireMock; +import it.gov.pagopa.common.pdnd.generated.dto.ClientCredentialsResponseDTO; import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; -import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; +import org.junit.jupiter.api.Assertions; import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.extension.ExtendWith; -import org.mockito.InjectMocks; -import org.mockito.Mock; -import org.mockito.Mockito; -import org.mockito.junit.jupiter.MockitoExtension; -import org.springframework.beans.factory.annotation.Value; +import org.junit.jupiter.api.Test; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.context.properties.EnableConfigurationProperties; +import org.springframework.boot.test.context.SpringBootTest; import org.springframework.boot.web.client.RestTemplateBuilder; -import org.springframework.web.client.RestTemplate; -@ExtendWith(MockitoExtension.class) +@SpringBootTest +@EnableWireMock({ + @ConfigureWireMock(name = "pdnd") +}) +@EnableConfigurationProperties class PdndClientImplTest { - @InjectMocks - private PdndClientImpl pdndClient; + @Autowired + private RestTemplateBuilder restTemplateBuilder; - @Mock - private RestTemplate restTemplate; + @InjectWireMock(value = "pdnd") + private WireMockServer wireMockServer; - @Mock - private PdndConfig pdndConfig; + private PdndClientImpl pdndClient; - @Mock - private RestTemplateBuilder restTemplateBuilder; + @BeforeEach + void setup() { + pdndClient = new PdndClientImpl(restTemplateBuilder, wireMockServer.baseUrl()); + } - @Mock - private PdndClientAssertionBuilderService pdndClientAssertionBuilderService; + @Test + void givenValidInputsWhenGetAccessTokenThenReturnResponse() { + // Given + String clientId = "CLIENTID"; + String assertions = "ASSERTION"; - @Value("${app.pdnd.base-url}") - private String pdndBaseUrl = "https://pdnd.it"; + // When + ClientCredentialsResponseDTO response = pdndClient.getAccessToken(clientId, assertions); - @BeforeEach - void setUp() { - Mockito.when(restTemplateBuilder.build()).thenReturn(restTemplate); - pdndClient = new PdndClientImpl(restTemplateBuilder, pdndBaseUrl); + // Then + Assertions.assertEquals("PDND_ACCESS_TOKEN", response.getAccessToken()); } } \ No newline at end of file diff --git a/src/test/resources/wiremock/pdnd/mappings/pdndPostAccessToken.json b/src/test/resources/wiremock/pdnd/mappings/pdndPostAccessToken.json new file mode 100644 index 0000000..a957d6f --- /dev/null +++ b/src/test/resources/wiremock/pdnd/mappings/pdndPostAccessToken.json @@ -0,0 +1,25 @@ +{ + "request": { + "method": "POST", + "urlPathPattern": "/token.oauth2", + "headers": { + "Content-Type": { + "contains": "application/x-www-form-urlencoded;charset=UTF-8" + } + }, + "bodyPatterns": [{ + "matches": "client_id=CLIENTID&client_assertion=ASSERTION&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&grant_type=client_credentials" + }] + }, + "response": { + "status": "200", + "jsonBody": { + "access_token": "PDND_ACCESS_TOKEN", + "expires_in": 600, + "token_type": "Bearer" + }, + "headers": { + "Content-Type": "application/json" + } + } +} \ No newline at end of file From 0504483f93bbbc448bc4df755b88a494f738a09a Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Mon, 25 Nov 2024 17:04:03 +0100 Subject: [PATCH 22/36] P4ADEV-1341 add RestTemplateConfig and resolve pr requests --- build.gradle.kts | 4 ++-- .../pagopa/payhub/pdnd/config/AnprConfig.java | 3 +-- .../PdndBaseServiceIntegratedConfig.java} | 4 ++-- .../pagopa/payhub/pdnd/config/PdndConfig.java | 2 +- .../pdnd/config/RestTemplateConfig.java | 21 +++++++++++++++++++ .../connector/pdnd/client/PdndClient.java | 2 +- .../connector/pdnd/client/PdndClientImpl.java | 4 ++-- .../PdndClientAssertionBuilderService.java | 11 +++++----- .../payhub/pdnd/service/PdndService.java | 14 ++++++------- src/main/resources/application.yml | 2 +- ...PdndClientAssertionBuilderServiceTest.java | 15 ++++++------- .../payhub/pdnd/service/PdndServiceTest.java | 8 +++---- 12 files changed, 56 insertions(+), 34 deletions(-) rename src/main/java/it/gov/pagopa/payhub/pdnd/{model/PdndGenericConfig.java => config/PdndBaseServiceIntegratedConfig.java} (68%) create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java diff --git a/build.gradle.kts b/build.gradle.kts index eed0416..b550883 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -141,8 +141,8 @@ tasks.register("ope generatorName.set("java") inputSpec.set("$rootDir/src/main/resources/pdnd/pdnd-v1.yaml") outputDir.set("$projectDir/build/generated/pdnd-client") - apiPackage.set("it.gov.pagopa.common.pdnd.generated.api") - modelPackage.set("it.gov.pagopa.common.pdnd.generated.dto") + apiPackage.set("it.gov.pagopa.payhub.pdnd.connector.pdnd.generated.api") + modelPackage.set("it.gov.pagopa.payhub.pdnd.connector.pdnd.generated.dto") modelNameSuffix.set("DTO") configOptions.set(mapOf( "swaggerAnnotations" to "false", diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/AnprConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/AnprConfig.java index dc11de3..df130b9 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/AnprConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/AnprConfig.java @@ -1,10 +1,9 @@ package it.gov.pagopa.payhub.pdnd.config; -import it.gov.pagopa.payhub.pdnd.model.PdndGenericConfig; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.annotation.Configuration; @Configuration @ConfigurationProperties(prefix = "app.pdnd.anpr.config") -public class AnprConfig extends PdndGenericConfig { +public class AnprConfig extends PdndBaseServiceIntegratedConfig { } diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/model/PdndGenericConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndBaseServiceIntegratedConfig.java similarity index 68% rename from src/main/java/it/gov/pagopa/payhub/pdnd/model/PdndGenericConfig.java rename to src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndBaseServiceIntegratedConfig.java index 9a3e43a..8275d3b 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/model/PdndGenericConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndBaseServiceIntegratedConfig.java @@ -1,4 +1,4 @@ -package it.gov.pagopa.payhub.pdnd.model; +package it.gov.pagopa.payhub.pdnd.config; import lombok.AllArgsConstructor; import lombok.Data; @@ -7,7 +7,7 @@ @Data @AllArgsConstructor @NoArgsConstructor -public class PdndGenericConfig { +public abstract class PdndBaseServiceIntegratedConfig { private String clientId; private String kid; private String purposeId; diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndConfig.java index 1c2fbe8..97e1d67 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndConfig.java @@ -9,6 +9,6 @@ @Data public class PdndConfig { private String audience; - private String key; + private String privateKey; private String publicKey; } diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java new file mode 100644 index 0000000..2197595 --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java @@ -0,0 +1,21 @@ +package it.gov.pagopa.payhub.pdnd.config; + +import java.time.Duration; +import lombok.extern.slf4j.Slf4j; +import org.springframework.boot.web.client.RestTemplateBuilder; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.client.RestTemplate; + +@Configuration +@Slf4j +public class RestTemplateConfig { + @Bean + public RestTemplate restTemplate(RestTemplateBuilder builder) { + log.debug("settings RestTemplate timeout to 120 sec"); + return builder + .setConnectTimeout(Duration.ofMillis(120000)) + .setReadTimeout(Duration.ofMillis(120000)) + .build(); + } +} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClient.java b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClient.java index 037a4ed..4e25ba9 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClient.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClient.java @@ -3,5 +3,5 @@ import it.gov.pagopa.common.pdnd.generated.dto.ClientCredentialsResponseDTO; public interface PdndClient { - ClientCredentialsResponseDTO getAccessToken(String clientId, String assertions); + ClientCredentialsResponseDTO getAccessToken(String clientId, String clientAssertions); } diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClientImpl.java b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClientImpl.java index 9b525a8..896a64d 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClientImpl.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClientImpl.java @@ -24,7 +24,7 @@ public PdndClientImpl(RestTemplateBuilder restTemplateBuilder, } @Override - public ClientCredentialsResponseDTO getAccessToken(String clientId, String assertions) { - return authApi.createToken(assertions, CLIENT_ASSERTION_TYPE, GRANT_TYPE, clientId); + public ClientCredentialsResponseDTO getAccessToken(String clientId, String clientAssertions) { + return authApi.createToken(clientAssertions, CLIENT_ASSERTION_TYPE, GRANT_TYPE, clientId); } } diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java index 4d41cdd..d978556 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java @@ -9,7 +9,7 @@ import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.SignedJWT; import it.gov.pagopa.payhub.pdnd.config.PdndConfig; -import it.gov.pagopa.payhub.pdnd.model.PdndGenericConfig; +import it.gov.pagopa.payhub.pdnd.config.PdndBaseServiceIntegratedConfig; import it.gov.pagopa.payhub.pdnd.utils.CertUtils; import java.io.IOException; import java.security.NoSuchAlgorithmException; @@ -27,10 +27,11 @@ public PdndClientAssertionBuilderService(PdndConfig pdndConfig) { this.pdndConfig = pdndConfig; } - public String buildPdndClientAssertion(PdndGenericConfig pdndGenericConfig) + public String buildPdndClientAssertion( + PdndBaseServiceIntegratedConfig pdndBaseServiceIntegratedConfig) throws InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { - JWTClaimsSet claims = buildPdndClientAssertionClaims(pdndGenericConfig.getClientId(), pdndGenericConfig.getPurposeId()); - return signPdndJWT(pdndGenericConfig.getKid(), claims); + JWTClaimsSet claims = buildPdndClientAssertionClaims(pdndBaseServiceIntegratedConfig.getClientId(), pdndBaseServiceIntegratedConfig.getPurposeId()); + return signPdndJWT(pdndBaseServiceIntegratedConfig.getKid(), claims); } private JWTClaimsSet buildPdndClientAssertionClaims(String clientId, String purposeId) { @@ -48,7 +49,7 @@ private JWTClaimsSet buildPdndClientAssertionClaims(String clientId, String purp private String signPdndJWT(String kid, JWTClaimsSet claims) throws InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { - JWSSigner signer = new RSASSASigner(CertUtils.pemKey2PrivateKey(pdndConfig.getKey())); + JWSSigner signer = new RSASSASigner(CertUtils.pemKey2PrivateKey(pdndConfig.getPrivateKey())); SignedJWT signedJWT = new SignedJWT( new JWSHeader.Builder(JWSAlgorithm.RS256) .type(JOSEObjectType.JWT) diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java index 9b8b1e0..4ea697f 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java @@ -4,7 +4,7 @@ import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; import it.gov.pagopa.payhub.pdnd.exception.custom.JwtClaimBuildException; -import it.gov.pagopa.payhub.pdnd.model.PdndGenericConfig; +import it.gov.pagopa.payhub.pdnd.config.PdndBaseServiceIntegratedConfig; import it.gov.pagopa.payhub.pdnd.utils.JWTUtils; import java.io.IOException; import java.security.NoSuchAlgorithmException; @@ -19,7 +19,7 @@ public class PdndService { private final PdndClientImpl pdndClientImpl; private final PdndClientAssertionBuilderService pdndClientAssertionBuilderService; - protected final ConcurrentHashMap jwtCache = new ConcurrentHashMap<>(); + protected final ConcurrentHashMap jwtCache = new ConcurrentHashMap<>(); public PdndService(PdndClientImpl pdndClientImpl, PdndClientAssertionBuilderService pdndClientAssertionBuilderService) { @@ -27,19 +27,19 @@ public PdndService(PdndClientImpl pdndClientImpl, this.pdndClientAssertionBuilderService = pdndClientAssertionBuilderService; } - public String generateToken(PdndGenericConfig pdndGenericConfig) { - return jwtCache.compute(pdndGenericConfig, (key, existingJwt) -> { - log.debug("Check cache for token exists and not expired"); + public String generateToken(PdndBaseServiceIntegratedConfig pdndBaseServiceIntegratedConfig) { + return jwtCache.compute(pdndBaseServiceIntegratedConfig, (key, existingJwt) -> { + log.debug("Check cache for token exists and not expired for {}", pdndBaseServiceIntegratedConfig.getClass().getName()); if(existingJwt == null || JWTUtils.isJWTExpired(existingJwt)) { try { - log.debug("Token not present or expired, generate new one"); + log.debug("Token for {} not present or expired, generate new one", pdndBaseServiceIntegratedConfig.getClass().getName()); String clientAssertion = pdndClientAssertionBuilderService.buildPdndClientAssertion(key); return pdndClientImpl.getAccessToken(key.getClientId(), clientAssertion).getAccessToken(); } catch (InvalidKeySpecException | NoSuchAlgorithmException | IOException | JOSEException e) { throw new JwtClaimBuildException("Error building JWT claims", e); } } - log.debug("Token is present in cache"); + log.debug("Token for {} is present in cache", pdndBaseServiceIntegratedConfig.getClass().getName()); return existingJwt; }); } diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 9cfe347..4e4ee84 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -20,7 +20,7 @@ app: base-url: "\${PDND_BASE_URL:https://auth.uat.interop.pagopa.it}" config: audience: "\${PDND_ACCESS_TOKEN_AUDIENCE:auth.uat.interop.pagopa.it/client-assertion}" - key: "\${PDND_PRIVATE_KEY:}" + privateKey: "\${PDND_PRIVATE_KEY:}" publicKey: "\${PDND_PUBLIC_KEY:}" anpr: config: diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java index 6f95241..e7cd17a 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java @@ -3,7 +3,7 @@ import static org.junit.jupiter.api.Assertions.*; import it.gov.pagopa.payhub.pdnd.config.PdndConfig; -import it.gov.pagopa.payhub.pdnd.model.PdndGenericConfig; +import it.gov.pagopa.payhub.pdnd.config.PdndBaseServiceIntegratedConfig; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.InjectMocks; @@ -19,7 +19,7 @@ class PdndClientAssertionBuilderServiceTest { private PdndConfig pdndConfig; @Mock - private PdndGenericConfig pdndGenericConfig; + private PdndBaseServiceIntegratedConfig pdndBaseServiceIntegratedConfig; @InjectMocks private PdndClientAssertionBuilderService pdndClientAssertionBuilderService; @@ -59,13 +59,14 @@ class PdndClientAssertionBuilderServiceTest { void givenValidPDNDConfigWhenBuildPdndClientAssertionThenVerifyToken() throws Exception { // Given Mockito.when(pdndConfig.getAudience()).thenReturn("AUDIENCE"); - Mockito.when(pdndConfig.getKey()).thenReturn(pemKey); + Mockito.when(pdndConfig.getPrivateKey()).thenReturn(pemKey); - Mockito.when(pdndGenericConfig.getClientId()).thenReturn("CLIENTID"); - Mockito.when(pdndGenericConfig.getPurposeId()).thenReturn("PURPOSEID"); - Mockito.when(pdndGenericConfig.getKid()).thenReturn("KID"); + Mockito.when(pdndBaseServiceIntegratedConfig.getClientId()).thenReturn("CLIENTID"); + Mockito.when(pdndBaseServiceIntegratedConfig.getPurposeId()).thenReturn("PURPOSEID"); + Mockito.when(pdndBaseServiceIntegratedConfig.getKid()).thenReturn("KID"); // When - String token = pdndClientAssertionBuilderService.buildPdndClientAssertion(pdndGenericConfig); + String token = pdndClientAssertionBuilderService.buildPdndClientAssertion( + pdndBaseServiceIntegratedConfig); // Then assertNotNull(token); diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java index 2ca16a5..36f1ca2 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java @@ -6,7 +6,7 @@ import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; import it.gov.pagopa.payhub.pdnd.exception.custom.JwtClaimBuildException; -import it.gov.pagopa.payhub.pdnd.model.PdndGenericConfig; +import it.gov.pagopa.payhub.pdnd.config.PdndBaseServiceIntegratedConfig; import it.gov.pagopa.payhub.pdnd.utils.JWTUtils; import java.security.spec.InvalidKeySpecException; import org.junit.jupiter.api.BeforeEach; @@ -36,7 +36,7 @@ void setUp() { @Test void givenValidConfigWhenGenerateTokenThenGeneratesNewToken() throws Exception { // Given - PdndGenericConfig config = Mockito.mock(PdndGenericConfig.class); + PdndBaseServiceIntegratedConfig config = Mockito.mock(PdndBaseServiceIntegratedConfig.class); String clientId = "CLIENTID"; String clientAssertion = "ASSERTION"; ClientCredentialsResponseDTO newAccessToken = new ClientCredentialsResponseDTO(); @@ -58,7 +58,7 @@ void givenValidConfigWhenGenerateTokenThenGeneratesNewToken() throws Exception { @Test void givenTokenInCacheWhenGenerateTokenThenReturnCachedToken() { // Given - PdndGenericConfig config = Mockito.mock(PdndGenericConfig.class); + PdndBaseServiceIntegratedConfig config = Mockito.mock(PdndBaseServiceIntegratedConfig.class); String cachedToken = "CACHED_TOKEN"; pdndService.jwtCache.put(config, cachedToken); @@ -75,7 +75,7 @@ void givenTokenInCacheWhenGenerateTokenThenReturnCachedToken() { @Test void givenInvalidAssertionWhenGenerateTokenThenException() throws Exception { // Given - PdndGenericConfig config = Mockito.mock(PdndGenericConfig.class); + PdndBaseServiceIntegratedConfig config = Mockito.mock(PdndBaseServiceIntegratedConfig.class); // When Mockito.when(pdndClientAssertionBuilderService.buildPdndClientAssertion(config)) .thenThrow(new InvalidKeySpecException("Key spec error")); From 37eeb5abcd2f68ccf45e7203b8886f2b13147c7a Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Mon, 25 Nov 2024 17:16:52 +0100 Subject: [PATCH 23/36] P4ADEV-1341 fix import --- .../payhub/pdnd/connector/pdnd/client/PdndClient.java | 2 +- .../payhub/pdnd/connector/pdnd/client/PdndClientImpl.java | 6 +++--- .../gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java | 2 +- .../it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClient.java b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClient.java index 4e25ba9..37cd9f2 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClient.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClient.java @@ -1,6 +1,6 @@ package it.gov.pagopa.payhub.pdnd.connector.pdnd.client; -import it.gov.pagopa.common.pdnd.generated.dto.ClientCredentialsResponseDTO; +import it.gov.pagopa.payhub.pdnd.connector.pdnd.generated.dto.ClientCredentialsResponseDTO; public interface PdndClient { ClientCredentialsResponseDTO getAccessToken(String clientId, String clientAssertions); diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClientImpl.java b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClientImpl.java index 896a64d..15f0c9a 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClientImpl.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/client/PdndClientImpl.java @@ -1,8 +1,8 @@ package it.gov.pagopa.payhub.pdnd.connector.pdnd.client; -import it.gov.pagopa.common.pdnd.generated.ApiClient; -import it.gov.pagopa.common.pdnd.generated.api.AuthApi; -import it.gov.pagopa.common.pdnd.generated.dto.ClientCredentialsResponseDTO; +import it.gov.pagopa.payhub.pdnd.connector.pdnd.generated.ApiClient; +import it.gov.pagopa.payhub.pdnd.connector.pdnd.generated.api.AuthApi; +import it.gov.pagopa.payhub.pdnd.connector.pdnd.generated.dto.ClientCredentialsResponseDTO; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.web.client.RestTemplateBuilder; import org.springframework.stereotype.Service; diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java index b269166..1c1d987 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndClientImplTest.java @@ -4,7 +4,7 @@ import com.maciejwalkowiak.wiremock.spring.ConfigureWireMock; import com.maciejwalkowiak.wiremock.spring.EnableWireMock; import com.maciejwalkowiak.wiremock.spring.InjectWireMock; -import it.gov.pagopa.common.pdnd.generated.dto.ClientCredentialsResponseDTO; +import it.gov.pagopa.payhub.pdnd.connector.pdnd.generated.dto.ClientCredentialsResponseDTO; import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; import org.junit.jupiter.api.Assertions; import org.junit.jupiter.api.BeforeEach; diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java index 36f1ca2..1cfd9c9 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java @@ -2,7 +2,7 @@ import static org.junit.jupiter.api.Assertions.*; -import it.gov.pagopa.common.pdnd.generated.dto.ClientCredentialsResponseDTO; +import it.gov.pagopa.payhub.pdnd.connector.pdnd.generated.dto.ClientCredentialsResponseDTO; import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; import it.gov.pagopa.payhub.pdnd.exception.custom.JwtClaimBuildException; From 126b044280da469cf81251a0b02e4b6621bf9479 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Mon, 25 Nov 2024 17:55:43 +0100 Subject: [PATCH 24/36] P4ADEV-1341 edit timeout restTemplate --- .../payhub/pdnd/config/RestTemplateConfig.java | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java index 2197595..9d80711 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java @@ -2,20 +2,21 @@ import java.time.Duration; import lombok.extern.slf4j.Slf4j; -import org.springframework.boot.web.client.RestTemplateBuilder; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.http.client.SimpleClientHttpRequestFactory; import org.springframework.web.client.RestTemplate; @Configuration @Slf4j public class RestTemplateConfig { @Bean - public RestTemplate restTemplate(RestTemplateBuilder builder) { - log.debug("settings RestTemplate timeout to 120 sec"); - return builder - .setConnectTimeout(Duration.ofMillis(120000)) - .setReadTimeout(Duration.ofMillis(120000)) - .build(); + public RestTemplate restTemplate() { + log.debug("settings RestTemplate timeout to 120 sec"); + SimpleClientHttpRequestFactory factory = new SimpleClientHttpRequestFactory(); + factory.setConnectTimeout(Duration.ofMillis(120000)); + factory.setReadTimeout(Duration.ofMillis(120000)); + + return new RestTemplate(factory); } } From 727ac19c86e34a1d910ea446e85627be2f611bc1 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Tue, 26 Nov 2024 12:10:29 +0100 Subject: [PATCH 25/36] P4ADEV-1341 refactor config --- helm/values-dev.yaml | 4 +++- helm/values-prod.yaml | 3 ++- helm/values-uat.yaml | 3 ++- .../PdndBaseServiceIntegratedConfig.java | 5 +++-- .../pdnd/config/{ => pdnd}/PdndConfig.java | 4 +--- .../pdnd/PdndServiceIntegrationConfig.java | 12 +++++++++++ .../pdnd/anpr/AnprC003ServiceConfig.java | 11 ++++++++++ .../pdnd/anpr/AnprC030ServiceConfig.java | 11 ++++++++++ .../config/{ => pdnd/anpr}/AnprConfig.java | 3 ++- .../PdndClientAssertionBuilderService.java | 19 +++++++++++------- .../payhub/pdnd/service/PdndService.java | 14 +++++++------ src/main/resources/application.yml | 11 +++++++--- ...PdndClientAssertionBuilderServiceTest.java | 20 ++++++++++++++----- .../payhub/pdnd/service/PdndServiceTest.java | 20 +++++++++++-------- 14 files changed, 102 insertions(+), 38 deletions(-) rename src/main/java/it/gov/pagopa/payhub/pdnd/config/{ => pdnd}/PdndBaseServiceIntegratedConfig.java (69%) rename src/main/java/it/gov/pagopa/payhub/pdnd/config/{ => pdnd}/PdndConfig.java (73%) create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndServiceIntegrationConfig.java create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC003ServiceConfig.java create mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC030ServiceConfig.java rename src/main/java/it/gov/pagopa/payhub/pdnd/config/{ => pdnd/anpr}/AnprConfig.java (68%) diff --git a/helm/values-dev.yaml b/helm/values-dev.yaml index 71ccaaa..215dec0 100644 --- a/helm/values-dev.yaml +++ b/helm/values-dev.yaml @@ -35,7 +35,9 @@ microservice-chart: PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d PAGOPA_PDND_CONFIGURATION_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 - PAGOPA_PDND_CONFIGURATION_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 + # DEV and UAT share same finality purposeId + PAGOPA_PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee + PAGOPA_PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 keyvault: name: "p4pa-d-payhub-kv" diff --git a/helm/values-prod.yaml b/helm/values-prod.yaml index 18d4a3b..592fa9e 100644 --- a/helm/values-prod.yaml +++ b/helm/values-prod.yaml @@ -36,7 +36,8 @@ microservice-chart: PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d PAGOPA_PDND_CONFIGURATION_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 - PAGOPA_PDND_CONFIGURATION_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 + PAGOPA_PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee + PAGOPA_PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 keyvault: name: "p4pa-p-payhub-kv" diff --git a/helm/values-uat.yaml b/helm/values-uat.yaml index 6138192..b1b2c52 100644 --- a/helm/values-uat.yaml +++ b/helm/values-uat.yaml @@ -35,7 +35,8 @@ microservice-chart: PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 685e6542-8d1b-4837-a555-130e92c9dc6c PAGOPA_PDND_CONFIGURATION_KID: y80rvmuzGPyfMw0n6v5K-yWsyUVYXiICG2zzNPAJg64 - PAGOPA_PDND_CONFIGURATION_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 + PAGOPA_PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee + PAGOPA_PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 keyvault: name: "p4pa-u-payhub-kv" diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndBaseServiceIntegratedConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndBaseServiceIntegratedConfig.java similarity index 69% rename from src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndBaseServiceIntegratedConfig.java rename to src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndBaseServiceIntegratedConfig.java index 8275d3b..fdb4af2 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndBaseServiceIntegratedConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndBaseServiceIntegratedConfig.java @@ -1,4 +1,4 @@ -package it.gov.pagopa.payhub.pdnd.config; +package it.gov.pagopa.payhub.pdnd.config.pdnd; import lombok.AllArgsConstructor; import lombok.Data; @@ -10,5 +10,6 @@ public abstract class PdndBaseServiceIntegratedConfig { private String clientId; private String kid; - private String purposeId; + private String privateKey; + private String publicKey; } diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndConfig.java similarity index 73% rename from src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndConfig.java rename to src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndConfig.java index 97e1d67..cbfdfc0 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/PdndConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndConfig.java @@ -1,4 +1,4 @@ -package it.gov.pagopa.payhub.pdnd.config; +package it.gov.pagopa.payhub.pdnd.config.pdnd; import lombok.Data; import org.springframework.boot.context.properties.ConfigurationProperties; @@ -9,6 +9,4 @@ @Data public class PdndConfig { private String audience; - private String privateKey; - private String publicKey; } diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndServiceIntegrationConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndServiceIntegrationConfig.java new file mode 100644 index 0000000..402073c --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndServiceIntegrationConfig.java @@ -0,0 +1,12 @@ +package it.gov.pagopa.payhub.pdnd.config.pdnd; + +import lombok.AllArgsConstructor; +import lombok.Data; +import lombok.NoArgsConstructor; + +@Data +@AllArgsConstructor +@NoArgsConstructor +public abstract class PdndServiceIntegrationConfig { + private String purposeId; +} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC003ServiceConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC003ServiceConfig.java new file mode 100644 index 0000000..10648d5 --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC003ServiceConfig.java @@ -0,0 +1,11 @@ +package it.gov.pagopa.payhub.pdnd.config.pdnd.anpr; + +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +@Configuration +@ConfigurationProperties(prefix = "app.pdnd.anpr.service-c003.config") +public class AnprC003ServiceConfig extends PdndServiceIntegrationConfig { + +} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC030ServiceConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC030ServiceConfig.java new file mode 100644 index 0000000..1186ca1 --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC030ServiceConfig.java @@ -0,0 +1,11 @@ +package it.gov.pagopa.payhub.pdnd.config.pdnd.anpr; + +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +@Configuration +@ConfigurationProperties(prefix = "app.pdnd.anpr.service-c030.config") +public class AnprC030ServiceConfig extends PdndServiceIntegrationConfig { + +} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/AnprConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprConfig.java similarity index 68% rename from src/main/java/it/gov/pagopa/payhub/pdnd/config/AnprConfig.java rename to src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprConfig.java index df130b9..322193e 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/AnprConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprConfig.java @@ -1,5 +1,6 @@ -package it.gov.pagopa.payhub.pdnd.config; +package it.gov.pagopa.payhub.pdnd.config.pdnd.anpr; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndBaseServiceIntegratedConfig; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.annotation.Configuration; diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java index d978556..4b4d9d8 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java @@ -8,8 +8,9 @@ import com.nimbusds.jose.crypto.RSASSASigner; import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.SignedJWT; -import it.gov.pagopa.payhub.pdnd.config.PdndConfig; -import it.gov.pagopa.payhub.pdnd.config.PdndBaseServiceIntegratedConfig; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndConfig; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndBaseServiceIntegratedConfig; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; import it.gov.pagopa.payhub.pdnd.utils.CertUtils; import java.io.IOException; import java.security.NoSuchAlgorithmException; @@ -22,15 +23,19 @@ public class PdndClientAssertionBuilderService { private final PdndConfig pdndConfig; + private final PdndBaseServiceIntegratedConfig pdndBaseServiceIntegratedConfig; - public PdndClientAssertionBuilderService(PdndConfig pdndConfig) { + public PdndClientAssertionBuilderService(PdndConfig pdndConfig, + PdndBaseServiceIntegratedConfig pdndBaseServiceIntegratedConfig) { this.pdndConfig = pdndConfig; + this.pdndBaseServiceIntegratedConfig = pdndBaseServiceIntegratedConfig; } - public String buildPdndClientAssertion( - PdndBaseServiceIntegratedConfig pdndBaseServiceIntegratedConfig) + public String buildPdndClientAssertion(PdndBaseServiceIntegratedConfig pdndBaseServiceIntegratedConfig, + PdndServiceIntegrationConfig pdndServiceIntegrationConfig) throws InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { - JWTClaimsSet claims = buildPdndClientAssertionClaims(pdndBaseServiceIntegratedConfig.getClientId(), pdndBaseServiceIntegratedConfig.getPurposeId()); + JWTClaimsSet claims = buildPdndClientAssertionClaims(pdndBaseServiceIntegratedConfig.getClientId(), + pdndServiceIntegrationConfig.getPurposeId()); return signPdndJWT(pdndBaseServiceIntegratedConfig.getKid(), claims); } @@ -49,7 +54,7 @@ private JWTClaimsSet buildPdndClientAssertionClaims(String clientId, String purp private String signPdndJWT(String kid, JWTClaimsSet claims) throws InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { - JWSSigner signer = new RSASSASigner(CertUtils.pemKey2PrivateKey(pdndConfig.getPrivateKey())); + JWSSigner signer = new RSASSASigner(CertUtils.pemKey2PrivateKey(pdndBaseServiceIntegratedConfig.getPrivateKey())); SignedJWT signedJWT = new SignedJWT( new JWSHeader.Builder(JWSAlgorithm.RS256) .type(JOSEObjectType.JWT) diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java index 4ea697f..9634f40 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java @@ -1,10 +1,11 @@ package it.gov.pagopa.payhub.pdnd.service; import com.nimbusds.jose.JOSEException; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; import it.gov.pagopa.payhub.pdnd.exception.custom.JwtClaimBuildException; -import it.gov.pagopa.payhub.pdnd.config.PdndBaseServiceIntegratedConfig; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndBaseServiceIntegratedConfig; import it.gov.pagopa.payhub.pdnd.utils.JWTUtils; import java.io.IOException; import java.security.NoSuchAlgorithmException; @@ -19,7 +20,7 @@ public class PdndService { private final PdndClientImpl pdndClientImpl; private final PdndClientAssertionBuilderService pdndClientAssertionBuilderService; - protected final ConcurrentHashMap jwtCache = new ConcurrentHashMap<>(); + protected final ConcurrentHashMap jwtCache = new ConcurrentHashMap<>(); public PdndService(PdndClientImpl pdndClientImpl, PdndClientAssertionBuilderService pdndClientAssertionBuilderService) { @@ -27,14 +28,15 @@ public PdndService(PdndClientImpl pdndClientImpl, this.pdndClientAssertionBuilderService = pdndClientAssertionBuilderService; } - public String generateToken(PdndBaseServiceIntegratedConfig pdndBaseServiceIntegratedConfig) { - return jwtCache.compute(pdndBaseServiceIntegratedConfig, (key, existingJwt) -> { + public String generateToken(PdndBaseServiceIntegratedConfig pdndBaseServiceIntegratedConfig, + PdndServiceIntegrationConfig pdndServiceIntegrationConfig) { + return jwtCache.compute(pdndServiceIntegrationConfig, (key, existingJwt) -> { log.debug("Check cache for token exists and not expired for {}", pdndBaseServiceIntegratedConfig.getClass().getName()); if(existingJwt == null || JWTUtils.isJWTExpired(existingJwt)) { try { log.debug("Token for {} not present or expired, generate new one", pdndBaseServiceIntegratedConfig.getClass().getName()); - String clientAssertion = pdndClientAssertionBuilderService.buildPdndClientAssertion(key); - return pdndClientImpl.getAccessToken(key.getClientId(), clientAssertion).getAccessToken(); + String clientAssertion = pdndClientAssertionBuilderService.buildPdndClientAssertion(pdndBaseServiceIntegratedConfig, key); + return pdndClientImpl.getAccessToken(pdndBaseServiceIntegratedConfig.getClientId(), clientAssertion).getAccessToken(); } catch (InvalidKeySpecException | NoSuchAlgorithmException | IOException | JOSEException e) { throw new JwtClaimBuildException("Error building JWT claims", e); } diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 4e4ee84..edfb64e 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -20,10 +20,15 @@ app: base-url: "\${PDND_BASE_URL:https://auth.uat.interop.pagopa.it}" config: audience: "\${PDND_ACCESS_TOKEN_AUDIENCE:auth.uat.interop.pagopa.it/client-assertion}" - privateKey: "\${PDND_PRIVATE_KEY:}" - publicKey: "\${PDND_PUBLIC_KEY:}" anpr: config: client-id: "\${PAGOPA_PDND_CONFIGURATION_CLIENT_ID:890b7ca9-b402-4dce-9e8d-9a333d22d76d}" kid: "\${PAGOPA_PDND_CONFIGURATION_KID:jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8}" - purpose-id: "\${PAGOPA_PDND_CONFIGURATION_PURPOSE_ID:87520bd5-207a-4616-85d9-10d7bb3e88b8}" \ No newline at end of file + privateKey: "\${PDND_PRIVATE_KEY:}" + publicKey: "\${PDND_PUBLIC_KEY:}" + service-c003: + config: + purpose-id: "\${PAGOPA_PDND_CONFIGURATION_C003_PURPOSE_ID:87520bd5-207a-4616-85d9-10d7bb3e88b8}" + service-c030: + config: + purpose-id: "\${PAGOPA_PDND_CONFIGURATION_C030_PURPOSE_ID:87520bd5-207a-4616-85d9-10d7bb3e88b8}" \ No newline at end of file diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java index e7cd17a..b08d3c8 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java @@ -2,8 +2,10 @@ import static org.junit.jupiter.api.Assertions.*; -import it.gov.pagopa.payhub.pdnd.config.PdndConfig; -import it.gov.pagopa.payhub.pdnd.config.PdndBaseServiceIntegratedConfig; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndConfig; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndBaseServiceIntegratedConfig; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; +import it.gov.pagopa.payhub.pdnd.config.pdnd.anpr.AnprConfig; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.InjectMocks; @@ -18,9 +20,15 @@ class PdndClientAssertionBuilderServiceTest { @Mock private PdndConfig pdndConfig; + @Mock + private AnprConfig anprConfig; + @Mock private PdndBaseServiceIntegratedConfig pdndBaseServiceIntegratedConfig; + @Mock + private PdndServiceIntegrationConfig pdndServiceIntegrationConfig; + @InjectMocks private PdndClientAssertionBuilderService pdndClientAssertionBuilderService; @@ -59,14 +67,16 @@ class PdndClientAssertionBuilderServiceTest { void givenValidPDNDConfigWhenBuildPdndClientAssertionThenVerifyToken() throws Exception { // Given Mockito.when(pdndConfig.getAudience()).thenReturn("AUDIENCE"); - Mockito.when(pdndConfig.getPrivateKey()).thenReturn(pemKey); + Mockito.when(anprConfig.getPrivateKey()).thenReturn(pemKey); Mockito.when(pdndBaseServiceIntegratedConfig.getClientId()).thenReturn("CLIENTID"); - Mockito.when(pdndBaseServiceIntegratedConfig.getPurposeId()).thenReturn("PURPOSEID"); Mockito.when(pdndBaseServiceIntegratedConfig.getKid()).thenReturn("KID"); + Mockito.when(pdndServiceIntegrationConfig.getPurposeId()).thenReturn("PURPOSEID"); + // When String token = pdndClientAssertionBuilderService.buildPdndClientAssertion( - pdndBaseServiceIntegratedConfig); + pdndBaseServiceIntegratedConfig, + pdndServiceIntegrationConfig); // Then assertNotNull(token); diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java index 1cfd9c9..c1c9851 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java @@ -2,11 +2,12 @@ import static org.junit.jupiter.api.Assertions.*; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; import it.gov.pagopa.payhub.pdnd.connector.pdnd.generated.dto.ClientCredentialsResponseDTO; import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; import it.gov.pagopa.payhub.pdnd.exception.custom.JwtClaimBuildException; -import it.gov.pagopa.payhub.pdnd.config.PdndBaseServiceIntegratedConfig; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndBaseServiceIntegratedConfig; import it.gov.pagopa.payhub.pdnd.utils.JWTUtils; import java.security.spec.InvalidKeySpecException; import org.junit.jupiter.api.BeforeEach; @@ -37,21 +38,22 @@ void setUp() { void givenValidConfigWhenGenerateTokenThenGeneratesNewToken() throws Exception { // Given PdndBaseServiceIntegratedConfig config = Mockito.mock(PdndBaseServiceIntegratedConfig.class); + PdndServiceIntegrationConfig serviceConfig = Mockito.mock(PdndServiceIntegrationConfig.class); String clientId = "CLIENTID"; String clientAssertion = "ASSERTION"; ClientCredentialsResponseDTO newAccessToken = new ClientCredentialsResponseDTO(); // When Mockito.when(config.getClientId()).thenReturn(clientId); - Mockito.when(pdndClientAssertionBuilderService.buildPdndClientAssertion(config)).thenReturn(clientAssertion); + Mockito.when(pdndClientAssertionBuilderService.buildPdndClientAssertion(config, serviceConfig)).thenReturn(clientAssertion); Mockito.when(pdndClientImpl.getAccessToken(clientId, clientAssertion)) .thenReturn(newAccessToken); - String token = pdndService.generateToken(config); + String token = pdndService.generateToken(config, serviceConfig); // Then assertEquals(newAccessToken.getAccessToken(), token); - Mockito.verify(pdndClientAssertionBuilderService, Mockito.times(1)).buildPdndClientAssertion(config); + Mockito.verify(pdndClientAssertionBuilderService, Mockito.times(1)).buildPdndClientAssertion(config,serviceConfig); Mockito.verify(pdndClientImpl, Mockito.times(1)).getAccessToken(clientId, clientAssertion); } @@ -59,13 +61,14 @@ void givenValidConfigWhenGenerateTokenThenGeneratesNewToken() throws Exception { void givenTokenInCacheWhenGenerateTokenThenReturnCachedToken() { // Given PdndBaseServiceIntegratedConfig config = Mockito.mock(PdndBaseServiceIntegratedConfig.class); + PdndServiceIntegrationConfig serviceConfig = Mockito.mock(PdndServiceIntegrationConfig.class); String cachedToken = "CACHED_TOKEN"; - pdndService.jwtCache.put(config, cachedToken); + pdndService.jwtCache.put(serviceConfig, cachedToken); try (MockedStatic mockedStatic = Mockito.mockStatic(JWTUtils.class)) { // When mockedStatic.when(() -> JWTUtils.isJWTExpired(cachedToken)).thenReturn(false); - String token = pdndService.generateToken(config); + String token = pdndService.generateToken(config, serviceConfig); // Then assertEquals(cachedToken, token); @@ -76,13 +79,14 @@ void givenTokenInCacheWhenGenerateTokenThenReturnCachedToken() { void givenInvalidAssertionWhenGenerateTokenThenException() throws Exception { // Given PdndBaseServiceIntegratedConfig config = Mockito.mock(PdndBaseServiceIntegratedConfig.class); + PdndServiceIntegrationConfig serviceConfig = Mockito.mock(PdndServiceIntegrationConfig.class); // When - Mockito.when(pdndClientAssertionBuilderService.buildPdndClientAssertion(config)) + Mockito.when(pdndClientAssertionBuilderService.buildPdndClientAssertion(config, serviceConfig)) .thenThrow(new InvalidKeySpecException("Key spec error")); // Then JwtClaimBuildException exception = assertThrows(JwtClaimBuildException.class, () -> { - pdndService.generateToken(config); + pdndService.generateToken(config, serviceConfig); }); assertEquals("Error building JWT claims", exception.getMessage()); From be5c7c20a585ad0dea9877914b098f7838050b9b Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Tue, 26 Nov 2024 12:14:50 +0100 Subject: [PATCH 26/36] P4ADEV-1341 refactor config --- helm/values-dev.yaml | 4 ++-- helm/values-prod.yaml | 4 ++-- helm/values-uat.yaml | 4 ++-- src/main/resources/application.yml | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/helm/values-dev.yaml b/helm/values-dev.yaml index 215dec0..ff9768f 100644 --- a/helm/values-dev.yaml +++ b/helm/values-dev.yaml @@ -36,8 +36,8 @@ microservice-chart: PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d PAGOPA_PDND_CONFIGURATION_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 # DEV and UAT share same finality purposeId - PAGOPA_PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee - PAGOPA_PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 + ANPR_PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee + ANPR_PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 keyvault: name: "p4pa-d-payhub-kv" diff --git a/helm/values-prod.yaml b/helm/values-prod.yaml index 592fa9e..a2ec40f 100644 --- a/helm/values-prod.yaml +++ b/helm/values-prod.yaml @@ -36,8 +36,8 @@ microservice-chart: PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d PAGOPA_PDND_CONFIGURATION_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 - PAGOPA_PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee - PAGOPA_PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 + ANPR_PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee + ANPR_PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 keyvault: name: "p4pa-p-payhub-kv" diff --git a/helm/values-uat.yaml b/helm/values-uat.yaml index b1b2c52..4934f5f 100644 --- a/helm/values-uat.yaml +++ b/helm/values-uat.yaml @@ -35,8 +35,8 @@ microservice-chart: PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 685e6542-8d1b-4837-a555-130e92c9dc6c PAGOPA_PDND_CONFIGURATION_KID: y80rvmuzGPyfMw0n6v5K-yWsyUVYXiICG2zzNPAJg64 - PAGOPA_PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee - PAGOPA_PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 + ANPR_PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee + ANPR_PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 keyvault: name: "p4pa-u-payhub-kv" diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index edfb64e..371627d 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -28,7 +28,7 @@ app: publicKey: "\${PDND_PUBLIC_KEY:}" service-c003: config: - purpose-id: "\${PAGOPA_PDND_CONFIGURATION_C003_PURPOSE_ID:87520bd5-207a-4616-85d9-10d7bb3e88b8}" + purpose-id: "\${ANPR_PDND_CONFIGURATION_C003_PURPOSE_ID:87520bd5-207a-4616-85d9-10d7bb3e88b8}" service-c030: config: - purpose-id: "\${PAGOPA_PDND_CONFIGURATION_C030_PURPOSE_ID:87520bd5-207a-4616-85d9-10d7bb3e88b8}" \ No newline at end of file + purpose-id: "\${ANPR_PDND_CONFIGURATION_C030_PURPOSE_ID:87520bd5-207a-4616-85d9-10d7bb3e88b8}" \ No newline at end of file From edfa8db7e5d30501f8407cd4048d80b40794743e Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Tue, 26 Nov 2024 14:22:47 +0100 Subject: [PATCH 27/36] P4ADEV-1341 add RestTemplateConfig --- .../pdnd/config/RestTemplateConfig.java | 23 ++++++++----------- 1 file changed, 9 insertions(+), 14 deletions(-) diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java index 9d80711..c1a795e 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java @@ -1,22 +1,17 @@ package it.gov.pagopa.payhub.pdnd.config; import java.time.Duration; -import lombok.extern.slf4j.Slf4j; +import org.springframework.boot.autoconfigure.web.client.RestTemplateBuilderConfigurer; +import org.springframework.boot.web.client.RestTemplateBuilder; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.http.client.SimpleClientHttpRequestFactory; -import org.springframework.web.client.RestTemplate; -@Configuration -@Slf4j +@Configuration(proxyBeanMethods = false) public class RestTemplateConfig { - @Bean - public RestTemplate restTemplate() { - log.debug("settings RestTemplate timeout to 120 sec"); - SimpleClientHttpRequestFactory factory = new SimpleClientHttpRequestFactory(); - factory.setConnectTimeout(Duration.ofMillis(120000)); - factory.setReadTimeout(Duration.ofMillis(120000)); - - return new RestTemplate(factory); - } + @Bean + public RestTemplateBuilder restTemplateBuilder(RestTemplateBuilderConfigurer configurer) { + return configurer.configure(new RestTemplateBuilder()) + .setConnectTimeout(Duration.ofSeconds(120)) + .setReadTimeout(Duration.ofSeconds(120)); + } } From 1b95770e63d173b452f38a267f0a0144d772899d Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Tue, 26 Nov 2024 14:53:22 +0100 Subject: [PATCH 28/36] P4ADEV-1341 fix test --- .../service/PdndClientAssertionBuilderServiceTest.java | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java index b08d3c8..36502c9 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java @@ -5,7 +5,6 @@ import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndConfig; import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndBaseServiceIntegratedConfig; import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; -import it.gov.pagopa.payhub.pdnd.config.pdnd.anpr.AnprConfig; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.InjectMocks; @@ -20,9 +19,6 @@ class PdndClientAssertionBuilderServiceTest { @Mock private PdndConfig pdndConfig; - @Mock - private AnprConfig anprConfig; - @Mock private PdndBaseServiceIntegratedConfig pdndBaseServiceIntegratedConfig; @@ -67,10 +63,9 @@ class PdndClientAssertionBuilderServiceTest { void givenValidPDNDConfigWhenBuildPdndClientAssertionThenVerifyToken() throws Exception { // Given Mockito.when(pdndConfig.getAudience()).thenReturn("AUDIENCE"); - Mockito.when(anprConfig.getPrivateKey()).thenReturn(pemKey); - Mockito.when(pdndBaseServiceIntegratedConfig.getClientId()).thenReturn("CLIENTID"); Mockito.when(pdndBaseServiceIntegratedConfig.getKid()).thenReturn("KID"); + Mockito.when(pdndBaseServiceIntegratedConfig.getPrivateKey()).thenReturn(pemKey); Mockito.when(pdndServiceIntegrationConfig.getPurposeId()).thenReturn("PURPOSEID"); // When From cde681c782780a7c2bd1ee5f2c6a99a315b0d390 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Tue, 26 Nov 2024 15:23:03 +0100 Subject: [PATCH 29/36] P4ADEV-1341 upgrade jdk version --- .github/workflows/codereview.yml | 2 +- Dockerfile | 4 ++-- build.gradle.kts | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codereview.yml b/.github/workflows/codereview.yml index 0f4f1e7..19e6e50 100644 --- a/.github/workflows/codereview.yml +++ b/.github/workflows/codereview.yml @@ -24,7 +24,7 @@ jobs: uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 #v4.2.1 with: distribution: 'corretto' - java-version: 17 + java-version: 21 - name: Grant execute permission for gradlew run: chmod +x ./gradlew diff --git a/Dockerfile b/Dockerfile index 50b3bd1..9cd5fc8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,8 +3,8 @@ # # 🎯 Version Management # -ARG CORRETTO_VERSION="17-alpine3.19" -ARG CORRETTO_SHA="2122cb140fa94053abce343fb854d24f4c62ba3c1ac701882dce12980396b477" +ARG CORRETTO_VERSION="21-alpine3.17" +ARG CORRETTO_SHA="6ed399441760d860717318db95fc50846bd0173145ec728733e69b782ead78e4" ARG GRADLE_VERSION="8.10.2" ARG GRADLE_DOWNLOAD_SHA256="31c55713e40233a8303827ceb42ca48a47267a0ad4bab9177123121e71524c26" ARG APPINSIGHTS_VERSION="3.5.2" diff --git a/build.gradle.kts b/build.gradle.kts index b550883..5560314 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -14,7 +14,7 @@ description = "p4pa-pdnd-services" java { toolchain { - languageVersion = JavaLanguageVersion.of(17) + languageVersion = JavaLanguageVersion.of(21) } } From 2858518a69d5b87243edc11b0321f0b3752bc0a1 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Tue, 26 Nov 2024 18:30:52 +0100 Subject: [PATCH 30/36] P4ADEV-1341 refactor config --- build.gradle.kts | 2 +- helm/values-dev.yaml | 5 ++- helm/values-prod.yaml | 4 +-- helm/values-uat.yaml | 4 +-- helm/values.yaml | 4 +-- .../pdnd/config/RestTemplateConfig.java | 21 +++++++++--- .../pdnd/PdndBaseServiceIntegratedConfig.java | 15 --------- .../pdnd/PdndServiceIntegrationConfig.java | 5 +++ .../pdnd/anpr/AnprC003ServiceConfig.java | 2 +- .../pdnd/anpr/AnprC030ServiceConfig.java | 2 +- .../pdnd/config/pdnd/anpr/AnprConfig.java | 10 ------ .../PdndClientAssertionBuilderService.java | 26 +++++++-------- .../custom/JwtClaimBuildException.java | 7 ---- .../payhub/pdnd/service/PdndService.java | 23 ++++--------- src/main/resources/application.yml | 27 +++++++++------- ...PdndClientAssertionBuilderServiceTest.java | 14 +++----- .../payhub/pdnd/service/PdndServiceTest.java | 32 +++---------------- 17 files changed, 75 insertions(+), 128 deletions(-) delete mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndBaseServiceIntegratedConfig.java delete mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprConfig.java delete mode 100644 src/main/java/it/gov/pagopa/payhub/pdnd/exception/custom/JwtClaimBuildException.java diff --git a/build.gradle.kts b/build.gradle.kts index 5560314..b550883 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -14,7 +14,7 @@ description = "p4pa-pdnd-services" java { toolchain { - languageVersion = JavaLanguageVersion.of(21) + languageVersion = JavaLanguageVersion.of(17) } } diff --git a/helm/values-dev.yaml b/helm/values-dev.yaml index ff9768f..9accd1c 100644 --- a/helm/values-dev.yaml +++ b/helm/values-dev.yaml @@ -33,9 +33,8 @@ microservice-chart: PDND_BASE_URL: https://auth.uat.interop.pagopa.it PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion - PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d - PAGOPA_PDND_CONFIGURATION_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 - # DEV and UAT share same finality purposeId + PDND_SERVICE_CLIENTID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d + PDND_SERVICE_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 ANPR_PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee ANPR_PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 diff --git a/helm/values-prod.yaml b/helm/values-prod.yaml index a2ec40f..3d49fb1 100644 --- a/helm/values-prod.yaml +++ b/helm/values-prod.yaml @@ -34,8 +34,8 @@ microservice-chart: #TODO edit with real env when prod is ready P4ADEV-1518 PDND_BASE_URL: https://auth.uat.interop.pagopa.it PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion - PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d - PAGOPA_PDND_CONFIGURATION_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 + PDND_SERVICE_CLIENTID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d + PDND_SERVICE_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 ANPR_PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee ANPR_PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 diff --git a/helm/values-uat.yaml b/helm/values-uat.yaml index 4934f5f..78da8c7 100644 --- a/helm/values-uat.yaml +++ b/helm/values-uat.yaml @@ -33,8 +33,8 @@ microservice-chart: PDND_BASE_URL: https://auth.uat.interop.pagopa.it PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion - PAGOPA_PDND_CONFIGURATION_CLIENT_ID: 685e6542-8d1b-4837-a555-130e92c9dc6c - PAGOPA_PDND_CONFIGURATION_KID: y80rvmuzGPyfMw0n6v5K-yWsyUVYXiICG2zzNPAJg64 + PDND_SERVICE_CLIENTID: 685e6542-8d1b-4837-a555-130e92c9dc6c + PDND_SERVICE_KID: y80rvmuzGPyfMw0n6v5K-yWsyUVYXiICG2zzNPAJg64 ANPR_PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee ANPR_PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 diff --git a/helm/values.yaml b/helm/values.yaml index 3b518ed..c1373c1 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -65,8 +65,8 @@ microservice-chart: envSecret: APPLICATIONINSIGHTS_CONNECTION_STRING: appinsights-connection-string - PDND_PRIVATE_KEY: piattaforma-unitaria-interop-priv - PDND_PUBLIC_KEY: piattaforma-unitaria-interop-pub + PDND_SERVICE_PRIVATEKEY: piattaforma-unitaria-interop-priv + PDND_SERVICE_PUBLICKEY: piattaforma-unitaria-interop-pub # nodeSelector: {} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java index c1a795e..bda6212 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java @@ -1,6 +1,7 @@ package it.gov.pagopa.payhub.pdnd.config; import java.time.Duration; +import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.autoconfigure.web.client.RestTemplateBuilderConfigurer; import org.springframework.boot.web.client.RestTemplateBuilder; import org.springframework.context.annotation.Bean; @@ -8,10 +9,20 @@ @Configuration(proxyBeanMethods = false) public class RestTemplateConfig { - @Bean - public RestTemplateBuilder restTemplateBuilder(RestTemplateBuilderConfigurer configurer) { + private final int connectTimeoutMillis; + private final int readTimeoutHandlerMillis; + + public RestTemplateConfig( + @Value("${app.web-client.connect.timeout.millis}") int connectTimeoutMillis, + @Value("${app.web-client.read.timeout.millis}") int readTimeoutHandlerMillis) { + this.connectTimeoutMillis = connectTimeoutMillis; + this.readTimeoutHandlerMillis = readTimeoutHandlerMillis; + } + + @Bean + public RestTemplateBuilder restTemplateBuilder(RestTemplateBuilderConfigurer configurer) { return configurer.configure(new RestTemplateBuilder()) - .setConnectTimeout(Duration.ofSeconds(120)) - .setReadTimeout(Duration.ofSeconds(120)); - } + .setConnectTimeout(Duration.ofMillis(connectTimeoutMillis)) + .setReadTimeout(Duration.ofMillis(readTimeoutHandlerMillis)); + } } diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndBaseServiceIntegratedConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndBaseServiceIntegratedConfig.java deleted file mode 100644 index fdb4af2..0000000 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndBaseServiceIntegratedConfig.java +++ /dev/null @@ -1,15 +0,0 @@ -package it.gov.pagopa.payhub.pdnd.config.pdnd; - -import lombok.AllArgsConstructor; -import lombok.Data; -import lombok.NoArgsConstructor; - -@Data -@AllArgsConstructor -@NoArgsConstructor -public abstract class PdndBaseServiceIntegratedConfig { - private String clientId; - private String kid; - private String privateKey; - private String publicKey; -} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndServiceIntegrationConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndServiceIntegrationConfig.java index 402073c..a4ed43b 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndServiceIntegrationConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndServiceIntegrationConfig.java @@ -4,9 +4,14 @@ import lombok.Data; import lombok.NoArgsConstructor; + @Data @AllArgsConstructor @NoArgsConstructor public abstract class PdndServiceIntegrationConfig { + private String clientId; + private String kid; private String purposeId; + private String privateKey; + private String publicKey; } diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC003ServiceConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC003ServiceConfig.java index 10648d5..b138e51 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC003ServiceConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC003ServiceConfig.java @@ -5,7 +5,7 @@ import org.springframework.context.annotation.Configuration; @Configuration -@ConfigurationProperties(prefix = "app.pdnd.anpr.service-c003.config") +@ConfigurationProperties(prefix = "app.pdnd.anpr.services.c003") public class AnprC003ServiceConfig extends PdndServiceIntegrationConfig { } diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC030ServiceConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC030ServiceConfig.java index 1186ca1..74adf8e 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC030ServiceConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC030ServiceConfig.java @@ -5,7 +5,7 @@ import org.springframework.context.annotation.Configuration; @Configuration -@ConfigurationProperties(prefix = "app.pdnd.anpr.service-c030.config") +@ConfigurationProperties(prefix = "app.pdnd.anpr.services.c030") public class AnprC030ServiceConfig extends PdndServiceIntegrationConfig { } diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprConfig.java deleted file mode 100644 index 322193e..0000000 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprConfig.java +++ /dev/null @@ -1,10 +0,0 @@ -package it.gov.pagopa.payhub.pdnd.config.pdnd.anpr; - -import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndBaseServiceIntegratedConfig; -import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.context.annotation.Configuration; - -@Configuration -@ConfigurationProperties(prefix = "app.pdnd.anpr.config") -public class AnprConfig extends PdndBaseServiceIntegratedConfig { -} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java index 4b4d9d8..715ec07 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java @@ -9,7 +9,6 @@ import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.SignedJWT; import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndConfig; -import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndBaseServiceIntegratedConfig; import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; import it.gov.pagopa.payhub.pdnd.utils.CertUtils; import java.io.IOException; @@ -23,20 +22,17 @@ public class PdndClientAssertionBuilderService { private final PdndConfig pdndConfig; - private final PdndBaseServiceIntegratedConfig pdndBaseServiceIntegratedConfig; - public PdndClientAssertionBuilderService(PdndConfig pdndConfig, - PdndBaseServiceIntegratedConfig pdndBaseServiceIntegratedConfig) { + public PdndClientAssertionBuilderService(PdndConfig pdndConfig) { this.pdndConfig = pdndConfig; - this.pdndBaseServiceIntegratedConfig = pdndBaseServiceIntegratedConfig; } - public String buildPdndClientAssertion(PdndBaseServiceIntegratedConfig pdndBaseServiceIntegratedConfig, - PdndServiceIntegrationConfig pdndServiceIntegrationConfig) - throws InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { - JWTClaimsSet claims = buildPdndClientAssertionClaims(pdndBaseServiceIntegratedConfig.getClientId(), - pdndServiceIntegrationConfig.getPurposeId()); - return signPdndJWT(pdndBaseServiceIntegratedConfig.getKid(), claims); + public String buildPdndClientAssertion(PdndServiceIntegrationConfig pdndServiceIntegrationConfig) { + try { + return buildAndSignPdndJWT(pdndServiceIntegrationConfig); + } catch (InvalidKeySpecException | NoSuchAlgorithmException | IOException | JOSEException e) { + throw new IllegalStateException("Error building PDND client assertion", e); + } } private JWTClaimsSet buildPdndClientAssertionClaims(String clientId, String purposeId) { @@ -52,13 +48,15 @@ private JWTClaimsSet buildPdndClientAssertionClaims(String clientId, String purp .build(); } - private String signPdndJWT(String kid, JWTClaimsSet claims) + private String buildAndSignPdndJWT(PdndServiceIntegrationConfig pdndServiceIntegrationConfig) throws InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { - JWSSigner signer = new RSASSASigner(CertUtils.pemKey2PrivateKey(pdndBaseServiceIntegratedConfig.getPrivateKey())); + JWTClaimsSet claims = buildPdndClientAssertionClaims(pdndServiceIntegrationConfig.getClientId(), + pdndServiceIntegrationConfig.getPurposeId()); + JWSSigner signer = new RSASSASigner(CertUtils.pemKey2PrivateKey(pdndServiceIntegrationConfig.getPrivateKey())); SignedJWT signedJWT = new SignedJWT( new JWSHeader.Builder(JWSAlgorithm.RS256) .type(JOSEObjectType.JWT) - .keyID(kid) + .keyID(pdndServiceIntegrationConfig.getKid()) .build(), claims ); diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/exception/custom/JwtClaimBuildException.java b/src/main/java/it/gov/pagopa/payhub/pdnd/exception/custom/JwtClaimBuildException.java deleted file mode 100644 index de28a98..0000000 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/exception/custom/JwtClaimBuildException.java +++ /dev/null @@ -1,7 +0,0 @@ -package it.gov.pagopa.payhub.pdnd.exception.custom; - -public class JwtClaimBuildException extends RuntimeException { - public JwtClaimBuildException(String message, Throwable cause) { - super(message, cause); - } -} diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java index 9634f40..35eb361 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java @@ -1,15 +1,9 @@ package it.gov.pagopa.payhub.pdnd.service; -import com.nimbusds.jose.JOSEException; import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; -import it.gov.pagopa.payhub.pdnd.exception.custom.JwtClaimBuildException; -import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndBaseServiceIntegratedConfig; import it.gov.pagopa.payhub.pdnd.utils.JWTUtils; -import java.io.IOException; -import java.security.NoSuchAlgorithmException; -import java.security.spec.InvalidKeySpecException; import java.util.concurrent.ConcurrentHashMap; import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Service; @@ -28,20 +22,15 @@ public PdndService(PdndClientImpl pdndClientImpl, this.pdndClientAssertionBuilderService = pdndClientAssertionBuilderService; } - public String generateToken(PdndBaseServiceIntegratedConfig pdndBaseServiceIntegratedConfig, - PdndServiceIntegrationConfig pdndServiceIntegrationConfig) { + public String generateToken(PdndServiceIntegrationConfig pdndServiceIntegrationConfig) { return jwtCache.compute(pdndServiceIntegrationConfig, (key, existingJwt) -> { - log.debug("Check cache for token exists and not expired for {}", pdndBaseServiceIntegratedConfig.getClass().getName()); + log.debug("Check cache for token exists and not expired for {}", pdndServiceIntegrationConfig.getClass().getName()); if(existingJwt == null || JWTUtils.isJWTExpired(existingJwt)) { - try { - log.debug("Token for {} not present or expired, generate new one", pdndBaseServiceIntegratedConfig.getClass().getName()); - String clientAssertion = pdndClientAssertionBuilderService.buildPdndClientAssertion(pdndBaseServiceIntegratedConfig, key); - return pdndClientImpl.getAccessToken(pdndBaseServiceIntegratedConfig.getClientId(), clientAssertion).getAccessToken(); - } catch (InvalidKeySpecException | NoSuchAlgorithmException | IOException | JOSEException e) { - throw new JwtClaimBuildException("Error building JWT claims", e); - } + log.debug("Token for {} not present or expired, generate new one", pdndServiceIntegrationConfig.getClass().getName()); + String clientAssertion = pdndClientAssertionBuilderService.buildPdndClientAssertion(key); + return pdndClientImpl.getAccessToken(pdndServiceIntegrationConfig.getClientId(), clientAssertion).getAccessToken(); } - log.debug("Token for {} is present in cache", pdndBaseServiceIntegratedConfig.getClass().getName()); + log.debug("Token for {} is present in cache", pdndServiceIntegrationConfig.getClass().getName()); return existingJwt; }); } diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 371627d..cfbf5e7 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -21,14 +21,19 @@ app: config: audience: "\${PDND_ACCESS_TOKEN_AUDIENCE:auth.uat.interop.pagopa.it/client-assertion}" anpr: - config: - client-id: "\${PAGOPA_PDND_CONFIGURATION_CLIENT_ID:890b7ca9-b402-4dce-9e8d-9a333d22d76d}" - kid: "\${PAGOPA_PDND_CONFIGURATION_KID:jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8}" - privateKey: "\${PDND_PRIVATE_KEY:}" - publicKey: "\${PDND_PUBLIC_KEY:}" - service-c003: - config: - purpose-id: "\${ANPR_PDND_CONFIGURATION_C003_PURPOSE_ID:87520bd5-207a-4616-85d9-10d7bb3e88b8}" - service-c030: - config: - purpose-id: "\${ANPR_PDND_CONFIGURATION_C030_PURPOSE_ID:87520bd5-207a-4616-85d9-10d7bb3e88b8}" \ No newline at end of file + services: + c003: + client-id: "\${PDND_SERVICE_ANPR_C003_CLIENTID:\${PDND_SERVICE_ANPR_CLIENTID:\${PDND_SERVICE_CLIENTID:clientid}}}" + kid: "\${PDND_SERVICE_ANPR_C003_KID:\${PDND_SERVICE_ANPR_KID:\${PDND_SERVICE_KID:kid}}}" + purpose-id: "\${ANPR_PDND_CONFIGURATION_C003_PURPOSE_ID:c003purposeid}" + privateKey: "\${PDND_SERVICE_ANPR_C003_PRIVATEKEY:\${PDND_SERVICE_ANPR_PRIVATEKEY:\${PDND_SERVICE_PRIVATEKEY:}}}" + publicKey: "\${PDND_SERVICE_ANPR_C003_PUBLICKEY:\${PDND_SERVICE_ANPR_PUBLICKEY:\${PDND_SERVICE_PUBLICKEY:}}}" + c030: + client-id: "\${PDND_SERVICE_ANPR_C030_CLIENTID:\${PDND_SERVICE_ANPR_CLIENTID:\${PDND_SERVICE_CLIENTID:clientid}}}" + kid: "\${PDND_SERVICE_ANPR_C030_KID:\${PDND_SERVICE_ANPR_KID:\${PDND_SERVICE_KID:kid}}}" + purpose-id: "\${ANPR_PDND_CONFIGURATION_C030_PURPOSE_ID:c030purposeid}" + privateKey: "\${PDND_SERVICE_ANPR_C030_PRIVATEKEY:\${PDND_SERVICE_ANPR_PRIVATEKEY:\${PDND_SERVICE_PRIVATEKEY:}}}" + publicKey: "\${PDND_SERVICE_ANPR_C030_PUBLICKEY:\${PDND_SERVICE_ANPR_PUBLICKEY:\${PDND_SERVICE_PUBLICKEY:}}}" + web-client: + connect.timeout.millis: "\${CONNECT_TIMEOUT_MILLIS:120000}" + read.timeout.millis: "\${READ_TIMEOUT_MILLIS:120000}" \ No newline at end of file diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java index 36502c9..279e6d4 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java @@ -3,7 +3,6 @@ import static org.junit.jupiter.api.Assertions.*; import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndConfig; -import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndBaseServiceIntegratedConfig; import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; @@ -19,9 +18,6 @@ class PdndClientAssertionBuilderServiceTest { @Mock private PdndConfig pdndConfig; - @Mock - private PdndBaseServiceIntegratedConfig pdndBaseServiceIntegratedConfig; - @Mock private PdndServiceIntegrationConfig pdndServiceIntegrationConfig; @@ -63,15 +59,13 @@ class PdndClientAssertionBuilderServiceTest { void givenValidPDNDConfigWhenBuildPdndClientAssertionThenVerifyToken() throws Exception { // Given Mockito.when(pdndConfig.getAudience()).thenReturn("AUDIENCE"); - Mockito.when(pdndBaseServiceIntegratedConfig.getClientId()).thenReturn("CLIENTID"); - Mockito.when(pdndBaseServiceIntegratedConfig.getKid()).thenReturn("KID"); - Mockito.when(pdndBaseServiceIntegratedConfig.getPrivateKey()).thenReturn(pemKey); + Mockito.when(pdndServiceIntegrationConfig.getClientId()).thenReturn("CLIENTID"); + Mockito.when(pdndServiceIntegrationConfig.getKid()).thenReturn("KID"); + Mockito.when(pdndServiceIntegrationConfig.getPrivateKey()).thenReturn(pemKey); Mockito.when(pdndServiceIntegrationConfig.getPurposeId()).thenReturn("PURPOSEID"); // When - String token = pdndClientAssertionBuilderService.buildPdndClientAssertion( - pdndBaseServiceIntegratedConfig, - pdndServiceIntegrationConfig); + String token = pdndClientAssertionBuilderService.buildPdndClientAssertion(pdndServiceIntegrationConfig); // Then assertNotNull(token); diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java index c1c9851..72125f3 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java @@ -6,8 +6,6 @@ import it.gov.pagopa.payhub.pdnd.connector.pdnd.generated.dto.ClientCredentialsResponseDTO; import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; -import it.gov.pagopa.payhub.pdnd.exception.custom.JwtClaimBuildException; -import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndBaseServiceIntegratedConfig; import it.gov.pagopa.payhub.pdnd.utils.JWTUtils; import java.security.spec.InvalidKeySpecException; import org.junit.jupiter.api.BeforeEach; @@ -37,30 +35,28 @@ void setUp() { @Test void givenValidConfigWhenGenerateTokenThenGeneratesNewToken() throws Exception { // Given - PdndBaseServiceIntegratedConfig config = Mockito.mock(PdndBaseServiceIntegratedConfig.class); PdndServiceIntegrationConfig serviceConfig = Mockito.mock(PdndServiceIntegrationConfig.class); String clientId = "CLIENTID"; String clientAssertion = "ASSERTION"; ClientCredentialsResponseDTO newAccessToken = new ClientCredentialsResponseDTO(); // When - Mockito.when(config.getClientId()).thenReturn(clientId); - Mockito.when(pdndClientAssertionBuilderService.buildPdndClientAssertion(config, serviceConfig)).thenReturn(clientAssertion); + Mockito.when(serviceConfig.getClientId()).thenReturn(clientId); + Mockito.when(pdndClientAssertionBuilderService.buildPdndClientAssertion(serviceConfig)).thenReturn(clientAssertion); Mockito.when(pdndClientImpl.getAccessToken(clientId, clientAssertion)) .thenReturn(newAccessToken); - String token = pdndService.generateToken(config, serviceConfig); + String token = pdndService.generateToken(serviceConfig); // Then assertEquals(newAccessToken.getAccessToken(), token); - Mockito.verify(pdndClientAssertionBuilderService, Mockito.times(1)).buildPdndClientAssertion(config,serviceConfig); + Mockito.verify(pdndClientAssertionBuilderService, Mockito.times(1)).buildPdndClientAssertion(serviceConfig); Mockito.verify(pdndClientImpl, Mockito.times(1)).getAccessToken(clientId, clientAssertion); } @Test void givenTokenInCacheWhenGenerateTokenThenReturnCachedToken() { // Given - PdndBaseServiceIntegratedConfig config = Mockito.mock(PdndBaseServiceIntegratedConfig.class); PdndServiceIntegrationConfig serviceConfig = Mockito.mock(PdndServiceIntegrationConfig.class); String cachedToken = "CACHED_TOKEN"; pdndService.jwtCache.put(serviceConfig, cachedToken); @@ -68,29 +64,11 @@ void givenTokenInCacheWhenGenerateTokenThenReturnCachedToken() { try (MockedStatic mockedStatic = Mockito.mockStatic(JWTUtils.class)) { // When mockedStatic.when(() -> JWTUtils.isJWTExpired(cachedToken)).thenReturn(false); - String token = pdndService.generateToken(config, serviceConfig); + String token = pdndService.generateToken(serviceConfig); // Then assertEquals(cachedToken, token); } } - @Test - void givenInvalidAssertionWhenGenerateTokenThenException() throws Exception { - // Given - PdndBaseServiceIntegratedConfig config = Mockito.mock(PdndBaseServiceIntegratedConfig.class); - PdndServiceIntegrationConfig serviceConfig = Mockito.mock(PdndServiceIntegrationConfig.class); - // When - Mockito.when(pdndClientAssertionBuilderService.buildPdndClientAssertion(config, serviceConfig)) - .thenThrow(new InvalidKeySpecException("Key spec error")); - - // Then - JwtClaimBuildException exception = assertThrows(JwtClaimBuildException.class, () -> { - pdndService.generateToken(config, serviceConfig); - }); - - assertEquals("Error building JWT claims", exception.getMessage()); - assertInstanceOf(InvalidKeySpecException.class, exception.getCause()); - } - } \ No newline at end of file From 78dd6189cc8bc0c5cde7ec070b54a1bb5cc02a58 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Tue, 26 Nov 2024 18:31:39 +0100 Subject: [PATCH 31/36] P4ADEV-1341 upgrade jdk version --- build.gradle.kts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle.kts b/build.gradle.kts index b550883..5560314 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -14,7 +14,7 @@ description = "p4pa-pdnd-services" java { toolchain { - languageVersion = JavaLanguageVersion.of(17) + languageVersion = JavaLanguageVersion.of(21) } } From c30e1dcbb3845d842acc88719508a0b56f4291c8 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Tue, 26 Nov 2024 20:56:18 +0100 Subject: [PATCH 32/36] P4ADEV-1341 resolve isseus --- .../pdnd/service/PdndClientAssertionBuilderServiceTest.java | 6 +++++- .../it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java | 3 +-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java index 279e6d4..7f48a84 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java @@ -4,6 +4,7 @@ import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndConfig; import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; +import java.security.spec.InvalidKeySpecException; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.InjectMocks; @@ -21,6 +22,9 @@ class PdndClientAssertionBuilderServiceTest { @Mock private PdndServiceIntegrationConfig pdndServiceIntegrationConfig; + @Mock + private PdndClientAssertionBuilderService pdndClientAssertionBuilderServiceMock; + @InjectMocks private PdndClientAssertionBuilderService pdndClientAssertionBuilderService; @@ -56,7 +60,7 @@ class PdndClientAssertionBuilderServiceTest { """; @Test - void givenValidPDNDConfigWhenBuildPdndClientAssertionThenVerifyToken() throws Exception { + void givenValidPDNDConfigWhenBuildPdndClientAssertionThenVerifyToken() { // Given Mockito.when(pdndConfig.getAudience()).thenReturn("AUDIENCE"); Mockito.when(pdndServiceIntegrationConfig.getClientId()).thenReturn("CLIENTID"); diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java index 72125f3..8b5d29d 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java @@ -7,7 +7,6 @@ import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; import it.gov.pagopa.payhub.pdnd.utils.JWTUtils; -import java.security.spec.InvalidKeySpecException; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; @@ -33,7 +32,7 @@ void setUp() { } @Test - void givenValidConfigWhenGenerateTokenThenGeneratesNewToken() throws Exception { + void givenValidConfigWhenGenerateTokenThenGeneratesNewToken() { // Given PdndServiceIntegrationConfig serviceConfig = Mockito.mock(PdndServiceIntegrationConfig.class); String clientId = "CLIENTID"; From 5f328f60ec24a1128d7bf4128be40e552b854660 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Wed, 27 Nov 2024 08:52:34 +0100 Subject: [PATCH 33/36] P4ADEV-1341 - fix issues --- .../pdnd/service/PdndClientAssertionBuilderServiceTest.java | 1 - 1 file changed, 1 deletion(-) diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java index 7f48a84..deb1934 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java @@ -4,7 +4,6 @@ import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndConfig; import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; -import java.security.spec.InvalidKeySpecException; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.InjectMocks; From 7dfdc6163f7202ac9cdd8d6e4d968ebbd7f00e77 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Wed, 27 Nov 2024 09:33:10 +0100 Subject: [PATCH 34/36] P4ADEV-1341 rename class --- ...fig.java => PdndServiceIntegratedConfig.java} | 2 +- .../config/pdnd/anpr/AnprC003ServiceConfig.java | 4 ++-- .../config/pdnd/anpr/AnprC030ServiceConfig.java | 4 ++-- .../PdndClientAssertionBuilderService.java | 16 ++++++++-------- .../pagopa/payhub/pdnd/service/PdndService.java | 16 ++++++++-------- .../PdndClientAssertionBuilderServiceTest.java | 15 ++++++++------- .../payhub/pdnd/service/PdndServiceTest.java | 6 +++--- 7 files changed, 32 insertions(+), 31 deletions(-) rename src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/{PdndServiceIntegrationConfig.java => PdndServiceIntegratedConfig.java} (85%) diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndServiceIntegrationConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndServiceIntegratedConfig.java similarity index 85% rename from src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndServiceIntegrationConfig.java rename to src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndServiceIntegratedConfig.java index a4ed43b..db040ff 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndServiceIntegrationConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/PdndServiceIntegratedConfig.java @@ -8,7 +8,7 @@ @Data @AllArgsConstructor @NoArgsConstructor -public abstract class PdndServiceIntegrationConfig { +public abstract class PdndServiceIntegratedConfig { private String clientId; private String kid; private String purposeId; diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC003ServiceConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC003ServiceConfig.java index b138e51..9013207 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC003ServiceConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC003ServiceConfig.java @@ -1,11 +1,11 @@ package it.gov.pagopa.payhub.pdnd.config.pdnd.anpr; -import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegratedConfig; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.annotation.Configuration; @Configuration @ConfigurationProperties(prefix = "app.pdnd.anpr.services.c003") -public class AnprC003ServiceConfig extends PdndServiceIntegrationConfig { +public class AnprC003ServiceConfig extends PdndServiceIntegratedConfig { } diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC030ServiceConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC030ServiceConfig.java index 74adf8e..962660b 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC030ServiceConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/pdnd/anpr/AnprC030ServiceConfig.java @@ -1,11 +1,11 @@ package it.gov.pagopa.payhub.pdnd.config.pdnd.anpr; -import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegratedConfig; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.annotation.Configuration; @Configuration @ConfigurationProperties(prefix = "app.pdnd.anpr.services.c030") -public class AnprC030ServiceConfig extends PdndServiceIntegrationConfig { +public class AnprC030ServiceConfig extends PdndServiceIntegratedConfig { } diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java index 715ec07..d5bbda9 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderService.java @@ -9,7 +9,7 @@ import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.SignedJWT; import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndConfig; -import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegratedConfig; import it.gov.pagopa.payhub.pdnd.utils.CertUtils; import java.io.IOException; import java.security.NoSuchAlgorithmException; @@ -27,9 +27,9 @@ public PdndClientAssertionBuilderService(PdndConfig pdndConfig) { this.pdndConfig = pdndConfig; } - public String buildPdndClientAssertion(PdndServiceIntegrationConfig pdndServiceIntegrationConfig) { + public String buildPdndClientAssertion(PdndServiceIntegratedConfig pdndServiceIntegratedConfig) { try { - return buildAndSignPdndJWT(pdndServiceIntegrationConfig); + return buildAndSignPdndJWT(pdndServiceIntegratedConfig); } catch (InvalidKeySpecException | NoSuchAlgorithmException | IOException | JOSEException e) { throw new IllegalStateException("Error building PDND client assertion", e); } @@ -48,15 +48,15 @@ private JWTClaimsSet buildPdndClientAssertionClaims(String clientId, String purp .build(); } - private String buildAndSignPdndJWT(PdndServiceIntegrationConfig pdndServiceIntegrationConfig) + private String buildAndSignPdndJWT(PdndServiceIntegratedConfig pdndServiceIntegratedConfig) throws InvalidKeySpecException, NoSuchAlgorithmException, IOException, JOSEException { - JWTClaimsSet claims = buildPdndClientAssertionClaims(pdndServiceIntegrationConfig.getClientId(), - pdndServiceIntegrationConfig.getPurposeId()); - JWSSigner signer = new RSASSASigner(CertUtils.pemKey2PrivateKey(pdndServiceIntegrationConfig.getPrivateKey())); + JWTClaimsSet claims = buildPdndClientAssertionClaims(pdndServiceIntegratedConfig.getClientId(), + pdndServiceIntegratedConfig.getPurposeId()); + JWSSigner signer = new RSASSASigner(CertUtils.pemKey2PrivateKey(pdndServiceIntegratedConfig.getPrivateKey())); SignedJWT signedJWT = new SignedJWT( new JWSHeader.Builder(JWSAlgorithm.RS256) .type(JOSEObjectType.JWT) - .keyID(pdndServiceIntegrationConfig.getKid()) + .keyID(pdndServiceIntegratedConfig.getKid()) .build(), claims ); diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java index 35eb361..f91787c 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/service/PdndService.java @@ -1,6 +1,6 @@ package it.gov.pagopa.payhub.pdnd.service; -import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegratedConfig; import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; import it.gov.pagopa.payhub.pdnd.utils.JWTUtils; @@ -14,7 +14,7 @@ public class PdndService { private final PdndClientImpl pdndClientImpl; private final PdndClientAssertionBuilderService pdndClientAssertionBuilderService; - protected final ConcurrentHashMap jwtCache = new ConcurrentHashMap<>(); + protected final ConcurrentHashMap jwtCache = new ConcurrentHashMap<>(); public PdndService(PdndClientImpl pdndClientImpl, PdndClientAssertionBuilderService pdndClientAssertionBuilderService) { @@ -22,15 +22,15 @@ public PdndService(PdndClientImpl pdndClientImpl, this.pdndClientAssertionBuilderService = pdndClientAssertionBuilderService; } - public String generateToken(PdndServiceIntegrationConfig pdndServiceIntegrationConfig) { - return jwtCache.compute(pdndServiceIntegrationConfig, (key, existingJwt) -> { - log.debug("Check cache for token exists and not expired for {}", pdndServiceIntegrationConfig.getClass().getName()); + public String generateToken(PdndServiceIntegratedConfig pdndServiceIntegratedConfig) { + return jwtCache.compute(pdndServiceIntegratedConfig, (key, existingJwt) -> { + log.debug("Check cache for token exists and not expired for {}", pdndServiceIntegratedConfig.getClass().getName()); if(existingJwt == null || JWTUtils.isJWTExpired(existingJwt)) { - log.debug("Token for {} not present or expired, generate new one", pdndServiceIntegrationConfig.getClass().getName()); + log.debug("Token for {} not present or expired, generate new one", pdndServiceIntegratedConfig.getClass().getName()); String clientAssertion = pdndClientAssertionBuilderService.buildPdndClientAssertion(key); - return pdndClientImpl.getAccessToken(pdndServiceIntegrationConfig.getClientId(), clientAssertion).getAccessToken(); + return pdndClientImpl.getAccessToken(pdndServiceIntegratedConfig.getClientId(), clientAssertion).getAccessToken(); } - log.debug("Token for {} is present in cache", pdndServiceIntegrationConfig.getClass().getName()); + log.debug("Token for {} is present in cache", pdndServiceIntegratedConfig.getClass().getName()); return existingJwt; }); } diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java index deb1934..21aa6c0 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/connector/pdnd/service/PdndClientAssertionBuilderServiceTest.java @@ -3,7 +3,7 @@ import static org.junit.jupiter.api.Assertions.*; import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndConfig; -import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegratedConfig; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.InjectMocks; @@ -19,7 +19,7 @@ class PdndClientAssertionBuilderServiceTest { private PdndConfig pdndConfig; @Mock - private PdndServiceIntegrationConfig pdndServiceIntegrationConfig; + private PdndServiceIntegratedConfig pdndServiceIntegratedConfig; @Mock private PdndClientAssertionBuilderService pdndClientAssertionBuilderServiceMock; @@ -62,13 +62,14 @@ class PdndClientAssertionBuilderServiceTest { void givenValidPDNDConfigWhenBuildPdndClientAssertionThenVerifyToken() { // Given Mockito.when(pdndConfig.getAudience()).thenReturn("AUDIENCE"); - Mockito.when(pdndServiceIntegrationConfig.getClientId()).thenReturn("CLIENTID"); - Mockito.when(pdndServiceIntegrationConfig.getKid()).thenReturn("KID"); - Mockito.when(pdndServiceIntegrationConfig.getPrivateKey()).thenReturn(pemKey); - Mockito.when(pdndServiceIntegrationConfig.getPurposeId()).thenReturn("PURPOSEID"); + Mockito.when(pdndServiceIntegratedConfig.getClientId()).thenReturn("CLIENTID"); + Mockito.when(pdndServiceIntegratedConfig.getKid()).thenReturn("KID"); + Mockito.when(pdndServiceIntegratedConfig.getPrivateKey()).thenReturn(pemKey); + Mockito.when(pdndServiceIntegratedConfig.getPurposeId()).thenReturn("PURPOSEID"); // When - String token = pdndClientAssertionBuilderService.buildPdndClientAssertion(pdndServiceIntegrationConfig); + String token = pdndClientAssertionBuilderService.buildPdndClientAssertion( + pdndServiceIntegratedConfig); // Then assertNotNull(token); diff --git a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java index 8b5d29d..a659125 100644 --- a/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/pdnd/service/PdndServiceTest.java @@ -2,7 +2,7 @@ import static org.junit.jupiter.api.Assertions.*; -import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegrationConfig; +import it.gov.pagopa.payhub.pdnd.config.pdnd.PdndServiceIntegratedConfig; import it.gov.pagopa.payhub.pdnd.connector.pdnd.generated.dto.ClientCredentialsResponseDTO; import it.gov.pagopa.payhub.pdnd.connector.pdnd.client.PdndClientImpl; import it.gov.pagopa.payhub.pdnd.connector.pdnd.service.PdndClientAssertionBuilderService; @@ -34,7 +34,7 @@ void setUp() { @Test void givenValidConfigWhenGenerateTokenThenGeneratesNewToken() { // Given - PdndServiceIntegrationConfig serviceConfig = Mockito.mock(PdndServiceIntegrationConfig.class); + PdndServiceIntegratedConfig serviceConfig = Mockito.mock(PdndServiceIntegratedConfig.class); String clientId = "CLIENTID"; String clientAssertion = "ASSERTION"; ClientCredentialsResponseDTO newAccessToken = new ClientCredentialsResponseDTO(); @@ -56,7 +56,7 @@ void givenValidConfigWhenGenerateTokenThenGeneratesNewToken() { @Test void givenTokenInCacheWhenGenerateTokenThenReturnCachedToken() { // Given - PdndServiceIntegrationConfig serviceConfig = Mockito.mock(PdndServiceIntegrationConfig.class); + PdndServiceIntegratedConfig serviceConfig = Mockito.mock(PdndServiceIntegratedConfig.class); String cachedToken = "CACHED_TOKEN"; pdndService.jwtCache.put(serviceConfig, cachedToken); From c5127afafdfe76d79c0ec596f7fc81c1fa28e063 Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Wed, 27 Nov 2024 10:23:56 +0100 Subject: [PATCH 35/36] P4ADEV-1341 fix --- Dockerfile | 4 ++-- helm/values-dev.yaml | 4 ++-- helm/values-prod.yaml | 4 ++-- helm/values-uat.yaml | 4 ++-- .../gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java | 4 ++-- src/main/resources/application.yml | 6 +++--- 6 files changed, 13 insertions(+), 13 deletions(-) diff --git a/Dockerfile b/Dockerfile index 9cd5fc8..ca67189 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,8 +3,8 @@ # # 🎯 Version Management # -ARG CORRETTO_VERSION="21-alpine3.17" -ARG CORRETTO_SHA="6ed399441760d860717318db95fc50846bd0173145ec728733e69b782ead78e4" +ARG CORRETTO_VERSION="21-alpine3.20" +ARG CORRETTO_SHA="8b16834e7fabfc62d4c8faa22de5df97f99627f148058d52718054aaa4ea3674" ARG GRADLE_VERSION="8.10.2" ARG GRADLE_DOWNLOAD_SHA256="31c55713e40233a8303827ceb42ca48a47267a0ad4bab9177123121e71524c26" ARG APPINSIGHTS_VERSION="3.5.2" diff --git a/helm/values-dev.yaml b/helm/values-dev.yaml index 9accd1c..5b8d2f9 100644 --- a/helm/values-dev.yaml +++ b/helm/values-dev.yaml @@ -35,8 +35,8 @@ microservice-chart: PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion PDND_SERVICE_CLIENTID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d PDND_SERVICE_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 - ANPR_PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee - ANPR_PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 + PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee + PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 keyvault: name: "p4pa-d-payhub-kv" diff --git a/helm/values-prod.yaml b/helm/values-prod.yaml index 3d49fb1..4e5b99c 100644 --- a/helm/values-prod.yaml +++ b/helm/values-prod.yaml @@ -36,8 +36,8 @@ microservice-chart: PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion PDND_SERVICE_CLIENTID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d PDND_SERVICE_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 - ANPR_PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee - ANPR_PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 + PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee + PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 keyvault: name: "p4pa-p-payhub-kv" diff --git a/helm/values-uat.yaml b/helm/values-uat.yaml index 78da8c7..be95f71 100644 --- a/helm/values-uat.yaml +++ b/helm/values-uat.yaml @@ -35,8 +35,8 @@ microservice-chart: PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion PDND_SERVICE_CLIENTID: 685e6542-8d1b-4837-a555-130e92c9dc6c PDND_SERVICE_KID: y80rvmuzGPyfMw0n6v5K-yWsyUVYXiICG2zzNPAJg64 - ANPR_PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee - ANPR_PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 + PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee + PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 keyvault: name: "p4pa-u-payhub-kv" diff --git a/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java b/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java index bda6212..984f7fc 100644 --- a/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java +++ b/src/main/java/it/gov/pagopa/payhub/pdnd/config/RestTemplateConfig.java @@ -13,8 +13,8 @@ public class RestTemplateConfig { private final int readTimeoutHandlerMillis; public RestTemplateConfig( - @Value("${app.web-client.connect.timeout.millis}") int connectTimeoutMillis, - @Value("${app.web-client.read.timeout.millis}") int readTimeoutHandlerMillis) { + @Value("${app.rest-client.connect.timeout.millis}") int connectTimeoutMillis, + @Value("${app.rest-client.read.timeout.millis}") int readTimeoutHandlerMillis) { this.connectTimeoutMillis = connectTimeoutMillis; this.readTimeoutHandlerMillis = readTimeoutHandlerMillis; } diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index cfbf5e7..2a8e56f 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -25,15 +25,15 @@ app: c003: client-id: "\${PDND_SERVICE_ANPR_C003_CLIENTID:\${PDND_SERVICE_ANPR_CLIENTID:\${PDND_SERVICE_CLIENTID:clientid}}}" kid: "\${PDND_SERVICE_ANPR_C003_KID:\${PDND_SERVICE_ANPR_KID:\${PDND_SERVICE_KID:kid}}}" - purpose-id: "\${ANPR_PDND_CONFIGURATION_C003_PURPOSE_ID:c003purposeid}" + purpose-id: "\${PDND_CONFIGURATION_C003_PURPOSE_ID:c003purposeid}" privateKey: "\${PDND_SERVICE_ANPR_C003_PRIVATEKEY:\${PDND_SERVICE_ANPR_PRIVATEKEY:\${PDND_SERVICE_PRIVATEKEY:}}}" publicKey: "\${PDND_SERVICE_ANPR_C003_PUBLICKEY:\${PDND_SERVICE_ANPR_PUBLICKEY:\${PDND_SERVICE_PUBLICKEY:}}}" c030: client-id: "\${PDND_SERVICE_ANPR_C030_CLIENTID:\${PDND_SERVICE_ANPR_CLIENTID:\${PDND_SERVICE_CLIENTID:clientid}}}" kid: "\${PDND_SERVICE_ANPR_C030_KID:\${PDND_SERVICE_ANPR_KID:\${PDND_SERVICE_KID:kid}}}" - purpose-id: "\${ANPR_PDND_CONFIGURATION_C030_PURPOSE_ID:c030purposeid}" + purpose-id: "\${PDND_CONFIGURATION_C030_PURPOSE_ID:c030purposeid}" privateKey: "\${PDND_SERVICE_ANPR_C030_PRIVATEKEY:\${PDND_SERVICE_ANPR_PRIVATEKEY:\${PDND_SERVICE_PRIVATEKEY:}}}" publicKey: "\${PDND_SERVICE_ANPR_C030_PUBLICKEY:\${PDND_SERVICE_ANPR_PUBLICKEY:\${PDND_SERVICE_PUBLICKEY:}}}" - web-client: + rest-client: connect.timeout.millis: "\${CONNECT_TIMEOUT_MILLIS:120000}" read.timeout.millis: "\${READ_TIMEOUT_MILLIS:120000}" \ No newline at end of file From 330684149ea377779b181c06e55084666f26b3ac Mon Sep 17 00:00:00 2001 From: antoniocalo Date: Wed, 27 Nov 2024 10:43:06 +0100 Subject: [PATCH 36/36] P4ADEV-1341 - rename ENV variable --- helm/values-dev.yaml | 4 ++-- helm/values-prod.yaml | 4 ++-- helm/values-uat.yaml | 4 ++-- src/main/resources/application.yml | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/helm/values-dev.yaml b/helm/values-dev.yaml index 5b8d2f9..30de24f 100644 --- a/helm/values-dev.yaml +++ b/helm/values-dev.yaml @@ -35,8 +35,8 @@ microservice-chart: PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion PDND_SERVICE_CLIENTID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d PDND_SERVICE_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 - PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee - PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 + PDND_SERVICE_ANPR_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee + PDND_SERVICE_ANPR_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 keyvault: name: "p4pa-d-payhub-kv" diff --git a/helm/values-prod.yaml b/helm/values-prod.yaml index 4e5b99c..957a939 100644 --- a/helm/values-prod.yaml +++ b/helm/values-prod.yaml @@ -36,8 +36,8 @@ microservice-chart: PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion PDND_SERVICE_CLIENTID: 890b7ca9-b402-4dce-9e8d-9a333d22d76d PDND_SERVICE_KID: jxOpPRxM6oFcnnKtICqeW5l7fbxLr45IAsJ8Q9s-fK8 - PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee - PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 + PDND_SERVICE_ANPR_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee + PDND_SERVICE_ANPR_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 keyvault: name: "p4pa-p-payhub-kv" diff --git a/helm/values-uat.yaml b/helm/values-uat.yaml index be95f71..a111d12 100644 --- a/helm/values-uat.yaml +++ b/helm/values-uat.yaml @@ -35,8 +35,8 @@ microservice-chart: PDND_ACCESS_TOKEN_AUDIENCE: auth.uat.interop.pagopa.it/client-assertion PDND_SERVICE_CLIENTID: 685e6542-8d1b-4837-a555-130e92c9dc6c PDND_SERVICE_KID: y80rvmuzGPyfMw0n6v5K-yWsyUVYXiICG2zzNPAJg64 - PDND_CONFIGURATION_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee - PDND_CONFIGURATION_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 + PDND_SERVICE_ANPR_C003_PURPOSE_ID: 5ba1f38f-6a91-4da4-8a42-4da1aa55bfee + PDND_SERVICE_ANPR_C030_PURPOSE_ID: 87520bd5-207a-4616-85d9-10d7bb3e88b8 keyvault: name: "p4pa-u-payhub-kv" diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 2a8e56f..7e82ace 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -25,13 +25,13 @@ app: c003: client-id: "\${PDND_SERVICE_ANPR_C003_CLIENTID:\${PDND_SERVICE_ANPR_CLIENTID:\${PDND_SERVICE_CLIENTID:clientid}}}" kid: "\${PDND_SERVICE_ANPR_C003_KID:\${PDND_SERVICE_ANPR_KID:\${PDND_SERVICE_KID:kid}}}" - purpose-id: "\${PDND_CONFIGURATION_C003_PURPOSE_ID:c003purposeid}" + purpose-id: "\${PDND_SERVICE_ANPR_C003_PURPOSE_ID:c003purposeid}" privateKey: "\${PDND_SERVICE_ANPR_C003_PRIVATEKEY:\${PDND_SERVICE_ANPR_PRIVATEKEY:\${PDND_SERVICE_PRIVATEKEY:}}}" publicKey: "\${PDND_SERVICE_ANPR_C003_PUBLICKEY:\${PDND_SERVICE_ANPR_PUBLICKEY:\${PDND_SERVICE_PUBLICKEY:}}}" c030: client-id: "\${PDND_SERVICE_ANPR_C030_CLIENTID:\${PDND_SERVICE_ANPR_CLIENTID:\${PDND_SERVICE_CLIENTID:clientid}}}" kid: "\${PDND_SERVICE_ANPR_C030_KID:\${PDND_SERVICE_ANPR_KID:\${PDND_SERVICE_KID:kid}}}" - purpose-id: "\${PDND_CONFIGURATION_C030_PURPOSE_ID:c030purposeid}" + purpose-id: "\${PDND_SERVICE_ANPR_C030_PURPOSE_ID:c030purposeid}" privateKey: "\${PDND_SERVICE_ANPR_C030_PRIVATEKEY:\${PDND_SERVICE_ANPR_PRIVATEKEY:\${PDND_SERVICE_PRIVATEKEY:}}}" publicKey: "\${PDND_SERVICE_ANPR_C030_PUBLICKEY:\${PDND_SERVICE_ANPR_PUBLICKEY:\${PDND_SERVICE_PUBLICKEY:}}}" rest-client: