From c946ed9594aee71a1bc5c04a34d49c4521603757 Mon Sep 17 00:00:00 2001 From: alebastrov Date: Wed, 12 Mar 2025 10:44:23 +0200 Subject: [PATCH 1/2] logs & other minor things --- .../src/main/java/oap/mail/Mailman.java | 15 +++--- .../java/oap/storage/mongo/MongoClient.java | 16 +++--- .../oap/ws/sso/AuthenticationFailure.java | 2 +- .../sso/JwtTokenGeneratorExtractorTest.java | 50 +++++++++++++++---- pom.xml | 2 +- 5 files changed, 59 insertions(+), 26 deletions(-) diff --git a/oap-mail/oap-mail/src/main/java/oap/mail/Mailman.java b/oap-mail/oap-mail/src/main/java/oap/mail/Mailman.java index ba5bfcc554..2fe8b9c396 100644 --- a/oap-mail/oap-mail/src/main/java/oap/mail/Mailman.java +++ b/oap-mail/oap-mail/src/main/java/oap/mail/Mailman.java @@ -53,13 +53,12 @@ public void run() { while( !done ) { try { semaphore.acquire(); - - log.debug( "sending {} messages from queue ...", queue.size() ); + if( queue.size() > 0 ) log.debug( "sending {} messages from queue ...", queue.size() ); queue.processing( this::sendMessage ); } catch( InterruptedException e ) { done = true; } catch( Exception e ) { - log.error( e.getMessage(), e ); + log.error( "Cannot process queue", e ); } } } @@ -75,11 +74,13 @@ private boolean sendMessage( Message message ) { } public void send( Message message ) { - log.debug( "enqueue message {}", message ); - - this.queue.add( message ); + try { + log.debug( "enqueue message {}", message ); - semaphore.release(); + this.queue.add( message ); + } finally { + semaphore.release(); + } } @Override diff --git a/oap-storage/oap-storage-mongo/src/main/java/oap/storage/mongo/MongoClient.java b/oap-storage/oap-storage-mongo/src/main/java/oap/storage/mongo/MongoClient.java index d7fa6be109..f93e9f119a 100644 --- a/oap-storage/oap-storage-mongo/src/main/java/oap/storage/mongo/MongoClient.java +++ b/oap-storage/oap-storage-mongo/src/main/java/oap/storage/mongo/MongoClient.java @@ -65,11 +65,11 @@ public MongoClient( String connectionString, @Nonnull String migrationPackage ) Preconditions.checkNotNull( this.connectionString.getDatabase(), "database is required" ); - final MongoClientSettings.Builder settingsBuilder = defaultBuilder() + MongoClientSettings.Builder settingsBuilder = defaultBuilder() .applyConnectionString( this.connectionString ); this.mongoClient = MongoClients.create( settingsBuilder.build() ); this.database = mongoClient.getDatabase( this.connectionString.getDatabase() ); - log.debug( "creating connectionString {} migrationPackage {}", + log.debug( "creating connectionString: {}, migrationPackage: {}", this.connectionString, migrationPackage ); } @@ -88,7 +88,8 @@ private MongoClientSettings.Builder defaultBuilder() { * @param * @return result of function or null otherwise */ - public Optional doWithCollectionIfExist( String collectionName, Function, R> consumer ) { + public Optional doWithCollectionIfExist( String collectionName, + Function, R> consumer ) { Objects.requireNonNull( collectionName ); if( collectionExists( collectionName ) ) { var collection = this.getCollection( collectionName ); @@ -107,10 +108,11 @@ public boolean collectionExists( String collection ) { public void preStart() { try { - MongoSync4Driver driver = MongoSync4Driver.withDefaultLock( mongoClient, database.getName() ); + var driver = MongoSync4Driver.withDefaultLock( mongoClient, database.getName() ); driver.disableTransaction(); if( migrationPackage != null ) { + log.info( "migrationPackage is set to '{}', processing...", migrationPackage ); MongockStandalone .builder() .addMigrationScanPackage( migrationPackage ) @@ -120,9 +122,9 @@ public void preStart() { } } catch( Exception ex ) { - log.error( "Cannot perform migration" ); - log.error( ex.getMessage(), ex ); + log.error( "Cannot perform migration in package: {}", migrationPackage, ex ); } + log.info( "client is ready" ); } public CodecRegistry getCodecRegistry() { @@ -149,7 +151,7 @@ public void updateVersion( Version version ) { } public void dropDatabase() { - log.debug( "dropping database {}", this ); + log.debug( "dropping database: {}", this ); this.database.drop(); } } diff --git a/oap-ws/oap-ws-sso-api/src/main/java/oap/ws/sso/AuthenticationFailure.java b/oap-ws/oap-ws-sso-api/src/main/java/oap/ws/sso/AuthenticationFailure.java index bafc6793c2..3b1d1b799b 100644 --- a/oap-ws/oap-ws-sso-api/src/main/java/oap/ws/sso/AuthenticationFailure.java +++ b/oap-ws/oap-ws-sso-api/src/main/java/oap/ws/sso/AuthenticationFailure.java @@ -25,5 +25,5 @@ package oap.ws.sso; public enum AuthenticationFailure { - TFA_REQUIRED, UNAUTHENTICATED, TOKEN_NOT_VALID, WRONG_TFA_CODE, WRONG_ORGANIZATION + TFA_REQUIRED, UNAUTHENTICATED, TOKEN_NOT_VALID, TOKEN_EXPIRED, WRONG_TFA_CODE, WRONG_ORGANIZATION } diff --git a/oap-ws/oap-ws-sso-api/src/test/java/oap/ws/sso/JwtTokenGeneratorExtractorTest.java b/oap-ws/oap-ws-sso-api/src/test/java/oap/ws/sso/JwtTokenGeneratorExtractorTest.java index cbd5c803a6..6376b97422 100644 --- a/oap-ws/oap-ws-sso-api/src/test/java/oap/ws/sso/JwtTokenGeneratorExtractorTest.java +++ b/oap-ws/oap-ws-sso-api/src/test/java/oap/ws/sso/JwtTokenGeneratorExtractorTest.java @@ -29,11 +29,13 @@ import oap.util.Pair; import oap.ws.sso.AbstractUserTest.TestSecurityRolesProvider; import oap.ws.sso.AbstractUserTest.TestUser; +import org.jetbrains.annotations.NotNull; import org.joda.time.DateTime; import org.joda.time.DateTimeUtils; import org.testng.annotations.Test; import static oap.testng.Asserts.assertString; +import static oap.ws.sso.JWTExtractor.TokenStatus.EXPIRED; import static oap.ws.sso.JWTExtractor.TokenStatus.VALID; import static org.assertj.core.api.Assertions.assertThat; import static org.joda.time.DateTimeZone.UTC; @@ -41,7 +43,7 @@ public class JwtTokenGeneratorExtractorTest extends Fixtures { - private static final JwtTokenGenerator jwtTokenGenerator = new JwtTokenGenerator( "secret", "secret", "issuer", 15 * 60 * 1000, 15 * 60 * 1000 * 24 ); + private static final JwtTokenGenerator jwtTokenGenerator = new JwtTokenGenerator( "secret", "secret", "issuer", 15 * 60 * 1000, 24 * 3_600 * 1_000 + 60_000 ); private static final JWTExtractor jwtExtractor = new JWTExtractor( "secret", "issuer", new SecurityRoles( new TestSecurityRolesProvider() ) ); public JwtTokenGeneratorExtractorTest() { @@ -49,18 +51,46 @@ public JwtTokenGeneratorExtractorTest() { } @Test - public void generateAndExtractToken() { - DateTimeUtils.setCurrentMillisFixed( DateTimeUtils.currentTimeMillis() ); + public void testAccessToken() { + long now = DateTimeUtils.currentTimeMillis(); + DateTimeUtils.setCurrentMillisFixed( now ); - Authentication.Token token = jwtTokenGenerator.generateAccessToken( new TestUser( "email@email.com", "password", Pair.of( "org1", "ADMIN" ) ) ); - assertNotNull( token.expires ); - assertString( token.jwt ).isNotEmpty(); - assertThat( token.expires ).isEqualTo( new DateTime( UTC ).plusMinutes( 15 ).toDate() ); - assertThat( jwtExtractor.verifyToken( token.jwt ) ).isEqualTo( VALID ); - - JwtToken jwtToken = jwtExtractor.decodeJWT( token.jwt ); + Authentication.Token accessToken = jwtTokenGenerator.generateAccessToken( getUser() ); + assertNotNull( accessToken.expires ); + assertThat( accessToken.expires ).isEqualTo( new DateTime( UTC ).plusMinutes( 15 ).toDate() ); + assertString( accessToken.jwt ).isNotEmpty(); + assertThat( jwtExtractor.verifyToken( accessToken.jwt ) ).isEqualTo( VALID ); + JwtToken jwtToken = jwtExtractor.decodeJWT( accessToken.jwt ); assertThat( jwtToken.getUserEmail() ).isEqualTo( "email@email.com" ); assertThat( jwtToken.getPermissions( "org1" ) ).containsExactlyInAnyOrder( "accounts:list", "accounts:create" ); + + DateTimeUtils.setCurrentMillisFixed( now + 16 * 60 * 1000 ); // 1 minute after expiration + assertThat( jwtExtractor.verifyToken( accessToken.jwt ) ).isEqualTo( EXPIRED ); + } + + private static @NotNull TestUser getUser() { + return new TestUser("email@email.com", "password", Pair.of("org1", "ADMIN")); + } + + @Test + public void testRefreshToken() { + long now = DateTimeUtils.currentTimeMillis(); + DateTimeUtils.setCurrentMillisFixed( now ); + Authentication.Token refreshToken = jwtTokenGenerator.generateRefreshToken( getUser() ); + assertNotNull( refreshToken.expires ); + assertThat( refreshToken.expires ).isEqualTo( new DateTime( UTC ).plusDays( 1 ).plusMinutes( 1 ).toDate() ); + assertString( refreshToken.jwt ).isNotEmpty(); + assertThat( jwtExtractor.verifyToken( refreshToken.jwt ) ).isEqualTo( VALID ); + + JwtToken jwtToken = jwtExtractor.decodeJWT( refreshToken.jwt ); + assertThat( jwtToken.getUserEmail() ).isEqualTo( "email@email.com" ); + assertThat( jwtToken.getPermissions( "org1" ) ).isEmpty(); + + DateTimeUtils.setCurrentMillisFixed( now + 24 * 3_600 * 1_000 ); //1 minute before expiration + assertThat( jwtExtractor.verifyToken( refreshToken.jwt ) ).isEqualTo( VALID ); + + DateTimeUtils.setCurrentMillisFixed( now + 24 * 3_600 * 1_000 + 65_000 ); // 5 seconds after expiration time + assertThat( jwtExtractor.verifyToken( refreshToken.jwt ) ).isEqualTo( EXPIRED ); } } diff --git a/pom.xml b/pom.xml index 46fe10ab4a..2c6360399c 100644 --- a/pom.xml +++ b/pom.xml @@ -71,7 +71,7 @@ - 22.9.3 + 22.9.4 1.4.3 22.0.0 From c01ec39020b545679e07ae4964c4a136b7e956c9 Mon Sep 17 00:00:00 2001 From: alebastrov Date: Fri, 14 Mar 2025 17:49:26 +0200 Subject: [PATCH 2/2] logs & other minor things --- .../test/java/oap/ws/sso/JwtTokenGeneratorExtractorTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oap-ws/oap-ws-sso-api/src/test/java/oap/ws/sso/JwtTokenGeneratorExtractorTest.java b/oap-ws/oap-ws-sso-api/src/test/java/oap/ws/sso/JwtTokenGeneratorExtractorTest.java index 6376b97422..a6fb112361 100644 --- a/oap-ws/oap-ws-sso-api/src/test/java/oap/ws/sso/JwtTokenGeneratorExtractorTest.java +++ b/oap-ws/oap-ws-sso-api/src/test/java/oap/ws/sso/JwtTokenGeneratorExtractorTest.java @@ -70,7 +70,7 @@ public void testAccessToken() { } private static @NotNull TestUser getUser() { - return new TestUser("email@email.com", "password", Pair.of("org1", "ADMIN")); + return new TestUser( "email@email.com", "password", Pair.of( "org1", "ADMIN" ) ); } @Test