diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index 63549417..daae5161 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -39,11 +39,11 @@ jobs: - name: Check style run: ./gradlew checkstyleMain checkstyleTest - - name: Build and analyze - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: ./gradlew build jacocoTestReport sonar --info + - name: Build + id: build_jar + run: | + ./gradlew build --info + echo current_version=$(echo $(./gradlew properties --no-daemon --console=plain -q | grep "^version:" | awk '{printf $2}')) >> $GITHUB_OUTPUT - name: Publish test report if: always() @@ -51,5 +51,18 @@ jobs: with: report_paths: '**/build/test-results/test/TEST-*.xml' + - name: Upload + uses: actions/upload-artifact@v4 + with: + name: ns4kafka + path: ${{ github.workspace }}/build/libs/ns4kafka-${{ steps.build_jar.outputs.current_version }}.jar + + - name: Sonar + if: github.event.pull_request.head.repo.fork == false + run: ./gradlew jacocoTestReport sonar + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + - name: Docker run: ./gradlew dockerBuild \ No newline at end of file diff --git a/src/main/java/com/michelin/ns4kafka/controller/acl/AclNonNamespacedController.java b/src/main/java/com/michelin/ns4kafka/controller/acl/AclNonNamespacedController.java index 1fbd06b8..4bb88db5 100644 --- a/src/main/java/com/michelin/ns4kafka/controller/acl/AclNonNamespacedController.java +++ b/src/main/java/com/michelin/ns4kafka/controller/acl/AclNonNamespacedController.java @@ -41,7 +41,7 @@ public class AclNonNamespacedController extends NonNamespacedResourceController AclService aclService; /** - * List ACLs. + * List all ACLs. * * @return A list of ACLs */ diff --git a/src/main/java/com/michelin/ns4kafka/util/EncryptionUtils.java b/src/main/java/com/michelin/ns4kafka/util/EncryptionUtils.java index 0b043161..ff45eaa6 100644 --- a/src/main/java/com/michelin/ns4kafka/util/EncryptionUtils.java +++ b/src/main/java/com/michelin/ns4kafka/util/EncryptionUtils.java @@ -26,6 +26,7 @@ import com.nimbusds.jose.JWEHeader; import com.nimbusds.jose.crypto.AESDecrypter; import com.nimbusds.jose.crypto.AESEncrypter; +import com.nimbusds.jose.crypto.impl.AAD; import com.nimbusds.jose.util.Base64URL; import io.micronaut.core.util.StringUtils; import java.io.ByteArrayOutputStream; @@ -86,10 +87,13 @@ public static String encryptAes256Gcm(String clearText, String key) { return clearText; } + JWEHeader header = new JWEHeader(JWEAlgorithm.A256KW, EncryptionMethod.A256GCM); AESEncrypter encrypter = new AESEncrypter(key.getBytes(StandardCharsets.UTF_8)); - JWECryptoParts encryptedData = - encrypter.encrypt(new JWEHeader(JWEAlgorithm.A256KW, EncryptionMethod.A256GCM), - clearText.getBytes(StandardCharsets.UTF_8)); + JWECryptoParts encryptedData = encrypter.encrypt( + header, + clearText.getBytes(StandardCharsets.UTF_8), + AAD.compute(header) + ); ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); outputStream.write(encryptedData.getEncryptedKey().decode()); @@ -126,8 +130,8 @@ public static String decryptAes256Gcm(String encryptedText, String key) { Base64URL auth = Base64URL.encode(Arrays.copyOfRange(encryptedData, 52, 68)); Base64URL text = Base64URL.encode(Arrays.copyOfRange(encryptedData, 68, encryptedData.length)); - byte[] clearTextAsBytes = decrypter.decrypt(new JWEHeader(JWEAlgorithm.A256KW, EncryptionMethod.A256GCM), - encryptedKey, iv, text, auth); + JWEHeader header = new JWEHeader(JWEAlgorithm.A256KW, EncryptionMethod.A256GCM); + byte[] clearTextAsBytes = decrypter.decrypt(header, encryptedKey, iv, text, auth, AAD.compute(header)); return new String(clearTextAsBytes); } catch (JOSEException e) {