From 6d2711f3bd76bcc212d7c3205e33e653cb609a6c Mon Sep 17 00:00:00 2001 From: Lubos Racansky Date: Thu, 29 Feb 2024 07:35:06 +0100 Subject: [PATCH 01/35] Fix #219: Set develop version to 1.8.0-SNAPSHOT --- pom.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pom.xml b/pom.xml index e4990bd..897d4d6 100644 --- a/pom.xml +++ b/pom.xml @@ -12,7 +12,7 @@ com.wultra.app mobile-utility-server - 1.7.0 + 1.8.0-SNAPSHOT war Mobile Utility Server Utility server with various features suitable for mobile apps @@ -61,8 +61,8 @@ UTF-8 - 1.7.0 - 1.9.0 + 1.8.0-SNAPSHOT + 1.10.0-SNAPSHOT 1.77 From 69593d2e1156f3aece7e553b55737960f933006b Mon Sep 17 00:00:00 2001 From: Lubos Racansky Date: Thu, 7 Mar 2024 11:29:17 +0100 Subject: [PATCH 02/35] Update GitHub Actions to JDK 21 --- .github/workflows/codeql.yml | 3 ++- .github/workflows/coverity-scan.yml | 1 + .github/workflows/maven-deploy.yml | 2 ++ .github/workflows/maven-test.yml | 4 +++- .github/workflows/publish-docker-image.yml | 2 +- 5 files changed, 9 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index c0f081a..36aece8 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -19,4 +19,5 @@ jobs: # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] # Use only 'java' to analyze code written in Java, Kotlin or both # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both - # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support \ No newline at end of file + # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support + java_version: 21 \ No newline at end of file diff --git a/.github/workflows/coverity-scan.yml b/.github/workflows/coverity-scan.yml index 8a887f3..e0652fb 100644 --- a/.github/workflows/coverity-scan.yml +++ b/.github/workflows/coverity-scan.yml @@ -14,3 +14,4 @@ jobs: project-name: ${{ github.event.repository.name }} version: ${{ github.sha }} description: ${{ github.ref }} + java_version: 21 diff --git a/.github/workflows/maven-deploy.yml b/.github/workflows/maven-deploy.yml index 1d4146b..3cf893a 100644 --- a/.github/workflows/maven-deploy.yml +++ b/.github/workflows/maven-deploy.yml @@ -32,6 +32,7 @@ jobs: with: environment: internal-publish release_type: snapshot + java_version: 21 secrets: username: ${{ secrets.MAVEN_CENTRAL_USERNAME }} password: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} @@ -43,6 +44,7 @@ jobs: with: environment: ${{ inputs.environment }} release_type: ${{ inputs.release_type }} + java_version: 21 secrets: username: ${{ secrets.MAVEN_CENTRAL_USERNAME }} password: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} diff --git a/.github/workflows/maven-test.yml b/.github/workflows/maven-test.yml index 6bdada9..33932bf 100644 --- a/.github/workflows/maven-test.yml +++ b/.github/workflows/maven-test.yml @@ -15,4 +15,6 @@ on: jobs: maven-tests: uses: wultra/wultra-infrastructure/.github/workflows/maven-test.yml@develop - secrets: inherit \ No newline at end of file + secrets: inherit + with: + java_version: 21 \ No newline at end of file diff --git a/.github/workflows/publish-docker-image.yml b/.github/workflows/publish-docker-image.yml index a47c0bf..dda9665 100644 --- a/.github/workflows/publish-docker-image.yml +++ b/.github/workflows/publish-docker-image.yml @@ -25,7 +25,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-java@v3 with: - java-version: '17' + java-version: '21' distribution: 'temurin' server-id: jfrog-central server-username: INTERNAL_USERNAME From 3c1a4996bb72408e7bfd4a2aafecbe0981bd016a Mon Sep 17 00:00:00 2001 From: Lubos Racansky Date: Thu, 7 Mar 2024 11:32:21 +0100 Subject: [PATCH 03/35] Update GitHub Actions publish-docker-image - checkout@v4 - setup-java@v4 - setup-qemu-action@v3 - setup-buildx-action@v3 - login-action@v3 - build-push-action@v5 --- .github/workflows/publish-docker-image.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/publish-docker-image.yml b/.github/workflows/publish-docker-image.yml index a47c0bf..8d26dcb 100644 --- a/.github/workflows/publish-docker-image.yml +++ b/.github/workflows/publish-docker-image.yml @@ -22,8 +22,8 @@ jobs: INTERNAL_USERNAME: ${{ secrets.JFROG_USERNAME }} INTERNAL_PASSWORD: ${{ secrets.JFROG_PASSWORD }} steps: - - uses: actions/checkout@v3 - - uses: actions/setup-java@v3 + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 with: java-version: '17' distribution: 'temurin' @@ -41,21 +41,21 @@ jobs: run: | mvn -U -DuseInternalRepo=true --no-transfer-progress clean package - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 with: install: true - name: Log in to Azure registry if: ${{ github.event_name == 'workflow_dispatch' }} - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: https://powerauth.azurecr.io/ username: ${{ secrets.ACR_USERNAME }} password: ${{ secrets.ACR_PASSWORD }} - name: Build and push container image to Azure registry - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v5 with: push: ${{ github.event_name == 'workflow_dispatch' }} platforms: linux/amd64 From a01d903930b2b34f478fe0e5a05ce6579129438d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Mar 2024 22:27:48 +0000 Subject: [PATCH 04/35] Bump io.gatling.highcharts:gatling-charts-highcharts Bumps [io.gatling.highcharts:gatling-charts-highcharts](https://github.com/gatling/gatling-highcharts) from 3.10.4 to 3.10.5. - [Commits](https://github.com/gatling/gatling-highcharts/compare/v3.10.4...v3.10.5) --- updated-dependencies: - dependency-name: io.gatling.highcharts:gatling-charts-highcharts dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 897d4d6..e1808f9 100644 --- a/pom.xml +++ b/pom.xml @@ -67,7 +67,7 @@ 1.77 2.3.0 - 3.10.4 + 3.10.5 7.4 From c5040404b7a47796959406415798cac10e90bb42 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Mar 2024 22:28:09 +0000 Subject: [PATCH 05/35] Bump org.springframework.boot:spring-boot-starter-parent Bumps [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) from 3.2.3 to 3.2.4. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v3.2.3...v3.2.4) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter-parent dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 897d4d6..397dfe4 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ org.springframework.boot spring-boot-starter-parent - 3.2.3 + 3.2.4 From 56379bd07933e9567105ca232f247ff6f64b2461 Mon Sep 17 00:00:00 2001 From: Lubos Racansky Date: Thu, 28 Mar 2024 07:35:16 +0100 Subject: [PATCH 06/35] Downgrade JDK for Coverity GHA to 17 --- .github/workflows/coverity-scan.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/coverity-scan.yml b/.github/workflows/coverity-scan.yml index e0652fb..8a887f3 100644 --- a/.github/workflows/coverity-scan.yml +++ b/.github/workflows/coverity-scan.yml @@ -14,4 +14,3 @@ jobs: project-name: ${{ github.event.repository.name }} version: ${{ github.sha }} description: ${{ github.ref }} - java_version: 21 From d5bdc1d661c652c63a228ba55a71aef9a6c01966 Mon Sep 17 00:00:00 2001 From: Lubos Racansky Date: Thu, 28 Mar 2024 09:24:45 +0100 Subject: [PATCH 07/35] Fix #245: Return ERROR_NOT_FOUND code instead of white label error page --- .../ExceptionHandlingControllerAdvice.java | 28 +++++++++++++++---- 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/src/main/java/com/wultra/app/mobileutilityserver/rest/errorhandling/ExceptionHandlingControllerAdvice.java b/src/main/java/com/wultra/app/mobileutilityserver/rest/errorhandling/ExceptionHandlingControllerAdvice.java index 9a133d0..bc91d97 100644 --- a/src/main/java/com/wultra/app/mobileutilityserver/rest/errorhandling/ExceptionHandlingControllerAdvice.java +++ b/src/main/java/com/wultra/app/mobileutilityserver/rest/errorhandling/ExceptionHandlingControllerAdvice.java @@ -17,12 +17,6 @@ */ package com.wultra.app.mobileutilityserver.rest.errorhandling; -import com.wultra.app.mobileutilityserver.rest.model.errors.ExtendedError; -import com.wultra.app.mobileutilityserver.rest.model.errors.Violation; -import io.getlime.core.rest.model.base.response.ErrorResponse; -import jakarta.validation.ConstraintViolation; -import jakarta.validation.ConstraintViolationException; -import lombok.extern.slf4j.Slf4j; import org.springframework.http.HttpStatus; import org.springframework.http.converter.HttpMessageConversionException; import org.springframework.security.access.AccessDeniedException; @@ -37,6 +31,14 @@ import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseStatus; +import org.springframework.web.servlet.resource.NoResourceFoundException; + +import com.wultra.app.mobileutilityserver.rest.model.errors.ExtendedError; +import com.wultra.app.mobileutilityserver.rest.model.errors.Violation; +import io.getlime.core.rest.model.base.response.ErrorResponse; +import jakarta.validation.ConstraintViolation; +import jakarta.validation.ConstraintViolationException; +import lombok.extern.slf4j.Slf4j; /** * Controller advice responsible for error handling. @@ -222,4 +224,18 @@ public class ExceptionHandlingControllerAdvice { logger.debug("Exception detail: ", e); return new io.getlime.core.rest.model.base.response.ErrorResponse("ERROR_AUTHENTICATION", e.getMessage()); } + + /** + * Exception handler for no resource found. + * + * @param e Exception. + * @return Response with error details. + */ + @ExceptionHandler(NoResourceFoundException.class) + @ResponseStatus(HttpStatus.NOT_FOUND) + public @ResponseBody ErrorResponse handleNoResourceFoundException(final NoResourceFoundException e) { + logger.warn("Error occurred when calling an API: {}", e.getMessage()); + logger.debug("Exception detail: ", e); + return new ErrorResponse("ERROR_NOT_FOUND", "Resource not found."); + } } From 38bcc714668da890b78947a24b00957679bd8951 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Apr 2024 22:48:23 +0000 Subject: [PATCH 08/35] Bump org.springdoc:springdoc-openapi-starter-webmvc-ui Bumps [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) from 2.3.0 to 2.5.0. - [Release notes](https://github.com/springdoc/springdoc-openapi/releases) - [Changelog](https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md) - [Commits](https://github.com/springdoc/springdoc-openapi/compare/v2.3.0...v2.5.0) --- updated-dependencies: - dependency-name: org.springdoc:springdoc-openapi-starter-webmvc-ui dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 511bf71..7c1ce3a 100644 --- a/pom.xml +++ b/pom.xml @@ -66,7 +66,7 @@ 1.77 - 2.3.0 + 2.5.0 3.10.5 7.4 From 1e089f019e7282b60445773f06f0bc99b2623db4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Apr 2024 22:10:52 +0000 Subject: [PATCH 09/35] Bump bc.version from 1.77 to 1.78 Bumps `bc.version` from 1.77 to 1.78. Updates `org.bouncycastle:bcprov-jdk18on` from 1.77 to 1.78 - [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) Updates `org.bouncycastle:bcpkix-jdk18on` from 1.77 to 1.78 - [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) --- updated-dependencies: - dependency-name: org.bouncycastle:bcprov-jdk18on dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.bouncycastle:bcpkix-jdk18on dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 7c1ce3a..d70725b 100644 --- a/pom.xml +++ b/pom.xml @@ -65,7 +65,7 @@ 1.10.0-SNAPSHOT - 1.77 + 1.78 2.5.0 3.10.5 7.4 From fa483a38d5b99020409d99f364eb8db64b7ca408 Mon Sep 17 00:00:00 2001 From: Lubos Racansky Date: Thu, 11 Apr 2024 14:17:49 +0200 Subject: [PATCH 10/35] Fix #250: DocuCheck Warnings --- docs/Database-Structure.md | 91 ++++++++++++++------------------------ 1 file changed, 33 insertions(+), 58 deletions(-) diff --git a/docs/Database-Structure.md b/docs/Database-Structure.md index bf1aad4..747f454 100644 --- a/docs/Database-Structure.md +++ b/docs/Database-Structure.md @@ -27,6 +27,11 @@ Contains information related to various mobile apps. | `display_name` | `VARCHAR(255)` | Display name of the application, a human readable value, such as `Wultra Demo App`. | | `sign_private_key` | `VARCHAR(255)` | Base64-encoded private key associated with the application. It is used for signing the data on the server side. | | `sign_public_key` | `VARCHAR(255)` | Base64-encoded public key associated with the application. It is used by the client applications when verifying data signed on the server side. | + +#### Sequence + +Sequence `mus_mobile_app_seq` responsible for mobile app autoincrements. + @@ -41,6 +46,15 @@ Contains information related to pinned domains. | `id` | `INTEGER` | Primary key for the table, automatically incremented value. | | `app_id` | `INTEGER` | Reference to related mobile app entity. | | `domain` | `VARCHAR(255)` | Host name of the domain, such as `mobile.wultra.com`. | + +#### Sequence + +Sequence `mus_mobile_domain_seq` responsible for mobile domain autoincrements. + +#### Indexes + +The tables are relatively small and as a result, do not require indexes. To marginally improve the lookup performance, you can create a foreign index to map the domain to mobile app. + @@ -57,6 +71,15 @@ Table with TLS/SSL certificate and fingerprints that should be pinned in the mob | `fingerprint` | `VARCHAR(255)` | Value of the certificate fingerprint. | | `expires` | `INTEGER` | Unix timestamp (seconds since Jan 1, 1970) of the certificate expiration. | | `mobile_domain_id` | `INTEGER` | Reference to related application domain in the `mus_mobile_domain` table. | + +#### Sequence + +Sequence `mus_certificate_seq` responsible for SSL certificates and fingerprints autoincrements. + +#### Indexes + +The tables are relatively small and as a result, do not require indexes. To marginally improve the lookup performance, you can create a foreign index for mapping the fingerprint to domain. + @@ -86,8 +109,12 @@ Table with users authorities. | `id` | `INTEGER` | Primary key for the table, automatically incremented value. | | `user_id` | `INTEGER` | Foreign key column referencing users in `mus_user` table. | | `authority` | `VARCHAR(255)` | Name of authority for the user prefixed with `ROLE_` (`ROLE_ADMIN`). | - +#### Indexes + +The tables are relatively small and as a result, do not require indexes. To marginally improve the lookup performance, you can create a foreign index to map the user authority to the user. + + ### Mobile Application Version @@ -105,6 +132,11 @@ Table to force or suggest update of mobile application version. | `suggested_version` | `VARCHAR(24)` | If the application version is lower, update is suggested. | | `required_version` | `VARCHAR(24)` | If the application version is lower, update is required. | | `message_key` | `VARCHAR(255)` | Together with language identifies row in `mus_localized_text` | + +#### Sequence + +Sequence `mus_mobile_app_version_seq` responsible for mobile application version autoincrements. + @@ -121,60 +153,3 @@ Table with localized texts. | `language` | `VARCHAR(2)` | Primary composite key for the table. ISO 639-1 two-letter language code. | | `text` | `TEXT` | Localized text. | - - -## Sequences - - -### Mobile App Sequence - -Sequence responsible for mobile app autoincrements. - - - - -### Mobile App Domain Sequence - -Sequence responsible for mobile domain autoincrements. - - - - -### SSL Certificate Sequence - -Sequence responsible for SSL certificates and fingerprints autoincrements. - - - - -### Mobile Application Version Sequence - -Sequence responsible for mobile application version autoincrements. - - - - -## Foreign Indexes - -The tables are relatively small and as a result, do not require indexes. To marginally improve the lookup performance, you can create the following foreign indexes. - - -### Foreign Index for SSL Fingerprint Lookup - -Foreign index for mapping the fingerprint to domain. - - - - -### Foreign Index for Domain Lookup - -Foreign index to map the domain to mobile app. - - - - -### Foreign Index for User Authority Lookup - -Foreign index to map the user authority to the user. - - From aa5ba15f64b41725fbd05bad1fa3c4b2e0a7bfe2 Mon Sep 17 00:00:00 2001 From: Lubos Racansky Date: Mon, 15 Apr 2024 14:59:27 +0200 Subject: [PATCH 11/35] Disable CodeQL GitHub Action on pull requests --- .github/workflows/codeql.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 36aece8..bbcfa5e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -4,9 +4,6 @@ on: workflow_dispatch: push: branches: [ 'develop', 'master', 'releases/**' ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ 'develop', 'master', 'releases/**' ] schedule: - cron: '17 14 * * 2' From 9ee4c7a7286d9c9e396b5ed4b7e9c6e4df4b627c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Apr 2024 22:40:40 +0000 Subject: [PATCH 12/35] Bump org.springframework.boot:spring-boot-starter-parent Bumps [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) from 3.2.4 to 3.2.5. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v3.2.4...v3.2.5) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter-parent dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index d70725b..db982a1 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ org.springframework.boot spring-boot-starter-parent - 3.2.4 + 3.2.5 From 52d20c370c1f561a4acb7089784762c83003f44a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Apr 2024 22:41:00 +0000 Subject: [PATCH 13/35] Bump bc.version from 1.78 to 1.78.1 Bumps `bc.version` from 1.78 to 1.78.1. Updates `org.bouncycastle:bcprov-jdk18on` from 1.78 to 1.78.1 - [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) Updates `org.bouncycastle:bcpkix-jdk18on` from 1.78 to 1.78.1 - [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) --- updated-dependencies: - dependency-name: org.bouncycastle:bcprov-jdk18on dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.bouncycastle:bcpkix-jdk18on dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index d70725b..782986a 100644 --- a/pom.xml +++ b/pom.xml @@ -65,7 +65,7 @@ 1.10.0-SNAPSHOT - 1.78 + 1.78.1 2.5.0 3.10.5 7.4 From ca38deaa4ef35fc2a3bc4c84fa5f32fd7eb5f7e9 Mon Sep 17 00:00:00 2001 From: Lubos Racansky Date: Mon, 29 Apr 2024 10:02:33 +0200 Subject: [PATCH 14/35] Fix #257: Improve WildFly documentation and configuration --- src/main/resources/application.properties | 3 +++ src/main/webapp/WEB-INF/jboss-deployment-structure.xml | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 50a88e5..d01f6d2 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -61,3 +61,6 @@ management.tracing.sampling.probability=1.0 #management.endpoints.web.exposure.include=health, prometheus #management.endpoint.prometheus.enabled=true #management.prometheus.metrics.export.enabled=true + +spring.autoconfigure.exclude=\ + org.springframework.boot.actuate.autoconfigure.metrics.jersey.JerseyServerMetricsAutoConfiguration diff --git a/src/main/webapp/WEB-INF/jboss-deployment-structure.xml b/src/main/webapp/WEB-INF/jboss-deployment-structure.xml index d9918a0..7de80dc 100644 --- a/src/main/webapp/WEB-INF/jboss-deployment-structure.xml +++ b/src/main/webapp/WEB-INF/jboss-deployment-structure.xml @@ -1,5 +1,5 @@ - + From 91365a31144d3f01f9cb2c8bd6fd678708888345 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Apr 2024 22:34:55 +0000 Subject: [PATCH 15/35] Bump io.gatling:gatling-maven-plugin from 4.8.2 to 4.9.0 Bumps [io.gatling:gatling-maven-plugin](https://github.com/gatling/gatling-maven-plugin) from 4.8.2 to 4.9.0. - [Commits](https://github.com/gatling/gatling-maven-plugin/compare/v4.8.2...v4.9.0) --- updated-dependencies: - dependency-name: io.gatling:gatling-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 7d68b56..4fba92b 100644 --- a/pom.xml +++ b/pom.xml @@ -245,7 +245,7 @@ io.gatling gatling-maven-plugin - 4.8.2 + 4.9.0 org.apache.maven.plugins From b0a0985bf86daf5e339fe9f9e7810e69bd8be3c4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Apr 2024 22:35:09 +0000 Subject: [PATCH 16/35] Bump io.gatling.highcharts:gatling-charts-highcharts Bumps [io.gatling.highcharts:gatling-charts-highcharts](https://github.com/gatling/gatling-highcharts) from 3.10.5 to 3.11.2. - [Commits](https://github.com/gatling/gatling-highcharts/compare/v3.10.5...v3.11.2) --- updated-dependencies: - dependency-name: io.gatling.highcharts:gatling-charts-highcharts dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 7d68b56..da079c0 100644 --- a/pom.xml +++ b/pom.xml @@ -67,7 +67,7 @@ 1.78.1 2.5.0 - 3.10.5 + 3.11.2 7.4 From 25d99be2b6cf398106aa61172fa2bd89f08bead6 Mon Sep 17 00:00:00 2001 From: Lubos Racansky Date: Thu, 16 May 2024 09:01:13 +0200 Subject: [PATCH 17/35] Add dependabot configuration for github-actions --- .github/dependabot.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 81dcf70..4452a25 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -9,3 +9,8 @@ updates: directory: "/" schedule: interval: "weekly" + - package-ecosystem: "github-actions" + # Workflow files stored in the default location of `.github/workflows`. (You don't need to specify `/.github/workflows` for `directory`. You can use `directory: "/"`.) + directory: "/" + schedule: + interval: "weekly" From b48b9748e62359c2f6cb6e056071ae66f1badfa3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 May 2024 22:57:36 +0000 Subject: [PATCH 18/35] Bump io.gatling.highcharts:gatling-charts-highcharts Bumps [io.gatling.highcharts:gatling-charts-highcharts](https://github.com/gatling/gatling-highcharts) from 3.11.2 to 3.11.3. - [Commits](https://github.com/gatling/gatling-highcharts/compare/v3.11.2...v3.11.3) --- updated-dependencies: - dependency-name: io.gatling.highcharts:gatling-charts-highcharts dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 070bf68..e3b9be4 100644 --- a/pom.xml +++ b/pom.xml @@ -67,7 +67,7 @@ 1.78.1 2.5.0 - 3.11.2 + 3.11.3 7.4 From 04e5491de6d66f544917bff5abcfb51ed62eac2f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 May 2024 22:57:41 +0000 Subject: [PATCH 19/35] Bump io.gatling:gatling-maven-plugin from 4.9.0 to 4.9.1 Bumps [io.gatling:gatling-maven-plugin](https://github.com/gatling/gatling-maven-plugin) from 4.9.0 to 4.9.1. - [Commits](https://github.com/gatling/gatling-maven-plugin/compare/v4.9.0...v4.9.1) --- updated-dependencies: - dependency-name: io.gatling:gatling-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 070bf68..4c2b60b 100644 --- a/pom.xml +++ b/pom.xml @@ -245,7 +245,7 @@ io.gatling gatling-maven-plugin - 4.9.0 + 4.9.1 org.apache.maven.plugins From 2b5484df3b0e0a91533412c5f3a705145ea544a3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 May 2024 22:57:45 +0000 Subject: [PATCH 20/35] Bump org.apache.maven:maven-artifact from 3.9.6 to 3.9.7 Bumps [org.apache.maven:maven-artifact](https://github.com/apache/maven) from 3.9.6 to 3.9.7. - [Release notes](https://github.com/apache/maven/releases) - [Commits](https://github.com/apache/maven/compare/maven-3.9.6...maven-3.9.7) --- updated-dependencies: - dependency-name: org.apache.maven:maven-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 070bf68..33293d8 100644 --- a/pom.xml +++ b/pom.xml @@ -152,7 +152,7 @@ org.apache.maven maven-artifact - 3.9.6 + 3.9.7 From fadf04f4248e05d656bfaff06629dade53370a41 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 May 2024 22:57:57 +0000 Subject: [PATCH 21/35] Bump org.springframework.boot:spring-boot-starter-parent Bumps [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) from 3.2.5 to 3.3.0. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v3.2.5...v3.3.0) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter-parent dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 070bf68..006cc07 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ org.springframework.boot spring-boot-starter-parent - 3.2.5 + 3.3.0 From 762f9ec107251cd0ffb7f9443457a2f9d2e178f1 Mon Sep 17 00:00:00 2001 From: Jan Dusil <134381434+jandusil@users.noreply.github.com> Date: Wed, 29 May 2024 13:47:37 +0200 Subject: [PATCH 22/35] Fix #248: Create standard API Docs for Admin Part (#261) * Fix #248: Create standard API Docs for Admin Part --- docs/API-Admin.md | 959 ++++++++++++++++++++++++++++++++++++++++++++++ docs/Readme.md | 13 +- docs/_Sidebar.md | 16 +- 3 files changed, 970 insertions(+), 18 deletions(-) create mode 100644 docs/API-Admin.md diff --git a/docs/API-Admin.md b/docs/API-Admin.md new file mode 100644 index 0000000..5653c84 --- /dev/null +++ b/docs/API-Admin.md @@ -0,0 +1,959 @@ +# Administration Services + + + +The Administration Services of Mobile Utility Server provide functionality for managing applications, +certificates, versions, and text resources. + +## Possible Error Codes + +| HTTP Status Code | Error Code | Description | +|------------------|------------------------|---------------------------------------------------------------------------------------------------| +| `400` | `APP_EXCEPTION` | Indicates an error occurring during app operations like creating an already existing app. | +| `400` | `ERROR_REQUEST` | Request did not pass a structural validation (mandatory field is null, invalid field type, etc.). | +| `400` | `UNKNOWN_ERROR` | An error occurred when processing the request. Problems with request binding | +| `401` | `ERROR_AUTHENTICATION` | Unauthorized access attempt. This occurs when invalid credentials are provided. | +| `404` | `APP_NOT_FOUND` | Indicates that the app with the provided ID was not found. | +| `500` | `INTERNAL_ERROR` | An internal server error occurred, potentially due to misconfiguration. | + +## Services + + + +### Create Application + +Create a new application with specified name. + +#### Request + +##### Request Body + +```json +{ + "name": "mobile-app", + "displayName": "Mobile App" +} +``` + +| Attribute | Type | Description | +|---------------------------------------------------------------|----------|----------------------------------| +| `name`* | `String` | Name of the application. | +| `displayName`* | `String` | Display name of the application. | + +#### Response 200 + +```json +{ + "name": "Application Name", + "displayName": "Display name of the Application", + "publicKey": "pk1", + "domains": [ + { + "name": "name1", + "certificates": [ + { + "pem": "pem1", + "fingerprint": "fingerprint1", + "expires": 100 + } + ] + } + ] +} +``` + +| Attribute | Type | Description | +|----------------------------------------|------------|------------------------------------------------------| +| `name` | `String` | Name of the application. | +| `displayName` | `String` | Display name of the application. | +| `publicKey` | `String` | Public key of the application. | +| `domains` | `Object[]` | List of domain configurations for the application. | +| `domains[].name` | `String` | Name of the domain. | +| `domains[].certificates` | `Object[]` | List of certificates for the domain. | +| `domains[].certificates[].pem` | `String` | PEM-encoded certificate. | +| `domains[].certificates[].fingerprint` | `String` | Fingerprint of the certificate. | +| `domains[].certificates[].expires` | `Long` | Expiration time of the certificate in epoch seconds. | + +#### Response 400 + +Application creation failed due to invalid input or missing required fields. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_REQUEST", + "message": "Required fields are missing" + } +} +``` + +Application creation failed due to already used app name or error while generating cryptographic keys. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "APP_EXCEPTION", + "message": "Application with name already exists: XY / Error while generating cryptographic keys" + } +} +``` + +Possible Error states are: + +- `ERROR_REQUEST` - Request did not pass a structural validation (mandatory field is null, invalid field type, etc.). +- `APP_EXCEPTION` - Application with name already exists: XY or Error while generating cryptographic keys. + +#### Response 401 + +Invalid username or password was provided while calling the service. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_AUTHENTICATION", + "message": "Unauthorized" + } +} +``` + + + + + +### List Applications + +Retrieve a list of all registered applications. + +#### Response 200 + +```json +{ + "applications": [ + { + "name": "mobile-app-1", + "displayName": "Mobile App 1" + }, + { + "name": "mobile-app-2", + "displayName": "Mobile App 2" + } + ] +} +``` + +| Attribute | Type | Description | +|------------------------------|------------|----------------------------------| +| `applications` | `Object[]` | List of registered applications. | +| `applications[].name` | `String` | Name of the application. | +| `applications[].displayName` | `String` | Display name of the application. | + +#### Response 401 + +Invalid username or password was provided while calling the service. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_AUTHENTICATION", + "message": "Unauthorized" + } +} +``` + + + + + +### Application Detail + +Retrieve detailed information about a specific application by its name. This endpoint provides complete details +including configuration settings. + +#### Request + +##### Path Params + +| Param | Type | Description | +|--------------------------------------------------------|----------|--------------------------------------------------| +| `name`* | `String` | Name of the application to retrieve details for. | + +#### Response 200 + +```json +{ + "name": "Application Name", + "displayName": "Display name of the Application", + "publicKey": "pk1", + "domains": [ + { + "name": "name1", + "certificates": [ + { + "pem": "pem1", + "fingerprint": "fingerprint1", + "expires": 100 + } + ] + } + ] +} +``` + +| Attribute | Type | Description | +|----------------------------------------|------------|------------------------------------------------------| +| `name` | `String` | Name of the application. | +| `displayName` | `String` | Display name of the application. | +| `publicKey` | `String` | Public key of the application. | +| `domains` | `Object[]` | List of domain configurations for the application. | +| `domains[].name` | `String` | Name of the domain. | +| `domains[].certificates` | `Object[]` | List of certificates for the domain. | +| `domains[].certificates[].pem` | `String` | PEM-encoded certificate. | +| `domains[].certificates[].fingerprint` | `String` | Fingerprint of the certificate. | +| `domains[].certificates[].expires` | `Long` | Expiration time of the certificate in epoch seconds. | + +#### Response 401 + +Invalid username or password was provided while calling the service. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_AUTHENTICATION", + "message": "Unauthorized" + } +} +``` + + + + + +### Create Automatic Application Certificate + +Automatically generate and associate a certificate with a specified application. This endpoint handles the creation and +registration of a new certificate using server-defined parameters. + +#### Request + +##### Path Params + +| Param | Type | Description | +|--------------------------------------------------------|----------|--------------------------------------------------------------------| +| `name`* | `String` | Name of the application for which the certificate will be created. | + +##### Request Body + +```json +{ + "domain": "domain1" +} +``` + +| Attribute | Type | Description | +|----------------------------------------------------------|----------|-------------------------------------------------| +| `domain`* | `String` | The domain from which to fetch the certificate. | + +#### Response 200 + +```json +{ + "name": "Domain Name", + "pem": "pem1", + "fingerprint": "fingerprint1", + "expires": 100 +} +``` + +| Attribute | Type | Description | +|---------------------------------------------------------------|----------|---------------------------------------------| +| `name`* | `String` | Name of the domain. | +| `pem`* | `String` | PEM format of the certificate. | +| `fingerprint`* | `String` | Fingerprint of the certificate.. | +| `expires`* | `Long` | Timestamp when the certificate will expire. | + +#### Response 400 + +Certificate creation failed due to invalid input or missing required fields. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_REQUEST", + "message": "Required fields are missing" + } +} +``` + +#### Response 401 + +Invalid username or password was provided while calling the service. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_AUTHENTICATION", + "message": "Unauthorized" + } +} +``` + +#### Response 404 + +Failed to create the certificate because the requested app was not found. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "APP_NOT_FOUND", + "message": "App with a provided ID was not found." + } +} +``` + +#### Response 500 + +Error occurred during app execution. + +```json +{ + "timestamp": "TIMESTAMP", + "status": 500, + "error": "Internal Server Error", + "path": "/admin/apps/mobile-app22/certificates/auto" +} +``` + + + + +### Create PEM Application Certificate + +Manually add a PEM format certificate to a specified application. This endpoint accepts a PEM-encoded certificate and +associates it with the application. + +#### Request + +##### Path Params + +| Param | Type | Description | +|--------------------------------------------------------|----------|--------------------------------------------------------------------| +| `name`* | `String` | Name of the application to which the certificate will be attached. | + +##### Request Body + +```json +{ + "pem": "pem1" +} +``` + +| Attribute | Type | Description | +|-------------------------------------------------------|----------|---------------------------------| +| `pem`* | `String` | PEM encoded certificate string. | + +#### Response 200 + +```json +{ + "name": "Domain Name", + "pem": "pem1", + "fingerprint": "fingerprint1", + "expires": 100 +} +``` + +| Attribute | Type | Description | +|---------------------------------------------------------------|----------|---------------------------------------------| +| `name`* | `String` | Name of the domain. | +| `pem`* | `String` | PEM format of the certificate. | +| `fingerprint`* | `String` | Fingerprint of the certificate.. | +| `expires`* | `Long` | Timestamp when the certificate will expire. | + +#### Response 400 + +Certificate creation failed due to invalid input or missing required fields. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_REQUEST", + "message": "Required fields are missing" + } +} +``` + +#### Response 401 + +Invalid username or password was provided while calling the service. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_AUTHENTICATION", + "message": "Unauthorized" + } +} +``` + +#### Response 404 + +Failed to create the certificate because the requested app was not found. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "APP_NOT_FOUND", + "message": "App with a provided ID was not found." + } +} +``` + +#### Response 500 + +Error occurred during app execution. + +```json +{ + "timestamp": "TIMESTAMP", + "status": 500, + "error": "Internal Server Error", + "path": "/admin/apps/mobile-app22/certificates/auto" +} +``` + + + + + +### Delete Certificate + +Delete a certificate associated with a specific application based on domain and fingerprint criteria. + +#### Request + +##### Path Params + +| Param | Type | Description | +|--------------------------------------------------------|----------|------------------------------------------------------------------| +| `name`* | `String` | Name of the application from which certificates will be deleted. | + +##### Query Parameters + +| Parameter | Type | Description | +|---------------------------------------------------------------|----------|---------------------------------------------------------------------| +| `domain`* | `String` | Domain associated with the certificate. | +| `fingerprint`* | `String` | Fingerprint of the certificate to specifically target for deletion. | + +#### Response 200 + +```json +{ + "status": "OK" +} +``` + +#### Response 401 + +Invalid username or password was provided while calling the service. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_AUTHENTICATION", + "message": "Unauthorized" + } +} +``` + + + + + +### Delete Domain + +Delete a domain associated with a specific application. + +#### Request + +##### Path Params + +| Param | Type | Description | +|--------------------------------------------------------|----------|----------------------------------------------------------------| +| `name`* | `String` | Name of the application from which the domain will be deleted. | + +##### Query Parameters + +| Parameter | Type | Description | +|----------------------------------------------------------|----------|--------------------------------------------| +| `domain`* | `String` | Domain to be deleted from the application. | + +#### Response 200 + +Indicates that the domain was successfully deleted. + +```json +{ + "status": "OK" +} +``` + +#### Response 401 + +Invalid username or password was provided while calling the service. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_AUTHENTICATION", + "message": "Unauthorized" + } +} +``` + + + + + +### Delete Expired Certificates + +Remove all expired certificates from the system. This endpoint provides a cleanup mechanism for old or no longer valid +certificates. + +#### Response 200 + +Indicates that all expired certificates were successfully removed. + +```json +{ + "status": "OK" +} +``` + +#### Response 401 + +Invalid username or password was provided while calling the service. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_AUTHENTICATION", + "message": "Unauthorized" + } +} +``` + + + + + +### List Application Versions + +Retrieve a list of all versions for a specific application. This endpoint provides details about each version, including +version number and status. + +#### Request + +##### Path Parameters + +| Param | Type | Description | +|--------------------------------------------------------|----------|--------------------------------------------------------------| +| `name`* | `String` | Name of the application for which versions are being listed. | + +#### Response 200 + +```json +{ + "applicationVersions": [ + { + "id": 1, + "platform": "ANDROID", + "majorOsVersion": 12, + "suggestedVersion": "3.1.2", + "requiredVersion": "3.1.2", + "messageKey": "update_required" + } + ] +} +``` + +| Attribute | Type | Description | +|------------------------------------------------------------------------------------|------------|-------------------------------------------------------------------------------| +| `applicationVersions` | `Object[]` | List of app versions. | +| `applicationVersions[].id`* | `Long` | Unique identifier of the application version. | +| `applicationVersions[].platform`* | `Enum` | Platform of the application (e.g., ANDROID, IOS). | +| `applicationVersions[].majorOsVersion` | `Integer` | Major OS version for the application, may be `null` to match all. | +| `applicationVersions[].suggestedVersion` | `String` | Suggested version of the application in SemVer 2.0 format. | +| `applicationVersions[].requiredVersion` | `String` | Required version of the application in SemVer 2.0 format. | +| `applicationVersions[].messageKey`* | `String` | Key for the message related to the version (e.g., for localization purposes). | + +#### Response 401 + +Invalid username or password was provided while calling the service. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_AUTHENTICATION", + "message": "Unauthorized" + } +} +``` + + + + + +### Application Version Detail + +Retrieve detailed information about a specific version of an application. + +#### Request + +##### Path Parameters + +| Param | Type | Description | +|--------------------------------------------------------|----------|----------------------------------------------------| +| `name`* | `String` | Name of the application. | +| `id` * | `Long` | Identifier of the version to retrieve details for. | + +#### Response 200 + +```json + { + "id": 1, + "platform": "ANDROID", + "majorOsVersion": 12, + "suggestedVersion": "3.1.2", + "requiredVersion": "3.1.2", + "messageKey": "update_required" +} +``` + +| Attribute | Type | Description | +|--------------------------------------------------------------|-----------|-------------------------------------------------------------------------------| +| `id`* | `Long` | Unique identifier of the application version. | +| `platform`* | `Enum` | Platform of the application (e.g., ANDROID, IOS). | +| `majorOsVersion` | `Integer` | Major OS version for the application, may be `null` to match all. | +| `suggestedVersion` | `String` | Suggested version of the application in SemVer 2.0 format. | +| `requiredVersion` | `String` | Required version of the application in SemVer 2.0 format. | +| `messageKey`* | `String` | Key for the message related to the version (e.g., for localization purposes). | + +#### Response 401 + +Invalid username or password was provided while calling the service. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_AUTHENTICATION", + "message": "Unauthorized" + } +} +``` + + + + + +### Create Application Version + +Add a new version to a specific application. + +#### Request + +##### Path Parameters + +| Param | Type | Description | +|--------------------------------------------------------|----------|------------------------------------------------| +| `name`* | `String` | Name of the application to add the version to. | + +##### Request Body + +```json +{ + "platform": "ANDROID", + "majorOsVersion": 12, + "suggestedVersion": "3.1.2", + "requiredVersion": "3.1.2", + "messageKey": "update_required" +} + +``` + +| Attribute | Type | Description | +|--------------------------------------------------------------------|-----------|-------------------------------------------------------------------------------| +| `platform`* | `Enum` | Platform of the application (e.g., ANDROID, IOS). | +| `majorOsVersion` | `Integer` | Major OS version for the application, may be `null` to match all. | +| `suggestedVersion`* | `String` | Suggested version of the application in SemVer 2.0 format. | +| `requiredVersion`* | `String` | Required version of the application in SemVer 2.0 format. | +| `messageKey` | `String` | Key for the message related to the version (e.g., for localization purposes). | + +#### Response 200 + +```json + { + "id": 1, + "platform": "ANDROID", + "majorOsVersion": 12, + "suggestedVersion": "3.1.2", + "requiredVersion": "3.1.2", + "messageKey": "update_required" +} +``` + +| Attribute | Type | Description | +|--------------------------------------------------------------|-----------|-------------------------------------------------------------------------------| +| `id`* | `Long` | Unique identifier of the application version. | +| `platform`* | `Enum` | Platform of the application (e.g., ANDROID, IOS). | +| `majorOsVersion` | `Integer` | Major OS version for the application, may be `null` to match all. | +| `suggestedVersion` | `String` | Suggested version of the application in SemVer 2.0 format. | +| `requiredVersion` | `String` | Required version of the application in SemVer 2.0 format. | +| `messageKey`* | `String` | Key for the message related to the version (e.g., for localization purposes). | + +#### Response 400 + +Certificate creation failed due to invalid input or missing required fields. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_REQUEST", + "message": "Required fields are missing" + } +} +``` + +#### Response 401 + +Invalid username or password was provided while calling the service. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_AUTHENTICATION", + "message": "Unauthorized" + } +} +``` + + + + + +### Delete Application Version + +Remove a specific version from an application. This action is irreversible and should be used with caution to ensure +that no critical information is lost. + +#### Request + +##### Path Parameters + +| Param | Type | Description | +|--------------------------------------------------------|----------|--------------------------------------| +| `name`* | `String` | Name of the application. | +| `id`* | `String` | Identifier of the version to delete. | + +#### Response 200 + +Indicates that the version was successfully deleted. + +```json +{ + "status": "OK" +} +``` + + + + + +### List Texts + +Retrieve a list of all text entries managed within the system. + +#### Response 200 + +```json +{ + "texts": [ + { + "messageKey": "welcome_message", + "language": "en", + "text": "Welcome to our application!" + }, + { + "messageKey": "farewell_message", + "language": "es", + "text": "Gracias por visitar nuestra aplicación." + } + ] +} +``` + +| Attribute | Type | Description | +|----------------------------------------------------------------------|------------|-------------------------------------| +| `texts`* | `Object[]` | List of texts. | +| `texts[].messageKey`* | `String` | Unique key identifier for the text. | +| `texts[].language`* | `String` | ISO 639-1 two-letter language code. | +| `texts[].text`* | `String` | The content of the text. | + +#### Response 401 + +Invalid username or password was provided while calling the service. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_AUTHENTICATION", + "message": "Unauthorized" + } +} +``` + + + + + +### Text Detail + +Retrieve detailed information about a specific text identified by its key and language. This endpoint provides the +content and the last update timestamp. + +#### Request + +##### Path Parameters + +| Param | Type | Description | +|------------------------------------------------------------|----------|----------------------------------| +| `key`* | `String` | The key identifier for the text. | +| `language`* | `String` | The language code for the text. | + +#### Response 200 + +```json +{ + "messageKey": "welcome_message", + "language": "en", + "text": "Welcome to our application!" +} +``` + +| Attribute | Type | Description | +|--------------------------------------------------------------|----------|-------------------------------------| +| `messageKey`* | `String` | Unique key identifier for the text. | +| `language`* | `String` | ISO 639-1 two-letter language code. | +| `text`* | `String` | The content of the text. | + +#### Response 401 + +Invalid username or password was provided while calling the service. + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_AUTHENTICATION", + "message": "Unauthorized" + } +} +``` + + + + + +### Create Text + +Add a new text entry to the system. + +#### Request + +##### Request Body + +```json +{ + "messageKey": "new_message", + "language": "fr", + "text": "Bienvenue dans notre application!" +} +``` + +| Attribute | Type | Description | +|--------------------------------------------------------------|----------|-------------------------------------| +| `messageKey`* | `String` | Unique key identifier for the text. | +| `language`* | `String` | ISO 639-1 two-letter language code. | +| `text`* | `String` | The content of the text. | + +#### Response 200 + +```json +{ + "messageKey": "new_message", + "language": "fr", + "text": "Bienvenue dans notre application!" +} +``` + +| Attribute | Type | Description | +|--------------------------------------------------------------|----------|-------------------------------------| +| `messageKey`* | `String` | Unique key identifier for the text. | +| `language`* | `String` | ISO 639-1 two-letter language code. | +| `text`* | `String` | The content of the text. | + +#### Response 400 + +```json +{ + "status": "ERROR", + "responseObject": { + "code": "ERROR_REQUEST", + "message": "Required fields are missing" + } +} +``` + + + + +### Delete Text + +Remove a specific text entry from the system identified by its key and language. + +#### Request + +##### Path Parameters + +| Param | Type | Description | +|------------------------------------------------------------|----------|----------------------------------| +| `key`* | `String` | The key identifier for the text. | +| `language`* | `String` | The language code for the text. | + +#### Response 200 + +```json +{ + "status": "OK" +} +``` + + diff --git a/docs/Readme.md b/docs/Readme.md index b32f7b1..ca04653 100644 --- a/docs/Readme.md +++ b/docs/Readme.md @@ -1,16 +1,5 @@ # Mobile Utility Server - -## Table of Contents - -- [Overview](./Readme.md) -- [Deployment](./Deployment.md) -- [Database Structure](./Database-Structure.md) -- [Migration Instructions](./Migration-Instructions.md) -- [Configuration](./Configuration.md) -- [Public RESTful API](./Public-REST-API.md) - - The Mobile Utility Server by [Wultra](https://wultra.com) is a utility server with various features required by typical mobile apps. Currently, the feature set is relatively narrow: @@ -24,4 +13,4 @@ Mobile Utility Server is licensed using GNU AGPLv3 license. Please consult us at ## Contact -If you have any questions, please contact us at [hello@wultra.com](mailto:hello@wultra.com). +If you have any questions, please contact us at [hello@wultra.com](mailto:hello@wultra.com). \ No newline at end of file diff --git a/docs/_Sidebar.md b/docs/_Sidebar.md index d2611ba..9d423f0 100644 --- a/docs/_Sidebar.md +++ b/docs/_Sidebar.md @@ -1,11 +1,15 @@ -[Overview](./Readme.md) +**Introduction** -[Deployment](./Deployment.md) +- [Overview](./Readme.md) +- [Configuration](./Configuration.md) +- [Deployment](./Deployment.md) +- [Migration Instructions](./Migration-Instructions.md) -[Database Structure](./Database-Structure.md) +**API Reference** -[Migration Instructions](./Migration-Instructions.md) +- [Admin API](./API-Admin.md) +- [Public RESTful API](./Public-REST-API.md) -[Configuration](./Configuration.md) +**Reference** -[Public RESTful API](./Public-REST-API.md) +- [Database Structure](./Database-Structure.md) From 7d5e5945a45ebd80152198eca39f6ada37f53f36 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Jun 2024 22:36:39 +0000 Subject: [PATCH 23/35] Bump io.gatling:gatling-maven-plugin from 4.9.1 to 4.9.4 Bumps [io.gatling:gatling-maven-plugin](https://github.com/gatling/gatling-maven-plugin) from 4.9.1 to 4.9.4. - [Commits](https://github.com/gatling/gatling-maven-plugin/compare/v4.9.1...v4.9.4) --- updated-dependencies: - dependency-name: io.gatling:gatling-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index ed5a914..e1b2b5d 100644 --- a/pom.xml +++ b/pom.xml @@ -245,7 +245,7 @@ io.gatling gatling-maven-plugin - 4.9.1 + 4.9.4 org.apache.maven.plugins From 10961dd40a1acdd4c9c350c87e2afd384da1e91e Mon Sep 17 00:00:00 2001 From: Martin Korbel Date: Thu, 13 Jun 2024 17:44:55 +0200 Subject: [PATCH 24/35] Fix #268 fix proper shell, set db user/pass variables as optional --- deploy/dockerfile/runtime/docker-entrypoint.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/deploy/dockerfile/runtime/docker-entrypoint.sh b/deploy/dockerfile/runtime/docker-entrypoint.sh index a54f612..7dc41be 100755 --- a/deploy/dockerfile/runtime/docker-entrypoint.sh +++ b/deploy/dockerfile/runtime/docker-entrypoint.sh @@ -1,10 +1,10 @@ -#!/usr/bin/env sh +#!/usr/bin/env bash set -euo pipefail -liquibase --headless=true --log-level=INFO --changeLogFile=$LB_HOME/db/changelog/db.changelog-master.xml \ - --username=$MOBILE_UTILITY_SERVER_DATASOURCE_USERNAME \ - --password=$MOBILE_UTILITY_SERVER_DATASOURCE_PASSWORD \ - --url=$MOBILE_UTILITY_SERVER_DATASOURCE_URL \ +liquibase --headless=true --log-level=INFO --changeLogFile="${LB_HOME}/db/changelog/db.changelog-master.xml" \ + --username="${MOBILE_UTILITY_SERVER_DATASOURCE_USERNAME:-}" \ + --password="${MOBILE_UTILITY_SERVER_DATASOURCE_PASSWORD:-}" \ + --url="${MOBILE_UTILITY_SERVER_DATASOURCE_URL}" \ update java -Dserver.port=8000 -jar /mobile-utility-server.war From c64f8841d8e24fa221c9a54f1c704a81e2aa4567 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jun 2024 22:07:26 +0000 Subject: [PATCH 25/35] Bump org.apache.maven:maven-artifact from 3.9.7 to 3.9.8 Bumps [org.apache.maven:maven-artifact](https://github.com/apache/maven) from 3.9.7 to 3.9.8. - [Release notes](https://github.com/apache/maven/releases) - [Commits](https://github.com/apache/maven/compare/maven-3.9.7...maven-3.9.8) --- updated-dependencies: - dependency-name: org.apache.maven:maven-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e1b2b5d..219b08e 100644 --- a/pom.xml +++ b/pom.xml @@ -152,7 +152,7 @@ org.apache.maven maven-artifact - 3.9.7 + 3.9.8 From 4618cdca3830888e42b2856f44f19cba80f3b6ed Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jun 2024 22:42:09 +0000 Subject: [PATCH 26/35] Bump docker/build-push-action from 5 to 6 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5 to 6. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v5...v6) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/publish-docker-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-docker-image.yml b/.github/workflows/publish-docker-image.yml index 77d8047..29b3ce1 100644 --- a/.github/workflows/publish-docker-image.yml +++ b/.github/workflows/publish-docker-image.yml @@ -55,7 +55,7 @@ jobs: username: ${{ secrets.ACR_USERNAME }} password: ${{ secrets.ACR_PASSWORD }} - name: Build and push container image to Azure registry - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: push: ${{ github.event_name == 'workflow_dispatch' }} platforms: linux/amd64 From 6a1c142efcd022e5fbb771fb22cd5e2a5eb0f0f1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 21 Jun 2024 05:28:55 +0000 Subject: [PATCH 27/35] Bump org.springframework.boot:spring-boot-starter-parent Bumps [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) from 3.3.0 to 3.3.1. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.0...v3.3.1) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter-parent dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 219b08e..698d3f3 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ org.springframework.boot spring-boot-starter-parent - 3.3.0 + 3.3.1 From e6235e30718dd19f08af648fad94f02e66b28d93 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Jun 2024 22:27:14 +0000 Subject: [PATCH 28/35] Bump io.gatling.highcharts:gatling-charts-highcharts Bumps [io.gatling.highcharts:gatling-charts-highcharts](https://github.com/gatling/gatling-highcharts) from 3.11.3 to 3.11.4. - [Commits](https://github.com/gatling/gatling-highcharts/compare/v3.11.3...v3.11.4) --- updated-dependencies: - dependency-name: io.gatling.highcharts:gatling-charts-highcharts dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 698d3f3..f078d99 100644 --- a/pom.xml +++ b/pom.xml @@ -67,7 +67,7 @@ 1.78.1 2.5.0 - 3.11.3 + 3.11.4 7.4 From 2da50d302dc8a65abd00b89d1dc9e7365e43c1f0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Jul 2024 22:57:56 +0000 Subject: [PATCH 29/35] Bump io.gatling:gatling-maven-plugin from 4.9.4 to 4.9.6 Bumps [io.gatling:gatling-maven-plugin](https://github.com/gatling/gatling-maven-plugin) from 4.9.4 to 4.9.6. - [Commits](https://github.com/gatling/gatling-maven-plugin/compare/v4.9.4...v4.9.6) --- updated-dependencies: - dependency-name: io.gatling:gatling-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index f078d99..4eaf5ab 100644 --- a/pom.xml +++ b/pom.xml @@ -245,7 +245,7 @@ io.gatling gatling-maven-plugin - 4.9.4 + 4.9.6 org.apache.maven.plugins From 469aedc4046e9abc29cf29845c5ad37926d36718 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Jul 2024 22:58:12 +0000 Subject: [PATCH 30/35] Bump io.gatling.highcharts:gatling-charts-highcharts Bumps [io.gatling.highcharts:gatling-charts-highcharts](https://github.com/gatling/gatling-highcharts) from 3.11.4 to 3.11.5. - [Commits](https://github.com/gatling/gatling-highcharts/compare/v3.11.4...v3.11.5) --- updated-dependencies: - dependency-name: io.gatling.highcharts:gatling-charts-highcharts dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index f078d99..dfeef32 100644 --- a/pom.xml +++ b/pom.xml @@ -67,7 +67,7 @@ 1.78.1 2.5.0 - 3.11.4 + 3.11.5 7.4 From 78d46247d7460fd70948d6fd624a40bc6b0e0fc4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zden=C4=9Bk=20=C4=8Cern=C3=BD?= Date: Mon, 8 Jul 2024 14:41:43 +0200 Subject: [PATCH 31/35] Fix #284: Update pipeline to publish to artifactory. (#285) * Fix #284: Update pipeline to publish to artifactory. Co-authored-by: Martin Korbel <112644829+korbelm@users.noreply.github.com> --------- Co-authored-by: Martin Korbel <112644829+korbelm@users.noreply.github.com> --- .github/workflows/publish-docker-image.yml | 36 +++++++++++++++++----- 1 file changed, 29 insertions(+), 7 deletions(-) diff --git a/.github/workflows/publish-docker-image.yml b/.github/workflows/publish-docker-image.yml index 29b3ce1..e1ae067 100644 --- a/.github/workflows/publish-docker-image.yml +++ b/.github/workflows/publish-docker-image.yml @@ -7,6 +7,15 @@ on: - 'develop' - 'master' - 'releases/*' + inputs: + push_to_acr: + description: Push to ACR? + type: boolean + default: true + push_to_jfrog: + description: Push to JFrog? + type: boolean + default: false pull_request: branches: - 'develop' @@ -46,20 +55,33 @@ jobs: uses: docker/setup-buildx-action@v3 with: install: true - + - name: Log in to JFrog registry + if: inputs.push_to_jfrog == true + uses: docker/login-action@v3 + with: + registry: https://wultra.jfrog.io/ + username: ${{ vars.JFROG_CONTAINER_REGISTRY_USERNAME }} + password: ${{ secrets.JFROG_CONTAINER_REGISTRY_PASSWORD }} - name: Log in to Azure registry - if: ${{ github.event_name == 'workflow_dispatch' }} + if: inputs.push_to_acr == true uses: docker/login-action@v3 with: registry: https://powerauth.azurecr.io/ - username: ${{ secrets.ACR_USERNAME }} + username: ${{ vars.ACR_USERNAME }} password: ${{ secrets.ACR_PASSWORD }} - name: Build and push container image to Azure registry uses: docker/build-push-action@v6 with: - push: ${{ github.event_name == 'workflow_dispatch' }} - platforms: linux/amd64 - tags: powerauth.azurecr.io/mobile-utility-server:${{ env.REVISION }}${{ env.TIMESTAMP }}-${{ github.sha }} + push: ${{ inputs.push_to_acr == true || inputs.push_to_jfrog == true }} + platforms: linux/amd64,linux/arm64 + tags: | + ${{ inputs.push_to_acr == true && format('powerauth.azurecr.io/mobile-utility-server:{0}{1}-{2}', env.REVISION, env.TIMESTAMP, github.sha) || '' }} + ${{ inputs.push_to_jfrog == true && format('wultra.jfrog.io/wultra-docker/mobile-utility-server:{0}{1}-{2}', env.REVISION, env.TIMESTAMP, github.sha) || '' }} file: ./deploy/dockerfile/runtime/Dockerfile context: . - + - run: echo '### 🚀 Published images' >> $GITHUB_STEP_SUMMARY + - if: inputs.push_to_acr == true + run: | + echo 'powerauth.azurecr.io/mobile-utility-server:${{ env.REVISION }}${{ env.TIMESTAMP }}-${{ github.sha }}' >> $GITHUB_STEP_SUMMARY + - if: inputs.push_to_jfrog == true + run: echo 'wultra.jfrog.io/wultra-docker/mobile-utility-server:${{ env.REVISION }}${{ env.TIMESTAMP }}-${{ github.sha }}' >> $GITHUB_STEP_SUMMARY From e56234bd6e471193411b57441badd418d6942963 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Jul 2024 07:53:19 +0000 Subject: [PATCH 32/35] Bump org.springdoc:springdoc-openapi-starter-webmvc-ui Bumps [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) from 2.5.0 to 2.6.0. - [Release notes](https://github.com/springdoc/springdoc-openapi/releases) - [Changelog](https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md) - [Commits](https://github.com/springdoc/springdoc-openapi/compare/v2.5.0...v2.6.0) --- updated-dependencies: - dependency-name: org.springdoc:springdoc-openapi-starter-webmvc-ui dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 37a621f..4c3d505 100644 --- a/pom.xml +++ b/pom.xml @@ -66,7 +66,7 @@ 1.78.1 - 2.5.0 + 2.6.0 3.11.5 7.4 From ed9b957016483be31f2751c73dfb87f55aefff76 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20Dvo=C5=99=C3=A1k?= Date: Mon, 15 Jul 2024 15:21:28 +0200 Subject: [PATCH 33/35] Fix #279: Validate challenge format to be Base64 encoded bytes (#280) * Fix #279: Validate challenge format to be Base64 encoded bytes * Fix minor localization issues * Add HttpHeadersTest --------- Co-authored-by: Lubos Racansky --- .../ExceptionHandlingControllerAdvice.java | 6 +- .../InvalidChallengeHeaderException.java | 2 +- .../rest/http/HttpHeaders.java | 33 ++++++++- .../rest/http/HttpHeadersTest.java | 73 +++++++++++++++++++ 4 files changed, 107 insertions(+), 7 deletions(-) create mode 100644 src/test/java/com/wultra/app/mobileutilityserver/rest/http/HttpHeadersTest.java diff --git a/src/main/java/com/wultra/app/mobileutilityserver/rest/errorhandling/ExceptionHandlingControllerAdvice.java b/src/main/java/com/wultra/app/mobileutilityserver/rest/errorhandling/ExceptionHandlingControllerAdvice.java index bc91d97..7b705a1 100644 --- a/src/main/java/com/wultra/app/mobileutilityserver/rest/errorhandling/ExceptionHandlingControllerAdvice.java +++ b/src/main/java/com/wultra/app/mobileutilityserver/rest/errorhandling/ExceptionHandlingControllerAdvice.java @@ -92,9 +92,9 @@ public class ExceptionHandlingControllerAdvice { @ExceptionHandler(InvalidChallengeHeaderException.class) @ResponseStatus(HttpStatus.FORBIDDEN) public @ResponseBody ErrorResponse handleInvalidChallengeHeaderException(InvalidChallengeHeaderException ex) { - final String code = "INSUFFICIENT_CHALLENGE"; - final String message = "Request does not contain sufficiently strong challenge header, 16B is required at least."; - logger.error("Request does not contain sufficiently strong challenge header, 16B is required at least: {}", ex.getMessage()); + final String code = "INVALID_CHALLENGE"; + final String message = "Request does not contain correct challenge header, a random Base64 encoded challenge with 16B - 32B raw length is required."; + logger.error("Request does not contain correct challenge header, a random Base64 encoded challenge with 16B - 32B raw length is required: {}", ex.getMessage()); logger.debug("Exception detail: ", ex); return new ErrorResponse(code, message); } diff --git a/src/main/java/com/wultra/app/mobileutilityserver/rest/errorhandling/InvalidChallengeHeaderException.java b/src/main/java/com/wultra/app/mobileutilityserver/rest/errorhandling/InvalidChallengeHeaderException.java index 59aca63..8dce015 100644 --- a/src/main/java/com/wultra/app/mobileutilityserver/rest/errorhandling/InvalidChallengeHeaderException.java +++ b/src/main/java/com/wultra/app/mobileutilityserver/rest/errorhandling/InvalidChallengeHeaderException.java @@ -19,7 +19,7 @@ package com.wultra.app.mobileutilityserver.rest.errorhandling; /** - * Exception thrown in the case challenge header is not present or is not sufficiently complex. + * Exception thrown in the case challenge header is not present or is not adequately complex. * * @author Petr Dvorak, petr@wultra.com */ diff --git a/src/main/java/com/wultra/app/mobileutilityserver/rest/http/HttpHeaders.java b/src/main/java/com/wultra/app/mobileutilityserver/rest/http/HttpHeaders.java index e7783df..8fc5b33 100644 --- a/src/main/java/com/wultra/app/mobileutilityserver/rest/http/HttpHeaders.java +++ b/src/main/java/com/wultra/app/mobileutilityserver/rest/http/HttpHeaders.java @@ -17,22 +17,49 @@ */ package com.wultra.app.mobileutilityserver.rest.http; +import java.util.Base64; + +import org.apache.commons.lang3.StringUtils; + +import lombok.extern.slf4j.Slf4j; + /** * Class with constants for HTTP request / response headers. * * @author Petr Dvorak, petr@wultra.com */ +@Slf4j public class HttpHeaders { public static final int MIN_CHALLENGE_HEADER_LENGTH = 16; + public static final int MAX_CHALLENGE_HEADER_LENGTH = 32; public static final String REQUEST_CHALLENGE = "X-Cert-Pinning-Challenge"; public static final String RESPONSE_SIGNATURE = "X-Cert-Pinning-Signature"; + private HttpHeaders() { + throw new IllegalStateException("Should not be instantiated."); + } + public static boolean validChallengeHeader(String challengeHeader) { - return challengeHeader != null - && challengeHeader.length() >= HttpHeaders.MIN_CHALLENGE_HEADER_LENGTH - && !challengeHeader.isBlank(); + try { + if (StringUtils.isEmpty(challengeHeader)) { + logger.warn("Missing or blank challenge header: {}", challengeHeader); + return false; + } + final byte[] challengeBytes = Base64.getDecoder().decode(challengeHeader); + final int challengeLength = challengeBytes.length; + if (challengeLength >= MIN_CHALLENGE_HEADER_LENGTH && challengeLength <= MAX_CHALLENGE_HEADER_LENGTH) { + return true; + } else { + logger.warn("Invalid challenge size, must be between {} and {}, was: {}", MIN_CHALLENGE_HEADER_LENGTH, MAX_CHALLENGE_HEADER_LENGTH, challengeLength); + return false; + } + } catch (IllegalArgumentException ex) { + logger.warn("Invalid Base64 value received in the header: {}", challengeHeader); + logger.debug("Exception detail: {}", ex.getMessage(), ex); + return false; + } } } diff --git a/src/test/java/com/wultra/app/mobileutilityserver/rest/http/HttpHeadersTest.java b/src/test/java/com/wultra/app/mobileutilityserver/rest/http/HttpHeadersTest.java new file mode 100644 index 0000000..0555ab5 --- /dev/null +++ b/src/test/java/com/wultra/app/mobileutilityserver/rest/http/HttpHeadersTest.java @@ -0,0 +1,73 @@ +/* + * Wultra Mobile Utility Server + * Copyright (C) 2024 Wultra s.r.o. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.wultra.app.mobileutilityserver.rest.http; + +import static org.junit.jupiter.api.Assertions.*; + +import java.util.Base64; + +import org.junit.jupiter.api.Test; + +/** + * Test for {@link HttpHeaders}. + * + * @author Lubos Racansky, lubos.racansky@wultra.com + */ +class HttpHeadersTest { + + @Test + void testValidChallengeHeader_success() { + final String input = Base64.getEncoder().encodeToString(new byte[20]); + + final boolean result = HttpHeaders.validChallengeHeader(input); + + assertTrue(result); + } + + @Test + void testValidChallengeHeader_empty() { + final boolean result = HttpHeaders.validChallengeHeader(""); + + assertFalse(result); + } + + @Test + void testValidChallengeHeader_tooShort() { + final String input = Base64.getEncoder().encodeToString(new byte[14]); + + final boolean result = HttpHeaders.validChallengeHeader(input); + + assertFalse(result); + } + + @Test + void testValidChallengeHeader_tooLong() { + final String input = Base64.getEncoder().encodeToString(new byte[33]); + + final boolean result = HttpHeaders.validChallengeHeader(input); + + assertFalse(result); + } + + @Test + void testValidChallengeHeader_notBase64() { + final boolean result = HttpHeaders.validChallengeHeader("&-+"); + + assertFalse(result); + } +} From 15eb0d826da8ecf846726a44fe1862419ae75f22 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Jul 2024 22:23:23 +0000 Subject: [PATCH 34/35] Bump org.springframework.boot:spring-boot-starter-parent Bumps [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) from 3.3.1 to 3.3.2. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v3.3.1...v3.3.2) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter-parent dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 4c3d505..da063a9 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ org.springframework.boot spring-boot-starter-parent - 3.3.1 + 3.3.2 From b1d6f34ed9a5ac248e420eaf888d652b30cb53a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lubo=C5=A1=20Ra=C4=8Dansk=C3=BD?= Date: Mon, 29 Jul 2024 14:12:39 +0200 Subject: [PATCH 35/35] Fix #276: Set release version to 1.8.0 (#278) * Fix #276: Set release version to 1.8.0 * Update Wultra dependencies --- pom.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pom.xml b/pom.xml index da063a9..a937f66 100644 --- a/pom.xml +++ b/pom.xml @@ -12,7 +12,7 @@ com.wultra.app mobile-utility-server - 1.8.0-SNAPSHOT + 1.8.0 war Mobile Utility Server Utility server with various features suitable for mobile apps @@ -61,8 +61,8 @@ UTF-8 - 1.8.0-SNAPSHOT - 1.10.0-SNAPSHOT + 1.8.0 + 1.10.0 1.78.1