From e93aa8104495bab657be1605337045e3a271c16d Mon Sep 17 00:00:00 2001 From: Kai Date: Fri, 28 Jun 2024 12:42:16 -0400 Subject: [PATCH 01/20] consistent header capitalization --- .../java/bio/terra/drshub/controllers/DrsHubApiController.java | 2 +- .../java/bio/terra/drshub/controllers/GcsApiController.java | 2 +- .../java/bio/terra/drshub/tracking/TrackingInterceptorTest.java | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/service/src/main/java/bio/terra/drshub/controllers/DrsHubApiController.java b/service/src/main/java/bio/terra/drshub/controllers/DrsHubApiController.java index 4eb66af8..1ee03784 100644 --- a/service/src/main/java/bio/terra/drshub/controllers/DrsHubApiController.java +++ b/service/src/main/java/bio/terra/drshub/controllers/DrsHubApiController.java @@ -33,7 +33,7 @@ public ResponseEntity resolveDrs(RequestObject body) { var userAgent = request.getHeader("user-agent"); var forceAccessUrl = Objects.equals(request.getHeader("drshub-force-access-url"), "true"); - var ip = request.getHeader("X-Forwarded-For"); + var ip = request.getHeader("x-forwarded-for"); var googleProject = request.getHeader("x-user-project"); log.info("Received URL {} from agent {} on IP {}", body.getUrl(), userAgent, ip); diff --git a/service/src/main/java/bio/terra/drshub/controllers/GcsApiController.java b/service/src/main/java/bio/terra/drshub/controllers/GcsApiController.java index 4c5fc1b9..06966c55 100644 --- a/service/src/main/java/bio/terra/drshub/controllers/GcsApiController.java +++ b/service/src/main/java/bio/terra/drshub/controllers/GcsApiController.java @@ -31,7 +31,7 @@ public GcsApiController( @TrackCall public ResponseEntity getSignedUrl(GetSignedUrlRequest body) { var bearerToken = bearerTokenFactory.from(request); - var ip = request.getHeader("X-Forwarded-For"); + var ip = request.getHeader("x-forwarded-for"); var signedUrl = signedUrlService.getSignedUrl( body.getBucket(), diff --git a/service/src/test/java/bio/terra/drshub/tracking/TrackingInterceptorTest.java b/service/src/test/java/bio/terra/drshub/tracking/TrackingInterceptorTest.java index e948d55d..7633455e 100644 --- a/service/src/test/java/bio/terra/drshub/tracking/TrackingInterceptorTest.java +++ b/service/src/test/java/bio/terra/drshub/tracking/TrackingInterceptorTest.java @@ -127,7 +127,7 @@ private ResultActions postRequest(String url, String requestBody) throws Excepti return mvc.perform( post(url) .header("authorization", "bearer " + TEST_ACCESS_TOKEN) - .header("X-Forwarded-For", TEST_IP_ADDRESS) + .header("x-forwarded-for", TEST_IP_ADDRESS) .contentType(MediaType.APPLICATION_JSON) .content(requestBody)); } From ecb79f041e277eba357e8bdc46f4b98ac6a5a993 Mon Sep 17 00:00:00 2001 From: Kai Date: Fri, 28 Jun 2024 12:42:52 -0400 Subject: [PATCH 02/20] add ip address to drshub request headers --- .../drshub/models/AnnotatedResourceMetadata.java | 2 ++ .../drshub/services/DrsResolutionService.java | 15 ++++++++++++--- .../drshub/services/DrsResolutionServiceTest.java | 2 ++ 3 files changed, 16 insertions(+), 3 deletions(-) diff --git a/service/src/main/java/bio/terra/drshub/models/AnnotatedResourceMetadata.java b/service/src/main/java/bio/terra/drshub/models/AnnotatedResourceMetadata.java index 9d22fa21..2f927214 100644 --- a/service/src/main/java/bio/terra/drshub/models/AnnotatedResourceMetadata.java +++ b/service/src/main/java/bio/terra/drshub/models/AnnotatedResourceMetadata.java @@ -17,4 +17,6 @@ public class AnnotatedResourceMetadata extends ResourceMetadata { private DrsMetadata drsMetadata; private DrsProvider drsProvider; + + private String ip; } diff --git a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java index cd2c20a9..647e1ea5 100644 --- a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java +++ b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java @@ -99,7 +99,7 @@ public CompletableFuture resolveDrsObject( ip, googleProject); - var response = buildResponseObject(requestedFields, metadata, provider); + var response = buildResponseObject(requestedFields, metadata, provider, ip); return CompletableFuture.completedFuture(response); } @@ -161,6 +161,7 @@ private DrsMetadata fetchObject( auditEventBuilder, authorizations, forceAccessUrl, + ip, googleProject); } @@ -180,6 +181,7 @@ private void setDrsResponseValues( AuditLogEvent.Builder auditEventBuilder, List authorizations, boolean forceAccessUrl, + String ip, String googleProject) { getDrsFileName(drsResponse).ifPresent(drsMetadataBuilder::fileName); @@ -197,6 +199,7 @@ private void setDrsResponseValues( accessMethodType, authorizations, auditEventBuilder, + ip, googleProject); drsMetadataBuilder.accessUrl(accessUrl); } catch (RuntimeException e) { @@ -257,13 +260,18 @@ AccessURL fetchDrsObjectAccessUrl( TypeEnum accessMethodType, List drsHubAuthorizations, AuditLogEvent.Builder auditLogEventBuilder, - String googleProject) { + String googleProject, + String ip) { var drsApi = drsApiFactory.getApiFromUriComponents(uriComponents, drsProvider); var objectId = getObjectId(uriComponents); + // TODO: thread IP address through and set like this on 266 + // TODO: ask team if we should do an if drsProvider is TDR or just send it on everything if (googleProject != null) { drsApi.setHeader("x-user-project", googleProject); } + drsApi.setHeader("x-forwarded-for", ip); + for (var authorization : drsHubAuthorizations) { Optional> auth = authorization.getAuthForAccessMethodType().apply(accessMethodType); @@ -336,12 +344,13 @@ private String getLocalizationPath(DrsProvider drsProvider, DrsObject drsRespons } private AnnotatedResourceMetadata buildResponseObject( - List requestedFields, DrsMetadata drsMetadata, DrsProvider drsProvider) { + List requestedFields, DrsMetadata drsMetadata, DrsProvider drsProvider, String ip) { return AnnotatedResourceMetadata.builder() .requestedFields(requestedFields) .drsMetadata(drsMetadata) .drsProvider(drsProvider) + .ip(ip) .build(); } } diff --git a/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java b/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java index b0650c9f..a93749bc 100644 --- a/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java +++ b/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java @@ -216,6 +216,7 @@ void fetchObjectInfo_failedPassportFallsBackToBearerToken() { @Test void testSignGoogleUrlWithRequesterPays() throws Exception { var googleProject = "test-google-project"; + var ip = "1.1.1.1"; var url = new URL("https://storage.cloud.google.com/my-test-bucket/my/test.txt"); var accessId = "foo"; SignedUrlTestUtils.setupSignedUrlMocks(authService, googleStorageService, googleProject, url); @@ -240,6 +241,7 @@ void testSignGoogleUrlWithRequesterPays() throws Exception { TypeEnum.GS, List.of(BEARERAUTH), new AuditLogEvent.Builder(), + ip, googleProject); assertThat( "google signed url is properly returned", response.getUrl(), equalTo(url.toString())); From 4ba419555381ec0eda14a02cbbc316737ad9728c Mon Sep 17 00:00:00 2001 From: Kai Date: Fri, 28 Jun 2024 12:51:37 -0400 Subject: [PATCH 03/20] whitespace changes --- .../drshub/controllers/DrsHubApiControllerTest.java | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/service/src/test/java/bio/terra/drshub/controllers/DrsHubApiControllerTest.java b/service/src/test/java/bio/terra/drshub/controllers/DrsHubApiControllerTest.java index 22e0717c..e90ed3a0 100644 --- a/service/src/test/java/bio/terra/drshub/controllers/DrsHubApiControllerTest.java +++ b/service/src/test/java/bio/terra/drshub/controllers/DrsHubApiControllerTest.java @@ -120,7 +120,7 @@ void testFallbackWhenOnlyAccessUrlRequestedWithPassportsHasEmptyPassport() throw mockExternalCredsGetProviderAccessToken( Provider.fromValue(cidProviderHost.drsProvider().getEcmFenceProvider().get().getUriValue()), TEST_ACCESS_TOKEN, - TEST_FENCE_SA_TOKEN); + TEST_FENCE_SA_TOKEN); postDrsHubRequestAccessUrlSuccess(cidProviderHost, drsObject.getId()); @@ -149,7 +149,7 @@ void testFallbackWhenOnlyAccessUrlRequestedWithPassportsFails() throws Exception mockExternalCredsGetProviderAccessToken( Provider.fromValue(cidProviderHost.drsProvider().getEcmFenceProvider().get().getUriValue()), TEST_ACCESS_TOKEN, - TEST_FENCE_SA_TOKEN); + TEST_FENCE_SA_TOKEN); postDrsHubRequestAccessUrlSuccess(cidProviderHost, drsObject.getId()); @@ -170,7 +170,7 @@ void testDoesNotFailWhenExtraDataSubmitted() throws Exception { mockExternalCredsGetProviderAccessToken( Provider.fromValue(cidProviderHost.drsProvider().getEcmFenceProvider().get().getUriValue()), TEST_ACCESS_TOKEN, - TEST_FENCE_SA_TOKEN); + TEST_FENCE_SA_TOKEN); var requestBody = objectMapper.writeValueAsString( @@ -272,7 +272,7 @@ void testCallsCorrectEndpointsWhenOnlyAccessUrlRequested() throws Exception { mockExternalCredsGetProviderAccessToken( Provider.fromValue(cidProviderHost.drsProvider().getEcmFenceProvider().get().getUriValue()), TEST_ACCESS_TOKEN, - TEST_FENCE_SA_TOKEN); + TEST_FENCE_SA_TOKEN); postDrsHubRequestAccessUrlSuccess(cidProviderHost, drsObject.getId()); @@ -565,7 +565,7 @@ void testShouldReturnUnderlyingStatusIfGettingAccessUrlFails() throws Exception mockExternalCredsGetProviderAccessToken( Provider.fromValue(cidProviderHost.drsProvider().getEcmFenceProvider().get().getUriValue()), TEST_ACCESS_TOKEN, - TEST_FENCE_SA_TOKEN); + TEST_FENCE_SA_TOKEN); postDrsHubRequest( TEST_ACCESS_TOKEN, From 961194410307180a6ae0bb78fdaed8beeeaf374e Mon Sep 17 00:00:00 2001 From: Kai Date: Fri, 28 Jun 2024 13:39:18 -0400 Subject: [PATCH 04/20] update tests --- common/openapi.yml | 3 ++ .../drshub/services/DrsResolutionService.java | 4 +- .../controllers/GcsApiControllerTest.java | 8 +++- ...notatedResourceMetadataSerializerTest.java | 3 +- .../services/DrsResolutionServiceTest.java | 40 ++++++++++++++++++- .../drshub/services/SignedUrlServiceTest.java | 8 +++- .../terra/drshub/util/SignedUrlTestUtils.java | 1 + 7 files changed, 58 insertions(+), 9 deletions(-) diff --git a/common/openapi.yml b/common/openapi.yml index df442022..a9cb7578 100644 --- a/common/openapi.yml +++ b/common/openapi.yml @@ -210,6 +210,7 @@ components: required: - dataObjectUri - googleProject + - ip properties: bucket: type: string @@ -219,6 +220,8 @@ components: type: string googleProject: type: string + ip: + type: string ErrorReport: diff --git a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java index 647e1ea5..42724097 100644 --- a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java +++ b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java @@ -260,8 +260,8 @@ AccessURL fetchDrsObjectAccessUrl( TypeEnum accessMethodType, List drsHubAuthorizations, AuditLogEvent.Builder auditLogEventBuilder, - String googleProject, - String ip) { + String ip, + String googleProject) { var drsApi = drsApiFactory.getApiFromUriComponents(uriComponents, drsProvider); var objectId = getObjectId(uriComponents); diff --git a/service/src/test/java/bio/terra/drshub/controllers/GcsApiControllerTest.java b/service/src/test/java/bio/terra/drshub/controllers/GcsApiControllerTest.java index 9e1a30f2..07008e34 100644 --- a/service/src/test/java/bio/terra/drshub/controllers/GcsApiControllerTest.java +++ b/service/src/test/java/bio/terra/drshub/controllers/GcsApiControllerTest.java @@ -43,10 +43,12 @@ void testSignsUrls() throws Exception { var drsUri = "drs://dg.4503:1234/456/2315asd"; var bucketName = "my-test-bucket"; var objectName = "my-test-folder/my-test-object.txt"; + var ip = "test.ip"; var googleProject = "test-google-project"; var url = new URL("https", "storage.cloud.google.com", "/" + bucketName + "/" + objectName); - SignedUrlTestUtils.setupSignedUrlMocks(authService, googleStorageService, googleProject, url); + SignedUrlTestUtils.setupSignedUrlMocks( + authService, googleStorageService, ip, googleProject, url); var response = getSignedUrlRequest(TEST_ACCESS_TOKEN, bucketName, objectName, drsUri, googleProject); @@ -58,10 +60,12 @@ void testSignsUrlsDrsUriOnly() throws Exception { var drsUri = "drs://dg.4503:1234/456/2315asd"; var bucketName = "my-test-bucket"; var objectName = "my-test-folder/my-test-object.txt"; + var ip = "test.ip"; var googleProject = "test-google-project"; var url = new URL("https", "storage.cloud.google.com", "/" + bucketName + "/" + objectName); - SignedUrlTestUtils.setupSignedUrlMocks(authService, googleStorageService, googleProject, url); + SignedUrlTestUtils.setupSignedUrlMocks( + authService, googleStorageService, ip, googleProject, url); SignedUrlTestUtils.setupDrsResolutionServiceMocks( drsResolutionService, drsUri, bucketName, objectName, googleProject, true); diff --git a/service/src/test/java/bio/terra/drshub/models/AnnotatedResourceMetadataSerializerTest.java b/service/src/test/java/bio/terra/drshub/models/AnnotatedResourceMetadataSerializerTest.java index a7f4b817..4af47805 100644 --- a/service/src/test/java/bio/terra/drshub/models/AnnotatedResourceMetadataSerializerTest.java +++ b/service/src/test/java/bio/terra/drshub/models/AnnotatedResourceMetadataSerializerTest.java @@ -27,7 +27,8 @@ void testHandlesNullDates() throws IOException { new AnnotatedResourceMetadata( List.of(Fields.TIME_CREATED, Fields.TIME_UPDATED), new DrsMetadata.Builder().drsResponse(drsResponse).build(), - config.getDrsProviders().get("terraDataRepo")); + config.getDrsProviders().get("terraDataRepo"), + "fake.ip"); var written = jacksonTester.write(metadata); assertTrue(written.getJson().contains("\"timeCreated\" : null")); diff --git a/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java b/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java index a93749bc..3f35edf7 100644 --- a/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java +++ b/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java @@ -216,10 +216,11 @@ void fetchObjectInfo_failedPassportFallsBackToBearerToken() { @Test void testSignGoogleUrlWithRequesterPays() throws Exception { var googleProject = "test-google-project"; - var ip = "1.1.1.1"; + var ip = "test.ip"; var url = new URL("https://storage.cloud.google.com/my-test-bucket/my/test.txt"); var accessId = "foo"; - SignedUrlTestUtils.setupSignedUrlMocks(authService, googleStorageService, googleProject, url); + SignedUrlTestUtils.setupSignedUrlMocks( + authService, googleStorageService, ip, googleProject, url); DrsProvider drsProvider = DrsProvider.create() .setMetadataAuth(true) @@ -247,4 +248,39 @@ void testSignGoogleUrlWithRequesterPays() throws Exception { "google signed url is properly returned", response.getUrl(), equalTo(url.toString())); verify(drsApi).setHeader("x-user-project", googleProject); } + + @Test + void testDrsResolutionHeadersIncludeIpAddress() throws Exception { + var googleProject = "test-google-project"; + var ip = "test.ip"; + var url = new URL("https://storage.cloud.google.com/my-test-bucket/my/test.txt"); + var accessId = "foo"; + SignedUrlTestUtils.setupSignedUrlMocks( + authService, googleStorageService, ip, googleProject, url); + DrsProvider drsProvider = + DrsProvider.create() + .setMetadataAuth(true) + .setName("test") + .setHostRegex(".*") + .setAccessMethodConfigs( + new ArrayList<>( + List.of( + ProviderAccessMethodConfig.create() + .setType(AccessMethodConfigTypeEnum.gs) + .setAuth(AccessUrlAuthEnum.current_request) + .setFetchAccessUrl(true)))); + when(drsApi.getAccessURL(PATH, accessId)).thenReturn(new AccessURL().url(url.toString())); + var response = + drsResolutionService.fetchDrsObjectAccessUrl( + drsProvider, + uriComponents, + accessId, + TypeEnum.GS, + List.of(BEARERAUTH), + new AuditLogEvent.Builder(), + ip, + googleProject); + assertThat("signed url is properly returned", response.getUrl(), equalTo(url.toString())); + verify(drsApi).setHeader("x-forwarded-for", ip); + } } diff --git a/service/src/test/java/bio/terra/drshub/services/SignedUrlServiceTest.java b/service/src/test/java/bio/terra/drshub/services/SignedUrlServiceTest.java index 5a94eacc..7c59beac 100644 --- a/service/src/test/java/bio/terra/drshub/services/SignedUrlServiceTest.java +++ b/service/src/test/java/bio/terra/drshub/services/SignedUrlServiceTest.java @@ -30,10 +30,12 @@ void testGetSignedUrl() throws MalformedURLException { var drsUri = "drs://dg.4503:1234/456/2315asd"; var bucketName = "my-test-bucket"; var objectName = "my-test-folder/my-test-object.txt"; + var ip = "test.ip"; var googleProject = "test-google-project"; var url = new URL("https", "storage.cloud.google.com", "/" + bucketName + "/" + objectName); - SignedUrlTestUtils.setupSignedUrlMocks(authService, googleStorageService, googleProject, url); + SignedUrlTestUtils.setupSignedUrlMocks( + authService, googleStorageService, ip, googleProject, url); var signedUrl = signedUrlService.getSignedUrl( @@ -65,10 +67,12 @@ void testGetSignedUrlDataObjectUriOnly() throws Exception { var drsUri = "drs://dg.4503:1234/456/2315asd"; var bucketName = "my-test-bucket"; var objectName = "my-test-folder/my-test-object.txt"; + var ip = "test.ip"; var googleProject = "test-google-project"; var url = new URL("https", "storage.cloud.google.com", "/" + bucketName + "/" + objectName); - SignedUrlTestUtils.setupSignedUrlMocks(authService, googleStorageService, googleProject, url); + SignedUrlTestUtils.setupSignedUrlMocks( + authService, googleStorageService, ip, googleProject, url); SignedUrlTestUtils.setupDrsResolutionServiceMocks( drsResolutionService, drsUri, bucketName, objectName, googleProject, true); var signedUrl = diff --git a/service/src/test/java/bio/terra/drshub/util/SignedUrlTestUtils.java b/service/src/test/java/bio/terra/drshub/util/SignedUrlTestUtils.java index 47f0b093..467f7086 100644 --- a/service/src/test/java/bio/terra/drshub/util/SignedUrlTestUtils.java +++ b/service/src/test/java/bio/terra/drshub/util/SignedUrlTestUtils.java @@ -51,6 +51,7 @@ public class SignedUrlTestUtils { public static void setupSignedUrlMocks( AuthService authService, GoogleStorageService googleStorageService, + String ip, String googleProject, URL url) { From f8ff4e220646fd1e823229dd2ae4488a4f98394b Mon Sep 17 00:00:00 2001 From: Kai Date: Fri, 28 Jun 2024 13:44:27 -0400 Subject: [PATCH 05/20] remove extra props --- .../bio/terra/drshub/models/AnnotatedResourceMetadata.java | 2 -- .../java/bio/terra/drshub/services/DrsResolutionService.java | 1 - .../drshub/models/AnnotatedResourceMetadataSerializerTest.java | 3 +-- 3 files changed, 1 insertion(+), 5 deletions(-) diff --git a/service/src/main/java/bio/terra/drshub/models/AnnotatedResourceMetadata.java b/service/src/main/java/bio/terra/drshub/models/AnnotatedResourceMetadata.java index 2f927214..9d22fa21 100644 --- a/service/src/main/java/bio/terra/drshub/models/AnnotatedResourceMetadata.java +++ b/service/src/main/java/bio/terra/drshub/models/AnnotatedResourceMetadata.java @@ -17,6 +17,4 @@ public class AnnotatedResourceMetadata extends ResourceMetadata { private DrsMetadata drsMetadata; private DrsProvider drsProvider; - - private String ip; } diff --git a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java index 42724097..995cd924 100644 --- a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java +++ b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java @@ -350,7 +350,6 @@ private AnnotatedResourceMetadata buildResponseObject( .requestedFields(requestedFields) .drsMetadata(drsMetadata) .drsProvider(drsProvider) - .ip(ip) .build(); } } diff --git a/service/src/test/java/bio/terra/drshub/models/AnnotatedResourceMetadataSerializerTest.java b/service/src/test/java/bio/terra/drshub/models/AnnotatedResourceMetadataSerializerTest.java index 4af47805..a7f4b817 100644 --- a/service/src/test/java/bio/terra/drshub/models/AnnotatedResourceMetadataSerializerTest.java +++ b/service/src/test/java/bio/terra/drshub/models/AnnotatedResourceMetadataSerializerTest.java @@ -27,8 +27,7 @@ void testHandlesNullDates() throws IOException { new AnnotatedResourceMetadata( List.of(Fields.TIME_CREATED, Fields.TIME_UPDATED), new DrsMetadata.Builder().drsResponse(drsResponse).build(), - config.getDrsProviders().get("terraDataRepo"), - "fake.ip"); + config.getDrsProviders().get("terraDataRepo")); var written = jacksonTester.write(metadata); assertTrue(written.getJson().contains("\"timeCreated\" : null")); From 17088c95eb105bb8fc29c2f86b7729d16544a7c1 Mon Sep 17 00:00:00 2001 From: Kai Date: Fri, 28 Jun 2024 13:47:02 -0400 Subject: [PATCH 06/20] more nits --- .../java/bio/terra/drshub/services/DrsResolutionService.java | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java index 995cd924..bc7d502a 100644 --- a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java +++ b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java @@ -99,7 +99,7 @@ public CompletableFuture resolveDrsObject( ip, googleProject); - var response = buildResponseObject(requestedFields, metadata, provider, ip); + var response = buildResponseObject(requestedFields, metadata, provider); return CompletableFuture.completedFuture(response); } @@ -265,7 +265,6 @@ AccessURL fetchDrsObjectAccessUrl( var drsApi = drsApiFactory.getApiFromUriComponents(uriComponents, drsProvider); var objectId = getObjectId(uriComponents); - // TODO: thread IP address through and set like this on 266 // TODO: ask team if we should do an if drsProvider is TDR or just send it on everything if (googleProject != null) { drsApi.setHeader("x-user-project", googleProject); @@ -344,7 +343,7 @@ private String getLocalizationPath(DrsProvider drsProvider, DrsObject drsRespons } private AnnotatedResourceMetadata buildResponseObject( - List requestedFields, DrsMetadata drsMetadata, DrsProvider drsProvider, String ip) { + List requestedFields, DrsMetadata drsMetadata, DrsProvider drsProvider) { return AnnotatedResourceMetadata.builder() .requestedFields(requestedFields) From 04c72493f8d47ac5bd362daef1e4f12491bc34e5 Mon Sep 17 00:00:00 2001 From: Kai Date: Fri, 28 Jun 2024 13:48:42 -0400 Subject: [PATCH 07/20] nit --- .../bio/terra/drshub/services/DrsResolutionServiceTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java b/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java index 3f35edf7..ab409681 100644 --- a/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java +++ b/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java @@ -215,8 +215,8 @@ void fetchObjectInfo_failedPassportFallsBackToBearerToken() { @Test void testSignGoogleUrlWithRequesterPays() throws Exception { - var googleProject = "test-google-project"; var ip = "test.ip"; + var googleProject = "test-google-project"; var url = new URL("https://storage.cloud.google.com/my-test-bucket/my/test.txt"); var accessId = "foo"; SignedUrlTestUtils.setupSignedUrlMocks( From 72764bbff2a5a2cbb7f55269a61c7e03f53b93f2 Mon Sep 17 00:00:00 2001 From: Kai Date: Fri, 28 Jun 2024 13:49:58 -0400 Subject: [PATCH 08/20] nit just making everything organized --- common/openapi.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/common/openapi.yml b/common/openapi.yml index a9cb7578..f9299104 100644 --- a/common/openapi.yml +++ b/common/openapi.yml @@ -209,8 +209,8 @@ components: type: object required: - dataObjectUri - - googleProject - ip + - googleProject properties: bucket: type: string @@ -218,10 +218,10 @@ components: type: string dataObjectUri: type: string - googleProject: - type: string ip: type: string + googleProject: + type: string ErrorReport: From d6fb5e3024713ef099255e38e4d14a05e5edd421 Mon Sep 17 00:00:00 2001 From: Kai Date: Fri, 28 Jun 2024 13:53:02 -0400 Subject: [PATCH 09/20] remove comment --- .../java/bio/terra/drshub/services/DrsResolutionService.java | 1 - 1 file changed, 1 deletion(-) diff --git a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java index bc7d502a..a6e91b10 100644 --- a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java +++ b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java @@ -265,7 +265,6 @@ AccessURL fetchDrsObjectAccessUrl( var drsApi = drsApiFactory.getApiFromUriComponents(uriComponents, drsProvider); var objectId = getObjectId(uriComponents); - // TODO: ask team if we should do an if drsProvider is TDR or just send it on everything if (googleProject != null) { drsApi.setHeader("x-user-project", googleProject); } From 256a329a0d94918cfb72429ad42e04a5dea18b34 Mon Sep 17 00:00:00 2001 From: Kai Date: Fri, 28 Jun 2024 14:29:18 -0400 Subject: [PATCH 10/20] nit to restart CI --- .../java/bio/terra/drshub/services/DrsResolutionService.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java index a6e91b10..b7362b51 100644 --- a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java +++ b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java @@ -265,10 +265,10 @@ AccessURL fetchDrsObjectAccessUrl( var drsApi = drsApiFactory.getApiFromUriComponents(uriComponents, drsProvider); var objectId = getObjectId(uriComponents); + drsApi.setHeader("x-forwarded-for", ip); if (googleProject != null) { drsApi.setHeader("x-user-project", googleProject); } - drsApi.setHeader("x-forwarded-for", ip); for (var authorization : drsHubAuthorizations) { Optional> auth = From b1d95f40232c9dfa16f22d8a57e7bff2724c4ce6 Mon Sep 17 00:00:00 2001 From: Kai Date: Tue, 2 Jul 2024 14:19:28 -0400 Subject: [PATCH 11/20] undo lowercasing of header name --- .../java/bio/terra/drshub/controllers/DrsHubApiController.java | 2 +- .../java/bio/terra/drshub/controllers/GcsApiController.java | 2 +- .../java/bio/terra/drshub/services/DrsResolutionService.java | 2 +- .../bio/terra/drshub/services/DrsResolutionServiceTest.java | 2 +- .../java/bio/terra/drshub/tracking/TrackingInterceptorTest.java | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/service/src/main/java/bio/terra/drshub/controllers/DrsHubApiController.java b/service/src/main/java/bio/terra/drshub/controllers/DrsHubApiController.java index 1ee03784..4eb66af8 100644 --- a/service/src/main/java/bio/terra/drshub/controllers/DrsHubApiController.java +++ b/service/src/main/java/bio/terra/drshub/controllers/DrsHubApiController.java @@ -33,7 +33,7 @@ public ResponseEntity resolveDrs(RequestObject body) { var userAgent = request.getHeader("user-agent"); var forceAccessUrl = Objects.equals(request.getHeader("drshub-force-access-url"), "true"); - var ip = request.getHeader("x-forwarded-for"); + var ip = request.getHeader("X-Forwarded-For"); var googleProject = request.getHeader("x-user-project"); log.info("Received URL {} from agent {} on IP {}", body.getUrl(), userAgent, ip); diff --git a/service/src/main/java/bio/terra/drshub/controllers/GcsApiController.java b/service/src/main/java/bio/terra/drshub/controllers/GcsApiController.java index 06966c55..4c5fc1b9 100644 --- a/service/src/main/java/bio/terra/drshub/controllers/GcsApiController.java +++ b/service/src/main/java/bio/terra/drshub/controllers/GcsApiController.java @@ -31,7 +31,7 @@ public GcsApiController( @TrackCall public ResponseEntity getSignedUrl(GetSignedUrlRequest body) { var bearerToken = bearerTokenFactory.from(request); - var ip = request.getHeader("x-forwarded-for"); + var ip = request.getHeader("X-Forwarded-For"); var signedUrl = signedUrlService.getSignedUrl( body.getBucket(), diff --git a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java index b7362b51..70d9a37f 100644 --- a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java +++ b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java @@ -265,7 +265,7 @@ AccessURL fetchDrsObjectAccessUrl( var drsApi = drsApiFactory.getApiFromUriComponents(uriComponents, drsProvider); var objectId = getObjectId(uriComponents); - drsApi.setHeader("x-forwarded-for", ip); + drsApi.setHeader("X-Forwarded-For", ip); if (googleProject != null) { drsApi.setHeader("x-user-project", googleProject); } diff --git a/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java b/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java index ab409681..30714681 100644 --- a/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java +++ b/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java @@ -281,6 +281,6 @@ void testDrsResolutionHeadersIncludeIpAddress() throws Exception { ip, googleProject); assertThat("signed url is properly returned", response.getUrl(), equalTo(url.toString())); - verify(drsApi).setHeader("x-forwarded-for", ip); + verify(drsApi).setHeader("X-Forwarded-For", ip); } } diff --git a/service/src/test/java/bio/terra/drshub/tracking/TrackingInterceptorTest.java b/service/src/test/java/bio/terra/drshub/tracking/TrackingInterceptorTest.java index ff1c269e..8457a051 100644 --- a/service/src/test/java/bio/terra/drshub/tracking/TrackingInterceptorTest.java +++ b/service/src/test/java/bio/terra/drshub/tracking/TrackingInterceptorTest.java @@ -163,7 +163,7 @@ private ResultActions postRequest(String url, String requestBody) throws Excepti return mvc.perform( post(url) .header("authorization", "bearer " + TEST_ACCESS_TOKEN) - .header("x-forwarded-for", TEST_IP_ADDRESS) + .header("X-Forwarded-For", TEST_IP_ADDRESS) .contentType(MediaType.APPLICATION_JSON) .content(requestBody)); } From 143175bc80538a33286ceb7df416402585dd68ca Mon Sep 17 00:00:00 2001 From: Kai Date: Tue, 2 Jul 2024 14:20:11 -0400 Subject: [PATCH 12/20] remove query param I didn't really mean to add --- common/openapi.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/common/openapi.yml b/common/openapi.yml index f9299104..3c14e99e 100644 --- a/common/openapi.yml +++ b/common/openapi.yml @@ -218,8 +218,6 @@ components: type: string dataObjectUri: type: string - ip: - type: string googleProject: type: string From ba0ec1ab17493d45879c5b02ea327ff7b06e08e1 Mon Sep 17 00:00:00 2001 From: Kai Date: Tue, 2 Jul 2024 14:24:09 -0400 Subject: [PATCH 13/20] Update openapi.yml --- common/openapi.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/common/openapi.yml b/common/openapi.yml index 3c14e99e..df442022 100644 --- a/common/openapi.yml +++ b/common/openapi.yml @@ -209,7 +209,6 @@ components: type: object required: - dataObjectUri - - ip - googleProject properties: bucket: From 934f17d6c3566b24a5d4d3d5629b6698a8fb40d3 Mon Sep 17 00:00:00 2001 From: Kai Date: Tue, 2 Jul 2024 15:02:37 -0400 Subject: [PATCH 14/20] add optional header to swagger, add null check for ip --- common/openapi.yml | 6 ++++++ .../bio/terra/drshub/services/DrsResolutionService.java | 5 ++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/common/openapi.yml b/common/openapi.yml index df442022..8c7f0c0b 100644 --- a/common/openapi.yml +++ b/common/openapi.yml @@ -6,6 +6,12 @@ paths: /api/v4/drs/resolve: post: summary: Get a file + parameters: + - in: header + name: X-Forwarded-For + schema: + type: string + required: false tags: [ drsHub ] operationId: resolveDrs requestBody: diff --git a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java index 70d9a37f..dd95bb7c 100644 --- a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java +++ b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java @@ -265,7 +265,10 @@ AccessURL fetchDrsObjectAccessUrl( var drsApi = drsApiFactory.getApiFromUriComponents(uriComponents, drsProvider); var objectId = getObjectId(uriComponents); - drsApi.setHeader("X-Forwarded-For", ip); + + if (ip != null) { + drsApi.setHeader("X-Forwarded-For", ip); + } if (googleProject != null) { drsApi.setHeader("x-user-project", googleProject); } From 90a082d7cb65fb7240436a69f81b9ca298810d93 Mon Sep 17 00:00:00 2001 From: Kai Date: Tue, 2 Jul 2024 15:06:05 -0400 Subject: [PATCH 15/20] Update DrsResolutionService.java --- .../java/bio/terra/drshub/services/DrsResolutionService.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java index dd95bb7c..6214a359 100644 --- a/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java +++ b/service/src/main/java/bio/terra/drshub/services/DrsResolutionService.java @@ -268,7 +268,7 @@ AccessURL fetchDrsObjectAccessUrl( if (ip != null) { drsApi.setHeader("X-Forwarded-For", ip); - } + } if (googleProject != null) { drsApi.setHeader("x-user-project", googleProject); } From e24905da76bd1e397b771b8c2656f0139121ce41 Mon Sep 17 00:00:00 2001 From: Kai Date: Tue, 2 Jul 2024 16:22:19 -0400 Subject: [PATCH 16/20] add param to method --- common/openapi.yml | 4 ++-- .../bio/terra/drshub/controllers/DrsHubApiController.java | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/common/openapi.yml b/common/openapi.yml index 8c7f0c0b..939be29e 100644 --- a/common/openapi.yml +++ b/common/openapi.yml @@ -6,14 +6,14 @@ paths: /api/v4/drs/resolve: post: summary: Get a file + tags: [ drsHub ] + operationId: resolveDrs parameters: - in: header name: X-Forwarded-For schema: type: string required: false - tags: [ drsHub ] - operationId: resolveDrs requestBody: content: application/json: diff --git a/service/src/main/java/bio/terra/drshub/controllers/DrsHubApiController.java b/service/src/main/java/bio/terra/drshub/controllers/DrsHubApiController.java index 4eb66af8..b4fb740a 100644 --- a/service/src/main/java/bio/terra/drshub/controllers/DrsHubApiController.java +++ b/service/src/main/java/bio/terra/drshub/controllers/DrsHubApiController.java @@ -27,7 +27,7 @@ public record DrsHubApiController( @Override @TrackCall - public ResponseEntity resolveDrs(RequestObject body) { + public ResponseEntity resolveDrs(String xForwardedFor, RequestObject body) { var bearerToken = bearerTokenFactory.from(request); validateRequest(body); From 3134957ac90de120262c054a0faacd033b8b8799 Mon Sep 17 00:00:00 2001 From: Kai Date: Tue, 2 Jul 2024 16:31:45 -0400 Subject: [PATCH 17/20] refactor --- common/openapi.yml | 6 ------ .../bio/terra/drshub/controllers/GcsApiControllerTest.java | 6 ++---- .../bio/terra/drshub/services/DrsResolutionServiceTest.java | 6 ++---- .../bio/terra/drshub/services/SignedUrlServiceTest.java | 6 ++---- .../test/java/bio/terra/drshub/util/SignedUrlTestUtils.java | 1 - 5 files changed, 6 insertions(+), 19 deletions(-) diff --git a/common/openapi.yml b/common/openapi.yml index 939be29e..df442022 100644 --- a/common/openapi.yml +++ b/common/openapi.yml @@ -8,12 +8,6 @@ paths: summary: Get a file tags: [ drsHub ] operationId: resolveDrs - parameters: - - in: header - name: X-Forwarded-For - schema: - type: string - required: false requestBody: content: application/json: diff --git a/service/src/test/java/bio/terra/drshub/controllers/GcsApiControllerTest.java b/service/src/test/java/bio/terra/drshub/controllers/GcsApiControllerTest.java index 07008e34..ddc8058b 100644 --- a/service/src/test/java/bio/terra/drshub/controllers/GcsApiControllerTest.java +++ b/service/src/test/java/bio/terra/drshub/controllers/GcsApiControllerTest.java @@ -47,8 +47,7 @@ void testSignsUrls() throws Exception { var googleProject = "test-google-project"; var url = new URL("https", "storage.cloud.google.com", "/" + bucketName + "/" + objectName); - SignedUrlTestUtils.setupSignedUrlMocks( - authService, googleStorageService, ip, googleProject, url); + SignedUrlTestUtils.setupSignedUrlMocks(authService, googleStorageService, googleProject, url); var response = getSignedUrlRequest(TEST_ACCESS_TOKEN, bucketName, objectName, drsUri, googleProject); @@ -64,8 +63,7 @@ void testSignsUrlsDrsUriOnly() throws Exception { var googleProject = "test-google-project"; var url = new URL("https", "storage.cloud.google.com", "/" + bucketName + "/" + objectName); - SignedUrlTestUtils.setupSignedUrlMocks( - authService, googleStorageService, ip, googleProject, url); + SignedUrlTestUtils.setupSignedUrlMocks(authService, googleStorageService, googleProject, url); SignedUrlTestUtils.setupDrsResolutionServiceMocks( drsResolutionService, drsUri, bucketName, objectName, googleProject, true); diff --git a/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java b/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java index 30714681..36b00fb7 100644 --- a/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java +++ b/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java @@ -219,8 +219,7 @@ void testSignGoogleUrlWithRequesterPays() throws Exception { var googleProject = "test-google-project"; var url = new URL("https://storage.cloud.google.com/my-test-bucket/my/test.txt"); var accessId = "foo"; - SignedUrlTestUtils.setupSignedUrlMocks( - authService, googleStorageService, ip, googleProject, url); + SignedUrlTestUtils.setupSignedUrlMocks(authService, googleStorageService, googleProject, url); DrsProvider drsProvider = DrsProvider.create() .setMetadataAuth(true) @@ -255,8 +254,7 @@ void testDrsResolutionHeadersIncludeIpAddress() throws Exception { var ip = "test.ip"; var url = new URL("https://storage.cloud.google.com/my-test-bucket/my/test.txt"); var accessId = "foo"; - SignedUrlTestUtils.setupSignedUrlMocks( - authService, googleStorageService, ip, googleProject, url); + SignedUrlTestUtils.setupSignedUrlMocks(authService, googleStorageService, googleProject, url); DrsProvider drsProvider = DrsProvider.create() .setMetadataAuth(true) diff --git a/service/src/test/java/bio/terra/drshub/services/SignedUrlServiceTest.java b/service/src/test/java/bio/terra/drshub/services/SignedUrlServiceTest.java index 7c59beac..55d4d6d0 100644 --- a/service/src/test/java/bio/terra/drshub/services/SignedUrlServiceTest.java +++ b/service/src/test/java/bio/terra/drshub/services/SignedUrlServiceTest.java @@ -34,8 +34,7 @@ void testGetSignedUrl() throws MalformedURLException { var googleProject = "test-google-project"; var url = new URL("https", "storage.cloud.google.com", "/" + bucketName + "/" + objectName); - SignedUrlTestUtils.setupSignedUrlMocks( - authService, googleStorageService, ip, googleProject, url); + SignedUrlTestUtils.setupSignedUrlMocks(authService, googleStorageService, googleProject, url); var signedUrl = signedUrlService.getSignedUrl( @@ -71,8 +70,7 @@ void testGetSignedUrlDataObjectUriOnly() throws Exception { var googleProject = "test-google-project"; var url = new URL("https", "storage.cloud.google.com", "/" + bucketName + "/" + objectName); - SignedUrlTestUtils.setupSignedUrlMocks( - authService, googleStorageService, ip, googleProject, url); + SignedUrlTestUtils.setupSignedUrlMocks(authService, googleStorageService, googleProject, url); SignedUrlTestUtils.setupDrsResolutionServiceMocks( drsResolutionService, drsUri, bucketName, objectName, googleProject, true); var signedUrl = diff --git a/service/src/test/java/bio/terra/drshub/util/SignedUrlTestUtils.java b/service/src/test/java/bio/terra/drshub/util/SignedUrlTestUtils.java index 467f7086..47f0b093 100644 --- a/service/src/test/java/bio/terra/drshub/util/SignedUrlTestUtils.java +++ b/service/src/test/java/bio/terra/drshub/util/SignedUrlTestUtils.java @@ -51,7 +51,6 @@ public class SignedUrlTestUtils { public static void setupSignedUrlMocks( AuthService authService, GoogleStorageService googleStorageService, - String ip, String googleProject, URL url) { From d1d4e4153fcac750b5d089412d5daf15f8a3dc3c Mon Sep 17 00:00:00 2001 From: Kai Date: Tue, 2 Jul 2024 16:32:11 -0400 Subject: [PATCH 18/20] Update DrsHubApiController.java --- .../java/bio/terra/drshub/controllers/DrsHubApiController.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/service/src/main/java/bio/terra/drshub/controllers/DrsHubApiController.java b/service/src/main/java/bio/terra/drshub/controllers/DrsHubApiController.java index b4fb740a..4eb66af8 100644 --- a/service/src/main/java/bio/terra/drshub/controllers/DrsHubApiController.java +++ b/service/src/main/java/bio/terra/drshub/controllers/DrsHubApiController.java @@ -27,7 +27,7 @@ public record DrsHubApiController( @Override @TrackCall - public ResponseEntity resolveDrs(String xForwardedFor, RequestObject body) { + public ResponseEntity resolveDrs(RequestObject body) { var bearerToken = bearerTokenFactory.from(request); validateRequest(body); From b33b946f9c94bf930334ddac9bae9007d8ee7761 Mon Sep 17 00:00:00 2001 From: Kai Date: Tue, 2 Jul 2024 17:01:11 -0400 Subject: [PATCH 19/20] add tests for optional headers being null --- .../services/DrsResolutionServiceTest.java | 75 +++++++++++-------- 1 file changed, 44 insertions(+), 31 deletions(-) diff --git a/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java b/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java index 36b00fb7..e9df0cf7 100644 --- a/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java +++ b/service/src/test/java/bio/terra/drshub/services/DrsResolutionServiceTest.java @@ -73,8 +73,25 @@ class DrsResolutionServiceTest { SupportedTypesEnum.BEARERAUTH, (var e) -> Optional.of(List.of(TOKEN_VALUE))); private static final DrsObject DRS_OBJECT = new DrsObject().id("drs.id"); + private static final String accessId = "foo"; + + private static URL url; + + private static final DrsProvider testDrsProvider = + DrsProvider.create() + .setMetadataAuth(true) + .setName("test") + .setHostRegex(".*") + .setAccessMethodConfigs( + new ArrayList<>( + List.of( + ProviderAccessMethodConfig.create() + .setType(AccessMethodConfigTypeEnum.gs) + .setAuth(AccessUrlAuthEnum.current_request) + .setFetchAccessUrl(true)))); + @BeforeEach - void before() { + void before() throws Exception { DrsApiFactory drsApiFactory = mock(DrsApiFactory.class); drsResolutionService = @@ -85,6 +102,8 @@ void before() { when(uriComponents.getPath()).thenReturn(PATH); when(drsApiFactory.getApiFromUriComponents(eq(uriComponents), any(DrsProvider.class))) .thenReturn(drsApi); + + url = new URL("https://storage.cloud.google.com/my-test-bucket/my/test.txt"); } @Test @@ -217,25 +236,11 @@ void fetchObjectInfo_failedPassportFallsBackToBearerToken() { void testSignGoogleUrlWithRequesterPays() throws Exception { var ip = "test.ip"; var googleProject = "test-google-project"; - var url = new URL("https://storage.cloud.google.com/my-test-bucket/my/test.txt"); - var accessId = "foo"; SignedUrlTestUtils.setupSignedUrlMocks(authService, googleStorageService, googleProject, url); - DrsProvider drsProvider = - DrsProvider.create() - .setMetadataAuth(true) - .setName("test") - .setHostRegex(".*") - .setAccessMethodConfigs( - new ArrayList<>( - List.of( - ProviderAccessMethodConfig.create() - .setType(AccessMethodConfigTypeEnum.gs) - .setAuth(AccessUrlAuthEnum.current_request) - .setFetchAccessUrl(true)))); when(drsApi.getAccessURL(PATH, accessId)).thenReturn(new AccessURL().url(url.toString())); var response = drsResolutionService.fetchDrsObjectAccessUrl( - drsProvider, + testDrsProvider, uriComponents, accessId, TypeEnum.GS, @@ -252,25 +257,11 @@ void testSignGoogleUrlWithRequesterPays() throws Exception { void testDrsResolutionHeadersIncludeIpAddress() throws Exception { var googleProject = "test-google-project"; var ip = "test.ip"; - var url = new URL("https://storage.cloud.google.com/my-test-bucket/my/test.txt"); - var accessId = "foo"; SignedUrlTestUtils.setupSignedUrlMocks(authService, googleStorageService, googleProject, url); - DrsProvider drsProvider = - DrsProvider.create() - .setMetadataAuth(true) - .setName("test") - .setHostRegex(".*") - .setAccessMethodConfigs( - new ArrayList<>( - List.of( - ProviderAccessMethodConfig.create() - .setType(AccessMethodConfigTypeEnum.gs) - .setAuth(AccessUrlAuthEnum.current_request) - .setFetchAccessUrl(true)))); when(drsApi.getAccessURL(PATH, accessId)).thenReturn(new AccessURL().url(url.toString())); var response = drsResolutionService.fetchDrsObjectAccessUrl( - drsProvider, + testDrsProvider, uriComponents, accessId, TypeEnum.GS, @@ -281,4 +272,26 @@ void testDrsResolutionHeadersIncludeIpAddress() throws Exception { assertThat("signed url is properly returned", response.getUrl(), equalTo(url.toString())); verify(drsApi).setHeader("X-Forwarded-For", ip); } + + @Test + void testDrsResolutionWithoutOptionalHeaders() throws Exception { + String googleProject = null; + String ip = null; + SignedUrlTestUtils.setupSignedUrlMocks(authService, googleStorageService, googleProject, url); + + when(drsApi.getAccessURL(PATH, accessId)).thenReturn(new AccessURL().url(url.toString())); + var response = + drsResolutionService.fetchDrsObjectAccessUrl( + testDrsProvider, + uriComponents, + accessId, + TypeEnum.GS, + List.of(BEARERAUTH), + new AuditLogEvent.Builder(), + ip, + googleProject); + assertThat("signed url is properly returned", response.getUrl(), equalTo(url.toString())); + verify(drsApi, never()).setHeader("X-Forwarded-For", ip); + verify(drsApi, never()).setHeader("x-user-project", googleProject); + } } From 709de9ce4dfceebe5bff8cb13a7ed833d1d198fd Mon Sep 17 00:00:00 2001 From: Kai Date: Tue, 2 Jul 2024 17:02:31 -0400 Subject: [PATCH 20/20] cleanup --- .../java/bio/terra/drshub/controllers/GcsApiControllerTest.java | 2 -- 1 file changed, 2 deletions(-) diff --git a/service/src/test/java/bio/terra/drshub/controllers/GcsApiControllerTest.java b/service/src/test/java/bio/terra/drshub/controllers/GcsApiControllerTest.java index ddc8058b..9e1a30f2 100644 --- a/service/src/test/java/bio/terra/drshub/controllers/GcsApiControllerTest.java +++ b/service/src/test/java/bio/terra/drshub/controllers/GcsApiControllerTest.java @@ -43,7 +43,6 @@ void testSignsUrls() throws Exception { var drsUri = "drs://dg.4503:1234/456/2315asd"; var bucketName = "my-test-bucket"; var objectName = "my-test-folder/my-test-object.txt"; - var ip = "test.ip"; var googleProject = "test-google-project"; var url = new URL("https", "storage.cloud.google.com", "/" + bucketName + "/" + objectName); @@ -59,7 +58,6 @@ void testSignsUrlsDrsUriOnly() throws Exception { var drsUri = "drs://dg.4503:1234/456/2315asd"; var bucketName = "my-test-bucket"; var objectName = "my-test-folder/my-test-object.txt"; - var ip = "test.ip"; var googleProject = "test-google-project"; var url = new URL("https", "storage.cloud.google.com", "/" + bucketName + "/" + objectName);