pagopa · giulia-tremolada · Jun 12, 2024 · Jun 12, 2024 · Jun 12, 2024 · Jun 12, 2024
@@ -42,12 +42,14 @@ public URI retrieveProductBackoffice(@ApiParam("${swagger.dashboard.products.mod
                                          @RequestParam(value = "environment", required = false)
                                          Optional<String> environment,
                                          @ApiParam("${swagger.dashboard.product-backoffice-configurations.model.lang}")
-                                         @RequestParam(value = "lang", required = false)
+                                         @RequestParam(value = "lang", required = false, defaultValue = "it")
                                          String lang) {
         log.trace("accessProductBackoffice start");
         log.debug("accessProductBackoffice institutionId = {}, productId = {}", institutionId, productId);
-        final ExchangedToken exchangedToken = exchangeTokenService.exchange(institutionId, productId, environment, lang);
-        final URI location = URI.create(exchangedToken.getBackOfficeUrl().replace("<IdentityToken>", exchangedToken.getIdentityToken()));
+        final ExchangedToken exchangedToken = exchangeTokenService.exchange(institutionId, productId, environment);
+        final URI location = URI.create(exchangedToken.getBackOfficeUrl()
+                .replace("<IdentityToken>", exchangedToken.getIdentityToken())
+                .replace("<lang>", lang));
         log.trace("accessProductBackoffice end");
         return location;
 

@@ -51,7 +51,7 @@ public IdentityTokenResource exchange(@ApiParam("${swagger.dashboard.institution
         log.trace("exchange start");
         log.debug("exchange institutionId = {}, productId = {}", institutionId, productId);
 
-        String token = exchangeTokenService.exchange(institutionId, productId, environment, null).getIdentityToken();
+        String token = exchangeTokenService.exchange(institutionId, productId, environment).getIdentityToken();
         IdentityTokenResource identityToken = new IdentityTokenResource();
         identityToken.setToken(token);
 

@@ -96,7 +96,7 @@ public ExchangeTokenServiceV2(JwtService jwtService,
     }
 
 
-    public ExchangedToken exchange(String institutionId, String productId, Optional<String> environment, String lang) {
+    public ExchangedToken exchange(String institutionId, String productId, Optional<String> environment) {
         log.trace("exchange start");
         log.debug(LogUtils.CONFIDENTIAL_MARKER, "exchange institutionId = {}, productId = {}", institutionId, productId);
         Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
@@ -129,10 +129,9 @@ public ExchangedToken exchange(String institutionId, String productId, Optional<
 
         final String urlBO = environment.map(env -> product.getBackOfficeEnvironmentConfigurations().get(env).getUrl())
                 .orElse(product.getUrlBO());
-        final String urlBOLang = Objects.nonNull(lang) ? urlBO.concat("?lang="+lang) : urlBO;
 
         log.trace("exchange end");
-        return new ExchangedToken(jwts, urlBOLang);
+        return new ExchangedToken(jwts, urlBO);
     }
 
     public ExchangedToken retrieveBillingExchangedToken(String institutionId, String lang) {

@@ -19,6 +19,7 @@
 import java.net.URI;
 import java.util.Optional;
 
+import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.mockito.Mockito.*;
 import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
@@ -48,9 +49,12 @@ void retrieveProductBackoffice() throws Exception {
         String institutionId = "inst1";
         String lang = "en";
         final String identityToken = "identityToken";
-        final String backOfficeUrl = "back-office-url#token=";
-        when(exchangeTokenServiceMock.exchange(any(), any(), any(), anyString()))
-                .thenReturn(new ExchangedToken(identityToken, backOfficeUrl + "<IdentityToken>"));
+        final String backOfficeUrl = "back-office-url#token=<IdentityToken>?lang=<lang>";
+        final ExchangedToken exchangedToken = new ExchangedToken(identityToken, backOfficeUrl
+                .replace("<IdentityToken>", identityToken)
+                .replace("<lang>", lang));
+        when(exchangeTokenServiceMock.exchange(any(), any(), any()))
+                .thenReturn(exchangedToken);
         // when
         MvcResult result = mvc.perform(MockMvcRequestBuilders
                 .get(BASE_URL + "/{productId}/back-office", productId)
@@ -63,10 +67,11 @@ void retrieveProductBackoffice() throws Exception {
         // then
         URI response = objectMapper.readValue(result.getResponse().getContentAsString(), URI.class);
         assertTrue(response.toString().contains(identityToken));
-        assertTrue(response.toString().contains(backOfficeUrl));
+        assertTrue(response.toString().contains(lang));
+        assertEquals(response.toString(), exchangedToken.getBackOfficeUrl());
 
         verify(exchangeTokenServiceMock, times(1))
-                .exchange(institutionId, productId, Optional.empty(), lang);
+                .exchange(institutionId, productId, Optional.empty());
         verifyNoMoreInteractions(exchangeTokenServiceMock);
         verifyNoInteractions(productServiceMock);
     }

@@ -47,7 +47,7 @@ void exchange() throws Exception {
         // given
         String institutionId = "inst1";
         String productId = "prod1";
-        Mockito.when(exchangeTokenServiceMock.exchange(anyString(), anyString(), any(), eq(null)))
+        Mockito.when(exchangeTokenServiceMock.exchange(anyString(), anyString(), any()))
                 .thenReturn(new ExchangedToken("token", "urlBO"));
         // when
         MvcResult result = mvc.perform(MockMvcRequestBuilders
@@ -63,7 +63,7 @@ void exchange() throws Exception {
         assertNotNull(resource);
         assertNotNull(resource.getToken());
         verify(exchangeTokenServiceMock, Mockito.times(1))
-                .exchange(institutionId, productId, Optional.empty(), null);
+                .exchange(institutionId, productId, Optional.empty());
         verifyNoMoreInteractions(exchangeTokenServiceMock);
     }
 
@@ -91,5 +91,26 @@ void billingExchange() throws Exception {
         verifyNoMoreInteractions(exchangeTokenServiceMock);
     }
 
+    @Test
+    void billingExchange_withoutLang() throws Exception {
+        // given
+        String institutionId = "inst1";
+        Mockito.when(exchangeTokenServiceMock.retrieveBillingExchangedToken(anyString(), eq(null)))
+                .thenReturn(new ExchangedToken("token", "urlBO"));
+        // when
+        MvcResult result = mvc.perform(MockMvcRequestBuilders
+                        .get(BASE_URL + "/exchange/fatturazione")
+                        .param("institutionId", institutionId)
+                        .contentType(MediaType.APPLICATION_JSON_VALUE)
+                        .accept(MediaType.APPLICATION_JSON_VALUE))
+                .andExpect(MockMvcResultMatchers.status().is2xxSuccessful())
+                .andReturn();
+        // then
+        URI resource = objectMapper.readValue(result.getResponse().getContentAsString(), URI.class);
+        assertNotNull(resource);
+        verify(exchangeTokenServiceMock, Mockito.times(1))
+                .retrieveBillingExchangedToken(institutionId, null);
+        verifyNoMoreInteractions(exchangeTokenServiceMock);
+    }
 
 }
@@ -135,7 +135,7 @@ void exchange_noAuth() throws Exception {
         JwtService jwtServiceMock = mock(JwtService.class);
         ExchangeTokenServiceV2 ExchangeTokenServiceV2 = new ExchangeTokenServiceV2(jwtServiceMock, null, null, null, properties, null, null, new InstitutionResourceMapperImpl());
         // when
-        Executable executable = () -> ExchangeTokenServiceV2.exchange(null, null, null, null);
+        Executable executable = () -> ExchangeTokenServiceV2.exchange(null, null, null);
         // then
         IllegalStateException e = assertThrows(IllegalStateException.class, executable);
         assertEquals("Authentication is required", e.getMessage());
@@ -147,7 +147,6 @@ void exchange_SelfCareAuthOnDifferentInstId() throws Exception {
         // given
         String institutionId = "institutionId";
         String productId = "productId";
-        String lang = "en";
         File file = ResourceUtils.getFile("classpath:certs/PKCS8key.pem");
         String jwtSigningKey = Files.readString(file.toPath(), Charset.defaultCharset());
         JwtService jwtServiceMock = mock(JwtService.class);
@@ -172,7 +171,7 @@ void exchange_SelfCareAuthOnDifferentInstId() throws Exception {
         TestingAuthenticationToken authentication = new TestingAuthenticationToken(SelfCareUser.builder("userId").build(), "password", authorities);
         TestSecurityContextHolder.setAuthentication(authentication);
         // when
-        Executable executable = () -> ExchangeTokenServiceV2.exchange(institutionId, productId, null, lang);
+        Executable executable = () -> ExchangeTokenServiceV2.exchange(institutionId, productId, null);
         // then
         IllegalArgumentException e = assertThrows(IllegalArgumentException.class, executable);
         assertEquals("A Product Granted SelfCareAuthority is required for product '" + productId + "' and institution '" + institutionId + "'", e.getMessage());
@@ -185,7 +184,6 @@ void exchange_SelfCareAuthOnDifferentProductId() throws Exception {
         // given
         String institutionId = "institutionId";
         String productId = "productId";
-        String lang = "en";
         File file = ResourceUtils.getFile("classpath:certs/PKCS8key.pem");
         String jwtSigningKey = Files.readString(file.toPath(), Charset.defaultCharset());
         JwtService jwtServiceMock = mock(JwtService.class);
@@ -205,7 +203,7 @@ void exchange_SelfCareAuthOnDifferentProductId() throws Exception {
         TestingAuthenticationToken authentication = new TestingAuthenticationToken(SelfCareUser.builder("userId").build(), "password", authorities);
         TestSecurityContextHolder.setAuthentication(authentication);
         // when
-        Executable executable = () -> ExchangeTokenServiceV2.exchange(institutionId, productId, null, lang);
+        Executable executable = () -> ExchangeTokenServiceV2.exchange(institutionId, productId, null);
         // then
         IllegalArgumentException e = assertThrows(IllegalArgumentException.class, executable);
         assertEquals("A Product Granted SelfCareAuthority is required for product '" + productId + "' and institution '" + institutionId + "'", e.getMessage());
@@ -218,7 +216,6 @@ void exchange_noSessionTokenClaims() throws Exception {
         // given
         String institutionId = "institutionId";
         String productId = "productId";
-        String lang = "en";
         File file = ResourceUtils.getFile("classpath:certs/PKCS8key.pem");
         String jwtSigningKey = Files.readString(file.toPath(), Charset.defaultCharset());
         ExchangeTokenProperties properties = new ExchangeTokenProperties();
@@ -274,7 +271,7 @@ void exchange_noSessionTokenClaims() throws Exception {
         ExchangeTokenServiceV2 ExchangeTokenServiceV2 = new ExchangeTokenServiceV2(jwtServiceMock, institutionServiceMock, groupServiceMock, null, properties, null, userApiConnector, new InstitutionResourceMapperImpl());
 
         // when
-        Executable executable = () -> ExchangeTokenServiceV2.exchange(institutionId, productId, null, lang);
+        Executable executable = () -> ExchangeTokenServiceV2.exchange(institutionId, productId, Optional.empty());
         // then
         RuntimeException e = assertThrows(IllegalArgumentException.class, executable);
         assertEquals("Session token claims is required", e.getMessage());
@@ -289,7 +286,6 @@ void exchange_noInstitutionInfo() throws Exception {
         // given
         String institutionId = "institutionId";
         String productId = "productId";
-        String lang = "en";
         File file = ResourceUtils.getFile("classpath:certs/PKCS8key.pem");
         String jwtSigningKey = Files.readString(file.toPath(), Charset.defaultCharset());
         ExchangeTokenProperties properties = new ExchangeTokenProperties();
@@ -318,7 +314,7 @@ void exchange_noInstitutionInfo() throws Exception {
         TestingAuthenticationToken authentication = new TestingAuthenticationToken(SelfCareUser.builder("userId").build(), "password", authorities);
         TestSecurityContextHolder.setAuthentication(authentication);
         // when
-        Executable executable = () -> ExchangeTokenServiceV2.exchange(institutionId, productId, null, lang);
+        Executable executable = () -> ExchangeTokenServiceV2.exchange(institutionId, productId, Optional.empty());
         // then
         RuntimeException e = assertThrows(IllegalArgumentException.class, executable);
         assertEquals("Institution info is required", e.getMessage());
@@ -339,7 +335,6 @@ void exchange_nullGroupInfo(PrivateKey privateKey) throws Exception {
         String institutionId = "institutionId";
         String productId = "productId";
         String productRole = "productRole";
-        String lang = "en";
         List<ProductGrantedAuthority> roleOnProducts = List.of(new ProductGrantedAuthority(MANAGER, productRole, productId));
         List<GrantedAuthority> authorities = List.of(new SelfCareGrantedAuthority(institutionId, roleOnProducts));
         UUID userId = UUID.randomUUID();
@@ -436,9 +431,9 @@ void exchange_nullGroupInfo(PrivateKey privateKey) throws Exception {
 
         ExchangeTokenServiceV2 ExchangeTokenServiceV2 = new ExchangeTokenServiceV2(jwtServiceMock, institutionServiceMock, groupServiceMock, productsConnectorMock, properties, UserV2Service, userApiConnector, new InstitutionResourceMapperImpl());
         // when
-        final ExchangedToken exchangedToken = ExchangeTokenServiceV2.exchange(institutionId, productId, Optional.empty(), lang);
+        final ExchangedToken exchangedToken = ExchangeTokenServiceV2.exchange(institutionId, productId, Optional.empty());
         // then
-        assertEquals(product.getUrlBO().concat("?lang=" + lang), exchangedToken.getBackOfficeUrl());
+        assertEquals(product.getUrlBO(), exchangedToken.getBackOfficeUrl());
         assertNotNull(exchangedToken.getIdentityToken());
         Jws<Claims> claimsJws = Jwts.parser()
                 .setSigningKey(loadPublicKey())
@@ -489,7 +484,6 @@ void exchange_ok(PrivateKey privateKey) throws Exception {
         String institutionId = "institutionId";
         String productId = "productId";
         String productRole = "productRole";
-        String lang = "en";
         final Pageable pageable = Pageable.ofSize(100);
         List<ProductGrantedAuthority> roleOnProducts = List.of(new ProductGrantedAuthority(MANAGER, productRole, productId));
         List<GrantedAuthority> authorities = List.of(new SelfCareGrantedAuthority(institutionId, roleOnProducts));
@@ -600,10 +594,9 @@ void exchange_ok(PrivateKey privateKey) throws Exception {
         when(userApiConnector.getProducts(anyString(), anyString())).thenReturn(userInstitution);
         ExchangeTokenServiceV2 ExchangeTokenServiceV2 = new ExchangeTokenServiceV2(jwtServiceMock, institutionServiceMock, groupServiceMock, productsConnectorMock, properties, UserV2Service, userApiConnector, new InstitutionResourceMapperImpl());
         // when
-        final ExchangedToken exchangedToken = ExchangeTokenServiceV2.exchange(institutionId, productId, Optional.of(COLLAUDO_ENV), lang);
+        final ExchangedToken exchangedToken = ExchangeTokenServiceV2.exchange(institutionId, productId, Optional.of(COLLAUDO_ENV));
         // then
-        assertEquals(product.getBackOfficeEnvironmentConfigurations().get(COLLAUDO_ENV).getUrl().concat("?lang=" + lang),
-                exchangedToken.getBackOfficeUrl());
+        assertEquals(product.getBackOfficeEnvironmentConfigurations().get(COLLAUDO_ENV).getUrl(), exchangedToken.getBackOfficeUrl());
         Jws<Claims> claimsJws = Jwts.parser()
                 .setSigningKey(loadPublicKey())
                 .parseClaimsJws(exchangedToken.getIdentityToken());
@@ -896,7 +889,7 @@ void billingExchange_nullGroupInfo(PrivateKey privateKey) throws Exception {
     @EnumSource(PrivateKey.class)
     void billingExchange_ok(PrivateKey privateKey) throws Exception {
         // given
-        String lang = "en";
+        String lang = "lang";
         String jti = "id";
         Date iat = Date.from(Instant.now().minusSeconds(1));
         Date exp = Date.from(iat.toInstant().plusSeconds(5));