diff --git a/src/addons/messagelog/messagelog-addon/asic/src/main/java/ee/ria/xroad/proxy/clientproxy/AsicContainerHandler.java b/src/addons/messagelog/messagelog-addon/asic/src/main/java/ee/ria/xroad/proxy/clientproxy/AsicContainerHandler.java index 530a691ee7..f4eb98d89c 100644 --- a/src/addons/messagelog/messagelog-addon/asic/src/main/java/ee/ria/xroad/proxy/clientproxy/AsicContainerHandler.java +++ b/src/addons/messagelog/messagelog-addon/asic/src/main/java/ee/ria/xroad/proxy/clientproxy/AsicContainerHandler.java @@ -29,7 +29,7 @@ import ee.ria.xroad.common.cert.CertChainFactory; import ee.ria.xroad.common.conf.globalconf.GlobalConfProvider; import ee.ria.xroad.common.conf.serverconf.ServerConfProvider; -import ee.ria.xroad.common.messagelog.MessageLogDbContextHolder; +import ee.ria.xroad.common.db.DatabaseCtxV2; import ee.ria.xroad.common.opmonitoring.OpMonitoringData; import ee.ria.xroad.common.util.RequestWrapper; import ee.ria.xroad.common.util.ResponseWrapper; @@ -56,9 +56,10 @@ public class AsicContainerHandler extends AbstractClientProxyHandler { * Constructor */ public AsicContainerHandler(GlobalConfProvider globalConfProvider, KeyConfProvider keyConfProvider, - ServerConfProvider serverConfProvider, CertChainFactory certChainFactory, HttpClient client) { + ServerConfProvider serverConfProvider, CertChainFactory certChainFactory, HttpClient client, + DatabaseCtxV2 messagelogDatabaseCtx) { super(globalConfProvider, keyConfProvider, serverConfProvider, certChainFactory, client, false); - this.logRecordManager = new LogRecordManager(MessageLogDbContextHolder.instance()); + this.logRecordManager = new LogRecordManager(messagelogDatabaseCtx); } @Override diff --git a/src/addons/metaservice/build.gradle b/src/addons/metaservice/build.gradle index 8e2c1d923e..53d63d6187 100644 --- a/src/addons/metaservice/build.gradle +++ b/src/addons/metaservice/build.gradle @@ -39,8 +39,7 @@ tasks.register('runMetaserviceTest', JavaExec) { '-Dxroad.proxy.client-connector-so-linger=-1', '-Dxroad.proxy.client-httpclient-so-linger=-1', '-Dxroad.proxy.server-connector-so-linger=-1', - '-Dxroad.proxy.serverServiceHandlers=ee.ria.xroad.proxy.serverproxy.MetadataServiceHandlerImpl', - '-Dxroad.proxy.clientHandlers=ee.ria.xroad.proxy.clientproxy.MetadataHandler', + '-Dxroad.proxy.addon.metaservices.enabled=true', '-Dxroad.proxy.grpc-tls-enabled=false', '-Dtest.queries.dir=src/test/queries' diff --git a/src/addons/metaservice/src/main/java/ee/ria/xroad/proxy/serverproxy/MetadataServiceHandlerImpl.java b/src/addons/metaservice/src/main/java/ee/ria/xroad/proxy/serverproxy/MetadataServiceHandlerImpl.java index d6d2fb20dc..801a8740e6 100644 --- a/src/addons/metaservice/src/main/java/ee/ria/xroad/proxy/serverproxy/MetadataServiceHandlerImpl.java +++ b/src/addons/metaservice/src/main/java/ee/ria/xroad/proxy/serverproxy/MetadataServiceHandlerImpl.java @@ -97,7 +97,7 @@ import static ee.ria.xroad.proxy.util.MetadataRequests.LIST_METHODS; @Slf4j -class MetadataServiceHandlerImpl extends AbstractServiceHandler { +public class MetadataServiceHandlerImpl extends AbstractServiceHandler { static final JAXBContext JAXB_CTX = initJaxbCtx(); static final ObjectFactory OBJECT_FACTORY = new ObjectFactory(); @@ -115,7 +115,7 @@ class MetadataServiceHandlerImpl extends AbstractServiceHandler { private static final SAXTransformerFactory TRANSFORMER_FACTORY = createSaxTransformerFactory(); - protected MetadataServiceHandlerImpl(ServerConfProvider serverConfProvider, GlobalConfProvider globalConfProvider) { + public MetadataServiceHandlerImpl(ServerConfProvider serverConfProvider, GlobalConfProvider globalConfProvider) { super(serverConfProvider, globalConfProvider); wsdlHttpClientCreator = new HttpClientCreator(serverConfProvider); } diff --git a/src/addons/op-monitoring/src/main/java/ee/ria/xroad/proxy/serverproxy/OpMonitoringServiceHandlerImpl.java b/src/addons/op-monitoring/src/main/java/ee/ria/xroad/proxy/serverproxy/OpMonitoringServiceHandlerImpl.java index d2f9bdc072..4db1dcc6c4 100644 --- a/src/addons/op-monitoring/src/main/java/ee/ria/xroad/proxy/serverproxy/OpMonitoringServiceHandlerImpl.java +++ b/src/addons/op-monitoring/src/main/java/ee/ria/xroad/proxy/serverproxy/OpMonitoringServiceHandlerImpl.java @@ -69,7 +69,7 @@ public class OpMonitoringServiceHandlerImpl extends AbstractServiceHandler { private HttpSender sender; - protected OpMonitoringServiceHandlerImpl(ServerConfProvider serverConfProvider, GlobalConfProvider globalConfProvider) { + public OpMonitoringServiceHandlerImpl(ServerConfProvider serverConfProvider, GlobalConfProvider globalConfProvider) { super(serverConfProvider, globalConfProvider); } diff --git a/src/addons/proxymonitor/metaservice/build.gradle b/src/addons/proxymonitor/metaservice/build.gradle index e39b60156d..70dc9db5bc 100644 --- a/src/addons/proxymonitor/metaservice/build.gradle +++ b/src/addons/proxymonitor/metaservice/build.gradle @@ -1,6 +1,6 @@ plugins { id 'java' - alias(libs.plugins.shadow) +// alias(libs.plugins.shadow) } project.ext.schemaTargetDir = layout.buildDirectory.dir("generated-sources").get().asFile @@ -39,21 +39,21 @@ tasks.register('createDirs') { } } -jar { - enabled = false -} +//jar { +// enabled = true +//} -shadowJar { - archiveClassifier = '' - exclude('**/module-info.class') - dependencies { - include(project(':addons:proxymonitor-common')) - include(project(':monitor-common')) - } - mergeServiceFiles() -} +//shadowJar { +// archiveClassifier = '' +// exclude('**/module-info.class') +// dependencies { +// include(project(':addons:proxymonitor-common')) +// include(project(':monitor-common')) +// } +// mergeServiceFiles() +//} -build.dependsOn shadowJar +//build.dependsOn shadowJar compileJava.dependsOn processResources @@ -74,7 +74,7 @@ tasks.register('runProxymonitorMetaserviceTest', JavaExec) { '-Dxroad.proxy.client-connector-so-linger=-1', '-Dxroad.proxy.client-httpclient-so-linger=-1', '-Dxroad.proxy.server-connector-so-linger=-1', - '-Dxroad.proxy.serverServiceHandlers=ee.ria.xroad.proxy.serverproxy.ProxyMonitorServiceHandlerImpl', + '-Dxroad.proxy.addon.proxymonitor.enabled=true', '-Dxroad.proxy.grpc-tls-enabled=false', '-Dtest.queries.dir=src/test/queries' diff --git a/src/addons/proxymonitor/metaservice/src/main/java/ee/ria/xroad/proxy/serverproxy/ProxyMonitorServiceHandlerImpl.java b/src/addons/proxymonitor/metaservice/src/main/java/ee/ria/xroad/proxy/serverproxy/ProxyMonitorServiceHandlerImpl.java index d6e46abf02..8a97a2c3d1 100644 --- a/src/addons/proxymonitor/metaservice/src/main/java/ee/ria/xroad/proxy/serverproxy/ProxyMonitorServiceHandlerImpl.java +++ b/src/addons/proxymonitor/metaservice/src/main/java/ee/ria/xroad/proxy/serverproxy/ProxyMonitorServiceHandlerImpl.java @@ -81,7 +81,7 @@ public class ProxyMonitorServiceHandlerImpl extends AbstractServiceHandler { private SoapMessageEncoder responseEncoder; - protected ProxyMonitorServiceHandlerImpl(ServerConfProvider serverConfProvider, GlobalConfProvider globalConfProvider) { + public ProxyMonitorServiceHandlerImpl(ServerConfProvider serverConfProvider, GlobalConfProvider globalConfProvider) { super(serverConfProvider, globalConfProvider); } diff --git a/src/common/common-core/src/main/java/ee/ria/xroad/common/SystemProperties.java b/src/common/common-core/src/main/java/ee/ria/xroad/common/SystemProperties.java index d5cf06360d..c87d4946df 100644 --- a/src/common/common-core/src/main/java/ee/ria/xroad/common/SystemProperties.java +++ b/src/common/common-core/src/main/java/ee/ria/xroad/common/SystemProperties.java @@ -505,12 +505,6 @@ public enum AllowedFederationMode { // Proxy UI --------------------------------------------------------------- - /** - * Property name of the WSDL validator command. - */ - public static final String WSDL_VALIDATOR_COMMAND = - PREFIX + "proxy-ui-api.wsdl-validator-command"; - /** * Property name of the signature digest algorithm ID used for generating authentication certificate * registration request. @@ -795,13 +789,6 @@ public static String getDeviceConfFile() { getConfPath() + DefaultFilepaths.DEVICE_CONFIGURATION_FILE); } - /** - * @return WSDL validator command string. Defaults to null. - */ - public static String getWsdlValidatorCommand() { - return SystemPropertySource.getPropertyResolver().getProperty(WSDL_VALIDATOR_COMMAND); - } - /** * @return signature digest algorithm ID used for generating authentication certificate registration request, * SHA-512 by default. diff --git a/src/common/common-int-test/src/main/java/org/niis/xroad/common/test/signer/container/BaseTestSignerSetup.java b/src/common/common-int-test/src/main/java/org/niis/xroad/common/test/signer/container/BaseTestSignerSetup.java index be2460cfc6..321f0c8c36 100644 --- a/src/common/common-int-test/src/main/java/org/niis/xroad/common/test/signer/container/BaseTestSignerSetup.java +++ b/src/common/common-int-test/src/main/java/org/niis/xroad/common/test/signer/container/BaseTestSignerSetup.java @@ -47,7 +47,7 @@ @Slf4j @SuppressWarnings("checkstyle:MagicNumber") public abstract class BaseTestSignerSetup { - private static final String PKCS11_WRAPPER_FILENAME = "libpkcs11wrapper.so"; + private static final String PKCS11_WRAPPER_FILENAME = "libpkcs11-wrapper.so"; static { //This is to set docker api version in testcontainers. By default it uses 1.32, which does not support platform setting. @@ -56,13 +56,12 @@ public abstract class BaseTestSignerSetup { public TestContainerConfigurator testContainerConfigurator( TestableContainerProperties testableContainerProperties, - String signerPath, String hwTokenPath) { + String signerPath) { return new TestContainerConfigurator() { @NotNull @Override public ImageFromDockerfile imageDefinition() { var appJarPath = Paths.get(signerPath); - var hwTokenJarPath = Paths.get(hwTokenPath); log.info("Will use {} jar for container creation", appJarPath); @@ -73,7 +72,6 @@ public ImageFromDockerfile imageDefinition() { testableContainerProperties.getReuseBetweenRuns()) .withFileFromFile(".", filesToAdd) .withFileFromPath("files/lib/%s".formatted(PKCS11_WRAPPER_FILENAME), getPkcsWrapperPath()) - .withFileFromPath("files/lib/hwtoken.jar", hwTokenJarPath) .withFileFromPath("files/app.jar", appJarPath); } @@ -96,7 +94,6 @@ private Path getPkcsWrapperPath() { default -> throw new IllegalStateException("Unsupported arch: " + SystemUtils.OS_ARCH); }; return Paths.get("../../libs/pkcs11wrapper/%s/%s".formatted(archDir, PKCS11_WRAPPER_FILENAME)); - } }; } @@ -108,7 +105,7 @@ public TestContainerConfigurator.TestContainerInitListener testContainerInitList @SuppressWarnings("squid:S2068") public void beforeStart(@NotNull GenericContainer genericContainer) { var modulemanager = enableHwModule - ? "-Dxroad.signer.moduleManagerImpl=ee.ria.xroad.signer.tokenmanager.module.HardwareModuleManagerImpl" + ? "-Dxroad.signer.addon.hwtoken.enabled=true" : ""; genericContainer diff --git a/src/libs/pkcs11wrapper/amd64/libpkcs11wrapper.so b/src/libs/pkcs11wrapper/amd64/libpkcs11-wrapper.so similarity index 100% rename from src/libs/pkcs11wrapper/amd64/libpkcs11wrapper.so rename to src/libs/pkcs11wrapper/amd64/libpkcs11-wrapper.so diff --git a/src/libs/pkcs11wrapper/arm64/libpkcs11wrapper.so b/src/libs/pkcs11wrapper/arm64/libpkcs11-wrapper.so similarity index 100% rename from src/libs/pkcs11wrapper/arm64/libpkcs11wrapper.so rename to src/libs/pkcs11wrapper/arm64/libpkcs11-wrapper.so diff --git a/src/libs/pkcs11wrapper/x86_64/libpkcs11wrapper.so b/src/libs/pkcs11wrapper/x86_64/libpkcs11-wrapper.so similarity index 100% rename from src/libs/pkcs11wrapper/x86_64/libpkcs11wrapper.so rename to src/libs/pkcs11wrapper/x86_64/libpkcs11-wrapper.so diff --git a/src/packages/src/xroad/common/addon/proxy/messagelog.conf.default b/src/packages/src/xroad/common/addon/proxy/messagelog.conf.default deleted file mode 100644 index eb334199be..0000000000 --- a/src/packages/src/xroad/common/addon/proxy/messagelog.conf.default +++ /dev/null @@ -1,4 +0,0 @@ -ADDON_CP="${ADDON_CP},${ADDON_PATH}/proxy/messagelog-addon.jar" -XROAD_ADDON_PARAMS="${XROAD_ADDON_PARAMS} -Dxroad.proxy.messageLogManagerImpl=ee.ria.xroad.proxy.messagelog.LogManager" -CLIENT_HANDLERS="${CLIENT_HANDLERS},ee.ria.xroad.proxy.clientproxy.AsicContainerHandler" - diff --git a/src/packages/src/xroad/common/addon/proxy/metaservices.conf b/src/packages/src/xroad/common/addon/proxy/metaservices.conf deleted file mode 100644 index e56d3b2e32..0000000000 --- a/src/packages/src/xroad/common/addon/proxy/metaservices.conf +++ /dev/null @@ -1,4 +0,0 @@ -ADDON_CP="${ADDON_CP},${ADDON_PATH}/proxy/metaservice-1.0.jar" -CLIENT_HANDLERS="${CLIENT_HANDLERS},ee.ria.xroad.proxy.clientproxy.MetadataHandler" -SERVICE_HANDLERS="${SERVICE_HANDLERS},ee.ria.xroad.proxy.serverproxy.MetadataServiceHandlerImpl" -SERVICE_REST_HANDLERS="${SERVICE_REST_HANDLERS},ee.ria.xroad.proxy.serverproxy.RestMetadataServiceHandlerImpl" diff --git a/src/packages/src/xroad/common/addon/proxy/opmonitoring.conf b/src/packages/src/xroad/common/addon/proxy/opmonitoring.conf deleted file mode 100644 index a090bee182..0000000000 --- a/src/packages/src/xroad/common/addon/proxy/opmonitoring.conf +++ /dev/null @@ -1,4 +0,0 @@ -ADDON_CP="${ADDON_CP},${ADDON_PATH}/proxy/op-monitoring-1.0.jar" -XROAD_ADDON_PARAMS="${XROAD_ADDON_PARAMS} -Dxroad.proxy.opMonitoringBufferImpl=ee.ria.xroad.proxy.opmonitoring.OpMonitoringBuffer" -SERVICE_HANDLERS="${SERVICE_HANDLERS},ee.ria.xroad.proxy.serverproxy.OpMonitoringServiceHandlerImpl" - diff --git a/src/packages/src/xroad/common/addon/proxy/proxymonitor-service.conf b/src/packages/src/xroad/common/addon/proxy/proxymonitor-service.conf deleted file mode 100644 index d7d17c938f..0000000000 --- a/src/packages/src/xroad/common/addon/proxy/proxymonitor-service.conf +++ /dev/null @@ -1,3 +0,0 @@ -ADDON_CP="${ADDON_CP},${ADDON_PATH}/proxy/proxymonitor-metaservice-1.0.jar" -SERVICE_HANDLERS="${SERVICE_HANDLERS},ee.ria.xroad.proxy.serverproxy.ProxyMonitorServiceHandlerImpl" - diff --git a/src/packages/src/xroad/common/addon/signer/hwtoken.conf b/src/packages/src/xroad/common/addon/signer/hwtoken.conf deleted file mode 100644 index 6059690d22..0000000000 --- a/src/packages/src/xroad/common/addon/signer/hwtoken.conf +++ /dev/null @@ -1,2 +0,0 @@ -ADDON_CP="${ADDON_CP},${ADDON_PATH}/signer/hwtoken-1.0.jar" -XROAD_ADDON_PARAMS="${XROAD_ADDON_PARAMS} -Dxroad.signer.moduleManagerImpl=ee.ria.xroad.signer.tokenmanager.module.HardwareModuleManagerImpl " diff --git a/src/packages/src/xroad/common/addon/wsdlvalidator/usr/share/xroad/wsdlvalidator/bin/wsdlvalidator_wrapper.sh b/src/packages/src/xroad/common/addon/wsdlvalidator/usr/share/xroad/wsdl-validator/bin/wsdlvalidator_wrapper.sh similarity index 78% rename from src/packages/src/xroad/common/addon/wsdlvalidator/usr/share/xroad/wsdlvalidator/bin/wsdlvalidator_wrapper.sh rename to src/packages/src/xroad/common/addon/wsdlvalidator/usr/share/xroad/wsdl-validator/bin/wsdlvalidator_wrapper.sh index 9c6a4ddb2b..edde8f9a53 100755 --- a/src/packages/src/xroad/common/addon/wsdlvalidator/usr/share/xroad/wsdlvalidator/bin/wsdlvalidator_wrapper.sh +++ b/src/packages/src/xroad/common/addon/wsdlvalidator/usr/share/xroad/wsdl-validator/bin/wsdlvalidator_wrapper.sh @@ -1,3 +1,3 @@ #!/bin/bash -WSDLVALIDATOR_HOME=/usr/share/xroad/wsdlvalidator +WSDLVALIDATOR_HOME=/usr/share/xroad/wsdl-validator exec java -Dee.ria.xroad.internalKeyStorePassword=internal -Dee.ria.xroad.internalKeyStore=/etc/xroad/ssl/internal.p12 -jar "$WSDLVALIDATOR_HOME/jlib/wsdlvalidator-1.0.jar" "$@" diff --git a/src/packages/src/xroad/common/addon/wsdlvalidator/usr/share/xroad/wsdlvalidator/doc/xroad6.wsdl b/src/packages/src/xroad/common/addon/wsdlvalidator/usr/share/xroad/wsdl-validator/doc/xroad6.wsdl similarity index 100% rename from src/packages/src/xroad/common/addon/wsdlvalidator/usr/share/xroad/wsdlvalidator/doc/xroad6.wsdl rename to src/packages/src/xroad/common/addon/wsdlvalidator/usr/share/xroad/wsdl-validator/doc/xroad6.wsdl diff --git a/src/packages/src/xroad/common/proxy/etc/xroad/services/proxy.conf b/src/packages/src/xroad/common/proxy/etc/xroad/services/proxy.conf index 7dd7b30656..d4c97ed531 100644 --- a/src/packages/src/xroad/common/proxy/etc/xroad/services/proxy.conf +++ b/src/packages/src/xroad/common/proxy/etc/xroad/services/proxy.conf @@ -7,9 +7,6 @@ XROAD_LOG_LEVEL="DEBUG" . /etc/xroad/services/global.conf -CLIENT_HANDLERS="" -SERVICE_HANDLERS="" - for addon in "${ADDON_PATH}"/proxy/*.conf do if [ -e "${addon}" ]; then @@ -21,8 +18,6 @@ CP="/usr/share/xroad/jlib/proxy.jar" XROAD_PROXY_PARAMS=" -Xms100m -Xmx512m -XX:MaxMetaspaceSize=135m \ -Djavax.net.ssl.sessionCacheSize=10000 \ --Dxroad.proxy.clientHandlers=${CLIENT_HANDLERS#?} \ --Dxroad.proxy.serverServiceHandlers=${SERVICE_HANDLERS#?} \ --Dxroad.proxy.serverRestServiceHandlers=${SERVICE_REST_HANDLERS#?} $XROAD_PROXY_PARAMS" +$XROAD_PROXY_PARAMS" apply_local_conf XROAD_PROXY_PARAMS diff --git a/src/packages/src/xroad/redhat/SPECS/xroad-signer.spec b/src/packages/src/xroad/redhat/SPECS/xroad-signer.spec index a83c71f921..8bd2e88a0d 100644 --- a/src/packages/src/xroad/redhat/SPECS/xroad-signer.spec +++ b/src/packages/src/xroad/redhat/SPECS/xroad-signer.spec @@ -59,12 +59,12 @@ cp -p %{srcdir}/../../../signer-console/build/libs/signer-console-1.0.jar %{buil #Copy arch specific libs %ifarch x86_64 -cp -p %{srcdir}/../../../libs/pkcs11wrapper/amd64/libpkcs11wrapper.so %{buildroot}/usr/share/xroad/lib/ +cp -p %{srcdir}/../../../libs/pkcs11wrapper/amd64/libpkcs11-wrapper.so %{buildroot}/usr/share/xroad/lib/ cp -p %{srcdir}/../../../libs/passwordstore/amd64/libpasswordstore.so %{buildroot}/usr/share/xroad/lib/ %endif %ifarch aarch64 -cp -p %{srcdir}/../../../libs/pkcs11wrapper/arm64/libpkcs11wrapper.so %{buildroot}/usr/share/xroad/lib/ +cp -p %{srcdir}/../../../libs/pkcs11wrapper/arm64/libpkcs11-wrapper.so %{buildroot}/usr/share/xroad/lib/ cp -p %{srcdir}/../../../libs/passwordstore/arm64/libpasswordstore.so %{buildroot}/usr/share/xroad/lib/ %endif @@ -94,7 +94,7 @@ rm -rf %{buildroot} /usr/share/xroad/jlib/signer.jar /usr/share/xroad/bin/signer-console /usr/share/xroad/jlib/signer-*.jar -/usr/share/xroad/lib/libpkcs11wrapper.so +/usr/share/xroad/lib/libpkcs11-wrapper.so %attr(754,root,xroad) /usr/share/xroad/bin/xroad-signer %attr(644,root,root) %{_unitdir}/xroad-signer.service diff --git a/src/packages/src/xroad/ubuntu/generic/control b/src/packages/src/xroad/ubuntu/generic/control index 7eb7ae2c59..28af2488df 100644 --- a/src/packages/src/xroad/ubuntu/generic/control +++ b/src/packages/src/xroad/ubuntu/generic/control @@ -64,14 +64,14 @@ Description: X-Road signer component Package: xroad-securityserver Conflicts: xroad-centralserver, uxp-addon-monitor (<=6.5) Architecture: all -Depends: xroad-proxy (=${binary:Version}), xroad-addon-metaservices (=${binary:Version}), xroad-addon-messagelog (=${binary:Version}), xroad-addon-proxymonitor (=${binary:Version}), xroad-addon-wsdlvalidator (=${binary:Version}), xroad-proxy-ui-api (=${binary:Version}), xroad-ds-identity-hub (=${binary:Version}), xroad-ds-control-plane (=${binary:Version}), xroad-ds-data-plane (=${binary:Version}) +Depends: xroad-proxy (=${binary:Version}), xroad-addon-messagelog (=${binary:Version}), xroad-monitor (=${binary:Version}), xroad-proxy-ui-api (=${binary:Version}), xroad-ds-identity-hub (=${binary:Version}), xroad-ds-control-plane (=${binary:Version}), xroad-ds-data-plane (=${binary:Version}) Description: X-Road security server This is meta-package of X-Road security server. Package: xroad-proxy Conflicts: xroad-center, xroad-confproxy Architecture: all -Depends: ${misc:Depends}, rsyslog, curl, systemd, xroad-confclient (=${binary:Version}), xroad-signer (=${binary:Version}), openjdk-21-jre-headless | java21-runtime-headless | java21-runtime +Depends: ${misc:Depends}, rsyslog, curl, systemd, xroad-confclient (=${binary:Version}), xroad-signer (=${binary:Version}), openjdk-21-jre-headless | java21-runtime-headless | java21-runtime, yq Pre-depends: xroad-database-local (=${binary:Version}) | xroad-database-remote (=${binary:Version}), xroad-secret-store-local (=${binary:Version}) | xroad-secret-store-remote (=${binary:Version}), xroad-base (=${binary:Version}) Description: X-Road security server X-Road security server programs and utilities @@ -89,28 +89,31 @@ Architecture: amd64 arm64 # These following 2 package relationship changes were required to fix an issue caused by a file dependency diversion from xroad-signer to xroad-addon-hwtokens in 7.1.0 Replaces: xroad-signer (<< 7.1.0) Breaks: xroad-signer (<< 7.1.0) -Depends: ${misc:Depends}, xroad-base (=${binary:Version}), xroad-confclient (=${binary:Version}), xroad-signer (=${binary:Version}) -Description: X-Road AddOn: hwtokens - AddOn for hardware tokens +Depends: ${misc:Depends}, xroad-base (=${binary:Version}), xroad-confclient (=${binary:Version}), xroad-signer (=${binary:Version}), yq +Section: oldlibs +Description: transitional package + This is a transitional package. It can safely be removed. Package: xroad-addon-messagelog Architecture: all -Depends: ${misc:Depends}, xroad-proxy (=${binary:Version}) +Depends: ${misc:Depends}, xroad-proxy (=${binary:Version}), yq Conflicts: xroad-addon-legacy-securelog Description: X-Road AddOn: messagelog AddOn for secure message log Package: xroad-addon-metaservices Architecture: all -Depends: ${misc:Depends}, xroad-proxy (=${binary:Version}) -Description: X-Road AddOn: metaservices - AddOn for metaservice reponders +Depends: ${misc:Depends}, xroad-proxy (=${binary:Version}), yq +Section: oldlibs +Description: transitional package + This is a transitional package. It can safely be removed. Package: xroad-addon-proxymonitor Architecture: all -Depends: ${misc:Depends}, xroad-proxy (=${binary:Version}), xroad-monitor (=${binary:Version}) -Description: X-Road AddOn: proxy monitoring metaservice - Addon for proxy monitoring +Depends: ${misc:Depends}, xroad-proxy (=${binary:Version}), yq +Section: oldlibs +Description: transitional package + This is a transitional package. It can safely be removed. Package: xroad-monitor Architecture: all @@ -120,48 +123,48 @@ Description: X-Road monitoring service Package: xroad-addon-wsdlvalidator Architecture: all -Depends: ${misc:Depends}, xroad-proxy (=${binary:Version}) -Description: X-Road AddOn: wsdlvalidator - AddOn for WSDL validator for the X-Road services +Depends: ${misc:Depends}, xroad-proxy-ui-api (=${binary:Version}), yq +Description: transitional package + This is a transitional package. It can safely be removed. Package: xroad-addon-opmonitoring Architecture: all -Depends: ${misc:Depends}, xroad-proxy (=${binary:Version}), xroad-opmonitor (=${binary:Version}) -Description: X-Road AddOn: operations monitoring service - AddOn for operations monitoring. +Depends: ${misc:Depends}, xroad-proxy (=${binary:Version}), xroad-opmonitor (=${binary:Version}), yq +Description: transitional package + This is a transitional package. It can safely be removed. Package: xroad-securityserver-fi Conflicts: xroad-centralserver Architecture: all -Depends: xroad-securityserver (=${binary:Version}), xroad-addon-opmonitoring (=${binary:Version}) +Depends: xroad-securityserver (=${binary:Version}), xroad-opmonitor (=${binary:Version}) Description: X-Road security server with Finnish settings This is meta-package of X-Road security server with Finnish settings. Package: xroad-securityserver-is Conflicts: xroad-centralserver Architecture: all -Depends: xroad-securityserver (=${binary:Version}), xroad-addon-opmonitoring (=${binary:Version}) +Depends: xroad-securityserver (=${binary:Version}), xroad-opmonitor (=${binary:Version}) Description: X-Road security server with Icelandic settings This is meta-package of X-Road security server with Icelandic settings. Package: xroad-securityserver-ee Conflicts: xroad-centralserver Architecture: all -Depends: xroad-securityserver (=${binary:Version}), xroad-addon-opmonitoring (=${binary:Version}) +Depends: xroad-securityserver (=${binary:Version}), xroad-opmonitor (=${binary:Version}) Description: X-Road security server with Estonian settings This is meta-package of X-Road security server with Estonian settings. Package: xroad-securityserver-fo Conflicts: xroad-centralserver Architecture: all -Depends: xroad-securityserver (=${binary:Version}), xroad-addon-opmonitoring (=${binary:Version}) +Depends: xroad-securityserver (=${binary:Version}), xroad-opmonitor (=${binary:Version}) Description: X-Road security server with the Faroe Islands' settings This is meta-package of X-Road security server with the Faroe Islands' settings. Package: xroad-opmonitor Conflicts: xroad-center Architecture: all -Depends: ${misc:Depends}, xroad-base (=${binary:Version}), xroad-confclient (=${binary:Version}) +Depends: ${misc:Depends}, xroad-base (=${binary:Version}), xroad-confclient (=${binary:Version}), yq Pre-depends: xroad-database-local (=${binary:Version}) | xroad-database-remote (=${binary:Version}) Description: X-Road operations monitoring daemon X-Road operations monitoring daemon @@ -177,7 +180,7 @@ Description: Automatic token pin code entry Package: xroad-proxy-ui-api Architecture: all Pre-depends: xroad-base (=${binary:Version}) -Depends: ${misc:Depends}, xroad-proxy (=${binary:Version}) +Depends: ${misc:Depends}, xroad-proxy (=${binary:Version}), yq Replaces: xroad-nginx, xroad-jetty9 Breaks: xroad-nginx, xroad-jetty9 Description: X-Road proxy UI REST API diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-addon-hwtokens.install b/src/packages/src/xroad/ubuntu/generic/xroad-addon-hwtokens.install deleted file mode 100644 index 7181908233..0000000000 --- a/src/packages/src/xroad/ubuntu/generic/xroad-addon-hwtokens.install +++ /dev/null @@ -1,7 +0,0 @@ -../../../../src/xroad/common/addon/signer/* usr/share/xroad/jlib/addon/signer/ -../../../../../addons/hwtoken/build/libs/hwtoken-1.0.jar usr/share/xroad/jlib/addon/signer/ -../../../../../LICENSE.txt usr/share/doc/xroad-addon-hwtokens/ -../../../../../3RD-PARTY-NOTICES.txt usr/share/doc/xroad-addon-hwtokens/ -../../../../../../CHANGELOG.md usr/share/doc/xroad-addon-hwtokens/ -../../../../../libs/pkcs11wrapper/${DEB_HOST_ARCH}/libpkcs11wrapper.so usr/share/xroad/lib/ - diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-addon-hwtokens.postinst b/src/packages/src/xroad/ubuntu/generic/xroad-addon-hwtokens.postinst index 31e61da8aa..01d4d69669 100644 --- a/src/packages/src/xroad/ubuntu/generic/xroad-addon-hwtokens.postinst +++ b/src/packages/src/xroad/ubuntu/generic/xroad-addon-hwtokens.postinst @@ -1,5 +1,23 @@ #!/bin/bash + +function set_yaml_property { # $1 property, $2 value, $3 file + if [ ! -f "$3" ]; then + echo "File $3 does not exist. Creating the file." + echo "---" > "$3" + chown xroad:xroad "$3" + fi + + CURRENT_VALUE=$(yq "$1" "$3") + if [ -z "$CURRENT_VALUE" ] || [ "$CURRENT_VALUE" == "null" ]; then + if [ ! -s "$3" ]; then + echo "---" > "$3" + fi + yq -Y -i "$1 = $2" "$3" + fi +} + if [ "$1" = configure ]; then + set_yaml_property ".xroad.signer.addon.hwtoken.enabled" "true" "/etc/xroad/conf.d/signer-override.yaml" invoke-rc.d --quiet xroad-signer try-restart || true fi diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-addon-messagelog.install b/src/packages/src/xroad/ubuntu/generic/xroad-addon-messagelog.install index 432d454d8a..8f34e5f673 100644 --- a/src/packages/src/xroad/ubuntu/generic/xroad-addon-messagelog.install +++ b/src/packages/src/xroad/ubuntu/generic/xroad-addon-messagelog.install @@ -1,7 +1,5 @@ -../../../../src/xroad/common/addon/proxy/messagelog.conf.default usr/share/xroad/jlib/addon/proxy/ ../../../../src/xroad/common/addon/proxy/messagelog-archiver.conf etc/xroad/services/ ../../../../src/xroad/common/addon/proxy/xroad-messagelog-archiver usr/share/xroad/bin/ -../../../../../addons/messagelog/messagelog-addon/build/libs/messagelog-addon.jar usr/share/xroad/jlib/addon/proxy/ ../../../../../addons/messagelog/messagelog-archiver/scripts/archive-http-transporter.sh usr/share/xroad/scripts/ ../../../../../addons/messagelog/messagelog-archiver/application/build/libs/messagelog-archiver.jar usr/share/xroad/jlib/addon/proxy/ diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-addon-messagelog.postinst b/src/packages/src/xroad/ubuntu/generic/xroad-addon-messagelog.postinst index 8c70ebcf81..c7d0d5ad81 100644 --- a/src/packages/src/xroad/ubuntu/generic/xroad-addon-messagelog.postinst +++ b/src/packages/src/xroad/ubuntu/generic/xroad-addon-messagelog.postinst @@ -1,20 +1,34 @@ #!/bin/bash . /usr/share/debconf/confmodule +function set_yaml_property { # $1 property, $2 value, $3 file + if [ ! -f "$3" ]; then + echo "File $3 does not exist. Creating the file." + echo "---" > "$3" + chown xroad:xroad "$3" + fi + + CURRENT_VALUE=$(yq "$1" "$3") + if [ -z "$CURRENT_VALUE" ] || [ "$CURRENT_VALUE" == "null" ]; then + if [ ! -s "$3" ]; then + echo "---" > "$3" + fi + yq -Y -i "$1 = $2" "$3" + fi +} + if [[ "$1" == configure || "$1" == reconfigure ]]; then RET= db_get xroad-addon-messagelog/enable-messagelog || RET=true + rm -f /usr/share/xroad/jlib/addon/proxy/messagelog.conf if [ "$RET" = false ]; then - rm -f /usr/share/xroad/jlib/addon/proxy/messagelog.conf + set_yaml_property ".xroad.proxy.addon.messagelog.enabled" "false" "/etc/xroad/conf.d/proxy-override.yaml" else - if [ ! -e /usr/share/xroad/jlib/addon/proxy/messagelog.conf ]; then - ln -s /usr/share/xroad/jlib/addon/proxy/messagelog.conf.default /usr/share/xroad/jlib/addon/proxy/messagelog.conf - fi - RET= db_get xroad-common/database-host || RET="" /usr/share/xroad/scripts/setup_messagelog_db.sh "$RET" + set_yaml_property ".xroad.proxy.addon.messagelog.enabled" "true" "/etc/xroad/conf.d/proxy-override.yaml" fi db_stop diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-addon-messagelog.postrm b/src/packages/src/xroad/ubuntu/generic/xroad-addon-messagelog.postrm new file mode 100644 index 0000000000..fec2d28851 --- /dev/null +++ b/src/packages/src/xroad/ubuntu/generic/xroad-addon-messagelog.postrm @@ -0,0 +1,22 @@ +#!/bin/bash + +function disable_addon { # $1 property, $2 file + if [ ! -f "$2" ]; then + return 0 + fi + + CURRENT_VALUE=$(yq "$1" "$2") + if [ -z "$CURRENT_VALUE" ]; then + return 0; + fi + if [ "$CURRENT_VALUE" == "true" ]; then + yq -Y -i "$1 = false" "$2" + fi +} + +if [[ "$1" == "remove" ]]; then + disable_addon ".xroad.proxy.addon.messagelog.enabled" "/etc/xroad/conf.d/proxy-override.yaml" + invoke-rc.d --quiet xroad-proxy try-restart || true +fi + +exit 0 diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-addon-metaservices.install b/src/packages/src/xroad/ubuntu/generic/xroad-addon-metaservices.install deleted file mode 100644 index a6e67d0519..0000000000 --- a/src/packages/src/xroad/ubuntu/generic/xroad-addon-metaservices.install +++ /dev/null @@ -1,5 +0,0 @@ -../../../../src/xroad/common/addon/proxy/metaservice* usr/share/xroad/jlib/addon/proxy/ -../../../../../addons/metaservice/build/libs/metaservice-1.0.jar usr/share/xroad/jlib/addon/proxy/ -../../../../../LICENSE.txt usr/share/doc/xroad-addon-metaservices/ -../../../../../3RD-PARTY-NOTICES.txt usr/share/doc/xroad-addon-metaservices/ -../../../../../../CHANGELOG.md usr/share/doc/xroad-addon-metaservices/ diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-addon-metaservices.postinst b/src/packages/src/xroad/ubuntu/generic/xroad-addon-metaservices.postinst index bd37a69861..4fadd438a2 100644 --- a/src/packages/src/xroad/ubuntu/generic/xroad-addon-metaservices.postinst +++ b/src/packages/src/xroad/ubuntu/generic/xroad-addon-metaservices.postinst @@ -1,6 +1,24 @@ #!/bin/bash + +function set_yaml_property { # $1 property, $2 value, $3 file + if [ ! -f "$3" ]; then + echo "File $3 does not exist. Creating the file." + echo "---" > "$3" + chown xroad:xroad "$3" + fi + + CURRENT_VALUE=$(yq "$1" "$3") + if [ -z "$CURRENT_VALUE" ] || [ "$CURRENT_VALUE" == "null" ]; then + if [ ! -s "$3" ]; then + echo "---" > "$3" + fi + yq -Y -i "$1 = $2" "$3" + fi +} + if [ "$1" = configure ]; then - invoke-rc.d --quiet xroad-proxy try-restart || true + # enable the addon in /etc/xroad/conf.d/proxy-override.yaml + set_yaml_property ".xroad.proxy.addon.metaservices.enabled" "true" "/etc/xroad/conf.d/proxy-override.yaml" fi if [ "$1" = abort-upgrade ]; then diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-addon-opmonitoring.install b/src/packages/src/xroad/ubuntu/generic/xroad-addon-opmonitoring.install deleted file mode 100644 index 04ca19712c..0000000000 --- a/src/packages/src/xroad/ubuntu/generic/xroad-addon-opmonitoring.install +++ /dev/null @@ -1,5 +0,0 @@ -../../../../../addons/op-monitoring/build/libs/op-monitoring-1.0.jar usr/share/xroad/jlib/addon/proxy/ -../../../../src/xroad/common/addon/proxy/opmonitoring.conf usr/share/xroad/jlib/addon/proxy/ -../../../../../LICENSE.txt usr/share/doc/xroad-addon-opmonitoring/ -../../../../../3RD-PARTY-NOTICES.txt usr/share/doc/xroad-addon-opmonitoring/ -../../../../../../CHANGELOG.md usr/share/doc/xroad-addon-opmonitoring/ diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-addon-opmonitoring.postinst b/src/packages/src/xroad/ubuntu/generic/xroad-addon-opmonitoring.postinst index 79d5133f4b..2d8d572c21 100644 --- a/src/packages/src/xroad/ubuntu/generic/xroad-addon-opmonitoring.postinst +++ b/src/packages/src/xroad/ubuntu/generic/xroad-addon-opmonitoring.postinst @@ -1,6 +1,23 @@ #!/bin/bash +function set_yaml_property { # $1 property, $2 value, $3 file + if [ ! -f "$3" ]; then + echo "File $3 does not exist. Creating the file." + echo "---" > "$3" + chown xroad:xroad "$3" + fi + + CURRENT_VALUE=$(yq "$1" "$3") + if [ -z "$CURRENT_VALUE" ] || [ "$CURRENT_VALUE" == "null" ]; then + if [ ! -s "$3" ]; then + echo "---" > "$3" + fi + yq -Y -i "$1 = $2" "$3" + fi +} + if [ "$1" = configure ]; then + set_yaml_property ".xroad.proxy.addon.\"op-monitor\".enabled" "true" "/etc/xroad/conf.d/proxy-override.yaml" invoke-rc.d --quiet xroad-proxy try-restart || true fi diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-addon-proxymonitor.install b/src/packages/src/xroad/ubuntu/generic/xroad-addon-proxymonitor.install deleted file mode 100644 index 33cf9f6e24..0000000000 --- a/src/packages/src/xroad/ubuntu/generic/xroad-addon-proxymonitor.install +++ /dev/null @@ -1,3 +0,0 @@ -../../../../src/xroad/common/addon/proxy/proxymonitor-service.conf usr/share/xroad/jlib/addon/proxy/ -../../../../../addons/proxymonitor/metaservice/build/libs/proxymonitor-metaservice-1.0.jar usr/share/xroad/jlib/addon/proxy/ - diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-addon-proxymonitor.postinst b/src/packages/src/xroad/ubuntu/generic/xroad-addon-proxymonitor.postinst index a0800b716e..42e5a08359 100644 --- a/src/packages/src/xroad/ubuntu/generic/xroad-addon-proxymonitor.postinst +++ b/src/packages/src/xroad/ubuntu/generic/xroad-addon-proxymonitor.postinst @@ -1,7 +1,24 @@ #!/bin/bash +function set_yaml_property { # $1 property, $2 value, $3 file + if [ ! -f "$3" ]; then + echo "File $3 does not exist. Creating the file." + echo "---" > "$3" + chown xroad:xroad "$3" + fi + + CURRENT_VALUE=$(yq "$1" "$3") + if [ -z "$CURRENT_VALUE" ] || [ "$CURRENT_VALUE" == "null" ]; then + if [ ! -s "$3" ]; then + echo "---" > "$3" + fi + yq -Y -i "$1 = $2" "$3" + fi +} + if [ "$1" = configure ]; then - invoke-rc.d --quiet xroad-proxy try-restart || true + # enable the addon in /etc/xroad/conf.d/proxy-override.yaml + set_yaml_property ".xroad.proxy.addon.proxymonitor.enabled" "true" "/etc/xroad/conf.d/proxy-override.yaml" fi if [ "$1" = abort-upgrade ]; then diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-addon-wsdlvalidator.install b/src/packages/src/xroad/ubuntu/generic/xroad-addon-wsdlvalidator.install deleted file mode 100644 index 830af35387..0000000000 --- a/src/packages/src/xroad/ubuntu/generic/xroad-addon-wsdlvalidator.install +++ /dev/null @@ -1,3 +0,0 @@ -../../../../src/xroad/common/addon/wsdlvalidator/usr/* usr/ -../../../../../addons/wsdlvalidator/build/libs/wsdlvalidator-1.0.jar usr/share/xroad/wsdlvalidator/jlib - diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-addon-wsdlvalidator.postinst b/src/packages/src/xroad/ubuntu/generic/xroad-addon-wsdlvalidator.postinst index 4a29f936eb..47a9ee7fe5 100644 --- a/src/packages/src/xroad/ubuntu/generic/xroad-addon-wsdlvalidator.postinst +++ b/src/packages/src/xroad/ubuntu/generic/xroad-addon-wsdlvalidator.postinst @@ -1,10 +1,24 @@ #!/bin/bash -if [[ "$1" == 'configure' && -z "$2" ]]; then - # set initial value for wsdl-validator-command in first install - crudini --set /etc/xroad/conf.d/local.ini proxy-ui-api wsdl-validator-command /usr/share/xroad/wsdlvalidator/bin/wsdlvalidator_wrapper.sh - chown root:xroad /usr/share/xroad/wsdlvalidator/bin/wsdlvalidator_wrapper.sh - chmod 0750 /usr/share/xroad/wsdlvalidator/bin/wsdlvalidator_wrapper.sh +function set_yaml_property { # $1 property, $2 value, $3 file + if [ ! -f "$3" ]; then + echo "File $3 does not exist. Creating the file." + echo "---" > "$3" + chown xroad:xroad "$3" + fi + + CURRENT_VALUE=$(yq "$1" "$3") + if [ -z "$CURRENT_VALUE" ] || [ "$CURRENT_VALUE" == "null" ]; then + if [ ! -s "$3" ]; then + echo "---" > "$3" + fi + yq -Y -i "$1 = $2" "$3" + fi +} + +if [ "$1" = configure ]; then + # enable the addon in /etc/xroad/conf.d/proxy-ui-api-override.yaml + set_yaml_property ".xroad.\"proxy-ui-api\".addon.wsdlvalidator.enabled" "true" "/etc/xroad/conf.d/proxy-ui-api-override.yaml" invoke-rc.d --quiet xroad-proxy-ui-api try-restart || true fi diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-addon-wsdlvalidator.postrm b/src/packages/src/xroad/ubuntu/generic/xroad-addon-wsdlvalidator.postrm deleted file mode 100644 index 7c4cdf3d40..0000000000 --- a/src/packages/src/xroad/ubuntu/generic/xroad-addon-wsdlvalidator.postrm +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -if [[ "$1" == "remove" ]]; then - crudini --del /etc/xroad/conf.d/local.ini proxy-ui-api wsdl-validator-command - invoke-rc.d --quiet xroad-proxy-ui-api try-restart || true -fi -exit 0 diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-addon-wsdlvalidator.preinst b/src/packages/src/xroad/ubuntu/generic/xroad-addon-wsdlvalidator.preinst deleted file mode 100644 index 1ca784c19c..0000000000 --- a/src/packages/src/xroad/ubuntu/generic/xroad-addon-wsdlvalidator.preinst +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -if [ "$1" = "upgrade" ]; then - if dpkg --compare-versions "#LAST_SUPPORTED_VERSION#" gt "$2"; then - echo "ERROR: Upgrade supported from #LAST_SUPPORTED_VERSION# or newer" >&2 - exit 1 - fi -fi - -#parameters: -#1 file_path -#2 old_section -#3 old_key -#4 new_section -#5 new_key -function migrate_conf_value { - MIGRATION_VALUE="$(crudini --get "$1" "$2" "$3" 2>/dev/null || true)" - if [ "${MIGRATION_VALUE}" ]; - then - crudini --set "$1" "$4" "$5" "${MIGRATION_VALUE}" - crudini --del "$1" "$2" "$3" - fi -} - -if [ "$1" = "upgrade" ]; then - # migrate wsdl-validator-command proxy-ui -> proxy-ui-api - migrate_conf_value /etc/xroad/conf.d/local.ini proxy-ui wsdl-validator-command proxy-ui-api wsdl-validator-command -fi - -exit 0 diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-opmonitor.postinst b/src/packages/src/xroad/ubuntu/generic/xroad-opmonitor.postinst index e6c1d81715..a730b78c50 100644 --- a/src/packages/src/xroad/ubuntu/generic/xroad-opmonitor.postinst +++ b/src/packages/src/xroad/ubuntu/generic/xroad-opmonitor.postinst @@ -12,8 +12,26 @@ configure() { /usr/share/xroad/scripts/setup_opmonitor_db.sh "$RET" } +function set_yaml_property { # $1 property, $2 value, $3 file + if [ ! -f "$3" ]; then + echo "File $3 does not exist. Creating the file." + echo "---" > "$3" + chown xroad:xroad "$3" + fi + + CURRENT_VALUE=$(yq "$1" "$3") + if [ -z "$CURRENT_VALUE" ] || [ "$CURRENT_VALUE" == "null" ]; then + if [ ! -s "$3" ]; then + echo "---" > "$3" + fi + yq -Y -i "$1 = $2" "$3" + fi +} + if [[ "$1" == "configure" || "$1" == "reconfigure" ]]; then configure + set_yaml_property ".xroad.proxy.addon.\"op-monitor\".enabled" "true" "/etc/xroad/conf.d/proxy-override.yaml" + invoke-rc.d --quiet xroad-proxy try-restart || true fi if [ "$1" = abort-upgrade ]; then diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-opmonitor.postrm b/src/packages/src/xroad/ubuntu/generic/xroad-opmonitor.postrm new file mode 100644 index 0000000000..7998da413b --- /dev/null +++ b/src/packages/src/xroad/ubuntu/generic/xroad-opmonitor.postrm @@ -0,0 +1,22 @@ +#!/bin/bash + +function disable_addon { # $1 property, $2 file + if [ ! -f "$2" ]; then + return 0 + fi + + CURRENT_VALUE=$(yq "$1" "$2") + if [ -z "$CURRENT_VALUE" ]; then + return 0; + fi + if [ "$CURRENT_VALUE" == "true" ]; then + yq -Y -i "$1 = false" "$2" + fi +} + +if [[ "$1" == "remove" ]]; then + disable_addon ".xroad.proxy.addon.\"op-monitor\".enabled" "/etc/xroad/conf.d/proxy-override.yaml" + invoke-rc.d --quiet xroad-proxy try-restart || true +fi + +exit 0 diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-proxy-ui-api.install b/src/packages/src/xroad/ubuntu/generic/xroad-proxy-ui-api.install index 39024240e9..ce9e4f85bf 100644 --- a/src/packages/src/xroad/ubuntu/generic/xroad-proxy-ui-api.install +++ b/src/packages/src/xroad/ubuntu/generic/xroad-proxy-ui-api.install @@ -8,3 +8,6 @@ ../../../../src/xroad/default-configuration/mail.example.yml etc/xroad/conf.d ../../../../../security-server/admin-service/application/build/libs/proxy-ui-api-1.0.jar usr/share/xroad/jlib/ ../../../../../3RD-PARTY-NOTICES.txt usr/share/doc/xroad-proxy-ui-api + +../../../../src/xroad/common/addon/wsdlvalidator/usr/* usr/ +../../../../../addons/wsdlvalidator/build/libs/wsdlvalidator-1.0.jar usr/share/xroad/wsdl-validator/jlib diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-proxy-ui-api.postinst b/src/packages/src/xroad/ubuntu/generic/xroad-proxy-ui-api.postinst index 10175b94a5..9904710b64 100644 --- a/src/packages/src/xroad/ubuntu/generic/xroad-proxy-ui-api.postinst +++ b/src/packages/src/xroad/ubuntu/generic/xroad-proxy-ui-api.postinst @@ -19,6 +19,22 @@ function migrate_conf_value { fi } +function set_yaml_property { # $1 property, $2 value, $3 file + if [ ! -f "$3" ]; then + echo "File $3 does not exist. Creating the file." + echo "---" > "$3" + chown xroad:xroad "$3" + fi + + CURRENT_VALUE=$(yq "$1" "$3") + if [ -z "$CURRENT_VALUE" ] || [ "$CURRENT_VALUE" == "null" ]; then + if [ ! -s "$3" ]; then + echo "---" > "$3" + fi + yq -Y -i "$1 = $2" "$3" + fi +} + case "$1" in configure) #migrating possible local configuration for modified configuration values (for version 6.24.0) @@ -67,6 +83,15 @@ case "$1" in fi fi fi; + + if [[ "$1" == 'configure' && -z "$2" ]]; then + # by default, enable the plugin on the fist install + chown root:xroad /usr/share/xroad/wsdl-validator/bin/wsdlvalidator_wrapper.sh + chmod 0750 /usr/share/xroad/wsdl-validator/bin/wsdlvalidator_wrapper.sh + + CONFIG_FILE="/etc/xroad/conf.d/proxy-ui-api-override.yaml" + set_yaml_property ".xroad.\"proxy-ui-api\".addon.wsdlvalidator.enabled" "true" "$CONFIG_FILE" + fi ;; abort-upgrade|abort-remove|abort-deconfigure) diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-proxy.postinst b/src/packages/src/xroad/ubuntu/generic/xroad-proxy.postinst index 473f21d839..87e406ff8c 100644 --- a/src/packages/src/xroad/ubuntu/generic/xroad-proxy.postinst +++ b/src/packages/src/xroad/ubuntu/generic/xroad-proxy.postinst @@ -24,6 +24,22 @@ function migrate_conf_value { fi } +function set_yaml_property { # $1 property, $2 value, $3 file + if [ ! -f "$3" ]; then + echo "File $3 does not exist. Creating the file." + echo "---" > "$3" + chown xroad:xroad "$3" + fi + + CURRENT_VALUE=$(yq "$1" "$3") + if [ -z "$CURRENT_VALUE" ] || [ "$CURRENT_VALUE" == "null" ]; then + if [ ! -s "$3" ]; then + echo "---" > "$3" + fi + yq -Y -i "$1 = $2" "$3" + fi +} + case "$1" in configure|reconfigure) chmod 0440 /etc/sudoers.d/xroad-proxy @@ -121,6 +137,14 @@ case "$1" in db_stop /usr/share/xroad/scripts/setup_serverconf_db.sh "$RET" + if [[ "$1" == 'configure' && -z "$2" ]]; then + # by default, enable the plugins on the fist install + CONFIG_FILE="/etc/xroad/conf.d/proxy-override.yaml" + + set_yaml_property ".xroad.proxy.addon.metaservices.enabled" "true" "$CONFIG_FILE" + set_yaml_property ".xroad.proxy.addon.proxymonitor.enabled" "true" "$CONFIG_FILE" + fi + invoke-rc.d --quiet rsyslog try-restart || true invoke-rc.d --quiet xroad-confclient try-restart || true invoke-rc.d --quiet xroad-signer try-restart || true diff --git a/src/packages/src/xroad/ubuntu/generic/xroad-signer.install b/src/packages/src/xroad/ubuntu/generic/xroad-signer.install index 5d4a2dc060..8c8f542ff3 100644 --- a/src/packages/src/xroad/ubuntu/generic/xroad-signer.install +++ b/src/packages/src/xroad/ubuntu/generic/xroad-signer.install @@ -7,3 +7,4 @@ ../../../../../signer/application/build/libs/signer-1.0.jar usr/share/xroad/jlib/ ../../../../../signer-console/build/libs/signer-console-1.0.jar usr/share/xroad/jlib/ ../../../../../libs/passwordstore/${DEB_HOST_ARCH}/libpasswordstore.so usr/share/xroad/lib/ +../../../../../libs/pkcs11wrapper/${DEB_HOST_ARCH}/libpkcs11-wrapper.so usr/share/xroad/lib/ diff --git a/src/proxy/application/build.gradle b/src/proxy/application/build.gradle index 2bf362300a..54685fae75 100644 --- a/src/proxy/application/build.gradle +++ b/src/proxy/application/build.gradle @@ -10,8 +10,16 @@ dependencies { implementation(project(':common:common-core')) implementation(project(':common:common-rpc')) + implementation(libs.apache.httpclient) + implementation(project(':common:common-keyconf')) implementation(project(':common:common-messagelog')) + implementation(project(':common:common-op-monitoring')) + implementation(project(':serverconf')) + implementation(project(':addons:metaservice')) + implementation(project(':addons:messagelog:messagelog-addon:asic')) implementation(project(':addons:messagelog:messagelog-addon:core')) + implementation(project(':addons:proxymonitor-metaservice')) + implementation(project(':addons:op-monitoring')) testImplementation(libs.hsqldb) testImplementation(libs.restAssured) @@ -19,11 +27,9 @@ dependencies { testImplementation(project(':common:common-domain')) testImplementation(project(':common:common-globalconf')) testImplementation(project(':common:common-jetty')) - testImplementation(project(':common:common-keyconf')) testImplementation(project(':common:common-message')) testImplementation(project(':common:common-test')) testImplementation(project(':common:common-verifier')) - testImplementation(project(':serverconf')) testImplementation(project(':security-server:ds-client')) testImplementation(project(path: ":proxy:core", configuration: 'testArtifacts')) diff --git a/src/proxy/application/src/main/java/ee/ria/xroad/proxy/ProxyAddonsConfig.java b/src/proxy/application/src/main/java/ee/ria/xroad/proxy/ProxyAddonsConfig.java new file mode 100644 index 0000000000..2cb44f694c --- /dev/null +++ b/src/proxy/application/src/main/java/ee/ria/xroad/proxy/ProxyAddonsConfig.java @@ -0,0 +1,142 @@ +/* + * The MIT License + * + * Copyright (c) 2019- Nordic Institute for Interoperability Solutions (NIIS) + * Copyright (c) 2018 Estonian Information System Authority (RIA), + * Nordic Institute for Interoperability Solutions (NIIS), Population Register Centre (VRK) + * Copyright (c) 2015-2017 Estonian Information System Authority (RIA), Population Register Centre (VRK) + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +package ee.ria.xroad.proxy; + +import ee.ria.xroad.common.cert.CertChainFactory; +import ee.ria.xroad.common.conf.globalconf.GlobalConfProvider; +import ee.ria.xroad.common.conf.serverconf.ServerConfProvider; +import ee.ria.xroad.common.db.DatabaseCtxV2; +import ee.ria.xroad.common.messagelog.AbstractLogManager; +import ee.ria.xroad.common.opmonitoring.AbstractOpMonitoringBuffer; +import ee.ria.xroad.proxy.clientproxy.AbstractClientProxyHandler; +import ee.ria.xroad.proxy.clientproxy.AsicContainerHandler; +import ee.ria.xroad.proxy.clientproxy.MetadataHandler; +import ee.ria.xroad.proxy.conf.KeyConfProvider; +import ee.ria.xroad.proxy.messagelog.LogManager; +import ee.ria.xroad.proxy.opmonitoring.OpMonitoringBuffer; +import ee.ria.xroad.proxy.serverproxy.MetadataServiceHandlerImpl; +import ee.ria.xroad.proxy.serverproxy.OpMonitoringServiceHandlerImpl; +import ee.ria.xroad.proxy.serverproxy.ProxyMonitorServiceHandlerImpl; +import ee.ria.xroad.proxy.serverproxy.RestMetadataServiceHandlerImpl; +import ee.ria.xroad.proxy.serverproxy.RestServiceHandler; +import ee.ria.xroad.proxy.serverproxy.ServiceHandler; + +import lombok.extern.slf4j.Slf4j; +import org.apache.http.client.HttpClient; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.beans.factory.config.ConfigurableBeanFactory; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Scope; +import org.springframework.core.annotation.Order; + +@Configuration +@Slf4j +class ProxyAddonsConfig { + + @Configuration + @ConditionalOnProperty(name = "xroad.proxy.addon.metaservices.enabled", havingValue = "true") + static class MetaServicesAddonConfig { + @Bean + @Order(100) + AbstractClientProxyHandler metadataHandler(GlobalConfProvider globalConfProvider, KeyConfProvider keyConfProvider, + ServerConfProvider serverConfProvider, CertChainFactory certChainFactory, + @Qualifier("proxyHttpClient") HttpClient httpClient) { + log.debug("Initializing metaservices addon: MetadataHandler"); + return new MetadataHandler(globalConfProvider, keyConfProvider, + serverConfProvider, certChainFactory, httpClient); + } + + @Bean + @Scope(ConfigurableBeanFactory.SCOPE_PROTOTYPE) + ServiceHandler metadataServiceHandler(ServerConfProvider serverConfProvider, GlobalConfProvider globalConfProvider) { + return new MetadataServiceHandlerImpl(serverConfProvider, globalConfProvider); + } + + @Bean + @Scope(ConfigurableBeanFactory.SCOPE_PROTOTYPE) + RestServiceHandler restMetadataServiceHandler(ServerConfProvider serverConfProvider) { + return new RestMetadataServiceHandlerImpl(serverConfProvider); + } + } + + @Configuration + @ConditionalOnProperty(name = "xroad.proxy.addon.messagelog.enabled", havingValue = "true") + static class MessageLogAddonConfig { + @Bean + @Order(200) + AbstractClientProxyHandler asicContainerHandler(GlobalConfProvider globalConfProvider, KeyConfProvider keyConfProvider, + ServerConfProvider serverConfProvider, CertChainFactory certChainFactory, + @Qualifier("proxyHttpClient") HttpClient client, + @Autowired(required = false) @Qualifier("messagelogDatabaseCtx") + DatabaseCtxV2 messagelogDatabaseCtx) { + log.debug("Initializing messagelog addon: AsicContainerHandler"); + return new AsicContainerHandler(globalConfProvider, keyConfProvider, + serverConfProvider, certChainFactory, client, messagelogDatabaseCtx); + } + + @Bean + AbstractLogManager logManager(GlobalConfProvider globalConfProvider, + ServerConfProvider serverConfProvider, + @Autowired(required = false) @Qualifier("messagelogDatabaseCtx") + DatabaseCtxV2 messagelogDatabaseCtx) { + log.debug("Initializing messagelog addon: LogManager"); + return new LogManager("proxy", globalConfProvider, serverConfProvider, messagelogDatabaseCtx); + } + } + + @Configuration + @ConditionalOnProperty(name = "xroad.proxy.addon.proxymonitor.enabled", havingValue = "true") + static class ProxyMonitorAddonConfig { + @Bean + @Scope(ConfigurableBeanFactory.SCOPE_PROTOTYPE) + ServiceHandler proxyMonitorServiceHandler(ServerConfProvider serverConfProvider, GlobalConfProvider globalConfProvider) { + return new ProxyMonitorServiceHandlerImpl(serverConfProvider, globalConfProvider); + } + } + + @Configuration + @ConditionalOnProperty(name = "xroad.proxy.addon.op-monitor.enabled", havingValue = "true") + static class OpMonitorAddonConfig { + @Bean + @Scope(ConfigurableBeanFactory.SCOPE_PROTOTYPE) + ServiceHandler opMonitoringServiceHandler(ServerConfProvider serverConfProvider, GlobalConfProvider globalConfProvider) { + log.debug("Initializing op-monitoring addon: OpMonitoringServiceHandlerImpl"); + return new OpMonitoringServiceHandlerImpl(serverConfProvider, globalConfProvider); + } + + @Bean + AbstractOpMonitoringBuffer opMonitoringBuffer(ServerConfProvider serverConfProvider) throws Exception { + log.debug("Initializing op-monitoring addon: OpMonitoringBuffer"); + return new OpMonitoringBuffer(serverConfProvider); + } + } + +} diff --git a/src/proxy/application/src/main/java/ee/ria/xroad/proxy/ProxyMain.java b/src/proxy/application/src/main/java/ee/ria/xroad/proxy/ProxyMain.java index 0f4524e46b..affafb38f7 100644 --- a/src/proxy/application/src/main/java/ee/ria/xroad/proxy/ProxyMain.java +++ b/src/proxy/application/src/main/java/ee/ria/xroad/proxy/ProxyMain.java @@ -43,7 +43,7 @@ public class ProxyMain { private static final String APP_NAME = "proxy"; public static void main(String[] args) { - XrdSpringServiceBuilder.newApplicationBuilder(APP_NAME, ProxyMain.class, ProxyConfig.class) + XrdSpringServiceBuilder.newApplicationBuilder(APP_NAME, ProxyAddonsConfig.class, ProxyMain.class, ProxyConfig.class) .initializers(applicationContext -> { log.info("Initializing Apache Santuario XML Security library.."); org.apache.xml.security.Init.init(); diff --git a/src/proxy/core/src/intTest/java/org/niis/xroad/proxy/test/container/ContainerSetup.java b/src/proxy/core/src/intTest/java/org/niis/xroad/proxy/test/container/ContainerSetup.java index 7ce8a066e0..86e324c68c 100644 --- a/src/proxy/core/src/intTest/java/org/niis/xroad/proxy/test/container/ContainerSetup.java +++ b/src/proxy/core/src/intTest/java/org/niis/xroad/proxy/test/container/ContainerSetup.java @@ -40,8 +40,7 @@ public class ContainerSetup extends BaseTestSignerSetup { public TestContainerConfigurator testContainerConfigurator( TestableContainerProperties testableContainerProperties) { return super.testContainerConfigurator(testableContainerProperties, - "../../signer/application/build/libs/signer-1.0.jar", - "../../addons/hwtoken/build/libs/hwtoken-1.0.jar"); + "../../signer/application/build/libs/signer-1.0.jar"); } @Bean diff --git a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/ProxyMessageLogConfig.java b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/ProxyMessageLogConfig.java index b983c9388c..e66724c182 100644 --- a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/ProxyMessageLogConfig.java +++ b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/ProxyMessageLogConfig.java @@ -33,7 +33,6 @@ import ee.ria.xroad.common.identifier.ClientId; import ee.ria.xroad.common.messagelog.AbstractLogManager; import ee.ria.xroad.common.messagelog.MessageLogConfig; -import ee.ria.xroad.common.messagelog.MessageLogDbContextHolder; import ee.ria.xroad.common.messagelog.MessageLogProperties; import ee.ria.xroad.common.messagelog.archive.EncryptionConfigProvider; import ee.ria.xroad.common.messagelog.archive.GroupingStrategy; @@ -43,6 +42,7 @@ import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.boot.context.properties.EnableConfigurationProperties; @@ -62,11 +62,17 @@ public class ProxyMessageLogConfig { private static final GroupingStrategy ARCHIVE_GROUPING = MessageLogProperties.getArchiveGrouping(); @Bean - AbstractLogManager messageLogManager(GlobalConfProvider globalConfProvider, - ServerConfProvider serverConfProvider, - @Autowired(required = false) @Qualifier("messagelogDatabaseCtx") - DatabaseCtxV2 messagelogDatabaseCtx) { - return MessageLog.init("proxy", globalConfProvider, serverConfProvider, messagelogDatabaseCtx); + MessageLog messageLogManager(AbstractLogManager logManager) { + return MessageLog.init(logManager); + } + + @Bean + @ConditionalOnMissingBean + AbstractLogManager nullLogManager(GlobalConfProvider globalConfProvider, + ServerConfProvider serverConfProvider, + @Autowired(required = false) @Qualifier("messagelogDatabaseCtx") + DatabaseCtxV2 messagelogDatabaseCtx) { + return new NullLogManager("proxy", globalConfProvider, serverConfProvider, messagelogDatabaseCtx); } @ConfigurationProperties(prefix = "xroad.messagelog") @@ -79,9 +85,7 @@ static class SpringMessageLogProperties extends MessageLogConfig { @ConditionalOnProperty(value = "xroad.messagelog.hibernate.connection.password") @Bean("messagelogDatabaseCtx") DatabaseCtxV2 messagelogDatabaseCtx(MessageLogConfig messageLogProperties) { - DatabaseCtxV2 databaseCtx = new DatabaseCtxV2("messagelog", messageLogProperties.getHibernate()); - MessageLogDbContextHolder.set(databaseCtx); - return databaseCtx; + return new DatabaseCtxV2("messagelog", messageLogProperties.getHibernate()); } @Bean("messageLogEnabledStatus") diff --git a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/clientproxy/AbstractClientProxyHandler.java b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/clientproxy/AbstractClientProxyHandler.java index 16ab542c60..2d278e3f2e 100644 --- a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/clientproxy/AbstractClientProxyHandler.java +++ b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/clientproxy/AbstractClientProxyHandler.java @@ -66,7 +66,7 @@ */ @Slf4j @RequiredArgsConstructor -abstract class AbstractClientProxyHandler extends HandlerBase { +public abstract class AbstractClientProxyHandler extends HandlerBase { private static final String START_TIME_ATTRIBUTE = AbstractClientProxyHandler.class.getName() + ".START_TIME"; diff --git a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/clientproxy/ClientProxy.java b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/clientproxy/ClientProxy.java index 389ddc20a1..2f7288ee5b 100644 --- a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/clientproxy/ClientProxy.java +++ b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/clientproxy/ClientProxy.java @@ -25,17 +25,11 @@ */ package ee.ria.xroad.proxy.clientproxy; -import ee.ria.xroad.common.SystemProperties; -import ee.ria.xroad.common.cert.CertChainFactory; -import ee.ria.xroad.common.conf.globalconf.GlobalConfProvider; import ee.ria.xroad.common.conf.serverconf.ServerConfProvider; import ee.ria.xroad.common.util.CryptoUtils; import ee.ria.xroad.common.util.JettyUtils; -import ee.ria.xroad.proxy.conf.KeyConfProvider; import lombok.extern.slf4j.Slf4j; -import org.apache.commons.lang3.StringUtils; -import org.apache.http.client.HttpClient; import org.eclipse.jetty.http.UriCompliance; import org.eclipse.jetty.server.CustomRequestLog; import org.eclipse.jetty.server.Handler; @@ -58,7 +52,6 @@ import java.security.SecureRandom; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; -import java.util.ArrayList; import java.util.List; import java.util.Optional; @@ -72,49 +65,28 @@ public class ClientProxy implements InitializingBean, DisposableBean { // SSL session timeout private static final int SSL_SESSION_TIMEOUT = 600; - private static final String CLIENTPROXY_HANDLERS = SystemProperties.PREFIX + "proxy.clientHandlers"; - private static final String CLIENT_HTTP_CONNECTOR_NAME = "ClientConnector"; private static final String CLIENT_HTTPS_CONNECTOR_NAME = "ClientSSLConnector"; private final ProxyProperties.ClientProxyProperties clientProxyProperties; - private final GlobalConfProvider globalConfProvider; - private final KeyConfProvider keyConfProvider; private final ServerConfProvider serverConfProvider; - private final CertChainFactory certChainFactory; - - private final AuthTrustVerifier authTrustVerifier; private final Server server = new Server(); - private final HttpClient client; - private final ClientRestMessageHandler clientRestMessageHandler; - private final ClientSoapMessageHandler clientSoapMessageHandler; - + private final List clientHandlers; /** * Constructs and configures a new client proxy. * * @throws Exception in case of any errors */ - public ClientProxy(ProxyProperties.ClientProxyProperties clientProxyProperties, HttpClient httpClient, - ClientRestMessageHandler clientRestMessageHandler, - ClientSoapMessageHandler clientSoapMessageHandler, - GlobalConfProvider globalConfProvider, - KeyConfProvider keyConfProvider, - ServerConfProvider serverConfProvider, - CertChainFactory certChainFactory, - AuthTrustVerifier authTrustVerifier) throws Exception { + public ClientProxy(ProxyProperties.ClientProxyProperties clientProxyProperties, + List clientHandlers, + ServerConfProvider serverConfProvider) throws Exception { this.clientProxyProperties = clientProxyProperties; - this.client = httpClient; - this.clientRestMessageHandler = clientRestMessageHandler; - this.clientSoapMessageHandler = clientSoapMessageHandler; + this.clientHandlers = clientHandlers; - this.globalConfProvider = globalConfProvider; - this.keyConfProvider = keyConfProvider; this.serverConfProvider = serverConfProvider; - this.certChainFactory = certChainFactory; - this.authTrustVerifier = authTrustVerifier; configureServer(); createConnectors(); @@ -206,41 +178,19 @@ private void applyConnectionFactoryConfig(ServerConnector connector) { }); } - private void createHandlers() throws Exception { + private void createHandlers() { log.trace("createHandlers()"); var handlers = new Handler.Sequence(); - getClientHandlers().forEach(handlers::addHandler); + clientHandlers.forEach(handler -> { + log.debug("Loading client handler: {}", handler.getClass().getName()); + handlers.addHandler(handler); + }); server.setHandler(handlers); } - private List getClientHandlers() { - List handlers = new ArrayList<>(); - String handlerClassNames = System.getProperty(CLIENTPROXY_HANDLERS); - - handlers.add(clientRestMessageHandler); - - if (!StringUtils.isBlank(handlerClassNames)) { - var handlerLoader = new HandlerLoader(globalConfProvider, keyConfProvider, serverConfProvider, certChainFactory); - for (String handlerClassName : handlerClassNames.split(",")) { - try { - log.trace("Loading client handler {}", handlerClassName); - - handlers.add(handlerLoader.loadHandler(handlerClassName, client)); - } catch (Exception e) { - throw new RuntimeException("Failed to load client handler: " + handlerClassName, e); - } - } - } - - log.trace("Loading default client handler"); - handlers.add(clientSoapMessageHandler); // default handler - - return handlers; - } - @Override public void afterPropertiesSet() throws Exception { log.trace("start()"); diff --git a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/clientproxy/HandlerLoader.java b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/clientproxy/HandlerLoader.java deleted file mode 100644 index 1aeefb72b2..0000000000 --- a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/clientproxy/HandlerLoader.java +++ /dev/null @@ -1,85 +0,0 @@ -/* - * The MIT License - * Copyright (c) 2019- Nordic Institute for Interoperability Solutions (NIIS) - * Copyright (c) 2018 Estonian Information System Authority (RIA), - * Nordic Institute for Interoperability Solutions (NIIS), Population Register Centre (VRK) - * Copyright (c) 2015-2017 Estonian Information System Authority (RIA), Population Register Centre (VRK) - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - */ -package ee.ria.xroad.proxy.clientproxy; - -import ee.ria.xroad.common.cert.CertChainFactory; -import ee.ria.xroad.common.conf.globalconf.GlobalConfProvider; -import ee.ria.xroad.common.conf.serverconf.ServerConfProvider; -import ee.ria.xroad.proxy.conf.KeyConfProvider; - -import lombok.RequiredArgsConstructor; -import org.apache.http.client.HttpClient; -import org.eclipse.jetty.server.Handler; - -import java.lang.reflect.Constructor; - -@RequiredArgsConstructor -final class HandlerLoader { - private final GlobalConfProvider globalConfProvider; - private final KeyConfProvider keyConfProvider; - private final ServerConfProvider serverConfProvider; - private final CertChainFactory certChainFactory; - - - Handler loadHandler(String className, HttpClient client) - throws Exception { - try { - Class handlerClass = getHandlerClass(className); - return instantiate(handlerClass, client); - } catch (Exception e) { - throw new RuntimeException("Cannot load handler for name '" - + className + "'", e); - } - } - - private Handler instantiate(Class handlerClass, - HttpClient client) throws Exception { - try { - Constructor constructor = - handlerClass.getConstructor( - GlobalConfProvider.class, - KeyConfProvider.class, - ServerConfProvider.class, - CertChainFactory.class, - HttpClient.class); - return constructor.newInstance(globalConfProvider, keyConfProvider, serverConfProvider, certChainFactory, client); - } catch (NoSuchMethodException e) { - throw new Exception("Handler must have constructor taking " - + "1 parameter (" + HttpClient.class + ")", e); - } - } - - @SuppressWarnings("unchecked") - private static Class getHandlerClass(String className) - throws Exception { - Class clazz = Class.forName(className); - if (Handler.class.isAssignableFrom(clazz)) { - return (Class) clazz; - } else { - throw new Exception("Handler must implement " + Handler.class); - } - } -} diff --git a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/messagelog/MessageLog.java b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/messagelog/MessageLog.java index 5ff5edf040..7ebd49de2c 100644 --- a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/messagelog/MessageLog.java +++ b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/messagelog/MessageLog.java @@ -26,10 +26,6 @@ package ee.ria.xroad.proxy.messagelog; import ee.ria.xroad.common.DiagnosticsStatus; -import ee.ria.xroad.common.SystemProperties; -import ee.ria.xroad.common.conf.globalconf.GlobalConfProvider; -import ee.ria.xroad.common.conf.serverconf.ServerConfProvider; -import ee.ria.xroad.common.db.DatabaseCtxV2; import ee.ria.xroad.common.message.RestRequest; import ee.ria.xroad.common.message.RestResponse; import ee.ria.xroad.common.message.SoapMessageImpl; @@ -54,32 +50,14 @@ */ @Slf4j public final class MessageLog { - private static final String LOG_MANAGER_IMPL_CLASS = SystemProperties.PREFIX + "proxy.messageLogManagerImpl"; - private static AbstractLogManager logManager; + private static AbstractLogManager logManagerImpl; private MessageLog() { } - /** - * Initializes the message log using the provided actor system. Use control aware mailbox. - * - * @param globalConfProvider global conf source provider - * @return LogManager instance - */ - public static AbstractLogManager init(String origin, GlobalConfProvider globalConfProvider, - ServerConfProvider serverConfProvider, DatabaseCtxV2 databaseCtx) { - Class clazz = getLogManagerImpl(); - - log.trace("Using implementation class: {}", clazz); - - try { - logManager = clazz.getDeclaredConstructor(String.class, GlobalConfProvider.class, ServerConfProvider.class, DatabaseCtxV2.class) - .newInstance(origin, globalConfProvider, serverConfProvider, databaseCtx); - } catch (Exception e) { - throw new RuntimeException("Failed to initialize LogManager", e); - } - - return logManager; + public static MessageLog init(AbstractLogManager logManager) { + logManagerImpl = logManager; + return new MessageLog(); } /** @@ -94,7 +72,7 @@ public static void log(SoapMessageImpl message, SignatureData signature, boolean String xRequestId) { try { assertInitialized(); - logManager.log(new SoapLogMessage(message, signature, clientSide, xRequestId)); + logManagerImpl.log(new SoapLogMessage(message, signature, clientSide, xRequestId)); } catch (Exception e) { throw translateWithPrefix(X_LOGGING_FAILED_X, e); } @@ -107,7 +85,7 @@ public static void log(RestRequest message, SignatureData signature, CacheInputS String xRequestId) { try { assertInitialized(); - logManager.log(new RestLogMessage(message.getQueryId(), message.getClientId(), message.getServiceId(), + logManagerImpl.log(new RestLogMessage(message.getQueryId(), message.getClientId(), message.getServiceId(), message, signature, body, clientside, xRequestId)); } catch (Exception e) { throw translateWithPrefix(X_LOGGING_FAILED_X, e); @@ -121,7 +99,7 @@ public static void log(RestRequest request, RestResponse message, SignatureData signature, CacheInputStream body, boolean clientside, String xRequestId) { try { assertInitialized(); - logManager.log(new RestLogMessage(request.getQueryId(), request.getClientId(), request.getServiceId(), + logManagerImpl.log(new RestLogMessage(request.getQueryId(), request.getClientId(), request.getServiceId(), message, signature, body, clientside, xRequestId)); } catch (Exception e) { throw translateWithPrefix(X_LOGGING_FAILED_X, e); @@ -130,7 +108,7 @@ public static void log(RestRequest request, RestResponse message, public static Map getDiagnosticStatus() { assertInitialized(); - return logManager.getDiagnosticStatus(); + return logManagerImpl.getDiagnosticStatus(); } /** @@ -143,27 +121,14 @@ public static TimestampRecord timestamp(MessageRecord record) { try { log.trace("timestamp()"); assertInitialized(); - return logManager.timestamp(record.getId()); + return logManagerImpl.timestamp(record.getId()); } catch (Exception e) { throw translateWithPrefix(X_TIMESTAMPING_FAILED_X, e); } } - @SuppressWarnings("unchecked") - private static Class getLogManagerImpl() { - String logManagerImplClassName = System.getProperty(LOG_MANAGER_IMPL_CLASS, NullLogManager.class.getName()); - - try { - Class clazz = Class.forName(logManagerImplClassName); - - return (Class) clazz; - } catch (ClassNotFoundException e) { - throw new RuntimeException("Unable to load log manager impl: " + logManagerImplClassName, e); - } - } - private static void assertInitialized() { - if (logManager == null) { + if (logManagerImpl == null) { throw new IllegalStateException("not initialized"); } } diff --git a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/messagelog/NullLogManager.java b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/messagelog/NullLogManager.java index 3a9322f0f8..532d44df8e 100644 --- a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/messagelog/NullLogManager.java +++ b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/messagelog/NullLogManager.java @@ -41,7 +41,8 @@ */ public class NullLogManager extends AbstractLogManager { - NullLogManager(String origin, GlobalConfProvider globalConfProvider, ServerConfProvider serverConfProvider, DatabaseCtxV2 databaseCtx) { + public NullLogManager(String origin, GlobalConfProvider globalConfProvider, ServerConfProvider serverConfProvider, + DatabaseCtxV2 databaseCtx) { super(origin, globalConfProvider, serverConfProvider, databaseCtx); } diff --git a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/opmonitoring/NullOpMonitoringBuffer.java b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/opmonitoring/NullOpMonitoringBuffer.java index 90105376d9..ed85868498 100644 --- a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/opmonitoring/NullOpMonitoringBuffer.java +++ b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/opmonitoring/NullOpMonitoringBuffer.java @@ -33,9 +33,9 @@ * A dummy implementation of operational monitoring buffer that does nothing. * Actual implementation can be provided by addon. */ -class NullOpMonitoringBuffer extends AbstractOpMonitoringBuffer { +public class NullOpMonitoringBuffer extends AbstractOpMonitoringBuffer { - protected NullOpMonitoringBuffer(ServerConfProvider serverConfProvider) { + public NullOpMonitoringBuffer(ServerConfProvider serverConfProvider) { super(serverConfProvider); } diff --git a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/opmonitoring/OpMonitoring.java b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/opmonitoring/OpMonitoring.java index cf18ce55b6..a751dcde36 100644 --- a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/opmonitoring/OpMonitoring.java +++ b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/opmonitoring/OpMonitoring.java @@ -25,12 +25,9 @@ */ package ee.ria.xroad.proxy.opmonitoring; -import ee.ria.xroad.common.SystemProperties; -import ee.ria.xroad.common.conf.serverconf.ServerConfProvider; import ee.ria.xroad.common.opmonitoring.AbstractOpMonitoringBuffer; import ee.ria.xroad.common.opmonitoring.OpMonitoringData; -import lombok.AccessLevel; import lombok.NoArgsConstructor; import lombok.extern.slf4j.Slf4j; @@ -38,12 +35,9 @@ * Contains method for storing operational monitoring data. */ @Slf4j -@NoArgsConstructor(access = AccessLevel.PRIVATE) +@NoArgsConstructor public final class OpMonitoring { - private static final String OP_MONITORING_BUFFER_IMPL_CLASS = - SystemProperties.PREFIX + "proxy.opMonitoringBufferImpl"; - private static AbstractOpMonitoringBuffer opMonitoringBuffer; /** @@ -51,12 +45,10 @@ public final class OpMonitoring { * * @throws Exception if initialization fails */ - public static AbstractOpMonitoringBuffer init(ServerConfProvider serverConfProvider) throws Exception { - Class clazz = getOpMonitoringManagerImpl(); - - log.trace("Using implementation class: {}", clazz); - opMonitoringBuffer = clazz.getDeclaredConstructor(ServerConfProvider.class).newInstance(serverConfProvider); - return opMonitoringBuffer; + public static OpMonitoring init(AbstractOpMonitoringBuffer opMonitorBuffer) throws Exception { + log.trace("Using implementation class: {}", opMonitorBuffer.getClass().getName()); + opMonitoringBuffer = opMonitorBuffer; + return new OpMonitoring(); } /** @@ -72,20 +64,4 @@ public static void store(OpMonitoringData data) { } } - @SuppressWarnings("unchecked") - private static Class getOpMonitoringManagerImpl() { - String opMonitoringBufferImplClassName = System.getProperty( - OP_MONITORING_BUFFER_IMPL_CLASS, - NullOpMonitoringBuffer.class.getName()); - - try { - Class clazz = Class.forName(opMonitoringBufferImplClassName); - - return (Class) clazz; - } catch (ClassNotFoundException e) { - throw new RuntimeException("Unable to load operational monitoring buffer impl: " - + opMonitoringBufferImplClassName, e); - } - } - } diff --git a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/RestServiceHandlerLoader.java b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/RestServiceHandlerLoader.java deleted file mode 100644 index 1da7f83490..0000000000 --- a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/RestServiceHandlerLoader.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * The MIT License - * Copyright (c) 2019- Nordic Institute for Interoperability Solutions (NIIS) - * Copyright (c) 2018 Estonian Information System Authority (RIA), - * Nordic Institute for Interoperability Solutions (NIIS), Population Register Centre (VRK) - * Copyright (c) 2015-2017 Estonian Information System Authority (RIA), Population Register Centre (VRK) - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - */ -package ee.ria.xroad.proxy.serverproxy; - -import ee.ria.xroad.common.conf.serverconf.ServerConfProvider; - -/** - * Dynamic loader for rest service handlers - */ -public final class RestServiceHandlerLoader { - - private RestServiceHandlerLoader() { - } - - static RestServiceHandler load(ServerConfProvider serverConfProvider, String className) { - try { - Class clazz = Class.forName(className); - return (RestServiceHandler) clazz.getDeclaredConstructor(ServerConfProvider.class).newInstance(serverConfProvider); - } catch (Exception e) { - throw new RuntimeException("Failed to load rest service handler: " - + className, e); - } - } -} diff --git a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServerMessageProcessor.java b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServerMessageProcessor.java index 7d8363fb1a..e2bc6334dd 100644 --- a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServerMessageProcessor.java +++ b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServerMessageProcessor.java @@ -60,7 +60,6 @@ import io.opentelemetry.instrumentation.annotations.WithSpan; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.ArrayUtils; -import org.apache.commons.lang3.StringUtils; import org.apache.http.client.HttpClient; import java.io.InputStream; @@ -98,8 +97,6 @@ @Slf4j class ServerMessageProcessor extends MessageProcessorBase { - private static final String SERVERPROXY_SERVICE_HANDLERS = SystemProperties.PREFIX + "proxy.serverServiceHandlers"; - private final X509Certificate[] clientSslCerts; private final List handlers = new ArrayList<>(); @@ -116,8 +113,9 @@ class ServerMessageProcessor extends MessageProcessorBase { private SigningCtx responseSigningCtx; - private HttpClient opMonitorHttpClient; - private OpMonitoringData opMonitoringData; + private final HttpClient opMonitorHttpClient; + private final OpMonitoringData opMonitoringData; + ServerMessageProcessor(GlobalConfProvider globalConfProvider, KeyConfProvider keyConfProvider, @@ -125,14 +123,15 @@ class ServerMessageProcessor extends MessageProcessorBase { CertChainFactory certChainFactory, RequestWrapper request, ResponseWrapper response, HttpClient httpClient, X509Certificate[] clientSslCerts, - HttpClient opMonitorHttpClient, OpMonitoringData opMonitoringData) { + HttpClient opMonitorHttpClient, OpMonitoringData opMonitoringData, + ServiceHandlerLoader serviceHandlerLoader) { super(globalConfProvider, keyConfProvider, serverConfProvider, certChainFactory, request, response, httpClient); this.clientSslCerts = clientSslCerts; this.opMonitorHttpClient = opMonitorHttpClient; this.opMonitoringData = opMonitoringData; - loadServiceHandlers(); + loadServiceHandlers(serviceHandlerLoader); } @Override @@ -208,16 +207,11 @@ protected void postprocess() throws Exception { opMonitoringData.setSucceeded(true); } - private void loadServiceHandlers() { - String serviceHandlerNames = System.getProperty(SERVERPROXY_SERVICE_HANDLERS); - - if (!StringUtils.isBlank(serviceHandlerNames)) { - for (String serviceHandlerName : serviceHandlerNames.split(",")) { - handlers.add(ServiceHandlerLoader.load(serviceHandlerName, serverConfProvider, globalConfProvider)); - - log.debug("Loaded service handler: {}", serviceHandlerName); - } - } + private void loadServiceHandlers(ServiceHandlerLoader serviceHandlerLoader) { + serviceHandlerLoader.loadSoapServiceHandlers().forEach(handler -> { + handlers.add(handler); + log.debug("Loaded service handler: {}", handler.getClass().getName()); + }); handlers.add(new DefaultServiceHandlerImpl(serverConfProvider, globalConfProvider)); // default handler } diff --git a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServerProxy.java b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServerProxy.java index c3f455a49c..01dce6c776 100644 --- a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServerProxy.java +++ b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServerProxy.java @@ -90,7 +90,7 @@ public class ServerProxy implements InitializingBean, DisposableBean { public ServerProxy(ProxyProperties.ServerProperties serverProperties, AntiDosConfiguration antiDosConfiguration, GlobalConfProvider globalConfProvider, KeyConfProvider keyConfProvider, ServerConfProvider serConfProvider, - CertChainFactory certChainFactory) throws Exception { + CertChainFactory certChainFactory, ServiceHandlerLoader serviceHandlerLoader) throws Exception { this.serverProperties = serverProperties; this.antiDosConfiguration = antiDosConfiguration; @@ -104,7 +104,7 @@ public ServerProxy(ProxyProperties.ServerProperties serverProperties, AntiDosCon createClient(); createOpMonitorClient(); createConnectors(); - createHandlers(); + createHandlers(serviceHandlerLoader); } private void configureServer() throws Exception { @@ -168,11 +168,11 @@ private void createConnectors() throws Exception { log.info("ClientProxy {} created ({}:{})", connector.getClass().getSimpleName(), serverProperties.listenAddress(), port); } - private void createHandlers() { + private void createHandlers(ServiceHandlerLoader serviceHandlerLoader) { log.trace("createHandlers()"); ServerProxyHandler proxyHandler = new ServerProxyHandler(serverProperties, globalConfProvider, keyConfProvider, serverConfProvider, - certChainFactory, client, opMonitorClient); + certChainFactory, client, opMonitorClient, serviceHandlerLoader); var handler = new Handler.Sequence(); handler.addHandler(proxyHandler); diff --git a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServerProxyHandler.java b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServerProxyHandler.java index 1d9dc7cf39..4c24da0193 100644 --- a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServerProxyHandler.java +++ b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServerProxyHandler.java @@ -39,6 +39,8 @@ import ee.ria.xroad.proxy.util.PerformanceLogger; import io.opentelemetry.instrumentation.annotations.WithSpan; +import lombok.AccessLevel; +import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.apache.http.client.HttpClient; import org.eclipse.jetty.server.Request; @@ -58,6 +60,7 @@ import static org.eclipse.jetty.server.Request.getRemoteAddr; @Slf4j +@RequiredArgsConstructor(access = AccessLevel.PACKAGE) class ServerProxyHandler extends HandlerBase { private final ProxyProperties.ServerProperties serverProperties; private final GlobalConfProvider globalConfProvider; @@ -67,20 +70,7 @@ class ServerProxyHandler extends HandlerBase { private final HttpClient client; private final HttpClient opMonitorClient; - - ServerProxyHandler(ProxyProperties.ServerProperties serverProperties, - GlobalConfProvider globalConfProvider, - KeyConfProvider keyConfProvider, - ServerConfProvider serverConfProvider, - CertChainFactory certChainFactory, HttpClient client, HttpClient opMonitorClient) { - this.serverProperties = serverProperties; - this.globalConfProvider = globalConfProvider; - this.keyConfProvider = keyConfProvider; - this.serverConfProvider = serverConfProvider; - this.certChainFactory = certChainFactory; - this.client = client; - this.opMonitorClient = opMonitorClient; - } + private final ServiceHandlerLoader serviceHandlerLoader; @Override @WithSpan @@ -133,12 +123,12 @@ private MessageProcessorBase createRequestProcessor(RequestWrapper request, Resp return new ServerRestMessageProcessor(globalConfProvider, keyConfProvider, serverConfProvider, certChainFactory, request, response, client, request.getPeerCertificates() .orElse(null), - opMonitoringData); + opMonitoringData, serviceHandlerLoader); } else { return new ServerMessageProcessor(globalConfProvider, keyConfProvider, serverConfProvider, certChainFactory, request, response, client, request.getPeerCertificates() .orElse(null), - opMonitorClient, opMonitoringData); + opMonitorClient, opMonitoringData, serviceHandlerLoader); } } diff --git a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServerRestMessageProcessor.java b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServerRestMessageProcessor.java index fda0e7b399..dd152bfc96 100644 --- a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServerRestMessageProcessor.java +++ b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServerRestMessageProcessor.java @@ -60,7 +60,6 @@ import lombok.extern.slf4j.Slf4j; import org.apache.commons.io.input.TeeInputStream; import org.apache.commons.lang3.ArrayUtils; -import org.apache.commons.lang3.StringUtils; import org.apache.http.Header; import org.apache.http.HttpEntityEnclosingRequest; import org.apache.http.HttpResponse; @@ -109,9 +108,6 @@ @Slf4j class ServerRestMessageProcessor extends MessageProcessorBase { - private static final String SERVERPROXY_REST_SERVICE_HANDLERS = SystemProperties.PREFIX - + "proxy.serverRestServiceHandlers"; - private final X509Certificate[] clientSslCerts; private final List handlers = new ArrayList<>(); @@ -138,12 +134,13 @@ class ServerRestMessageProcessor extends MessageProcessorBase { ResponseWrapper response, HttpClient httpClient, X509Certificate[] clientSslCerts, - OpMonitoringData opMonitoringData) { + OpMonitoringData opMonitoringData, + ServiceHandlerLoader serviceHandlerLoader) { super(globalConfProvider, keyConfProvider, serverConfProvider, certChainFactory, request, response, httpClient); this.clientSslCerts = clientSslCerts; this.opMonitoringData = opMonitoringData; - loadServiceHandlers(); + loadServiceHandlers(serviceHandlerLoader); } @Override @@ -218,14 +215,12 @@ protected void postprocess() { opMonitoringData.setRestResponseStatusCode(restResponse.getResponseCode()); } - private void loadServiceHandlers() { - String serviceHandlerNames = System.getProperty(SERVERPROXY_REST_SERVICE_HANDLERS); - if (!StringUtils.isBlank(serviceHandlerNames)) { - for (String serviceHandlerName : serviceHandlerNames.split(",")) { - handlers.add(RestServiceHandlerLoader.load(serverConfProvider, serviceHandlerName)); - log.trace("Loaded rest service handler: " + serviceHandlerName); - } - } + private void loadServiceHandlers(ServiceHandlerLoader serviceHandlerLoader) { + + serviceHandlerLoader.loadRestServiceHandlers().forEach(handler -> { + handlers.add(handler); + log.trace("Loaded rest service handler: " + handler.getClass().getName()); + }); } private RestServiceHandler getServiceHandler(ProxyMessage request) { diff --git a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServiceHandler.java b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServiceHandler.java index b621e1dced..6527dcec0a 100644 --- a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServiceHandler.java +++ b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServiceHandler.java @@ -34,7 +34,7 @@ import java.io.InputStream; -interface ServiceHandler { +public interface ServiceHandler { boolean shouldVerifyAccess(); diff --git a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServiceHandlerLoader.java b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServiceHandlerLoader.java index 01b21081b1..1ab5586be8 100644 --- a/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServiceHandlerLoader.java +++ b/src/proxy/core/src/main/java/ee/ria/xroad/proxy/serverproxy/ServiceHandlerLoader.java @@ -25,26 +25,22 @@ */ package ee.ria.xroad.proxy.serverproxy; -import ee.ria.xroad.common.conf.globalconf.GlobalConfProvider; -import ee.ria.xroad.common.conf.serverconf.ServerConfProvider; +import lombok.RequiredArgsConstructor; +import org.springframework.context.ApplicationContext; -final class ServiceHandlerLoader { +import java.util.Collection; - private ServiceHandlerLoader() { - } +@RequiredArgsConstructor +public final class ServiceHandlerLoader { + + private final ApplicationContext applicationContext; - static ServiceHandler load(String className, ServerConfProvider serverConfProvider, GlobalConfProvider globalConfProvider) { - try { - Class clazz = Class.forName(className); - if (!AbstractServiceHandler.class.isAssignableFrom(clazz)) { - throw new RuntimeException("Failed to load service handler. Handler must implement AbstractServiceHandler: " + className); - } + public Collection loadSoapServiceHandlers() { + return applicationContext.getBeansOfType(ServiceHandler.class).values(); + } - return (ServiceHandler) clazz.getDeclaredConstructor(ServerConfProvider.class, GlobalConfProvider.class) - .newInstance(serverConfProvider, globalConfProvider); - } catch (Exception e) { - throw new RuntimeException("Failed to load service handler: " + className, e); - } + public Collection loadRestServiceHandlers() { + return applicationContext.getBeansOfType(RestServiceHandler.class).values(); } } diff --git a/src/proxy/core/src/main/java/org/niis/xroad/proxy/configuration/ProxyClientConfig.java b/src/proxy/core/src/main/java/org/niis/xroad/proxy/configuration/ProxyClientConfig.java index ae4f15604a..31cfe9876d 100644 --- a/src/proxy/core/src/main/java/org/niis/xroad/proxy/configuration/ProxyClientConfig.java +++ b/src/proxy/core/src/main/java/org/niis/xroad/proxy/configuration/ProxyClientConfig.java @@ -29,6 +29,7 @@ import ee.ria.xroad.common.cert.CertChainFactory; import ee.ria.xroad.common.conf.globalconf.GlobalConfProvider; import ee.ria.xroad.common.conf.serverconf.ServerConfProvider; +import ee.ria.xroad.proxy.clientproxy.AbstractClientProxyHandler; import ee.ria.xroad.proxy.clientproxy.AuthTrustVerifier; import ee.ria.xroad.proxy.clientproxy.ClientProxy; import ee.ria.xroad.proxy.clientproxy.ClientRestMessageHandler; @@ -59,6 +60,10 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.core.Ordered; +import org.springframework.core.annotation.Order; + +import java.util.List; @Slf4j @Configuration @@ -66,20 +71,15 @@ public class ProxyClientConfig { @Bean ClientProxy clientProxy(ProxyProperties proxyProperties, - @Qualifier("proxyHttpClient") HttpClient httpClient, - ClientRestMessageHandler clientRestMessageHandler, - ClientSoapMessageHandler clientSoapMessageHandler, - GlobalConfProvider globalConfProvider, - KeyConfProvider keyConfProvider, - ServerConfProvider serverConfProvider, - CertChainFactory certChainFactory, - AuthTrustVerifier authTrustVerifier) throws Exception { - return new ClientProxy(proxyProperties.getClientProxy(), httpClient, clientRestMessageHandler, clientSoapMessageHandler, - globalConfProvider, keyConfProvider, serverConfProvider, certChainFactory, authTrustVerifier); + List clientProxyHandlers, + ServerConfProvider serverConfProvider) throws Exception { + return new ClientProxy(proxyProperties.getClientProxy(), + clientProxyHandlers, serverConfProvider); } @Bean - ClientRestMessageHandler clientRestMessageHandler(GlobalConfProvider globalConfProvider, + @Order(Ordered.HIGHEST_PRECEDENCE) + AbstractClientProxyHandler clientRestMessageHandler(GlobalConfProvider globalConfProvider, KeyConfProvider keyConfProvider, ServerConfProvider serverConfProvider, CertChainFactory certChainFactory, @@ -90,7 +90,9 @@ ClientRestMessageHandler clientRestMessageHandler(GlobalConfProvider globalConfP } @Bean - ClientSoapMessageHandler clientSoapMessageHandler(GlobalConfProvider globalConfProvider, + // soap handler must be the last handler in the list. + @Order(Ordered.LOWEST_PRECEDENCE) + AbstractClientProxyHandler clientSoapMessageHandler(GlobalConfProvider globalConfProvider, KeyConfProvider keyConfProvider, ServerConfProvider serverConfProvider, CertChainFactory certChainFactory, diff --git a/src/proxy/core/src/main/java/org/niis/xroad/proxy/configuration/ProxyConfig.java b/src/proxy/core/src/main/java/org/niis/xroad/proxy/configuration/ProxyConfig.java index 67841a7c44..5be965efc6 100644 --- a/src/proxy/core/src/main/java/org/niis/xroad/proxy/configuration/ProxyConfig.java +++ b/src/proxy/core/src/main/java/org/niis/xroad/proxy/configuration/ProxyConfig.java @@ -45,8 +45,10 @@ import ee.ria.xroad.proxy.conf.CachingKeyConfImpl; import ee.ria.xroad.proxy.conf.KeyConfProvider; import ee.ria.xroad.proxy.conf.SigningCtxProvider; +import ee.ria.xroad.proxy.opmonitoring.NullOpMonitoringBuffer; import ee.ria.xroad.proxy.opmonitoring.OpMonitoring; import ee.ria.xroad.proxy.serverproxy.ServerProxy; +import ee.ria.xroad.proxy.serverproxy.ServiceHandlerLoader; import ee.ria.xroad.proxy.util.CertHashBasedOcspResponder; import ee.ria.xroad.proxy.util.CertHashBasedOcspResponderClient; import ee.ria.xroad.signer.SignerClientConfiguration; @@ -55,7 +57,9 @@ import org.niis.xroad.common.rpc.server.RpcServerConfig; import org.niis.xroad.confclient.proto.ConfClientRpcClientConfiguration; import org.niis.xroad.proxy.ProxyProperties; +import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; import org.springframework.boot.context.properties.EnableConfigurationProperties; +import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.Configuration; @@ -108,9 +112,15 @@ ServerProxy serverProxy(ProxyProperties proxyProperties, GlobalConfProvider globalConfProvider, KeyConfProvider keyConfProvider, ServerConfProvider serverConfProvider, - CertChainFactory certChainFactory) throws Exception { + CertChainFactory certChainFactory, + ServiceHandlerLoader serviceHandlerLoader) throws Exception { return new ServerProxy(proxyProperties.getServer(), antiDosConfiguration, - globalConfProvider, keyConfProvider, serverConfProvider, certChainFactory); + globalConfProvider, keyConfProvider, serverConfProvider, certChainFactory, serviceHandlerLoader); + } + + @Bean + ServiceHandlerLoader serviceHandlerLoader(ApplicationContext applicationContext) { + return new ServiceHandlerLoader(applicationContext); } @Bean @@ -125,8 +135,14 @@ CertHashBasedOcspResponderClient certHashBasedOcspResponderClient(ProxyPropertie } @Bean - AbstractOpMonitoringBuffer opMonitoringBuffer(ServerConfProvider serverConfProvider) throws Exception { - return OpMonitoring.init(serverConfProvider); + OpMonitoring opMonitoringBuffer(AbstractOpMonitoringBuffer opMonitoringBuffer) throws Exception { + return OpMonitoring.init(opMonitoringBuffer); + } + + @Bean + @ConditionalOnMissingBean + AbstractOpMonitoringBuffer nullOpMonitoringBuffer(ServerConfProvider serverConfProvider) { + return new NullOpMonitoringBuffer(serverConfProvider); } @Bean diff --git a/src/proxy/core/src/test/java/ee/ria/xroad/proxy/serverproxy/ServerProxyHandlerTest.java b/src/proxy/core/src/test/java/ee/ria/xroad/proxy/serverproxy/ServerProxyHandlerTest.java index c54bbd1549..0929b69c7c 100644 --- a/src/proxy/core/src/test/java/ee/ria/xroad/proxy/serverproxy/ServerProxyHandlerTest.java +++ b/src/proxy/core/src/test/java/ee/ria/xroad/proxy/serverproxy/ServerProxyHandlerTest.java @@ -56,7 +56,7 @@ public void shouldExecuteClientProxyVersionCheck() throws Exception { var certChainFactory = mock(CertChainFactory.class); ServerProxyHandler serverProxyHandler = new ServerProxyHandler(mock(ProxyProperties.ServerProperties.class), globalConfProvider, keyConfProvider, serverConfProvider, - certChainFactory, mock(HttpClient.class), mock(HttpClient.class)); + certChainFactory, mock(HttpClient.class), mock(HttpClient.class), mock(ServiceHandlerLoader.class)); try ( var checkMock = mockStatic(ClientProxyVersionVerifier.class) diff --git a/src/security-server/admin-service/application/src/main/java/org/niis/xroad/securityserver/restapi/wsdl/WsdlValidator.java b/src/security-server/admin-service/application/src/main/java/org/niis/xroad/securityserver/restapi/wsdl/WsdlValidator.java index 434df4fbed..2a42dd9006 100644 --- a/src/security-server/admin-service/application/src/main/java/org/niis/xroad/securityserver/restapi/wsdl/WsdlValidator.java +++ b/src/security-server/admin-service/application/src/main/java/org/niis/xroad/securityserver/restapi/wsdl/WsdlValidator.java @@ -25,15 +25,14 @@ */ package org.niis.xroad.securityserver.restapi.wsdl; -import ee.ria.xroad.common.SystemProperties; import ee.ria.xroad.common.util.process.ExternalProcessRunner; import ee.ria.xroad.common.util.process.ProcessFailedException; import ee.ria.xroad.common.util.process.ProcessNotExecutableException; -import lombok.Getter; import lombok.extern.slf4j.Slf4j; import org.niis.xroad.restapi.exceptions.ErrorDeviation; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; import org.springframework.util.StringUtils; @@ -49,41 +48,45 @@ @Component public class WsdlValidator { private final ExternalProcessRunner externalProcessRunner; - @Getter private final String wsdlValidatorCommand; + private final boolean wsdlValidatorEnabled; @Autowired - public WsdlValidator(ExternalProcessRunner externalProcessRunner) { + public WsdlValidator(ExternalProcessRunner externalProcessRunner, + @Value("${xroad.proxy-ui-api.addon.wsdl-validator.enabled:false}") boolean enabled, + @Value("${xroad.proxy-ui-api.addon.wsdl-validator.command:}") String wsdlValidatorCommand) { this.externalProcessRunner = externalProcessRunner; - this.wsdlValidatorCommand = SystemProperties.getWsdlValidatorCommand(); + this.wsdlValidatorEnabled = enabled; + this.wsdlValidatorCommand = wsdlValidatorCommand; } /** * validate WSDL with user selected validator + * * @param wsdlUrl * @return List of validation warnings that could be ignored by choice * @throws WsdlValidatorNotExecutableException when validator is not found or - * there are errors (not warnings, cant be ignored) when trying to execute the validator - * @throws WsdlValidationFailedException when validation itself fails. - * @throws InterruptedException if the thread running the validator is interrupted. The interrupted thread has - * already been handled with so you can choose to ignore this exception if you so please. + * there are errors (not warnings, cant be ignored) when trying to execute the validator + * @throws WsdlValidationFailedException when validation itself fails. + * @throws InterruptedException if the thread running the validator is interrupted. The interrupted thread has + * already been handled with so you can choose to ignore this exception + * if you so please. */ public List executeValidator(String wsdlUrl) throws WsdlValidatorNotExecutableException, WsdlValidationFailedException, InterruptedException { List warnings = new ArrayList<>(); // validator not set - this is ok since validator is optional - if (StringUtils.isEmpty(getWsdlValidatorCommand())) { - log.warn("Skipping WSDL validator, command not set"); + if (!this.wsdlValidatorEnabled || !StringUtils.hasText(wsdlValidatorCommand)) { + log.warn("Skipping WSDL validator, addon disabled or command not set"); return warnings; } - - if (StringUtils.isEmpty(wsdlUrl)) { + if (!StringUtils.hasText(wsdlUrl)) { throw new IllegalArgumentException("wsdl url cannot be null or empty"); } try { ExternalProcessRunner.ProcessResult processResult = externalProcessRunner - .executeAndThrowOnFailure(getWsdlValidatorCommand(), wsdlUrl); + .executeAndThrowOnFailure(wsdlValidatorCommand, wsdlUrl); logValidatorOutput(processResult.getProcessOutput()); return processResult.getProcessOutput(); diff --git a/src/security-server/admin-service/application/src/main/resources/application.yml b/src/security-server/admin-service/application/src/main/resources/application.yml index a089ed0ed0..4e1ead8e5e 100644 --- a/src/security-server/admin-service/application/src/main/resources/application.yml +++ b/src/security-server/admin-service/application/src/main/resources/application.yml @@ -70,6 +70,10 @@ xroad: request-size-limit-binary-upload: 10MB authentication-key-algorithm: RSA signing-key-algorithm: RSA + addon: + wsdl-validator: + enabled: false + command: /usr/share/xroad/wsdl-validator/bin/wsdlvalidator_wrapper.sh common: serverconf: cache-period: 60 diff --git a/src/security-server/admin-service/application/src/test/java/org/niis/xroad/securityserver/restapi/openapi/AbstractApiControllerTestContext.java b/src/security-server/admin-service/application/src/test/java/org/niis/xroad/securityserver/restapi/openapi/AbstractApiControllerTestContext.java index e3c7b5cffe..48aa14380d 100644 --- a/src/security-server/admin-service/application/src/test/java/org/niis/xroad/securityserver/restapi/openapi/AbstractApiControllerTestContext.java +++ b/src/security-server/admin-service/application/src/test/java/org/niis/xroad/securityserver/restapi/openapi/AbstractApiControllerTestContext.java @@ -56,7 +56,6 @@ import org.niis.xroad.securityserver.restapi.service.UrlValidator; import org.niis.xroad.securityserver.restapi.service.VersionService; import org.niis.xroad.securityserver.restapi.util.TestUtils; -import org.niis.xroad.securityserver.restapi.wsdl.WsdlValidator; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.boot.test.mock.mockito.MockBean; import org.springframework.boot.test.mock.mockito.SpyBean; @@ -130,8 +129,6 @@ public abstract class AbstractApiControllerTestContext extends AbstractFacadeMoc @SpyBean MailService mailService; @SpyBean - WsdlValidator wsdlValidator; - @SpyBean MockableAuditEventLoggingFacade auditEventLoggingFacade; @SpyBean PossibleActionsRuleEngine possibleActionsRuleEngine; diff --git a/src/security-server/admin-service/application/src/test/java/org/niis/xroad/securityserver/restapi/openapi/ClientsApiControllerIntegrationTest.java b/src/security-server/admin-service/application/src/test/java/org/niis/xroad/securityserver/restapi/openapi/ClientsApiControllerIntegrationTest.java index c7b5882e8e..bd696091f5 100644 --- a/src/security-server/admin-service/application/src/test/java/org/niis/xroad/securityserver/restapi/openapi/ClientsApiControllerIntegrationTest.java +++ b/src/security-server/admin-service/application/src/test/java/org/niis/xroad/securityserver/restapi/openapi/ClientsApiControllerIntegrationTest.java @@ -145,7 +145,6 @@ public void setup() throws Exception { when(globalConfProvider.getMembers()).thenReturn(new ArrayList<>(members)); List mockTokens = createMockTokenInfos(); doReturn(mockTokens).when(tokenService).getAllTokens(); - when(wsdlValidator.getWsdlValidatorCommand()).thenReturn("src/test/resources/validator/mock-wsdlvalidator.sh"); when(globalConfProvider.getGlobalGroups()).thenReturn(globalGroupInfos); when(globalConfProvider.getGlobalGroups(any(String[].class))).thenReturn(globalGroupInfos); when(globalConfProvider.getInstanceIdentifier()).thenReturn(TestUtils.INSTANCE_FI); diff --git a/src/security-server/admin-service/application/src/test/java/org/niis/xroad/securityserver/restapi/wsdl/WsdlValidatorTest.java b/src/security-server/admin-service/application/src/test/java/org/niis/xroad/securityserver/restapi/wsdl/WsdlValidatorTest.java index 39f5e0b733..8f5b74a1c5 100644 --- a/src/security-server/admin-service/application/src/test/java/org/niis/xroad/securityserver/restapi/wsdl/WsdlValidatorTest.java +++ b/src/security-server/admin-service/application/src/test/java/org/niis/xroad/securityserver/restapi/wsdl/WsdlValidatorTest.java @@ -28,10 +28,8 @@ import ee.ria.xroad.common.util.process.ExternalProcessRunner; import org.junit.Assert; -import org.junit.Before; import org.junit.Test; import org.niis.xroad.restapi.exceptions.DeviationCodes; -import org.springframework.test.util.ReflectionTestUtils; import java.util.ArrayList; import java.util.Collections; @@ -51,18 +49,13 @@ public class WsdlValidatorTest { public static final String MOCK_VALIDATOR = "src/test/resources/validator/mock-wsdlvalidator.sh"; public static final String FOOBAR_VALIDATOR = "/bin/foobar-validator"; - private WsdlValidator wsdlValidator = new WsdlValidator(new ExternalProcessRunner()); - - @Before - public void setup() { - ReflectionTestUtils.setField(wsdlValidator, "wsdlValidatorCommand", MOCK_VALIDATOR); - } + private final WsdlValidator wsdlValidator = new WsdlValidator(new ExternalProcessRunner(), true, MOCK_VALIDATOR); @Test public void validatorNotExecutable() throws Exception { - ReflectionTestUtils.setField(wsdlValidator, "wsdlValidatorCommand", FOOBAR_VALIDATOR); + WsdlValidator testWsdlValidator = new WsdlValidator(new ExternalProcessRunner(), true, FOOBAR_VALIDATOR); try { - wsdlValidator.executeValidator("src/test/resources/wsdl/error.wsdl"); + testWsdlValidator.executeValidator("src/test/resources/wsdl/error.wsdl"); fail("should have thrown WsdlValidationException"); } catch (WsdlValidator.WsdlValidatorNotExecutableException expected) { } diff --git a/src/security-server/admin-service/application/src/test/resources/application.yml b/src/security-server/admin-service/application/src/test/resources/application.yml index 430a69e9cd..279584b77e 100644 --- a/src/security-server/admin-service/application/src/test/resources/application.yml +++ b/src/security-server/admin-service/application/src/test/resources/application.yml @@ -78,6 +78,10 @@ xroad: request-size-limit-binary-upload: 10MB authentication-key-algorithm: RSA signing-key-algorithm: RSA + addon: + wsdl-validator: + enabled: true + command: src/test/resources/validator/mock-wsdlvalidator.sh file-upload-endpoints: endpoint-definitions: diff --git a/src/security-server/ds/extensions/data-plane/xroad-data-plane-public-api/src/main/java/org/niis/xroad/edc/extension/dataplane/api/XrdDataPlaneProxyApiController.java b/src/security-server/ds/extensions/data-plane/xroad-data-plane-public-api/src/main/java/org/niis/xroad/edc/extension/dataplane/api/XrdDataPlaneProxyApiController.java index c61e227615..9215ff3507 100644 --- a/src/security-server/ds/extensions/data-plane/xroad-data-plane-public-api/src/main/java/org/niis/xroad/edc/extension/dataplane/api/XrdDataPlaneProxyApiController.java +++ b/src/security-server/ds/extensions/data-plane/xroad-data-plane-public-api/src/main/java/org/niis/xroad/edc/extension/dataplane/api/XrdDataPlaneProxyApiController.java @@ -125,7 +125,8 @@ private Response handle(ContainerRequestContext requestContext) throws Exception return error(UNAUTHORIZED, "Missing Authorization Header"); } var requestMessage = new ProxyMessage(requestContext.getHeaderString(HEADER_ORIGINAL_CONTENT_TYPE)); - var decoder = new ProxyMessageDecoder(globalConfProvider, requestMessage, requestContext.getMediaType().toString(), false, getHashAlgoId(requestContext)); + var decoder = new ProxyMessageDecoder(globalConfProvider, requestMessage, requestContext.getMediaType().toString(), + false, getHashAlgoId(requestContext)); decoder.parse(requestContext.getEntityStream()); var sourceDataAddress = authorizationService.authorize(token, buildRequestData(requestContext, requestMessage)); @@ -140,7 +141,8 @@ private Response handle(ContainerRequestContext requestContext) throws Exception } } - private MessageProcessorBase getMessageProcessor(ContainerRequestContext requestContext, ProxyMessage requestMessage, ProxyMessageDecoder decoder) throws Exception { + private MessageProcessorBase getMessageProcessor(ContainerRequestContext requestContext, ProxyMessage requestMessage, + ProxyMessageDecoder decoder) throws Exception { var isRestRequest = VALUE_MESSAGE_TYPE_REST.equals(requestContext.getHeaderString(HEADER_MESSAGE_TYPE)); var xRequestId = requestContext.getHeaderString(HEADER_REQUEST_ID); if (isRestRequest) { diff --git a/src/security-server/ds/extensions/data-plane/xroad-data-plane-public-api/src/main/java/org/niis/xroad/edc/extension/dataplane/api/legacy/SoapMessageProcessor.java b/src/security-server/ds/extensions/data-plane/xroad-data-plane-public-api/src/main/java/org/niis/xroad/edc/extension/dataplane/api/legacy/SoapMessageProcessor.java index d5a3dd8b8b..2d579f3580 100644 --- a/src/security-server/ds/extensions/data-plane/xroad-data-plane-public-api/src/main/java/org/niis/xroad/edc/extension/dataplane/api/legacy/SoapMessageProcessor.java +++ b/src/security-server/ds/extensions/data-plane/xroad-data-plane-public-api/src/main/java/org/niis/xroad/edc/extension/dataplane/api/legacy/SoapMessageProcessor.java @@ -114,7 +114,8 @@ public SoapMessageProcessor(ProxyMessage requestMessage, @Override public Response process() throws Exception { - responseSigningCtx = SigningCtxProvider.getSigningCtx(requestMessage.getSoap().getService().getClientId(), globalConfProvider, keyConfProvider); + responseSigningCtx = SigningCtxProvider.getSigningCtx(requestMessage.getSoap().getService().getClientId(), + globalConfProvider, keyConfProvider); DefaultServiceHandlerImpl handler = new DefaultServiceHandlerImpl(); diff --git a/src/security-server/ds/extensions/data-plane/xroad-policy/src/main/java/org/niis/xroad/edc/extension/policy/dataplane/XrdDataPlaneAccessControlService.java b/src/security-server/ds/extensions/data-plane/xroad-policy/src/main/java/org/niis/xroad/edc/extension/policy/dataplane/XrdDataPlaneAccessControlService.java index 8f061baadc..dced4b5aa2 100644 --- a/src/security-server/ds/extensions/data-plane/xroad-policy/src/main/java/org/niis/xroad/edc/extension/policy/dataplane/XrdDataPlaneAccessControlService.java +++ b/src/security-server/ds/extensions/data-plane/xroad-policy/src/main/java/org/niis/xroad/edc/extension/policy/dataplane/XrdDataPlaneAccessControlService.java @@ -43,6 +43,7 @@ import org.eclipse.edc.spi.result.Result; import org.eclipse.edc.spi.types.domain.DataAddress; import org.eclipse.edc.transform.spi.TypeTransformerRegistry; +import org.eclipse.jetty.http.HttpStatus; import org.niis.xroad.edc.extension.policy.dataplane.util.PolicyContextData; import java.io.IOException; @@ -90,7 +91,7 @@ private Result getContractAgreement(String contractId) { var request = new Request.Builder().url(contractAgreementApiUrl + "/" + contractId).build(); try (var response = httpClient.execute(request)) { - if (response.code() != 200) { + if (response.code() != HttpStatus.OK_200) { return Result.failure(format("Error getting contract agreement with id: %s. HTTP Code was: %s", contractId, response.code())); } diff --git a/src/security-server/system-test/src/intTest/resources/container-files/etc/xroad/conf.d/local.ini b/src/security-server/system-test/src/intTest/resources/container-files/etc/xroad/conf.d/local.ini index 52ea5d0438..b376a7026d 100644 --- a/src/security-server/system-test/src/intTest/resources/container-files/etc/xroad/conf.d/local.ini +++ b/src/security-server/system-test/src/intTest/resources/container-files/etc/xroad/conf.d/local.ini @@ -3,7 +3,7 @@ rate-limit-enabled=true rate-limit-requests-per-second=100 rate-limit-requests-per-minute=1000 acme-challenge-port-enabled=true -wsdl-validator-command = /usr/share/xroad/wsdlvalidator/bin/wsdlvalidator_wrapper.sh +wsdl-validator-command = /usr/share/xroad/wsdl-validator/bin/wsdlvalidator_wrapper.sh [proxy] backup-encryption-enabled = true backup-encryption-keyids = "backup.key1@example.org, backup.key2@example.org, backup.key3@example.org" diff --git a/src/security-server/tools/migration-cli/src/main/java/org/niis/xroad/configuration/migration/LegacyConfigPathMapping.java b/src/security-server/tools/migration-cli/src/main/java/org/niis/xroad/configuration/migration/LegacyConfigPathMapping.java index d0f5e31b55..1cd9cee423 100644 --- a/src/security-server/tools/migration-cli/src/main/java/org/niis/xroad/configuration/migration/LegacyConfigPathMapping.java +++ b/src/security-server/tools/migration-cli/src/main/java/org/niis/xroad/configuration/migration/LegacyConfigPathMapping.java @@ -70,6 +70,8 @@ public class LegacyConfigPathMapping { MAPPING.put("proxy.server-conf-client-cache-size", "common.server-conf.client-cache-size"); MAPPING.put("proxy.server-conf-service-cache-size", "common.server-conf.service-cache-size"); MAPPING.put("proxy.server-conf-acl-cache-size", "common.server-conf.acl-cache-size"); + + MAPPING.put("proxy-ui-api.wsdl-validator-command", "proxy-ui-api.addon.wsdl-validator.command"); } String map(String oldPath) { diff --git a/src/signer/application/build.gradle b/src/signer/application/build.gradle index 37319342d9..3f16829d77 100644 --- a/src/signer/application/build.gradle +++ b/src/signer/application/build.gradle @@ -9,6 +9,8 @@ dependencies { implementation project(':common:common-rpc') implementation project(':signer:core') + implementation project(':addons:hwtoken') + testImplementation(libs.springBoot.starterTest) } diff --git a/src/common/common-messagelog/src/main/java/ee/ria/xroad/common/messagelog/MessageLogDbContextHolder.java b/src/signer/application/src/main/java/ee/ria/xroad/signer/SignerAddonsConfig.java similarity index 67% rename from src/common/common-messagelog/src/main/java/ee/ria/xroad/common/messagelog/MessageLogDbContextHolder.java rename to src/signer/application/src/main/java/ee/ria/xroad/signer/SignerAddonsConfig.java index eba2dae1db..f6a73607cf 100644 --- a/src/common/common-messagelog/src/main/java/ee/ria/xroad/common/messagelog/MessageLogDbContextHolder.java +++ b/src/signer/application/src/main/java/ee/ria/xroad/signer/SignerAddonsConfig.java @@ -25,29 +25,25 @@ * THE SOFTWARE. */ -package ee.ria.xroad.common.messagelog; +package ee.ria.xroad.signer; -import ee.ria.xroad.common.db.DatabaseCtxV2; +import ee.ria.xroad.signer.tokenmanager.module.AbstractModuleManager; +import ee.ria.xroad.signer.tokenmanager.module.HardwareModuleManagerImpl; -import lombok.experimental.UtilityClass; +import lombok.extern.slf4j.Slf4j; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; -import java.util.Objects; +@Configuration +@Slf4j +class SignerAddonsConfig { -/** - * Workaround to access MessageLog database context. - */ -@UtilityClass -public class MessageLogDbContextHolder { - private static DatabaseCtxV2 databaseCtx; - - - public static void set(DatabaseCtxV2 dbCtx) { - databaseCtx = dbCtx; - } - - public static DatabaseCtxV2 instance() { - Objects.requireNonNull(databaseCtx, "MessageLog database context not initialized"); - return databaseCtx; + @Bean + @ConditionalOnProperty(name = "xroad.signer.addon.hwtoken.enabled", havingValue = "true") + AbstractModuleManager hardwareModuleManager() { + log.info("Hardware token manager enabled."); + return new HardwareModuleManagerImpl(); } } diff --git a/src/signer/application/src/main/java/ee/ria/xroad/signer/SignerMain.java b/src/signer/application/src/main/java/ee/ria/xroad/signer/SignerMain.java index a9d3bc6831..9813bed3cb 100644 --- a/src/signer/application/src/main/java/ee/ria/xroad/signer/SignerMain.java +++ b/src/signer/application/src/main/java/ee/ria/xroad/signer/SignerMain.java @@ -43,7 +43,7 @@ public class SignerMain { private static final String APP_NAME = "signer"; public static void main(String[] args) { - XrdSpringServiceBuilder.newApplicationBuilder(APP_NAME, SignerMain.class, SignerConfig.class) + XrdSpringServiceBuilder.newApplicationBuilder(APP_NAME, SignerAddonsConfig.class, SignerMain.class, SignerConfig.class) .build() .run(args); } diff --git a/src/signer/core/build.gradle b/src/signer/core/build.gradle index c1b632d3fe..226bd45d30 100644 --- a/src/signer/core/build.gradle +++ b/src/signer/core/build.gradle @@ -78,6 +78,7 @@ xjc.dependsOn createDirs compileJava.dependsOn xjc tasks.register('intTest', Test) { + dependsOn(':signer:application:bootJar') useJUnitPlatform() setDescription("Runs integration tests.") diff --git a/src/signer/core/src/intTest/java/org/niis/xroad/signer/test/container/ContainerSetup.java b/src/signer/core/src/intTest/java/org/niis/xroad/signer/test/container/ContainerSetup.java index cbf1155c00..c6d3be59b8 100644 --- a/src/signer/core/src/intTest/java/org/niis/xroad/signer/test/container/ContainerSetup.java +++ b/src/signer/core/src/intTest/java/org/niis/xroad/signer/test/container/ContainerSetup.java @@ -40,8 +40,7 @@ public class ContainerSetup extends BaseTestSignerSetup { public TestContainerConfigurator testContainerConfigurator( TestableContainerProperties testableContainerProperties) { return super.testContainerConfigurator(testableContainerProperties, - "../application/build/libs/signer-1.0.jar", - "../../addons/hwtoken/build/libs/hwtoken-1.0.jar"); + "../application/build/libs/signer-1.0.jar"); } @Bean diff --git a/src/signer/core/src/main/java/ee/ria/xroad/signer/SignerConfig.java b/src/signer/core/src/main/java/ee/ria/xroad/signer/SignerConfig.java index 2c4e9c7603..37739952da 100644 --- a/src/signer/core/src/main/java/ee/ria/xroad/signer/SignerConfig.java +++ b/src/signer/core/src/main/java/ee/ria/xroad/signer/SignerConfig.java @@ -38,6 +38,7 @@ import ee.ria.xroad.signer.tokenmanager.module.DefaultModuleManagerImpl; import lombok.extern.slf4j.Slf4j; +import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.Condition; @@ -63,20 +64,13 @@ "ee.ria.xroad.signer.certmanager"}) @Configuration public class SignerConfig { - private static final String MODULE_MANAGER_IMPL_CLASS = SystemProperties.PREFIX + "signer.moduleManagerImpl"; static final int OCSP_SCHEDULER_BEAN_ORDER = Ordered.LOWEST_PRECEDENCE - 100; - @Bean("moduleManager") + @Bean + @ConditionalOnMissingBean AbstractModuleManager moduleManager() { - final String moduleManagerImplClassName = System.getProperty(MODULE_MANAGER_IMPL_CLASS, DefaultModuleManagerImpl.class.getName()); - log.debug("Using module manager implementation: {}", moduleManagerImplClassName); - - try { - var clazz = Class.forName(moduleManagerImplClassName); - return (AbstractModuleManager) clazz.getDeclaredConstructor().newInstance(); - } catch (Exception e) { - throw new RuntimeException("Could not load module manager impl: " + moduleManagerImplClassName, e); - } + log.debug("Using default module manager implementation"); + return new DefaultModuleManagerImpl(); } @Bean