Merge pull request #145 from wultra/develop

Merge 1.6.0 to master

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,76 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ develop, master]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ develop ]
+  schedule:
+    - cron: '0 2 * * 4'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'java' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Use only 'java' to analyze code written in Java, Kotlin or both
+        # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+
+        # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        # queries: security-extended,security-and-quality
+
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, Go, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v2
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+    #   If the Autobuild fails above, remove it and uncomment the following three lines.
+    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+    # - run: |
+    #   echo "Run, Build Application using script"
+    #   ./location_of_script_within_repo/buildscript.sh
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2
+      with:
+        category: "/language:${{matrix.language}}"

.github/workflows/coverity-scan.yml

@@ -0,0 +1,16 @@
+name: Run Coverity scan and upload results
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron:  '0 10 1 * *'    # monthly
+
+
+jobs:
+  coverity-scan:
+    uses: wultra/wultra-infrastructure/.github/workflows/coverity-scan.yml@develop
+    secrets: inherit
+    with:
+      project-name: ${{ github.event.repository.name }}
+      version: ${{ github.sha }}
+      description: ${{ github.ref }}

.github/workflows/maven-deploy.yml

@@ -0,0 +1,52 @@
+name: Deploy with Maven
+
+on:
+  workflow_dispatch:
+    branches:
+      - 'develop'
+      - 'master'
+      - 'releases/*'
+      - 'test/ci'
+    inputs:
+      release_type:
+        type: choice
+        description:
+        default: snapshot
+        options:
+          - snapshot
+          - release
+      environment:
+        type: environment
+        default: internal-publish
+        description: internal or external repository
+  push:
+    branches:
+     - 'develop'
+     - 'test/ci'
+
+
+
+jobs:
+  maven-deploy-internal:
+    if: ${{ github.event_name == 'push' }}
+    name: Deploy to ${{ inputs.environment }}
+    uses: wultra/wultra-infrastructure/.github/workflows/maven-deploy.yml@develop
+    with:
+      environment: internal-publish
+      release_type: snapshot
+    secrets:
+      username: ${{ secrets.MAVEN_CENTRAL_USERNAME }}
+      password: ${{ secrets.MAVEN_CENTRAL_PASSWORD }}
+
+  maven-deploy-public:
+    if: ${{ github.event_name == 'workflow_dispatch' }}
+    name: Deploy to ${{ inputs.environment }}
+    uses: wultra/wultra-infrastructure/.github/workflows/maven-deploy.yml@develop
+    with:
+      environment: ${{ inputs.environment }}
+      release_type: ${{ inputs.release_type }}
+    secrets:
+      username: ${{ secrets.MAVEN_CENTRAL_USERNAME }}
+      password: ${{ secrets.MAVEN_CENTRAL_PASSWORD }}
+      gpg_passphrase: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
+      gpg_key: ${{ secrets.OSSRH_GPG_SECRET_KEY }}

.github/workflows/maven-test.yml

@@ -0,0 +1,19 @@
+name: Test with Maven
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+     - 'develop'
+     - 'master'
+     - 'releases/**'
+     - 'test/ci'
+  pull_request:
+    branches:
+      - 'develop'
+      - 'master'
+      - 'releases/**'
+
+jobs:
+  maven-tests:
+    uses: wultra/wultra-infrastructure/.github/workflows/maven-test.yml@develop

README.md

@@ -162,6 +162,10 @@ Once the rest client is initialized, you can use the following methods. Each met
 - `patch` - a blocking PATCH call with a generic request / response
 - `patchNonBlocking` - a non-blocking PATCH call with a generic request / response with `onSuccess` and `onError` consumers
 - `patchObject` - a blocking PATCH call with `ObjectRequest` / `ObjectResponse`
+- `head` - a blocking HEAD call with a generic request
+- `headNonBlocking` - a non-blocking HEAD call with a generic request with `onSuccess` and `onError` consumers
+- `headObject` - a blocking HEAD call with `ObjectRequest`
+
 - `delete` - a blocking DELETE call with a generic response
 - `deleteNonBlocking` - a non-blocking DELETE call with a generic response with `onSuccess` and `onError` consumers
 - `deleteObject` - a blocking DELETE call with `ObjectResponse`
@@ -206,11 +210,59 @@ In case any HTTP error occurs during a blocking HTTP request execution, a `RestC
 
 Non-blocking methods provide an `onError` consumer for custom error handling.
 
+### Logging
+
+To enable request / response logging, set level of `com.wultra.core.rest.client.base.DefaultRestClient` to `TRACE`.
+
+#### Request Example
+
+```log
+2022-11-25 07:40:37.283 TRACE 53194 --- [ctor-http-nio-2] c.w.c.r.client.base.DefaultRestClient    : [4400ac35] REGISTERED
+2022-11-25 07:40:37.297 TRACE 53194 --- [ctor-http-nio-2] c.w.c.r.client.base.DefaultRestClient    : [4400ac35] CONNECT: localhost/127.0.0.1:50794
+2022-11-25 07:40:37.323 TRACE 53194 --- [ctor-http-nio-2] c.w.c.r.client.base.DefaultRestClient    : [4400ac35, L:/127.0.0.1:50795 - R:localhost/127.0.0.1:50794] ACTIVE
+2022-11-25 07:40:37.396 TRACE 53194 --- [ctor-http-nio-2] c.w.c.r.client.base.DefaultRestClient    : [4400ac35, L:/127.0.0.1:50795 - R:localhost/127.0.0.1:50794] READ COMPLETE
+2022-11-25 07:40:37.396 TRACE 53194 --- [ctor-http-nio-2] c.w.c.r.client.base.DefaultRestClient    : [4400ac35, L:/127.0.0.1:50795 - R:localhost/127.0.0.1:50794] READ COMPLETE
+2022-11-25 07:40:37.436 TRACE 53194 --- [ctor-http-nio-2] c.w.c.r.client.base.DefaultRestClient    : [4400ac35, L:/127.0.0.1:50795 - R:localhost/127.0.0.1:50794] USER_EVENT: SslHandshakeCompletionEvent(SUCCESS)
+2022-11-25 07:40:37.466 TRACE 53194 --- [ctor-http-nio-2] c.w.c.r.client.base.DefaultRestClient    : [4400ac35-1, L:/127.0.0.1:50795 - R:localhost/127.0.0.1:50794] WRITE: 212B POST /api/test/object-response HTTP/1.1
+user-agent: ReactorNetty/1.0.19
+host: localhost:50794
+Content-Type: application/json
+Accept: application/json
+Authorization: Basic dGVzdDp0ZXN0
+content-length: 45
+
+
+2022-11-25 07:40:37.466 TRACE 53194 --- [ctor-http-nio-2] c.w.c.r.client.base.DefaultRestClient    : [4400ac35-1, L:/127.0.0.1:50795 - R:localhost/127.0.0.1:50794] WRITE: 45B {"requestObject":{"request":"1669358437187"}}
+2022-11-25 07:40:37.466 TRACE 53194 --- [ctor-http-nio-2] c.w.c.r.client.base.DefaultRestClient    : [4400ac35-1, L:/127.0.0.1:50795 - R:localhost/127.0.0.1:50794] FLUSH
+2022-11-25 07:40:37.470 TRACE 53194 --- [ctor-http-nio-2] c.w.c.r.client.base.DefaultRestClient    : [4400ac35-1, L:/127.0.0.1:50795 - R:localhost/127.0.0.1:50794] READ COMPLETE
+```
+
+#### Response Example
+
+```log
+2022-11-25 07:35:07.393 TRACE 53095 --- [tor-http-nio-10] c.w.c.r.client.base.DefaultRestClient    : [9855567c-1, L:/127.0.0.1:50699 - R:localhost/127.0.0.1:50690] READ: 430B HTTP/1.1 200 
+X-Content-Type-Options: nosniff
+X-XSS-Protection: 1; mode=block
+Cache-Control: no-cache, no-store, max-age=0, must-revalidate
+Pragma: no-cache
+Expires: 0
+Strict-Transport-Security: max-age=31536000 ; includeSubDomains
+X-Frame-Options: DENY
+Content-Type: application/json
+Transfer-Encoding: chunked
+Date: Fri, 25 Nov 2022 06:35:06 GMT
+
+3f
+{"status":"OK","responseObject":{"response":"object response"}}
+
+2022-11-25 07:35:07.393 TRACE 53095 --- [tor-http-nio-10] c.w.c.r.client.base.DefaultRestClient    : [9855567c-1, L:/127.0.0.1:50699 - R:localhost/127.0.0.1:50690] READ COMPLETE
+```
+
 ## Wultra Auditing Library
 
 The `audit-base` project provides auditing functionality for easier investigation of issues. Audit records are stored in a database and can be easily queried. The auditing library also handles removal of old audit records.
 
-The audit library requires two database tables. The DDL is available for the following databases:
+The audit library requires one database table `audit_log` and optionally the second table `audit_params` for logging detail parameters. The DDL is available for the following databases:
 - [DDL for MySQL](./docs/sql/mysql/create_schema.sql)
 - [DDL for Oracle](./docs/sql/oracle/create_schema.sql)
 - [DDL for PostgreSQL](./docs/sql/postgresql/create_schema.sql)
@@ -229,6 +281,7 @@ The following properties can be configured in case the default configuration nee
 - `audit.db.cleanup.days` - audit records older than specified number of days are deleted (default: `365`) 
 - `audit.db.table.log.name` - name of audit log database table (default: `audit_log`)
 - `audit.db.table.param.name` - name of audit parameters database table (default: `audit_param`)
+- `audit.db.table.param.enabled` - flag if logging params to parameters database is enabled (default: `false`)
 - `audit.db.batch.size` - database batch size (default: `1000`)  
 
 ### Audit Levels

audit-base/pom.xml

@@ -6,12 +6,10 @@
     <parent>
         <groupId>io.getlime.core</groupId>
         <artifactId>lime-java-core-parent</artifactId>
-        <version>1.5.0</version>
-        <relativePath>../pom.xml</relativePath>
+        <version>1.6.0</version>
     </parent>
 
     <artifactId>audit-base</artifactId>
-    <version>1.5.0</version>
     <name>audit-base</name>
     <description>Common auditing functionality used by Wultra backend Java projects</description>
     <packaging>jar</packaging>
@@ -20,22 +18,23 @@
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-jdbc</artifactId>
-            <version>${spring-boot.version}</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
-            <version>${jackson.version}</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.datatype</groupId>
             <artifactId>jackson-datatype-jsr310</artifactId>
-            <version>${jackson.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.projectlombok</groupId>
+            <artifactId>lombok</artifactId>
+            <scope>provided</scope>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-test</artifactId>
-            <version>${spring-boot.version}</version>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -51,7 +50,7 @@
             <plugin>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-maven-plugin</artifactId>
-                <version>2.5.0</version>
+                <version>${spring-boot.version}</version>
                 <executions>
                     <execution>
                         <id>build-info</id>

audit-base/src/main/java/com/wultra/core/audit/base/configuration/AuditConfiguration.java

@@ -52,9 +52,15 @@ public class AuditConfiguration {
     @Value("${audit.db.table.log.name:audit_log}")
     private String dbTableNameAudit;
 
+    @Value("${audit.db.table.param.enabled:false}")
+    private boolean dbTableParamLoggingEnabled;
+
     @Value("${audit.db.table.param.name:audit_param}")
     private String dbTableNameParam;
 
+    @Value("${spring.jpa.properties.hibernate.default_schema:}")
+    private String dbDefaultSchema;
+
     @Value("${audit.db.batch.size:1000}")
     private int batchSize;
 
@@ -145,11 +151,28 @@ public String getDbTableNameAudit() {
         return dbTableNameAudit;
     }
 
+    /**
+     * Get default database schema.
+     * @return Default database schema.
+     */
+    public String getDbDefaultSchema() {
+        return dbDefaultSchema;
+    }
+
     /**
      * Get database table name for audit parameters.
      * @return Database table name for audit parameters.
      */
     public String getDbTableNameParam() {
         return dbTableNameParam;
     }
+
+    /**
+     * Get enabled flag for detail logging to database table.
+     * @return Flag for detail logging into audit database.
+     */
+    public boolean isDbTableParamLoggingEnabled() {
+        return dbTableParamLoggingEnabled;
+    }
+
 }