From e3c532faf456db733ff783b859803b90bb98c410 Mon Sep 17 00:00:00 2001 From: anhefti Date: Tue, 21 Jun 2022 10:12:07 +0200 Subject: [PATCH] SEBSERV-313 for 1.3.4 patch --- .../sebserver/webservice/WebserviceInfo.java | 20 +++++++++++++ .../sebserver/webservice/WebserviceInit.java | 8 ++++++ .../impl/ClientConfigServiceImpl.java | 9 ++++-- .../weblayer/WebServiceSecurityConfig.java | 2 +- .../config/application-ws.properties | 2 +- .../exam/ExamAPIAccessTokenRequestTest.java | 28 +++++++++++++++++++ 6 files changed, 64 insertions(+), 5 deletions(-) diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/WebserviceInfo.java b/src/main/java/ch/ethz/seb/sebserver/webservice/WebserviceInfo.java index 6745b1d0..26800e63 100644 --- a/src/main/java/ch/ethz/seb/sebserver/webservice/WebserviceInfo.java +++ b/src/main/java/ch/ethz/seb/sebserver/webservice/WebserviceInfo.java @@ -22,6 +22,7 @@ import org.apache.commons.lang3.BooleanUtils; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Lazy; import org.springframework.core.env.Environment; import org.springframework.stereotype.Service; @@ -72,6 +73,13 @@ public class WebserviceInfo { private final WebserviceInfoDAO webserviceInfoDAO; private boolean isMaster = false; + @Value("${sebserver.webservice.api.admin.accessTokenValiditySeconds:3600}") + private int adminAccessTokenValSec; + @Value("${sebserver.webservice.api.admin.refreshTokenValiditySeconds:-1}") + private int adminRefreshTokenValSec; + @Value("${sebserver.webservice.api.exam.accessTokenValiditySeconds:43200}") + private int examAPITokenValiditySeconds; + public WebserviceInfo( final WebserviceInfoDAO webserviceInfoDAO, final Environment environment) { @@ -249,6 +257,18 @@ public class WebserviceInfo { .orElse(null); } + public int getAdminAccessTokenValSec() { + return this.adminAccessTokenValSec; + } + + public int getAdminRefreshTokenValSec() { + return this.adminRefreshTokenValSec; + } + + public int getExamAPITokenValiditySeconds() { + return this.examAPITokenValiditySeconds; + } + @Override public String toString() { final StringBuilder builder = new StringBuilder(); diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/WebserviceInit.java b/src/main/java/ch/ethz/seb/sebserver/webservice/WebserviceInit.java index b863ca27..42cbc5f9 100644 --- a/src/main/java/ch/ethz/seb/sebserver/webservice/WebserviceInit.java +++ b/src/main/java/ch/ethz/seb/sebserver/webservice/WebserviceInit.java @@ -150,6 +150,14 @@ public class WebserviceInit implements ApplicationListener"); SEBServerInit.INIT_LOGGER.info("----> HTTP Scheme {}", this.webserviceInfo.getHttpScheme()); SEBServerInit.INIT_LOGGER.info("---->"); + SEBServerInit.INIT_LOGGER.info("----> Access-Tokens:"); + SEBServerInit.INIT_LOGGER.info( + "----> admin API access token validity: " + this.webserviceInfo.getAdminAccessTokenValSec() + "s"); + SEBServerInit.INIT_LOGGER.info( + "----> admin API refresh token validity: " + this.webserviceInfo.getAdminRefreshTokenValSec() + "s"); + SEBServerInit.INIT_LOGGER.info( + "----> exam API access token validity: " + this.webserviceInfo.getExamAPITokenValiditySeconds() + "s"); + SEBServerInit.INIT_LOGGER.info("----> "); SEBServerInit.INIT_LOGGER.info("----> Property Override Test: {}", this.webserviceInfo.getTestProperty()); SEBServerInit.INIT_LOGGER.info("---->"); diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/sebconfig/impl/ClientConfigServiceImpl.java b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/sebconfig/impl/ClientConfigServiceImpl.java index a2ef6971..dc8951fb 100644 --- a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/sebconfig/impl/ClientConfigServiceImpl.java +++ b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/sebconfig/impl/ClientConfigServiceImpl.java @@ -169,6 +169,7 @@ public class ClientConfigServiceImpl implements ClientConfigService { private final WebserviceInfo webserviceInfo; private final CertificateDAO certificateDAO; private final long defaultPingInterval; + private final int examAPITokenValiditySeconds; protected ClientConfigServiceImpl( final SEBClientConfigDAO sebClientConfigDAO, @@ -178,7 +179,8 @@ public class ClientConfigServiceImpl implements ClientConfigService { final WebserviceInfo webserviceInfo, final CertificateDAO certificateDAO, @Qualifier(WebSecurityConfig.CLIENT_PASSWORD_ENCODER_BEAN_NAME) final PasswordEncoder clientPasswordEncoder, - @Value("${sebserver.webservice.api.exam.defaultPingInterval:1000}") final long defaultPingInterval) { + @Value("${sebserver.webservice.api.exam.defaultPingInterval:1000}") final long defaultPingInterval, + @Value("${sebserver.webservice.api.exam.accessTokenValiditySeconds:43200}") final int examAPITokenValiditySeconds) { this.sebClientConfigDAO = sebClientConfigDAO; this.clientCredentialService = clientCredentialService; @@ -188,6 +190,7 @@ public class ClientConfigServiceImpl implements ClientConfigService { this.webserviceInfo = webserviceInfo; this.certificateDAO = certificateDAO; this.defaultPingInterval = defaultPingInterval; + this.examAPITokenValiditySeconds = examAPITokenValiditySeconds; } @Override @@ -210,8 +213,8 @@ public class ClientConfigServiceImpl implements ClientConfigService { baseClientDetails.setScope(Collections.emptySet()); baseClientDetails.setClientSecret(Utils.toString(pwd)); - baseClientDetails.setAccessTokenValiditySeconds(-1); // not expiring - baseClientDetails.setRefreshTokenValiditySeconds(-1); // not expiring + baseClientDetails.setAccessTokenValiditySeconds(this.examAPITokenValiditySeconds); + baseClientDetails.setRefreshTokenValiditySeconds(-1); // not used, not expiring if (log.isDebugEnabled()) { log.debug("Created new BaseClientDetails for id: {}", clientName); diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/WebServiceSecurityConfig.java b/src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/WebServiceSecurityConfig.java index 722bdcb9..d4cd32ce 100644 --- a/src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/WebServiceSecurityConfig.java +++ b/src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/WebServiceSecurityConfig.java @@ -101,7 +101,7 @@ public class WebServiceSecurityConfig extends WebSecurityConfigurerAdapter { private Integer adminAccessTokenValSec; @Value("${sebserver.webservice.api.admin.refreshTokenValiditySeconds:-1}") private Integer adminRefreshTokenValSec; - @Value("${sebserver.webservice.api.exam.accessTokenValiditySeconds:3600}") + @Value("${sebserver.webservice.api.exam.accessTokenValiditySeconds:43200}") private Integer examAccessTokenValSec; @Lazy diff --git a/src/main/resources/config/application-ws.properties b/src/main/resources/config/application-ws.properties index b8d039a1..4724d3f1 100644 --- a/src/main/resources/config/application-ws.properties +++ b/src/main/resources/config/application-ws.properties @@ -61,7 +61,7 @@ sebserver.webservice.api.exam.config.init.prohibitedProcesses=config/initialProh sebserver.webservice.api.exam.endpoint=/exam-api sebserver.webservice.api.exam.endpoint.discovery=${sebserver.webservice.api.exam.endpoint}/discovery sebserver.webservice.api.exam.endpoint.v1=${sebserver.webservice.api.exam.endpoint}/v1 -sebserver.webservice.api.exam.accessTokenValiditySeconds=3600 +sebserver.webservice.api.exam.accessTokenValiditySeconds=43200 sebserver.webservice.api.exam.event-handling-strategy=SINGLE_EVENT_STORE_STRATEGY sebserver.webservice.api.exam.enable-indicator-cache=true sebserver.webservice.api.pagination.maxPageSize=500 diff --git a/src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/exam/ExamAPIAccessTokenRequestTest.java b/src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/exam/ExamAPIAccessTokenRequestTest.java index f3f25d4d..b1747ccd 100644 --- a/src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/exam/ExamAPIAccessTokenRequestTest.java +++ b/src/test/java/ch/ethz/seb/sebserver/webservice/integration/api/exam/ExamAPIAccessTokenRequestTest.java @@ -9,9 +9,18 @@ package ch.ethz.seb.sebserver.webservice.integration.api.exam; import static org.junit.Assert.assertNotNull; +import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic; +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; import org.junit.Test; +import org.springframework.boot.json.JacksonJsonParser; +import org.springframework.http.MediaType; import org.springframework.test.context.jdbc.Sql; +import org.springframework.test.web.servlet.ResultActions; +import org.springframework.util.LinkedMultiValueMap; +import org.springframework.util.MultiValueMap; @Sql(scripts = { "classpath:schema-test.sql", "classpath:data-test.sql", "classpath:data-test-additional.sql" }) public class ExamAPIAccessTokenRequestTest extends ExamAPIIntegrationTester { @@ -22,4 +31,23 @@ public class ExamAPIAccessTokenRequestTest extends ExamAPIIntegrationTester { assertNotNull(accessToken); } + @Test + public void testAccessTokenResponse() throws Exception { + final MultiValueMap params = new LinkedMultiValueMap<>(); + params.add("grant_type", "client_credentials"); + params.add("scope", "read write"); + + final ResultActions result = this.mockMvc.perform(post("/oauth/token") + .params(params) + .with(httpBasic("test", "test")) + .accept(MediaType.APPLICATION_JSON_VALUE)) + .andExpect(status().isOk()) + .andExpect(content().contentType(MediaType.APPLICATION_JSON_UTF8_VALUE)); + + final String resultString = result.andReturn().getResponse().getContentAsString(); + final JacksonJsonParser jsonParser = new JacksonJsonParser(); + final Object expiry = jsonParser.parseMap(resultString).get("expires_in"); + assertNotNull(expiry); + } + }