Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

check operator version and provide correct presigned url #136

Open
wants to merge 55 commits into
base: main
Choose a base branch
from
Open

check operator version and provide correct presigned url #136

Show file tree
Hide file tree
Changes from 10 commits
Commits
Show all changes
55 commits
Select commit Hold shift + click to select a range
f979d8f
initial code
lizk886 Jul 23, 2024
cfdf76d
merge 3752
lizk886 Jul 24, 2024
5dc6553
tests
lizk886 Jul 24, 2024
cbcf4de
clean up
lizk886 Jul 24, 2024
ad72a7d
fix config
lizk886 Jul 29, 2024
60dcb27
update comapre version
lizk886 Jul 29, 2024
a64746d
remove snapshot
lizk886 Jul 29, 2024
0c81949
return boolean
lizk886 Jul 29, 2024
e18ea80
use regex
lizk886 Jul 29, 2024
395382c
clean up cpomments
lizk886 Jul 29, 2024
85c77e5
clean up
lizk886 Aug 1, 2024
78559a5
pull origion
lizk886 Aug 2, 2024
e64e6f8
fix spacing
lizk886 Aug 2, 2024
15b3719
refactor, put a new parameter in operator info
lizk886 Aug 2, 2024
c0cabe8
clean up
lizk886 Aug 2, 2024
0627853
operator test info
lizk886 Aug 2, 2024
2b9cddf
update tests
lizk886 Aug 2, 2024
eb338d2
update tests
lizk886 Aug 2, 2024
d4212e7
clean ups
lizk886 Aug 2, 2024
8e0af72
clean ups
lizk886 Aug 2, 2024
fd1ef07
defualt value if configs haven't updated yet
lizk886 Aug 2, 2024
b0e2de5
clean up
lizk886 Aug 2, 2024
53f2173
[CI Pipeline] Released Snapshot version: 2.17.1-alpha-35-SNAPSHOT
Aug 2, 2024
ea74e38
[CI Pipeline] Released Snapshot version: 2.17.2-alpha-36-SNAPSHOT
Aug 2, 2024
0baf8ae
[CI Pipeline] Released Snapshot version: 2.17.3-alpha-37-SNAPSHOT
Aug 2, 2024
b59c01a
update configs to extreme big number
lizk886 Aug 2, 2024
721bd5e
Merge branch 'wzh-uid2-3574-check-version-update-presignedurl' of git…
lizk886 Aug 2, 2024
deec8bb
[CI Pipeline] Released Snapshot version: 2.17.4-alpha-39-SNAPSHOT
Aug 2, 2024
c580126
add logger info to check which version it put
lizk886 Aug 5, 2024
99e7fe7
[CI Pipeline] Released Snapshot version: 2.17.5-alpha-40-SNAPSHOT
Aug 5, 2024
727e867
make config item private
lizk886 Aug 6, 2024
0e22d87
Merge branch 'wzh-uid2-3574-check-version-update-presignedurl' of git…
lizk886 Aug 6, 2024
69d5105
combine sperate printlns into 1 log
lizk886 Aug 6, 2024
6963e73
config issue in tests
lizk886 Aug 6, 2024
1e805dc
config issue in tests
lizk886 Aug 6, 2024
305a17d
config issue in tests
lizk886 Aug 6, 2024
92b99f9
config issue in tests
lizk886 Aug 6, 2024
4771169
revert keyacl and key
lizk886 Aug 6, 2024
bde5d9e
updated testcoreverticle
lizk886 Aug 7, 2024
1396829
update, if this is not working then I am not sure what to do
lizk886 Aug 7, 2024
349b3a3
update, if this is not working then I am not sure what to do
lizk886 Aug 7, 2024
4c7247a
test: deplaying the initialization of config number
lizk886 Aug 7, 2024
29c3bb9
update shared only for 3574
lizk886 Aug 7, 2024
d88c3e6
update comments
lizk886 Aug 7, 2024
d8df255
update client
lizk886 Aug 7, 2024
fe7c567
take in operator info
lizk886 Aug 7, 2024
4e5fd45
huge encryption benchmark
lizk886 Aug 7, 2024
b73ba5c
[CI Pipeline] Released Snapshot version: 2.17.6-alpha-42-SNAPSHOT
Aug 7, 2024
18324c1
update site, let it read encrpted/pliantext contents too
lizk886 Aug 7, 2024
23ebe65
Merge branch 'wzh-uid2-3574-check-version-update-presignedurl' of git…
lizk886 Aug 7, 2024
0f985c8
update site, let it read encrpted/pliantext contents too
lizk886 Aug 7, 2024
135867b
update site
lizk886 Aug 7, 2024
6050013
[CI Pipeline] Released Snapshot version: 2.17.7-alpha-43-SNAPSHOT
Aug 7, 2024
4aec426
[CI Pipeline] Released Snapshot version: 2.17.8-alpha-44-SNAPSHOT
Aug 7, 2024
3a5e135
make logger using debig version
lizk886 Aug 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions src/main/java/com/uid2/core/service/ClientMetadataProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ public class ClientMetadataProvider implements IClientMetadataProvider {
private final ICloudStorage downloadUrlGenerator;

@Override
public String getMetadata(OperatorInfo info) throws Exception {
String pathname = getMetadataPathName(info.getOperatorType(), info.getSiteId(), SecretStore.Global.get(ClientsMetadataPathName));
public String getMetadata(OperatorInfo info,boolean includeEncrypted) throws Exception {
String pathname = getMetadataPathName(info.getOperatorType(), info.getSiteId(), SecretStore.Global.get(ClientsMetadataPathName),includeEncrypted);
String original = readToEndAsString(metadataStreamProvider.download(pathname));
JsonObject main = (JsonObject) Json.decodeValue(original);
JsonObject obj = main.getJsonObject("client_keys");
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/com/uid2/core/service/IClientMetadataProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,5 +4,5 @@
import com.uid2.shared.auth.OperatorType;

public interface IClientMetadataProvider {
String getMetadata(OperatorInfo info) throws Exception;
String getMetadata(OperatorInfo info, boolean includeEncrypted) throws Exception;
}
2 changes: 1 addition & 1 deletion src/main/java/com/uid2/core/service/IKeyAclMetadataProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,5 +4,5 @@
import com.uid2.shared.auth.OperatorType;

public interface IKeyAclMetadataProvider {
String getMetadata(OperatorInfo info) throws Exception;
String getMetadata(OperatorInfo info, boolean includeEncrypted) throws Exception;
}
2 changes: 1 addition & 1 deletion src/main/java/com/uid2/core/service/IKeyMetadataProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,5 +4,5 @@
import com.uid2.shared.auth.OperatorType;

public interface IKeyMetadataProvider {
String getMetadata(OperatorInfo info) throws Exception;
String getMetadata(OperatorInfo info, boolean includeEncrypted) throws Exception;
}
2 changes: 1 addition & 1 deletion src/main/java/com/uid2/core/service/IKeysetKeyMetadataProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,5 @@
import com.uid2.core.util.OperatorInfo;

public interface IKeysetKeyMetadataProvider {
String getMetadata(OperatorInfo info) throws Exception;
String getMetadata(OperatorInfo info, Boolean includeEncrypted) throws Exception;
}
2 changes: 1 addition & 1 deletion src/main/java/com/uid2/core/service/IKeysetMetadataProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,5 @@
import com.uid2.core.util.OperatorInfo;

public interface IKeysetMetadataProvider {
String getMetadata(OperatorInfo info) throws Exception;
String getMetadata(OperatorInfo info, Boolean includeEncrypted) throws Exception;
}
4 changes: 2 additions & 2 deletions src/main/java/com/uid2/core/service/KeyAclMetadataProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,8 @@ public KeyAclMetadataProvider(ICloudStorage cloudStorage) {
}

@Override
public String getMetadata(OperatorInfo info) throws Exception {
String pathname = getMetadataPathName(info.getOperatorType(), info.getSiteId(), SecretStore.Global.get(Const.Config.KeysAclMetadataPathProp));
public String getMetadata(OperatorInfo info, boolean includeEncrypted) throws Exception {
String pathname = getMetadataPathName(info.getOperatorType(), info.getSiteId(), SecretStore.Global.get(Const.Config.KeysAclMetadataPathProp), includeEncrypted);
String original = readToEndAsString(metadataStreamProvider.download(pathname));
JsonObject main = (JsonObject) Json.decodeValue(original);
JsonObject obj = main.getJsonObject("keys_acl");
Expand Down
4 changes: 2 additions & 2 deletions src/main/java/com/uid2/core/service/KeyMetadataProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ public KeyMetadataProvider(ICloudStorage cloudStorage) {
}

@Override
public String getMetadata(OperatorInfo info) throws Exception {
String pathname = getMetadataPathName(info.getOperatorType(), info.getSiteId(), SecretStore.Global.get(KeysMetadataPathName));
public String getMetadata(OperatorInfo info, boolean includeEncrypted) throws Exception {
String pathname = getMetadataPathName(info.getOperatorType(), info.getSiteId(), SecretStore.Global.get(KeysMetadataPathName),includeEncrypted);
String original = readToEndAsString(metadataStreamProvider.download(pathname));
JsonObject main = (JsonObject) Json.decodeValue(original);
JsonObject obj = main.getJsonObject("keys");
Expand Down
4 changes: 2 additions & 2 deletions src/main/java/com/uid2/core/service/KeysetKeysMetadataProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,8 @@ public KeysetKeysMetadataProvider(ICloudStorage cloudStorage) {
}

@Override
public String getMetadata(OperatorInfo info) throws Exception {
String pathname = getMetadataPathName(info.getOperatorType(), info.getSiteId(), SecretStore.Global.get(Const.Config.KeysetKeysMetadataPathProp));
public String getMetadata(OperatorInfo info, Boolean includeEncrypted) throws Exception {
String pathname = getMetadataPathName(info.getOperatorType(), info.getSiteId(), SecretStore.Global.get(Const.Config.KeysetKeysMetadataPathProp), includeEncrypted);
String original = readToEndAsString(metadataStreamProvider.download(pathname));
JsonObject main = (JsonObject) Json.decodeValue(original);
JsonObject obj = main.getJsonObject("keyset_keys");
Expand Down
4 changes: 2 additions & 2 deletions src/main/java/com/uid2/core/service/KeysetMetadataProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,8 @@ public KeysetMetadataProvider(ICloudStorage cloudStorage) {
}

@Override
public String getMetadata(OperatorInfo info) throws Exception {
String pathname = getMetadataPathName(info.getOperatorType(), info.getSiteId(), SecretStore.Global.get(Const.Config.KeysetsMetadataPathProp));
public String getMetadata(OperatorInfo info, Boolean includeEncrypted) throws Exception {
String pathname = getMetadataPathName(info.getOperatorType(), info.getSiteId(), SecretStore.Global.get(Const.Config.KeysetsMetadataPathProp), includeEncrypted);
String original = readToEndAsString(metadataStreamProvider.download(pathname));
JsonObject main = (JsonObject) Json.decodeValue(original);
JsonObject obj = main.getJsonObject("keysets");
Expand Down
30 changes: 21 additions & 9 deletions src/main/java/com/uid2/core/util/MetadataHelper.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
import com.uid2.shared.auth.OperatorType;
import com.uid2.shared.auth.Role;
import com.uid2.shared.store.CloudPath;
import com.uid2.shared.store.scope.EncryptedScope;
import com.uid2.shared.store.scope.GlobalScope;
import com.uid2.shared.store.scope.SiteScope;
import com.uid2.shared.store.scope.StoreScope;
Expand All @@ -22,17 +23,28 @@ public static String getSiteSpecificMetadataPathName(int siteId, String metadata
return SiteSpecificDataSubDirPath +siteId + metadataPathName;
}

public static String getMetadataPathName(OperatorType operatorType, int siteId, String metadataPathName)
{
public static String getMetadataPathName(OperatorType operatorType, int siteId, String metadataPathName) {
lizk886 marked this conversation as resolved.
Show resolved Hide resolved
return getMetadataPathName(operatorType, siteId, metadataPathName, false);
}

public static String getMetadataPathName(OperatorType operatorType, int siteId, String metadataPathName, Boolean canDecrypt) {
StoreScope store;
Boolean providePrivateSiteData = ConfigStore.Global.getBoolean("provide_private_site_data");
if (operatorType == OperatorType.PUBLIC || (providePrivateSiteData == null || !providePrivateSiteData.booleanValue()))
{
store = new GlobalScope(new CloudPath(metadataPathName));
}
else //PRIVATE
{
store = new SiteScope(new CloudPath(metadataPathName), siteId);
if (canDecrypt){
if (operatorType == OperatorType.PUBLIC){
store = new EncryptedScope(new CloudPath(metadataPathName),siteId, true);
lizk886 marked this conversation as resolved.
Show resolved Hide resolved
}else{
store = new EncryptedScope(new CloudPath(metadataPathName),siteId, false);
}
}else{
if (operatorType == OperatorType.PUBLIC || (providePrivateSiteData == null || !providePrivateSiteData.booleanValue()))
{
store = new GlobalScope(new CloudPath(metadataPathName));
}
else //PRIVATE
{
store = new SiteScope(new CloudPath(metadataPathName), siteId);
}
}
return store.getMetadataPath().toString();
}
Expand Down
63 changes: 58 additions & 5 deletions src/main/java/com/uid2/core/vertx/CoreVerticle.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,8 @@
import java.util.*;
import com.uid2.shared.store.reader.RotatingS3KeyProvider;
import com.uid2.shared.model.S3Key;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import static com.uid2.shared.Const.Config.EnforceJwtProp;

Expand Down Expand Up @@ -81,6 +83,7 @@ public class CoreVerticle extends AbstractVerticle {
private final OperatorJWTTokenProvider operatorJWTTokenProvider;
private final JwtService jwtService;
private final RotatingS3KeyProvider s3KeyProvider;
private static final String ENCRYPTION_SUPPORT_VERSION = "2.3"; // Set this to the appropriate version later

public CoreVerticle(ICloudStorage cloudStorage,
IAuthorizableProvider authProvider,
Expand Down Expand Up @@ -379,8 +382,9 @@ private void handleSaltRefresh(RoutingContext rc) {
private void handleKeyRefresh(RoutingContext rc) {
try {
OperatorInfo info = OperatorInfo.getOperatorInfo(rc);
boolean includeEncrypted = isEncryptionSupported(rc);
lizk886 marked this conversation as resolved.
Show resolved Hide resolved
rc.response().putHeader(HttpHeaders.CONTENT_TYPE, "application/json")
.end(keyMetadataProvider.getMetadata(info));
.end(keyMetadataProvider.getMetadata(info, includeEncrypted));
} catch (Exception e) {
logger.warn("exception in handleKeyRefresh: " + e.getMessage(), e);
Error("error", 500, rc, "error processing key refresh");
Expand All @@ -390,8 +394,9 @@ private void handleKeyRefresh(RoutingContext rc) {
private void handleKeyAclRefresh(RoutingContext rc) {
try {
OperatorInfo info = OperatorInfo.getOperatorInfo(rc);
boolean includeEncrypted = isEncryptionSupported(rc);
rc.response().putHeader(HttpHeaders.CONTENT_TYPE, "application/json")
.end(keyAclMetadataProvider.getMetadata(info));
.end(keyAclMetadataProvider.getMetadata(info, includeEncrypted));
} catch (Exception e) {
logger.warn("exception in handleKeyAclRefresh: " + e.getMessage(), e);
Error("error", 500, rc, "error processing key acl refresh");
Expand All @@ -401,8 +406,9 @@ private void handleKeyAclRefresh(RoutingContext rc) {
private void handleKeysetRefresh(RoutingContext rc) {
try {
OperatorInfo info = OperatorInfo.getOperatorInfo(rc);
boolean includeEncrypted = isEncryptionSupported(rc);
rc.response().putHeader(HttpHeaders.CONTENT_TYPE, "application/json")
.end(keysetMetadataProvider.getMetadata(info));
.end(keysetMetadataProvider.getMetadata(info, includeEncrypted));
} catch (Exception e) {
logger.warn("exception in handleKeysetRefresh: " + e.getMessage(), e);
Error("error", 500, rc, "error processing key refresh");
Expand All @@ -412,8 +418,9 @@ private void handleKeysetRefresh(RoutingContext rc) {
private void handleKeysetKeyRefresh(RoutingContext rc) {
try {
OperatorInfo info = OperatorInfo.getOperatorInfo(rc);
boolean includeEncrypted = isEncryptionSupported(rc);
rc.response().putHeader(HttpHeaders.CONTENT_TYPE, "application/json")
.end(keysetKeyMetadataProvider.getMetadata(info));
.end(keysetKeyMetadataProvider.getMetadata(info, includeEncrypted));
} catch (Exception e) {
logger.warn("exception in handleKeysetKeyRefresh: " + e.getMessage(), e);
Error("error", 500, rc, "error processing key refresh");
Expand All @@ -423,8 +430,9 @@ private void handleKeysetKeyRefresh(RoutingContext rc) {
private void handleClientRefresh(RoutingContext rc) {
try {
OperatorInfo info = OperatorInfo.getOperatorInfo(rc);
boolean includeEncrypted = isEncryptionSupported(rc);
rc.response().putHeader(HttpHeaders.CONTENT_TYPE, "application/json")
.end(clientMetadataProvider.getMetadata(info));
.end(clientMetadataProvider.getMetadata(info, includeEncrypted));
} catch (Exception e) {
logger.warn("exception in handleClientRefresh: " + e.getMessage(), e);
Error("error", 500, rc, "error processing client refresh");
Expand Down Expand Up @@ -662,4 +670,49 @@ public static void Error(String errorStatus, int statusCode, RoutingContext rc,
rc.response().setStatusCode(statusCode).putHeader(HttpHeaders.CONTENT_TYPE, "application/json")
.end(json.encode());
}

private boolean isEncryptionSupported(RoutingContext context) {
String appVersion = context.request().getHeader(Const.Http.AppVersionHeader);
if (appVersion == null) return false;
String[] versions = appVersion.split(";");
for (String version : versions) {
if (version.startsWith("uid2-operator=")) {
String operatorVersion = version.substring("uid2-operator=".length());
return isVersionGreaterOrEqual(operatorVersion, ENCRYPTION_SUPPORT_VERSION);
}
}
return false;
}

private boolean isVersionGreaterOrEqual(String v1, String v2) {
Pattern pattern = Pattern.compile("(\\d+)(?:\\.(\\d+))?(?:\\.(\\d+))?");

Matcher m1 = pattern.matcher(v1);
Matcher m2 = pattern.matcher(v2);

int[] parts1 = extractParts(m1);
int[] parts2 = extractParts(m2);

for (int i = 0; i < Math.max(parts1.length, parts2.length); i++) {
int p1 = i < parts1.length ? parts1[i] : 0;
int p2 = i < parts2.length ? parts2[i] : 0;
if (p1 != p2) {
return p1 > p2;
}
}

return true;
}

private int[] extractParts(Matcher matcher) {
// Extract numeric parts from the matcher and return them as an array
int[] parts = new int[3];
if (matcher.find()) {
for (int i = 1; i <= 3; i++) {
String group = matcher.group(i);
parts[i - 1] = group != null ? Integer.parseInt(group) : 0;
}
}
return parts;
}
}
Loading