Skip to content

Commit

Permalink
Prevent duplicate client creation (#12)
Browse files Browse the repository at this point in the history 
* Enhance robustness for client and adapter creation.
* Avoid sending errors when client/adapter is missing.
* Correct kafka domainContext titles.
  • Loading branch information
@trondsevre
trondsevre authored Oct 26, 2023
1 parent 6c28325 commit d138568
Show file tree
Hide file tree
Showing 6 changed files with 60 additions and 24 deletions.
2 changes: 1 addition & 1 deletion src/main/java/no/fintlabs/portal/model/FintCustomerObjectHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ protected FintCustomerObjectHandler(EntityTopicService entityTopicService, Entit
entityTopic = EntityTopicNameParameters
.builder()
.orgId("flais.io") // Optional if set as application property
.domainContext("fint-service") // Optional if set as application property
.domainContext("fint-customer-objects") // Optional if set as application property
.resource(objectType.getSimpleName().toLowerCase())
.build();
}
Expand Down
31 changes: 26 additions & 5 deletions src/main/java/no/fintlabs/portal/model/adapter/AdapterService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,16 +84,26 @@ public String getClientSecret(Adapter adapter) {

@Override
public void encryptClientSecret(Adapter adapter, String publicKeyString) {
adapter.setClientSecret(secretService.encryptPassword(
namOAuthClientService.getOAuthClient(adapter.getClientId()).getClientSecret(),
publicKeyString
));
try {
adapter.setClientSecret(secretService.encryptPassword(
namOAuthClientService.getOAuthClient(adapter.getClientId()).getClientSecret(),
publicKeyString
));
} catch (Exception e) {
log.error("Error when encrypting clientSecret" , e);
}

db.save(adapter);
}

@Override
public void resetAndEncryptPassword(Adapter adapter, String privateKeyString) {
adapter.setPassword(secretService.encryptPassword(resetAdapterPassword(adapter), privateKeyString));
try {
adapter.setPassword(secretService.encryptPassword(resetAdapterPassword(adapter), privateKeyString));
} catch (Exception e) {
log.error("Error when encrypting password" , e);
}

db.save(adapter);
}

Expand Down Expand Up @@ -122,6 +132,17 @@ public Optional<Adapter> getAdapterByDnFromLdap(String dn) {
}

public Optional<Adapter> updateAdapter(Adapter adapter) {

if (!StringUtils.hasText(adapter.getPassword()) && StringUtils.hasText(adapter.getPublicKey())) {
resetAndEncryptPassword(adapter, adapter.getPublicKey());
log.warn("Get password because it's empty");
}

if (!StringUtils.hasText(adapter.getClientSecret()) && StringUtils.hasText(adapter.getPublicKey())) {
encryptClientSecret(adapter, adapter.getPublicKey());
log.warn("Get clientSecret from nam because it's empty");
}

if (ldapService.updateEntry(adapter)) {
return getAdapterByDnFromLdap(adapter.getDn())
.map(updatedAdapter -> db.findById(LdapNameBuilder.newInstance(Objects.requireNonNull(updatedAdapter.getDn())).build())
Expand Down
8 changes: 6 additions & 2 deletions src/main/java/no/fintlabs/portal/model/adapter/GetAdapterHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,11 @@ public String operation() {

@Override
public Adapter apply(ConsumerRecord<String, AdapterEvent> consumerRecord, Organisation organisation) {
return adapterService.getAdapterByDn(consumerRecord.value().getObject().getDn())
.orElseThrow(() -> new RuntimeException("Unable to find adapter: " + consumerRecord.value().getObject().getDn()));
String adapterDn = consumerRecord.value().getObject().getDn();
return adapterService.getAdapterByDn(adapterDn)
.orElseGet(() -> {
log.warn("Unable to find adapter: {}", adapterDn);
return null;
});
}
}
29 changes: 17 additions & 12 deletions src/main/java/no/fintlabs/portal/model/client/ClientService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,13 +71,7 @@ public Optional<Client> addClient(Client client, Organisation organisation) {
.map(createdClient -> {
createdClient.setPublicKey(client.getPublicKey());
resetAndEncryptPassword(createdClient, createdClient.getPublicKey());

try {
encryptClientSecret(createdClient, createdClient.getPublicKey());
} catch (Exception e){
log.error("Error in encrypt client secret ", e);
createdClient.setClientSecret(null);
}
encryptClientSecret(createdClient, createdClient.getPublicKey());

db.save(createdClient);

Expand All @@ -98,16 +92,27 @@ public String getClientSecret(Client client) {

@Override
public void encryptClientSecret(Client client, String publicKeyString) {
client.setClientSecret(secretService.encryptPassword(
namOAuthClientService.getOAuthClient(client.getClientId()).getClientSecret(),
publicKeyString
));
try {
client.setClientSecret(secretService.encryptPassword(
namOAuthClientService.getOAuthClient(client.getClientId()).getClientSecret(),
publicKeyString
));
} catch (Exception e) {
log.error("Error when encrypt clientSecret ", e);
client.setClientSecret(null);
}

db.save(client);
}

@Override
public void resetAndEncryptPassword(Client client, String privateKeyString) {
client.setPassword(secretService.encryptPassword(resetClientPassword(client), privateKeyString));
try {
client.setPassword(secretService.encryptPassword(resetClientPassword(client), privateKeyString));
} catch (Exception e) {
log.error("Error when encrypt clientSecret ", e);
client.setPassword(null);
}
db.save(client);
}

Expand Down
10 changes: 8 additions & 2 deletions src/main/java/no/fintlabs/portal/model/client/GetClientHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@
import org.apache.kafka.clients.consumer.ConsumerRecord;
import org.springframework.stereotype.Component;

import java.util.Optional;

@Slf4j
@Component
public class GetClientHandler extends FintCustomerObjectWithSecretsHandler<Client, ClientEvent, ClientService> {
Expand All @@ -28,7 +30,11 @@ public String operation() {

@Override
public Client apply(ConsumerRecord<String, ClientEvent> consumerRecord, Organisation organisation) {
return clientService.getClientByDn(consumerRecord.value().getObject().getDn())
.orElseThrow(() -> new RuntimeException("Unable to find client: " + consumerRecord.value().getObject().getDn()));
String clientDn = consumerRecord.value().getObject().getDn();
return clientService.getClientByDn(clientDn)
.orElseGet(() -> {
log.warn("Unable to find client: {}", clientDn);
return null;
});
}
}
4 changes: 2 additions & 2 deletions src/main/java/no/fintlabs/portal/model/organisation/OrganisationEventHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ public OrganisationEventHandler(EventTopicService eventTopicService, EventConsum
organisationCreatedTopic = EventTopicNameParameters
.builder()
.orgId("flais.io") // Optional if set as application property
.domainContext("fint-service") // Optional if set as application property
.domainContext("fint-customer-objects") // Optional if set as application property
.eventName("organisation-created")
.build();

Expand All @@ -45,7 +45,7 @@ public void init() {
EventTopicNameParameters createOrganisationTopic = EventTopicNameParameters
.builder()
.orgId("flais.io") // Optional if set as application property
.domainContext("fint-service") // Optional if set as application property
.domainContext("fint-customer-objects") // Optional if set as application property
.eventName("new-organisation")
.build();
eventTopicService.ensureTopic(createOrganisationTopic, Duration.ofHours(48).toMillis());
Expand Down

0 comments on commit d138568

Please sign in to comment.