Feature/insert manager

dpppt-backend-sdk/dpppt-backend-sdk-model/src/main/java/org/dpppt/backend/sdk/semver/README.md

@@ -0,0 +1,25 @@
+# Semver
+
+## Introduction
+This implementation follows the official specification found for [Semver 2.0 ](https://semver.org/). 
+The regular expression used for matching is taken from the official specification ans was slightly adjusted.
+The following changes were made, to allow using extended SemVer:
+
+- it is allowed to have a prefix specifying the OS used. The following regex is used
+    > (?:(?<platform>ios|android)-)?
+
+- Only the major version is required. If minor or patch version are not given, a value of `0` i assumed. This was added as a `?` in the original regex for the minor and patch version.
+
+## IsAndroid/IsIos
+
+To allow for simple OS testing the following two implementations are added:
+
+```java
+public boolean isAndroid() {
+        return platform.contains("android") || metaInfo.contains("android");
+}
+public boolean isIOS() {
+    return platform.contains("ios") || metaInfo.contains("ios");
+}
+```
+Whereas in SemVer it would be normal to specify further information in the `metaInfo` field, the dp3t clients use the prefix `ios` or `android`. This implementation though should be compatible with a more SemVer approach.

dpppt-backend-sdk/dpppt-backend-sdk-model/src/main/java/org/dpppt/backend/sdk/semver/Version.java

@@ -0,0 +1,256 @@
+package org.dpppt.backend.sdk.semver;
+
+import java.util.Objects;
+import java.util.regex.Pattern;
+
+/**
+ * Semver implementation to allow for some special cases in the android/ios world: - platform is
+ * prepended to version - minor and patch are optional - if missing, they are set to 0.
+ */
+public class Version implements Comparable<Version> {
+  private Integer major;
+  private Integer minor;
+  private Integer patch;
+  private String preReleaseString = "";
+  private String metaInfo = "";
+  private String platform = "";
+
+  // Pattern copied from
+  // https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
+  // and adapted for the mobile strings.
+  private final Pattern semVerPattern =
+      Pattern.compile(
+          "^(?:(?<platform>ios|android)-)?(?<major>0|[1-9]\\d*)(\\.(?<minor>0|[1-9]\\d*))?(\\.(?<patch>0|[1-9]\\d*))?(?:-(?<prerelease>(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+(?<buildmetadata>[0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$");
+
+  public Version() {}
+
+  public Version(String versionString) {
+    if (versionString == null) {
+      this.setInvalidValue();
+      return;
+    }
+    this.major = -1;
+    this.minor = 0;
+    this.patch = 0;
+
+    var matches = semVerPattern.matcher(versionString.trim());
+    if (matches.find()) {
+      this.major = Integer.parseInt(matches.group("major"));
+      if (matches.group("minor") != null) {
+        this.minor = Integer.parseInt(matches.group("minor"));
+      }
+      if (matches.group("patch") != null) {
+        this.patch = Integer.parseInt(matches.group("patch"));
+      }
+      if (matches.group("platform") != null) {
+        this.platform = matches.group("platform");
+      }
+      if (matches.group("prerelease") != null) {
+        this.preReleaseString = matches.group("prerelease");
+      }
+      if (matches.group("buildmetadata") != null) {
+        this.metaInfo = matches.group("buildmetadata");
+      }
+    } else {
+      this.setInvalidValue();
+    }
+  }
+
+  public Version(Integer major, Integer minor, Integer patch) {
+    this.major = major;
+    this.minor = minor;
+    this.patch = patch;
+    this.preReleaseString = "";
+    this.metaInfo = "";
+  }
+
+  public Version(Integer major, Integer minor) {
+    this.major = major;
+    this.minor = minor;
+    this.patch = 0;
+    this.preReleaseString = "";
+    this.metaInfo = "";
+  }
+
+  public Version(Integer major) {
+    this.major = major;
+    this.minor = 0;
+    this.patch = 0;
+    this.preReleaseString = "";
+    this.metaInfo = "";
+  }
+
+  public Version(
+      Integer major, Integer minor, Integer patch, String preReleaseString, String metaInfo) {
+    this.major = major;
+    this.minor = minor;
+    this.patch = patch;
+    this.preReleaseString = preReleaseString;
+    this.metaInfo = metaInfo;
+  }
+
+  private void setInvalidValue() {
+    this.major = -1;
+    this.minor = -1;
+    this.patch = -1;
+    this.preReleaseString = "";
+    this.metaInfo = "";
+  }
+
+  public boolean isValid() {
+    return major.compareTo(Integer.valueOf(0)) >= 0
+        && minor.compareTo(Integer.valueOf(0)) >= 0
+        && patch.compareTo(Integer.valueOf(0)) >= 0;
+  }
+
+  public Integer getMajor() {
+    return this.major;
+  }
+
+  public void setMajor(Integer major) {
+    this.major = major;
+  }
+
+  public Integer getMinor() {
+    return this.minor;
+  }
+
+  public void setMinor(Integer minor) {
+    this.minor = minor;
+  }
+
+  public Integer getPatch() {
+    return this.patch;
+  }
+
+  public void setPatch(Integer patch) {
+    this.patch = patch;
+  }
+
+  public String getPreReleaseString() {
+    return this.preReleaseString;
+  }
+
+  public void setPreReleaseString(String preReleaseString) {
+    this.preReleaseString = preReleaseString;
+  }
+
+  public String getMetaInfo() {
+    return this.metaInfo;
+  }
+
+  public void setMetaInfo(String metaInfo) {
+    this.metaInfo = metaInfo;
+  }
+
+  public String getPlatform() {
+    return this.platform;
+  }
+
+  public void setPlatform(String platform) {
+    this.platform = platform;
+  }
+
+  public Version major(Integer major) {
+    this.major = major;
+    return this;
+  }
+
+  public Version minor(Integer minor) {
+    this.minor = minor;
+    return this;
+  }
+
+  public Version patch(Integer patch) {
+    this.patch = patch;
+    return this;
+  }
+
+  public Version preReleaseString(String preReleaseString) {
+    this.preReleaseString = preReleaseString;
+    return this;
+  }
+
+  public Version metaInfo(String metaInfo) {
+    this.metaInfo = metaInfo;
+    return this;
+  }
+
+  public boolean isPrerelease() {
+    return !preReleaseString.isEmpty();
+  }
+
+  public boolean isAndroid() {
+    return platform.contains("android") || metaInfo.contains("android");
+  }
+
+  public boolean isIOS() {
+    return platform.contains("ios") || metaInfo.contains("ios");
+  }
+
+  @Override
+  public boolean equals(Object o) {
+    if (o == this) return true;
+    if (!(o instanceof Version)) {
+      return false;
+    }
+    Version version = (Version) o;
+    return Objects.equals(major, version.major)
+        && Objects.equals(minor, version.minor)
+        && Objects.equals(patch, version.patch)
+        && Objects.equals(preReleaseString, version.preReleaseString)
+        && Objects.equals(metaInfo, version.metaInfo)
+        && Objects.equals(platform, version.platform);
+  }
+
+  @Override
+  public int hashCode() {
+    return Objects.hash(major, minor, patch, preReleaseString, metaInfo);
+  }
+
+  @Override
+  public String toString() {
+    return getMajor()
+        + "."
+        + getMinor()
+        + "."
+        + getPatch()
+        + (getPreReleaseString().isEmpty() ? "" : "-" + getPreReleaseString())
+        + (getMetaInfo().isEmpty() ? "" : "+" + getMetaInfo());
+  }
+
+  @Override
+  public int compareTo(Version o) {
+    if (this.major.compareTo(o.major) != 0) {
+      return this.major.compareTo(o.major);
+    }
+    if (this.minor.compareTo(o.minor) != 0) {
+      return this.minor.compareTo(o.minor);
+    }
+    if (this.patch.compareTo(o.patch) != 0) {
+      return this.patch.compareTo(o.patch);
+    }
+    if (this.isPrerelease() && o.isPrerelease()) {
+      if (this.preReleaseString.compareTo(o.preReleaseString) != 0) {
+        return this.preReleaseString.compareTo(o.preReleaseString);
+      }
+    } else if (this.isPrerelease() && !o.isPrerelease()) {
+      return -1;
+    } else if (!this.isPrerelease() && o.isPrerelease()) {
+      return 1;
+    }
+    return 0;
+  }
+
+  public boolean isSmallerVersionThan(Version other) {
+    return this.compareTo(other) < 0;
+  }
+
+  public boolean isLargerVersionThan(Version other) {
+    return this.compareTo(other) > 0;
+  }
+
+  public boolean isSameVersionAs(Version other) {
+    return this.compareTo(other) == 0;
+  }
+}

dpppt-backend-sdk/dpppt-backend-sdk-ws/src/main/java/org/dpppt/backend/sdk/ws/config/WSBaseConfig.java

@@ -34,6 +34,15 @@
 import org.dpppt.backend.sdk.ws.controller.DPPPTController;
 import org.dpppt.backend.sdk.ws.controller.GaenController;
 import org.dpppt.backend.sdk.ws.filter.ResponseWrapperFilter;
+import org.dpppt.backend.sdk.ws.insertmanager.InsertManager;
+import org.dpppt.backend.sdk.ws.insertmanager.insertionfilters.Base64Filter;
+import org.dpppt.backend.sdk.ws.insertmanager.insertionfilters.KeysMatchingJWTFilter;
+import org.dpppt.backend.sdk.ws.insertmanager.insertionfilters.NonFakeKeysFilter;
+import org.dpppt.backend.sdk.ws.insertmanager.insertionfilters.RollingStartNumberAfterDayAfterTomorrowFilter;
+import org.dpppt.backend.sdk.ws.insertmanager.insertionfilters.RollingStartNumberInRetentionPeriodFilter;
+import org.dpppt.backend.sdk.ws.insertmanager.insertionfilters.ValidRollingPeriodFilter;
+import org.dpppt.backend.sdk.ws.insertmanager.insertionmodifier.IOSLegacyProblemRPLT144Modifier;
+import org.dpppt.backend.sdk.ws.insertmanager.insertionmodifier.OldAndroid0RPModifier;
 import org.dpppt.backend.sdk.ws.interceptor.HeaderInjector;
 import org.dpppt.backend.sdk.ws.security.KeyVault;
 import org.dpppt.backend.sdk.ws.security.NoValidateRequest;
@@ -45,6 +54,7 @@
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Lazy;
@@ -203,6 +213,40 @@ public ProtoSignature gaenSigner() {
     }
   }
 
+  @Bean
+  public InsertManager insertManager() {
+    var manager = new InsertManager(gaenDataService(), gaenValidationUtils());
+    manager.addFilter(new Base64Filter(gaenValidationUtils()));
+    manager.addFilter(new KeysMatchingJWTFilter(gaenRequestValidator, gaenValidationUtils()));
+    manager.addFilter(new RollingStartNumberAfterDayAfterTomorrowFilter());
+    manager.addFilter(new RollingStartNumberInRetentionPeriodFilter(gaenValidationUtils()));
+    manager.addFilter(new NonFakeKeysFilter());
+    manager.addFilter(new ValidRollingPeriodFilter());
+    return manager;
+  }
+
+  @ConditionalOnProperty(
+      value = "ws.app.gaen.insertmanager.android0rpmodifier",
+      havingValue = "true",
+      matchIfMissing = false)
+  @Bean
+  public OldAndroid0RPModifier oldAndroid0RPModifier(InsertManager manager) {
+    var androidModifier = new OldAndroid0RPModifier();
+    manager.addModifier(androidModifier);
+    return androidModifier;
+  }
+
+  @ConditionalOnProperty(
+      value = "ws.app.gaen.insertmanager.iosrplt144modifier",
+      havingValue = "true",
+      matchIfMissing = false)
+  @Bean
+  public IOSLegacyProblemRPLT144Modifier iosLegacyProblemRPLT144(InsertManager manager) {
+    var iosModifier = new IOSLegacyProblemRPLT144Modifier();
+    manager.addModifier(iosModifier);
+    return iosModifier;
+  }
+
   @Bean
   public DPPPTController dppptSDKController() {
     ValidateRequest theValidator = requestValidator;
@@ -237,6 +281,7 @@ public GaenController gaenController() {
       theValidator = backupValidator();
     }
     return new GaenController(
+        insertManager(),
         gaenDataService(),
         fakeKeyService(),
         theValidator,

dpppt-backend-sdk/dpppt-backend-sdk-ws/src/main/java/org/dpppt/backend/sdk/ws/controller/DPPPTController.java

@@ -116,25 +116,25 @@ public DPPPTController(
                       + " + OS-Version",
               example = "ch.ubique.android.starsdk;1.0;iOS;13.3")
           String userAgent,
-      @AuthenticationPrincipal Object principal) {
+      @AuthenticationPrincipal Object principal)
+      throws InvalidDateException, WrongScopeException, ClaimIsBeforeOnsetException {
     var now = UTCInstant.now();
-    long keyDate;
 
-    try {
-      if (!this.validateRequest.isValid(principal)) {
-        return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
-      }
-      keyDate = this.validateRequest.validateKeyDate(now, principal, exposeeRequest);
-    } catch (WrongScopeException | ClaimIsBeforeOnsetException | InvalidDateException e) {
-      return ResponseEntity.status(HttpStatus.BAD_REQUEST).build();
+    if (!this.validateRequest.isValid(principal)) {
+      return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
     }
-
     if (!validationUtils.isValidBase64Key(exposeeRequest.getKey())) {
       return new ResponseEntity<>("No valid base64 key", HttpStatus.BAD_REQUEST);
     }
     // TODO: should we give that information?
     Exposee exposee = new Exposee();
     exposee.setKey(exposeeRequest.getKey());
+    long keyDate;
+    try {
+      keyDate = this.validateRequest.validateKeyDate(now, principal, exposeeRequest);
+    } catch (ClaimIsBeforeOnsetException | InvalidDateException e) {
+      return ResponseEntity.status(HttpStatus.BAD_REQUEST).build();
+    }
 
     exposee.setKeyDate(keyDate);
     if (!this.validateRequest.isFakeRequest(principal, exposeeRequest)) {