feat(jans-client-api): Use injectable operations and remove servicepr…

…ovider (#1643)

* feat(jans-client-api):Modify injection services in operations

* feat(jans-client-api):Change operations to request scope, and rmove Processor

* feat(jans-client-api):remove explicit authorization headers from endpoints

* feat(jans-client-api):remove BaseOperation

* feat(jans-client-api):Add Filter Authorization

* fix(jans-client-api):remove unused comments AppInitializer

* feat(jans-client-api):include ProtectedApi annotation into jans-client-api

* fix(jans-client-api):move validateIpAddressAllowed from AuthorizationFilter to BaseOperation to control IP in all cases

* feat(jans-client-api):remove Command and CommandType

* feat(jans-client-api):remove authorizationRpId validation using body params, now is mandatory in header

jans-client-api/common/src/main/java/io/jans/ca/common/ErrorResponseCode.java

@@ -115,8 +115,9 @@ public enum ErrorResponseCode {
     AT_HASH_NOT_FOUND(500, "at_hash_not_found", "`at_hash` is missing in `ID_TOKEN`."),
     C_HASH_NOT_FOUND(500, "c_hash_not_found", "`c_hash` is missing in `ID_TOKEN`."),
     S_HASH_NOT_FOUND(500, "s_hash_not_found", "`s_hash` is missing in `ID_TOKEN`."),
-    INVALID_AUTHORIZATION_RP_ID(400, "invalid_authorization_rp_id", "`rp_id` in `AuthorizationRpId` header is invalid. The `AuthorizationRpId` header should contain `rp_id` from `protect_commands_with_rp_id` field in jans_client_api.yml."),
+    INVALID_AUTHORIZATION_RP_ID(400, "invalid_authorization_rp_id", "`rp_id` in `AuthorizationRpId` header is invalid. The `AuthorizationRpId` header should contain `rp_id` from `protect_commands_with_rp_id` field in config."),
     AUTHORIZATION_RP_ID_NOT_FOUND(400, "authorization_rp_id_not_found", "`rp_id` in `AuthorizationRpId` header is not registered in jans_client_api."),
+    AUTHORIZATION_RP_ID_HEADER_NOT_FOUND(400, "authorization_rp_id_header_not_found", "`AuthorizationRpId` header is not present or invalid."),
     NO_CLIENT_ID_RETURNED(500, "no_client_id_returned", "`client_id` is not returned from OP host. Please check OP log file for error (oxauth.log)."),
     NO_CLIENT_SECRET_RETURNED(500, "no_client_secret_returned", "`client_secret` is not returned from OP host. Please check: 1) OP log file for error (oxauth.log) 2) whether `returnClientSecretOnRead` configuration property is set to true on OP host."),
     RP_ACCESS_DENIED(403, "rp_access_denied", "The caller is not allowed to make request to jans_client_api. To allow add ip_address of caller in `bind_ip_addresses` field of `jans_client_api.yml`."),

jans-client-api/common/src/main/java/io/jans/ca/common/rest/ProtectedApi.java

@@ -0,0 +1,23 @@
+/*
+ * Janssen Project software is available under the MIT License (2008). See http://opensource.org/licenses/MIT for full text.
+ *
+ * Copyright (c) 2020, Janssen Project
+ */
+
+package io.jans.ca.common.rest;
+
+import jakarta.ws.rs.NameBinding;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@NameBinding
+@Retention(RetentionPolicy.RUNTIME)
+@Target({ ElementType.TYPE, ElementType.METHOD })
+public @interface ProtectedApi {
+
+    String[] scopes() default {};
+
+}