From f41d4f90373ae44c8fc1d510bf436b3b65b100d4 Mon Sep 17 00:00:00 2001 From: Giulia Tremolada Date: Wed, 12 Jun 2024 12:13:29 +0200 Subject: [PATCH 1/3] fix: substitute lang in BOUrl and remove lang in billingToken API --- app/src/main/resources/swagger/api-docs.json | 9 ----- .../web/controller/ProductV2Controller.java | 8 +++-- .../web/controller/TokenV2Controller.java | 9 ++--- .../web/security/ExchangeTokenServiceV2.java | 10 +++--- .../controller/ProductV2ControllerTest.java | 15 +++++--- .../web/controller/TokenV2ControllerTest.java | 12 +++---- .../security/ExchangeTokenServiceV2Test.java | 35 ++++++++----------- 7 files changed, 42 insertions(+), 56 deletions(-) diff --git a/app/src/main/resources/swagger/api-docs.json b/app/src/main/resources/swagger/api-docs.json index 11c1d221f..c9b4f056c 100644 --- a/app/src/main/resources/swagger/api-docs.json +++ b/app/src/main/resources/swagger/api-docs.json @@ -1878,15 +1878,6 @@ "schema" : { "type" : "string" } - }, { - "name" : "lang", - "in" : "query", - "description" : "Selected language", - "required" : false, - "style" : "form", - "schema" : { - "type" : "string" - } } ], "responses" : { "200" : { diff --git a/web/src/main/java/it/pagopa/selfcare/dashboard/web/controller/ProductV2Controller.java b/web/src/main/java/it/pagopa/selfcare/dashboard/web/controller/ProductV2Controller.java index cee6aaf48..648292372 100644 --- a/web/src/main/java/it/pagopa/selfcare/dashboard/web/controller/ProductV2Controller.java +++ b/web/src/main/java/it/pagopa/selfcare/dashboard/web/controller/ProductV2Controller.java @@ -42,12 +42,14 @@ public URI retrieveProductBackoffice(@ApiParam("${swagger.dashboard.products.mod @RequestParam(value = "environment", required = false) Optional environment, @ApiParam("${swagger.dashboard.product-backoffice-configurations.model.lang}") - @RequestParam(value = "lang", required = false) + @RequestParam(value = "lang", required = false, defaultValue = "it") String lang) { log.trace("accessProductBackoffice start"); log.debug("accessProductBackoffice institutionId = {}, productId = {}", institutionId, productId); - final ExchangedToken exchangedToken = exchangeTokenService.exchange(institutionId, productId, environment, lang); - final URI location = URI.create(exchangedToken.getBackOfficeUrl().replace("", exchangedToken.getIdentityToken())); + final ExchangedToken exchangedToken = exchangeTokenService.exchange(institutionId, productId, environment); + final URI location = URI.create(exchangedToken.getBackOfficeUrl() + .replace("", exchangedToken.getIdentityToken()) + .replace("", lang)); log.trace("accessProductBackoffice end"); return location; diff --git a/web/src/main/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2Controller.java b/web/src/main/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2Controller.java index 62db62025..66866aa37 100644 --- a/web/src/main/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2Controller.java +++ b/web/src/main/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2Controller.java @@ -51,7 +51,7 @@ public IdentityTokenResource exchange(@ApiParam("${swagger.dashboard.institution log.trace("exchange start"); log.debug("exchange institutionId = {}, productId = {}", institutionId, productId); - String token = exchangeTokenService.exchange(institutionId, productId, environment, null).getIdentityToken(); + String token = exchangeTokenService.exchange(institutionId, productId, environment).getIdentityToken(); IdentityTokenResource identityToken = new IdentityTokenResource(); identityToken.setToken(token); @@ -72,16 +72,13 @@ public URI billingToken(@ApiParam("${swagger.dashboard.institutions.model.id}") @ApiParam("${swagger.dashboard.product-backoffice-configurations.model.environment}") @RequestParam(value = "environment", required = false) Optional environment, - JwtAuthenticationToken jwtAuthenticationToken, - @ApiParam("${swagger.dashboard.product-backoffice-configurations.model.lang}") - @RequestParam(value = "lang", required = false) - String lang) { + JwtAuthenticationToken jwtAuthenticationToken) { log.trace("billing exchange start"); log.debug("billing exchange institutionId = {}", Encode.forJava(institutionId)); log.info("env parameter: {}", Encode.forJava(environment.orElse(""))); - final ExchangedToken exchangedToken = exchangeTokenService.retrieveBillingExchangedToken(institutionId, lang); + final ExchangedToken exchangedToken = exchangeTokenService.retrieveBillingExchangedToken(institutionId); final URI location = URI.create(exchangedToken.getBackOfficeUrl().replace("", exchangedToken.getIdentityToken())); log.debug(LogUtils.CONFIDENTIAL_MARKER, "billing exchange result = {}", Encode.forJava(String.valueOf(location))); log.trace("billing exchange end"); diff --git a/web/src/main/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2.java b/web/src/main/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2.java index 1b981c77b..3f3bd8c2e 100644 --- a/web/src/main/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2.java +++ b/web/src/main/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2.java @@ -96,7 +96,7 @@ public ExchangeTokenServiceV2(JwtService jwtService, } - public ExchangedToken exchange(String institutionId, String productId, Optional environment, String lang) { + public ExchangedToken exchange(String institutionId, String productId, Optional environment) { log.trace("exchange start"); log.debug(LogUtils.CONFIDENTIAL_MARKER, "exchange institutionId = {}, productId = {}", institutionId, productId); Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); @@ -129,13 +129,12 @@ public ExchangedToken exchange(String institutionId, String productId, Optional< final String urlBO = environment.map(env -> product.getBackOfficeEnvironmentConfigurations().get(env).getUrl()) .orElse(product.getUrlBO()); - final String urlBOLang = Objects.nonNull(lang) ? urlBO.concat("?lang="+lang) : urlBO; log.trace("exchange end"); - return new ExchangedToken(jwts, urlBOLang); + return new ExchangedToken(jwts, urlBO); } - public ExchangedToken retrieveBillingExchangedToken(String institutionId, String lang) { + public ExchangedToken retrieveBillingExchangedToken(String institutionId) { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null || authentication.getPrincipal() == null || authentication.getCredentials() == null) { throw new IllegalStateException("Authentication is required"); @@ -166,9 +165,8 @@ public ExchangedToken retrieveBillingExchangedToken(String institutionId, String String jwts = createJwts(claims); log.debug(LogUtils.CONFIDENTIAL_MARKER, "Exchanged token = {}", jwts); log.trace("exchange end"); - final String billingUrlLang = Objects.nonNull(lang) ? billingUrl.concat("?lang=" + lang) : billingUrl; - return new ExchangedToken(jwts, billingUrlLang); + return new ExchangedToken(jwts, billingUrl); } private List retrieveInvoiceableProductList() { diff --git a/web/src/test/java/it/pagopa/selfcare/dashboard/web/controller/ProductV2ControllerTest.java b/web/src/test/java/it/pagopa/selfcare/dashboard/web/controller/ProductV2ControllerTest.java index 173a7973c..8aaf158b3 100644 --- a/web/src/test/java/it/pagopa/selfcare/dashboard/web/controller/ProductV2ControllerTest.java +++ b/web/src/test/java/it/pagopa/selfcare/dashboard/web/controller/ProductV2ControllerTest.java @@ -19,6 +19,7 @@ import java.net.URI; import java.util.Optional; +import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertTrue; import static org.mockito.Mockito.*; import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE; @@ -48,9 +49,12 @@ void retrieveProductBackoffice() throws Exception { String institutionId = "inst1"; String lang = "en"; final String identityToken = "identityToken"; - final String backOfficeUrl = "back-office-url#token="; - when(exchangeTokenServiceMock.exchange(any(), any(), any(), anyString())) - .thenReturn(new ExchangedToken(identityToken, backOfficeUrl + "")); + final String backOfficeUrl = "back-office-url#token=?lang="; + final ExchangedToken exchangedToken = new ExchangedToken(identityToken, backOfficeUrl + .replace("", identityToken) + .replace("", lang)); + when(exchangeTokenServiceMock.exchange(any(), any(), any())) + .thenReturn(exchangedToken); // when MvcResult result = mvc.perform(MockMvcRequestBuilders .get(BASE_URL + "/{productId}/back-office", productId) @@ -63,10 +67,11 @@ void retrieveProductBackoffice() throws Exception { // then URI response = objectMapper.readValue(result.getResponse().getContentAsString(), URI.class); assertTrue(response.toString().contains(identityToken)); - assertTrue(response.toString().contains(backOfficeUrl)); + assertTrue(response.toString().contains(lang)); + assertEquals(response.toString(), exchangedToken.getBackOfficeUrl()); verify(exchangeTokenServiceMock, times(1)) - .exchange(institutionId, productId, Optional.empty(), lang); + .exchange(institutionId, productId, Optional.empty()); verifyNoMoreInteractions(exchangeTokenServiceMock); verifyNoInteractions(productServiceMock); } diff --git a/web/src/test/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2ControllerTest.java b/web/src/test/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2ControllerTest.java index 9b1e38ae4..47274bd90 100644 --- a/web/src/test/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2ControllerTest.java +++ b/web/src/test/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2ControllerTest.java @@ -22,7 +22,8 @@ import java.util.Optional; import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.mockito.ArgumentMatchers.*; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyNoMoreInteractions; @@ -47,7 +48,7 @@ void exchange() throws Exception { // given String institutionId = "inst1"; String productId = "prod1"; - Mockito.when(exchangeTokenServiceMock.exchange(anyString(), anyString(), any(), eq(null))) + Mockito.when(exchangeTokenServiceMock.exchange(anyString(), anyString(), any())) .thenReturn(new ExchangedToken("token", "urlBO")); // when MvcResult result = mvc.perform(MockMvcRequestBuilders @@ -63,7 +64,7 @@ void exchange() throws Exception { assertNotNull(resource); assertNotNull(resource.getToken()); verify(exchangeTokenServiceMock, Mockito.times(1)) - .exchange(institutionId, productId, Optional.empty(), null); + .exchange(institutionId, productId, Optional.empty()); verifyNoMoreInteractions(exchangeTokenServiceMock); } @@ -72,13 +73,12 @@ void billingExchange() throws Exception { // given String institutionId = "inst1"; String lang = "en"; - Mockito.when(exchangeTokenServiceMock.retrieveBillingExchangedToken(anyString(), anyString())) + Mockito.when(exchangeTokenServiceMock.retrieveBillingExchangedToken(anyString())) .thenReturn(new ExchangedToken("token", "urlBO")); // when MvcResult result = mvc.perform(MockMvcRequestBuilders .get(BASE_URL + "/exchange/fatturazione") .param("institutionId", institutionId) - .param("lang", lang) .contentType(MediaType.APPLICATION_JSON_VALUE) .accept(MediaType.APPLICATION_JSON_VALUE)) .andExpect(MockMvcResultMatchers.status().is2xxSuccessful()) @@ -87,7 +87,7 @@ void billingExchange() throws Exception { URI resource = objectMapper.readValue(result.getResponse().getContentAsString(), URI.class); assertNotNull(resource); verify(exchangeTokenServiceMock, Mockito.times(1)) - .retrieveBillingExchangedToken(institutionId, lang); + .retrieveBillingExchangedToken(institutionId); verifyNoMoreInteractions(exchangeTokenServiceMock); } diff --git a/web/src/test/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2Test.java b/web/src/test/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2Test.java index 43d1e5ca6..2b5974b80 100644 --- a/web/src/test/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2Test.java +++ b/web/src/test/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2Test.java @@ -135,7 +135,7 @@ void exchange_noAuth() throws Exception { JwtService jwtServiceMock = mock(JwtService.class); ExchangeTokenServiceV2 ExchangeTokenServiceV2 = new ExchangeTokenServiceV2(jwtServiceMock, null, null, null, properties, null, null, new InstitutionResourceMapperImpl()); // when - Executable executable = () -> ExchangeTokenServiceV2.exchange(null, null, null, null); + Executable executable = () -> ExchangeTokenServiceV2.exchange(null, null, null); // then IllegalStateException e = assertThrows(IllegalStateException.class, executable); assertEquals("Authentication is required", e.getMessage()); @@ -147,7 +147,6 @@ void exchange_SelfCareAuthOnDifferentInstId() throws Exception { // given String institutionId = "institutionId"; String productId = "productId"; - String lang = "en"; File file = ResourceUtils.getFile("classpath:certs/PKCS8key.pem"); String jwtSigningKey = Files.readString(file.toPath(), Charset.defaultCharset()); JwtService jwtServiceMock = mock(JwtService.class); @@ -172,7 +171,7 @@ void exchange_SelfCareAuthOnDifferentInstId() throws Exception { TestingAuthenticationToken authentication = new TestingAuthenticationToken(SelfCareUser.builder("userId").build(), "password", authorities); TestSecurityContextHolder.setAuthentication(authentication); // when - Executable executable = () -> ExchangeTokenServiceV2.exchange(institutionId, productId, null, lang); + Executable executable = () -> ExchangeTokenServiceV2.exchange(institutionId, productId, null); // then IllegalArgumentException e = assertThrows(IllegalArgumentException.class, executable); assertEquals("A Product Granted SelfCareAuthority is required for product '" + productId + "' and institution '" + institutionId + "'", e.getMessage()); @@ -185,7 +184,6 @@ void exchange_SelfCareAuthOnDifferentProductId() throws Exception { // given String institutionId = "institutionId"; String productId = "productId"; - String lang = "en"; File file = ResourceUtils.getFile("classpath:certs/PKCS8key.pem"); String jwtSigningKey = Files.readString(file.toPath(), Charset.defaultCharset()); JwtService jwtServiceMock = mock(JwtService.class); @@ -205,7 +203,7 @@ void exchange_SelfCareAuthOnDifferentProductId() throws Exception { TestingAuthenticationToken authentication = new TestingAuthenticationToken(SelfCareUser.builder("userId").build(), "password", authorities); TestSecurityContextHolder.setAuthentication(authentication); // when - Executable executable = () -> ExchangeTokenServiceV2.exchange(institutionId, productId, null, lang); + Executable executable = () -> ExchangeTokenServiceV2.exchange(institutionId, productId, null); // then IllegalArgumentException e = assertThrows(IllegalArgumentException.class, executable); assertEquals("A Product Granted SelfCareAuthority is required for product '" + productId + "' and institution '" + institutionId + "'", e.getMessage()); @@ -218,7 +216,6 @@ void exchange_noSessionTokenClaims() throws Exception { // given String institutionId = "institutionId"; String productId = "productId"; - String lang = "en"; File file = ResourceUtils.getFile("classpath:certs/PKCS8key.pem"); String jwtSigningKey = Files.readString(file.toPath(), Charset.defaultCharset()); ExchangeTokenProperties properties = new ExchangeTokenProperties(); @@ -274,7 +271,7 @@ void exchange_noSessionTokenClaims() throws Exception { ExchangeTokenServiceV2 ExchangeTokenServiceV2 = new ExchangeTokenServiceV2(jwtServiceMock, institutionServiceMock, groupServiceMock, null, properties, null, userApiConnector, new InstitutionResourceMapperImpl()); // when - Executable executable = () -> ExchangeTokenServiceV2.exchange(institutionId, productId, null, lang); + Executable executable = () -> ExchangeTokenServiceV2.exchange(institutionId, productId, Optional.empty()); // then RuntimeException e = assertThrows(IllegalArgumentException.class, executable); assertEquals("Session token claims is required", e.getMessage()); @@ -289,7 +286,6 @@ void exchange_noInstitutionInfo() throws Exception { // given String institutionId = "institutionId"; String productId = "productId"; - String lang = "en"; File file = ResourceUtils.getFile("classpath:certs/PKCS8key.pem"); String jwtSigningKey = Files.readString(file.toPath(), Charset.defaultCharset()); ExchangeTokenProperties properties = new ExchangeTokenProperties(); @@ -318,7 +314,7 @@ void exchange_noInstitutionInfo() throws Exception { TestingAuthenticationToken authentication = new TestingAuthenticationToken(SelfCareUser.builder("userId").build(), "password", authorities); TestSecurityContextHolder.setAuthentication(authentication); // when - Executable executable = () -> ExchangeTokenServiceV2.exchange(institutionId, productId, null, lang); + Executable executable = () -> ExchangeTokenServiceV2.exchange(institutionId, productId, Optional.empty()); // then RuntimeException e = assertThrows(IllegalArgumentException.class, executable); assertEquals("Institution info is required", e.getMessage()); @@ -436,9 +432,9 @@ void exchange_nullGroupInfo(PrivateKey privateKey) throws Exception { ExchangeTokenServiceV2 ExchangeTokenServiceV2 = new ExchangeTokenServiceV2(jwtServiceMock, institutionServiceMock, groupServiceMock, productsConnectorMock, properties, UserV2Service, userApiConnector, new InstitutionResourceMapperImpl()); // when - final ExchangedToken exchangedToken = ExchangeTokenServiceV2.exchange(institutionId, productId, Optional.empty(), lang); + final ExchangedToken exchangedToken = ExchangeTokenServiceV2.exchange(institutionId, productId, Optional.empty()); // then - assertEquals(product.getUrlBO().concat("?lang=" + lang), exchangedToken.getBackOfficeUrl()); + assertEquals(product.getUrlBO(), exchangedToken.getBackOfficeUrl()); assertNotNull(exchangedToken.getIdentityToken()); Jws claimsJws = Jwts.parser() .setSigningKey(loadPublicKey()) @@ -489,7 +485,6 @@ void exchange_ok(PrivateKey privateKey) throws Exception { String institutionId = "institutionId"; String productId = "productId"; String productRole = "productRole"; - String lang = "en"; final Pageable pageable = Pageable.ofSize(100); List roleOnProducts = List.of(new ProductGrantedAuthority(MANAGER, productRole, productId)); List authorities = List.of(new SelfCareGrantedAuthority(institutionId, roleOnProducts)); @@ -600,10 +595,9 @@ void exchange_ok(PrivateKey privateKey) throws Exception { when(userApiConnector.getProducts(anyString(), anyString())).thenReturn(userInstitution); ExchangeTokenServiceV2 ExchangeTokenServiceV2 = new ExchangeTokenServiceV2(jwtServiceMock, institutionServiceMock, groupServiceMock, productsConnectorMock, properties, UserV2Service, userApiConnector, new InstitutionResourceMapperImpl()); // when - final ExchangedToken exchangedToken = ExchangeTokenServiceV2.exchange(institutionId, productId, Optional.of(COLLAUDO_ENV), lang); + final ExchangedToken exchangedToken = ExchangeTokenServiceV2.exchange(institutionId, productId, Optional.of(COLLAUDO_ENV)); // then - assertEquals(product.getBackOfficeEnvironmentConfigurations().get(COLLAUDO_ENV).getUrl().concat("?lang=" + lang), - exchangedToken.getBackOfficeUrl()); + assertEquals(product.getBackOfficeEnvironmentConfigurations().get(COLLAUDO_ENV).getUrl(), exchangedToken.getBackOfficeUrl()); Jws claimsJws = Jwts.parser() .setSigningKey(loadPublicKey()) .parseClaimsJws(exchangedToken.getIdentityToken()); @@ -650,7 +644,7 @@ void billingExchange_noAuth() throws Exception { JwtService jwtServiceMock = mock(JwtService.class); ExchangeTokenServiceV2 ExchangeTokenServiceV2 = new ExchangeTokenServiceV2(jwtServiceMock, null, null, null, properties, null, null, new InstitutionResourceMapperImpl()); // when - Executable executable = () -> ExchangeTokenServiceV2.retrieveBillingExchangedToken(null, null); + Executable executable = () -> ExchangeTokenServiceV2.retrieveBillingExchangedToken(null); // then IllegalStateException e = assertThrows(IllegalStateException.class, executable); assertEquals("Authentication is required", e.getMessage()); @@ -715,7 +709,7 @@ void billingExchange_noSessionTokenClaims() throws Exception { ExchangeTokenServiceV2 ExchangeTokenServiceV2 = new ExchangeTokenServiceV2(jwtServiceMock, institutionServiceMock, groupServiceMock, productsConnector, properties, null, userApiConnector, new InstitutionResourceMapperImpl()); - Executable executable = () -> ExchangeTokenServiceV2.retrieveBillingExchangedToken(institutionId, null); + Executable executable = () -> ExchangeTokenServiceV2.retrieveBillingExchangedToken(institutionId); // then RuntimeException e = assertThrows(IllegalArgumentException.class, executable); assertEquals("Session token claims is required", e.getMessage()); @@ -758,7 +752,7 @@ void billingExchange_noInstitutionInfo() throws Exception { TestingAuthenticationToken authentication = new TestingAuthenticationToken(SelfCareUser.builder("ccbc5350-0ba7-47bc-9f61-8c65001939f9").build(), "password", authorities); TestSecurityContextHolder.setAuthentication(authentication); // when - Executable executable = () -> ExchangeTokenServiceV2.retrieveBillingExchangedToken(institutionId, null); + Executable executable = () -> ExchangeTokenServiceV2.retrieveBillingExchangedToken(institutionId); // then RuntimeException e = assertThrows(IllegalArgumentException.class, executable); assertEquals("Institution info is required", e.getMessage()); @@ -854,7 +848,7 @@ void billingExchange_nullGroupInfo(PrivateKey privateKey) throws Exception { when(userApiConnector.getProducts(anyString(), anyString())).thenReturn(userInstitution); ExchangeTokenServiceV2 ExchangeTokenServiceV2 = new ExchangeTokenServiceV2(jwtServiceMock, institutionServiceMock, groupServiceMock, productsConnectorMock, properties, UserV2Service, userApiConnector, new InstitutionResourceMapperImpl()); // when - final ExchangedToken exchangedToken = ExchangeTokenServiceV2.retrieveBillingExchangedToken(institutionId, null); + final ExchangedToken exchangedToken = ExchangeTokenServiceV2.retrieveBillingExchangedToken(institutionId); // then assertNotNull(exchangedToken.getIdentityToken()); Jws claimsJws = Jwts.parser() @@ -896,7 +890,6 @@ void billingExchange_nullGroupInfo(PrivateKey privateKey) throws Exception { @EnumSource(PrivateKey.class) void billingExchange_ok(PrivateKey privateKey) throws Exception { // given - String lang = "en"; String jti = "id"; Date iat = Date.from(Instant.now().minusSeconds(1)); Date exp = Date.from(iat.toInstant().plusSeconds(5)); @@ -979,7 +972,7 @@ void billingExchange_ok(PrivateKey privateKey) throws Exception { when(userApiConnector.getProducts(anyString(), anyString())).thenReturn(userInstitution); ExchangeTokenServiceV2 ExchangeTokenServiceV2 = new ExchangeTokenServiceV2(jwtServiceMock, institutionServiceMock, groupServiceMock, productsConnectorMock, properties, UserV2Service, userApiConnector, new InstitutionResourceMapperImpl()); // when - final ExchangedToken exchangedToken = ExchangeTokenServiceV2.retrieveBillingExchangedToken(institutionId, lang); + final ExchangedToken exchangedToken = ExchangeTokenServiceV2.retrieveBillingExchangedToken(institutionId); // then assertNotNull(exchangedToken.getIdentityToken()); Jws claimsJws = Jwts.parser() From 329c434f9fa6babe00f22340ca5adae7a5841219 Mon Sep 17 00:00:00 2001 From: Giulia Tremolada Date: Wed, 12 Jun 2024 12:26:40 +0200 Subject: [PATCH 2/3] remove unused variables --- .../selfcare/dashboard/web/controller/TokenV2ControllerTest.java | 1 - .../dashboard/web/security/ExchangeTokenServiceV2Test.java | 1 - 2 files changed, 2 deletions(-) diff --git a/web/src/test/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2ControllerTest.java b/web/src/test/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2ControllerTest.java index 47274bd90..08080398b 100644 --- a/web/src/test/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2ControllerTest.java +++ b/web/src/test/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2ControllerTest.java @@ -72,7 +72,6 @@ void exchange() throws Exception { void billingExchange() throws Exception { // given String institutionId = "inst1"; - String lang = "en"; Mockito.when(exchangeTokenServiceMock.retrieveBillingExchangedToken(anyString())) .thenReturn(new ExchangedToken("token", "urlBO")); // when diff --git a/web/src/test/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2Test.java b/web/src/test/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2Test.java index 2b5974b80..c599774f5 100644 --- a/web/src/test/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2Test.java +++ b/web/src/test/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2Test.java @@ -335,7 +335,6 @@ void exchange_nullGroupInfo(PrivateKey privateKey) throws Exception { String institutionId = "institutionId"; String productId = "productId"; String productRole = "productRole"; - String lang = "en"; List roleOnProducts = List.of(new ProductGrantedAuthority(MANAGER, productRole, productId)); List authorities = List.of(new SelfCareGrantedAuthority(institutionId, roleOnProducts)); UUID userId = UUID.randomUUID(); From 3cddc4b2cbf1e7dec4bb72f004b2f8279219d059 Mon Sep 17 00:00:00 2001 From: Giulia Tremolada Date: Wed, 12 Jun 2024 12:44:08 +0200 Subject: [PATCH 3/3] add lang in billingToken API and align unit tests --- app/src/main/resources/swagger/api-docs.json | 9 ++++++ .../web/controller/TokenV2Controller.java | 7 +++-- .../web/security/ExchangeTokenServiceV2.java | 5 ++-- .../web/controller/TokenV2ControllerTest.java | 30 ++++++++++++++++--- .../security/ExchangeTokenServiceV2Test.java | 11 +++---- 5 files changed, 49 insertions(+), 13 deletions(-) diff --git a/app/src/main/resources/swagger/api-docs.json b/app/src/main/resources/swagger/api-docs.json index c9b4f056c..11c1d221f 100644 --- a/app/src/main/resources/swagger/api-docs.json +++ b/app/src/main/resources/swagger/api-docs.json @@ -1878,6 +1878,15 @@ "schema" : { "type" : "string" } + }, { + "name" : "lang", + "in" : "query", + "description" : "Selected language", + "required" : false, + "style" : "form", + "schema" : { + "type" : "string" + } } ], "responses" : { "200" : { diff --git a/web/src/main/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2Controller.java b/web/src/main/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2Controller.java index 66866aa37..be753294e 100644 --- a/web/src/main/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2Controller.java +++ b/web/src/main/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2Controller.java @@ -72,13 +72,16 @@ public URI billingToken(@ApiParam("${swagger.dashboard.institutions.model.id}") @ApiParam("${swagger.dashboard.product-backoffice-configurations.model.environment}") @RequestParam(value = "environment", required = false) Optional environment, - JwtAuthenticationToken jwtAuthenticationToken) { + JwtAuthenticationToken jwtAuthenticationToken, + @ApiParam("${swagger.dashboard.product-backoffice-configurations.model.lang}") + @RequestParam(value = "lang", required = false) + String lang) { log.trace("billing exchange start"); log.debug("billing exchange institutionId = {}", Encode.forJava(institutionId)); log.info("env parameter: {}", Encode.forJava(environment.orElse(""))); - final ExchangedToken exchangedToken = exchangeTokenService.retrieveBillingExchangedToken(institutionId); + final ExchangedToken exchangedToken = exchangeTokenService.retrieveBillingExchangedToken(institutionId, lang); final URI location = URI.create(exchangedToken.getBackOfficeUrl().replace("", exchangedToken.getIdentityToken())); log.debug(LogUtils.CONFIDENTIAL_MARKER, "billing exchange result = {}", Encode.forJava(String.valueOf(location))); log.trace("billing exchange end"); diff --git a/web/src/main/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2.java b/web/src/main/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2.java index 3f3bd8c2e..1f8c4b7ef 100644 --- a/web/src/main/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2.java +++ b/web/src/main/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2.java @@ -134,7 +134,7 @@ public ExchangedToken exchange(String institutionId, String productId, Optional< return new ExchangedToken(jwts, urlBO); } - public ExchangedToken retrieveBillingExchangedToken(String institutionId) { + public ExchangedToken retrieveBillingExchangedToken(String institutionId, String lang) { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null || authentication.getPrincipal() == null || authentication.getCredentials() == null) { throw new IllegalStateException("Authentication is required"); @@ -165,8 +165,9 @@ public ExchangedToken retrieveBillingExchangedToken(String institutionId) { String jwts = createJwts(claims); log.debug(LogUtils.CONFIDENTIAL_MARKER, "Exchanged token = {}", jwts); log.trace("exchange end"); + final String billingUrlLang = Objects.nonNull(lang) ? billingUrl.concat("?lang=" + lang) : billingUrl; - return new ExchangedToken(jwts, billingUrl); + return new ExchangedToken(jwts, billingUrlLang); } private List retrieveInvoiceableProductList() { diff --git a/web/src/test/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2ControllerTest.java b/web/src/test/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2ControllerTest.java index 08080398b..3f811fd34 100644 --- a/web/src/test/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2ControllerTest.java +++ b/web/src/test/java/it/pagopa/selfcare/dashboard/web/controller/TokenV2ControllerTest.java @@ -22,8 +22,7 @@ import java.util.Optional; import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.mockito.ArgumentMatchers.any; -import static org.mockito.ArgumentMatchers.anyString; +import static org.mockito.ArgumentMatchers.*; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyNoMoreInteractions; @@ -72,12 +71,14 @@ void exchange() throws Exception { void billingExchange() throws Exception { // given String institutionId = "inst1"; - Mockito.when(exchangeTokenServiceMock.retrieveBillingExchangedToken(anyString())) + String lang = "en"; + Mockito.when(exchangeTokenServiceMock.retrieveBillingExchangedToken(anyString(), anyString())) .thenReturn(new ExchangedToken("token", "urlBO")); // when MvcResult result = mvc.perform(MockMvcRequestBuilders .get(BASE_URL + "/exchange/fatturazione") .param("institutionId", institutionId) + .param("lang", lang) .contentType(MediaType.APPLICATION_JSON_VALUE) .accept(MediaType.APPLICATION_JSON_VALUE)) .andExpect(MockMvcResultMatchers.status().is2xxSuccessful()) @@ -86,9 +87,30 @@ void billingExchange() throws Exception { URI resource = objectMapper.readValue(result.getResponse().getContentAsString(), URI.class); assertNotNull(resource); verify(exchangeTokenServiceMock, Mockito.times(1)) - .retrieveBillingExchangedToken(institutionId); + .retrieveBillingExchangedToken(institutionId, lang); verifyNoMoreInteractions(exchangeTokenServiceMock); } + @Test + void billingExchange_withoutLang() throws Exception { + // given + String institutionId = "inst1"; + Mockito.when(exchangeTokenServiceMock.retrieveBillingExchangedToken(anyString(), eq(null))) + .thenReturn(new ExchangedToken("token", "urlBO")); + // when + MvcResult result = mvc.perform(MockMvcRequestBuilders + .get(BASE_URL + "/exchange/fatturazione") + .param("institutionId", institutionId) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .accept(MediaType.APPLICATION_JSON_VALUE)) + .andExpect(MockMvcResultMatchers.status().is2xxSuccessful()) + .andReturn(); + // then + URI resource = objectMapper.readValue(result.getResponse().getContentAsString(), URI.class); + assertNotNull(resource); + verify(exchangeTokenServiceMock, Mockito.times(1)) + .retrieveBillingExchangedToken(institutionId, null); + verifyNoMoreInteractions(exchangeTokenServiceMock); + } } \ No newline at end of file diff --git a/web/src/test/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2Test.java b/web/src/test/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2Test.java index c599774f5..559b6e3f7 100644 --- a/web/src/test/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2Test.java +++ b/web/src/test/java/it/pagopa/selfcare/dashboard/web/security/ExchangeTokenServiceV2Test.java @@ -643,7 +643,7 @@ void billingExchange_noAuth() throws Exception { JwtService jwtServiceMock = mock(JwtService.class); ExchangeTokenServiceV2 ExchangeTokenServiceV2 = new ExchangeTokenServiceV2(jwtServiceMock, null, null, null, properties, null, null, new InstitutionResourceMapperImpl()); // when - Executable executable = () -> ExchangeTokenServiceV2.retrieveBillingExchangedToken(null); + Executable executable = () -> ExchangeTokenServiceV2.retrieveBillingExchangedToken(null, null); // then IllegalStateException e = assertThrows(IllegalStateException.class, executable); assertEquals("Authentication is required", e.getMessage()); @@ -708,7 +708,7 @@ void billingExchange_noSessionTokenClaims() throws Exception { ExchangeTokenServiceV2 ExchangeTokenServiceV2 = new ExchangeTokenServiceV2(jwtServiceMock, institutionServiceMock, groupServiceMock, productsConnector, properties, null, userApiConnector, new InstitutionResourceMapperImpl()); - Executable executable = () -> ExchangeTokenServiceV2.retrieveBillingExchangedToken(institutionId); + Executable executable = () -> ExchangeTokenServiceV2.retrieveBillingExchangedToken(institutionId, null); // then RuntimeException e = assertThrows(IllegalArgumentException.class, executable); assertEquals("Session token claims is required", e.getMessage()); @@ -751,7 +751,7 @@ void billingExchange_noInstitutionInfo() throws Exception { TestingAuthenticationToken authentication = new TestingAuthenticationToken(SelfCareUser.builder("ccbc5350-0ba7-47bc-9f61-8c65001939f9").build(), "password", authorities); TestSecurityContextHolder.setAuthentication(authentication); // when - Executable executable = () -> ExchangeTokenServiceV2.retrieveBillingExchangedToken(institutionId); + Executable executable = () -> ExchangeTokenServiceV2.retrieveBillingExchangedToken(institutionId, null); // then RuntimeException e = assertThrows(IllegalArgumentException.class, executable); assertEquals("Institution info is required", e.getMessage()); @@ -847,7 +847,7 @@ void billingExchange_nullGroupInfo(PrivateKey privateKey) throws Exception { when(userApiConnector.getProducts(anyString(), anyString())).thenReturn(userInstitution); ExchangeTokenServiceV2 ExchangeTokenServiceV2 = new ExchangeTokenServiceV2(jwtServiceMock, institutionServiceMock, groupServiceMock, productsConnectorMock, properties, UserV2Service, userApiConnector, new InstitutionResourceMapperImpl()); // when - final ExchangedToken exchangedToken = ExchangeTokenServiceV2.retrieveBillingExchangedToken(institutionId); + final ExchangedToken exchangedToken = ExchangeTokenServiceV2.retrieveBillingExchangedToken(institutionId, null); // then assertNotNull(exchangedToken.getIdentityToken()); Jws claimsJws = Jwts.parser() @@ -889,6 +889,7 @@ void billingExchange_nullGroupInfo(PrivateKey privateKey) throws Exception { @EnumSource(PrivateKey.class) void billingExchange_ok(PrivateKey privateKey) throws Exception { // given + String lang = "lang"; String jti = "id"; Date iat = Date.from(Instant.now().minusSeconds(1)); Date exp = Date.from(iat.toInstant().plusSeconds(5)); @@ -971,7 +972,7 @@ void billingExchange_ok(PrivateKey privateKey) throws Exception { when(userApiConnector.getProducts(anyString(), anyString())).thenReturn(userInstitution); ExchangeTokenServiceV2 ExchangeTokenServiceV2 = new ExchangeTokenServiceV2(jwtServiceMock, institutionServiceMock, groupServiceMock, productsConnectorMock, properties, UserV2Service, userApiConnector, new InstitutionResourceMapperImpl()); // when - final ExchangedToken exchangedToken = ExchangeTokenServiceV2.retrieveBillingExchangedToken(institutionId); + final ExchangedToken exchangedToken = ExchangeTokenServiceV2.retrieveBillingExchangedToken(institutionId, lang); // then assertNotNull(exchangedToken.getIdentityToken()); Jws claimsJws = Jwts.parser()