AM-688: Do not refer to company.com (#3275)

(cherry picked from commit 12c6efa)

# Conflicts:
#	gravitee-am-gateway/gravitee-am-gateway-standalone/gravitee-am-gateway-standalone-distribution/src/main/resources/config/gravitee.yml
#	helm/tests/api-configmap_test.yaml

gravitee-am-gateway/gravitee-am-gateway-handler/gravitee-am-gateway-handler-core/src/test/java/io/gravitee/am/gateway/handler/vertx/auth/webauthn/WebAuthnFactoryTest.java

@@ -82,14 +82,14 @@ public void testCustom_emptySettings() {
     public void testCustom_partialSettings() {
         WebAuthnSettings webAuthnSettings = mock(WebAuthnSettings.class);
         when(webAuthnSettings.getRelyingPartyName()).thenReturn("Custom RP name");
-        when(webAuthnSettings.getOrigin()).thenReturn("https://auth.mycompany.com:8443");
+        when(webAuthnSettings.getOrigin()).thenReturn("https://auth.gravitee.io:8443");
         when(domain.getWebAuthnSettings()).thenReturn(webAuthnSettings);
         WebAuthn webAuthn = webAuthnFactory.getObject();
         RelyingParty relyingParty = webAuthnFactory.getRelyingParty();
         Assert.assertNotNull(webAuthn);
         Assert.assertNotNull(relyingParty);
         Assert.assertEquals("Custom RP name", relyingParty.getName());
-        Assert.assertEquals("auth.mycompany.com", relyingParty.getId());
+        Assert.assertEquals("auth.gravitee.io", relyingParty.getId());
     }
 
     @Test

gravitee-am-gateway/gravitee-am-gateway-standalone/gravitee-am-gateway-standalone-distribution/src/main/resources/config/gravitee.yml

@@ -47,7 +47,7 @@
 #    # The base_url contains the common url for each overrode endpoints.
 #    # The list of endpoint that support the mtls_aliases is : token_endpoint, authorization_endpoint, registration_endpoint, userinfo_endpoint, pushed_authorization_request_endpoint, end_session_endpoint, revocation_endpoint, introspection_endpoint
 #    mtls_aliases: # base URL for mtls_endpoint_aliases (default is null and the standard endpoints will be used)
-#      base_url: https://mycompany.mlts.com
+#      base_url: https://gravitee.mlts.com
 #      endpoints:
 #        - token_endpoint
 #        - registration_endpoint
@@ -77,7 +77,7 @@
 #  cors:
 #      Allows to configure the header Access-Control-Allow-Origin (default value: *)
 #      '*' is a valid value but is considered as a security risk as it will be opened to cross origin requests from anywhere.
-#    allow-origin: http://developer.mycompany.com
+#    allow-origin: http://developer.gravitee.io
 #      Allows to define how long the result of the preflight request should be cached for (default value; 1728000 [20 days])
 #    max-age: 864000
 #      Which methods to allow (default value: OPTIONS, GET, POST, PUT, DELETE, PATCH)
@@ -100,6 +100,11 @@
 #       - "style-src 'self' 'unsafe-inline';"
 #       - "frame-ancestors 'none';"
 #       - "frame-src 'self' https://www.google.com;"
+<<<<<<< HEAD
+=======
+#       - "report-uri 'self' http://report-csp.gravitee.io;" # if reportOnly is true, use this callback URL to report
+#       - "report-to 'self' '[email protected]';" # if reportOnly is true, use this email to report
+>>>>>>> 12c6efa872 (AM-688: Do not refer to company.com (#3275))
 #  # xframe section allows to activate the X-Frame-Options header
 #  # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
 #  # if not action (DENY or SAMEORIGIN) is specified, the X-Frame-Options header will no be set into the response
@@ -327,7 +332,7 @@ gateway:
 #    enabled: false
 #    exclude-hosts: # list of hosts to exclude from proxy (wildcard hosts are supported)
 #      - '*.internal.com'
-#      - internal.mycompany.com
+#      - internal.gravitee.io
 #    type: HTTP #HTTP, SOCK4, SOCK5
 #    http:
 #      host: localhost
@@ -355,7 +360,7 @@ gateway:
 
 # Organizations and Environments configuration
 # Associate this gateway to a list of environments and their organizations. Use hrids to define these values.
-#organizations: mycompany
+#organizations: gravitee
 #environments: dev,qa
 
 # Sharding tags configuration
@@ -447,3 +452,15 @@ liquibase:
 #  limit: 5
 #  timePeriod: 15
 #  timeUnit: Minutes
+<<<<<<< HEAD
+=======
+
+#applications:
+#  secret:
+#    # Algorithms used to hash the client secret.
+#    # Can be one of :
+#    # "PBKDF2", "BCrypt", "SHA-512", "SHA-256", "None"
+#    algorithm: None
+#    properties:
+#      rounds: 10
+>>>>>>> 12c6efa872 (AM-688: Do not refer to company.com (#3275))

gravitee-am-identityprovider/gravitee-am-identityprovider-http/src/main/resources/schemas/schema-form.json

@@ -117,7 +117,7 @@
                 "baseURL" : {
                   "type" : "string",
                   "title": "Base URL",
-                  "default": "https://api.company.com/users?username={#user.username}",
+                  "default": "https://api.gravitee.io/users?username={#user.username}",
                   "description": "Resource URL (support EL)"
                 },
                 "httpMethod" : {

gravitee-am-management-api/gravitee-am-management-api-rest/src/main/java/io/gravitee/am/management/handlers/management/api/preview/PreviewBuilder.java

@@ -296,7 +296,7 @@ private Map<String, Object> generateTemplateVariables(String template) {
     private UserProperties generateFakeUser() {
         final UserProperties fakeUser = new UserProperties();
         fakeUser.setDomain(this.domain.getId());
-        fakeUser.setEmail("john.doe@mycompany.com");
+        fakeUser.setEmail("john.doe@gravitee.io");
         fakeUser.setFirstName("John");
         fakeUser.setLastName("Doe");
         fakeUser.setClaims(Map.of());

gravitee-am-management-api/gravitee-am-management-api-rest/src/test/java/io/gravitee/am/management/handlers/management/api/resources/EntrypointResourceTest.java

@@ -92,7 +92,7 @@ public void shouldUpdateEntrypoint() {
 
         UpdateEntrypoint updateEntrypoint = new UpdateEntrypoint();
         updateEntrypoint.setName("name");
-        updateEntrypoint.setUrl("https://auth.company.com");
+        updateEntrypoint.setUrl("https://auth.gravitee.io");
         updateEntrypoint.setTags(Collections.emptyList());
 
         final Entrypoint mockEntrypoint = new Entrypoint();
@@ -119,7 +119,7 @@ public void shouldNotUpdateEntrypoint_notFound() {
 
         UpdateEntrypoint updateEntrypoint = new UpdateEntrypoint();
         updateEntrypoint.setName("name");
-        updateEntrypoint.setUrl("https://auth.company.com");
+        updateEntrypoint.setUrl("https://auth.gravitee.io");
         updateEntrypoint.setTags(Collections.emptyList());
 
         doReturn(Single.error(new EntrypointNotFoundException(ENTRYPOINT_ID))).when(entrypointService).update(eq(ENTRYPOINT_ID), eq(ORGANIZATION_ID), any(UpdateEntrypoint.class), any(User.class));

gravitee-am-management-api/gravitee-am-management-api-rest/src/test/java/io/gravitee/am/management/handlers/management/api/resources/EntrypointsResourceTest.java

@@ -83,7 +83,7 @@ public void shouldGetEntrypoints_technicalManagementException() {
     public void shouldCreate() {
         NewEntrypoint newEntrypoint = new NewEntrypoint();
         newEntrypoint.setName("name");
-        newEntrypoint.setUrl("https://auth.company.com");
+        newEntrypoint.setUrl("https://auth.gravitee.io");
         newEntrypoint.setTags(Collections.emptyList());
 
         Entrypoint entrypoint = new Entrypoint();

gravitee-am-management-api/gravitee-am-management-api-standalone/gravitee-am-management-api-standalone-distribution/src/main/resources/config/gravitee.yml

@@ -63,7 +63,7 @@
 #  cors:
 #      Allows to configure the header Access-Control-Allow-Origin (default value: *)
 #      '*' is a valid value but is considered as a security risk as it will be opened to cross origin requests from anywhere.
-#    allow-origin: http://developer.mycompany.com
+#    allow-origin: http://developer.gravitee.io
 #      Allows to define how long the result of the preflight request should be cached for (default value; 1728000 [20 days])
 #    max-age: 864000
 #      Which methods to allow (default value: OPTIONS, GET, POST, PUT, DELETE, PATCH)
@@ -79,11 +79,11 @@
 #  login:
 #      Allows to configure the allowed callback urls during login process (default value: *)
 #      '*' is a valid value but is considered as a security risk as it will be opened to open redirection issues.
-#    allow-redirect-urls: https://am-console.mycompany.com/login/callback
+#    allow-redirect-urls: https://am-console.gravitee.io/login/callback
 #  logout:
 #      Allows to configure the allowed callback urls during logout process (default value: *)
 #      '*' is a valid value but is considered as a security risk as it will be opened to open redirection issues.
-#    allow-redirect-urls: https://am-console.mycompany.com/logout/callback
+#    allow-redirect-urls: https://am-console.gravitee.io/logout/callback
 #  csp:
 #    enabled: true
 #    directives:
@@ -361,7 +361,7 @@ gateway:
 #    enabled: false
 #    exclude-hosts: # list of hosts to exclude from proxy (wildcard hosts are supported)
 #      - '*.internal.com'
-#      - internal.mycompany.com
+#      - internal.gravitee.io
 #    type: HTTP #HTTP, SOCK4, SOCK5
 #    http:
 #      host: localhost

gravitee-am-policy/gravitee-am-policy-send-email/src/main/java/io/gravitee/am/policy/send/email/configuration/SendEmailPolicyConfiguration.java

@@ -28,7 +28,7 @@ public class SendEmailPolicyConfiguration implements PolicyConfiguration {
      */
     private String template;
     /**
-     * The email's FROM address. Example: no-reply@mycompany.com
+     * The email's FROM address. Example: no-reply@gravitee.io
      */
     private String from;
     /**

gravitee-am-policy/gravitee-am-policy-send-email/src/main/resources/schemas/schema-form.json

@@ -10,7 +10,7 @@
     "from" : {
       "type" : "string",
       "title": "From",
-      "description": "The email's FROM address (support freemarker). Example: no-reply@mycompany.com"
+      "description": "The email's FROM address (support freemarker). Example: no-reply@gravitee.io"
     },
     "fromName" : {
       "type" : "string",

gravitee-am-service/src/main/java/io/gravitee/am/service/impl/EntrypointServiceImpl.java

@@ -36,6 +36,7 @@
 import io.reactivex.rxjava3.core.Single;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Component;
 import org.springframework.util.CollectionUtils;
@@ -60,15 +61,18 @@ public class EntrypointServiceImpl implements EntrypointService {
     private final OrganizationService organizationService;
     private final AuditService auditService;
     private final VirtualHostValidator virtualHostValidator;
+    private final String gatewayUrl;
 
     public EntrypointServiceImpl(@Lazy EntrypointRepository entrypointRepository,
                                  @Lazy OrganizationService organizationService,
                                  AuditService auditService,
-                                 VirtualHostValidator virtualHostValidator) {
+                                 VirtualHostValidator virtualHostValidator,
+                                 @Value("${gateway.url:http://localhost:8092}") String gatewayUrl) {
         this.entrypointRepository = entrypointRepository;
         this.organizationService = organizationService;
         this.auditService = auditService;
         this.virtualHostValidator = virtualHostValidator;
+        this.gatewayUrl = gatewayUrl;
     }
 
     @Override
@@ -112,7 +116,7 @@ public Flowable<Entrypoint> createDefaults(Organization organization) {
             Entrypoint toCreate = new Entrypoint();
             toCreate.setName("Default");
             toCreate.setDescription("Default entrypoint");
-            toCreate.setUrl("https://auth.company.com");
+            toCreate.setUrl(gatewayUrl);
             toCreate.setTags(Collections.emptyList());
             toCreate.setOrganizationId(organization.getId());
             toCreate.setDefaultEntrypoint(true);
@@ -216,4 +220,4 @@ private Completable validate(Entrypoint entrypoint, Entrypoint oldEntrypoint) {
             return Completable.error(new InvalidEntrypointException("Entrypoint must have a valid url."));
         }
     }
-}
+}

gravitee-am-service/src/test/java/io/gravitee/am/service/EntrypointServiceTest.java

@@ -78,7 +78,7 @@ public class EntrypointServiceTest {
     @Before
     public void before() {
 
-        cut = new EntrypointServiceImpl(entrypointRepository, organizationService, auditService, virtualHostValidator);
+        cut = new EntrypointServiceImpl(entrypointRepository, organizationService, auditService, virtualHostValidator, "https://gravitee.io");
     }
 
     @Test
@@ -124,7 +124,7 @@ public void shouldCreateDefaults() {
 
         when(organizationService.findById(ORGANIZATION_ID)).thenReturn(Single.just(organization));
         when(entrypointRepository.create(any(Entrypoint.class))).thenAnswer(i -> Single.just(i.getArgument(0)));
-        doReturn(true).when(virtualHostValidator).isValidDomainOrSubDomain("auth.company.com", null);
+        doReturn(true).when(virtualHostValidator).isValidDomainOrSubDomain("gravitee.io", null);
 
         TestSubscriber<Entrypoint> obs = cut.createDefaults(organization).test();
 
@@ -188,11 +188,11 @@ public void shouldCreate() {
         newEntrypoint.setName("name");
         newEntrypoint.setDescription("description");
         newEntrypoint.setTags(Arrays.asList("tag#1", "tags#2"));
-        newEntrypoint.setUrl("https://auth.company.com");
+        newEntrypoint.setUrl("https://auth.gravitee.io");
 
         when(organizationService.findById(ORGANIZATION_ID)).thenReturn(Single.just(organization));
         when(entrypointRepository.create(any(Entrypoint.class))).thenAnswer(i -> Single.just(i.getArgument(0)));
-        doReturn(true).when(virtualHostValidator).isValidDomainOrSubDomain("auth.company.com", null);
+        doReturn(true).when(virtualHostValidator).isValidDomainOrSubDomain("auth.gravitee.io", null);
         TestObserver<Entrypoint> obs = cut.create(ORGANIZATION_ID, newEntrypoint, user).test();
 
         obs.awaitDone(10, TimeUnit.SECONDS);
@@ -251,12 +251,12 @@ public void shouldUpdate() {
         updateEntrypoint.setName("name");
         updateEntrypoint.setDescription("description");
         updateEntrypoint.setTags(Arrays.asList("tag#1", "tags#2"));
-        updateEntrypoint.setUrl("https://auth.company.com");
+        updateEntrypoint.setUrl("https://auth.gravitee.io");
 
         when(organizationService.findById(ORGANIZATION_ID)).thenReturn(Single.just(new Organization()));
         when(entrypointRepository.findById(ENTRYPOINT_ID, ORGANIZATION_ID)).thenReturn(Maybe.just(existingEntrypoint));
         when(entrypointRepository.update(any(Entrypoint.class))).thenAnswer(i -> Single.just(i.getArgument(0)));
-        doReturn(true).when(virtualHostValidator).isValidDomainOrSubDomain("auth.company.com", null);
+        doReturn(true).when(virtualHostValidator).isValidDomainOrSubDomain("auth.gravitee.io", null);
 
         TestObserver<Entrypoint> obs = cut.update(ENTRYPOINT_ID, ORGANIZATION_ID, updateEntrypoint, user).test();
 

gravitee-am-test/specs/gateway/flow-execution.jest.spec.ts

@@ -437,7 +437,7 @@ describe('Flows Execution - authorization_code flow', () => {
             enabled: true,
             configuration: JSON.stringify({
               template: 'TEST JEST',
-              from: 'no-reply@mycompany.com',
+              from: 'no-reply@gravitee.io',
               fromName: 'Test',
               to: '${user.email}',
               subject: EMAIL_SUBJECT,

gravitee-am-ui/src/app/domain/applications/application/overview/overview.component.html

@@ -227,7 +227,7 @@ <h2>Call your APIs</h2>
           <div class="code">
             <pre class="multiline">
 curl -X GET \
-  https://api.mycompany.com/api/v1/data \
+  https://api.gravitee.io/api/v1/data \
   -H 'Authorization: Bearer access_token'</pre
             >
           </div>
@@ -330,7 +330,7 @@ <h2>Call your APIs</h2>
           <div class="code">
             <pre class="multiline">
 curl -X GET \
-  https://api.mycompany.com/api/v1/data \
+  https://api.gravitee.io/api/v1/data \
   -H 'Authorization: Bearer access_token'
             </pre>
           </div>

gravitee-am-ui/src/app/domain/components/emails/email/email.component.html

@@ -49,7 +49,7 @@ <h1>{{ emailName }}</h1>
           [disabled]="!isEnabled()"
           [readonly]="!canEdit()"
         />
-        <mat-hint>The email's FROM address. Example: no-reply@mycompany.com</mat-hint>
+        <mat-hint>The email's FROM address. Example: no-reply@gravitee.io</mat-hint>
       </mat-form-field>
       <mat-form-field appearance="outline" floatLabel="always">
         <mat-label>From name</mat-label>

helm/README.adoc

@@ -229,7 +229,7 @@ httpClient:
     enabled: false
     exclude-hosts: # list of hosts to exclude from proxy (wildcard hosts are supported)
       - '*.internal.com'
-      - internal.mycompany.com
+      - internal.gravitee.io
     type: HTTP #HTTP, SOCK4, SOCK5
     http:
       host: localhost
@@ -715,7 +715,7 @@ httpClient:
 
 === Gravitee.io Alert trigger & settings
 
-When alerts are enabled, you may want to define your own settings the alert triggers and for the risk_assessment settings. 
+When alerts are enabled, you may want to define your own settings the alert triggers and for the risk_assessment settings.
 To do so, you wan define triggers and settings under the alerts section of the values.yaml.
 
 

helm/README.md

@@ -161,7 +161,7 @@ httpClient:
     enabled: false
     exclude-hosts: # list of hosts to exclude from proxy (wildcard hosts are supported)
       - '*.internal.com'
-      - internal.mycompany.com
+      - internal.gravitee.io
     type: HTTP #HTTP, SOCK4, SOCK5
     http:
       host: localhost