update dice endpoints

eisbilir · eisbilir · commit f6aa138ecec4 · 2022-08-03T10:25:26.000+03:00
diff --git a/buildtokenproperties.sh b/buildtokenproperties.sh
@@ -18,12 +18,7 @@ AUTH0_NEW_NONINTERACTIVE_ID_SECRET=$(eval "echo \$${ENV}_AUTH0_NEW_NONINTERACTIV
 DICEAUTH_DICE_URL=$(eval "echo \$${ENV}_DICEAUTH_DICE_URL")
 DICEAUTH_DICE_API_URL=$(eval "echo \$${ENV}_DICEAUTH_DICE_API_URL")
 DICEAUTH_DICE_VERIFIER=$(eval "echo \$${ENV}_DICEAUTH_DICE_VERIFIER")
-DICEAUTH_ID=$(eval "echo \$${ENV}_DICEAUTH_ID")
-DICEAUTH_ID_SECRET=$(eval "echo \$${ENV}_DICEAUTH_ID_SECRET")
-DICEAUTH_PASSWORD=$(eval "echo \$${ENV}_DICEAUTH_PASSWORD")
-DICEAUTH_SCOPE=$(eval "echo \$${ENV}_DICEAUTH_SCOPE")
-DICEAUTH_TENANT=$(eval "echo \$${ENV}_DICEAUTH_TENANT")
-DICEAUTH_USERNAME=$(eval "echo \$${ENV}_DICEAUTH_USERNAME")
+DICEAUTH_DICE_API_KEY=$(eval "echo \$${ENV}_DICEAUTH_DICE_API_KEY")
 DICEAUTH_CREDDEFID=$(eval "echo \$${ENV}_DICEAUTH_CREDDEFID")
 ZENDESK_ID=$(eval "echo \$${ENV}_ZENDESK_ID")
 SERVICEACC02_UID=$(eval "echo \$${ENV}_SERVICEACC02_UID")
@@ -97,12 +92,7 @@ perl -pi -e "s/\{\{AUTH0_NEW_NONINTERACTIVE_ID_SECRET\}\}/$AUTH0_NEW_NONINTERACT
 perl -pi -e "s|\{\{DICEAUTH_DICE_URL\}\}|$DICEAUTH_DICE_URL|g" $CONFFILENAME 
 perl -pi -e "s|\{\{DICEAUTH_DICE_API_URL\}\}|$DICEAUTH_DICE_API_URL|g" $CONFFILENAME 
 perl -pi -e "s|\{\{DICEAUTH_DICE_VERIFIER\}\}|$DICEAUTH_DICE_VERIFIER|g" $CONFFILENAME 
-perl -pi -e "s/\{\{DICEAUTH_ID\}\}/$DICEAUTH_ID/g" $CONFFILENAME 
-perl -pi -e "s/\{\{DICEAUTH_ID_SECRET\}\}/$DICEAUTH_ID_SECRET/g" $CONFFILENAME 
-perl -pi -e "s|\{\{DICEAUTH_PASSWORD\}\}|$DICEAUTH_PASSWORD|g" $CONFFILENAME 
-perl -pi -e "s/\{\{DICEAUTH_SCOPE\}\}/$DICEAUTH_SCOPE/g" $CONFFILENAME 
-perl -pi -e "s/\{\{DICEAUTH_TENANT\}\}/$DICEAUTH_TENANT/g" $CONFFILENAME 
-perl -pi -e "s/\{\{DICEAUTH_USERNAME\}\}/$DICEAUTH_USERNAME/g" $CONFFILENAME 
+perl -pi -e "s|\{\{DICEAUTH_DICE_API_KEY\}\}|$DICEAUTH_DICE_API_KEY|g" $CONFFILENAME 
 perl -pi -e "s/\{\{DICEAUTH_CREDDEFID\}\}/$DICEAUTH_CREDDEFID/g" $CONFFILENAME 
 perl -pi -e "s/\{\{ZENDESK_KEY\}\}/$ZENDESK_KEY/g" $CONFFILENAME 
 perl -pi -e "s/\{\{ZENDESK_ID\}\}/$ZENDESK_ID/g" $CONFFILENAME 
diff --git a/src/main/java/com/appirio/tech/core/service/identity/resource/UserResource.java b/src/main/java/com/appirio/tech/core/service/identity/resource/UserResource.java
@@ -1549,7 +1549,7 @@ public ApiResponse updateUser2fa(
             try {
                 response = new Request(diceAuth.getDiceApiUrl() + "/connection/invitation", "POST")
                         .param("emailId", user2faInDb.getEmail())
-                        .header("Authorization", "Bearer " + diceAuth.getToken())
+                        .header("x-api-key", diceAuth.getDiceApiKey())
                         .execute();
             } catch (Exception e) {
                 logger.error("Error when calling 2fa submit api", e);
@@ -1625,7 +1625,7 @@ public ApiResponse issueCredentials(
         Response response;
         try {
             response = new Request(diceAuth.getDiceApiUrl() + "/cred/issuance/offer", "POST")
-                    .header("Authorization", "Bearer " + diceAuth.getToken())
+                    .header("x-api-key", diceAuth.getDiceApiKey())
                     .json(mapper.writeValueAsString(body))
                     .execute();
         } catch (JsonProcessingException e) {
diff --git a/src/main/java/com/appirio/tech/core/service/identity/util/auth/DICEAuth.java b/src/main/java/com/appirio/tech/core/service/identity/util/auth/DICEAuth.java
@@ -1,23 +1,8 @@
 package com.appirio.tech.core.service.identity.util.auth;
 
-import java.net.HttpURLConnection;
-import java.util.Date;
-
 import javax.validation.constraints.NotNull;
 
-import org.apache.log4j.Logger;
-
-import com.appirio.tech.core.api.v3.exception.APIRuntimeException;
-import com.appirio.tech.core.api.v3.util.jwt.InvalidTokenException;
-import com.appirio.tech.core.service.identity.util.HttpUtil.Request;
-import com.appirio.tech.core.service.identity.util.HttpUtil.Response;
-import com.auth0.jwt.JWT;
-import com.auth0.jwt.exceptions.JWTDecodeException;
-import com.auth0.jwt.interfaces.DecodedJWT;
-import com.fasterxml.jackson.databind.ObjectMapper;
-
 public class DICEAuth {
-    private static final Logger logger = Logger.getLogger(Auth0Client.class);
 
     @NotNull
     private String diceUrl;
@@ -29,44 +14,21 @@ public class DICEAuth {
     private String diceVerifier;
 
     @NotNull
-    private String tenant;
-
-    @NotNull
-    private String username;
-
-    @NotNull
-    private String password;
-
-    @NotNull
-    private String scope;
-
-    @NotNull
-    private String clientId;
-
-    @NotNull
-    private String clientSecret;
+    private String diceApiKey;
 
     @NotNull
     private String credDefId;
 
     private String credPreview = "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/issue-credential/1.0/credential-preview";
 
-    private String cachedToken;
-
     public DICEAuth() {
     }
 
-    public DICEAuth(String diceUrl, String diceApiUrl, String diceVerifier, String tenant, String username,
-            String password, String scope, String clientId, String clientSecret, String credDefId) {
+    public DICEAuth(String diceUrl, String diceApiUrl, String diceVerifier, String diceApiKey, String credDefId) {
         this.diceUrl = diceUrl;
         this.diceApiUrl = diceApiUrl;
         this.diceVerifier = diceVerifier;
-        this.tenant = tenant;
-        this.username = username;
-        this.password = password;
-        this.scope = scope;
-        this.clientId = clientId;
-        this.clientSecret = clientSecret;
+        this.diceApiKey = diceApiKey;
         this.credDefId = credDefId;
     }
 
@@ -94,52 +56,12 @@ public void setDiceVerifier(String diceVerifier) {
         this.diceVerifier = diceVerifier;
     }
 
-    public String getTenant() {
-        return tenant;
-    }
-
-    public void setTenant(String tenant) {
-        this.tenant = tenant;
-    }
-
-    public String getUsername() {
-        return username;
-    }
-
-    public void setUsername(String username) {
-        this.username = username;
-    }
-
-    public String getPassword() {
-        return password;
-    }
-
-    public void setPassword(String password) {
-        this.password = password;
+    public String getDiceApiKey() {
+        return diceApiKey;
     }
 
-    public String getScope() {
-        return scope;
-    }
-
-    public void setScope(String scope) {
-        this.scope = scope;
-    }
-
-    public String getClientId() {
-        return clientId;
-    }
-
-    public void setClientId(String clientId) {
-        this.clientId = clientId;
-    }
-
-    public String getClientSecret() {
-        return clientSecret;
-    }
-
-    public void setClientSecret(String clientSecret) {
-        this.clientSecret = clientSecret;
+    public void setDiceApiKey(String diceApiKey) {
+        this.diceApiKey = diceApiKey;
     }
 
     public String getCredDefId() {
@@ -157,56 +79,4 @@ public String getCredPreview() {
     public void setCredPreview(String credPreview) {
         this.credPreview = credPreview;
     }
-
-    public String getToken() throws Exception {
-        Boolean isCachedTokenExpired = false;
-        if (cachedToken != null) {
-            if (getTokenExpiryTime(cachedToken) <= 0) {
-                isCachedTokenExpired = true;
-                logger.info("Application cached token expired");
-            }
-        }
-        if (cachedToken == null || isCachedTokenExpired) {
-            String url = "https://login.microsoftonline.com/" + getTenant() + "/oauth2/v2.0/token";
-            Response response = new Request(url, "POST")
-                    .param("grant_type", "password")
-                    .param("username", getUsername())
-                    .param("password", getPassword())
-                    .param("scope", getScope())
-                    .param("client_id", getClientId())
-                    .param("client_secret", getClientSecret()).execute();
-            if (response.getStatusCode() != HttpURLConnection.HTTP_OK) {
-                throw new APIRuntimeException(HttpURLConnection.HTTP_INTERNAL_ERROR,
-                        String.format("Got unexpected response from remote service. %d %s", response.getStatusCode(),
-                                response.getText()));
-            }
-            cachedToken = new ObjectMapper().readValue(response.getText(), Auth0Credential.class).getIdToken();
-            logger.info("Fetched token from URL: " + url);
-        }
-        return cachedToken;
-    }
-
-    /**
-     * Get token expiry time in seconds
-     *
-     * @param token JWT token
-     *              throws Exception if any error occurs
-     * @return the Integer result
-     */
-    private Integer getTokenExpiryTime(String token) throws Exception {
-        DecodedJWT decodedJWT = null;
-        Integer tokenExpiryTime = 0;
-        if (token != null) {
-            try {
-                decodedJWT = JWT.decode(token);
-            } catch (JWTDecodeException e) {
-                throw new InvalidTokenException(token, "Error occurred in decoding token. " + e.getLocalizedMessage(),
-                        e);
-            }
-            Date tokenExpiryDate = decodedJWT.getExpiresAt();
-            Long tokenExpiryTimeInMilliSeconds = tokenExpiryDate.getTime() - (new Date().getTime()) - 60 * 1000;
-            tokenExpiryTime = (int) Math.floor(tokenExpiryTimeInMilliSeconds / 1000);
-        }
-        return tokenExpiryTime;
-    }
 }
diff --git a/src/main/resources/config.yml b/src/main/resources/config.yml
@@ -97,12 +97,7 @@ diceAuth:
   diceUrl: @diceAuth.diceUrl@
   diceApiUrl: @diceAuth.diceApiUrl@
   diceVerifier: @diceAuth.diceVerifier@
-  clientId: @diceAuth.clientId@
-  clientSecret: @diceAuth.clientSecret@
-  password: @diceAuth.password@
-  scope: @diceAuth.scope@
-  tenant: @diceAuth.tenant@
-  username: @diceAuth.username@
+  diceApiKey: @diceAuth.diceApiKey@
   credDefId: @diceAuth.credDefId@
 
 # Authorized accounts
diff --git a/src/main/resources/config.yml.localdev b/src/main/resources/config.yml.localdev
@@ -89,12 +89,7 @@ diceAuth:
   diceUrl: dummy
   diceApiUrl: dummy
   diceVerifier: dummy
-  clientId: dummy
-  clientSecret: dummy
-  password: dummy
-  scope: dummy
-  tenant: dummy
-  username: dummy
+  diceApiKey: dummy
   credDefId: dummy
 
 # LDAP Settings
diff --git a/token.properties.localdev b/token.properties.localdev
@@ -34,12 +34,7 @@
 @diceAuth.diceUrl@=dummy
 @diceAuth.diceApiUrl@=dummy
 @diceAuth.diceVerifier@=dummy
-@diceAuth.clientId@=dummy
-@diceAuth.clientSecret@=dummy
-@diceAuth.password@=dummy
-@diceAuth.scope@=dummy
-@diceAuth.tenant@=dummy
-@diceAuth.username@=dummy
+@diceAuth.diceApiKey@=dummy
 @diceAuth.credDefId@=dummy
 
 @zendesk.secret@=ZENDESK_SECRET
diff --git a/token.properties.template b/token.properties.template
@@ -54,12 +54,7 @@
 @diceAuth.diceUrl@={{DICEAUTH_DICE_URL}}
 @diceAuth.diceApiUrl@={{DICEAUTH_DICE_API_URL}}
 @diceAuth.diceVerifier@={{DICEAUTH_DICE_VERIFIER}}
-@diceAuth.clientId@={{DICEAUTH_ID}}
-@diceAuth.clientSecret@={{DICEAUTH_ID_SECRET}}
-@diceAuth.password@={{DICEAUTH_PASSWORD}}
-@diceAuth.scope@={{DICEAUTH_SCOPE}}
-@diceAuth.tenant@={{DICEAUTH_TENANT}}
-@diceAuth.username@={{DICEAUTH_USERNAME}}
+@diceAuth.diceApiKey@={{DICEAUTH_DICE_API_KEY}}
 @diceAuth.credDefId@={{DICEAUTH_CREDDEFID}}
 
 @zendesk.secret@={{ZENDESK_KEY}}
