Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: P4ADEV-1781 add API to get decrypted api-key of broker #8

Merged
merged 16 commits into from
Dec 23, 2024
Merged

feat: P4ADEV-1781 add API to get decrypted api-key of broker #8

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
e829b17
P4ADEV-1781 add API to retrieve decrypted API keys of a broker
serdimic Dec 19, 2024
b71763c
P4ADEV-1781 add unit tests
serdimic Dec 19, 2024
b45ad0d
P4ADEV-1781 minor fixes
serdimic Dec 19, 2024
d553431
P4ADEV-1781 set secret BROKER_ENCRYPT_PASSWORD
serdimic Dec 19, 2024
c10544f
P4ADEV-1781 log getBrokerApiKeys request
serdimic Dec 19, 2024
87edb82
P4ADEV-1781 refactor custom exception handling with @RestControllerAd…
serdimic Dec 20, 2024
9caec24
P4ADEV-1781 move broker api-key encryption/decryption to dedicated se…
serdimic Dec 20, 2024
012cc91
Update src/main/java/it/gov/pagopa/pu/organization/service/BrokerEncr…
serdimic Dec 20, 2024
9528a11
Update src/main/java/it/gov/pagopa/pu/organization/service/BrokerEncr…
serdimic Dec 20, 2024
038ce88
P4ADEV-1781 minor fixes
serdimic Dec 20, 2024
dd6d124
P4ADEV-1781 remove log of decrypted api-key
serdimic Dec 20, 2024
4c9b20d
P4ADEV-1781 add test for BrokerController and ControllerExceptionHandler
serdimic Dec 20, 2024
8cd6168
P4ADEV-1781 refactor logging of ControllerExceptionHandler
serdimic Dec 20, 2024
b443fa6
P4ADEV-1781 minor code clean
serdimic Dec 20, 2024
1e77889
P4ADEV-1781 improve ControllerExceptionHandler logging
serdimic Dec 20, 2024
494df5d
P4ADEV-1781 fix bitwise or
serdimic Dec 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ HELP.md
!**/src/test/**/target/

#**/src/main/resources/application-local*.properties
/src/main/resources/local-*.env

### STS ###
.apt_generated
Expand Down
31 changes: 31 additions & 0 deletions build.gradle.kts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,37 @@ openApi {
outputFileName.set("generated.openapi.json")
}

configure<SourceSetContainer> {
named("main") {
java.srcDir("$projectDir/build/generated/src/main/java")
}
}

tasks.compileJava {
dependsOn("openApiGenerateOrganization")
}

springBoot {
mainClass.value("it.gov.pagopa.pu.organization.OrganizationApplication")
}

tasks.register<org.openapitools.generator.gradle.plugin.tasks.GenerateTask>("openApiGenerateOrganization") {
group = "openapi"
description = "description"

generatorName.set("spring")
inputSpec.set("$rootDir/openapi/p4pa-organization.openapi.json")
outputDir.set("$projectDir/build/generated")
apiPackage.set("it.gov.pagopa.pu.organization.controller.generated")
modelPackage.set("it.gov.pagopa.pu.organization.dto.generated")
configOptions.set(mapOf(
"dateLibrary" to "java8",
"requestMappingMode" to "api_interface",
"useSpringBoot3" to "true",
"interfaceOnly" to "true",
"useTags" to "true",
"generateConstructorWithAllArgs" to "false",
"generatedConstructorWithRequiredArgs" to "false",
"additionalModelTypeAnnotations" to "@lombok.Data @lombok.Builder @lombok.AllArgsConstructor"
))
}
131 changes: 109 additions & 22 deletions openapi/generated.openapi.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,12 @@
"description": "Generated server url"
}
],
"tags": [
{
"name": "Broker",
"description": "the Broker API"
}
],
"paths": {
"/brokers": {
"get": {
Expand Down Expand Up @@ -653,6 +659,73 @@
}
}
}
},
"/brokers/apiKey/{brokerId}": {
"get": {
"tags": [
"Broker"
],
"summary": "Retrieve decrypted API keys for a broker",
"operationId": "getBrokerApiKeys",
"parameters": [
{
"name": "brokerId",
"in": "path",
"required": true,
"schema": {
"type": "integer",
"format": "int64"
}
}
],
"responses": {
"200": {
"description": "OK",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/BrokerApiKeys"
}
},
"application/hal+json": {
"schema": {
"$ref": "#/components/schemas/BrokerApiKeys"
}
}
}
},
"404": {
"description": "Not Found",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/BrokerApiKeys"
}
},
"application/hal+json": {
"schema": {
"$ref": "#/components/schemas/BrokerApiKeys"
}
}
}
},
"500": {
"description": "Internal Server Error",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/BrokerApiKeys"
}
},
"application/hal+json": {
"schema": {
"$ref": "#/components/schemas/BrokerApiKeys"
}
}
}
}
}
}
}
},
"components": {
Expand Down Expand Up @@ -946,6 +1019,28 @@
}
}
},
"PagedModelEntityModelBroker": {
"type": "object",
"properties": {
"_embedded": {
"type": "object",
"properties": {
"broker": {
"type": "array",
"items": {
"$ref": "#/components/schemas/EntityModelBroker"
}
}
}
},
"_links": {
"$ref": "#/components/schemas/Links"
},
"page": {
"$ref": "#/components/schemas/PageMetadata"
}
}
},
"PersonalisationFe": {
"type": "object",
"properties": {
Expand All @@ -972,28 +1067,6 @@
}
}
},
"PagedModelEntityModelBroker": {
"type": "object",
"properties": {
"_embedded": {
"type": "object",
"properties": {
"broker": {
"type": "array",
"items": {
"$ref": "#/components/schemas/EntityModelBroker"
}
}
}
},
"_links": {
"$ref": "#/components/schemas/Links"
},
"page": {
"$ref": "#/components/schemas/PageMetadata"
}
}
},
"BrokerRequestBody": {
"type": "object",
"properties": {
Expand Down Expand Up @@ -1154,6 +1227,20 @@
}
}
},
"BrokerApiKeys": {
"type": "object",
"properties": {
"syncKey": {
"type": "string"
},
"acaKey": {
"type": "string"
},
"gpdKey": {
"type": "string"
}
}
},
"Link": {
"type": "object",
"properties": {
Expand Down
86 changes: 86 additions & 0 deletions openapi/p4pa-organization.openapi.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
{
"openapi": "3.0.1",
"info": {
"title": "p4pa-organization",
"description": "Api and Models",
"version": "0.0.1"
},
"servers": [
{
"url": "http://localhost:8080",
"description": "Generated server url"
}
],
"paths": {
"/brokers/apiKey/{brokerId}": {
"get": {
"tags": [
"Broker"
],
"summary": "Retrieve decrypted API keys for a broker",
"operationId": "getBrokerApiKeys",
"parameters": [
{
"name": "brokerId",
"in": "path",
"required": true,
"schema": {
"type": "integer",
"format": "int64"
}
}
],
"responses": {
"200": {
"description": "OK",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/BrokerApiKeys"
}
}
}
},
"404": {
"description": "Not Found",
"content": {
"application/hal+json": {
"schema": {
"$ref": "#/components/schemas/BrokerApiKeys"
}
}
}
},
"500": {
"description": "Internal Server Error",
"content": {
"application/hal+json": {
"schema": {
"$ref": "#/components/schemas/BrokerApiKeys"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"BrokerApiKeys": {
"type": "object",
"properties": {
"syncKey": {
"type": "string"
},
"acaKey": {
"type": "string"
},
"gpdKey": {
"type": "string"
}
}
}
}
}
}
25 changes: 25 additions & 0 deletions src/main/java/it/gov/pagopa/pu/organization/controller/BrokerController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
package it.gov.pagopa.pu.organization.controller;

import it.gov.pagopa.pu.organization.controller.generated.BrokerApi;
import it.gov.pagopa.pu.organization.dto.generated.BrokerApiKeys;
import it.gov.pagopa.pu.organization.service.BrokerService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.RestController;

@RestController
@Slf4j
public class BrokerController implements BrokerApi {

private final BrokerService brokerService;

public BrokerController(BrokerService brokerService){
this.brokerService = brokerService;
}

@Override
public ResponseEntity<BrokerApiKeys> getBrokerApiKeys(Long brokerId) {
return ResponseEntity.ofNullable(brokerService.getBrokerApiKeys(brokerId));
antonioT90 marked this conversation as resolved.
Show resolved Hide resolved
}

}
2 changes: 2 additions & 0 deletions src/main/java/it/gov/pagopa/pu/organization/model/Broker.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
import jakarta.persistence.SequenceGenerator;
import java.io.Serializable;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import org.hibernate.annotations.JdbcTypeCode;
Expand All @@ -19,6 +20,7 @@
@Entity(name = "broker")
@AllArgsConstructor
@NoArgsConstructor
@Builder
@Data
public class Broker implements Serializable {
@Id
Expand Down
56 changes: 56 additions & 0 deletions src/main/java/it/gov/pagopa/pu/organization/service/BrokerService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
package it.gov.pagopa.pu.organization.service;
antonioT90 marked this conversation as resolved.
Show resolved Hide resolved

import it.gov.pagopa.pu.organization.dto.generated.BrokerApiKeys;
import it.gov.pagopa.pu.organization.model.Broker;
import it.gov.pagopa.pu.organization.repository.BrokerRepository;
import it.gov.pagopa.pu.organization.util.AESUtils;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Service;
import org.springframework.web.client.HttpServerErrorException;

import java.util.Collections;
import java.util.HashMap;
import java.util.Map;

@Service("brokerService")
@Slf4j
public class BrokerService {

private final String brokerEncryptPassword;
private final BrokerRepository brokerRepository;

public BrokerService(
@Value("${app.brokerEncryptPassword}") String brokerEncryptPassword,
BrokerRepository brokerRepository) {
this.brokerEncryptPassword = brokerEncryptPassword;
this.brokerRepository = brokerRepository;
}

private final Map<byte[], String> apiKeyDecryptMap = Collections.synchronizedMap(new HashMap<>());

public BrokerApiKeys getBrokerApiKeys(Long brokerId){
Broker broker = brokerRepository.findById(brokerId).orElseThrow(() -> new HttpServerErrorException(HttpStatus.NOT_FOUND));
antonioT90 marked this conversation as resolved.
Show resolved Hide resolved

return BrokerApiKeys.builder()
.syncKey(decryptKey(broker.getSyncKey()))
.acaKey(decryptKey(broker.getAcaKey()))
.gpdKey(decryptKey(broker.getGpdKey()))
.build();
}

public String decryptKey(byte[] encryptedKey){
if(encryptedKey==null || encryptedKey.length==0) {
log.debug("null or empty api-key");
return null;
}
String decrypted = apiKeyDecryptMap.computeIfAbsent(encryptedKey, c -> {
log.debug("invoking AESUtils to decrypt api-key");
return AESUtils.decrypt(brokerEncryptPassword,c);
});
log.debug("decrypted api-key: {}", StringUtils.abbreviateMiddle(decrypted, "..", 8));
return decrypted;
}
antonioT90 marked this conversation as resolved.
Show resolved Hide resolved
}
Loading
Loading