pagopa · antoniotarricone · Jun 14, 2024 · Jun 13, 2024 · Jun 13, 2024 · Jun 14, 2024
@@ -911,11 +911,11 @@
       "sha256": "GvpPTiLMCTL0YX_AM3NqP0aFd1R4WNnz3M1MKsyrlec="
     },
     {
-      "id": "it.pagopa.swclient.mil:azure-services:jar:4.0.0",
+      "id": "it.pagopa.swclient.mil:azure-services:jar:4.0.2",
       "artifactId": "azure-services",
       "groupId": "it.pagopa.swclient.mil",
-      "version": "4.0.0",
-      "sha256": "oKPDa5w9Btr8VfMLVGsbHnZMf2V-rToj8QW05AkAEWs="
+      "version": "4.0.2",
+      "sha256": "IXRHPzfjg2ks-oalvmCqYMaVA4uu5IBzHsHJiwTYD5o="
     },
     {
       "id": "com.nimbusds:nimbus-jose-jwt:jar:9.39",

@@ -40,7 +40,7 @@
 		<quarkus.platform.version>3.11.0</quarkus.platform.version>
 		<!-- Other dependecies version -->
 		<common.version>2.3.0</common.version>
-		<azure-services.version>4.0.0</azure-services.version>
+		<azure-services.version>4.0.2</azure-services.version>
 		<lombok.version>1.18.32</lombok.version>
 		<otel-exporter-azure.version>3.8.3.0</otel-exporter-azure.version>
 		<assertj-core.version>3.25.3</assertj-core.version>

@@ -80,7 +80,7 @@ public Uni<Response> get() {
 		MDC.put("requestId", correlationId);
 		Log.debug("get - Input parameters: n/a");
 		return keyExtService.getKeys(
-			KeyUtils.KEY_DOMAIN,
+			KeyUtils.DOMAIN_VALUE,
 			List.of(JsonWebKeyOperation.SIGN, JsonWebKeyOperation.VERIFY),
 			List.of(JsonWebKeyType.RSA))
 			.map(KeyUtils::keyBundle2PublicKey)

@@ -75,13 +75,7 @@ private Client response2Client(Response r) {
 	public Uni<Client> getClient(String clientId) {
 		Log.tracef("Search client %s", clientId);
 		return blobService.getBlob("clients", clientId + ".json")
-			.map(this::response2Client)
-			.onFailure(t -> !(t instanceof AuthError))
-			.transform(t -> {
-				String message = String.format("[%s] Error searching for client", AuthErrorCode.ERROR_SEARCHING_FOR_CLIENT);
-				Log.errorf(t, message);
-				throw new AuthError(AuthErrorCode.ERROR_SEARCHING_FOR_CLIENT, message);
-			});
+			.map(this::response2Client);
 	}
 
 	/**
@@ -117,13 +111,7 @@ private Role response2Role(Response r) {
 	@CacheResult(cacheName = "client-role")
 	public Uni<Role> getRoles(String acquirerId, String channel, String clientId, String merchantId, String terminalId) {
 		return blobService.getBlob("roles", acquirerId, channel, clientId, merchantId, terminalId, "roles.json")
-			.map(this::response2Role)
-			.onFailure(t -> !(t instanceof AuthError))
-			.transform(t -> {
-				String message = String.format("[%s] Error searching for roles", AuthErrorCode.ERROR_SEARCHING_FOR_ROLES);
-				Log.errorf(t, message);
-				throw new AuthError(AuthErrorCode.ERROR_SEARCHING_FOR_ROLES, message);
-			});
+			.map(this::response2Role);
 	}
 
 	/**
@@ -155,12 +143,6 @@ private User response2User(Response r) {
 	@CacheResult(cacheName = "client-role")
 	public Uni<User> getUser(String userHash) {
 		return blobService.getBlob("users", userHash + ".json")
-			.map(this::response2User)
-			.onFailure(t -> !(t instanceof AuthError))
-			.transform(t -> {
-				String message = String.format("[%s] Error searching for user", AuthErrorCode.ERROR_SEARCHING_FOR_USER);
-				Log.errorf(t, message);
-				throw new AuthError(AuthErrorCode.ERROR_SEARCHING_FOR_USER, message);
-			});
+			.map(this::response2User);
 	}
 }
@@ -8,6 +8,7 @@
 import java.nio.charset.StandardCharsets;
 import java.time.Instant;
 import java.util.List;
+import java.util.Map;
 
 import org.eclipse.microprofile.config.inject.ConfigProperty;
 
@@ -86,6 +87,7 @@ private Uni<String> createKey() {
 					.setExp(now + cryptoperiod)
 					.setExportable(Boolean.FALSE)
 					.setNbf(now))
+				.setTags(Map.of(it.pagopa.swclient.mil.azureservices.keyvault.keys.util.KeyUtils.DOMAIN_KEY, KeyUtils.DOMAIN_VALUE))
 				.setKeyOps(List.of(JsonWebKeyOperation.ENCRYPT, JsonWebKeyOperation.DECRYPT))
 				.setKeySize(keysize)
 				.setKty(JsonWebKeyType.RSA))
@@ -100,7 +102,7 @@ private Uni<String> createKey() {
 	private Uni<String> retrieveKey() {
 		Log.trace("Retrieve key");
 		return keysExtService.getKeyWithLongestExp(
-			KeyUtils.KEY_DOMAIN,
+			KeyUtils.DOMAIN_VALUE,
 			List.of(JsonWebKeyOperation.ENCRYPT, JsonWebKeyOperation.DECRYPT),
 			List.of(JsonWebKeyType.RSA))
 			.chain(keyBundle -> {

@@ -11,6 +11,7 @@
 import java.text.ParseException;
 import java.time.Instant;
 import java.util.List;
+import java.util.Map;
 import java.util.Objects;
 
 import org.eclipse.microprofile.config.inject.ConfigProperty;
@@ -96,6 +97,7 @@ private Uni<String> createKey() {
 					.setExp(now + cryptoperiod)
 					.setExportable(Boolean.FALSE)
 					.setNbf(now))
+				.setTags(Map.of(it.pagopa.swclient.mil.azureservices.keyvault.keys.util.KeyUtils.DOMAIN_KEY, KeyUtils.DOMAIN_VALUE))
 				.setKeyOps(List.of(JsonWebKeyOperation.SIGN, JsonWebKeyOperation.VERIFY))
 				.setKeySize(keysize)
 				.setKty(JsonWebKeyType.RSA))
@@ -110,7 +112,7 @@ private Uni<String> createKey() {
 	private Uni<String> retrieveKey() {
 		Log.trace("Retrieve key");
 		return keysExtService.getKeyWithLongestExp(
-			KeyUtils.KEY_DOMAIN,
+			KeyUtils.DOMAIN_VALUE,
 			List.of(JsonWebKeyOperation.SIGN, JsonWebKeyOperation.VERIFY),
 			List.of(JsonWebKeyType.RSA))
 			.chain(keyBundle -> {

@@ -22,7 +22,7 @@ public class KeyUtils {
 	/*
 	 * 
 	 */
-	public static final String KEY_DOMAIN = "auth";
+	public static final String DOMAIN_VALUE = "auth";
 
 	/**
 	 * 
@@ -70,7 +70,7 @@ public static String[] myKid2KeyNameVersion(String myKid) {
 	 * @return
 	 */
 	public static String generateKeyName() {
-		return KEY_DOMAIN + UUID.randomUUID().toString().replace("-", "");
+		return DOMAIN_VALUE + UUID.randomUUID().toString().replace("-", "");
 	}
 
 	/**

@@ -24,6 +24,7 @@ quarkus.log.category."io.quarkus.smallrye.jwt.runtime.auth.MpJwtValidator".min-l
 %prod.quarkus.log.console.json=${auth.json-log:true}
 %prod.quarkus.log.level=${auth.quarkus-log-level}
 %prod.quarkus.log.category."it.pagopa.swclient.mil.auth".level=${auth.app-log-level}
+%prod.quarkus.log.category."it.pagopa.swclient.mil.auth".min-level=${auth.app-log-level}
 %prod.quarkus.rest-client.logging.scope=${auth.quarkus-rest-client-logging-scope}
 
 # ------------------------------------------------------------------------------

@@ -89,7 +89,7 @@ void given_setOfKeys_when_theEndPointIsInvoked_then_getListOfPublicKeys() {
 				.setKid("https://keyvault/keys/key_name_1/key_version_1"))
 			.setTags(Map.of(
 				it.pagopa.swclient.mil.azureservices.keyvault.keys.util.KeyUtils.DOMAIN_KEY,
-				KeyUtils.KEY_DOMAIN));
+				KeyUtils.DOMAIN_VALUE));
 
 		long iat2 = Instant.now().getEpochSecond();
 		long exp2 = Instant.now().plus(10, ChronoUnit.MINUTES).getEpochSecond();
@@ -110,10 +110,10 @@ void given_setOfKeys_when_theEndPointIsInvoked_then_getListOfPublicKeys() {
 				.setKid("https://keyvault/keys/key_name_2/key_version_2"))
 			.setTags(Map.of(
 				it.pagopa.swclient.mil.azureservices.keyvault.keys.util.KeyUtils.DOMAIN_KEY,
-				KeyUtils.KEY_DOMAIN));
+				KeyUtils.DOMAIN_VALUE));
 
 		when(keyExtService.getKeys(
-			KeyUtils.KEY_DOMAIN,
+			KeyUtils.DOMAIN_VALUE,
 			List.of(JsonWebKeyOperation.SIGN, JsonWebKeyOperation.VERIFY),
 			List.of(JsonWebKeyType.RSA)))
 			.thenReturn(Multi.createFrom().items(keyBundle1, keyBundle2));
@@ -149,7 +149,7 @@ void given_noKey_when_theEndPointIsInvoked_then_getEmptyListOfPublicKeys() {
 		 * Setup
 		 */
 		when(keyExtService.getKeys(
-			KeyUtils.KEY_DOMAIN,
+			KeyUtils.DOMAIN_VALUE,
 			List.of(JsonWebKeyOperation.SIGN, JsonWebKeyOperation.VERIFY),
 			List.of(JsonWebKeyType.RSA)))
 			.thenReturn(Multi.createFrom().items());
@@ -183,7 +183,7 @@ void given_errorSearchingKeys_when_theEndPointIsInvoked_then_getFailure() {
 		 * Setup
 		 */
 		when(keyExtService.getKeys(
-			KeyUtils.KEY_DOMAIN,
+			KeyUtils.DOMAIN_VALUE,
 			List.of(JsonWebKeyOperation.SIGN, JsonWebKeyOperation.VERIFY),
 			List.of(JsonWebKeyType.RSA)))
 			.thenReturn(Multi.createFrom().failure(new Exception("synthetic_exception")));

@@ -159,7 +159,7 @@ void given_errorFromBlobService_when_invokeGetClient_then_getFailure() {
 		repository.getClient("client_id")
 			.subscribe()
 			.withSubscriber(UniAssertSubscriber.create())
-			.assertFailedWith(AuthError.class);
+			.assertFailedWith(Exception.class);
 	}
 
 	/**
@@ -263,7 +263,7 @@ void given_errorFromBlobService_when_invokeGetRoles_then_getFailure() {
 		repository.getRoles("acquirerId", "channel", "clientId", "merchantId", "terminalId")
 			.subscribe()
 			.withSubscriber(UniAssertSubscriber.create())
-			.assertFailedWith(AuthError.class);
+			.assertFailedWith(Exception.class);
 	}
 
 	/**
@@ -364,6 +364,6 @@ void given_errorFromBlobService_when_invokeGetUser_then_getFailure() {
 		repository.getUser("user_hash")
 			.subscribe()
 			.withSubscriber(UniAssertSubscriber.create())
-			.assertFailedWith(AuthError.class);
+			.assertFailedWith(Exception.class);
 	}
 }
@@ -109,7 +109,7 @@ void given_claimToEncrypt_when_allIsOk_then_getEncryptedClaim() {
 		 * 
 		 */
 		when(keysExtService.getKeyWithLongestExp(
-			KeyUtils.KEY_DOMAIN,
+			KeyUtils.DOMAIN_VALUE,
 			List.of(JsonWebKeyOperation.ENCRYPT, JsonWebKeyOperation.DECRYPT),
 			List.of(JsonWebKeyType.RSA)))
 			.thenReturn(UniGenerator.item(
@@ -151,7 +151,7 @@ void given_claimToEncrypt_when_keyNotFound_then_createNewOneAndReturnEncryptedCl
 		 * 
 		 */
 		when(keysExtService.getKeyWithLongestExp(
-			KeyUtils.KEY_DOMAIN,
+			KeyUtils.DOMAIN_VALUE,
 			List.of(JsonWebKeyOperation.ENCRYPT, JsonWebKeyOperation.DECRYPT),
 			List.of(JsonWebKeyType.RSA)))
 			.thenReturn(Uni.createFrom().item(Optional.empty()));
@@ -194,7 +194,7 @@ void given_claimToEncrypt_when_keyRetrievingGoesWrong_then_getFailure() {
 		 * 
 		 */
 		when(keysExtService.getKeyWithLongestExp(
-			KeyUtils.KEY_DOMAIN,
+			KeyUtils.DOMAIN_VALUE,
 			List.of(JsonWebKeyOperation.ENCRYPT, JsonWebKeyOperation.DECRYPT),
 			List.of(JsonWebKeyType.RSA)))
 			.thenReturn(Uni.createFrom().failure(new Exception("synthetic_exception")));

@@ -120,7 +120,7 @@ void given_claimsSetToSign_when_suitableKeyExists_then_getSignedJwt() {
 		 * Setup
 		 */
 		when(keysExtService.getKeyWithLongestExp(
-			KeyUtils.KEY_DOMAIN,
+			KeyUtils.DOMAIN_VALUE,
 			List.of(JsonWebKeyOperation.SIGN, JsonWebKeyOperation.VERIFY),
 			List.of(JsonWebKeyType.RSA)))
 			.thenReturn(UniGenerator.item(
@@ -174,7 +174,7 @@ void given_claimsSetToSign_when_suitableKeyDoesntExist_then_createNewKeyAndGetSi
 		 * Setup
 		 */
 		when(keysExtService.getKeyWithLongestExp(
-			KeyUtils.KEY_DOMAIN,
+			KeyUtils.DOMAIN_VALUE,
 			List.of(JsonWebKeyOperation.SIGN, JsonWebKeyOperation.VERIFY),
 			List.of(JsonWebKeyType.RSA)))
 			.thenReturn(UniGenerator.item(
@@ -232,7 +232,7 @@ void given_claimsSetToSign_when_jwtCreateInstanceGoesWrong_then_getFailure() {
 		 * Setup
 		 */
 		when(keysExtService.getKeyWithLongestExp(
-			KeyUtils.KEY_DOMAIN,
+			KeyUtils.DOMAIN_VALUE,
 			List.of(JsonWebKeyOperation.SIGN, JsonWebKeyOperation.VERIFY),
 			List.of(JsonWebKeyType.RSA)))
 			.thenReturn(UniGenerator.item(
@@ -291,7 +291,7 @@ void given_claimsSetToSign_when_messageDigestGetInstanceGoesWrong_then_getFailur
 		 * Setup
 		 */
 		when(keysExtService.getKeyWithLongestExp(
-			KeyUtils.KEY_DOMAIN,
+			KeyUtils.DOMAIN_VALUE,
 			List.of(JsonWebKeyOperation.SIGN, JsonWebKeyOperation.VERIFY),
 			List.of(JsonWebKeyType.RSA)))
 			.thenReturn(UniGenerator.item(
@@ -347,7 +347,7 @@ void given_claimsSetToSign_when_unexpectedErrorOccurs_then_getFailure() {
 		 * Setup
 		 */
 		when(keysExtService.getKeyWithLongestExp(
-			KeyUtils.KEY_DOMAIN,
+			KeyUtils.DOMAIN_VALUE,
 			List.of(JsonWebKeyOperation.SIGN, JsonWebKeyOperation.VERIFY),
 			List.of(JsonWebKeyType.RSA)))
 			.thenReturn(UniGenerator.exception("code_string", "message_string"));

@@ -69,7 +69,7 @@ void given_keyBundleWithSignVerifyUse_when_keyBundle2PublicKeyIsInvoked_then_ret
 				.setKid("https://keyvault/keys/key_name/key_version"))
 			.setTags(Map.of(
 				it.pagopa.swclient.mil.azureservices.keyvault.keys.util.KeyUtils.DOMAIN_KEY,
-				KeyUtils.KEY_DOMAIN));
+				KeyUtils.DOMAIN_VALUE));
 
 		assertEquals("sig", KeyUtils.keyBundle2PublicKey(keyBundle).getUse());
 	}
@@ -97,7 +97,7 @@ void given_keyBundleWithSignUseOnly_when_keyBundle2PublicKeyIsInvoked_then_retur
 				.setKid("https://keyvault/keys/key_name/key_version"))
 			.setTags(Map.of(
 				it.pagopa.swclient.mil.azureservices.keyvault.keys.util.KeyUtils.DOMAIN_KEY,
-				KeyUtils.KEY_DOMAIN));
+				KeyUtils.DOMAIN_VALUE));
 
 		assertNull(KeyUtils.keyBundle2PublicKey(keyBundle).getUse());
 	}
@@ -125,7 +125,7 @@ void given_keyBundleWithVerifyUseOnly_when_keyBundle2PublicKeyIsInvoked_then_ret
 				.setKid("https://keyvault/keys/key_name/key_version"))
 			.setTags(Map.of(
 				it.pagopa.swclient.mil.azureservices.keyvault.keys.util.KeyUtils.DOMAIN_KEY,
-				KeyUtils.KEY_DOMAIN));
+				KeyUtils.DOMAIN_VALUE));
 
 		assertNull(KeyUtils.keyBundle2PublicKey(keyBundle).getUse());
 	}
@@ -153,7 +153,7 @@ void given_keyBundleWithEncryptUseOnly_when_keyBundle2PublicKeyIsInvoked_then_re
 				.setKid("https://keyvault/keys/key_name/key_version"))
 			.setTags(Map.of(
 				it.pagopa.swclient.mil.azureservices.keyvault.keys.util.KeyUtils.DOMAIN_KEY,
-				KeyUtils.KEY_DOMAIN));
+				KeyUtils.DOMAIN_VALUE));
 
 		assertNull(KeyUtils.keyBundle2PublicKey(keyBundle).getUse());
 	}