buerokratt · PaulaMerle · Oct 24, 2023 · Oct 23, 2023 · Oct 23, 2023
diff --git a/.gitignore b/.gitignore
@@ -1,5 +1,6 @@
 /data
 /docker
+/tim-db
 .DS_Store
 .vscode
 .env

diff --git a/DSL/Resql/users/get-configuration.sql b/DSL/Resql/users/get-configuration.sql
@@ -0,0 +1,5 @@
+SELECT *
+FROM configuration
+WHERE key=:key
+AND id IN (SELECT max(id) from configuration GROUP BY key)
+AND deleted = FALSE;
diff --git a/DSL/Resql/users/get-user-by-login.sql b/DSL/Resql/users/get-user-by-login.sql
@@ -0,0 +1,15 @@
+SELECT u.login,
+       u.first_name,
+       u.last_name,
+       u.id_code,
+       u.display_name,
+       ua.authority_name AS authorities
+FROM "user" u
+         INNER JOIN (SELECT authority_name, user_id
+                     FROM user_authority AS ua
+                     WHERE ua.id IN (SELECT max(id)
+                                     FROM user_authority
+                                     GROUP BY user_id)) ua ON u.id_code = ua.user_id
+WHERE login = :login
+  AND password_hash = :password
+  AND array_length(authority_name, 1) > 0;
diff --git a/DSL/Ruuter/GET/domain-file.yml b/DSL/Ruuter/GET/domain-file.yml
@@ -1,7 +1,7 @@
 getFileLocations:
   call: http.get
   args:
-    url: http://ruuter:8085/return-file-locations
+    url: http://ruuter:8086/return-file-locations
   result: fileLocations
 
 getDomainFile:

diff --git a/DSL/Ruuter/GET/sticky/example.yml b/DSL/Ruuter/GET/sticky/example.yml
@@ -11,7 +11,7 @@ extract_request_data:
 extract_cookie_data:
   call: http.post
   args:
-    url: http://ruuter:8085/mocks/mock-custom-jwt-userinfo
+    url: http://ruuter:8086/mocks/mock-custom-jwt-userinfo
     headers:
       cookie: ${cookie}
     body:

diff --git a/DSL/Ruuter/POST/login-user.yml b/DSL/Ruuter/POST/login-user.yml
@@ -0,0 +1,83 @@
+check_for_required_parameters:
+  switch:
+    - condition: ${incoming.body.login == null || incoming.body.password == null}
+      next: return_incorrect_request
+  next: extract_request_data
+
+extract_request_data:
+  assign:
+    login: ${incoming.body.login}
+    password: ${incoming.body.password}
+  next: login_user
+
+login_user:
+  call: http.post
+  args:
+    url: "[#SERVICE_RESQL]:[#SERVICE_RESQL_PORT]/get-user-by-login"
+    body:
+      login: ${login}
+      password: ${password}
+  result: results
+  next: check_login_result  
+
+check_login_result:
+  switch:
+    - condition: ${results.response.body.length != 0}
+      next: get_session_length
+  next: return_user_not_found
+
+get_session_length:
+  call: http.post
+  args:
+    url: "[#SERVICE_RESQL]:[#SERVICE_RESQL_PORT]/get-configuration"
+    body:
+      key: "session_length"
+  result: session_result
+  next: check_session_length_result
+
+check_session_length_result:
+  switch:
+    - condition: ${session_result.response.body.length != 0}
+      next: generate_cookie
+  next: return_session_length_not_found
+
+generate_cookie:
+  call: http.post
+  args:
+    url: "[#SERVICE_TIM]:[#SERVICE_TIM_PORT]/jwt/custom-jwt-generate"
+    body:
+      JWTName: "customJwtCookie"
+      expirationInMinutes: ${session_result.response.body[0].value}
+      content: ${results.response.body[0]}
+  result: cookie_result
+  next: assign_cookie
+
+assign_cookie:
+  assign:
+    setCookie:
+      customJwtCookie: ${cookie_result.response.body.token}
+      Domain: "[#DOMAIN]"
+      Secure: false
+      HttpOnly: false
+  next: return_value
+
+return_value:
+  headers:
+    Set-Cookie: ${setCookie}
+  return: ${cookie_result.response.body.token}
+  next: end 
+
+return_session_length_not_found:
+  status: 400
+  return: "Could not fetch session length"
+  next: end  
+
+return_user_not_found:
+  status: 400
+  return: "User Not Found"
+  next: end
+
+return_incorrect_request:
+  status: 400
+  return: "Required parameter(s) missing"
+  next: end
diff --git a/DSL/Ruuter/POST/mocks/services/requests/explain.yml b/DSL/Ruuter/POST/mocks/services/requests/explain.yml
@@ -9,7 +9,7 @@ service_explain_mock:
         Access-Control-Request-Headers: "content-type"
         Access-Control-Request-Method: "POST"
         Connection: "keep-alive"
-        Host: "localhost:8085"
+        Host: "localhost:8086"
         Origin: "http://localhost:3006"
         Referer: "http://localhost:3006/"
         Sec-Fetch-Dest: "empty"

diff --git a/DSL/Ruuter/POST/rasa/entities/add.yml b/DSL/Ruuter/POST/rasa/entities/add.yml
@@ -5,7 +5,7 @@ assign_values:
 getDomainFile:
   call: http.get
   args:
-    url: http://ruuter:8085/domain-file
+    url: http://ruuter:8086/domain-file
   result: domainData
 
 validateEntities:
@@ -41,7 +41,7 @@ convertJsonToYaml:
 getFileLocations:
   call: http.get
   args:
-    url: http://ruuter:8085/return-file-locations
+    url: http://ruuter:8086/return-file-locations
   result: fileLocations
 
 saveDomainFile:

diff --git a/DSL/Ruuter/POST/rasa/entities/delete.yml b/DSL/Ruuter/POST/rasa/entities/delete.yml
@@ -5,7 +5,7 @@ assign_values:
 getDomainFile:
   call: http.get
   args:
-    url: http://ruuter:8085/domain-file
+    url: http://ruuter:8086/domain-file
   result: domainData
 
 validateEntities:
@@ -87,7 +87,7 @@ convertJsonToYaml:
 getFileLocations:
   call: http.get
   args:
-    url: http://ruuter:8085/return-file-locations
+    url: http://ruuter:8086/return-file-locations
   result: fileLocations
 
 saveDomainFile:

diff --git a/DSL/Ruuter/POST/rasa/entities/update.yml b/DSL/Ruuter/POST/rasa/entities/update.yml
@@ -5,7 +5,7 @@ assign_values:
 getDomainFile:
   call: http.get
   args:
-    url: http://ruuter:8085/domain-file
+    url: http://ruuter:8086/domain-file
   result: domainData
 
 validateEntities:
@@ -42,7 +42,7 @@ convertJsonToYaml:
 getFileLocations:
   call: http.get
   args:
-    url: http://ruuter:8085/return-file-locations
+    url: http://ruuter:8086/return-file-locations
   result: fileLocations
 
 saveDomainFile:

diff --git a/DSL/Ruuter/POST/services/requests/explain.yml b/DSL/Ruuter/POST/services/requests/explain.yml
@@ -1,7 +1,7 @@
 request_explain:
   call: http.post
   args:
-    url: http://ruuter:8085/mocks/services/requests/explain
+    url: http://ruuter:8086/mocks/services/requests/explain
     body: {}
   result: result
 

diff --git a/DSL/Ruuter/POST/templates/check-user-authority.yml b/DSL/Ruuter/POST/templates/check-user-authority.yml
@@ -0,0 +1,36 @@
+get_cookie_info:
+  call: http.post
+  args:
+   url: "[#SERVICE_TIM]:[#SERVICE_TIM_PORT]/jwt/custom-jwt-userinfo"
+   contentType: plaintext
+   headers:
+    cookie: ${incoming.headers.cookie}
+   plaintext: 
+      "customJwtCookie"
+  result: res
+  next: check_cookie_info_response
+
+check_cookie_info_response:
+  switch:
+    - condition: ${200 <= res.response.statusCodeValue && res.response.statusCodeValue < 300}
+      next: check_user_authority
+  next: return_bad_request    
+
+check_user_authority:
+  switch:
+    - condition: ${res.response.body.authorities.includes("ROLE_ADMINISTRATOR") || res.response.body.authorities.includes("ROLE_SERVICE_MANAGER")}
+      next: return_authorized
+  next: return_unauthorized  
+
+return_authorized:
+  return: ${res.response.body}
+  next: end
+
+return_unauthorized: 
+  return: false  
+  next: end
+
+return_bad_request:
+  status: 400
+  return: false
+  next: end  
diff --git a/GUI/.env.development b/GUI/.env.development
@@ -1,15 +1,15 @@
 REACT_APP_MENU_URL=https://admin.dev.buerokratt.ee
-REACT_APP_MENU_BASE_URL=http://localhost:8085
-REACT_APP_RUUTER_V1_PRIVATE_API_URL=http://localhost:8085
-REACT_APP_RUUTER_V2_PRIVATE_API_URL=http://localhost:8085
-REACT_APP_RUUTER_V2_SERVICE_API_URL=http://localhost:8085
-REACT_APP_AUTH_BASE_URL=http://localhost:8085
+REACT_APP_MENU_BASE_URL=http://localhost:8086
+REACT_APP_RUUTER_V1_PRIVATE_API_URL=http://localhost:8086
+REACT_APP_RUUTER_V2_PRIVATE_API_URL=http://localhost:8086
+REACT_APP_RUUTER_V2_SERVICE_API_URL=http://localhost:8086
+REACT_APP_AUTH_BASE_URL=http://localhost:8086
 REACT_APP_AUTH_PATH=/auth
 REACT_APP_MENU_PATH=/chat/menu.json
 REACT_APP_API_PATH=/
 REACT_APP_APP_PORT=3006
 REACT_APP_LOCAL=true
-REACT_APP_API_URL=http://localhost:8085
+REACT_APP_API_URL=http://localhost:8086
 REACT_APP_TRAINING_MODULE_GUI_BASE_URL=http://localhost:3001
 PORT=3006
 REACT_APP_CONVERSATIONS_BASE_URL=http://localhost:8080/chat

diff --git a/README.md b/README.md
@@ -30,6 +30,12 @@ This repo will primarily contain:
 
 - Navigate to Data Mapper and build the image `docker build -t datamapper-node .`
 
+- Clone [TIM](https://github.com/buerokratt/TIM)
+
+- Go to src -> main -> resources -> application.properties & modify security.allowlist.jwt value to `security.allowlist.jwt=ruuter,resql,resql_users,tim,tim-postgresql,node_server,data_mapper,gui_dev,127.0.0.1,::1`
+
+- Navigate to TIM and build the image `docker build -t tim .`
+
 - Clone [SiGA](https://github.com/open-eid/SiGa)
 
 - Set java version to 11
@@ -140,3 +146,13 @@ RUN npm i -g npm@latest
 RUN npm install
 ENTRYPOINT ["npm","start"]
 ```
+### TIM
+
+- if you are running `Locally` then you need to curl the login request or run it on postman first to create and store the cookie in TIM and then on the browser create the cookie manully in the browser with name `customJwtCookie` and the value return from the curl
+the curl request is as follows:
+```
+curl -X POST -H "Content-Type: application/json" -d '{
+  "login": "EE30303039914",
+  "password": ""
+}' http://localhost:8086/login-user
+```
diff --git a/constants.ini b/constants.ini
@@ -19,3 +19,7 @@ SERVICE_OPENSEARCH_PORT=9200
 SERVICE_DMAPPER=http://data_mapper
 
 SERVICE_DMAPPER_PORT=3005
+
+SERVICE_TIM=http://tim
+
+SERVICE_TIM_PORT=8085