[ANCHOR-422] Custody integration and RPC API (#1067)

### What
- Custody Server:
  - new service;
  - ServiceRunner updates;
  - `Fireblocks` integration;
  - `Fireblocks` transactions reconciliation job;
  - run configuration for IntelliJ IDEA.
- Anchor Config:
  - custody and `Fireblocks` configuration;
  - RPC configuration.
- Kotlin Reference Server:
- feature toggle to switch between RPC API and `PATCH /transactions`
endpoint;
  - feature toggle to enable/disable custody mode.
- RPC API:
  - RPC endpoint;
  - method handlers;
  - trustline check job;
  - RPC API support for Observer.
- End2End tests:
  - `AnchorPlatformApiRpcEnd2EndTest`;
  - `AnchorPlatformCustodyApiRpcEnd2EndTest`;
  - `AnchorPlatformCustodyEnd2EndTest`;
  -  run configurations for IntelliJ IDEA.
- Integration tests:
   - `AnchorPlatformCustodyIntegrationTest`;
   - `AnchorPlatformIntegrationTest`.
- DB migration scripts:
  - `custody_transaction` table;
  - `transaction_pending_trust` table.
- Unit tests.

.github/workflows/sub_gradle_test_and_build.yml

@@ -28,6 +28,7 @@ jobs:
           sudo echo "127.0.0.1 reference-server" | sudo tee -a /etc/hosts
           sudo echo "127.0.0.1 wallet-server" | sudo tee -a /etc/hosts
           sudo echo "127.0.0.1 platform" | sudo tee -a /etc/hosts
+          sudo echo "127.0.0.1 custody-server" | sudo tee -a /etc/hosts
           sudo echo "127.0.0.1 host.docker.internal" | sudo tee -a /etc/hosts 
 
       - name: Build and run the stack with docker compose
@@ -127,6 +128,10 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v3
 
+      - name: Set up Gradle properties
+        run: |
+          echo "kotlin.daemon.jvmargs=-Xmx2g" >> gradle.properties
+
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v2
         with:

.run/Run - All Servers - no Docker.run.xml

@@ -1,7 +1,7 @@
 <component name="ProjectRunConfigurationManager">
   <configuration default="false" name="Run - All Servers - no Docker" type="JetRunConfigurationType">
     <envs>
-      <env name="sep24.enableTest" value="true" />
+      <env name="app.enableTest" value="true" />
     </envs>
     <option name="MAIN_CLASS_NAME" value="org.stellar.anchor.platform.run_profiles.RunAllServers" />
     <module name="java-stellar-anchor-sdk.service-runner.main" />

.run/Run - Custody Server - no Docker.run.xml

@@ -0,0 +1,10 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Run - Custody Server - no Docker" type="JetRunConfigurationType">
+    <option name="MAIN_CLASS_NAME" value="org.stellar.anchor.platform.run_profiles.RunCustodyServer" />
+    <module name="java-stellar-anchor-sdk.service-runner.main" />
+    <shortenClasspath name="ARGS_FILE" />
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

.run/Run - Kotlin Reference Server - no Docker.run.xml

@@ -1,7 +1,7 @@
 <component name="ProjectRunConfigurationManager">
   <configuration default="false" name="Run - Kotlin Reference Server - no Docker" type="JetRunConfigurationType">
     <envs>
-      <env name="sep24.enableTest" value="true" />
+      <env name="app.enableTest" value="true" />
       <env name="TEST_PROFILE_NAME" value="default" />
     </envs>
     <option name="MAIN_CLASS_NAME" value="org.stellar.anchor.platform.run_profiles.RunKotlinReferenceServer" />

.run/Test - End2End with RPC Test - no fullstack.run.xml

@@ -0,0 +1,34 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Test - End2End Test - no fullstack" type="JUnit" factoryName="JUnit">
+    <module name="java-stellar-anchor-sdk.integration-tests.test" />
+    <shortenClasspath name="ARGS_FILE" />
+    <extension name="coverage">
+      <pattern>
+        <option name="PATTERN" value="org.stellar.anchor.platform.*" />
+        <option name="ENABLED" value="true" />
+      </pattern>
+    </extension>
+    <extension name="net.ashald.envfile">
+      <option name="IS_ENABLED" value="false" />
+      <option name="IS_SUBST" value="false" />
+      <option name="IS_PATH_MACRO_SUPPORTED" value="false" />
+      <option name="IS_IGNORE_MISSING_FILES" value="false" />
+      <option name="IS_ENABLE_EXPERIMENTAL_INTEGRATIONS" value="false" />
+      <ENTRIES>
+        <ENTRY IS_ENABLED="true" PARSER="runconfig" IS_EXECUTABLE="false" />
+      </ENTRIES>
+    </extension>
+    <option name="PACKAGE_NAME" value="org.stellar.anchor.platform" />
+    <option name="MAIN_CLASS_NAME" value="org.stellar.anchor.platform.AnchorPlatformApiRpcEnd2EndTest" />
+    <option name="METHOD_NAME" value="" />
+    <option name="TEST_OBJECT" value="class" />
+    <envs>
+      <env name="TEST_PROFILE_NAME" value="default-rpc" />
+      <env name="run_all_servers" value="false" />
+      <env name="run_docker" value="false" />
+    </envs>
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

.run/Test - End2End with RPC Test - with fullstack.run.xml

@@ -0,0 +1,34 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Test - End2End Test - with fullstack" type="JUnit" factoryName="JUnit">
+    <module name="java-stellar-anchor-sdk.integration-tests.test" />
+    <shortenClasspath name="ARGS_FILE" />
+    <extension name="coverage">
+      <pattern>
+        <option name="PATTERN" value="org.stellar.anchor.platform.*" />
+        <option name="ENABLED" value="true" />
+      </pattern>
+    </extension>
+    <extension name="net.ashald.envfile">
+      <option name="IS_ENABLED" value="false" />
+      <option name="IS_SUBST" value="false" />
+      <option name="IS_PATH_MACRO_SUPPORTED" value="false" />
+      <option name="IS_IGNORE_MISSING_FILES" value="false" />
+      <option name="IS_ENABLE_EXPERIMENTAL_INTEGRATIONS" value="false" />
+      <ENTRIES>
+        <ENTRY IS_ENABLED="true" PARSER="runconfig" IS_EXECUTABLE="false" />
+      </ENTRIES>
+    </extension>
+    <option name="PACKAGE_NAME" value="org.stellar.anchor.platform" />
+    <option name="MAIN_CLASS_NAME" value="org.stellar.anchor.platform.AnchorPlatformApiRpcEnd2EndTest" />
+    <option name="METHOD_NAME" value="" />
+    <option name="TEST_OBJECT" value="class" />
+    <envs>
+      <env name="TEST_PROFILE_NAME" value="default-rpc" />
+      <env name="run_all_servers" value="true" />
+      <env name="run_docker" value="true" />
+    </envs>
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

.run/Test - Fireblocks End2End Test - no fullstack.run.xml

@@ -0,0 +1,38 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Test - Fireblocks End2End Test - no fullstack" type="JUnit" factoryName="JUnit">
+    <module name="java-stellar-anchor-sdk.integration-tests.test" />
+    <shortenClasspath name="ARGS_FILE" />
+    <extension name="coverage">
+      <pattern>
+        <option name="PATTERN" value="org.stellar.anchor.platform.*" />
+        <option name="ENABLED" value="true" />
+      </pattern>
+    </extension>
+    <extension name="net.ashald.envfile">
+      <option name="IS_ENABLED" value="false" />
+      <option name="IS_SUBST" value="false" />
+      <option name="IS_PATH_MACRO_SUPPORTED" value="false" />
+      <option name="IS_IGNORE_MISSING_FILES" value="false" />
+      <option name="IS_ENABLE_EXPERIMENTAL_INTEGRATIONS" value="false" />
+      <ENTRIES>
+        <ENTRY IS_ENABLED="true" PARSER="runconfig" IS_EXECUTABLE="false" />
+      </ENTRIES>
+    </extension>
+    <option name="PACKAGE_NAME" value="org.stellar.anchor.platform" />
+    <option name="MAIN_CLASS_NAME" value="org.stellar.anchor.platform.AnchorPlatformCustodyEnd2EndTest" />
+    <option name="METHOD_NAME" value="" />
+    <option name="TEST_OBJECT" value="class" />
+    <envs>
+      <env name="TEST_PROFILE_NAME" value="default-custody" />
+      <env name="run_all_servers" value="false" />
+      <env name="run_docker" value="false" />
+      <env name="CUSTODY_TYPE" value="fireblocks" />
+      <env name="CUSTODY_FIREBLOCKS_VAULT_ACCOUNT_ID" value="stub" />
+      <env name="SECRET_CUSTODY_FIREBLOCKS_API_KEY" value="stub" />
+      <env name="SECRET_CUSTODY_FIREBLOCKS_SECRET_KEY" value="stub" />
+    </envs>
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

.run/Test - Fireblocks End2End Test - with fullstack.run.xml

@@ -0,0 +1,38 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Test - Fireblocks End2End Test - with fullstack" type="JUnit" factoryName="JUnit">
+    <module name="java-stellar-anchor-sdk.integration-tests.test" />
+    <shortenClasspath name="ARGS_FILE" />
+    <extension name="coverage">
+      <pattern>
+        <option name="PATTERN" value="org.stellar.anchor.platform.*" />
+        <option name="ENABLED" value="true" />
+      </pattern>
+    </extension>
+    <extension name="net.ashald.envfile">
+      <option name="IS_ENABLED" value="false" />
+      <option name="IS_SUBST" value="false" />
+      <option name="IS_PATH_MACRO_SUPPORTED" value="false" />
+      <option name="IS_IGNORE_MISSING_FILES" value="false" />
+      <option name="IS_ENABLE_EXPERIMENTAL_INTEGRATIONS" value="false" />
+      <ENTRIES>
+        <ENTRY IS_ENABLED="true" PARSER="runconfig" IS_EXECUTABLE="false" />
+      </ENTRIES>
+    </extension>
+    <option name="PACKAGE_NAME" value="org.stellar.anchor.platform" />
+    <option name="MAIN_CLASS_NAME" value="org.stellar.anchor.platform.AnchorPlatformCustodyEnd2EndTest" />
+    <option name="METHOD_NAME" value="" />
+    <option name="TEST_OBJECT" value="class" />
+    <envs>
+      <env name="TEST_PROFILE_NAME" value="default-custody" />
+      <env name="run_all_servers" value="true" />
+      <env name="run_docker" value="true" />
+      <env name="CUSTODY_TYPE" value="fireblocks" />
+      <env name="CUSTODY_FIREBLOCKS_VAULT_ACCOUNT_ID" value="stub" />
+      <env name="SECRET_CUSTODY_FIREBLOCKS_API_KEY" value="stub" />
+      <env name="SECRET_CUSTODY_FIREBLOCKS_SECRET_KEY" value="stub" />
+    </envs>
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

.run/Test - Fireblocks End2End with RPC Test - no fullstack.run.xml

@@ -0,0 +1,38 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Test - Fireblocks End2End Test - no fullstack" type="JUnit" factoryName="JUnit">
+    <module name="java-stellar-anchor-sdk.integration-tests.test" />
+    <shortenClasspath name="ARGS_FILE" />
+    <extension name="coverage">
+      <pattern>
+        <option name="PATTERN" value="org.stellar.anchor.platform.*" />
+        <option name="ENABLED" value="true" />
+      </pattern>
+    </extension>
+    <extension name="net.ashald.envfile">
+      <option name="IS_ENABLED" value="false" />
+      <option name="IS_SUBST" value="false" />
+      <option name="IS_PATH_MACRO_SUPPORTED" value="false" />
+      <option name="IS_IGNORE_MISSING_FILES" value="false" />
+      <option name="IS_ENABLE_EXPERIMENTAL_INTEGRATIONS" value="false" />
+      <ENTRIES>
+        <ENTRY IS_ENABLED="true" PARSER="runconfig" IS_EXECUTABLE="false" />
+      </ENTRIES>
+    </extension>
+    <option name="PACKAGE_NAME" value="org.stellar.anchor.platform" />
+    <option name="MAIN_CLASS_NAME" value="org.stellar.anchor.platform.AnchorPlatformCustodyApiRpcEnd2EndTest" />
+    <option name="METHOD_NAME" value="" />
+    <option name="TEST_OBJECT" value="class" />
+    <envs>
+      <env name="TEST_PROFILE_NAME" value="default-custody-rpc" />
+      <env name="run_all_servers" value="false" />
+      <env name="run_docker" value="false" />
+      <env name="CUSTODY_TYPE" value="fireblocks" />
+      <env name="CUSTODY_FIREBLOCKS_VAULT_ACCOUNT_ID" value="stub" />
+      <env name="SECRET_CUSTODY_FIREBLOCKS_API_KEY" value="stub" />
+      <env name="SECRET_CUSTODY_FIREBLOCKS_SECRET_KEY" value="stub" />
+    </envs>
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

.run/Test - Fireblocks End2End with RPC Test - with fullstack.run.xml

@@ -0,0 +1,38 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Test - Fireblocks End2End Test - with fullstack" type="JUnit" factoryName="JUnit">
+    <module name="java-stellar-anchor-sdk.integration-tests.test" />
+    <shortenClasspath name="ARGS_FILE" />
+    <extension name="coverage">
+      <pattern>
+        <option name="PATTERN" value="org.stellar.anchor.platform.*" />
+        <option name="ENABLED" value="true" />
+      </pattern>
+    </extension>
+    <extension name="net.ashald.envfile">
+      <option name="IS_ENABLED" value="false" />
+      <option name="IS_SUBST" value="false" />
+      <option name="IS_PATH_MACRO_SUPPORTED" value="false" />
+      <option name="IS_IGNORE_MISSING_FILES" value="false" />
+      <option name="IS_ENABLE_EXPERIMENTAL_INTEGRATIONS" value="false" />
+      <ENTRIES>
+        <ENTRY IS_ENABLED="true" PARSER="runconfig" IS_EXECUTABLE="false" />
+      </ENTRIES>
+    </extension>
+    <option name="PACKAGE_NAME" value="org.stellar.anchor.platform" />
+    <option name="MAIN_CLASS_NAME" value="org.stellar.anchor.platform.AnchorPlatformCustodyApiRpcEnd2EndTest" />
+    <option name="METHOD_NAME" value="" />
+    <option name="TEST_OBJECT" value="class" />
+    <envs>
+      <env name="TEST_PROFILE_NAME" value="default-custody-rpc" />
+      <env name="run_all_servers" value="true" />
+      <env name="run_docker" value="true" />
+      <env name="CUSTODY_TYPE" value="fireblocks" />
+      <env name="CUSTODY_FIREBLOCKS_VAULT_ACCOUNT_ID" value="stub" />
+      <env name="SECRET_CUSTODY_FIREBLOCKS_API_KEY" value="stub" />
+      <env name="SECRET_CUSTODY_FIREBLOCKS_SECRET_KEY" value="stub" />
+    </envs>
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

anchor-reference-server/src/main/java/org/stellar/anchor/reference/AnchorReferenceConfig.java

@@ -54,7 +54,7 @@ public FilterRegistrationBean<Filter> platformToAnchorTokenFilter(
     String authSecret = integrationAuthSettings.getPlatformToAnchorSecret();
     switch (integrationAuthSettings.getAuthType()) {
       case JWT:
-        JwtService jwtService = new JwtService(null, null, null, authSecret, null);
+        JwtService jwtService = new JwtService(null, null, null, authSecret, null, null);
         platformToAnchorFilter = new CallbackAuthJwtFilter(jwtService);
         break;
 
@@ -78,7 +78,7 @@ AuthHelper authHelper(IntegrationAuthSettings integrationAuthSettings) {
     switch (integrationAuthSettings.getAuthType()) {
       case JWT:
         return AuthHelper.forJwtToken(
-            new JwtService(null, null, null, null, authSecret),
+            new JwtService(null, null, null, null, authSecret, null),
             integrationAuthSettings.getExpirationMilliseconds());
       case API_KEY:
         return AuthHelper.forApiKey(authSecret);

api-schema/src/main/java/org/stellar/anchor/api/custody/CreateCustodyTransactionRequest.java

@@ -0,0 +1,20 @@
+package org.stellar.anchor.api.custody;
+
+import lombok.Builder;
+import lombok.Data;
+
+@Data
+@Builder
+public class CreateCustodyTransactionRequest {
+
+  private String id;
+  private String memo;
+  private String memoType;
+  private String protocol;
+  private String fromAccount;
+  private String toAccount;
+  private String amount;
+  private String amountFee;
+  private String asset;
+  private String kind;
+}

api-schema/src/main/java/org/stellar/anchor/api/custody/CreateTransactionPaymentResponse.java

@@ -0,0 +1,10 @@
+package org.stellar.anchor.api.custody;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+
+@Data
+@AllArgsConstructor
+public class CreateTransactionPaymentResponse {
+  private String id;
+}

api-schema/src/main/java/org/stellar/anchor/api/custody/CreateTransactionRefundRequest.java

@@ -0,0 +1,13 @@
+package org.stellar.anchor.api.custody;
+
+import lombok.Builder;
+import lombok.Data;
+
+@Data
+@Builder
+public class CreateTransactionRefundRequest {
+  private String memo;
+  private String memoType;
+  private String amount;
+  private String amountFee;
+}

api-schema/src/main/java/org/stellar/anchor/api/custody/CustodyExceptionResponse.java

@@ -0,0 +1,12 @@
+package org.stellar.anchor.api.custody;
+
+import lombok.Data;
+
+@Data
+public class CustodyExceptionResponse {
+  String rawErrorMessage;
+
+  public CustodyExceptionResponse(String rawErrorMessage) {
+    this.rawErrorMessage = rawErrorMessage;
+  }
+}

api-schema/src/main/java/org/stellar/anchor/api/custody/GenerateDepositAddressResponse.java

@@ -0,0 +1,13 @@
+package org.stellar.anchor.api.custody;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+
+@Data
+@AllArgsConstructor
+public class GenerateDepositAddressResponse {
+
+  private String address;
+  private String memo;
+  private String memoType;
+}

api-schema/src/main/java/org/stellar/anchor/api/custody/fireblocks/AmlScreeningResult.java

@@ -0,0 +1,9 @@
+package org.stellar.anchor.api.custody.fireblocks;
+
+import lombok.Data;
+
+@Data
+public class AmlScreeningResult {
+  private String provider;
+  private String payload;
+}

api-schema/src/main/java/org/stellar/anchor/api/custody/fireblocks/AmountInfo.java

@@ -0,0 +1,11 @@
+package org.stellar.anchor.api.custody.fireblocks;
+
+import lombok.Data;
+
+@Data
+public class AmountInfo {
+  private String amount;
+  private String requestedAmount;
+  private String netAmount;
+  private String amountUSD;
+}