Merge branch 'datakaveri:main' into update-prod-url

datakaveri · Nov 8, 2023 · 49cb343 · 49cb343
2 parents f4ba5d8 + 4da72b7
commit 49cb343
Show file tree

Hide file tree

Showing 167 changed files with 34,409 additions and 57,613 deletions.
diff --git a/Jenkinsfile b/Jenkinsfile
@@ -31,7 +31,7 @@ pipeline {
           sh 'docker compose -f docker-compose-test.yml up test'
         }
         xunit (
-          thresholds: [ skipped(failureThreshold: '0'), failed(failureThreshold: '0') ],
+          thresholds: [ skipped(failureThreshold: '15'), failed(failureThreshold: '0') ],
           tools: [ JUnit(pattern: 'target/surefire-reports/*.xml') ]
         )
         jacoco classPattern: 'target/classes', execPattern: 'target/jacoco.exec', sourcePattern: 'src/main/java', exclusionPattern:'**/*VertxEBProxy.class,**/Constants.class,**/*VertxProxyHandler.class,**/*Verticle.class,iudx/aaa/server/deploy/*.class,iudx/aaa/server/registration/KcAdmin.class,iudx/aaa/server/apiserver/*,iudx/aaa/server/apiserver/util/*,iudx/aaa/server/admin/AdminService.class,iudx/aaa/server/apd/ApdService.class,iudx/aaa/server/auditing/AuditingService.class,iudx/aaa/server/auditing/AuditingService.class,iudx/aaa/server/registration/RegistrationService.class,iudx/aaa/server/token/TokenService.class,iudx/aaa/server/policy/PolicyService.class'
@@ -60,7 +60,6 @@ pipeline {
       steps{
         script{
             sh 'docker/runIntegTests.sh'
-            sh 'scp src/test/resources/Integration_Test.postman_collection.json jenkins@jenkins-master:/var/lib/jenkins/iudx/aaa/Newman/'
             sh 'docker compose -f docker-compose-test.yml up -d integTest'
             sh 'sleep 45'
         }
@@ -71,7 +70,7 @@ pipeline {
             sh 'mvn flyway:clean -Dflyway.configFiles=/home/ubuntu/configs/aaa-flyway.conf'
             sh 'docker compose -f docker-compose-test.yml down --remove-orphans'
           }
-          cleanWs deleteDirs: true, disableDeferredWipeout: true, patterns: [[pattern: 'src/main/resources/db/migration/V?__Add_Integration_Test_data.sql', type: 'INCLUDE']]
+          cleanWs deleteDirs: true, disableDeferredWipeout: true
         }
       }
     }
@@ -80,22 +79,32 @@ pipeline {
       steps{
         node('built-in') {
           script{
-            startZap ([host: 'localhost', port: 8090, zapHome: '/var/lib/jenkins/tools/com.cloudbees.jenkins.plugins.customtools.CustomTool/OWASP_ZAP/ZAP_2.11.0'])
-            sh 'curl http://127.0.0.1:8090/JSON/pscan/action/disableScanners/?ids=10096'
+            startZap ([host: '0.0.0.0', port: 8090, zapHome: '/var/lib/jenkins/tools/com.cloudbees.jenkins.plugins.customtools.CustomTool/OWASP_ZAP/ZAP_2.11.0'])
+            sh 'curl http://0.0.0.0:8090/JSON/pscan/action/disableScanners/?ids=10096'
             catchError(buildResult: 'SUCCESS', stageResult: 'FAILURE') {
-              sh 'HTTP_PROXY=\'127.0.0.1:8090\' newman run /var/lib/jenkins/iudx/aaa/Newman/Integration_Test.postman_collection.json -e /home/ubuntu/configs/aaa-postman-env.json --insecure -r htmlextra --reporter-htmlextra-export /var/lib/jenkins/iudx/aaa/Newman/report/report.html --reporter-htmlextra-skipSensitiveData'
             }
-            runZapAttack()
           }
         }
+        script{
+            sh 'cp /home/ubuntu/configs/aaa-config-integ.json configs/config-integ.json'
+            sh 'mvn test-compile failsafe:integration-test  -DskipUnitTests=true -DintTestProxyHost=jenkins-master-priv -DintTestProxyPort=8090 -DintTestHost=jenkins-slave1 -DintTestPort=8443'
+            }
+        node('built-in') {
+          script{
+            runZapAttack()
+            }
+        }
       }
       post{
         always{
+          xunit (
+             thresholds: [ skipped(failureThreshold: '0'), failed(failureThreshold: '0') ],
+             tools: [ JUnit(pattern: 'target/failsafe-reports/*.xml') ]
+             )
           node('built-in') {
             script{
               archiveZap failHighAlerts: 1, failMediumAlerts: 1, failLowAlerts: 2
             }  
-            publishHTML([allowMissing: false, alwaysLinkToLastBuild: true, keepAll: true, reportDir: '/var/lib/jenkins/iudx/aaa/Newman/report/', reportFiles: 'report.html', reportName: 'HTML Report', reportTitles: '', reportName: 'Integration Test Report'])
           }
         }
         failure{
@@ -106,7 +115,7 @@ pipeline {
             sh 'mvn flyway:clean -Dflyway.configFiles=/home/ubuntu/configs/aaa-flyway.conf'
             sh 'docker compose -f docker-compose-test.yml down --remove-orphans'
           }
-          cleanWs deleteDirs: true, disableDeferredWipeout: true, patterns: [[pattern: 'src/main/resources/db/migration/V?__Add_Integration_Test_data.sql', type: 'INCLUDE']]
+          cleanWs deleteDirs: true, disableDeferredWipeout: true
         }
       }
     }

diff --git a/README.md b/README.md
@@ -1,8 +1,7 @@
 [![Build Status](https://img.shields.io/jenkins/build?jobUrl=https%3A%2F%2Fjenkins.iudx.io%2Fjob%2Fiudx%2520aaa-server%2520%28master%29%2520pipeline%2F)](https://jenkins.iudx.io/job/iudx%20aaa-server%20(master)%20pipeline/lastBuild/)
 [![Jenkins Coverage](https://img.shields.io/jenkins/coverage/jacoco?jobUrl=https%3A%2F%2Fjenkins.iudx.io%2Fjob%2Fiudx%2520aaa-server%2520%28master%29%2520pipeline%2F)](https://jenkins.iudx.io/job/iudx%20aaa-server%20(master)%20pipeline/lastBuild/jacoco/)
-[![Unit Tests](https://img.shields.io/jenkins/tests?jobUrl=https%3A%2F%2Fjenkins.iudx.io%2Fjob%2Fiudx%2520aaa-server%2520%28master%29%2520pipeline%2F&label=unit%20tests)](https://jenkins.iudx.io/job/iudx%20aaa-server%20(master)%20pipeline/lastBuild/testReport/)
+[![Unit and Integration Tests](https://img.shields.io/jenkins/tests?jobUrl=https%3A%2F%2Fjenkins.iudx.io%2Fjob%2Fiudx%2520aaa-server%2520%28master%29%2520pipeline%2F&label=unit%20and%20integration%20tests)](https://jenkins.iudx.io/job/iudx%20aaa-server%20(master)%20pipeline/lastBuild/testReport/)
 [![Security Tests](https://img.shields.io/jenkins/build?jobUrl=https%3A%2F%2Fjenkins.iudx.io%2Fjob%2Fiudx%2520aaa-server%2520%28master%29%2520pipeline%2F&label=security%20tests)](https://jenkins.iudx.io/job/iudx%20aaa-server%20(master)%20pipeline/lastBuild/zap/)
-[![Integration Tests](https://img.shields.io/jenkins/build?jobUrl=https%3A%2F%2Fjenkins.iudx.io%2Fjob%2Fiudx%2520aaa-server%2520%28master%29%2520pipeline%2F&label=integration%20tests)](https://jenkins.iudx.io/job/iudx%20aaa-server%20(master)%20pipeline/Integration_20Test_20Report/)
 [![OpenSSF Best Practices](https://bestpractices.coreinfrastructure.org/projects/6743/badge)](https://bestpractices.coreinfrastructure.org/projects/6743)
 
 
@@ -71,15 +70,11 @@ The database details should then be added to the server config.
 
 The AAA server uses [Keycloak](https://www.keycloak.org/about.html) to manage user identity. Please refer [here](https://www.keycloak.org/docs/latest/server_admin/#core-concepts-and-terms) to become familiar with Keycloak terminology.
 
-1. The AAA server required clients to be configured that would allow the server to interact with Keycloak. The main clients are:
+1. The AAA server requires a client to be configured that would allow the server to interact with Keycloak. The client would be able to search for users on the configured Keycloak realm, as well as validate OIDC tokens issued by Keycloak from that realm. This client must have the capability to search for users and realms (In Service account roles -> client roles -> realm-management -> add _view-users_ to Assigned roles) 
 
-- The **admin client** to be configured for the `RegistrationVerticle` and `AdminVerticle`. This client performs admin-related tasks on Keycloak. This client must have the capability to view and update users and realms (In Service account roles -> client roles -> realm-management -> _add manage-users_, _view-realm_, _view-users_ to Assigned roles) 
-- The **normal client** to be configured for the `TokenVerticle` and `ApiServerVerticle`. This client would allow the server to validate Keycloak JWT tokens.
+2. `Email as username` needs to be configured in the `Login` tab of the Realm settings.
 
-2. The roles `provider`, `consumer`, `delegate` and `admin` need to be added to the realm.
-3. `Email as username` needs to be configured in the `Login` tab of the Realm settings.
-
-The Keycloak host and port, along with the client IDs and client secret information should then be added to the server config.
+The Keycloak URL and realm information along with the client IDs and client secret information should then be added to the server config.
 
 ### Docker based
 1. Install docker and docker-compose

diff --git a/configs/config-depl.json b/configs/config-depl.json
@@ -14,20 +14,15 @@
         "databasePassword": "wwd"
       },
       "commonOptions":{
-        "authServerDomain":"auth.test.com"
+        "cosDomain":"auth.test.com",
+        "cosAdminUserId": "a74792c1-a86d-48e4-b4f0-544585981718"
       },
       "keycloakOptions":{
-        "keycloakHost": "identity.iudx.io.test",
-        "keycloakPort": 8443,
         "keycloakRealm": "some-realm",
-        "keycloakSite": "{{protocol}}://{{keycloakHost}}:{{keycloakPort}}/auth/realms/{{keycloakRealm}}",
         "keycloakUrl": "{{protocol}}://{{keycloakHost}}:{{keycloakPort}}/auth",
-        "keycloakTokenUri": "/auth/realms/{{keycloakRealm}}/protocol/openid-connect/token",
         "keycloakAdminClientId": "some-admin-client-id",
         "keycloakAdminClientSecret": "f5800be0-258a-4cd2-820f-8128818ed70a",
         "keycloakAdminPoolSize": "10",
-        "keycloakAaaClientId": "auth.iudx.test",
-        "keycloakAaaClientSecret": "6ba618a0-06c6-49a0-a824-d5dfc6d025f3",
         "keycloakJwtLeeway": 90
       },
       "jwtKeystoreOptions":{
@@ -41,33 +36,11 @@
       "verticleInstances": 1,
       "required":["postgresOptions", "commonOptions"],
       "poolSize": "25",
-      "domain" : "iudx.io.test",
       "catalogueOptions": {
         "catServerHost": "api.catalogue.iudx.io.test",
         "catServerPort": "443",
-        "catServerItemPath": "/iudx/cat/v1/item"
-      },
-      "authOptions": {
-        "policyExpiry" : "12",
-        "adminPolicyExpiry" : "60"
-      },
-      "catOptions": {
-        "catURL" : "catalogue.iudx.io.test",
-        "catItem" : "catalogue/crud"
-      },
-      "resOptions" : {
-        "resURL" : "rs.iudx.io.test"
-      },
-      "emailOptions": {
-        "emailHostName": "",
-        "emailPort" : 2587,
-        "emailUserName":"",
-        "emailPassword": "",
-        "emailSender" : "",
-        "emailSupport" : "",
-        "publisherPanelUrl": "",
-        "notifyByEmail" : true,
-        "senderName" : ""
+        "catServerBasePath": "/iudx/cat/v1"
+      }
     },
     {
       "id": "iudx.aaa.server.registration.RegistrationVerticle",
@@ -79,7 +52,7 @@
     {
       "id": "iudx.aaa.server.token.TokenVerticle",
       "verticleInstances": 1,
-      "required":["postgresOptions", "commonOptions", "keycloakOptions", "jwtKeystoreOptions"],
+      "required":["postgresOptions", "commonOptions", "jwtKeystoreOptions"],
       "poolSize": "5"
     },
     {

diff --git a/configs/config-dev.json b/configs/config-dev.json
@@ -14,20 +14,15 @@
       "databasePassword": "iudx@123"
     },
     "commonOptions":{
-      "authServerDomain":"auth.test.com"
+      "cosDomain":"auth.test.com",
+      "cosAdminUserId": "a74792c1-a86d-48e4-b4f0-544585981718"
     },
     "keycloakOptions":{
-      "keycloakHost": "identitydev.iudx.io",
-      "keycloakPort": 8443,
       "keycloakRealm": "some-realm",
-      "keycloakSite": "{{protocol}}://{{keycloakHost}}:{{keycloakPort}}/auth/realms/{{keycloakRealm}}",
       "keycloakUrl": "{{protocol}}://{{keycloakHost}}:{{keycloakPort}}/auth",
-      "keycloakTokenUri": "/auth/realms/{{keycloakRealm}}/protocol/openid-connect/token",
       "keycloakAdminClientId": "some-admin-client-id",
       "keycloakAdminClientSecret": "f5800be0-258a-4cd2-820f-8128818ed70a",
       "keycloakAdminPoolSize": "10",
-      "keycloakAaaClientId": "auth.iudx.org.in",
-      "keycloakAaaClientSecret": "6ba618a0-06c6-49a0-a824-d5dfc6d025f3",
       "keycloakJwtLeeway": 90
     },
     "jwtKeystoreOptions":{
@@ -41,33 +36,10 @@
       "verticleInstances": 1,
       "required":["postgresOptions", "commonOptions"],
       "poolSize": "25",
-      "domain" : "iudx.io",
       "catalogueOptions": {
         "catServerHost": "api.catalogue.iudx.io",
         "catServerPort": "443",
-        "catServerItemPath": "/iudx/cat/v1/item"
-      },
-      "authOptions": {
-        "policyExpiry" : "12",
-        "adminPolicyExpiry" : "60"
-      },
-      "catOptions": {
-        "catURL" : "catalogue.iudx.io",
-        "catItem" : "catalogue/crud"
-      },
-      "resOptions" : {
-        "resURL" : "rs.iudx.io"
-      },
-      "emailOptions": {
-        "emailHostName": "",
-        "emailPort" : 2587,
-        "emailUserName":"",
-        "emailPassword": "",
-        "emailSender" : "",
-        "emailSupport" : "",
-        "publisherPanelUrl": "",
-        "notifyByEmail" : true,
-        "senderName" : ""
+        "catServerBasePath": "/iudx/cat/v1"
       }
     },
     {
@@ -80,7 +52,7 @@
     {
       "id": "iudx.aaa.server.token.TokenVerticle",
       "verticleInstances": 1,
-      "required":["postgresOptions", "commonOptions", "keycloakOptions", "jwtKeystoreOptions"],
+      "required":["postgresOptions", "commonOptions", "jwtKeystoreOptions"],
       "poolSize": "5"
     },
     {

diff --git a/configs/config-example.json b/configs/config-example.json
@@ -14,20 +14,15 @@
         "databasePassword": "iudx@123"
       },
       "commonOptions":{
-        "authServerDomain":"auth.test.com"
+        "cosDomain":"auth.test.com",
+        "cosAdminUserId": "a74792c1-a86d-48e4-b4f0-544585981718"
       },
       "keycloakOptions":{
-        "keycloakHost": "identitydev.iudx.io",
-        "keycloakPort": 8443,
         "keycloakRealm": "some-realm",
-        "keycloakSite": "{{protocol}}://{{keycloakHost}}:{{keycloakPort}}/auth/realms/{{keycloakRealm}}",
         "keycloakUrl": "{{protocol}}://{{keycloakHost}}:{{keycloakPort}}/auth",
-        "keycloakTokenUri": "/auth/realms/{{keycloakRealm}}/protocol/openid-connect/token",
         "keycloakAdminClientId": "some-admin-client-id",
         "keycloakAdminClientSecret": "f5800be0-258a-4cd2-820f-8128818ed70a",
         "keycloakAdminPoolSize": "10",
-        "keycloakAaaClientId": "auth.iudx.org.in",
-        "keycloakAaaClientSecret": "6ba618a0-06c6-49a0-a824-d5dfc6d025f3",
         "keycloakJwtLeeway": 90
       },
       "jwtKeystoreOptions":{
@@ -41,33 +36,10 @@
       "verticleInstances": 1,
       "required":["postgresOptions", "commonOptions"],
       "poolSize": "5",
-      "domain" : "iudx.io",
       "catalogueOptions": {
         "catServerHost": "api.catalogue.iudx.io",
         "catServerPort": "443",
-        "catServerItemPath": "/iudx/cat/v1/item"
-      },
-      "authOptions": {
-        "policyExpiry" : "12",
-        "adminPolicyExpiry" : "60"
-      },
-      "catOptions": {
-        "catURL" : "catalogue.iudx.io",
-        "catItem" : "catalogue/crud"
-      },
-      "resOptions" : {
-        "resURL" : "rs.iudx.io"
-      },
-      "emailOptions": {
-        "emailHostName": "localhost",
-        "emailPort" : 2587,
-        "emailUserName":"UserName",
-        "emailPassword": "Password",
-        "emailSender" : "[email protected]",
-        "emailSupport" : "[email protected]",
-        "publisherPanelUrl": "www.abc.com",
-        "notifyByEmail" : true,
-        "senderName" : "ABCD"
+        "catServerBasePath": "/iudx/cat/v1"
       }
     },
     {
@@ -80,7 +52,7 @@
     {
       "id": "iudx.aaa.server.token.TokenVerticle",
       "verticleInstances": 1,
-      "required":["postgresOptions", "commonOptions", "keycloakOptions", "jwtKeystoreOptions"],
+      "required":["postgresOptions", "commonOptions", "jwtKeystoreOptions"],
       "poolSize": "5"
     },
     {

diff --git a/configs/config-test.json b/configs/config-test.json
@@ -14,20 +14,15 @@
         "databasePassword": "iudx@123"
       },
       "commonOptions":{
-        "authServerDomain":"auth.test.com"
+        "cosDomain":"auth.test.com",
+        "cosAdminUserId": "a74792c1-a86d-48e4-b4f0-544585981718"
       },
       "keycloakOptions":{
-        "keycloakHost": "identitydev.iudx.io",
-        "keycloakPort": 8443,
         "keycloakRealm": "some-realm",
-        "keycloakSite": "{{protocol}}://{{keycloakHost}}:{{keycloakPort}}/auth/realms/{{keycloakRealm}}",
         "keycloakUrl": "{{protocol}}://{{keycloakHost}}:{{keycloakPort}}/auth",
-        "keycloakTokenUri": "/auth/realms/{{keycloakRealm}}/protocol/openid-connect/token",
         "keycloakAdminClientId": "some-admin-client-id",
         "keycloakAdminClientSecret": "f5800be0-258a-4cd2-820f-8128818ed70a",
         "keycloakAdminPoolSize": "10",
-        "keycloakAaaClientId": "auth.iudx.org.in",
-        "keycloakAaaClientSecret": "6ba618a0-06c6-49a0-a824-d5dfc6d025f3",
         "keycloakJwtLeeway": 90
       },
       "jwtKeystoreOptions":{
@@ -41,33 +36,10 @@
       "verticleInstances": 1,
       "required":["postgresOptions", "commonOptions"],
       "poolSize": "25",
-      "domain" : "iudx.io",
       "catalogueOptions": {
         "catServerHost": "api.catalogue.iudx.io",
         "catServerPort": "443",
-        "catServerItemPath": "/iudx/cat/v1/item"
-      },
-      "authOptions": {
-        "policyExpiry" : "12",
-        "adminPolicyExpiry" : "60"
-      },
-      "catOptions": {
-        "catURL" : "catalogue.iudx.io",
-        "catItem" : "catalogue/crud"
-      },
-      "resOptions" : {
-        "resURL" : "rs.iudx.io"
-      },
-      "emailOptions": {
-        "emailHostName": "",
-        "emailPort" : 2587,
-        "emailUserName":"",
-        "emailPassword": "",
-        "emailSender" : "",
-        "emailSupport" : "",
-        "publisherPanelUrl": "",
-        "notifyByEmail" : true,
-        "senderName" : ""
+        "catServerBasePath": "/iudx/cat/v1"
       }
     },
     {
@@ -80,7 +52,7 @@
     {
       "id": "iudx.aaa.server.token.TokenVerticle",
       "verticleInstances": 1,
-      "required":["postgresOptions", "commonOptions", "keycloakOptions", "jwtKeystoreOptions"],
+      "required":["postgresOptions", "commonOptions", "jwtKeystoreOptions"],
       "poolSize": "5"
     },
     {

diff --git a/docker/runIntegTests.sh b/docker/runIntegTests.sh
@@ -1,4 +1,3 @@
 #!/bin/bash
 
-cp ./src/test/resources/V1000__Add_Integration_Test_data.sql ./src/main/resources/db/migration/
 mvn flyway:migrate -Dflyway.configFiles=/home/ubuntu/configs/aaa-flyway.conf
diff --git a/docs/apidoc.html b/docs/apidoc.html
@@ -18,7 +18,7 @@
     </style>
   </head>
   <body>
-    <redoc spec-url='/apis/spec'></redoc>
+    <redoc spec-url='apis/spec'></redoc>
     <script src="https://cdn.jsdelivr.net/npm/redoc@next/bundles/redoc.standalone.js"> </script>
   </body>
 </html>