Skip to content

Commit

Permalink
Merge pull request #122 from wultra/issues/merge-upstream
Browse files Browse the repository at this point in the history 
Merge upstream
  • Loading branch information
@banterCZ
banterCZ authored Nov 6, 2023
2 parents 807c901 + ea98655 commit 8b31658
Show file tree
Hide file tree
Showing 15 changed files with 264 additions and 102 deletions.
2 changes: 0 additions & 2 deletions docs-private/Developer-How-To-Start.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@

### Standalone Run

- Enable maven profile `standalone`
- Use IntelliJ Idea run configuration at `../.run/EnrollmentServerApplication.run.xml`
- Open [http://localhost:8081/enrollment-server/actuator/health](http://localhost:8081/enrollment-server/actuator/health) and you should get `{"status":"UP"}`

Expand Down Expand Up @@ -59,7 +58,6 @@ docker run -p 80:8080 -e ENROLLMENT_SERVER_DATASOURCE_URL='jdbc:postgresql://hos

### Standalone Run

- Enable maven profile `standalone`
- Use IntelliJ Idea run configuration at `../.run/EnrollmentServerOnboardingApplication.run.xml`
- Open [http://localhost:8083/enrollment-server-onboarding/actuator/health](http://localhost:8083/enrollment-server-onboarding/actuator/health) and you should get `{"status":"UP"}`

Expand Down
19 changes: 10 additions & 9 deletions docs/Mobile-Token-API.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,15 +75,16 @@ Mobile token API provides access to operations.

List of error codes in Mobile Token API:

| Code | Description | HTTP Status Code |
|---|---|---|
| `INVALID_REQUEST` | Invalid request sent - missing request object in request | 400 |
| `INVALID_ACTIVATION` | Activation is not valid (it is different from configured activation). Return this error in case the activation does not exist, or in case the activation is not allowed to perform the action (for example, user did not allow operation approvals on such device). | 400 |
| `POWERAUTH_AUTH_FAIL` | PowerAuth authentication failed | 401 |
| `OPERATION_ALREADY_FINISHED` | Operation is already finished | 400 |
| `OPERATION_ALREADY_FAILED` | Operation is already failed | 400 |
| `OPERATION_ALREADY_CANCELED` | Operation is already canceled | 400 |
| `OPERATION_EXPIRED` | Operation is expired | 400 |
| Code | Description | HTTP Status Code |
|------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------|
| `INVALID_REQUEST` | Invalid request sent - missing request object in request | 400 |
| `INVALID_ACTIVATION` | Activation is not valid (it is different from configured activation). Return this error in case the activation does not exist, or in case the activation is not allowed to perform the action (for example, user did not allow operation approvals on such device). | 400 |
| `POWERAUTH_AUTH_FAIL` | PowerAuth authentication failed | 401 |
| `OPERATION_ALREADY_FINISHED` | Operation is already finished | 400 |
| `OPERATION_ALREADY_FAILED` | Operation is already failed | 400 |
| `OPERATION_ALREADY_CANCELED` | Operation is already canceled | 400 |
| `OPERATION_EXPIRED` | Operation is expired | 400 |
| `OPERATION_FAILED` | PowerAuth server operation approval fails. | 401 |

## Localization

Expand Down
2 changes: 1 addition & 1 deletion docs/onboarding/Deploying-Wildfly.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ Enrollment Server contains the following configuration in `jboss-deployment-stru
<resources>
<!-- use WAR provided Bouncy Castle -->
<resource-root path="WEB-INF/lib/bcprov-jdk18on-1.72.jar" use-physical-code-source="true"/>
<resource-root path="WEB-INF/lib/bcprov-jdk18on-${BC_VERSION}.jar" use-physical-code-source="true"/>
</resources>
<dependencies>
Expand Down
41 changes: 25 additions & 16 deletions enrollment-server-onboarding/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -183,6 +183,18 @@
</goals>
</execution>
</executions>
<configuration>
<excludes>
<exclude>
<groupId>jakarta.servlet</groupId>
<artifactId>jakarta.servlet-api</artifactId>
</exclude>
<exclude>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</exclude>
</excludes>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
Expand Down Expand Up @@ -244,6 +256,19 @@
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<configuration>
<webResources>
<webResource>
<directory>src/main/webapp/WEB-INF</directory>
<targetPath>WEB-INF</targetPath>
<filtering>true</filtering>
</webResource>
</webResources>
</configuration>
</plugin>
</plugins>
</build>

Expand All @@ -257,22 +282,6 @@
<additionalparam>-Xdoclint:none</additionalparam>
</properties>
</profile>
<profile>
<id>standalone</id>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<scope>provided</scope>
</dependency>

<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-el</artifactId>
<scope>provided</scope>
</dependency>
</dependencies>
</profile>
<profile>
<id>public-repository</id>
<activation>
Expand Down
2 changes: 1 addition & 1 deletion enrollment-server-onboarding/src/main/webapp/WEB-INF/jboss-deployment-structure.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@

<resources>
<!-- use WAR provided Bouncy Castle -->
<resource-root path="WEB-INF/lib/bcprov-jdk18on-1.72.jar" use-physical-code-source="true"/>
<resource-root path="WEB-INF/lib/bcprov-jdk18on-${bcprov-jdk18on.version}.jar" use-physical-code-source="true"/>
</resources>

<dependencies>
Expand Down
48 changes: 25 additions & 23 deletions enrollment-server/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,13 +116,6 @@
<artifactId>postgresql</artifactId>
</dependency>

<!-- Other Dependencies -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-text</artifactId>
<version>1.10.0</version>
</dependency>

<!-- Logging -->
<dependency>
<groupId>net.logstash.logback</groupId>
Expand Down Expand Up @@ -181,6 +174,18 @@
</goals>
</execution>
</executions>
<configuration>
<excludes>
<exclude>
<groupId>jakarta.servlet</groupId>
<artifactId>jakarta.servlet-api</artifactId>
</exclude>
<exclude>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</exclude>
</excludes>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
Expand All @@ -190,6 +195,19 @@
<excludedGroups>external-service</excludedGroups>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<configuration>
<webResources>
<webResource>
<directory>src/main/webapp/WEB-INF</directory>
<targetPath>WEB-INF</targetPath>
<filtering>true</filtering>
</webResource>
</webResources>
</configuration>
</plugin>
</plugins>
</build>

Expand All @@ -203,22 +221,6 @@
<additionalparam>-Xdoclint:none</additionalparam>
</properties>
</profile>
<profile>
<id>standalone</id>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<scope>provided</scope>
</dependency>

<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-el</artifactId>
<scope>provided</scope>
</dependency>
</dependencies>
</profile>
<profile>
<id>public-repository</id>
<activation>
Expand Down
11 changes: 11 additions & 0 deletions ...r/src/main/java/com/wultra/app/enrollmentserver/database/OperationTemplateRepository.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,4 +41,15 @@ public interface OperationTemplateRepository extends CrudRepository<OperationTem
*/
Optional<OperationTemplateEntity> findFirstByLanguageAndPlaceholder(String language, String placeholder);

/**
* Find an operation template by the given operation type.
* <p>
* Just a fallback method when no entry found by {@link #findFirstByLanguageAndPlaceholder(String, String)}.
*
* @param placeholder operation type
* @return operation template or empty
* @see #findFirstByLanguageAndPlaceholder(String, String)
*/
Optional<OperationTemplateEntity> findFirstByPlaceholder(String placeholder);

}
7 changes: 4 additions & 3 deletions .../src/main/java/com/wultra/app/enrollmentserver/errorhandling/DefaultExceptionHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@

package com.wultra.app.enrollmentserver.errorhandling;

import com.wultra.security.powerauth.lib.mtoken.model.enumeration.ErrorCode;
import io.getlime.core.rest.model.base.response.ErrorResponse;
import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
import lombok.extern.slf4j.Slf4j;
Expand Down Expand Up @@ -57,7 +58,7 @@ public class DefaultExceptionHandler {
@ResponseStatus(HttpStatus.BAD_REQUEST)
public @ResponseBody ErrorResponse handleInvalidRequestException(InvalidRequestObjectException ex) {
logger.warn("Error occurred when processing request object.", ex);
return new ErrorResponse("INVALID_REQUEST", "Invalid request object.");
return new ErrorResponse(ErrorCode.INVALID_REQUEST, "Invalid request object.");
}

/**
Expand All @@ -69,7 +70,7 @@ public class DefaultExceptionHandler {
@ResponseStatus(HttpStatus.BAD_REQUEST)
public @ResponseBody ErrorResponse handlePushRegistrationException(PushRegistrationFailedException ex) {
logger.warn("Error occurred when registering to push server.", ex);
return new ErrorResponse("PUSH_REGISTRATION_FAILED", "Push registration failed in Mobile Token API component.");
return new ErrorResponse(ErrorCode.PUSH_REGISTRATION_FAILED, "Push registration failed in Mobile Token API component.");
}

/**
Expand All @@ -81,7 +82,7 @@ public class DefaultExceptionHandler {
@ResponseStatus(HttpStatus.UNAUTHORIZED)
public @ResponseBody ErrorResponse handleUnauthorizedException(PowerAuthAuthenticationException ex) {
logger.warn("Unable to verify device registration - authentication failed.", ex);
return new ErrorResponse("POWERAUTH_AUTH_FAIL", "Unable to verify device registration.");
return new ErrorResponse(ErrorCode.POWERAUTH_AUTH_FAIL, "Unable to verify device registration.");
}

/**
Expand Down
7 changes: 6 additions & 1 deletion ...src/main/java/com/wultra/app/enrollmentserver/errorhandling/MobileTokenAuthException.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@

package com.wultra.app.enrollmentserver.errorhandling;

import com.wultra.security.powerauth.lib.mtoken.model.enumeration.ErrorCode;

import java.io.Serial;

/**
Expand All @@ -31,7 +33,10 @@ public class MobileTokenAuthException extends MobileTokenException {
private static final long serialVersionUID = -4602362062047233809L;

public MobileTokenAuthException() {
super("POWERAUTH_AUTH_FAIL", "Authentication failed");
super(ErrorCode.POWERAUTH_AUTH_FAIL, "Authentication failed");
}

public MobileTokenAuthException(final String code, final String message) {
super(code, message);
}
}
33 changes: 16 additions & 17 deletions ...server/src/main/java/com/wultra/app/enrollmentserver/impl/service/MobileTokenService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@
import com.wultra.app.enrollmentserver.impl.service.converter.MobileTokenConverter;
import com.wultra.core.http.common.request.RequestContext;
import com.wultra.security.powerauth.client.PowerAuthClient;
import com.wultra.security.powerauth.client.model.enumeration.OperationStatus;
import com.wultra.security.powerauth.client.model.enumeration.SignatureType;
import com.wultra.security.powerauth.client.model.enumeration.UserActionResult;
import com.wultra.security.powerauth.client.model.error.PowerAuthClientException;
Expand All @@ -35,6 +34,7 @@
import com.wultra.security.powerauth.client.model.response.OperationDetailResponse;
import com.wultra.security.powerauth.client.model.response.OperationUserActionResponse;
import com.wultra.security.powerauth.lib.mtoken.model.entity.Operation;
import com.wultra.security.powerauth.lib.mtoken.model.enumeration.ErrorCode;
import com.wultra.security.powerauth.lib.mtoken.model.response.OperationListResponse;
import io.getlime.core.rest.model.base.response.Response;
import io.getlime.security.powerauth.rest.api.spring.service.HttpCustomizationService;
Expand Down Expand Up @@ -181,8 +181,8 @@ public Response operationApprove(@NotNull final OperationApproveParameterObject
return new Response();
} else {
final OperationDetailResponse operation = approveResponse.getOperation();
handleStatus(operation.getStatus());
throw new MobileTokenAuthException();
handleStatus(operation);
throw new MobileTokenAuthException(ErrorCode.OPERATION_FAILED, "PowerAuth server operation approval fails");
}
}

Expand All @@ -208,7 +208,7 @@ public void operationFailApprove(@NotNull String operationId, @NotNull RequestCo
);

final OperationDetailResponse operation = failApprovalResponse.getOperation();
handleStatus(operation.getStatus());
handleStatus(operation);
}

/**
Expand Down Expand Up @@ -262,8 +262,8 @@ public Response operationReject(
return new Response();
} else {
final OperationDetailResponse operation = rejectResponse.getOperation();
handleStatus(operation.getStatus());
throw new MobileTokenAuthException();
handleStatus(operation);
throw new MobileTokenAuthException(ErrorCode.OPERATION_FAILED, "PowerAuth server operation rejection fails");
}
}

Expand All @@ -285,7 +285,7 @@ private OperationDetailResponse getOperationDetail(String operationId) throws Po
httpCustomizationService.getQueryParams(),
httpCustomizationService.getHttpHeaders()
);
handleStatus(operationDetail.getStatus());
handleStatus(operationDetail);
return operationDetail;
}

Expand All @@ -297,22 +297,21 @@ private OperationDetailResponse getOperationDetail(String operationId) throws Po
* <li>CANCELLED, APPROVED, REJECTED, or EXPIRED - throws exception with appropriate code and message.</li>
* </ul>
*
* @param status Operation status.
* @param operation Operation detail.
* @throws MobileTokenException In case operation is in status that does not allow processing, the method throws appropriate exception.
*/
private void handleStatus(OperationStatus status) throws MobileTokenException {
switch (status) {
case PENDING -> {
// OK, this operation is still pending
}
private static void handleStatus(final OperationDetailResponse operation) throws MobileTokenException {
switch (operation.getStatus()) {
case PENDING ->
logger.debug("OK, operation ID: {} is still pending", operation.getId());
case CANCELED ->
throw new MobileTokenException("OPERATION_ALREADY_CANCELED", "Operation was already canceled");
throw new MobileTokenException(ErrorCode.OPERATION_ALREADY_CANCELED, "Operation was already canceled");
case APPROVED, REJECTED ->
throw new MobileTokenException("OPERATION_ALREADY_FINISHED", "Operation was already completed");
throw new MobileTokenException(ErrorCode.OPERATION_ALREADY_FINISHED, "Operation was already completed");
case FAILED ->
throw new MobileTokenException("OPERATION_ALREADY_FAILED", "Operation already failed");
throw new MobileTokenException(ErrorCode.OPERATION_ALREADY_FAILED, "Operation already failed");
default ->
throw new MobileTokenException("OPERATION_EXPIRED", "Operation already expired");
throw new MobileTokenException(ErrorCode.OPERATION_EXPIRED, "Operation already expired");
}
}

Expand Down
Loading

0 comments on commit 8b31658

Please sign in to comment.