API for CIBA #15 and fixes for FIDO2 #14

JanssenProject · Aug 12, 2020 · fd808b2 · fd808b2
1 parent 32dc89c
commit fd808b2
Show file tree

Hide file tree

Showing 11 changed files with 698 additions and 21 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,6 @@
 # Eclipse
 .project
-oxauth-config-api-access.log
+oxauth-config-api-access*.log
 .classpath
 .settings/
 bin/

diff --git a/src/main/java/org/gluu/oxauthconfigapi/rest/model/CIBAConfiguration.java b/src/main/java/org/gluu/oxauthconfigapi/rest/model/CIBAConfiguration.java
@@ -0,0 +1,152 @@
+package org.gluu.oxauthconfigapi.rest.model;
+
+import java.io.Serializable;
+
+import javax.validation.constraints.Size;
+import javax.validation.constraints.NotBlank;
+
+public class CIBAConfiguration implements Serializable {
+
+	private static final long serialVersionUID = 1L;
+
+	@NotBlank
+	@Size(min=1)
+	private String apiKey;
+
+	@NotBlank
+	@Size(min=1)
+    private String authDomain;
+
+	@NotBlank
+	@Size(min=1)
+    private String databaseURL;
+
+	@NotBlank
+	@Size(min=1)
+    private String projectId;
+
+	@NotBlank
+	@Size(min=1)
+    private String storageBucket;
+
+	@NotBlank
+	@Size(min=1)
+    private String messagingSenderId;
+
+	@NotBlank
+	@Size(min=1)
+    private String appId;
+
+	@NotBlank
+	@Size(min=1)
+    private String notificationUrl;
+
+	@NotBlank
+	@Size(min=1)
+    private String notificationKey;
+
+	@NotBlank
+	@Size(min=1)
+    private String publicVapidKey;
+
+	private int cibaGrantLifeExtraTimeSec;
+
+	private int cibaMaxExpirationTimeAllowedSec;
+
+	public String getApiKey() {
+		return apiKey;
+	}
+
+	public void setApiKey(String apiKey) {
+		this.apiKey = apiKey;
+	}
+
+	public String getAuthDomain() {
+		return authDomain;
+	}
+
+	public void setAuthDomain(String authDomain) {
+		this.authDomain = authDomain;
+	}
+
+	public String getDatabaseURL() {
+		return databaseURL;
+	}
+
+	public void setDatabaseURL(String databaseURL) {
+		this.databaseURL = databaseURL;
+	}
+
+	public String getProjectId() {
+		return projectId;
+	}
+
+	public void setProjectId(String projectId) {
+		this.projectId = projectId;
+	}
+
+	public String getStorageBucket() {
+		return storageBucket;
+	}
+
+	public void setStorageBucket(String storageBucket) {
+		this.storageBucket = storageBucket;
+	}
+
+	public String getMessagingSenderId() {
+		return messagingSenderId;
+	}
+
+	public void setMessagingSenderId(String messagingSenderId) {
+		this.messagingSenderId = messagingSenderId;
+	}
+
+	public String getAppId() {
+		return appId;
+	}
+
+	public void setAppId(String appId) {
+		this.appId = appId;
+	}
+
+	public String getNotificationUrl() {
+		return notificationUrl;
+	}
+
+	public void setNotificationUrl(String notificationUrl) {
+		this.notificationUrl = notificationUrl;
+	}
+
+	public String getNotificationKey() {
+		return notificationKey;
+	}
+
+	public void setNotificationKey(String notificationKey) {
+		this.notificationKey = notificationKey;
+	}
+
+	public String getPublicVapidKey() {
+		return publicVapidKey;
+	}
+
+	public void setPublicVapidKey(String publicVapidKey) {
+		this.publicVapidKey = publicVapidKey;
+	}
+
+	public int getCibaGrantLifeExtraTimeSec() {
+		return cibaGrantLifeExtraTimeSec;
+	}
+
+	public void setCibaGrantLifeExtraTimeSec(int cibaGrantLifeExtraTimeSec) {
+		this.cibaGrantLifeExtraTimeSec = cibaGrantLifeExtraTimeSec;
+	}
+
+	public int getCibaMaxExpirationTimeAllowedSec() {
+		return cibaMaxExpirationTimeAllowedSec;
+	}
+
+	public void setCibaMaxExpirationTimeAllowedSec(int cibaMaxExpirationTimeAllowedSec) {
+		this.cibaMaxExpirationTimeAllowedSec = cibaMaxExpirationTimeAllowedSec;
+	}
+
+}
diff --git a/src/main/java/org/gluu/oxauthconfigapi/rest/ressource/CIBAConfigurationResource.java b/src/main/java/org/gluu/oxauthconfigapi/rest/ressource/CIBAConfigurationResource.java
@@ -0,0 +1,110 @@
+package org.gluu.oxauthconfigapi.rest.ressource;
+
+import javax.inject.Inject;
+import javax.validation.Valid;
+import javax.ws.rs.GET;
+import javax.ws.rs.PUT;
+import javax.ws.rs.Path;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+
+import org.slf4j.Logger;
+
+import com.couchbase.client.core.message.ResponseStatus;
+
+import org.eclipse.microprofile.openapi.annotations.Operation;
+import org.eclipse.microprofile.openapi.annotations.media.Content;
+import org.eclipse.microprofile.openapi.annotations.media.Schema;
+import org.eclipse.microprofile.openapi.annotations.responses.APIResponse;
+import org.eclipse.microprofile.openapi.annotations.responses.APIResponses;
+
+import org.gluu.oxauth.model.configuration.AppConfiguration;
+import org.gluu.oxtrust.service.JsonConfigurationService;
+import org.gluu.oxauthconfigapi.filters.ProtectedApi;
+import org.gluu.oxauthconfigapi.rest.model.ApiError;
+import org.gluu.oxauthconfigapi.rest.model.CIBAConfiguration;
+import org.gluu.oxauthconfigapi.util.ApiConstants;
+
+@Path(ApiConstants.BASE_API_URL + ApiConstants.CIBA)
+@Produces(MediaType.APPLICATION_JSON)
+@Consumes(MediaType.APPLICATION_JSON)
+public class CIBAConfigurationResource extends BaseResource {
+
+	@Inject
+	Logger log;
+
+	@Inject
+	JsonConfigurationService jsonConfigurationService;
+
+
+	@GET
+	@Operation(summary = "Gets oxAuth CIBA configuration properties.")
+	@APIResponses( value = {
+			@APIResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = CIBAConfiguration.class, required = true, description = "Success"))),
+			@APIResponse(responseCode = "500", content = @Content(schema = @Schema(implementation = ApiError.class)), description = "Server error") })
+	@ProtectedApi(scopes = { READ_ACCESS })
+	public Response getCIBAConfiguration() {
+
+		log.debug("CIBAConfigurationResource::getCIBAConfiguration() - Gets oxAuth CIBA configuration properties.");
+		try {
+			AppConfiguration appConfiguration = this.jsonConfigurationService.getOxauthAppConfiguration();
+			CIBAConfiguration cibaConfiguration = new CIBAConfiguration();
+			cibaConfiguration.setApiKey(appConfiguration.getCibaEndUserNotificationConfig().getApiKey());
+			cibaConfiguration.setAuthDomain(appConfiguration.getCibaEndUserNotificationConfig().getAuthDomain());
+			cibaConfiguration.setDatabaseURL(appConfiguration.getCibaEndUserNotificationConfig().getDatabaseURL());
+			cibaConfiguration.setProjectId(appConfiguration.getCibaEndUserNotificationConfig().getProjectId());
+			cibaConfiguration.setStorageBucket(appConfiguration.getCibaEndUserNotificationConfig().getStorageBucket());
+			cibaConfiguration.setMessagingSenderId(appConfiguration.getCibaEndUserNotificationConfig().getMessagingSenderId());
+			cibaConfiguration.setAppId(appConfiguration.getCibaEndUserNotificationConfig().getAppId());
+			cibaConfiguration.setNotificationUrl(appConfiguration.getCibaEndUserNotificationConfig().getNotificationUrl());
+			cibaConfiguration.setNotificationKey(appConfiguration.getCibaEndUserNotificationConfig().getNotificationKey());
+			cibaConfiguration.setPublicVapidKey(appConfiguration.getCibaEndUserNotificationConfig().getPublicVapidKey());
+			cibaConfiguration.setCibaGrantLifeExtraTimeSec(appConfiguration.getCibaGrantLifeExtraTimeSec());
+			cibaConfiguration.setCibaMaxExpirationTimeAllowedSec(appConfiguration.getCibaMaxExpirationTimeAllowedSec());
+
+			return Response.ok(cibaConfiguration).build();
+
+		}catch(Exception ex) {
+			log.error("Failed to retrieve oxAuth CIBA configuration", ex);
+			return getInternalServerError(ex);	
+		}
+	}
+
+
+	@PUT
+	@Operation(summary = "Updates oxAuth CIBA configuration properties.")
+	@APIResponses(value = {
+			@APIResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Response.class, required = true, description = "Success"))),
+			@APIResponse(responseCode = "401", content = @Content(schema = @Schema(implementation = ApiError.class, required = false)) , description = "Unauthorized"),
+			@APIResponse(responseCode = "500", content = @Content(schema = @Schema(implementation = ApiError.class)), description = "Server error") })
+	@ProtectedApi(scopes = { WRITE_ACCESS })
+	public Response updateCIBAConfiguration(@Valid CIBAConfiguration cibaConfiguration) {		
+		log.debug("CIBAConfigurationResource::updateCIBAConfiguration() - Updates oxAuth CIBA configuration properties.");
+		try { 
+			AppConfiguration appConfiguration = this.jsonConfigurationService.getOxauthAppConfiguration();
+
+			appConfiguration.getCibaEndUserNotificationConfig().setApiKey(cibaConfiguration.getApiKey());
+			appConfiguration.getCibaEndUserNotificationConfig().setAuthDomain(cibaConfiguration.getAuthDomain());
+			appConfiguration.getCibaEndUserNotificationConfig().setDatabaseURL(cibaConfiguration.getDatabaseURL());
+			appConfiguration.getCibaEndUserNotificationConfig().setProjectId(cibaConfiguration.getProjectId());
+			appConfiguration.getCibaEndUserNotificationConfig().setStorageBucket(cibaConfiguration.getStorageBucket());
+			appConfiguration.getCibaEndUserNotificationConfig().setMessagingSenderId(cibaConfiguration.getMessagingSenderId());
+			appConfiguration.getCibaEndUserNotificationConfig().setAppId(cibaConfiguration.getAppId());
+			appConfiguration.getCibaEndUserNotificationConfig().setNotificationUrl(cibaConfiguration.getNotificationUrl());
+			appConfiguration.getCibaEndUserNotificationConfig().setNotificationKey(cibaConfiguration.getNotificationKey());
+			appConfiguration.getCibaEndUserNotificationConfig().setPublicVapidKey(cibaConfiguration.getPublicVapidKey());
+			appConfiguration.setCibaGrantLifeExtraTimeSec(cibaConfiguration.getCibaGrantLifeExtraTimeSec());
+			appConfiguration.setCibaMaxExpirationTimeAllowedSec(cibaConfiguration.getCibaMaxExpirationTimeAllowedSec());
+
+			this.jsonConfigurationService.saveOxAuthAppConfiguration(appConfiguration);
+
+			return Response.ok(ResponseStatus.SUCCESS).build();
+
+		}catch(Exception ex) {
+			log.error("Failed to update oxAuth CIBA configuration", ex);
+			return getInternalServerError(ex);	
+		}
+	}
+}
diff --git a/src/main/java/org/gluu/oxauthconfigapi/rest/ressource/Fido2Resource.java b/src/main/java/org/gluu/oxauthconfigapi/rest/ressource/Fido2Resource.java
@@ -52,24 +52,29 @@ public class Fido2Resource extends BaseResource {
 			@APIResponse(responseCode = "500", content = @Content(schema = @Schema(implementation = ApiError.class)), description = "Server error") })
 	@ProtectedApi(scopes = { READ_ACCESS })
 	public Response getFido2Configuration() {
-		log.debug("Fido2Resource::getFido2Configuration() - Retrieve oxAuth Fido2 configuration.");
+		log.info("Fido2Resource::getFido2Configuration() - Retrieve oxAuth Fido2 configuration.");
 		Fido2Configuration fido2Configuration = new Fido2Configuration();
-		JsonElement entry= null;
 		String fido2ConfigJson = null;
 		try {
 			DbApplicationConfiguration dbApplicationConfiguration = this.jsonConfigurationService.loadFido2Configuration();
 
 			if (dbApplicationConfiguration != null) {
+
 				fido2ConfigJson = dbApplicationConfiguration.getDynamicConf();
-
-				Gson gson = new GsonBuilder().create();
-				JsonElement json = gson.fromJson(fido2ConfigJson, JsonElement.class);
-				JsonObject job = gson.fromJson(fido2ConfigJson, JsonObject.class);
-				//entry = job.getAsJsonObject("fido2Configuration");
-				fido2Configuration = gson.fromJson(entry,Fido2Configuration.class);		
-
+
+				Gson gson = new Gson();
+				JsonElement jsonElement = gson.fromJson(fido2ConfigJson, JsonElement.class);
+				JsonObject jsonObject = jsonElement.getAsJsonObject();
+				JsonElement fido2ConfigurationElement = jsonObject.get("fido2Configuration");				 
+				fido2Configuration = gson.fromJson(fido2ConfigurationElement,Fido2Configuration.class);	
+
+				log.debug("\n\n\n\n Fido2Resource::getFido2Configuration() - jsonElement = "+jsonElement);
+				log.debug(" jsonObject = "+jsonObject);
+				log.debug(" fido2ConfigurationElement = "+fido2ConfigurationElement);
+				log.debug(" fido2Configuration = "+fido2Configuration);
+				log.debug("\n\n\n\n"); 
 			}
-			return Response.ok(fido2ConfigJson).build();
+			return Response.ok(fido2Configuration).build();
 
 		} catch (Exception ex) {
 			log.error("Failed to fetch oxAuth Fido2 configuration", ex);
@@ -80,18 +85,40 @@ public Response getFido2Configuration() {
 	@PUT
 	@Operation(summary = "Updates Fido2 configuration properties.")
 	@APIResponses(value = {
-			@APIResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Response.class, required = true, description = "Success"))),
+			@APIResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Fido2Configuration.class, required = true, description = "Success"))),
 			@APIResponse(responseCode = "401", content = @Content(schema = @Schema(implementation = ApiError.class, required = false)) , description = "Unauthorized"),
 			@APIResponse(responseCode = "500", content = @Content(schema = @Schema(implementation = ApiError.class)), description = "Server error") })
 	@ProtectedApi(scopes = { WRITE_ACCESS })
 	public Response updateFido2Configuration(@Valid Fido2Configuration fido2Configuration) {
-		log.debug("Fido2Resource::updateFido2Configuration()  - Updates Fido2 configuration properties.");		
+		log.info("Fido2Resource::updateFido2Configuration()  - Updates Fido2 configuration properties. - fido2Configuration = "+fido2Configuration);		
 		try {
 			DbApplicationConfiguration dbApplicationConfiguration = this.jsonConfigurationService.loadFido2Configuration();			
-			Gson gson = new Gson();
-			String fido2ConfigJson = gson.toJson(fido2Configuration);
-			this.jsonConfigurationService.saveFido2Configuration(fido2ConfigJson);			
-			return Response.ok(ResponseStatus.SUCCESS).build();
+			if (dbApplicationConfiguration != null) {
+
+				String fido2ConfigJson = dbApplicationConfiguration.getDynamicConf();
+
+				Gson gson = new Gson();
+				JsonElement jsonElement = gson.fromJson(fido2ConfigJson, JsonElement.class);
+				JsonObject jsonObject = jsonElement.getAsJsonObject();
+				log.debug("Fido2Resource::updateFido2Configuration() - jsonElement = "+jsonElement);
+				log.debug(" jsonObject_1= "+jsonObject);
+
+				JsonElement fido2ConfigurationElement = jsonObject.get("fido2Configuration");	
+				JsonElement updatedElement = gson.toJsonTree(fido2Configuration);
+				//jsonObject.remove("fido2Configuration");
+				jsonObject.add("fido2Configuration", updatedElement);
+
+
+				log.debug(" jsonObject_2 = "+jsonObject);
+				log.debug(" fido2ConfigurationElement = "+fido2ConfigurationElement);
+				log.debug(" fido2Configuration = "+fido2Configuration);
+				log.debug(" updatedElement = "+updatedElement);
+				log.debug("\n\n\n\n"); 
+
+				this.jsonConfigurationService.saveFido2Configuration(jsonObject.toString());
+
+			}
+			return Response.ok(fido2Configuration).build();
 		} catch (Exception ex) {
 			log.error("Failed to update oxAuth Fido2 configuration", ex);
 			return getInternalServerError(ex);

diff --git a/src/main/java/org/gluu/oxauthconfigapi/util/ApiConstants.java b/src/main/java/org/gluu/oxauthconfigapi/util/ApiConstants.java
@@ -24,6 +24,7 @@ private ApiConstants() {
 	public static final String SECTORS = "/sectoridentifiers";
 	public static final String PAIRWISE = "/pairwise";
 	public static final String FIDO2 = "/fido2";
+	public static final String CIBA = "/ciba";
 	public static final String RESOURCES = "/resources";
 	public static final String ATTRIBUTES = "/attributes";
 	public static final String SCRIPTS = "/scripts";