Skip to content

Commit

Permalink
PIN-4985 BKE - Auth-process: rid of route GET -> /clients/{clientId}/…
Browse files Browse the repository at this point in the history
…users/{userId}/keys (#244)

Co-authored-by: nttdata-rtorsoli <[email protected]>
  • Loading branch information
nttdata-rtorsoli and nttdata-rtorsoli authored Jun 20, 2024
1 parent 0ea8adc commit a44e442
Show file tree
Hide file tree
Showing 9 changed files with 5 additions and 256 deletions.
47 changes: 0 additions & 47 deletions src/main/resources/interface-specification.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,11 +22,6 @@ tags:
externalDocs:
description: Find out more
url: http://swagger.io
- name: user
description: Get security information
externalDocs:
description: Find out more
url: http://swagger.io
- name: health
description: Verify service status
externalDocs:
Expand Down Expand Up @@ -652,48 +647,6 @@ paths:
application/problem+json:
schema:
$ref: '#/components/schemas/Problem'
'/clients/{clientId}/users/{userId}/keys':
parameters:
- $ref: '#/components/parameters/CorrelationIdHeader'
- name: clientId
in: path
description: ID of the client holding the key
required: true
schema:
type: string
format: uuid
- name: userId
in: path
required: true
description: ID of the User that the added keys MUST belong to
schema:
type: string
format: uuid
get:
tags:
- user
summary: Returns a set of keys by user ID and client ID.
description: 'Given an user and a client it returns its corresponding set of keys, if any'
operationId: getClientUserKeys
responses:
'200':
description: returns the corresponding array of keys
content:
application/json:
schema:
$ref: '#/components/schemas/Keys'
'401':
description: Unauthorized
content:
application/problem+json:
schema:
$ref: '#/components/schemas/Problem'
'404':
description: Client id not found
content:
application/problem+json:
schema:
$ref: '#/components/schemas/Problem'
'/clients/{clientId}/purposes':
parameters:
- $ref: '#/components/parameters/CorrelationIdHeader'
Expand Down

This file was deleted.

This file was deleted.

This file was deleted.

Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,7 @@ import it.pagopa.interop.authorizationprocess.api.impl.{
HealthApiMarshallerImpl,
HealthServiceApiImpl
}
import it.pagopa.interop.authorizationprocess.api.impl.UserApiServiceImpl
import it.pagopa.interop.authorizationprocess.api.impl.UserApiMarshallerImpl
import it.pagopa.interop.authorizationprocess.api.{ClientApi, HealthApi, UserApi}
import it.pagopa.interop.authorizationprocess.api.{ClientApi, HealthApi}
import it.pagopa.interop.selfcare.v2.client.api.{InstitutionsApi, UsersApi}
import it.pagopa.interop.authorizationprocess.common.system.ApplicationConfiguration
import it.pagopa.interop.authorizationprocess.api.impl.serviceCode
Expand Down Expand Up @@ -97,15 +95,6 @@ trait Dependencies {
jwtReader.OAuth2JWTValidatorAsContexts
)

def userApi(jwtReader: JWTReader, blockingEc: ExecutionContextExecutor)(implicit
actorSystem: ActorSystem[_],
ec: ExecutionContext
): UserApi = new UserApi(
UserApiServiceImpl(authorizationManagementService(blockingEc), selfcareV2Service()),
UserApiMarshallerImpl,
jwtReader.OAuth2JWTValidatorAsContexts(Logger.takingImplicit[ContextFieldsToLog]("OAuth2JWTValidatorAsContexts"))
)

def getJwtValidator(): Future[JWTReader] = JWTConfiguration.jwtReader
.loadKeyset()
.map(keyset =>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -32,12 +32,9 @@ object Main extends App with CORSSupport with Dependencies {

val serverBinding = for {
jwtReader <- getJwtValidator()
controller = new Controller(
clientApi(jwtReader, blockingEc),
healthApi,
userApi(jwtReader, blockingEc),
validationExceptionToRoute.some
)(actorSystem.classicSystem)
controller = new Controller(clientApi(jwtReader, blockingEc), healthApi, validationExceptionToRoute.some)(
actorSystem.classicSystem
)
binding <- Http()(actorSystem.classicSystem)
.newServerAt("0.0.0.0", ApplicationConfiguration.serverPort)
.bind(corsHandler(controller.routes))
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ package it.pagopa.interop.authorizationprocess
import cats.syntax.all._
import akka.http.scaladsl.model.StatusCodes
import akka.http.scaladsl.testkit.ScalatestRouteTest
import it.pagopa.interop.authorizationprocess.api.impl.{ClientApiServiceImpl, UserApiServiceImpl}
import it.pagopa.interop.authorizationprocess.api.impl.ClientApiServiceImpl
import it.pagopa.interop.authorizationprocess.api.impl.ClientApiMarshallerImpl._
import it.pagopa.interop.authorizationprocess.error.AuthorizationProcessErrors.{InstitutionNotFound, ClientNotFound}
import it.pagopa.interop.authorizationprocess.model._
Expand All @@ -21,12 +21,6 @@ import scala.concurrent.{ExecutionContext, Future}

class UserOperationSpec extends AnyWordSpecLike with MockFactory with SpecUtilsWithImplicit with ScalatestRouteTest {

val serviceUser: UserApiServiceImpl =
UserApiServiceImpl(mockAuthorizationManagementService, mockSelfcareV2Service)(
ExecutionContext.global,
mockReadModel
)

val service: ClientApiServiceImpl = ClientApiServiceImpl(
mockAuthorizationManagementService,
mockAgreementManagementService,
Expand Down Expand Up @@ -273,53 +267,4 @@ class UserOperationSpec extends AnyWordSpecLike with MockFactory with SpecUtilsW
}
}
}

"User retrieve keys" should {
"succeed" in {

(mockAuthorizationManagementService
.getClient(_: UUID)(_: ExecutionContext, _: ReadModelService))
.expects(persistentClient.id, *, *)
.once()
.returns(Future.successful(persistentClient.copy(users = Set(userId))))

(mockAuthorizationManagementService
.getClientKeys(_: UUID)(_: ExecutionContext, _: ReadModelService))
.expects(persistentClient.id, *, *)
.once()
.returns(Future.successful(Seq(persistentKey)))

Get() ~> serviceUser.getClientUserKeys(persistentClient.id.toString, userId.toString) ~> check {
status shouldEqual StatusCodes.OK
}
}

"fail if the caller is not the client consumer" in {

(mockAuthorizationManagementService
.getClient(_: UUID)(_: ExecutionContext, _: ReadModelService))
.expects(persistentClient.id, *, *)
.once()
.returns(Future.successful(persistentClient.copy(consumerId = UUID.randomUUID())))

Get() ~> serviceUser.getClientUserKeys(persistentClient.id.toString, UUID.randomUUID().toString) ~> check {
status shouldEqual StatusCodes.Forbidden
responseAs[Problem].errors.head.code shouldEqual "007-0008"
}
}

"fail if client does not exist" in {
(mockAuthorizationManagementService
.getClient(_: UUID)(_: ExecutionContext, _: ReadModelService))
.expects(persistentClient.id, *, *)
.once()
.returns(Future.failed(ClientNotFound(persistentClient.id)))

Get() ~> serviceUser.getClientUserKeys(persistentClient.id.toString, userId.toString) ~> check {
status shouldEqual StatusCodes.NotFound
responseAs[Problem].errors.head.code shouldEqual "007-0010"
}
}

}
}

This file was deleted.

Original file line number Diff line number Diff line change
Expand Up @@ -416,8 +416,6 @@ trait SpecUtils extends SprayJsonSupport { self: MockFactory =>

val clientApiMarshaller: ClientApiMarshallerImpl.type = ClientApiMarshallerImpl

val userApiMarshaller: UserApiMarshallerImpl.type = UserApiMarshallerImpl

implicit def fromResponseUnmarshallerClientRequest: FromEntityUnmarshaller[Client] =
sprayJsonUnmarshaller[Client]

Expand Down

0 comments on commit a44e442

Please sign in to comment.