Merge remote-tracking branch 'remotes/origin/develop' into feature/IUAINFRA-52

access-token-provider-api/src/main/java/net/ihe/gazelle/app/accesstokenproviderapi/application/DummyAuthzServerSoapui.java

@@ -11,6 +11,9 @@ import net.ihe.gazelle.sb.iua.business.TokenType;
 
 import java.time.Duration;
 
+/**
+ * Dummy soapui authorization server
+ */
 public class DummyAuthzServerSoapui implements DummyAuthzServer {
 
     private static final GazelleLogger LOGGER = GazelleLoggerFactory.getInstance().getLogger(DummyAuthzServerSoapui.class);
@@ -25,7 +28,14 @@ public class DummyAuthzServerSoapui implements DummyAuthzServer {
      * Default constructor for the class.
      */
     public DummyAuthzServerSoapui() {
-        audienceSecretRetriever = new AudienceSecretRetrieverForSoapui();
+        //Empty
+    }
+
+    /**
+     * Constructor with the path for the class.
+     */
+    public DummyAuthzServerSoapui(String path) {
+        audienceSecretRetriever = new AudienceSecretRetrieverForSoapui(path);
     }
 
     /**
@@ -45,37 +55,18 @@ public class DummyAuthzServerSoapui implements DummyAuthzServer {
         //todo purposeOfUse and resourceId are not yet implemented
 
         TokenGenerator tokenGenerator = new TokenGenerator();
-        tokenGenerator.setAudienceSecretRetriever(audienceSecretRetriever);
-
-        return getTokenGenerator(userId, audienceId, tokenGenerator);
-    }
-
-    /**
-     * getAccessToken
-     *
-     * @param userId
-     * @param audienceId
-     * @param purposeOfUse
-     * @param resourceId
-     * @param propertiesFilePath
-     * @return
-     */
-    public byte[] getAccessToken(String userId, String audienceId, String purposeOfUse, String resourceId, String propertiesFilePath) {
-        //todo purposeOfUse and resourceId are not yet implemented
-
-        TokenGenerator tokenGenerator = new TokenGenerator();
-        tokenGenerator.setAudienceSecretRetriever(new AudienceSecretRetrieverForSoapui(propertiesFilePath));
+        tokenGenerator.setAudienceSecretRetriever(this.audienceSecretRetriever);
 
         return getTokenGenerator(userId, audienceId, tokenGenerator);
     }
 
 
     /**
-     * getAccessTokenRequest
+     * get the access token
      *
-     * @param userId
-     * @param audienceId
-     * @return
+     * @param userId     String parameter
+     * @param audienceId String parameter
+     * @return AccessTokenRequest Element
      */
     public AccessTokenRequest getAccessTokenRequest(String userId, String audienceId){
         AccessTokenRequest accessTokenRequest = new AccessTokenRequest(ISSUER, userId, audienceId, DURATION, TOKEN_TYPE);
@@ -85,12 +76,12 @@ public class DummyAuthzServerSoapui implements DummyAuthzServer {
 
 
     /**
-     * getTokenGenerator
+     * get the generated token
      *
-     * @param userId
-     * @param audienceId
-     * @param tokenGenerator
-     * @return
+     * @param userId         String element
+     * @param audienceId     String element
+     * @param tokenGenerator TokenGenerator object
+     * @return The token as byte
      */
     public byte[] getTokenGenerator(String userId, String audienceId, TokenGenerator tokenGenerator){
         byte[] token = null;

access-token-provider-api/src/main/java/net/ihe/gazelle/app/accesstokenproviderapi/application/TokenGenerator.java

@@ -15,13 +15,15 @@ import net.ihe.gazelle.sb.jwtstandardblock.business.jwt.JSONWebSignature;
 import net.ihe.gazelle.sb.jwtstandardblock.business.jwt.JSONWebToken;
 import net.ihe.gazelle.sb.jwtstandardblock.business.jwt.JSONWebTokenClaimSet;
 
-import javax.inject.Inject;
 import java.nio.charset.StandardCharsets;
 import java.time.Duration;
 import java.time.ZoneId;
 import java.time.ZonedDateTime;
 import java.util.UUID;
 
+/**
+ * Class to generate the token
+ */
 public class TokenGenerator {
 
     private static final String ALGORITHM = "HS256";
@@ -31,11 +33,23 @@ public class TokenGenerator {
 
     private AudienceSecretRetriever audienceSecretRetriever;
 
-    @Inject
+    /**
+     * Set an audience secret
+     *
+     * @param audienceSecretRetriever AudienceSecretRetriever element
+     */
     public void setAudienceSecretRetriever(AudienceSecretRetriever audienceSecretRetriever) {
         this.audienceSecretRetriever = audienceSecretRetriever;
     }
 
+    /**
+     * Encode the IUA token
+     *
+     * @param accessTokenRequest AccessTokenRequest element
+     * @return The EncodedIUAToken
+     * @throws EncodingException
+     * @throws TokenRequestException
+     */
     public EncodedIUAToken generateAccessToken(AccessTokenRequest accessTokenRequest) throws EncodingException, TokenRequestException {
         if (accessTokenRequest.getSignature() == null) {
             throw new TokenRequestException("Missing signature information");

access-token-provider-api/src/main/java/net/ihe/gazelle/app/accesstokenproviderapi/application/TokenRequestException.java

 package net.ihe.gazelle.app.accesstokenproviderapi.application;
 
+/**
+ * Class to manage token request exception
+ */
 public class TokenRequestException extends Exception {
 
     /**

access-token-provider-api/src/main/java/net/ihe/gazelle/app/accesstokenproviderapi/application/exception/UnsupportedAlgorithmException.java

 package net.ihe.gazelle.app.accesstokenproviderapi.application.exception;
 
+/**
+ * Class to manage unsupported algorithm exception
+ */
 public class UnsupportedAlgorithmException extends Exception {
 
+    /**
+     * Constructs a new exception with null as its detail message. The cause is not initialized, and may subsequently be initialized by a call to
+     * {@link Throwable#initCause(Throwable)}.
+     */
+    public UnsupportedAlgorithmException() {
+    }
 
+    /**
+     * Constructs a new exception with the specified detail message. The cause is not initialized, and may subsequently be initialized by a call to
+     * {@link Throwable#initCause(Throwable)}.
+     *
+     * @param message the detail message. Can be retrieved by a later call of {@link Throwable#getMessage()} method.
+     */
+    public UnsupportedAlgorithmException(String message) {
+        super(message);
+    }
 
+    /**
+     * Constructs a new exception with the specified detail message and cause. Note that the detail/TransactionRecordingDAO message associated with
+     * cause is not automatically incorporated in this exception's detail message.
+     *
+     * @param message the detail message. Can be retrieved by a later call of {@link Throwable#getMessage()} method.
+     * @param cause   the cause. Can be retrieved by a lter call to {@link Throwable#getCause()}. A null value is permitted, and indicates that the
+     *                cause is nonexistent or unknown.
+     */
+    public UnsupportedAlgorithmException(String message, Throwable cause) {
+        super(message, cause);
+    }
+
+    /**
+     * Constructs a new exception with the specified detail message, cause, suppression enabled or disabled, and writable stack trace enabled or
+     * disabled.
+     *
+     * @param cause the cause. Can be retrieved by a lter call to {@link Throwable#getCause()}. A null value is permitted, and indicates
+     *              that the cause is nonexistent or unknown.
+     */
+    public UnsupportedAlgorithmException(Throwable cause) {
+        super(cause);
+    }
+
+    /**
+     * Constructs a new exception with the specified detail message, cause, suppression enabled or disabled, and writable stack trace enabled or
+     * disabled.
+     *
+     * @param message            the detail message. Can be retrieved by a later call of {@link Throwable#getMessage()} method.
+     * @param cause              the cause. Can be retrieved by a lter call to {@link Throwable#getCause()}. A null value is permitted, and indicates
+     *                           that the cause is nonexistent or unknown.
+     * @param enableSuppression  whether or not suppression is enabled or disabled
+     * @param writableStackTrace whether or not the stack trace should be writable
+     */
+    public UnsupportedAlgorithmException(String message, Throwable cause, boolean enableSuppression, boolean writableStackTrace) {
+        super(message, cause, enableSuppression, writableStackTrace);
+    }
 }

access-token-provider-api/src/main/java/net/ihe/gazelle/app/accesstokenproviderapi/application/exception/UnsupportedTokenTypeException.java

 package net.ihe.gazelle.app.accesstokenproviderapi.application.exception;
 
+/**
+ * Class to manage unsupported token exception
+ */
 public class UnsupportedTokenTypeException extends Exception {
+
+    /**
+     * Constructs a new exception with null as its detail message. The cause is not initialized, and may subsequently be initialized by a call to
+     * {@link Throwable#initCause(Throwable)}.
+     */
+    public UnsupportedTokenTypeException() {
+    }
+
+    /**
+     * Constructs a new exception with the specified detail message. The cause is not initialized, and may subsequently be initialized by a call to
+     * {@link Throwable#initCause(Throwable)}.
+     *
+     * @param message the detail message. Can be retrieved by a later call of {@link Throwable#getMessage()} method.
+     */
+    public UnsupportedTokenTypeException(String message) {
+        super(message);
+    }
+
+    /**
+     * Constructs a new exception with the specified detail message and cause. Note that the detail/TransactionRecordingDAO message associated with
+     * cause is not automatically incorporated in this exception's detail message.
+     *
+     * @param message the detail message. Can be retrieved by a later call of {@link Throwable#getMessage()} method.
+     * @param cause   the cause. Can be retrieved by a lter call to {@link Throwable#getCause()}. A null value is permitted, and indicates that the
+     *                cause is nonexistent or unknown.
+     */
+    public UnsupportedTokenTypeException(String message, Throwable cause) {
+        super(message, cause);
+    }
+
+    /**
+     * Constructs a new exception with the specified detail message, cause, suppression enabled or disabled, and writable stack trace enabled or
+     * disabled.
+     *
+     * @param cause the cause. Can be retrieved by a lter call to {@link Throwable#getCause()}. A null value is permitted, and indicates
+     *              that the cause is nonexistent or unknown.
+     */
+    public UnsupportedTokenTypeException(Throwable cause) {
+        super(cause);
+    }
+
+    /**
+     * Constructs a new exception with the specified detail message, cause, suppression enabled or disabled, and writable stack trace enabled or
+     * disabled.
+     *
+     * @param message            the detail message. Can be retrieved by a later call of {@link Throwable#getMessage()} method.
+     * @param cause              the cause. Can be retrieved by a lter call to {@link Throwable#getCause()}. A null value is permitted, and indicates
+     *                           that the cause is nonexistent or unknown.
+     * @param enableSuppression  whether or not suppression is enabled or disabled
+     * @param writableStackTrace whether or not the stack trace should be writable
+     */
+    public UnsupportedTokenTypeException(String message, Throwable cause, boolean enableSuppression, boolean writableStackTrace) {
+        super(message, cause, enableSuppression, writableStackTrace);
+    }
+
 }

access-token-provider-api/src/main/resources/getToken-soapui-project.xml

 <?xml version="1.0" encoding="UTF-8"?>
 <con:soapui-project id="4527283c-83fc-419a-9fa3-d9c072053eac" activeEnvironment="Default" name="getToken" resourceRoot="" soapui-version="5.6.0" abortOnError="false" runType="SEQUENTIAL" xmlns:con="http://eviware.com/soapui/config"><con:settings/><con:testSuite id="a7dd34e8-2441-4bf8-b2bc-3ea43c3b0f42" name="getToken"><con:settings/><con:runType>SEQUENTIAL</con:runType><con:testCase id="f8ac5a96-e7e9-4a60-9e9c-84f80664db91" failOnError="true" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="getToken" searchProperties="true"><con:settings/><con:testStep type="groovy" name="exemple" id="c65c443d-1476-4c4a-b9e6-b63eac62939f"><con:settings/><con:config><script>import net.ihe.gazelle.app.accesstokenproviderapi.application.DummyAuthzServerSoapui
 
-def server = new DummyAuthzServerSoapui();
-def token = server.getAccessToken("aamrein", "audience", null, null);
-log.info new String(token)</script></con:config></con:testStep><con:properties/></con:testCase><con:properties/></con:testSuite><con:properties/><con:wssContainer/><con:oAuth2ProfileContainer/><con:oAuth1ProfileContainer/><con:sensitiveInformation/></con:soapui-project>
\ No newline at end of file
+    def server = new DummyAuthzServerSoapui("/opt/simulators/audience.properties");
+    def token = server.getAccessToken("aamrein", "audience", null, null );
+    log.info new String(token)
+</script>
+</con:config>
+</con:testStep>
+    <con:properties/>
+</con:testCase>
+    <con:properties/>
+</con:testSuite>
+    <con:properties/>
+    <con:wssContainer/>
+    <con:oAuth2ProfileContainer/>
+    <con:oAuth1ProfileContainer/>
+    <con:sensitiveInformation/>
+</con:soapui-project>
\ No newline at end of file

access-token-provider-api/src/test/java/net/ihe/gazelle/app/accesstokenproviderapi/application/AudienceSecretRetrieverTestImpl.java

@@ -5,17 +5,32 @@ import net.ihe.gazelle.app.audienceretriever.application.AudienceSecretRetriever
 import java.util.HashMap;
 import java.util.Map;
 
+/**
+ * Class to test the retriever of the audience secret
+ */
 public class AudienceSecretRetrieverTestImpl implements AudienceSecretRetriever {
 
     private Map<String, String> registry = new HashMap<>();
 
+    /**
+     * Constructor
+     */
     public AudienceSecretRetrieverTestImpl() {
     }
 
+    /**
+     * Add a new audience
+     *
+     * @param audience String element
+     * @param secret   String element
+     */
     public void addAudience(String audience, String secret){
         registry.put(audience, secret);
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public String retrieveSecretForAudience(String audience) {
         return registry.get(audience);

access-token-provider-api/src/test/java/net/ihe/gazelle/app/accesstokenproviderapi/application/DummyAuthzServerSoapuiTest.java

@@ -3,17 +3,45 @@ package net.ihe.gazelle.app.accesstokenproviderapi.application;
 import org.junit.jupiter.api.Test;
 
 import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertNull;
 
+/**
+ * Class to test the soapui authorization server
+ */
 class DummyAuthzServerSoapuiTest {
 
     private static final String SUBJECT = "aamrein";
     private static final String AUDIENCE = "audience";
 
+    /**
+     * get access token with an Audience path defined
+     */
     @Test
-    public void test() {
+    public void getAccessTokenWithPathAudienceTest() {
         DummyAuthzServerSoapui dummyAuthzServer = new DummyAuthzServerSoapui();
         dummyAuthzServer.setAudienceSecretRetriever((String audience) -> "myBeautifulKeyWhichIsAJWTSecretSoSecret");
 
-        assertNotNull(dummyAuthzServer.getAccessToken(SUBJECT, AUDIENCE, null, null));
+
+        assertNotNull(dummyAuthzServer.getAccessToken(SUBJECT, AUDIENCE, null, null), "check that the access token is not null");
+    }
+
+    /**
+     * get access token without an Audience path defined (we keep the default Audience path in this case)
+     */
+    @Test
+    public void getAccessTokenWithDefaultPathAudienceTest() {
+        DummyAuthzServerSoapui dummyAuthzServer = new DummyAuthzServerSoapui();
+        dummyAuthzServer.setAudienceSecretRetriever((String audience) -> "myBeautifulKeyWhichIsAJWTSecretSoSecret");
+
+        assertNotNull(dummyAuthzServer.getAccessToken(SUBJECT, AUDIENCE, null, null), "check that the access token is not null");
+    }
+
+    /**
+     * get access token with an invalid audience path provide
+     */
+    @Test
+    public void getAccessTokenWithBadPathAudienceTest() {
+        DummyAuthzServerSoapui dummyAuthzServer = new DummyAuthzServerSoapui("test.properties");
+        assertNull(dummyAuthzServer.getAccessToken(SUBJECT, AUDIENCE, null, null), "check that the access token is null");
     }
 }

access-token-provider-api/src/test/java/net/ihe/gazelle/app/accesstokenproviderapi/application/TokenGeneratorTest.java

@@ -175,4 +175,54 @@ class TokenGeneratorTest {
     }
 
 
+    @Test
+    public void generateAccessTokenEmptyAudienceTest() throws EncodingException, TokenRequestException {
+        AccessTokenRequest accessTokenRequest = new AccessTokenRequest(ISSUER, SUBJECT, "", DURATION, TOKEN_TYPE);
+        accessTokenRequest.setSignature(new SymmetricSignature(ALGORITHM, "secret"));
+
+
+        TokenGenerator tokenGenerator = new TokenGenerator();
+        tokenGenerator.setAudienceSecretRetriever(AUDIENCE_RETRIEVER);
+
+        assertThrows(TokenRequestException.class, () -> tokenGenerator.generateAccessToken(accessTokenRequest), "Unsupported issuer");
+    }
+
+
+    @Test
+    public void generateAccessTokenEmptySecretTest() throws EncodingException, TokenRequestException {
+        AccessTokenRequest accessTokenRequest = new AccessTokenRequest(ISSUER, SUBJECT, "pouet", DURATION, TOKEN_TYPE);
+        accessTokenRequest.setSignature(new SymmetricSignature(ALGORITHM, "secret"));
+
+
+        TokenGenerator tokenGenerator = new TokenGenerator();
+        tokenGenerator.setAudienceSecretRetriever(audience -> "");
+
+        assertThrows(TokenRequestException.class, () -> tokenGenerator.generateAccessToken(accessTokenRequest), "Unsupported issuer");
+    }
+
+
+    @Test
+    public void generateAccessTokenNullSecretTest() throws EncodingException, TokenRequestException {
+        AccessTokenRequest accessTokenRequest = new AccessTokenRequest(ISSUER, SUBJECT, "pouet", DURATION, TOKEN_TYPE);
+        accessTokenRequest.setSignature(new SymmetricSignature(ALGORITHM, "secret"));
+
+
+        TokenGenerator tokenGenerator = new TokenGenerator();
+        tokenGenerator.setAudienceSecretRetriever(audience -> null);
+
+        assertThrows(TokenRequestException.class, () -> tokenGenerator.generateAccessToken(accessTokenRequest), "Unsupported issuer");
+    }
+
+
+    @Test
+    public void generateAccessTokenDurationNullTest() throws EncodingException, TokenRequestException {
+        AccessTokenRequest accessTokenRequest = new AccessTokenRequest(ISSUER, SUBJECT, "pouet", null, TOKEN_TYPE);
+        accessTokenRequest.setSignature(new SymmetricSignature(ALGORITHM, "secret"));
+
+
+        TokenGenerator tokenGenerator = new TokenGenerator();
+        tokenGenerator.setAudienceSecretRetriever(audience -> null);
+
+        assertThrows(TokenRequestException.class, () -> tokenGenerator.generateAccessToken(accessTokenRequest), "Unsupported issuer");
+    }
 }

access-token-provider-api/src/test/resources/README.txt

-Put here your test resources.
\ No newline at end of file

access-token-provider-api/src/test/resources/audience.properties

+audience:monpetitsecret
\ No newline at end of file

audience-retriever/src/main/java/net/ihe/gazelle/app/audienceretriever/adapter/AudienceSecretRetrieverForSoapui.java

@@ -15,14 +15,8 @@ public class AudienceSecretRetrieverForSoapui implements AudienceSecretRetriever
 
     private static final GazelleLogger LOGGER = GazelleLoggerFactory.getInstance().getLogger(AudienceSecretRetrieverForSoapui.class);
 
-    private String propertiesFile = "/opt/simulators/audience.properties";
+    private String propertiesFile;
 
-    /**
-     * Default constructor for the class.
-     */
-    public AudienceSecretRetrieverForSoapui() {
-        //Empty Constructor
-    }
 
     /**
      * Constructor allowing to configure the properties file path.

audience-retriever/src/main/java/net/ihe/gazelle/app/audienceretriever/adapter/README.txt

-Put here classes from adapter layer :
-Data transformers, adapters, presenters or DAO. Abstraction of external libraries for
-application or business use.
-Web-services point, sockets, database connection and pool, GUI, file system, framework,
-external libraries.
\ No newline at end of file

audience-retriever/src/main/java/net/ihe/gazelle/app/audienceretriever/application/README.txt

-Put here classes from application layer :
-Use cases. Business elements applied in an application context or scenario.
\ No newline at end of file

audience-retriever/src/main/java/net/ihe/gazelle/app/audienceretriever/business/README.txt

-Put here classes from business layer :
-Business model, rules and constraints. Always true. Independent from the application.
\ No newline at end of file

audience-retriever/src/test/java/net/ihe/gazelle/app/audienceretriever/adapter/AudienceSecretRetrieverForSoapuiTest.java

+package net.ihe.gazelle.app.audienceretriever.adapter;
+
+
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertNull;
+
+/**
+ * Class to test the retrieve of the audience secret
+ */
+class AudienceSecretRetrieverForSoapuiTest {
+
+    /**
+     * Test the property set in the retriever secret audience method
+     */
+    @Test
+    void retrieveSecretForAudienceWithPropertiesPathTest() {
+        AudienceSecretRetrieverForSoapui audienceSecretRetrieverForSoapui = new AudienceSecretRetrieverForSoapui("/opt/simulators/audience" +
+                ".properties");
+        assertNull(audienceSecretRetrieverForSoapui.retrieveSecretForAudience("monpetitsecret"));
+    }
+
+
+}

audience-retriever/src/test/java/net/ihe/gazelle/app/audienceretriever/adapter/README.txt

-Put here test classes for adapter layer.
\ No newline at end of file

audience-retriever/src/test/java/net/ihe/gazelle/app/audienceretriever/application/README.txt

-Put here test classes for application layer.
\ No newline at end of file

audience-retriever/src/test/java/net/ihe/gazelle/app/audienceretriever/business/README.txt

-Put here test classes for business layer.
\ No newline at end of file

pom.xml

-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
 
     <groupId>net.ihe.gazelle</groupId>
@@ -11,13 +12,9 @@
     <url>http://gazelle.ihe.net</url>
 
     <scm>
-        <connection>
-            scm:git:git@gitlab.inria.fr:gazelle/applications/test-execution/simulator/access-token-provider.git
-        </connection>
-        <url>scm:git:git@gitlab.inria.fr:gazelle/applications/test-execution/simulator/access-token-provider.git</url>
-        <developerConnection>
-            scm:git:git@gitlab.inria.fr:gazelle/applications/test-execution/simulator/access-token-provider.git
-        </developerConnection>
+        <connection>${git.project.url}</connection>
+        <url>${git.project.url}</url>
+        <developerConnection>${git.project.url}</developerConnection>
         <tag>HEAD</tag>
     </scm>
 
@@ -31,6 +28,11 @@
         <cvss.score.level.tolerate>8</cvss.score.level.tolerate>
         <nexus.url>https://gazelle.ihe.net/nexus</nexus.url>
         <nexus.path>/content/groups/public/</nexus.path>
+        <git.user.name>git</git.user.name>
+        <git.user.token>git</git.user.token>
+        <git.project.url>
+            scm:${git.user.name}:${git.user.token}@gitlab.inria.fr/gazelle/applications/test-execution/simulator/access-token-provider.git
+        </git.project.url>
     </properties>
 
     <repositories>
@@ -201,4 +203,4 @@
         <module>audience-retriever</module>
       <module>dummy-authorization-server-service</module>
   </modules>
-</project>
+</project>
\ No newline at end of file