From dad5b7c604890120b448e2d569b12c4845ba1433 Mon Sep 17 00:00:00 2001
From: Paul Cahill <Paul.Cahill@pointclickcare.com>
Date: Fri, 8 Nov 2024 13:02:04 -0500
Subject: [PATCH] Changed the core version number in the pom.xml.  Removed some
 comments now that we've reviewed the code.

---
 pom.xml                                       |  2 +-
 .../izgateway/logging/info/EndPointInfo.java  |  4 ---
 .../security/AccessControlValve.java          |  2 +-
 .../cdc/izgateway/soap/net/MessageSender.java |  3 --
 src/main/resources/sample.puml                | 35 -------------------
 5 files changed, 2 insertions(+), 44 deletions(-)
 delete mode 100644 src/main/resources/sample.puml

diff --git a/pom.xml b/pom.xml
index d656c7b..9ddfd24 100644
--- a/pom.xml
+++ b/pom.xml
@@ -16,7 +16,7 @@
        release branch is labeled <major>.<minor>.<patch>-izgw-core-SNAPSHOT 
        main branch is labeled <major>.<minor>.<patch>-izgw-core-RELEASE 
   -->
-  <version>2.2.0-IGDD-1765_optional_mtls_plus_jwt-SNAPSHOT</version>
+  <version>2.1.5-IGDD-1765_optional_mtls_plus_jwt-SNAPSHOT</version>
   <packaging>jar</packaging>
   <name>IZ Gateway Core 2.0</name>
   <description>IZ Gateway Core contains the core code for the IZ Gateway Hub and Transformation services</description>
diff --git a/src/main/java/gov/cdc/izgateway/logging/info/EndPointInfo.java b/src/main/java/gov/cdc/izgateway/logging/info/EndPointInfo.java
index f6b4dd6..ac2dfd4 100644
--- a/src/main/java/gov/cdc/izgateway/logging/info/EndPointInfo.java
+++ b/src/main/java/gov/cdc/izgateway/logging/info/EndPointInfo.java
@@ -46,10 +46,6 @@ public abstract class EndPointInfo extends HostInfo implements Serializable {
     @JsonProperty
     protected String organization;
 
-    /*
-        TODO: Discuss during code review.  serialNumber changes to String because info
-              in the JWT that we use for serialNumber is not always a number.
-     */
     @Schema(description="The serial number associated with the with certificate on the endpoint.")
     @JsonProperty
     protected String serialNumber;
diff --git a/src/main/java/gov/cdc/izgateway/security/AccessControlValve.java b/src/main/java/gov/cdc/izgateway/security/AccessControlValve.java
index 6ff99fd..c71c066 100644
--- a/src/main/java/gov/cdc/izgateway/security/AccessControlValve.java
+++ b/src/main/java/gov/cdc/izgateway/security/AccessControlValve.java
@@ -120,7 +120,7 @@ public boolean accessAllowed(HttpServletRequest req, HttpServletResponse resp) {
         if (Boolean.FALSE.equals(check)) {  // NOSONAR Null is still possible here, SONAR flags it as always true
 	        log.error("Access denied to protected URL {} address by {} at {}", path, user, host);
 	        resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
-	        return false; // TODO: PCahill - discuss at code review - I assume this should be false here
+	        return false;
         } 
         
         if (isSwagger(path, user)) {
diff --git a/src/main/java/gov/cdc/izgateway/soap/net/MessageSender.java b/src/main/java/gov/cdc/izgateway/soap/net/MessageSender.java
index 014143c..991ffae 100644
--- a/src/main/java/gov/cdc/izgateway/soap/net/MessageSender.java
+++ b/src/main/java/gov/cdc/izgateway/soap/net/MessageSender.java
@@ -508,10 +508,7 @@ public static void logDestinationCertificates(HttpURLConnection con) {
 		if (destination.isConnected() && con instanceof HttpsURLConnection conx) {
 			try {
 				X509Certificate[] certs = (X509Certificate[]) conx.getServerCertificates();
-                // TODO Paul - Principal related code
-                // need to fix this - may need to break out source and destination info because destination won't have a principal'
 				destination.setCertificate(certs[0]);
-                // destination.setPrincipal(RequestContext.getPrincipal());
 				destination.setCipherSuite(conx.getCipherSuite());
 				destination.setConnected(true);
 			} catch (SSLPeerUnverifiedException | IllegalStateException ex) {
diff --git a/src/main/resources/sample.puml b/src/main/resources/sample.puml
deleted file mode 100644
index 39b2e89..0000000
--- a/src/main/resources/sample.puml
+++ /dev/null
@@ -1,35 +0,0 @@
-@startuml
-class JwtSharedSecretPrincipalProvider {
-    - String sharedSecret
-    + createPrincipalFromJwt(HttpServletRequest request): IzgPrincipal
-    - parseJwt(String authHeader): Claims
-    - buildPrincipal(Claims claims): IzgPrincipal
-    - extractScopes(Claims claims): TreeSet<String>
-}
-
-class IzgPrincipal {
-    String name
-    String organization
-    Date validFrom
-    Date validTo
-    String serialNumber
-    String issuer
-    List<String> audience
-    Set<String> scopes
-    Set<String> roles
-    + getSerialNumberHex(): String
-}
-
-class JWTPrincipal {
-    + getSerialNumberHex(): String
-    - isUUID(String string): boolean
-}
-
-class CertPrincipal {
-    + getSerialNumberHex(): String
-}
-
-JwtSharedSecretPrincipalProvider --> IzgPrincipal
-IzgPrincipal <|-- JWTPrincipal
-IzgPrincipal <|-- CertPrincipal
-@enduml
\ No newline at end of file