Merge branch 'master' of github.com:uio-bmi/localega-tsd-proxy into c…

…learinghouse-upgrade

.github/workflows/Build.yml

@@ -20,10 +20,10 @@ jobs:
 
     steps:
       - uses: actions/checkout@v3
-      - name: Set up JDK 17
+      - name: Set up JDK
         uses: actions/setup-java@v3
         with:
-          java-version: '17'
+          java-version: '21'
           distribution: 'zulu'
           cache: maven
 

Dockerfile

@@ -1,4 +1,4 @@
-FROM maven:3.9.2-eclipse-temurin-17-alpine as builder
+FROM maven:3-eclipse-temurin-21-alpine as builder
 
 COPY pom.xml .
 
@@ -13,7 +13,7 @@ COPY src/ /src/
 
 RUN mvn clean install -DskipTests --no-transfer-progress
 
-FROM eclipse-temurin:17-jre-alpine
+FROM eclipse-temurin:21-jre-alpine
 
 RUN apk add --no-cache ca-certificates
 

pom.xml

@@ -15,7 +15,7 @@
     <description>LocalEGA TSD Proxy</description>
 
     <properties>
-        <java.version>17</java.version>
+        <java.version>21</java.version>
     </properties>
 
     <dependencies>
@@ -74,21 +74,6 @@
             <artifactId>clearinghouse</artifactId>
             <version>2.0.1</version>
         </dependency>
-        <dependency>
-            <groupId>io.jsonwebtoken</groupId>
-            <artifactId>jjwt-api</artifactId>
-            <version>0.12.3</version>
-        </dependency>
-        <dependency>
-            <groupId>io.jsonwebtoken</groupId>
-            <artifactId>jjwt-impl</artifactId>
-            <version>0.12.3</version>
-        </dependency>
-        <dependency>
-            <groupId>io.jsonwebtoken</groupId>
-            <artifactId>jjwt-jackson</artifactId>
-            <version>0.12.3</version>
-        </dependency>
         <dependency>
             <groupId>no.uio.ifi</groupId>
             <artifactId>tsd-file-api-client</artifactId>

src/main/java/no/elixir/fega/ltp/LocalEGATSDProxyApplication.java

@@ -113,7 +113,7 @@ public TSDFileAPIClient tsdFileAPIClient(@Value("${tsd.host}") String tsdHost,
                 .host(tsdHost)
                 .project(tsdProject)
                 .accessKey(tsdAccessKey);
-        if (!StringUtils.isEmpty(tsdRootCA) && !StringUtils.isEmpty(tsdRootCAPassword)) {
+        if (StringUtils.hasLength(tsdRootCA) && StringUtils.hasLength(tsdRootCAPassword)) {
             X509TrustManager trustManager = trustManagerForCertificates(Files.newInputStream(Path.of(tsdRootCA)), tsdRootCAPassword);
             SSLContext sslContext = SSLContext.getInstance("TLS");
             sslContext.init(null, new TrustManager[]{trustManager}, null);

src/main/java/no/elixir/fega/ltp/aspects/AAIAspect.java

@@ -78,10 +78,10 @@ public Object authenticateElixirAAI(ProceedingJoinPoint joinPoint) throws Throwa
         String jwtToken = optionalBearerAuth.get().replace("Bearer ", "");
         try {
             var tokenArray = jwtToken.split("[.]");
-            byte[] decodedHeader = Base64.getUrlDecoder().decode(tokenArray[0]);
-            String decodedHeaderString = new String(decodedHeader);
+            byte[] decodedPayload = Base64.getUrlDecoder().decode(tokenArray[1]);
+            String decodedPayloadString = new String(decodedPayload);
             Gson gson = new Gson();
-            JsonObject claims = gson.fromJson(decodedHeaderString, JsonObject.class);
+            JsonObject claims = gson.fromJson(decodedPayloadString, JsonObject.class);
             List<Visa> controlledAccessGrantsVisas = getVisas(jwtToken, claims.keySet());
             log.info("Elixir user {} authenticated and provided following valid GA4GH Visas: {}", claims.get(Claims.SUBJECT).getAsString(), controlledAccessGrantsVisas);
             request.setAttribute(ELIXIR_ID, claims.get(Claims.SUBJECT).getAsString());

src/main/java/no/elixir/fega/ltp/aspects/PublishMQAspect.java

@@ -115,7 +115,8 @@ public void publishRemove(Object result) {
 
         FileDescriptor fileDescriptor = new FileDescriptor();
         fileDescriptor.setUser(request.getAttribute(EGA_USERNAME).toString());
-        fileDescriptor.setFilePath(request.getAttribute(FILE_NAME).toString());
+        String fileName = request.getAttribute(FILE_NAME).toString();
+        fileDescriptor.setFilePath(String.format(tsdInboxLocation, tsdProjectId, request.getAttribute(ELIXIR_ID).toString()) + fileName);
         fileDescriptor.setOperation(Operation.REMOVE.name().toLowerCase());
         publishMessage(fileDescriptor);
     }

src/main/java/no/elixir/fega/ltp/authentication/CEGACredentialsProvider.java

@@ -12,6 +12,7 @@
 import org.springframework.web.client.RestTemplate;
 
 import java.net.MalformedURLException;
+import java.net.URI;
 import java.net.URISyntaxException;
 import java.net.URL;
 import java.util.Base64;
@@ -45,7 +46,7 @@ public class CEGACredentialsProvider {
      */
     @Cacheable("cega-credentials")
     public Credentials getCredentials(String username) throws MalformedURLException, URISyntaxException {
-        URL url = new URL(String.format(cegaAuthURL + "%s?idType=username", username));
+        URL url = new URI(String.format(cegaAuthURL + "%s?idType=username", username)).toURL();
         org.springframework.http.HttpHeaders headers = new org.springframework.http.HttpHeaders();
         headers.set(HttpHeaders.AUTHORIZATION, "Basic " + Base64.getEncoder().encodeToString((cegaUsername + ":" + cegaPassword).getBytes()));
         ResponseEntity<Credentials> response = restTemplate.exchange(url.toURI(), HttpMethod.GET,

src/main/java/no/elixir/fega/ltp/controllers/rest/ProxyController.java

@@ -60,7 +60,7 @@ public ResponseEntity<?> stream(InputStream inputStream,
         byte[] chunkBytes = inputStream.readAllBytes();
 
         // new upload
-        if (StringUtils.isEmpty(uploadId)) {
+        if (!StringUtils.hasLength(uploadId)) {
             Chunk response = tsdFileAPIClient.initializeResumableUpload(token.getToken(), tsdAppId, chunkBytes, fileName);
             return validateChunkChecksum(token, response, md5);
         }
@@ -133,7 +133,7 @@ public ResponseEntity<?> deleteFile(@RequestHeader(HttpHeaders.PROXY_AUTHORIZATI
     public ResponseEntity<?> getResumables(@RequestHeader(HttpHeaders.PROXY_AUTHORIZATION) String bearerAuthorization,
                                            @RequestParam(value = "uploadId", required = false) String uploadId) {
         Token token = tsdFileAPIClient.getToken(TOKEN_TYPE, TOKEN_TYPE, getElixirAAIToken(bearerAuthorization));
-        if (StringUtils.isEmpty(uploadId)) {
+        if (!StringUtils.hasLength(uploadId)) {
             return ResponseEntity.ok(tsdFileAPIClient.listResumableUploads(token.getToken(), tsdAppId));
         } else {
             return ResponseEntity.ok(tsdFileAPIClient.getResumableUpload(token.getToken(), tsdAppId, uploadId));
@@ -158,4 +158,16 @@ protected String getElixirAAIToken(String bearerAuthorization) {
         return bearerAuthorization.replace("Bearer ", "");
     }
 
+    /**
+     * Gets TSD token.
+     *
+     * @param bearerAuthorization Elixir AAI token.
+     * @return TSD token.
+     */
+    @GetMapping("/gettoken")
+    public ResponseEntity<?> getToken(@RequestHeader(HttpHeaders.PROXY_AUTHORIZATION) String bearerAuthorization) {
+        Token token = tsdFileAPIClient.getToken(TOKEN_TYPE, TOKEN_TYPE, getElixirAAIToken(bearerAuthorization));
+        return ResponseEntity.ok(token);
+    }
+
 }