Feature/authentication

pom.xml

@@ -36,6 +36,29 @@
         </dependency>
     </dependencies>
 
+    <repositories>
+        <repository>
+            <id>ossrh</id>
+            <url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
+            <releases>
+                <enabled>true</enabled>
+            </releases>
+            <snapshots>
+                <enabled>false</enabled>
+            </snapshots>
+        </repository>
+        <repository>
+            <id>ossrh-snapshot</id>
+            <url>https://oss.sonatype.org/content/repositories/snapshots</url>
+            <releases>
+                <enabled>false</enabled>
+            </releases>
+            <snapshots>
+                <enabled>true</enabled>
+            </snapshots>
+        </repository>
+    </repositories>
+
 <!--    <build>-->
 <!--        <plugins>-->
 <!--            <plugin>-->

storeroom/pom.xml

@@ -55,6 +55,13 @@
             <artifactId>modelmapper</artifactId>
             <version>2.3.0</version>
         </dependency>
+        <!--Biosample AAP client-->
+        <dependency>
+            <groupId>uk.ac.ebi.tsc.aap.client</groupId>
+            <artifactId>security</artifactId>
+            <version>2.0.1-SNAPSHOT</version>
+        </dependency>
+
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-test</artifactId>
@@ -66,6 +73,11 @@
                 </exclusion>
             </exclusions>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-test</artifactId>
+            <scope>test</scope>
+        </dependency>
         <dependency>
             <groupId>org.springframework.restdocs</groupId>
             <artifactId>spring-restdocs-mockmvc</artifactId>

storeroom/src/main/java/uk/ac/ebi/biosamples/jsonschema/jsonschemastore/auth/BioSamplesAAPWebSecurityConfig.java

@@ -0,0 +1,70 @@
+package uk.ac.ebi.biosamples.jsonschema.jsonschemastore.auth;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.core.annotation.Order;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.stereotype.Component;
+import uk.ac.ebi.tsc.aap.client.security.AAPWebSecurityAutoConfiguration.AAPWebSecurityConfig;
+import uk.ac.ebi.tsc.aap.client.security.StatelessAuthenticationEntryPoint;
+import uk.ac.ebi.tsc.aap.client.security.StatelessAuthenticationFilter;
+import uk.ac.ebi.tsc.aap.client.security.TokenAuthenticationService;
+
+@Slf4j
+@Component
+@Order(99)
+public class BioSamplesAAPWebSecurityConfig extends AAPWebSecurityConfig {
+
+  // private static final String ROLE_SELF_JSON_SCHEMA_STORE = "ROLE_self.json-schema-store";
+  private final StatelessAuthenticationEntryPoint unauthorizedHandler;
+
+  private final TokenAuthenticationService tokenAuthenticationService;
+
+  @Value("${aap.schemaAuthority}")
+  private String schemaAuthority;
+
+  public BioSamplesAAPWebSecurityConfig(
+      StatelessAuthenticationEntryPoint unauthorizedHandler,
+      TokenAuthenticationService tokenAuthenticationService) {
+    this.unauthorizedHandler = unauthorizedHandler;
+    this.tokenAuthenticationService = tokenAuthenticationService;
+  }
+
+  private StatelessAuthenticationFilter statelessAuthenticationFilterBean() throws Exception {
+    return new StatelessAuthenticationFilter(this.tokenAuthenticationService);
+  }
+
+  @Override
+  protected void configure(HttpSecurity httpSecurity) throws Exception {
+    httpSecurity
+        // we don't need CSRF because our token is invulnerable
+        .csrf()
+        .disable()
+        .exceptionHandling()
+        .authenticationEntryPoint(unauthorizedHandler)
+        .and()
+        .authorizeRequests()
+        .antMatchers("/api/v1/schemas", "/api/v1/schemas/**")
+        // adding Authority to request for schema
+        .hasAuthority(schemaAuthority)
+        .and()
+        // don't create session
+        .sessionManagement()
+        .sessionCreationPolicy(SessionCreationPolicy.STATELESS);
+
+    httpSecurity.addFilterBefore(
+        statelessAuthenticationFilterBean(), UsernamePasswordAuthenticationFilter.class);
+
+    // disable the no-cache header injectection, we'll manage this ourselves
+    httpSecurity.headers().cacheControl().disable();
+  }
+
+  @Autowired
+  public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+    auth.userDetailsService(userDetailsService());
+  }
+}

storeroom/src/main/resources/application-dev.yml

@@ -17,3 +17,13 @@ management:
 # Elixir Validator
 elixirValidator:
   hostUrl: http://localhost:3000/validate
+
+# BioSample AAP Conf
+aap:
+  url: https://explore.api.aai.ebi.ac.uk
+  schemaAuthority: ROLE_self.json-schema-store
+jwt:
+  certificate: https://explore.api.aai.ebi.ac.uk/meta/public.der
+#aap-client:
+#  cors:
+#    enabled: true

storeroom/src/main/resources/application-docker.yml

@@ -17,3 +17,10 @@ management:
 # Elixir Validator
 elixirValidator:
   hostUrl: http://validator:3020/validate
+
+# BioSample AAP Conf
+aap:
+  url: https://explore.api.aai.ebi.ac.uk
+  schemaAuthority: ROLE_self.json-schema-store
+jwt:
+  certificate: https://explore.api.aai.ebi.ac.uk/meta/public.der

storeroom/src/main/resources/application-test.yml

@@ -10,3 +10,10 @@ spring:
 # Elixir Validator
 elixirValidator:
   hostUrl: http://localhost:3000/validate
+
+# BioSample AAP Conf
+aap:
+  url: https://explore.api.aai.ebi.ac.uk
+  schemaAuthority: ROLE_self.json-schema-store
+jwt:
+  certificate: https://explore.api.aai.ebi.ac.uk/meta/public.der

storeroom/src/test/java/uk/ac/ebi/biosamples/jsonschema/jsonschemastore/integration/schema/resource/SchemaBlockControllerIntegrateFastTest.java

@@ -0,0 +1,101 @@
+package uk.ac.ebi.biosamples.jsonschema.jsonschemastore.integration.schema.resource;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.modelmapper.ModelMapper;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.MvcResult;
+import org.springframework.test.web.servlet.RequestBuilder;
+import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import uk.ac.ebi.biosamples.jsonschema.jsonschemastore.dto.SchemaBlockDocument;
+import uk.ac.ebi.biosamples.jsonschema.jsonschemastore.integration.util.AppClientHelper;
+import uk.ac.ebi.biosamples.jsonschema.jsonschemastore.integration.util.SchemaBlockFactoryUtil;
+import uk.ac.ebi.biosamples.jsonschema.jsonschemastore.schema.document.SchemaBlock;
+import uk.ac.ebi.biosamples.jsonschema.jsonschemastore.schema.repository.SchemaBlockRepository;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+@SpringBootTest
+@AutoConfigureMockMvc
+@ActiveProfiles(profiles = "test")
+class SchemaBlockControllerIntegrateFastTest {
+
+  private static final String jwt = AppClientHelper.getToken();
+
+  @Autowired private MockMvc mockMvc;
+  @Autowired private SchemaBlockRepository schemaBlockRepository;
+  @Autowired private ObjectMapper objectMapper;
+  @Autowired private ModelMapper modelMapper;
+  private SchemaBlock schemaBlock;
+
+  @BeforeEach
+  public void init() throws JsonProcessingException {
+    schemaBlockRepository.deleteAll();
+    schemaBlock = SchemaBlockFactoryUtil.getSchemaBlockObject();
+  }
+
+  @Test
+  public void testGetAllSchemaBlock() throws Exception {
+    schemaBlockRepository.save(schemaBlock);
+    RequestBuilder requestBuilder =
+        MockMvcRequestBuilders.get("/api/v1/schemas").header(AppClientHelper.AUTHORIZATION, jwt);
+    MvcResult mvcResult = mockMvc.perform(requestBuilder).andReturn();
+    assertEquals(200, mvcResult.getResponse().getStatus(), "status code is not equal.");
+    assertEquals(
+        modelMapper.map(schemaBlock, SchemaBlockDocument.class),
+        objectMapper
+            .readValue(mvcResult.getResponse().getContentAsString(), SchemaBlockDocument[].class)[
+            0],
+        "schemaBlock is not equal.");
+  }
+
+  @Test
+  public void testGetSchemaBlockById() throws Exception {
+    schemaBlockRepository.save(schemaBlock);
+    RequestBuilder requestBuilder =
+        MockMvcRequestBuilders.get("/api/v1/schemas/")
+            .param("id", schemaBlock.getId())
+            .header(AppClientHelper.AUTHORIZATION, jwt);
+    MvcResult mvcResult = mockMvc.perform(requestBuilder).andReturn();
+    assertEquals(200, mvcResult.getResponse().getStatus(), "status code is not equal.");
+    JsonNode jsonNode = objectMapper.readTree(mvcResult.getResponse().getContentAsString());
+    assertEquals(
+        modelMapper.map(schemaBlock, SchemaBlockDocument.class),
+        objectMapper.readValue(jsonNode.toPrettyString(), SchemaBlockDocument.class),
+        "schemaBlockDocument ids are not equal.");
+  }
+
+  @Test
+  public void testDeleteSchemaBlocks() throws Exception {
+    schemaBlockRepository.save(schemaBlock);
+    assertEquals(1, schemaBlockRepository.count());
+    RequestBuilder requestBuilder =
+        MockMvcRequestBuilders.delete("/api/v1/schemas")
+            .header(AppClientHelper.AUTHORIZATION, jwt)
+            .contentType("application/json")
+            .content(SchemaBlockFactoryUtil.SCHEMA);
+    MvcResult mvcResult = mockMvc.perform(requestBuilder).andReturn();
+    assertEquals(204, mvcResult.getResponse().getStatus(), "status code is not equal.");
+    assertEquals(0, schemaBlockRepository.count(), "count should be 0 after deleting");
+  }
+
+  @Test
+  public void testDeleteSchemaBlocksById() throws Exception {
+    schemaBlockRepository.save(schemaBlock);
+    assertEquals(1, schemaBlockRepository.count());
+    RequestBuilder requestBuilder =
+        MockMvcRequestBuilders.delete("/api/v1/schemas/")
+            .param("id", schemaBlock.getId())
+            .header(AppClientHelper.AUTHORIZATION, jwt);
+    MvcResult mvcResult = mockMvc.perform(requestBuilder).andReturn();
+    assertEquals(204, mvcResult.getResponse().getStatus(), "status code is not equal.");
+    assertEquals(0, schemaBlockRepository.count(), "count should be 0 after deleting");
+  }
+}