Merge pull request #83 from niveathika/1.x.x

Backport fixes to 1.x.x
ballerina-platform · Jul 8, 2020 · 173ffc5 · 173ffc5
2 parents 25a5b16 + fd9a499
commit 173ffc5
Show file tree

Hide file tree

Showing 15 changed files with 501 additions and 83 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -1,19 +1,48 @@
 name: CI
 
-on: [push]
+on: [push, pull_request]
 
 jobs:
     build:
-
         runs-on: ubuntu-latest
-
+        services:
+          mongodb:
+            image: mongo:4.2.0
+            env:
+              # Following credentials are only used during testing in docker container
+              MONGO_INITDB_ROOT_USERNAME: admin
+              MONGO_INITDB_ROOT_PASSWORD: admin
+          mongodb-ssl:
+            image: rzhilkibaev/mongo-x509-auth-ssl:latest
         steps:
             - uses: actions/checkout@v2
             - run: mvn clean install -pl mongo-utils
-            - name: Ballerina Build
+            - name: Ballerina Build W/O tests
+              uses: ballerina-platform/ballerina-action/@master
+              with:
+                args:
+                  build -a -c --sourceroot mongodb --skip-tests
+              env:
+                JAVA_OPTS: -DBALLERINA_DEV_COMPILE_BALLERINA_ORG=true
+            - name: Ballerina Build W/ tests
+              uses: ballerina-platform/ballerina-action/@master
+              with:
+                args:
+                  test -a --sourceroot mongodb --groups mongodb
+              env:
+                # Following credentials are only used during testing in docker container
+                JAVA_OPTS: -DBALLERINA_DEV_COMPILE_BALLERINA_ORG=true
+                MONGODB_HOST: mongodb
+                MONGODB_USER: admin
+                MONGODB_PASSWORD: admin
+            - name: Ballerina Build W/ tests (SSL)
               uses: ballerina-platform/ballerina-action/@master
               with:
                 args:
-                  build -a -c --skip-tests --sourceroot mongodb
+                  test -a --groups mongodb-ssl
               env:
+                # Following credentials are only used during testing in docker container
                 JAVA_OPTS: -DBALLERINA_DEV_COMPILE_BALLERINA_ORG=true
+                WORKING_DIR: ./mongodb
+                MONGODB_HOST: mongodb-ssl
+                MONGODB_USER: C=US,ST=CA,L=San Francisco,O=Jaspersoft,OU=JSDev,CN=admin
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -7,20 +7,48 @@ on:
 
 jobs:
     build:
-
         runs-on: ubuntu-latest
-
+        services:
+          mongodb:
+            image: mongo:4.2.0
+            env:
+              # Following credentials are only used during testing in docker container
+              MONGO_INITDB_ROOT_USERNAME: admin
+              MONGO_INITDB_ROOT_PASSWORD: admin
+          mongodb-ssl:
+            image: rzhilkibaev/mongo-x509-auth-ssl:latest
         steps:
             - uses: actions/checkout@v2
             - run: mvn clean install -pl mongo-utils
-            - name: Ballerina Build
+            - name: Ballerina Build W/O tests
+              uses: ballerina-platform/ballerina-action/@master
+              with:
+                args:
+                  build -a -c --sourceroot mongodb --skip-tests
+              env:
+                JAVA_OPTS: -DBALLERINA_DEV_COMPILE_BALLERINA_ORG=true
+            - name: Ballerina Build W/ tests
+              uses: ballerina-platform/ballerina-action/@master
+              with:
+                args:
+                  test -a --sourceroot mongodb --groups mongodb
+              env:
+                # Following credentials are only used during testing in docker container
+                JAVA_OPTS: -DBALLERINA_DEV_COMPILE_BALLERINA_ORG=true
+                MONGODB_HOST: mongodb
+                MONGODB_USER: admin
+                MONGODB_PASSWORD: admin
+            - name: Ballerina Build W/ tests (SSL)
               uses: ballerina-platform/ballerina-action/@master
               with:
                 args:
-                  build -a -c --skip-tests --sourceroot mongodb
+                  test -a --groups mongodb-ssl
               env:
+                # Following credentials are only used during testing in docker container
                 JAVA_OPTS: -DBALLERINA_DEV_COMPILE_BALLERINA_ORG=true
-
+                WORKING_DIR: ./mongodb
+                MONGODB_HOST: mongodb-ssl
+                MONGODB_USER: C=US,ST=CA,L=San Francisco,O=Jaspersoft,OU=JSDev,CN=admin
             - name: Ballerina Push
               uses: ballerina-platform/ballerina-action/@master
               with:

diff --git a/.travis.yml b/.travis.yml
@@ -12,10 +12,15 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+services:
+  - docker
+
 script:
-  - wget https://product-dist.ballerina.io/downloads/1.2.0/ballerina-linux-installer-x64-1.2.0.deb
-  - sudo dpkg -i ballerina-linux-installer-x64-1.2.0.deb
+  - wget https://dist.ballerina.io/downloads/1.2.4/ballerina-linux-installer-x64-1.2.4.deb
+  - sudo dpkg -i ballerina-linux-installer-x64-1.2.4.deb
   - sudo apt-get install -f
   - export JAVA_OPTS="-DBALLERINA_DEV_COMPILE_BALLERINA_ORG=true"
-  - mvn clean install -pl mongo-utils
-  - ballerina build -a -c --skip-tests --sourceroot mongodb
+  - mvn clean install
+  - cd mongodb
+  - mvn verify -P mongodb
+  - mvn verify -P mongodb-ssl
diff --git a/README.md b/README.md
@@ -95,12 +95,12 @@ public function main() {
 
    log:printInfo("------------------ Deleting Data -------------------");
    map<json> deleteFilter = { "name": "ballerina" };
-   var deleteRet = checkpanic mongoCollection->delete(deleteFilter, true);
-    if (response > 0 ) {
-        log:printInfo("Delete count: '" + response.toString() + "'.") ;
-    } else {
-        log:printInfo("Error in deleting data");
-    }
+   int deleteRet = checkpanic mongoCollection->delete(deleteFilter, true);
+   if (deleteRet > 0 ) {
+       log:printInfo("Delete count: '" + deleteRet.toString() + "'.") ;
+   } else {
+       log:printInfo("Error in deleting data");
+   }
 
      mongoClient->close();
 }

diff --git a/mongo-utils/pom.xml b/mongo-utils/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <artifactId>module-mongo</artifactId>
         <groupId>org.wso2.ei</groupId>
-        <version>1.0.0</version>
+        <version>1.0.1</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

diff --git a/mongo-utils/src/main/java/org/wso2/mongo/MongoDBDataSourceUtil.java b/mongo-utils/src/main/java/org/wso2/mongo/MongoDBDataSourceUtil.java
@@ -37,8 +37,19 @@
 import org.wso2.mongo.exceptions.BallerinaErrorGenerator;
 import org.wso2.mongo.exceptions.MongoDBClientException;
 
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
 import java.util.ArrayList;
 import java.util.Locale;
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
 
 /**
  * Java implementation of MongoDB datasource.
@@ -52,7 +63,7 @@ private MongoDBDataSourceUtil() {
     public static Object initClient(MapValue config) {
         String host = config.getStringValue("host");
         long port = config.getIntValue("port");
-        String username = config.getStringValue("userName");
+        String username = config.getStringValue("username");
         String password = config.getStringValue("password");
         MapValue options = config.getMapValue("options");
 
@@ -89,7 +100,7 @@ public static Object getDatabase(HandleValue datasource, BString databaseName) {
     }
 
     public static void close(HandleValue datasource) {
-        log.debug("Closing mongodb connection");
+        log.debug("Closing MongoDB connection");
         MongoClient mongoClient = (MongoClient) datasource.getValue();
         mongoClient.close();
     }
@@ -183,20 +194,21 @@ private static MongoClientOptions createOptions(MapValue options) {
         boolean sslEnabled = options.getBooleanValue(ConnectionParam.SSL_ENABLED.getKey());
         if (sslEnabled) {
             builder = builder.sslEnabled(true);
-        }
-        boolean sslInvalidHostNameAllowed = options.getBooleanValue(ConnectionParam.SSL_INVALID_HOSTNAME_ALLOWED
-                .getKey());
-        if (sslInvalidHostNameAllowed) {
-            builder.sslInvalidHostNameAllowed(true);
+            boolean sslInvalidHostNameAllowed = options.getBooleanValue(ConnectionParam.SSL_INVALID_HOSTNAME_ALLOWED
+                    .getKey());
+            if (sslInvalidHostNameAllowed) {
+                builder.sslInvalidHostNameAllowed(true);
+            }
+            builder.sslContext(initializeSSLContext(options));
         }
         builder.retryWrites(options.getBooleanValue(ConnectionParam.RETRY_WRITES.getKey()));
         String readConcern = options.getStringValue(ConnectionParam.READ_CONCERN.getKey());
         if (!readConcern.isEmpty()) {
             builder = builder.readConcern(new ReadConcern(ReadConcernLevel.valueOf(readConcern)));
         }
-        String writeConsern = options.getStringValue(ConnectionParam.WRITE_CONCERN.getKey());
-        if (!writeConsern.isEmpty()) {
-            builder = builder.writeConcern(WriteConcern.valueOf(writeConsern));
+        String writeConcern = options.getStringValue(ConnectionParam.WRITE_CONCERN.getKey());
+        if (!writeConcern.isEmpty()) {
+            builder = builder.writeConcern(WriteConcern.valueOf(writeConcern));
         }
         String readPreference = options.getStringValue(ConnectionParam.READ_PREFERENCE.getKey());
         if (!readPreference.isEmpty()) {
@@ -254,6 +266,69 @@ private static MongoClientOptions createOptions(MapValue options) {
         return builder.build();
     }
 
+    private static SSLContext initializeSSLContext(MapValue options) {
+        TrustManager[] trustManagers;
+        KeyManager[] keyManagers;
+
+        MapValue secureSocket = options.getMapValue(ConnectionParam.SECURE_SOCKET.getKey());
+
+        MapValue trustStore = secureSocket.getMapValue(ConnectionParam.TRUST_STORE.getKey());
+        String trustStoreFilePath = trustStore.getStringValue(ConnectionParam.CERTIFICATE_PATH.getKey());
+        try (InputStream trustStream = new FileInputStream(trustStoreFilePath)) {
+            char[] trustStorePass = trustStore.getStringValue(ConnectionParam.CERTIFICATE_PASSWORD.getKey())
+                    .toCharArray();
+            KeyStore trustStoreJKS = KeyStore.getInstance(KeyStore.getDefaultType());
+            trustStoreJKS.load(trustStream, trustStorePass);
+
+            TrustManagerFactory trustFactory =
+                    TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+            trustFactory.init(trustStoreJKS);
+            trustManagers = trustFactory.getTrustManagers();
+        } catch (FileNotFoundException e) {
+            throw new MongoDBClientException("Trust store file not found for secure connections to MongoDB. " +
+                    "Trust Store file path : '" + trustStoreFilePath + "'.", e);
+        } catch (IOException e) {
+            throw new MongoDBClientException("I/O Exception in creating trust store for secure connections to " +
+                    "MongoDB. Trust Store file path : '" + trustStoreFilePath + "'.", e);
+        } catch (GeneralSecurityException e) {
+            throw new MongoDBClientException("Error in initializing certs for Trust Store : " +
+                    e.getMessage(), e.getCause());
+        }
+
+        MapValue keyStore = secureSocket.getMapValue(ConnectionParam.KEY_STORE.getKey());
+        String keyStoreFilePath = keyStore.getStringValue(ConnectionParam.CERTIFICATE_PATH.getKey());
+        try (InputStream keyStream = new FileInputStream(keyStoreFilePath)) {
+            char[] keyStorePass = keyStore.getStringValue(ConnectionParam.CERTIFICATE_PASSWORD.getKey())
+                    .toCharArray();
+            KeyStore keyStoreJKS = KeyStore.getInstance(KeyStore.getDefaultType());
+            keyStoreJKS.load(keyStream, keyStorePass);
+            KeyManagerFactory keyManagerFactory =
+                    KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+            keyManagerFactory.init(keyStoreJKS, keyStorePass);
+            keyManagers = keyManagerFactory.getKeyManagers();
+        } catch (FileNotFoundException e) {
+            throw new MongoDBClientException("Key store file not found for secure connections to MongoDB. " +
+                    "Key Store file path : '" + keyStoreFilePath + "'.", e);
+        } catch (IOException e) {
+            throw new MongoDBClientException("I/O Exception in creating trust store for secure connections to " +
+                    "MongoDB. Key Store file path : '" + keyStoreFilePath + "'.", e);
+        } catch (GeneralSecurityException e) {
+            throw new MongoDBClientException("Error in initializing certs for Key Store : " +
+                    e.getMessage(), e.getCause());
+        }
+
+        try {
+            String protocol = secureSocket.getStringValue(ConnectionParam.SSL_PROTOCOL.getKey());
+            SSLContext sslContext = SSLContext.getInstance(protocol);
+            sslContext.init(keyManagers, trustManagers, null);
+            return sslContext;
+        } catch (GeneralSecurityException e) {
+            throw new MongoDBClientException("Error in initializing SSL context with the key store/ trust store. " +
+                    "Trust Store file path : '" + trustStoreFilePath + "'. " +
+                    "Key Store file path : '" + keyStoreFilePath + "'.", e);
+        }
+    }
+
     /**
      * Enum for connection parameter indices.
      */
@@ -262,6 +337,7 @@ private enum ConnectionParam {
         URL("url"), READ_CONCERN("readConcern"), WRITE_CONCERN("writeConcern"), READ_PREFERENCE("readPreference"),
         AUTHSOURCE("authSource"), AUTHMECHANISM("authMechanism"), GSSAPI_SERVICE_NAME("gssapiServiceName"),
         REPLICA_SET("replicaSet"),
+        CERTIFICATE_PATH("path"), CERTIFICATE_PASSWORD("password"), SSL_PROTOCOL("protocol"),
 
         // boolean params
         SSL_ENABLED("sslEnabled"), SSL_INVALID_HOSTNAME_ALLOWED("sslInvalidHostNameAllowed"),
@@ -271,7 +347,10 @@ private enum ConnectionParam {
         SOCKET_TIMEOUT("socketTimeout"), CONNECTION_TIMEOUT("connectionTimeout"), MAX_POOL_SIZE("maxPoolSize"),
         SERVER_SELECTION_TIMEOUT("serverSelectionTimeout"), MAX_IDLE_TIME("maxIdleTime"), MAX_LIFE_TIME("maxLifeTime"),
         MIN_POOL_SIZE("minPoolSize"), WAIT_QUEUE_MULTIPLE("waitQueueMultiple"), WAIT_QUEUE_TIMEOUT("waitQueueTimeout"),
-        LOCAL_THRESHOLD("localThreshold"), HEART_BEAT_FREQUENCY("heartbeatFrequency");
+        LOCAL_THRESHOLD("localThreshold"), HEART_BEAT_FREQUENCY("heartbeatFrequency"),
+
+        // Map Params
+        SECURE_SOCKET("secureSocket"), TRUST_STORE("trustStore"), KEY_STORE("keyStore");
 
         private String key;
 

diff --git a/mongodb/Ballerina.lock b/mongodb/Ballerina.lock
@@ -1,4 +1,4 @@
 org_name = "ballerina"
-version = "1.0.0"
+version = "1.0.1"
 lockfile_version = "1.0.0"
-ballerina_version = "1.2.0"
+ballerina_version = "1.2.4"
diff --git a/mongodb/Ballerina.toml b/mongodb/Ballerina.toml
@@ -1,6 +1,6 @@
 [project]
 org-name= "ballerina"
-version= "1.0.0"
+version= "1.0.1"
 license= ["Apache-2.0"]
 authors = ["Ballerina"]
 keywords = ["MongoDB", "NoSQL"]
@@ -13,7 +13,7 @@ target = "java8"
 
     [[platform.libraries]]
     module = "mongodb"
-    path = "../mongo-utils/target/mongo-utils-1.0.0.jar"
+    path = "../mongo-utils/target/mongo-utils-1.0.1.jar"
     artafactId = "mongo-utils"
-    version = "1.0.0"
+    version = "1.0.1"
     groupId = "org.wso2.ei"