Merge pull request #527 from wultra/develop

Merge develop to master

.github/workflows/maven-integration-test.yml

@@ -44,6 +44,10 @@ jobs:
           POWERAUTH_SERVICE_SECURITY_CLIENTTOKEN: ${{ secrets.POWERAUTH_SERVICE_SECURITY_CLIENTTOKEN }}
           POWERAUTH_SERVICE_SECURITY_CLIENTSECRET: ${{ secrets.POWERAUTH_SERVICE_SECURITY_CLIENTSECRET }}
           POWERAUTH_TEST_INCLUDECUSTOMTESTS: ${{ inputs.includeCustomTests == '' || inputs.includeCustomTests }} # default includeCustomTests=true even for 'schedule' event
+          POWERAUTH_TEST_ACTIVATION_OIDC_USERNAME: ${{ secrets.POWERAUTH_TEST_ACTIVATION_OIDC_USERNAME }}
+          POWERAUTH_TEST_ACTIVATION_OIDC_PASSWORD: ${{ secrets.POWERAUTH_TEST_ACTIVATION_OIDC_PASSWORD }}
+          POWERAUTH_TEST_ACTIVATION_OIDC_PROVIDERID: ${{ secrets.POWERAUTH_TEST_ACTIVATION_OIDC_PROVIDERID }}
+          POWERAUTH_TEST_ACTIVATION_OIDC_SUB: ${{ secrets.POWERAUTH_TEST_ACTIVATION_OIDC_SUB }}
       - name: Publish Test Report
         uses: mikepenz/action-junit-report@v4
         if: always()

docs-private/Developer-How-To-Start.md

@@ -1,13 +1,14 @@
 # Developer - How to Start Guide
 
+## PowerAuth Test Server
 
-## Standalone Run
+### Standalone Run
 
 - Use IntelliJ Idea run configuration at `../.run/TestServerApplication.run.xml`
-- Open [http://localhost:8080/actuator/health](http://localhost:8080/actuator/health) and you should get `{"status":"UP"}`
+- Open [http://localhost:8081/actuator/health](http://localhost:8081/actuator/health) and you should get `{"status":"UP"}`
 
 
-## Database
+### Database
 
 Database changes are driven by Liquibase.
 

pom.xml

@@ -8,13 +8,13 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>3.3.2</version>
+        <version>3.3.4</version>
         <relativePath /> <!-- lookup parent from repository -->
     </parent>
 
     <groupId>com.wultra</groupId>
     <artifactId>powerauth-backend-tests-parent</artifactId>
-    <version>1.8.0</version>
+    <version>1.9.0</version>
     <packaging>pom</packaging>
 
     <description>Parent pom for backend tests</description>
@@ -45,16 +45,16 @@
     </developers>
 
     <properties>
-        <enrollment-server.version>1.8.0</enrollment-server.version>
-        <powerauth-cmd.version>1.8.0</powerauth-cmd.version>
-        <powerauth-crypto.version>1.8.0</powerauth-crypto.version>
-        <powerauth-restful-integration.version>1.8.0</powerauth-restful-integration.version>
-        <powerauth-server.version>1.8.0</powerauth-server.version>
-        <wultra-core.version>1.10.0</wultra-core.version>
+        <enrollment-server.version>1.9.0</enrollment-server.version>
+        <powerauth-cmd.version>1.9.0</powerauth-cmd.version>
+        <powerauth-crypto.version>1.9.0</powerauth-crypto.version>
+        <powerauth-restful-integration.version>1.9.0</powerauth-restful-integration.version>
+        <powerauth-server.version>1.9.0</powerauth-server.version>
+        <wultra-core.version>1.11.0</wultra-core.version>
 
         <springdoc-openapi-starter-webmvc-ui.version>2.6.0</springdoc-openapi-starter-webmvc-ui.version>
-        <logstash.version>7.4</logstash.version>
-        <webauthn4j.version>0.25.0.RELEASE</webauthn4j.version>
+        <logstash.version>8.0</logstash.version>
+        <webauthn4j.version>0.27.0.RELEASE</webauthn4j.version>
 
         <maven.deploy.skip>true</maven.deploy.skip>
     </properties>

powerauth-backend-tests/README.md

@@ -105,6 +105,22 @@ powerauth.service.security.clientToken=
 powerauth.service.security.clientSecret=
 ```
 
+
+### OIDC Activation
+
+OpenID Connect activation requires the provider configuration.
+If the properties are not filled, the test is ignored.
+Also a database entry must exist in the table `pa_application_config` with a config key `oauth2_providers` and appropriate config values.
+
+```properties
+# OIDC activation
+powerauth.test.activation.oidc.username=
+powerauth.test.activation.oidc.password=
+powerauth.test.activation.oidc.providerId=
+powerauth.test.activation.oidc.sub=
+```
+
+
 ## Running Tests from Console
 
 You can simply run the tests using Maven in folder `powerauth-backend-tests`:

powerauth-backend-tests/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>com.wultra</groupId>
         <artifactId>powerauth-backend-tests-parent</artifactId>
-        <version>1.8.0</version>
+        <version>1.9.0</version>
     </parent>
 
     <groupId>com.wultra</groupId>

powerauth-backend-tests/src/main/java/com/wultra/security/powerauth/configuration/PowerAuthOidcActivationConfigurationProperties.java

@@ -0,0 +1,40 @@
+/*
+ * PowerAuth test and related software components
+ * Copyright (C) 2024 Wultra s.r.o.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published
+ * by the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package com.wultra.security.powerauth.configuration;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+/**
+ * Properties for OIDC activation.
+ *
+ * @author Lubos Racansky, [email protected]
+ */
+@ConfigurationProperties(prefix = "powerauth.test.activation.oidc")
+@Component
+@Getter
+@Setter
+public class PowerAuthOidcActivationConfigurationProperties {
+
+    private String username;
+    private String password;
+    private String providerId;
+    private String sub;
+}

powerauth-backend-tests/src/main/java/com/wultra/security/powerauth/configuration/PowerAuthTestConfiguration.java

@@ -25,6 +25,7 @@
 import com.wultra.security.powerauth.test.PowerAuthTestSetUp;
 import com.wultra.security.powerauth.test.PowerAuthTestTearDown;
 import io.getlime.security.powerauth.crypto.lib.util.KeyConvertor;
+import io.getlime.security.powerauth.lib.cmd.consts.PowerAuthVersion;
 import io.getlime.security.powerauth.lib.cmd.util.RestClientConfiguration;
 import jakarta.annotation.PostConstruct;
 import jakarta.annotation.PreDestroy;
@@ -41,8 +42,7 @@
 import java.security.PublicKey;
 import java.security.Security;
 import java.time.Duration;
-import java.util.Base64;
-import java.util.UUID;
+import java.util.*;
 
 /**
  * Configuration for the PowerAuth test.
@@ -119,23 +119,10 @@ public class PowerAuthTestConfiguration {
     private final KeyConvertor keyConvertor = new KeyConvertor();
     private final ObjectMapper objectMapper = RestClientConfiguration.defaultMapper();
 
-    // Version 3.2 temporary storage
-    private File statusFileV32;
-    private final JSONObject resultStatusObjectV32 = new JSONObject();
-    private String activationIdV32;
-    private String userV32;
-
-    // Version 3.1 temporary storage
-    private File statusFileV31;
-    private final JSONObject resultStatusObjectV31 = new JSONObject();
-    private String activationIdV31;
-    private String userV31;
-
-    // Version 3.0 temporary storage
-    private File statusFileV3;
-    private final JSONObject resultStatusObjectV3 = new JSONObject();
-    private String activationIdV3;
-    private String userV3;
+    private final Map<PowerAuthVersion, File> statusFiles = new HashMap<>();
+    private final Map<PowerAuthVersion, JSONObject> resultStatusObjects = new HashMap<>();
+    private final Map<PowerAuthVersion, String> activationIds = new HashMap<>();
+    private final Map<PowerAuthVersion, String> users = new HashMap<>();
 
     private final String password = "1234";
 
@@ -186,17 +173,18 @@ public void setUp() throws Exception {
         // Prepare common userId
         final String userId = UUID.randomUUID().toString();
 
-        // Create status file and user for version 3.2
-        statusFileV32 = File.createTempFile("pa_status_v32", ".json");
-        userV32 = "TestUserV32_" + userId;
-
-        // Create status file and user for version 3.1
-        statusFileV31 = File.createTempFile("pa_status_v31", ".json");
-        userV31 = "TestUserV31_" + userId;
-
-        // Create status file and user for version 3.0
-        statusFileV3 = File.createTempFile("pa_status_v3", ".json");
-        userV3 = "TestUserV3_" + userId;
+        // Create status files and users
+        Arrays.stream(PowerAuthVersion.values()).forEach(version -> {
+            try {
+                final File statusFile = File.createTempFile("pa_status_" + version, ".json");
+                statusFiles.put(version, statusFile);
+                final String user = "TestUser_" + version + "_" + userId;
+                users.put(version, user);
+                resultStatusObjects.put(version, new JSONObject());
+            } catch (Exception e) {
+                throw new RuntimeException(e);
+            }
+        });
 
         // Random application name
         applicationVersionForTests = applicationVersion + "_" + System.currentTimeMillis();
@@ -265,70 +253,20 @@ public KeyConvertor getKeyConvertor() {
         return keyConvertor;
     }
 
-    public File getStatusFileV32() {
-        return statusFileV32;
-    }
-
-    public File getStatusFileV31() {
-        return statusFileV31;
-    }
-
-    public File getStatusFileV3() {
-        return statusFileV3;
-    }
-
-    public JSONObject getResultStatusObjectV32() {
-        return resultStatusObjectV32;
-    }
-
-    public JSONObject getResultStatusObjectV31() {
-        return resultStatusObjectV31;
-    }
-
-    public JSONObject getResultStatusObjectV3() {
-        return resultStatusObjectV3;
-    }
-
-    public JSONObject getResultStatusObject(String version) {
-        return switch (version) {
-            case "3.2" -> resultStatusObjectV32;
-            case "3.1" -> resultStatusObjectV31;
-            case "3.0" -> resultStatusObjectV3;
-            default -> null;
-        };
-    }
-
-    public String getActivationIdV32() {
-        return activationIdV32;
-    }
-
-    public void setActivationIdV32(String activationIdV32) {
-        this.activationIdV32 = activationIdV32;
-    }
-
-    public String getActivationIdV31() {
-        return activationIdV31;
+    public File getStatusFile(PowerAuthVersion version) {
+        return statusFiles.get(version);
     }
 
-    public void setActivationIdV31(String activationIdV31) {
-        this.activationIdV31 = activationIdV31;
+    public JSONObject getResultStatusObject(PowerAuthVersion version) {
+        return resultStatusObjects.get(version);
     }
 
-    public String getActivationIdV3() {
-        return activationIdV3;
+    public void setActivationId(String activationId, PowerAuthVersion version) {
+        activationIds.put(version, activationId);
     }
 
-    public void setActivationIdV3(String activationIdV3) {
-        this.activationIdV3 = activationIdV3;
-    }
-
-    public String getActivationId(String version) {
-        return switch (version) {
-            case "3.2" -> activationIdV32;
-            case "3.1" -> activationIdV31;
-            case "3.0" -> activationIdV3;
-            default -> null;
-        };
+    public String getActivationId(PowerAuthVersion version) {
+        return activationIds.get(version);
     }
 
     public String getPassword() {
@@ -339,25 +277,8 @@ public ObjectMapper getObjectMapper() {
         return objectMapper;
     }
 
-    public String getUserV3() {
-        return userV3;
-    }
-
-    public String getUserV31() {
-        return userV31;
-    }
-
-    public String getUserV32() {
-        return userV32;
-    }
-
-    public String getUser(String version) {
-        return switch (version) {
-            case "3.2" -> userV32;
-            case "3.1" -> userV31;
-            case "3.0" -> userV3;
-            default -> null;
-        };
+    public String getUser(PowerAuthVersion version) {
+        return users.get(version);
     }
 
     public void setApplicationKey(String applicationKey) {

powerauth-backend-tests/src/main/java/com/wultra/security/powerauth/model/TemporaryKey.java

@@ -0,0 +1,35 @@
+/*
+ * PowerAuth test and related software components
+ * Copyright (C) 2024 Wultra s.r.o.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published
+ * by the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package com.wultra.security.powerauth.model;
+
+import lombok.Data;
+
+import java.security.PublicKey;
+
+/**
+ * Temporary key model class.
+ *
+ * @author Roman Strobl, [email protected]
+ */
+@Data
+public class TemporaryKey {
+
+    private String id;
+    private PublicKey publicKey;
+
+}