Merge pull request #367 from admin-ch/feature/VACCINECER-2101_transfe…

…r_code_kpi

Activated ad KPI for calls from API-GW using the relevant user as value.

pom.xml

@@ -10,7 +10,7 @@
 	</parent>
 	<groupId>ch.admin.bag.covidcertificate</groupId>
 	<artifactId>cc-management-service</artifactId>
-	<version>4.5.4</version>
+	<version>4.6.0</version>
 	<name>cc-management-service</name>
 	<description>Service for generating Covid Certificates</description>
 

src/main/java/ch/admin/bag/covidcertificate/client/inapp_delivery/InAppDeliveryClient.java

@@ -2,6 +2,7 @@
 
 import ch.admin.bag.covidcertificate.api.exception.CreateCertificateError;
 import ch.admin.bag.covidcertificate.api.exception.CreateCertificateException;
+import ch.admin.bag.covidcertificate.api.request.SystemSource;
 import ch.admin.bag.covidcertificate.client.inapp_delivery.domain.InAppDeliveryRequestDto;
 
 public interface InAppDeliveryClient {
@@ -10,6 +11,7 @@ public interface InAppDeliveryClient {
      *
      * @param requestDto - data to be sent to the app.
      */
-    CreateCertificateError deliverToApp(String uvci, InAppDeliveryRequestDto requestDto)
+    CreateCertificateError deliverToApp(
+            String uvci, SystemSource systemSource, String userExtId, InAppDeliveryRequestDto requestDto)
             throws CreateCertificateException;
 }

src/main/java/ch/admin/bag/covidcertificate/client/inapp_delivery/internal/DefaultInAppDeliveryClient.java

@@ -9,11 +9,13 @@
 import ch.admin.bag.covidcertificate.config.security.authentication.ServletJeapAuthorization;
 import ch.admin.bag.covidcertificate.domain.KpiData;
 import ch.admin.bag.covidcertificate.service.KpiDataService;
+import ch.admin.bag.covidcertificate.util.UserExtIdHelper;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Profile;
 import org.springframework.http.HttpStatus;
+import org.springframework.security.oauth2.jwt.Jwt;
 import org.springframework.stereotype.Service;
 import org.springframework.web.reactive.function.client.WebClient;
 import org.springframework.web.reactive.function.client.WebClientRequestException;
@@ -23,16 +25,7 @@
 
 import java.time.LocalDateTime;
 
-import static ch.admin.bag.covidcertificate.api.Constants.APP_DELIVERY_FAILED;
-import static ch.admin.bag.covidcertificate.api.Constants.KPI_IN_APP_DELIVERY_CODE_KEY;
-import static ch.admin.bag.covidcertificate.api.Constants.KPI_TIMESTAMP_KEY;
-import static ch.admin.bag.covidcertificate.api.Constants.KPI_TYPE_IN_APP_DELIVERY;
-import static ch.admin.bag.covidcertificate.api.Constants.KPI_TYPE_KEY;
-import static ch.admin.bag.covidcertificate.api.Constants.KPI_UUID_KEY;
-import static ch.admin.bag.covidcertificate.api.Constants.KPI_UVCI_KEY;
-import static ch.admin.bag.covidcertificate.api.Constants.LOG_FORMAT;
-import static ch.admin.bag.covidcertificate.api.Constants.UNKNOWN_APP_CODE;
-import static ch.admin.bag.covidcertificate.service.KpiDataService.SERVICE_ACCOUNT_CC_API_GATEWAY_SERVICE;
+import static ch.admin.bag.covidcertificate.api.Constants.*;
 import static net.logstash.logback.argument.StructuredArguments.kv;
 
 @Service
@@ -49,7 +42,9 @@ public class DefaultInAppDeliveryClient implements InAppDeliveryClient {
     private final KpiDataService kpiLogService;
 
     @Override
-    public CreateCertificateError deliverToApp(String uvci, InAppDeliveryRequestDto requestDto) {
+    public CreateCertificateError deliverToApp(
+            String uvci, SystemSource systemSource, String userExtId, InAppDeliveryRequestDto requestDto) {
+
         final var uri = UriComponentsBuilder.fromHttpUrl(serviceUri).toUriString();
         log.debug("Call the InApp Delivery Backend with url {}", uri);
         try {
@@ -62,7 +57,7 @@ public CreateCertificateError deliverToApp(String uvci, InAppDeliveryRequestDto
             log.trace("InApp Delivery Backend Response: {}", response);
             if (response != null && response.getStatusCode().value() == 200) {
                 final String code = requestDto.getCode();
-                logKpi(uvci, code);
+                logKpi(uvci, systemSource, userExtId, code);
                 return null;
             } else {
                 throw new CreateCertificateException(APP_DELIVERY_FAILED);
@@ -85,26 +80,25 @@ private CreateCertificateError handleErrorResponse(InAppDeliveryRequestDto reque
         }
     }
 
-    private void logKpi(String uvci, String inAppDeliveryCode) {
-        String extId = jeapAuthorization.getExtIdInAuthentication();
+    private void logKpi(String uvci, SystemSource systemSource, String userExtId, String inAppDeliveryCode) {
 
-        // kpi is only logged here if we don't already log it in the api-gateway
-        if (extId != null && !SERVICE_ACCOUNT_CC_API_GATEWAY_SERVICE.equalsIgnoreCase(extId)) {
-            final var kpiTimestamp = LocalDateTime.now();
-            log.info("kpi: {} {} {} {} {}",
-                     kv(KPI_TIMESTAMP_KEY, kpiTimestamp.format(LOG_FORMAT)),
-                     kv(KPI_TYPE_KEY, KPI_TYPE_IN_APP_DELIVERY),
-                     kv(KPI_UUID_KEY, extId),
-                     kv(KPI_IN_APP_DELIVERY_CODE_KEY, inAppDeliveryCode),
-                     kv(KPI_UVCI_KEY, uvci)
-            );
-            kpiLogService.saveKpiData(
-                    new KpiData.KpiDataBuilder(kpiTimestamp, KPI_TYPE_IN_APP_DELIVERY, extId,
-                            SystemSource.WebUI.category)
-                            .withUvci(uvci)
-                            .withInAppDeliveryCode(inAppDeliveryCode)
-                            .build()
-            );
-        }
+        Jwt token = jeapAuthorization.getJeapAuthenticationToken().getToken();
+        String relevantUserExtId = UserExtIdHelper.extractUserExtId(token, userExtId, systemSource);
+
+        final var kpiTimestamp = LocalDateTime.now();
+        log.info("kpi: {} {} {} {} {}",
+                 kv(KPI_TIMESTAMP_KEY, kpiTimestamp.format(LOG_FORMAT)),
+                 kv(KPI_TYPE_KEY, KPI_TYPE_IN_APP_DELIVERY),
+                 kv(KPI_UUID_KEY, relevantUserExtId),
+                 kv(KPI_IN_APP_DELIVERY_CODE_KEY, inAppDeliveryCode),
+                 kv(KPI_UVCI_KEY, uvci)
+        );
+        kpiLogService.saveKpiData(
+                new KpiData.KpiDataBuilder(kpiTimestamp, KPI_TYPE_IN_APP_DELIVERY, relevantUserExtId,
+                        systemSource.category)
+                        .withUvci(uvci)
+                        .withInAppDeliveryCode(inAppDeliveryCode)
+                        .build()
+        );
     }
 }

src/main/java/ch/admin/bag/covidcertificate/client/inapp_delivery/internal/MockInAppDeliveryClient.java

@@ -2,6 +2,7 @@
 
 import ch.admin.bag.covidcertificate.api.exception.CreateCertificateError;
 import ch.admin.bag.covidcertificate.api.exception.CreateCertificateException;
+import ch.admin.bag.covidcertificate.api.request.SystemSource;
 import ch.admin.bag.covidcertificate.client.inapp_delivery.InAppDeliveryClient;
 import ch.admin.bag.covidcertificate.client.inapp_delivery.domain.InAppDeliveryRequestDto;
 import ch.admin.bag.covidcertificate.config.ProfileRegistry;
@@ -14,7 +15,7 @@
 @Profile(ProfileRegistry.INAPP_DELIVERY_SERVICE_MOCK)
 public class MockInAppDeliveryClient implements InAppDeliveryClient {
     @Override
-    public CreateCertificateError deliverToApp(String uvci, InAppDeliveryRequestDto requestDto)
+    public CreateCertificateError deliverToApp(String uvci, SystemSource systemSource, String userExtId, InAppDeliveryRequestDto requestDto)
             throws CreateCertificateException {
 
         log.info("Call the mock InApp delivery service");

src/main/java/ch/admin/bag/covidcertificate/service/CovidCertificateGenerationService.java

@@ -191,7 +191,8 @@ private CovidCertificateResponseEnvelope generateCovidCertificate(
         } else if (createDto.sendToApp()) {
             var inAppDeliveryDto = new InAppDeliveryRequestDto(createDto.getAppCode(), code.getPayload(),
                                                                Base64.getEncoder().encodeToString(pdf));
-            var createError = this.inAppDeliveryClient.deliverToApp(uvci, inAppDeliveryDto); // null if no error
+            var createError = this.inAppDeliveryClient.deliverToApp(
+                    uvci, createDto.getSystemSource(), createDto.getUserExtId(), inAppDeliveryDto); // null if no error
             responseDto.setAppDeliveryError(createError);
         }
         return new CovidCertificateResponseEnvelope(responseDto,

src/main/java/ch/admin/bag/covidcertificate/service/test/TestCovidCertificateGenerationService.java

@@ -2,14 +2,7 @@
 
 import ch.admin.bag.covidcertificate.api.Constants;
 import ch.admin.bag.covidcertificate.api.mapper.CertificatePrintRequestDtoMapper;
-import ch.admin.bag.covidcertificate.api.request.AntibodyCertificateCreateDto;
-import ch.admin.bag.covidcertificate.api.request.CertificateCreateDto;
-import ch.admin.bag.covidcertificate.api.request.ExceptionalCertificateCreateDto;
-import ch.admin.bag.covidcertificate.api.request.RecoveryCertificateCreateDto;
-import ch.admin.bag.covidcertificate.api.request.RecoveryRatCertificateCreateDto;
-import ch.admin.bag.covidcertificate.api.request.TestCertificateCreateDto;
-import ch.admin.bag.covidcertificate.api.request.VaccinationCertificateCreateDto;
-import ch.admin.bag.covidcertificate.api.request.VaccinationTouristCertificateCreateDto;
+import ch.admin.bag.covidcertificate.api.request.*;
 import ch.admin.bag.covidcertificate.api.request.conversion.VaccinationCertificateConversionRequestDto;
 import ch.admin.bag.covidcertificate.api.response.ConvertedCertificateResponseDto;
 import ch.admin.bag.covidcertificate.api.response.ConvertedCertificateResponseEnvelope;
@@ -143,10 +136,9 @@ private ConvertedCertificateResponseEnvelope generateCovidCertificate(
         var code = barcodeService.createBarcode(contents, signingInformation, expiration);
         var responseDto = new ConvertedCertificateResponseDto(code.getPayload(), uvci);
         responseDto.validate();
-        var envelope = new ConvertedCertificateResponseEnvelope(
+        return new ConvertedCertificateResponseEnvelope(
                 responseDto,
                 signingInformation.getCalculatedKeyIdentifier());
-        return envelope;
     }
 
     private CovidCertificateCreateResponseDto generateCovidCertificate(
@@ -171,7 +163,8 @@ private CovidCertificateCreateResponseDto generateCovidCertificate(
         } else if (createDto.sendToApp()) {
             var inAppDeliveryDto = new InAppDeliveryRequestDto(createDto.getAppCode(), code.getPayload(),
                                                                Base64.getEncoder().encodeToString(pdf));
-            var createError = this.inAppDeliveryClient.deliverToApp(uvci, inAppDeliveryDto); // null if no error
+            var createError = this.inAppDeliveryClient.deliverToApp(
+                    uvci, createDto.getSystemSource(), createDto.getUserExtId(), inAppDeliveryDto); // null if no error
             responseDto.setAppDeliveryError(createError);
         }
         return responseDto;

src/test/java/ch/admin/bag/covidcertificate/client/inapp_delivery/internal/DefaultInAppDeliveryClientITTest.java

@@ -1,6 +1,7 @@
 package ch.admin.bag.covidcertificate.client.inapp_delivery.internal;
 
 import ch.admin.bag.covidcertificate.api.exception.CreateCertificateException;
+import ch.admin.bag.covidcertificate.api.request.SystemSource;
 import ch.admin.bag.covidcertificate.client.inapp_delivery.domain.InAppDeliveryRequestDto;
 import org.junit.jupiter.api.Disabled;
 import org.junit.jupiter.api.Test;
@@ -11,9 +12,7 @@
 
 import static ch.admin.bag.covidcertificate.FixtureCustomization.createUVCI;
 import static ch.admin.bag.covidcertificate.api.Constants.APP_DELIVERY_FAILED;
-import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
-import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.*;
 
 @SpringBootTest(properties = {
         "spring.jpa.hibernate.ddl-auto=create",
@@ -36,15 +35,16 @@ class DefaultInAppDeliveryClientITTest {
     @Test
     void deliverToApp_invalid() {
         var requestDto = new InAppDeliveryRequestDto("test", "test", "test");
-        CreateCertificateException exception = assertThrows(CreateCertificateException.class,
-                                                            () -> client.deliverToApp(createUVCI(), requestDto));
+        CreateCertificateException exception = assertThrows(
+                CreateCertificateException.class,
+                () -> client.deliverToApp(createUVCI(), SystemSource.WebUI, "0815", requestDto));
 
-        assertEquals(APP_DELIVERY_FAILED,exception.getError());
+        assertEquals(APP_DELIVERY_FAILED, exception.getError());
     }
 
     @Test
     void deliverToApp_valid() {
         var requestDto = new InAppDeliveryRequestDto(validTestCode, "test", "test");
-        assertDoesNotThrow(() -> client.deliverToApp(createUVCI(), requestDto));
+        assertDoesNotThrow(() -> client.deliverToApp(createUVCI(), SystemSource.WebUI, "0815", requestDto));
     }
 }

src/test/java/ch/admin/bag/covidcertificate/client/inapp_delivery/internal/DefaultInAppDeliveryClientTest.java

@@ -1,8 +1,11 @@
 package ch.admin.bag.covidcertificate.client.inapp_delivery.internal;
 
+import ch.admin.bag.covidcertificate.api.request.SystemSource;
 import ch.admin.bag.covidcertificate.client.inapp_delivery.domain.InAppDeliveryRequestDto;
+import ch.admin.bag.covidcertificate.config.security.authentication.JeapAuthenticationToken;
 import ch.admin.bag.covidcertificate.config.security.authentication.ServletJeapAuthorization;
 import ch.admin.bag.covidcertificate.service.KpiDataService;
+import ch.admin.bag.covidcertificate.util.UserExtIdHelper;
 import com.flextrade.jfixture.JFixture;
 import okhttp3.mockwebserver.MockResponse;
 import okhttp3.mockwebserver.MockWebServer;
@@ -11,6 +14,7 @@
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.mockito.InjectMocks;
+import org.springframework.security.oauth2.jwt.Jwt;
 import org.springframework.test.util.ReflectionTestUtils;
 import org.springframework.web.reactive.function.client.WebClient;
 
@@ -19,22 +23,21 @@
 import static ch.admin.bag.covidcertificate.FixtureCustomization.createUVCI;
 import static ch.admin.bag.covidcertificate.api.Constants.APP_DELIVERY_FAILED;
 import static ch.admin.bag.covidcertificate.api.Constants.UNKNOWN_APP_CODE;
-import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
-import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.*;
 import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.reset;
-import static org.mockito.Mockito.times;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
+import static org.mockito.Mockito.*;
 
 class DefaultInAppDeliveryClientTest {
 
     static final JFixture fixture = new JFixture();
     static MockWebServer mockInAppDeliveryService;
 
     static ServletJeapAuthorization jeapAuthorization;
+
+    static JeapAuthenticationToken jeapAuthenticationToken;
+
+    static Jwt token;
+
     static KpiDataService kpiLogService;
 
     @InjectMocks
@@ -45,6 +48,8 @@ class DefaultInAppDeliveryClientTest {
     @BeforeAll
     static void setUp() throws IOException {
         jeapAuthorization = mock(ServletJeapAuthorization.class);
+        jeapAuthenticationToken = mock(JeapAuthenticationToken.class);
+        token = mock(Jwt.class);
         kpiLogService = mock(KpiDataService.class);
         mockInAppDeliveryService = new MockWebServer();
         mockInAppDeliveryService.start();
@@ -62,9 +67,14 @@ void initialize() {
     @Test
     void doesSendInAppDeliverySuccessfully() {
         mockInAppDeliveryService.enqueue(new MockResponse().setResponseCode(200));
+        when(jeapAuthorization.getJeapAuthenticationToken()).thenReturn(jeapAuthenticationToken);
+        when(jeapAuthenticationToken.getToken()).thenReturn(token);
+        when(UserExtIdHelper.extractUserExtId(token, anyString(), SystemSource.WebUI)).thenReturn("test_ext_id");
 
         var deliveryStatus = assertDoesNotThrow(() -> this.inAppDeliveryClient.deliverToApp(
                 createUVCI(),
+                SystemSource.WebUI,
+                "0815",
                 this.requestDto));
         assertNull(deliveryStatus);
     }
@@ -75,6 +85,8 @@ void throwsException__ifResponseCode418() {
 
         var deliveryStatus = assertDoesNotThrow(() -> this.inAppDeliveryClient.deliverToApp(
                 createUVCI(),
+                SystemSource.WebUI,
+                "0815",
                 this.requestDto));
         assertEquals(UNKNOWN_APP_CODE, deliveryStatus);
     }
@@ -85,6 +97,8 @@ void returnsTechnicalError__ifResponseCode500() {
 
         var deliveryStatus = assertDoesNotThrow(() -> this.inAppDeliveryClient.deliverToApp(
                 createUVCI(),
+                SystemSource.WebUI,
+                "0815",
                 this.requestDto));
         assertEquals(APP_DELIVERY_FAILED, deliveryStatus);
     }
@@ -95,17 +109,23 @@ void throwsException__ifServiceUnreachable() {
 
         var deliveryStatus = assertDoesNotThrow(() -> this.inAppDeliveryClient.deliverToApp(
                 createUVCI(),
+                SystemSource.WebUI,
+                "0815",
                 this.requestDto));
         assertEquals(APP_DELIVERY_FAILED, deliveryStatus);
     }
 
     @Test
     void logsKpi__ifDeliverySuccessful() {
-        when(jeapAuthorization.getExtIdInAuthentication()).thenReturn("test_ext_id");
+        when(jeapAuthorization.getJeapAuthenticationToken()).thenReturn(jeapAuthenticationToken);
+        when(jeapAuthenticationToken.getToken()).thenReturn(token);
+        when(UserExtIdHelper.extractUserExtId(token, anyString(), SystemSource.WebUI)).thenReturn("test_ext_id");
         mockInAppDeliveryService.enqueue(new MockResponse().setResponseCode(200));
 
         assertDoesNotThrow(() -> this.inAppDeliveryClient.deliverToApp(
                 createUVCI(),
+                SystemSource.WebUI,
+                "0815",
                 this.requestDto));
         verify(kpiLogService, times(1)).saveKpiData(any());
     }