EDGPATRON-96: Suppress headers, edge-common 4.4.0, fix timeout, enabl…

…e compression

edge-patron passes on all headers from the external client to mod-patron.

This includes the Host: header. This fails when edge-patron and mod-patron run a different hosts.

edge-patron should never pass any headers for security reasons unless strictly required.

To fix this problem changes in edge-common are needed, therefore this is blocked by the release of edge-common 4.4.0.

(cherry picked from commit e572fa0)

pom.xml

@@ -107,7 +107,7 @@
     <dependency>
       <groupId>org.folio</groupId>
       <artifactId>edge-common</artifactId>
-      <version>4.3.0</version>
+      <version>4.4.0</version>
     </dependency>
 
     <!-- Only needed for AwsParamStore -->

src/main/java/org/folio/edge/patron/PatronHandler.java

@@ -32,7 +32,6 @@
 import java.util.List;
 import java.util.Map;
 import java.util.TimeZone;
-import java.util.concurrent.TimeoutException;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.folio.edge.core.Handler;
@@ -87,7 +86,7 @@ protected void handleCommon(RoutingContext ctx, String[] requiredParams, String[
           action.apply(patronClient, params);
         })
         .onFailure(t -> {
-          if (t instanceof TimeoutException) {
+          if (isTimeoutException(t)) {
             requestTimeout(ctx, t.getMessage());
           } else {
             notFound(ctx, "Unable to find patron " + extPatronId);
@@ -116,7 +115,6 @@ public void handleGetAccount(RoutingContext ctx) {
               sortBy,
               limit,
               offset,
-              ctx.request().headers(),
               resp -> handleProxyResponse(ctx, resp),
               t -> handleProxyException(ctx, t));
         });
@@ -129,7 +127,6 @@ public void handleRenew(RoutingContext ctx) {
         (client, params) -> ((PatronOkapiClient) client).renewItem(
             params.get(PARAM_PATRON_ID),
             params.get(PARAM_ITEM_ID),
-            ctx.request().headers(),
             resp -> handleProxyResponse(ctx, resp),
             t -> handleProxyException(ctx, t)));
 
@@ -144,7 +141,6 @@ public void handlePlaceItemHold(RoutingContext ctx) {
             params.get(PARAM_PATRON_ID),
             params.get(PARAM_ITEM_ID),
             body,
-            ctx.request().headers().remove(CONTENT_LENGTH), //removing content-length header here as the new message's size isn't the same it was originally
             resp -> handleProxyResponse(ctx, resp),
             t -> handleProxyException(ctx, t)));
   }
@@ -169,7 +165,6 @@ public void handleCancelHold(RoutingContext ctx) {
               params.get(PARAM_PATRON_ID),
               params.get(PARAM_HOLD_ID),
               ctx.body().asJsonObject(),
-              ctx.request().headers().remove(CONTENT_LENGTH),
               resp -> handleProxyResponse(ctx, resp),
               t -> handleProxyException(ctx, t))
         );
@@ -184,7 +179,6 @@ public void handlePlaceInstanceHold(RoutingContext ctx) {
             params.get(PARAM_PATRON_ID),
             params.get(PARAM_INSTANCE_ID),
             body,
-            ctx.request().headers().remove(CONTENT_LENGTH), //removing content-length header here as the new message's size isn't the same it was originally
             resp -> handleProxyResponse(ctx, resp),
             t -> handleProxyException(ctx, t)));
   }
@@ -264,7 +258,7 @@ protected void handleProxyResponse(RoutingContext ctx, HttpResponse<Buffer> resp
   @Override
   protected void handleProxyException(RoutingContext ctx, Throwable t) {
     logger.error("Exception calling OKAPI", t);
-    if (t instanceof TimeoutException) {
+    if (isTimeoutException(t)) {
       requestTimeout(ctx, t.getMessage());
     } else {
       internalServerError(ctx, t.getMessage());

src/main/java/org/folio/edge/patron/utils/PatronOkapiClient.java

@@ -7,7 +7,6 @@
 import org.folio.edge.core.utils.OkapiClient;
 import io.vertx.core.Future;
 import io.vertx.core.Handler;
-import io.vertx.core.MultiMap;
 import io.vertx.core.Promise;
 import io.vertx.core.Vertx;
 import io.vertx.core.json.JsonObject;
@@ -71,15 +70,8 @@ public Future<String> getPatron(String extPatronId) {
     return promise.future();
   }
 
-  public void getAccount(String patronId, boolean includeLoans, boolean includeCharges,
-      boolean includeHolds, String sortBy, String limit, String offset, Handler<HttpResponse<Buffer>> responseHandler,
-      Handler<Throwable> exceptionHandler) {
-    getAccount(patronId, includeLoans, includeCharges, includeHolds, sortBy, limit, offset, null,
-      responseHandler, exceptionHandler);
-  }
-
   public void getAccount(String patronId, boolean includeLoans, boolean includeCharges, boolean includeHolds,
-      String sortBy, String limit, String offset, MultiMap headers, Handler<HttpResponse<Buffer>> responseHandler,
+      String sortBy, String limit, String offset, Handler<HttpResponse<Buffer>> responseHandler,
       Handler<Throwable> exceptionHandler) {
     String url = String.format("%s/patron/account/%s?includeLoans=%s&includeCharges=%s&includeHolds=%s",
       okapiURL,
@@ -100,62 +92,36 @@ public void getAccount(String patronId, boolean includeLoans, boolean includeCha
     get(
         url,
         tenant,
-        combineHeadersWithDefaults(headers),
+        null,
         responseHandler,
         exceptionHandler);
   }
 
   public void renewItem(String patronId, String itemId,
       Handler<HttpResponse<Buffer>> responseHandler, Handler<Throwable> exceptionHandler) {
-    renewItem(patronId, itemId, null, responseHandler, exceptionHandler);
-  }
-
-  public void renewItem(String patronId, String itemId, MultiMap headers,
-      Handler<HttpResponse<Buffer>> responseHandler, Handler<Throwable> exceptionHandler) {
     post(
         String.format("%s/patron/account/%s/item/%s/renew", okapiURL, patronId, itemId),
         tenant,
         null,
-        combineHeadersWithDefaults(headers),
-        responseHandler,
-        exceptionHandler);
-  }
-
-  public void placeItemHold(String patronId, String itemId, String requestBody,
-      Handler<HttpResponse<Buffer>> responseHandler, Handler<Throwable> exceptionHandler) {
-    placeItemHold(patronId,
-        itemId,
-        requestBody,
         null,
         responseHandler,
         exceptionHandler);
   }
 
-  public void placeItemHold(String patronId, String itemId, String requestBody, MultiMap headers,
+  public void placeItemHold(String patronId, String itemId, String requestBody,
       Handler<HttpResponse<Buffer>> responseHandler, Handler<Throwable> exceptionHandler) {
     post(
         String.format("%s/patron/account/%s/item/%s/hold", okapiURL, patronId, itemId),
         tenant,
         requestBody,
-        combineHeadersWithDefaults(headers),
+        null,
         responseHandler,
         exceptionHandler);
   }
 
-  public void cancelHold(String patronId, String holdId, JsonObject requestBody,
+  public void cancelHold(String patronId, String holdId, JsonObject holdCancellationRequest,
                          Handler<HttpResponse<Buffer>> responseHandler, Handler<Throwable> exceptionHandler) {
-    cancelHold(patronId,
-        holdId,
-        requestBody,
-      null,
-      responseHandler,
-      exceptionHandler);
-  }
-
-  public void cancelHold(String patronId, String holdId, JsonObject holdCancellationRequest, MultiMap headers,
-      Handler<HttpResponse<Buffer>> responseHandler, Handler<Throwable> exceptionHandler) {
     getRequest(holdId,
-      headers,
       resp -> {
         if (resp.statusCode() == 200) {
           String bodyStr = resp.bodyAsString();
@@ -166,7 +132,7 @@ public void cancelHold(String patronId, String holdId, JsonObject holdCancellati
               String.format("%s/patron/account/%s/hold/%s/cancel", okapiURL, patronId, holdId),
               tenant,
               holdEntity.toJson(),
-              combineHeadersWithDefaults(headers),
+              null,
               responseHandler,
               exceptionHandler);
           } catch (Exception ex) {
@@ -183,39 +149,23 @@ public void cancelHold(String patronId, String holdId, JsonObject holdCancellati
   public void getRequest(String holdId, Handler<HttpResponse<Buffer>> responseHandler,
                       Handler<Throwable> exceptionHandler) {
 
-    getRequest(holdId, null, responseHandler, exceptionHandler);
-  }
-
-  public void getRequest(String holdId, MultiMap headers,
-                      Handler<HttpResponse<Buffer>> responseHandler, Handler<Throwable> exceptionHandler) {
-
     String url = String.format("%s/circulation/requests/%s", okapiURL, holdId);
 
     get(
       url,
       tenant,
-      combineHeadersWithDefaults(headers),
+      null,
       responseHandler,
       exceptionHandler);
   }
 
   public void placeInstanceHold(String patronId, String instanceId, String requestBody,
       Handler<HttpResponse<Buffer>> responseHandler, Handler<Throwable> exceptionHandler) {
-    placeInstanceHold(patronId,
-        instanceId,
-        requestBody,
-        null,
-        responseHandler,
-        exceptionHandler);
-  }
-
-  public void placeInstanceHold(String patronId, String instanceId, String requestBody, MultiMap headers,
-      Handler<HttpResponse<Buffer>> responseHandler, Handler<Throwable> exceptionHandler) {
     post(
         String.format("%s/patron/account/%s/instance/%s/hold", okapiURL, patronId, instanceId),
         tenant,
         requestBody,
-        combineHeadersWithDefaults(headers),
+        null,
         responseHandler,
         exceptionHandler);
   }