diff --git a/README.md b/README.md index 5637302c8c9..73782164ee5 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ -[![Maven Package upon a push](https://github.com/mosip/commons/actions/workflows/push_trigger.yml/badge.svg?branch=release-1.2.0)](https://github.com/mosip/commons/actions/workflows/push_trigger.yml) -[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=mosip_commons&metric=alert_status)](https://sonarcloud.io/dashboard?branch=release-1.2.0&id=mosip_commons) +[![Maven Package upon a push](https://github.com/mosip/commons/actions/workflows/push_trigger.yml/badge.svg?branch=release-1.2.0.1)](https://github.com/mosip/commons/actions/workflows/push_trigger.yml) +[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=mosip_commons&metric=alert_status)](https://sonarcloud.io/dashboard?branch=release-1.2.0.1&id=mosip_commons) # Commons diff --git a/db_release_scripts/mosip_authdevice/authdevice_release_db_deploy.sh b/db_release_scripts/mosip_authdevice/authdevice_release_db_deploy.sh deleted file mode 100644 index 397c9c1817b..00000000000 --- a/db_release_scripts/mosip_authdevice/authdevice_release_db_deploy.sh +++ /dev/null @@ -1,92 +0,0 @@ -### -- --------------------------------------------------------------------------------------------------------- -### -- Script Name : Authdevice Release DB deploy -### -- Deploy Module : MOSIP Kernel -### -- Purpose : To deploy AuthDevice Database alter scripts for the release. -### -- Created By : Ram Bhatt -### -- Created Date : Jan-2021 -### -- -### -- Modified Date Modified By Comments / Remarks -### -- ----------------------------------------------------------------------------------------------------------- - -### -- ----------------------------------------------------------------------------------------------------------- - -#########Properties file ############# -set -e -properties_file="$1" -release_version="$2" - echo `date "+%m/%d/%Y %H:%M:%S"` ": Properties File Name - $properties_file" - echo `date "+%m/%d/%Y %H:%M:%S"` ": DB Deploymnet Version - $release_version" -#properties_file="./app.properties" -if [ -f "$properties_file" ] -then - echo `date "+%m/%d/%Y %H:%M:%S"` ": Property file \"$properties_file\" found." - while IFS='=' read -r key value - do - key=$(echo $key | tr '.' '_') - eval ${key}=\${value} - done < "$properties_file" -else - echo `date "+%m/%d/%Y %H:%M:%S"` ": Property file not found, Pass property file name as argument." -fi -echo `date "+%m/%d/%Y %H:%M:%S"` ": ------------------ Database server and service status check for ${MOSIP_DB_NAME}------------------------" - -today=`date '+%d%m%Y_%H%M%S'`; -LOG="${LOG_PATH}${MOSIP_DB_NAME}-release-${release_version}-${today}.log" -touch $LOG - -SERVICE=$(PGPASSWORD=$SU_USER_PWD psql --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -t -c "select count(1) from pg_roles where rolname IN('sysadmin')";exit; > /dev/null) - -if [ "$SERVICE" -eq 0 ] || [ "$SERVICE" -eq 1 ] -then -echo `date "+%m/%d/%Y %H:%M:%S"` ": Postgres database server and service is up and running" | tee -a $LOG 2>&1 -else -echo `date "+%m/%d/%Y %H:%M:%S"` ": Postgres database server or service is not running" | tee -a $LOG 2>&1 -fi - -echo `date "+%m/%d/%Y %H:%M:%S"` ": ----------------------------------------------------------------------------------------" - -echo `date "+%m/%d/%Y %H:%M:%S"` ": Started sourcing the $MOSIP_DB_NAME Database Alter scripts" | tee -a $LOG 2>&1 - -echo `date "+%m/%d/%Y %H:%M:%S"` ": Database Alter scripts are sourcing from :$BASEPATH/$MOSIP_DB_NAME/" | tee -a $LOG 2>&1 - -#========================================DB Alter Scripts deployment process begins on IDMAP DB SERVER================================== - -echo `date "+%m/%d/%Y %H:%M:%S"` ": Alter scripts deployment on $MOSIP_DB_NAME database is started....Deployment Version...$release_version" | tee -a $LOG 2>&1 - -ALTER_SCRIPT_FILENAME_VERSION="sql/${release_version}_${ALTER_SCRIPT_FILENAME}" - -echo `date "+%m/%d/%Y %H:%M:%S"` ": Alter scripts file which is considered for release deployment - $ALTER_SCRIPT_FILENAME_VERSION" | tee -a $LOG 2>&1 - -cd /$BASEPATH/$MOSIP_DB_NAME/ - -pwd | tee -a $LOG 2>&1 - -CONN=$(PGPASSWORD=$SYSADMIN_PWD psql --username=$SYSADMIN_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -t -c "SELECT count(pg_terminate_backend(pg_stat_activity.pid)) FROM pg_stat_activity WHERE datname = '$MOSIP_DB_NAME' AND pid <> pg_backend_pid()";exit; >> $LOG 2>&1) - -if [ ${CONN} == 0 ] -then - echo `date "+%m/%d/%Y %H:%M:%S"` ": No active database connections exist on ${MOSIP_DB_NAME}" | tee -a $LOG 2>&1 -else - echo `date "+%m/%d/%Y %H:%M:%S"` ": Active connections exist on the database server and active connection will be terminated for DB deployment." | tee -a $LOG 2>&1 -fi - -if [ ${ALTER_SCRIPT_FLAG} == 1 ] -then - echo `date "+%m/%d/%Y %H:%M:%S"` ": Deploying Alter scripts for ${MOSIP_DB_NAME} database" | tee -a $LOG 2>&1 - PGPASSWORD=$SYSADMIN_PWD psql --username=$SYSADMIN_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -a -b -f $ALTER_SCRIPT_FILENAME_VERSION >> $LOG 2>&1 -else - echo `date "+%m/%d/%Y %H:%M:%S"` ": There are no alter scripts available for this deployment at ${MOSIP_DB_NAME}" | tee -a $LOG 2>&1 -fi - -if [ $(grep -c ERROR $LOG) -ne 0 ] -then - echo `date "+%m/%d/%Y %H:%M:%S"` ": Database Alter scripts deployment version $release_version is completed with ERRORS, Please check the logs for more information" | tee -a $LOG 2>&1 - echo `date "+%m/%d/%Y %H:%M:%S"` ": END of Alter scripts MOSIP database deployment" | tee -a $LOG 2>&1 -else - echo `date "+%m/%d/%Y %H:%M:%S"` ": Database Alter scripts deployment version $release_version completed successfully, Please check the logs for more information" | tee -a $LOG 2>&1 - echo `date "+%m/%d/%Y %H:%M:%S"` ": END of MOSIP \"${MOSIP_DB_NAME}\" database alter scripts deployment" | tee -a $LOG 2>&1 -fi - -echo "******************************************"`date "+%m/%d/%Y %H:%M:%S"` "*****************************************************" >> $LOG 2>&1 - - diff --git a/db_release_scripts/mosip_authdevice/authdevice_release_deploy.properties b/db_release_scripts/mosip_authdevice/authdevice_release_deploy.properties deleted file mode 100644 index e0c9ff9c2d7..00000000000 --- a/db_release_scripts/mosip_authdevice/authdevice_release_deploy.properties +++ /dev/null @@ -1,12 +0,0 @@ -DB_SERVERIP= -DB_PORT=30090 -SU_USER=postgres -DEFAULT_DB_NAME=postgres -MOSIP_DB_NAME=mosip_authdevice -SYSADMIN_USER=sysadmin -BASEPATH=/home/madmin/database_release -LOG_PATH=/home/madmin/logs/ -ALTER_SCRIPT_FLAG=1 -ALTER_SCRIPT_FILENAME=authdevice-scripts_release.sql -REVOKE_SCRIPT_FLAG=1 -REVOKE_SCRIPT_FILENAME=authdevice-scripts_revoke.sql diff --git a/db_release_scripts/mosip_authdevice/authdevice_revoke_db_deploy.sh b/db_release_scripts/mosip_authdevice/authdevice_revoke_db_deploy.sh deleted file mode 100644 index d79b96cfb72..00000000000 --- a/db_release_scripts/mosip_authdevice/authdevice_revoke_db_deploy.sh +++ /dev/null @@ -1,92 +0,0 @@ -### -- --------------------------------------------------------------------------------------------------------- -### -- Script Name : Authdevice Revoke DB deploy -### -- Deploy Module : MOSIP Authdevice -### -- Purpose : To revoke Authdevice Database alter scripts for the release. -### -- Create By : Ram Bhatt -### -- Created Date : Jan-2021 -### -- -### -- Modified Date Modified By Comments / Remarks -### -- ----------------------------------------------------------------------------------------------------------- - -### -- ----------------------------------------------------------------------------------------------------------- - -#########Properties file ############# -set -e -properties_file="$1" -revoke_version="$2" - echo `date "+%m/%d/%Y %H:%M:%S"` ": $properties_file" - echo `date "+%m/%d/%Y %H:%M:%S"` ": DB Revoke Version - $revoke_version" -#properties_file="./app.properties" -if [ -f "$properties_file" ] -then - echo `date "+%m/%d/%Y %H:%M:%S"` ": Property file \"$properties_file\" found." - while IFS='=' read -r key value - do - key=$(echo $key | tr '.' '_') - eval ${key}=\${value} - done < "$properties_file" -else - echo `date "+%m/%d/%Y %H:%M:%S"` ": Property file not found, Pass property file name as argument." -fi -echo `date "+%m/%d/%Y %H:%M:%S"` ": ------------------ Database server and service status check for ${MOSIP_DB_NAME}------------------------" - -today=`date '+%d%m%Y_%H%M%S'`; -LOG="${LOG_PATH}${MOSIP_DB_NAME}-revoke-${today}.log" -touch $LOG - -SERVICE=$(PGPASSWORD=$SU_USER_PWD psql --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -t -c "select count(1) from pg_roles where rolname IN('sysadmin')";exit; > /dev/null) - -if [ "$SERVICE" -eq 0 ] || [ "$SERVICE" -eq 1 ] -then -echo `date "+%m/%d/%Y %H:%M:%S"` ": Postgres database server and service is up and running" | tee -a $LOG 2>&1 -else -echo `date "+%m/%d/%Y %H:%M:%S"` ": Postgres database server or service is not running" | tee -a $LOG 2>&1 -fi - -echo `date "+%m/%d/%Y %H:%M:%S"` ": ----------------------------------------------------------------------------------------" - -echo `date "+%m/%d/%Y %H:%M:%S"` ": Started sourcing the $MOSIP_DB_NAME Database Deployment Revoke scripts" | tee -a $LOG 2>&1 - -echo `date "+%m/%d/%Y %H:%M:%S"` ": Database revoke scripts are sourcing from :$BASEPATH/$MOSIP_DB_NAME/alter-scripts" | tee -a $LOG 2>&1 - -#========================================DB Alter Scripts deployment process begins on IDMAP DB SERVER================================== - -echo `date "+%m/%d/%Y %H:%M:%S"` ": Revoke scripts for DB deployment on $MOSIP_DB_NAME database is started....Revoke Version...$revoke_version" | tee -a $LOG 2>&1 - -REVOKE_SCRIPT_FILENAME_VERSION="sql/${revoke_version}_${REVOKE_SCRIPT_FILENAME}" - -echo `date "+%m/%d/%Y %H:%M:%S"` ": Alter scripts file which is considered for deployment revoke - $REVOKE_SCRIPT_FILENAME_VERSION" | tee -a $LOG 2>&1 - -cd /$BASEPATH/$MOSIP_DB_NAME/ - -pwd | tee -a $LOG 2>&1 - -CONN=$(PGPASSWORD=$SYSADMIN_PWD psql --username=$SYSADMIN_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -t -c "SELECT count(pg_terminate_backend(pg_stat_activity.pid)) FROM pg_stat_activity WHERE datname = '$MOSIP_DB_NAME' AND pid <> pg_backend_pid()";exit; >> $LOG 2>&1) - -if [ ${CONN} == 0 ] -then - echo `date "+%m/%d/%Y %H:%M:%S"` ": No active database connections exist on ${MOSIP_DB_NAME}" | tee -a $LOG 2>&1 -else - echo `date "+%m/%d/%Y %H:%M:%S"` ": Active connections exist on the database server and active connection will be terminated for DB deployment." | tee -a $LOG 2>&1 -fi - -if [ ${REVOKE_SCRIPT_FLAG} == 1 ] -then - echo `date "+%m/%d/%Y %H:%M:%S"` ": Executing revoke scripts for ${MOSIP_DB_NAME} database" | tee -a $LOG 2>&1 - PGPASSWORD=$SYSADMIN_PWD psql --username=$SYSADMIN_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -a -b -f $REVOKE_SCRIPT_FILENAME_VERSION >> $LOG 2>&1 -else - echo `date "+%m/%d/%Y %H:%M:%S"` ": There are no revoke scripts available for this deployment at ${MOSIP_DB_NAME}" | tee -a $LOG 2>&1 -fi - -if [ $(grep -c ERROR $LOG) -ne 0 ] -then - echo `date "+%m/%d/%Y %H:%M:%S"` ": Database deployment revoke version $revoke_version is completed with ERRORS, Please check the logs for more information" | tee -a $LOG 2>&1 - echo `date "+%m/%d/%Y %H:%M:%S"` ": END of Alter scripts MOSIP database deployment" | tee -a $LOG 2>&1 -else - echo `date "+%m/%d/%Y %H:%M:%S"` ": Database deployment revoke version $revoke_version completed successfully, Please check the logs for more information" | tee -a $LOG 2>&1 - echo `date "+%m/%d/%Y %H:%M:%S"` ": END of MOSIP \"${MOSIP_DB_NAME}\" database deployment revoke" | tee -a $LOG 2>&1 -fi - -echo "******************************************"`date "+%m/%d/%Y %H:%M:%S"` "*****************************************************" >> $LOG 2>&1 - - diff --git a/db_release_scripts/mosip_authdevice/sql/1.1.5_authdevice-scripts_release.sql b/db_release_scripts/mosip_authdevice/sql/1.1.5_authdevice-scripts_release.sql deleted file mode 100644 index bffaa08e4f2..00000000000 --- a/db_release_scripts/mosip_authdevice/sql/1.1.5_authdevice-scripts_release.sql +++ /dev/null @@ -1,18 +0,0 @@ --- ------------------------------------------------------------------------------------------------- --- Database Name : mosip_authdevice --- Release Version : 1.2.0-SNAPSHOT --- Purpose : Database Alter scripts for the release for Authdevice DB. --- Create By : Ram Bhatt --- Created Date : Jan-2021 --- --- Modified Date Modified By Comments / Remarks --- --- ------------------------------------------------------------------------------------------------- - -\c mosip_authdevice sysadmin - --- ------------------------------------------------------------------------------------------------- - - - ----------------------------------------------------------------------------------------------------- diff --git a/db_release_scripts/mosip_authdevice/sql/1.1.5_authdevice-scripts_revoke.sql b/db_release_scripts/mosip_authdevice/sql/1.1.5_authdevice-scripts_revoke.sql deleted file mode 100644 index 9f34722c053..00000000000 --- a/db_release_scripts/mosip_authdevice/sql/1.1.5_authdevice-scripts_revoke.sql +++ /dev/null @@ -1,13 +0,0 @@ --- ------------------------------------------------------------------------------------------------- --- Database Name : mosip_authdevice --- Release Version : 1.2.0-SNAPSHOT --- Purpose : Revoking Database Alter deployement done for release in Authdevice DB. --- Create By : Ram Bhatt --- Created Date : Jan-2021 --- --- Modified Date Modified By Comments / Remarks --- ------------------------------------------------------------------------------------------------- - -\c mosip_authdevice sysadmin - ------------------------------------------------------------------------------------------------------ diff --git a/db_release_scripts/mosip_authdevice/sql/1.2_authdevice-scripts_release.sql b/db_release_scripts/mosip_authdevice/sql/1.2_authdevice-scripts_release.sql deleted file mode 100644 index 5b52b968139..00000000000 --- a/db_release_scripts/mosip_authdevice/sql/1.2_authdevice-scripts_release.sql +++ /dev/null @@ -1,30 +0,0 @@ --- ------------------------------------------------------------------------------------------------- --- Database Name : mosip_authdevice --- Release Version : 1.2.0-SNAPSHOT --- Purpose : Database Alter scripts for the release for Authdevice DB. --- Create By : Ram Bhatt --- Created Date : Nov-2021 --- --- Modified Date Modified By Comments / Remarks --- --- ------------------------------------------------------------------------------------------------- - -\c mosip_authdevice sysadmin - --- ------------------------------------------------------------------------------------------------- - -ALTER TABLE authdevice.secure_biometric_interface DROP CONSTRAINT IF EXISTS fk_sbi_id CASCADE; - - -ALTER TABLE authdevice.secure_biometric_interface ADD partner_org_name varchar(128); - -ALTER TABLE authdevice.secure_biometric_interface ADD provider_id varchar(36); - -ALTER TABLE authdevice.secure_biometric_interface_h ADD partner_org_name varchar(128); - -ALTER TABLE authdevice.secure_biometric_interface_h ADD provider_id varchar(36); - -ALTER TABLE authdevice.secure_biometric_interface DROP COLUMN IF EXISTS device_detail_id; -ALTER TABLE authdevice.secure_biometric_interface_h DROP COLUMN IF EXISTS device_detail_id; - ----------------------------------------------------------------------------------------------------- diff --git a/db_release_scripts/mosip_kernel/ddl/kernel-uin_assigned.sql b/db_release_scripts/mosip_kernel/ddl/kernel-uin_assigned.sql deleted file mode 100644 index 640a2d6d363..00000000000 --- a/db_release_scripts/mosip_kernel/ddl/kernel-uin_assigned.sql +++ /dev/null @@ -1,47 +0,0 @@ --- ------------------------------------------------------------------------------------------------- --- Database Name: mosip_kernel --- Table Name : kernel.uin_assigned --- Purpose : UIN ASSIGNED: Stores pre-generated UINs that are assigned to an individual as part of registration process.. --- --- Create By : Sadanandegowda DM --- Created Date : 20-May-2020 --- --- Modified Date Modified By Comments / Remarks --- ------------------------------------------------------------------------------------------ --- --- ------------------------------------------------------------------------------------------ - --- object: kernel.uin_assigned | type: TABLE -- --- DROP TABLE IF EXISTS kernel.uin_assigned CASCADE; -CREATE TABLE kernel.uin_assigned( - uin character varying(28) NOT NULL, - uin_status character varying(16), - cr_by character varying(256) NOT NULL, - cr_dtimes timestamp NOT NULL, - upd_by character varying(256), - upd_dtimes timestamp, - is_deleted boolean, - del_dtimes timestamp, - CONSTRAINT pk_uinass_id PRIMARY KEY (uin) - -); --- ddl-end -- -COMMENT ON TABLE kernel.uin_assigned IS 'UIN: Stores pre-generated UINs that are assigned to an individual as part of registration process.'; --- ddl-end -- -COMMENT ON COLUMN kernel.uin_assigned.uin IS 'UIN: Pre-generated UINs (Unique Identification Number), which will be used to assign to an individual'; --- ddl-end -- -COMMENT ON COLUMN kernel.uin_assigned.uin_status IS 'Is Used: Status of the pre-generated UIN, whether it is assigned, unassigned or issued.'; --- ddl-end -- -COMMENT ON COLUMN kernel.uin_assigned.cr_by IS 'Created By : ID or name of the user who create / insert record'; --- ddl-end -- -COMMENT ON COLUMN kernel.uin_assigned.cr_dtimes IS 'Created DateTimestamp : Date and Timestamp when the record is created/inserted'; --- ddl-end -- -COMMENT ON COLUMN kernel.uin_assigned.upd_by IS 'Updated By : ID or name of the user who update the record with new values'; --- ddl-end -- -COMMENT ON COLUMN kernel.uin_assigned.upd_dtimes IS 'Updated DateTimestamp : Date and Timestamp when any of the fields in the record is updated with new values.'; --- ddl-end -- -COMMENT ON COLUMN kernel.uin_assigned.is_deleted IS 'IS_Deleted : Flag to mark whether the record is Soft deleted.'; --- ddl-end -- -COMMENT ON COLUMN kernel.uin_assigned.del_dtimes IS 'Deleted DateTimestamp : Date and Timestamp when the record is soft deleted with is_deleted=TRUE'; --- ddl-end -- - diff --git a/db_release_scripts/mosip_kernel/ddl/kernel-vid_assigned.sql b/db_release_scripts/mosip_kernel/ddl/kernel-vid_assigned.sql deleted file mode 100644 index e528e5ac4c6..00000000000 --- a/db_release_scripts/mosip_kernel/ddl/kernel-vid_assigned.sql +++ /dev/null @@ -1,49 +0,0 @@ --- ------------------------------------------------------------------------------------------------- --- Database Name: mosip_kernel --- Table Name : kernel.vid_assigned --- Purpose : VID Assigned: Stores pre-generated VIDs that are assigned /expired to an individual as part of mosip process. --- --- Create By : Sadanandegowda DM --- Created Date : Dec-2020 --- --- Modified Date Modified By Comments / Remarks --- ------------------------------------------------------------------------------------------ --- --- ------------------------------------------------------------------------------------------ - --- object: kernel.vid_assigned | type: TABLE -- --- DROP TABLE IF EXISTS kernel.vid_assigned CASCADE; -CREATE TABLE kernel.vid_assigned( - vid character varying(36) NOT NULL, - expiry_dtimes timestamp, - vid_status character varying(16) NOT NULL, - cr_by character varying(256) NOT NULL, - cr_dtimes timestamp NOT NULL, - upd_by character varying(256), - upd_dtimes timestamp, - is_deleted boolean, - del_dtimes timestamp, - CONSTRAINT pk_vida_id PRIMARY KEY (vid) - -); --- ddl-end -- -COMMENT ON TABLE kernel.vid_assigned IS 'VID Assigned: Stores pre-generated VIDs that are assigned /expired to an individual as part of mosip process.'; --- ddl-end -- -COMMENT ON COLUMN kernel.vid_assigned.vid IS 'VID: Pre-generated VIDs (Vertual Identification Number), which will be used to assign to an individual'; --- ddl-end -- -COMMENT ON COLUMN kernel.vid_assigned.expiry_dtimes IS 'Expiry Date and Time: Expiry Date and Time of the Vertual ID'; --- ddl-end -- -COMMENT ON COLUMN kernel.vid_assigned.vid_status IS 'VID: Status of the pre-generated VID, whether it is available, expired or assigned.'; --- ddl-end -- -COMMENT ON COLUMN kernel.vid_assigned.cr_by IS 'Created By : ID or name of the user who create / insert record'; --- ddl-end -- -COMMENT ON COLUMN kernel.vid_assigned.cr_dtimes IS 'Created DateTimestamp : Date and Timestamp when the record is created/inserted'; --- ddl-end -- -COMMENT ON COLUMN kernel.vid_assigned.upd_by IS 'Updated By : ID or name of the user who update the record with new values'; --- ddl-end -- -COMMENT ON COLUMN kernel.vid_assigned.upd_dtimes IS 'Updated DateTimestamp : Date and Timestamp when any of the fields in the record is updated with new values.'; --- ddl-end -- -COMMENT ON COLUMN kernel.vid_assigned.is_deleted IS 'IS_Deleted : Flag to mark whether the record is Soft deleted.'; --- ddl-end -- -COMMENT ON COLUMN kernel.vid_assigned.del_dtimes IS 'Deleted DateTimestamp : Date and Timestamp when the record is soft deleted with is_deleted=TRUE'; --- ddl-end -- \ No newline at end of file diff --git a/db_release_scripts/mosip_regdevice/regdevice_release_db_deploy.sh b/db_release_scripts/mosip_regdevice/regdevice_release_db_deploy.sh deleted file mode 100644 index d0d399d7764..00000000000 --- a/db_release_scripts/mosip_regdevice/regdevice_release_db_deploy.sh +++ /dev/null @@ -1,92 +0,0 @@ -### -- --------------------------------------------------------------------------------------------------------- -### -- Script Name : Key Manager Release DB deploy -### -- Deploy Module : MOSIP Key Manager -### -- Purpose : To deploy Key Manager Database alter scripts for the release. -### -- Create By : Sadanandegowda -### -- Created Date : Dec-2020 -### -- -### -- Modified Date Modified By Comments / Remarks -### -- ----------------------------------------------------------------------------------------------------------- - -### -- ----------------------------------------------------------------------------------------------------------- - -#########Properties file ############# -set -e -properties_file="$1" -release_version="$2" - echo `date "+%m/%d/%Y %H:%M:%S"` ": Properties File Name - $properties_file" - echo `date "+%m/%d/%Y %H:%M:%S"` ": DB Deploymnet Version - $release_version" -#properties_file="./app.properties" -if [ -f "$properties_file" ] -then - echo `date "+%m/%d/%Y %H:%M:%S"` ": Property file \"$properties_file\" found." - while IFS='=' read -r key value - do - key=$(echo $key | tr '.' '_') - eval ${key}=\${value} - done < "$properties_file" -else - echo `date "+%m/%d/%Y %H:%M:%S"` ": Property file not found, Pass property file name as argument." -fi -echo `date "+%m/%d/%Y %H:%M:%S"` ": ------------------ Database server and service status check for ${MOSIP_DB_NAME}------------------------" - -today=`date '+%d%m%Y_%H%M%S'`; -LOG="${LOG_PATH}${MOSIP_DB_NAME}-release-${release_version}-${today}.log" -touch $LOG - -SERVICE=$(PGPASSWORD=$SU_USER_PWD psql --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -t -c "select count(1) from pg_roles where rolname IN('sysadmin')";exit; > /dev/null) - -if [ "$SERVICE" -eq 0 ] || [ "$SERVICE" -eq 1 ] -then -echo `date "+%m/%d/%Y %H:%M:%S"` ": Postgres database server and service is up and running" | tee -a $LOG 2>&1 -else -echo `date "+%m/%d/%Y %H:%M:%S"` ": Postgres database server or service is not running" | tee -a $LOG 2>&1 -fi - -echo `date "+%m/%d/%Y %H:%M:%S"` ": ----------------------------------------------------------------------------------------" - -echo `date "+%m/%d/%Y %H:%M:%S"` ": Started sourcing the $MOSIP_DB_NAME Database Alter scripts" | tee -a $LOG 2>&1 - -echo `date "+%m/%d/%Y %H:%M:%S"` ": Database Alter scripts are sourcing from :$BASEPATH/$MOSIP_DB_NAME/" | tee -a $LOG 2>&1 - -#========================================DB Alter Scripts deployment process begins on Key Manager DB SERVER================================== - -echo `date "+%m/%d/%Y %H:%M:%S"` ": Alter scripts deployment on $MOSIP_DB_NAME database is started....Deployment Version...$release_version" | tee -a $LOG 2>&1 - -ALTER_SCRIPT_FILENAME_VERSION="sql/${release_version}_${ALTER_SCRIPT_FILENAME}" - -echo `date "+%m/%d/%Y %H:%M:%S"` ": Alter scripts file which is considered for release deployment - $ALTER_SCRIPT_FILENAME_VERSION" | tee -a $LOG 2>&1 - -cd /$BASEPATH/$MOSIP_DB_NAME/ - -pwd | tee -a $LOG 2>&1 - -CONN=$(PGPASSWORD=$SYSADMIN_PWD psql --username=$SYSADMIN_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -t -c "SELECT count(pg_terminate_backend(pg_stat_activity.pid)) FROM pg_stat_activity WHERE datname = '$MOSIP_DB_NAME' AND pid <> pg_backend_pid()";exit; >> $LOG 2>&1) - -if [ ${CONN} == 0 ] -then - echo `date "+%m/%d/%Y %H:%M:%S"` ": No active database connections exist on ${MOSIP_DB_NAME}" | tee -a $LOG 2>&1 -else - echo `date "+%m/%d/%Y %H:%M:%S"` ": Active connections exist on the database server and active connection will be terminated for DB deployment." | tee -a $LOG 2>&1 -fi - -if [ ${ALTER_SCRIPT_FLAG} == 1 ] -then - echo `date "+%m/%d/%Y %H:%M:%S"` ": Deploying Alter scripts for ${MOSIP_DB_NAME} database" | tee -a $LOG 2>&1 - PGPASSWORD=$SYSADMIN_PWD psql --username=$SYSADMIN_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -a -b -f $ALTER_SCRIPT_FILENAME_VERSION >> $LOG 2>&1 -else - echo `date "+%m/%d/%Y %H:%M:%S"` ": There are no alter scripts available for this deployment at ${MOSIP_DB_NAME}" | tee -a $LOG 2>&1 -fi - -if [ $(grep -c ERROR $LOG) -ne 0 ] -then - echo `date "+%m/%d/%Y %H:%M:%S"` ": Database Alter scripts deployment version $release_version is completed with ERRORS, Please check the logs for more information" | tee -a $LOG 2>&1 - echo `date "+%m/%d/%Y %H:%M:%S"` ": END of Alter scripts MOSIP database deployment" | tee -a $LOG 2>&1 -else - echo `date "+%m/%d/%Y %H:%M:%S"` ": Database Alter scripts deployment version $release_version completed successfully, Please check the logs for more information" | tee -a $LOG 2>&1 - echo `date "+%m/%d/%Y %H:%M:%S"` ": END of MOSIP \"${MOSIP_DB_NAME}\" database alter scripts deployment" | tee -a $LOG 2>&1 -fi - -echo "******************************************"`date "+%m/%d/%Y %H:%M:%S"` "*****************************************************" >> $LOG 2>&1 - - diff --git a/db_release_scripts/mosip_regdevice/regdevice_release_deploy.properties b/db_release_scripts/mosip_regdevice/regdevice_release_deploy.properties deleted file mode 100644 index e93518bfcb1..00000000000 --- a/db_release_scripts/mosip_regdevice/regdevice_release_deploy.properties +++ /dev/null @@ -1,12 +0,0 @@ -DB_SERVERIP= -DB_PORT=30090 -SU_USER=postgres -DEFAULT_DB_NAME=postgres -MOSIP_DB_NAME=mosip_regdevice -SYSADMIN_USER=sysadmin -BASEPATH=/home/madmin/database_release -LOG_PATH=/home/madmin/logs/ -ALTER_SCRIPT_FLAG=1 -ALTER_SCRIPT_FILENAME=regdevice-scripts_release.sql -REVOKE_SCRIPT_FLAG=1 -REVOKE_SCRIPT_FILENAME=regdevice-scripts_revoke.sql diff --git a/db_release_scripts/mosip_regdevice/regdevice_revoke_db_deploy.sh b/db_release_scripts/mosip_regdevice/regdevice_revoke_db_deploy.sh deleted file mode 100644 index 308d94a4254..00000000000 --- a/db_release_scripts/mosip_regdevice/regdevice_revoke_db_deploy.sh +++ /dev/null @@ -1,92 +0,0 @@ -### -- --------------------------------------------------------------------------------------------------------- -### -- Script Name : Key Manager Revoke DB deploy -### -- Deploy Module : MOSIP Key Manager -### -- Purpose : To revoke Key Manager Database alter scripts for the release. -### -- Create By : Sadanandegowda -### -- Created Date : Dec-2020 -### -- -### -- Modified Date Modified By Comments / Remarks -### -- ----------------------------------------------------------------------------------------------------------- - -### -- ----------------------------------------------------------------------------------------------------------- - -#########Properties file ############# -set -e -properties_file="$1" -revoke_version="$2" - echo `date "+%m/%d/%Y %H:%M:%S"` ": $properties_file" - echo `date "+%m/%d/%Y %H:%M:%S"` ": DB Revoke Version - $revoke_version" -#properties_file="./app.properties" -if [ -f "$properties_file" ] -then - echo `date "+%m/%d/%Y %H:%M:%S"` ": Property file \"$properties_file\" found." - while IFS='=' read -r key value - do - key=$(echo $key | tr '.' '_') - eval ${key}=\${value} - done < "$properties_file" -else - echo `date "+%m/%d/%Y %H:%M:%S"` ": Property file not found, Pass property file name as argument." -fi -echo `date "+%m/%d/%Y %H:%M:%S"` ": ------------------ Database server and service status check for ${MOSIP_DB_NAME}------------------------" - -today=`date '+%d%m%Y_%H%M%S'`; -LOG="${LOG_PATH}${MOSIP_DB_NAME}-revoke-${today}.log" -touch $LOG - -SERVICE=$(PGPASSWORD=$SU_USER_PWD psql --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -t -c "select count(1) from pg_roles where rolname IN('sysadmin')";exit; > /dev/null) - -if [ "$SERVICE" -eq 0 ] || [ "$SERVICE" -eq 1 ] -then -echo `date "+%m/%d/%Y %H:%M:%S"` ": Postgres database server and service is up and running" | tee -a $LOG 2>&1 -else -echo `date "+%m/%d/%Y %H:%M:%S"` ": Postgres database server or service is not running" | tee -a $LOG 2>&1 -fi - -echo `date "+%m/%d/%Y %H:%M:%S"` ": ----------------------------------------------------------------------------------------" - -echo `date "+%m/%d/%Y %H:%M:%S"` ": Started sourcing the $MOSIP_DB_NAME Database Deployment Revoke scripts" | tee -a $LOG 2>&1 - -echo `date "+%m/%d/%Y %H:%M:%S"` ": Database revoke scripts are sourcing from :$BASEPATH/$MOSIP_DB_NAME/alter-scripts" | tee -a $LOG 2>&1 - -#========================================DB Alter Scripts deployment process begins on Key Manager DB SERVER================================== - -echo `date "+%m/%d/%Y %H:%M:%S"` ": Revoke scripts for DB deployment on $MOSIP_DB_NAME database is started....Revoke Version...$revoke_version" | tee -a $LOG 2>&1 - -REVOKE_SCRIPT_FILENAME_VERSION="sql/${revoke_version}_${REVOKE_SCRIPT_FILENAME}" - -echo `date "+%m/%d/%Y %H:%M:%S"` ": Alter scripts file which is considered for deployment revoke - $REVOKE_SCRIPT_FILENAME_VERSION" | tee -a $LOG 2>&1 - -cd /$BASEPATH/$MOSIP_DB_NAME/ - -pwd | tee -a $LOG 2>&1 - -CONN=$(PGPASSWORD=$SYSADMIN_PWD psql --username=$SYSADMIN_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -t -c "SELECT count(pg_terminate_backend(pg_stat_activity.pid)) FROM pg_stat_activity WHERE datname = '$MOSIP_DB_NAME' AND pid <> pg_backend_pid()";exit; >> $LOG 2>&1) - -if [ ${CONN} == 0 ] -then - echo `date "+%m/%d/%Y %H:%M:%S"` ": No active database connections exist on ${MOSIP_DB_NAME}" | tee -a $LOG 2>&1 -else - echo `date "+%m/%d/%Y %H:%M:%S"` ": Active connections exist on the database server and active connection will be terminated for DB deployment." | tee -a $LOG 2>&1 -fi - -if [ ${REVOKE_SCRIPT_FLAG} == 1 ] -then - echo `date "+%m/%d/%Y %H:%M:%S"` ": Executing revoke scripts for ${MOSIP_DB_NAME} database" | tee -a $LOG 2>&1 - PGPASSWORD=$SYSADMIN_PWD psql --username=$SYSADMIN_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -a -b -f $REVOKE_SCRIPT_FILENAME_VERSION >> $LOG 2>&1 -else - echo `date "+%m/%d/%Y %H:%M:%S"` ": There are no revoke scripts available for this deployment at ${MOSIP_DB_NAME}" | tee -a $LOG 2>&1 -fi - -if [ $(grep -c ERROR $LOG) -ne 0 ] -then - echo `date "+%m/%d/%Y %H:%M:%S"` ": Database deployment revoke version $revoke_version is completed with ERRORS, Please check the logs for more information" | tee -a $LOG 2>&1 - echo `date "+%m/%d/%Y %H:%M:%S"` ": END of Alter scripts MOSIP database deployment" | tee -a $LOG 2>&1 -else - echo `date "+%m/%d/%Y %H:%M:%S"` ": Database deployment revoke version $revoke_version completed successfully, Please check the logs for more information" | tee -a $LOG 2>&1 - echo `date "+%m/%d/%Y %H:%M:%S"` ": END of MOSIP \"${MOSIP_DB_NAME}\" database deployment revoke" | tee -a $LOG 2>&1 -fi - -echo "******************************************"`date "+%m/%d/%Y %H:%M:%S"` "*****************************************************" >> $LOG 2>&1 - - diff --git a/db_release_scripts/mosip_regdevice/sql/1.1.5_regdevice-scripts_release.sql b/db_release_scripts/mosip_regdevice/sql/1.1.5_regdevice-scripts_release.sql deleted file mode 100644 index c8d54c8a423..00000000000 --- a/db_release_scripts/mosip_regdevice/sql/1.1.5_regdevice-scripts_release.sql +++ /dev/null @@ -1,14 +0,0 @@ --- ------------------------------------------------------------------------------------------------- --- Database Name : mosip_regdevice --- Release Version : 1.2.0-SNAPSHOT --- Purpose : Database Alter scripts for the release for Regdevice DB. --- Create By : Ram Bhatt --- Created Date : Jan-2021 --- --- Modified Date Modified By Comments / Remarks --- ------------------------------------------------------------------------------------------------- - -\c mosip_regdevice sysadmin - - ----------------------------------------------------------------------------------------------------- diff --git a/db_release_scripts/mosip_regdevice/sql/1.1.5_regdevice-scripts_revoke.sql b/db_release_scripts/mosip_regdevice/sql/1.1.5_regdevice-scripts_revoke.sql deleted file mode 100644 index 237d6416b0b..00000000000 --- a/db_release_scripts/mosip_regdevice/sql/1.1.5_regdevice-scripts_revoke.sql +++ /dev/null @@ -1,13 +0,0 @@ --- ------------------------------------------------------------------------------------------------- --- Database Name : mosip_keymgr --- Release Version : 1.2.0-SNAPSHOT --- Purpose : Revoking Database Alter deployement done for release in Key manager DB. --- Create By : Ram Bhatt --- Created Date : Jan-2021 --- --- Modified Date Modified By Comments / Remarks --- ------------------------------------------------------------------------------------------------- - -\c mosip_kernel sysadmin - ------------------------------------------------------------------------------------------------------ diff --git a/db_release_scripts/mosip_regdevice/sql/1.2_regdevice-scripts_release.sql b/db_release_scripts/mosip_regdevice/sql/1.2_regdevice-scripts_release.sql deleted file mode 100644 index 2dac3e0d284..00000000000 --- a/db_release_scripts/mosip_regdevice/sql/1.2_regdevice-scripts_release.sql +++ /dev/null @@ -1,14 +0,0 @@ --- ------------------------------------------------------------------------------------------------- --- Database Name : mosip_regdevice --- Release Version : 1.2.0-SNAPSHOT --- Purpose : Database Alter scripts for the release for Regdevice DB. --- Create By : Ram Bhatt --- Created Date : Nov-2021 --- --- Modified Date Modified By Comments / Remarks --- ------------------------------------------------------------------------------------------------- - -\c mosip_regdevice sysadmin - -ALTER TABLE regdevice.secure_biometric_interface DROP CONSTRAINT IF EXISTS fk_sbi_id CASCADE; ----------------------------------------------------------------------------------------------------- diff --git a/db_scripts/mosip_authdevice/deploy.sh b/db_scripts/mosip_authdevice/deploy.sh index 16f2473b108..a92ed4528e9 100644 --- a/db_scripts/mosip_authdevice/deploy.sh +++ b/db_scripts/mosip_authdevice/deploy.sh @@ -33,7 +33,7 @@ PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_S ## Create DB echo "Creating DB" -PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f db.sql +PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f db.sql PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f ddl.sql ## Grants @@ -43,6 +43,6 @@ PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_S if [ ${DML_FLAG} == 1 ] then echo `date "+%m/%d/%Y %H:%M:%S"` ": Deploying DML for ${MOSIP_DB_NAME} database" - PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -a -b -f dml.sql + PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -a -b -f dml.sql fi diff --git a/db_scripts/mosip_kernel/deploy.sh b/db_scripts/mosip_kernel/deploy.sh index 3b166828361..f7e228ffdc6 100644 --- a/db_scripts/mosip_kernel/deploy.sh +++ b/db_scripts/mosip_kernel/deploy.sh @@ -29,7 +29,7 @@ PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_S ## Create DB echo "Creating DB and tables" -PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f db.sql +PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f db.sql PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f ddl.sql ## Create users @@ -41,6 +41,6 @@ PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_S if [ ${DML_FLAG} == 1 ] then echo `date "+%m/%d/%Y %H:%M:%S"` ": Deploying DML for ${MOSIP_DB_NAME} database" - PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -a -b -f dml.sql + PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -a -b -f dml.sql fi diff --git a/db_scripts/mosip_regdevice/deploy.sh b/db_scripts/mosip_regdevice/deploy.sh index d78f82c4dfd..dedfb684920 100644 --- a/db_scripts/mosip_regdevice/deploy.sh +++ b/db_scripts/mosip_regdevice/deploy.sh @@ -29,20 +29,20 @@ PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_S ## Create users echo `date "+%m/%d/%Y %H:%M:%S"` ": Creating database users" -PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f role_dbuser.sql -v dbuserpwd=\'$DBUSER_PWD\' +PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f role_dbuser.sql -v dbuserpwd=\'$DBUSER_PWD\' ## Create DB echo "Creating DB" PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f db.sql -PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f ddl.sql +PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f ddl.sql ## Grants -PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f grants.sql +PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f grants.sql ## Populate tables if [ ${DML_FLAG} == 1 ] then echo `date "+%m/%d/%Y %H:%M:%S"` ": Deploying DML for ${MOSIP_DB_NAME} database" - PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -a -b -f dml.sql + PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -a -b -f dml.sql fi diff --git a/db_release_scripts/README.MD b/db_upgrade_scripts/README.MD similarity index 100% rename from db_release_scripts/README.MD rename to db_upgrade_scripts/README.MD diff --git a/db_upgrade_scripts/mosip_kernel/sql/1.1.5.5_to_1.2.0.1-B1_rollback.sql b/db_upgrade_scripts/mosip_kernel/sql/1.1.5.5_to_1.2.0.1-B1_rollback.sql new file mode 100644 index 00000000000..80b4115a3fc --- /dev/null +++ b/db_upgrade_scripts/mosip_kernel/sql/1.1.5.5_to_1.2.0.1-B1_rollback.sql @@ -0,0 +1,5 @@ +\c mosip_kernel + +REASSIGN OWNED BY postgres TO sysadmin; + +GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA kernel TO sysadmin; diff --git a/db_upgrade_scripts/mosip_kernel/sql/1.1.5.5_to_1.2.0.1-B1_upgrade.sql b/db_upgrade_scripts/mosip_kernel/sql/1.1.5.5_to_1.2.0.1-B1_upgrade.sql new file mode 100644 index 00000000000..98d6d039609 --- /dev/null +++ b/db_upgrade_scripts/mosip_kernel/sql/1.1.5.5_to_1.2.0.1-B1_upgrade.sql @@ -0,0 +1,17 @@ +\c mosip_kernel + +REASSIGN OWNED BY sysadmin TO postgres; + +REVOKE ALL PRIVILEGES ON ALL TABLES IN SCHEMA kernel FROM kerneluser; + +REVOKE ALL PRIVILEGES ON ALL TABLES IN SCHEMA kernel FROM sysadmin; + +GRANT SELECT, INSERT, TRUNCATE, REFERENCES, UPDATE, DELETE ON ALL TABLES IN SCHEMA kernel TO kerneluser; + +GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA kernel TO postgres; + + +CREATE INDEX IF NOT EXISTS idx_prid_status + ON kernel.prid USING btree + (prid_status COLLATE pg_catalog."default" ASC NULLS LAST) + TABLESPACE pg_default; diff --git a/db_upgrade_scripts/mosip_kernel/sql/1.2.0.1-B1_to_1.2.0.1-B2_rollback.sql b/db_upgrade_scripts/mosip_kernel/sql/1.2.0.1-B1_to_1.2.0.1-B2_rollback.sql new file mode 100644 index 00000000000..381e2be11c1 --- /dev/null +++ b/db_upgrade_scripts/mosip_kernel/sql/1.2.0.1-B1_to_1.2.0.1-B2_rollback.sql @@ -0,0 +1 @@ +\echo 'Upgrade Queries not required for transition from $CURRENT_VERSION to $UPGRADE_VERSION' \ No newline at end of file diff --git a/db_upgrade_scripts/mosip_kernel/sql/1.2.0.1-B1_to_1.2.0.1-B2_upgrade.sql b/db_upgrade_scripts/mosip_kernel/sql/1.2.0.1-B1_to_1.2.0.1-B2_upgrade.sql new file mode 100644 index 00000000000..381e2be11c1 --- /dev/null +++ b/db_upgrade_scripts/mosip_kernel/sql/1.2.0.1-B1_to_1.2.0.1-B2_upgrade.sql @@ -0,0 +1 @@ +\echo 'Upgrade Queries not required for transition from $CURRENT_VERSION to $UPGRADE_VERSION' \ No newline at end of file diff --git a/db_upgrade_scripts/mosip_kernel/sql/1.2.0.1-B2_to_1.2.0.1_rollback.sql b/db_upgrade_scripts/mosip_kernel/sql/1.2.0.1-B2_to_1.2.0.1_rollback.sql new file mode 100644 index 00000000000..381e2be11c1 --- /dev/null +++ b/db_upgrade_scripts/mosip_kernel/sql/1.2.0.1-B2_to_1.2.0.1_rollback.sql @@ -0,0 +1 @@ +\echo 'Upgrade Queries not required for transition from $CURRENT_VERSION to $UPGRADE_VERSION' \ No newline at end of file diff --git a/db_upgrade_scripts/mosip_kernel/sql/1.2.0.1-B2_to_1.2.0.1_upgrade.sql b/db_upgrade_scripts/mosip_kernel/sql/1.2.0.1-B2_to_1.2.0.1_upgrade.sql new file mode 100644 index 00000000000..381e2be11c1 --- /dev/null +++ b/db_upgrade_scripts/mosip_kernel/sql/1.2.0.1-B2_to_1.2.0.1_upgrade.sql @@ -0,0 +1 @@ +\echo 'Upgrade Queries not required for transition from $CURRENT_VERSION to $UPGRADE_VERSION' \ No newline at end of file diff --git a/db_upgrade_scripts/mosip_kernel/upgrade.properties b/db_upgrade_scripts/mosip_kernel/upgrade.properties new file mode 100644 index 00000000000..1b337f9025d --- /dev/null +++ b/db_upgrade_scripts/mosip_kernel/upgrade.properties @@ -0,0 +1,12 @@ +ACTION=upgrade +MOSIP_DB_NAME=mosip_kernel +DB_SERVERIP= +DB_PORT= +SU_USER=postgres +SU_USER_PWD= +SYS_ADMIN_USER= +SYS_ADMIN_PWD= +DEFAULT_DB_NAME=postgres +DBUSER_PWD= +CURRENT_VERSION= +UPGRADE_VERSION= diff --git a/db_upgrade_scripts/mosip_kernel/upgrade.sh b/db_upgrade_scripts/mosip_kernel/upgrade.sh new file mode 100644 index 00000000000..f5fc706f8c3 --- /dev/null +++ b/db_upgrade_scripts/mosip_kernel/upgrade.sh @@ -0,0 +1,51 @@ +#!/bin/bash + +set -e +properties_file="$1" +echo `date "+%m/%d/%Y %H:%M:%S"` ": $properties_file" +if [ -f "$properties_file" ] +then + echo `date "+%m/%d/%Y %H:%M:%S"` ": Property file \"$properties_file\" found." + while IFS='=' read -r key value + do + key=$(echo $key | tr '.' '_') + eval ${key}=\${value} + done < "$properties_file" +else + echo `date "+%m/%d/%Y %H:%M:%S"` ": Property file not found, Pass property file name as argument." +fi + +echo "Current version: "$CURRENT_VERSION +echo "UPGRADE version: "$UPGRADE_VERSION +echo "Action: "$ACTION + +# Terminate existing connections +echo "Terminating active connections" +CONN=$(PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -t -c "SELECT count(pg_terminate_backend(pg_stat_activity.pid)) FROM pg_stat_activity WHERE datname = '$MOSIP_DB_NAME' AND pid <> pg_backend_pid()";exit;) +echo "Terminated connections" + +# Execute upgrade or rollback +if [ $ACTION == "upgrade" ]; then + echo "Upgrading database from $CURRENT_VERSION to $UPGRADE_VERSION" + UPGRADE_SCRIPT_FILE="sql/${CURRENT_VERSION}_to_${UPGRADE_VERSION}_upgrade.sql" + if [ -f "$UPGRADE_SCRIPT_FILE" ]; then + echo "Executing upgrade script $UPGRADE_SCRIPT_FILE" + PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -a -b -f $UPGRADE_SCRIPT_FILE + else + echo "Upgrade script not found, exiting." + exit 1 + fi +elif [ $ACTION == "rollback" ]; then + echo "Rolling back database for $CURRENT_VERSION to $UPGRADE_VERSION" + REVOKE_SCRIPT_FILE="sql/${CURRENT_VERSION}_to_${UPGRADE_VERSION}_rollback.sql" + if [ -f "$REVOKE_SCRIPT_FILE" ]; then + echo "Executing rollback script $REVOKE_SCRIPT_FILE" + PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -a -b -f $REVOKE_SCRIPT_FILE + else + echo "rollback script not found, exiting." + exit 1 + fi +else + echo "Unknown action: $ACTION, must be 'upgrade' or 'rollback'." + exit 1 +fi diff --git a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/controller/LoginController.java b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/controller/LoginController.java index 602cd7d0157..17a883da210 100644 --- a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/controller/LoginController.java +++ b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/controller/LoginController.java @@ -1,6 +1,8 @@ package io.mosip.kernel.authcodeflowproxy.api.controller; import java.io.IOException; +import java.net.URLEncoder; +import java.nio.charset.StandardCharsets; import java.util.List; import java.util.UUID; @@ -19,6 +21,10 @@ import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.util.UriComponentsBuilder; + +import com.auth0.jwt.JWT; +import com.auth0.jwt.interfaces.DecodedJWT; import io.mosip.kernel.authcodeflowproxy.api.constants.Errors; import io.mosip.kernel.authcodeflowproxy.api.dto.AccessTokenResponseDTO; @@ -29,6 +35,7 @@ import io.mosip.kernel.authcodeflowproxy.api.service.validator.ValidateTokenHelper; import io.mosip.kernel.core.http.ResponseFilter; import io.mosip.kernel.core.http.ResponseWrapper; +import io.mosip.kernel.core.util.CryptoUtil; import io.mosip.kernel.core.util.EmptyCheckUtils; @RestController diff --git a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/exception/AuthCodeProxyExceptionHandler.java b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/exception/AuthCodeProxyExceptionHandler.java index adbf343b7d5..7655c2c953d 100644 --- a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/exception/AuthCodeProxyExceptionHandler.java +++ b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/exception/AuthCodeProxyExceptionHandler.java @@ -56,6 +56,14 @@ public ResponseEntity> servieException( getErrorResponse(httpServletRequest, e.getErrorCode(), e.getErrorText()), status); } + @ExceptionHandler(AuthenticationServiceException.class) + public ResponseEntity> servieException( + HttpServletRequest httpServletRequest, final AuthenticationServiceException e) throws IOException { + ExceptionUtils.logRootCause(e); + return new ResponseEntity<>( + getErrorResponse(httpServletRequest,Errors.INVALID_TOKEN.getErrorCode(), e.getMessage()), HttpStatus.OK); + } + @ExceptionHandler(AuthenticationServiceException.class) public ResponseEntity> servieException( HttpServletRequest httpServletRequest, final AuthenticationServiceException e) throws IOException { diff --git a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/service/LoginService.java b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/service/LoginService.java index 9762d3f217b..1d739234238 100644 --- a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/service/LoginService.java +++ b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/service/LoginService.java @@ -6,7 +6,6 @@ import io.mosip.kernel.authcodeflowproxy.api.dto.AccessTokenResponseDTO; import io.mosip.kernel.authcodeflowproxy.api.dto.MosipUserDto; -import io.mosip.kernel.core.authmanager.model.AuthResponseDto; public interface LoginService { diff --git a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/service/impl/LoginServiceImpl.java b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/service/impl/LoginServiceImpl.java index c815be75d1a..ca6650e4ac9 100644 --- a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/service/impl/LoginServiceImpl.java +++ b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/service/impl/LoginServiceImpl.java @@ -124,7 +124,7 @@ public class LoginServiceImpl implements LoginService { @Autowired private Environment environment; - + @Override public String login(String redirectURI, String state) { Map pathParam = new HashMap<>(); diff --git a/kernel/kernel-authcodeflowproxy-api/src/test/java/io/mosip/kernel/authcodeflowproxy/api/test/controller/AuthProxyControllerTests.java b/kernel/kernel-authcodeflowproxy-api/src/test/java/io/mosip/kernel/authcodeflowproxy/api/test/controller/AuthProxyControllerTests.java index 1dcd4c8d829..854401fe81c 100644 --- a/kernel/kernel-authcodeflowproxy-api/src/test/java/io/mosip/kernel/authcodeflowproxy/api/test/controller/AuthProxyControllerTests.java +++ b/kernel/kernel-authcodeflowproxy-api/src/test/java/io/mosip/kernel/authcodeflowproxy/api/test/controller/AuthProxyControllerTests.java @@ -1,85 +1,54 @@ package io.mosip.kernel.authcodeflowproxy.api.test.controller; -import com.auth0.jwt.JWT; -import com.auth0.jwt.JWTCreator.Builder; -import com.auth0.jwt.algorithms.Algorithm; -import com.auth0.jwt.exceptions.SignatureVerificationException; -import com.fasterxml.jackson.databind.ObjectMapper; -import io.mosip.kernel.authcodeflowproxy.api.constants.AuthConstant; -import io.mosip.kernel.authcodeflowproxy.api.constants.Constants; -import io.mosip.kernel.authcodeflowproxy.api.constants.Errors; -import io.mosip.kernel.authcodeflowproxy.api.dto.AccessTokenResponse; -import io.mosip.kernel.authcodeflowproxy.api.dto.IAMErrorResponseDto; -import io.mosip.kernel.authcodeflowproxy.api.dto.JWTSignatureResponseDto; -import io.mosip.kernel.authcodeflowproxy.api.dto.MosipUserDto; -import io.mosip.kernel.authcodeflowproxy.api.service.LoginService; -import io.mosip.kernel.authcodeflowproxy.api.service.validator.ValidateTokenHelper; -import io.mosip.kernel.authcodeflowproxy.api.test.AuthProxyFlowTestBootApplication; -import io.mosip.kernel.core.exception.ServiceError; -import io.mosip.kernel.core.http.ResponseWrapper; -import io.mosip.kernel.core.util.CryptoUtil; -import io.mosip.kernel.core.util.DateUtils; +import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.CoreMatchers.isA; +import static org.springframework.test.web.client.match.MockRestRequestMatchers.method; +import static org.springframework.test.web.client.match.MockRestRequestMatchers.requestTo; +import static org.springframework.test.web.client.response.MockRestResponseCreators.withStatus; +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.delete; +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; + +import java.net.URI; +import java.util.ArrayList; +import java.util.List; +import java.util.UUID; + +import javax.servlet.http.Cookie; + import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; -import org.mockito.Mock; -import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.PowerMockIgnore; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.powermock.modules.junit4.PowerMockRunner; -import org.powermock.modules.junit4.PowerMockRunnerDelegate; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.boot.test.mock.mockito.MockBean; -import org.springframework.boot.test.mock.mockito.SpyBean; -import org.springframework.core.env.Environment; -import org.springframework.http.HttpEntity; import org.springframework.http.HttpMethod; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; -import org.springframework.http.ResponseEntity; import org.springframework.test.context.junit4.SpringRunner; -import org.springframework.test.util.ReflectionTestUtils; import org.springframework.test.web.client.ExpectedCount; import org.springframework.test.web.client.MockRestServiceServer; import org.springframework.test.web.servlet.MockMvc; import org.springframework.web.client.RestTemplate; -import javax.servlet.http.Cookie; -import java.net.URI; -import java.time.Instant; -import java.time.ZoneOffset; -import java.util.ArrayList; -import java.util.Date; -import java.util.List; -import java.util.UUID; +import com.fasterxml.jackson.databind.ObjectMapper; -import static org.hamcrest.CoreMatchers.is; -import static org.hamcrest.CoreMatchers.isA; -import static org.mockito.ArgumentMatchers.any; -import static org.mockito.Mockito.doThrow; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.when; -import static org.springframework.test.web.client.match.MockRestRequestMatchers.method; -import static org.springframework.test.web.client.match.MockRestRequestMatchers.requestTo; -import static org.springframework.test.web.client.response.MockRestResponseCreators.withStatus; -import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; -import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath; -import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; +import io.mosip.kernel.authcodeflowproxy.api.constants.Errors; +import io.mosip.kernel.authcodeflowproxy.api.dto.AccessTokenResponse; +import io.mosip.kernel.authcodeflowproxy.api.dto.IAMErrorResponseDto; +import io.mosip.kernel.authcodeflowproxy.api.dto.MosipUserDto; +import io.mosip.kernel.authcodeflowproxy.api.test.AuthProxyFlowTestBootApplication; +import io.mosip.kernel.core.exception.ServiceError; +import io.mosip.kernel.core.http.ResponseWrapper; +import io.mosip.kernel.core.util.CryptoUtil; @SpringBootTest(classes = { AuthProxyFlowTestBootApplication.class }) +@RunWith(SpringRunner.class) @AutoConfigureMockMvc -@RunWith(PowerMockRunner.class) -@PowerMockRunnerDelegate(SpringRunner.class) -@PowerMockIgnore({ "com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*", "javax.management.*", "com.sun.org.apache.xalan.*" }) -@PrepareForTest(Algorithm.class) public class AuthProxyControllerTests { - private static final int UNAUTHORIZED_STATUS = 401; - @Value("${auth.server.admin.validate.url}") private String validateUrl; @@ -90,31 +59,11 @@ public class AuthProxyControllerTests { private RestTemplate restTemplate; private MockRestServiceServer mockServer; - - @SpyBean - private ValidateTokenHelper validateTokenHelper; - - @SpyBean - private LoginService loginService; - - @Mock - private Algorithm mockAlgo; - - @Mock - private Environment environment; - @MockBean - @Qualifier("selfTokenRestTemplate") - private RestTemplate selfTokenRestTemplate; - @Before - public void init() throws Exception { + public void init() { mockServer = MockRestServiceServer.createServer(restTemplate); - PowerMockito.mockStatic(Algorithm.class); - when(Algorithm.RSA256(any(), any())).thenReturn(mockAlgo); - ReflectionTestUtils.setField(validateTokenHelper, "validateIssuerDomain", false); - ReflectionTestUtils.setField(validateTokenHelper, "validateAudClaim", false); - ReflectionTestUtils.setField(loginService, "isJwtAuthEnabled", false); + } @Autowired @@ -227,183 +176,7 @@ public void loginTest() throws Exception { @Test public void loginRedirectTest() throws Exception { AccessTokenResponse accessTokenResponse = new AccessTokenResponse(); - Builder withExpiresAt = JWT.create().withExpiresAt(Date.from(DateUtils.getUTCCurrentDateTime().plusHours(1).toInstant(ZoneOffset.UTC))); - withExpiresAt.withClaim(AuthConstant.ISSUER, "http://localhost"); - - when(mockAlgo.getName()).thenReturn("RSA256"); - String token = withExpiresAt.withClaim("scope", "aaa bbb").sign(mockAlgo); - - accessTokenResponse.setAccess_token(token); - accessTokenResponse.setId_token(token); - accessTokenResponse.setExpires_in("111"); - - mockServer - .expect(ExpectedCount.once(), - requestTo(new URI( - "http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token"))) - .andExpect(method(HttpMethod.POST)) - .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON) - .body(objectMapper.writeValueAsString(accessTokenResponse))); - - Cookie cookie = new Cookie("state", "mockstate"); - mockMvc.perform(get( - "/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLw==?state=mockstate&session_state=mock-session-state&code=mockcode") - .contentType(MediaType.APPLICATION_JSON).cookie(cookie)) - .andExpect(status().is3xxRedirection()); - } - - @Test - public void loginRedirectTest_signatureVerification_negative() throws Exception { - AccessTokenResponse accessTokenResponse = new AccessTokenResponse(); - Builder withExpiresAt = JWT.create().withExpiresAt(Date.from(DateUtils.getUTCCurrentDateTime().plusHours(1).toInstant(ZoneOffset.UTC))); - withExpiresAt.withClaim(AuthConstant.ISSUER, "http://localhost"); - - when(mockAlgo.getName()).thenReturn("RSA256"); - doThrow(new SignatureVerificationException(mockAlgo)).when(mockAlgo).verify(any()); - String token = withExpiresAt.withClaim("scope", "aaa bbb").sign(mockAlgo); - - accessTokenResponse.setAccess_token(token); - accessTokenResponse.setExpires_in("111"); - - mockServer - .expect(ExpectedCount.once(), - requestTo(new URI( - "http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token"))) - .andExpect(method(HttpMethod.POST)) - .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON) - .body(objectMapper.writeValueAsString(accessTokenResponse))); - - Cookie cookie = new Cookie("state", "mockstate"); - mockMvc.perform(get( - "/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLw==?state=mockstate&session_state=mock-session-state&code=mockcode") - .contentType(MediaType.APPLICATION_JSON).cookie(cookie)) - .andExpect(status().is(UNAUTHORIZED_STATUS)); - } - - @Test - public void loginRedirectTest_expiredToken() throws Exception { - AccessTokenResponse accessTokenResponse = new AccessTokenResponse(); - Builder withExpiresAt = JWT.create().withExpiresAt(Date.from(DateUtils.getUTCCurrentDateTime().minusDays(1).toInstant(ZoneOffset.UTC))); - withExpiresAt.withClaim(AuthConstant.ISSUER, "http://localhost"); - - when(mockAlgo.getName()).thenReturn("RSA256"); - String token = withExpiresAt.withClaim("scope", "aaa bbb").sign(mockAlgo); - - accessTokenResponse.setAccess_token(token); - accessTokenResponse.setExpires_in("111"); - - mockServer - .expect(ExpectedCount.once(), - requestTo(new URI( - "http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token"))) - .andExpect(method(HttpMethod.POST)) - .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON) - .body(objectMapper.writeValueAsString(accessTokenResponse))); - - Cookie cookie = new Cookie("state", "mockstate"); - mockMvc.perform(get( - "/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLw==?state=mockstate&session_state=mock-session-state&code=mockcode") - .contentType(MediaType.APPLICATION_JSON).cookie(cookie)) - .andExpect(status().is(401)); - } - - @Test - public void loginRedirectTest_domain_match_positive() throws Exception { - AccessTokenResponse accessTokenResponse = new AccessTokenResponse(); - Builder withExpiresAt = JWT.create().withExpiresAt(Date.from(DateUtils.getUTCCurrentDateTime().plusHours(1).toInstant(ZoneOffset.UTC))); - withExpiresAt.withClaim(AuthConstant.ISSUER, "http://localhost"); - - when(mockAlgo.getName()).thenReturn("RSA256"); - ReflectionTestUtils.setField(validateTokenHelper, "validateIssuerDomain", true); - String token = withExpiresAt.withClaim("scope", "aaa bbb").sign(mockAlgo); - - accessTokenResponse.setAccess_token(token); - accessTokenResponse.setId_token(token); - accessTokenResponse.setExpires_in("111"); - - mockServer - .expect(ExpectedCount.once(), - requestTo(new URI( - "http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token"))) - .andExpect(method(HttpMethod.POST)) - .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON) - .body(objectMapper.writeValueAsString(accessTokenResponse))); - - Cookie cookie = new Cookie("state", "mockstate"); - mockMvc.perform(get( - "/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLw==?state=mockstate&session_state=mock-session-state&code=mockcode") - .contentType(MediaType.APPLICATION_JSON).cookie(cookie)) - .andExpect(status().is3xxRedirection()); - } - - @Test - public void loginRedirectTest_invalid_issuer() throws Exception { - AccessTokenResponse accessTokenResponse = new AccessTokenResponse(); - Builder withExpiresAt = JWT.create().withExpiresAt(Date.from(DateUtils.getUTCCurrentDateTime().plusHours(1).toInstant(ZoneOffset.UTC))); - withExpiresAt.withClaim(AuthConstant.ISSUER, "~!::#@///wrongurl"); - ReflectionTestUtils.setField(validateTokenHelper, "validateIssuerDomain", true); - - when(mockAlgo.getName()).thenReturn("RSA256"); - String token = withExpiresAt.withClaim("scope", "aaa bbb").sign(mockAlgo); - - accessTokenResponse.setAccess_token(token); - accessTokenResponse.setExpires_in("111"); - - mockServer - .expect(ExpectedCount.once(), - requestTo(new URI( - "http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token"))) - .andExpect(method(HttpMethod.POST)) - .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON) - .body(objectMapper.writeValueAsString(accessTokenResponse))); - - Cookie cookie = new Cookie("state", "mockstate"); - mockMvc.perform(get( - "/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLw==?state=mockstate&session_state=mock-session-state&code=mockcode") - .contentType(MediaType.APPLICATION_JSON).cookie(cookie)) - .andExpect(status().is(401)); - } - - @Test - public void loginRedirectTest_domain_match_negative() throws Exception { - AccessTokenResponse accessTokenResponse = new AccessTokenResponse(); - Builder withExpiresAt = JWT.create().withExpiresAt(Date.from(DateUtils.getUTCCurrentDateTime().plusHours(1).toInstant(ZoneOffset.UTC))); - withExpiresAt.withClaim(AuthConstant.ISSUER, "http://someotherdomain"); - - when(mockAlgo.getName()).thenReturn("RSA256"); - ReflectionTestUtils.setField(validateTokenHelper, "validateIssuerDomain", true); - String token = withExpiresAt.withClaim("scope", "aaa bbb").sign(mockAlgo); - - accessTokenResponse.setAccess_token(token); - accessTokenResponse.setExpires_in("111"); - - mockServer - .expect(ExpectedCount.once(), - requestTo(new URI( - "http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token"))) - .andExpect(method(HttpMethod.POST)) - .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON) - .body(objectMapper.writeValueAsString(accessTokenResponse))); - - Cookie cookie = new Cookie("state", "mockstate"); - mockMvc.perform(get( - "/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLw==?state=mockstate&session_state=mock-session-state&code=mockcode") - .contentType(MediaType.APPLICATION_JSON).cookie(cookie)) - .andExpect(status().is(401)); - } - - @Test - public void loginRedirectTest_aud_match_positive() throws Exception { - AccessTokenResponse accessTokenResponse = new AccessTokenResponse(); - Builder withExpiresAt = JWT.create().withExpiresAt(Date.from(DateUtils.getUTCCurrentDateTime().plusHours(1).toInstant(ZoneOffset.UTC))); - withExpiresAt.withAudience("myapp-client"); - - when(mockAlgo.getName()).thenReturn("RSA256"); - ReflectionTestUtils.setField(validateTokenHelper, "validateAudClaim", true); - String token = withExpiresAt.withClaim("scope", "aaa bbb").sign(mockAlgo); - - accessTokenResponse.setAccess_token(token); - accessTokenResponse.setId_token(token); + accessTokenResponse.setAccess_token("mock-access-token"); accessTokenResponse.setExpires_in("111"); mockServer @@ -413,153 +186,17 @@ public void loginRedirectTest_aud_match_positive() throws Exception { .andExpect(method(HttpMethod.POST)) .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON) .body(objectMapper.writeValueAsString(accessTokenResponse))); - Cookie cookie = new Cookie("state", "mockstate"); mockMvc.perform(get( "/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLw==?state=mockstate&session_state=mock-session-state&code=mockcode") .contentType(MediaType.APPLICATION_JSON).cookie(cookie)) .andExpect(status().is3xxRedirection()); } - - @Test - public void loginRedirectTest_aud_match_negative_azp_positive() throws Exception { - AccessTokenResponse accessTokenResponse = new AccessTokenResponse(); - Builder withExpiresAt = JWT.create().withExpiresAt(Date.from(DateUtils.getUTCCurrentDateTime().plusHours(1).toInstant(ZoneOffset.UTC))); - withExpiresAt.withAudience("somether-app-client"); - withExpiresAt.withClaim(AuthConstant.AZP, "myapp-client"); - - when(mockAlgo.getName()).thenReturn("RSA256"); - ReflectionTestUtils.setField(validateTokenHelper, "validateAudClaim", true); - String token = withExpiresAt.withClaim("scope", "aaa bbb").sign(mockAlgo); - - accessTokenResponse.setAccess_token(token); - accessTokenResponse.setId_token(token); - accessTokenResponse.setExpires_in("111"); - - mockServer - .expect(ExpectedCount.once(), - requestTo(new URI( - "http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token"))) - .andExpect(method(HttpMethod.POST)) - .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON) - .body(objectMapper.writeValueAsString(accessTokenResponse))); - - Cookie cookie = new Cookie("state", "mockstate"); - mockMvc.perform(get( - "/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLw==?state=mockstate&session_state=mock-session-state&code=mockcode") - .contentType(MediaType.APPLICATION_JSON).cookie(cookie)) - .andExpect(status().is3xxRedirection()); - } - - @Test - public void loginRedirectTest_aud_match_null_azp_null() throws Exception { - AccessTokenResponse accessTokenResponse = new AccessTokenResponse(); - Builder withExpiresAt = JWT.create().withExpiresAt(Date.from(DateUtils.getUTCCurrentDateTime().plusHours(1).toInstant(ZoneOffset.UTC))); - - when(mockAlgo.getName()).thenReturn("RSA256"); - ReflectionTestUtils.setField(validateTokenHelper, "validateAudClaim", true); - String token = withExpiresAt.withClaim("scope", "aaa bbb").sign(mockAlgo); - - accessTokenResponse.setAccess_token(token); - accessTokenResponse.setExpires_in("111"); - - mockServer - .expect(ExpectedCount.once(), - requestTo(new URI( - "http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token"))) - .andExpect(method(HttpMethod.POST)) - .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON) - .body(objectMapper.writeValueAsString(accessTokenResponse))); - - Cookie cookie = new Cookie("state", "mockstate"); - mockMvc.perform(get( - "/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLw==?state=mockstate&session_state=mock-session-state&code=mockcode") - .contentType(MediaType.APPLICATION_JSON).cookie(cookie)) - .andExpect(status().is(401)); - } - - @Test - public void loginRedirectTest_aud_match_negative_azp_negative() throws Exception { - AccessTokenResponse accessTokenResponse = new AccessTokenResponse(); - Builder withExpiresAt = JWT.create().withExpiresAt(Date.from(DateUtils.getUTCCurrentDateTime().plusHours(1).toInstant(ZoneOffset.UTC))); - withExpiresAt.withAudience("someother-app-client"); - withExpiresAt.withClaim(AuthConstant.AZP, "someother-app-client"); - - when(mockAlgo.getName()).thenReturn("RSA256"); - ReflectionTestUtils.setField(validateTokenHelper, "validateAudClaim", true); - String token = withExpiresAt.withClaim("scope", "aaa bbb").sign(mockAlgo); - - accessTokenResponse.setAccess_token(token); - accessTokenResponse.setExpires_in("111"); - - mockServer - .expect(ExpectedCount.once(), - requestTo(new URI( - "http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token"))) - .andExpect(method(HttpMethod.POST)) - .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON) - .body(objectMapper.writeValueAsString(accessTokenResponse))); - - Cookie cookie = new Cookie("state", "mockstate"); - mockMvc.perform(get( - "/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLw==?state=mockstate&session_state=mock-session-state&code=mockcode") - .contentType(MediaType.APPLICATION_JSON).cookie(cookie)) - .andExpect(status().is(401)); - } @Test public void loginRedirectTestWithHash() throws Exception { - - - Builder jwtbuilder = JWT.create(); - jwtbuilder.withExpiresAt(Date.from(Instant.now().plusSeconds(100))); - jwtbuilder.withClaim(AuthConstant.PREFERRED_USERNAME, "12345"); - jwtbuilder.withClaim(AuthConstant.ISSUER, "http://localhost"); - Algorithm alg = mock(Algorithm.class); - when(alg.getName()).thenReturn("none"); - String jwtToken = jwtbuilder.sign(alg); - AccessTokenResponse accessTokenResponse = new AccessTokenResponse(); - accessTokenResponse.setAccess_token(jwtToken); - accessTokenResponse.setId_token(jwtToken); - accessTokenResponse.setExpires_in("111"); - - mockServer - .expect(ExpectedCount.once(), - requestTo(new URI( - "http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token"))) - .andExpect(method(HttpMethod.POST)) - .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON) - .body(objectMapper.writeValueAsString(accessTokenResponse))); - - mockServer - .expect(ExpectedCount.once(), - requestTo(new URI( - "http://localhost:5000/keycloak/auth/realms/mosip/protocol/openid-connect/certs"))) - .andExpect(method(HttpMethod.POST)) - .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON) - .body(objectMapper.writeValueAsString(accessTokenResponse))); - - Cookie cookie = new Cookie("state", "mockstate"); - mockMvc.perform(get( - "/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLyMvcmFuZG9tcGF0bS9yYW5kb21wYXRo?state=mockstate&session_state=mock-session-state&code=mockcode") - .contentType(MediaType.APPLICATION_JSON).cookie(cookie)) - .andExpect(status().is3xxRedirection()); - } - - @Test - public void loginRedirectWithClaimTest() throws Exception { - AccessTokenResponse accessTokenResponse = new AccessTokenResponse(); - Builder withExpiresAt = JWT.create().withExpiresAt(Date.from(DateUtils.getUTCCurrentDateTime().plusHours(1).toInstant(ZoneOffset.UTC))); - withExpiresAt.withClaim(AuthConstant.ISSUER, "http://localhost"); - - when(mockAlgo.getName()).thenReturn("RSA256"); - String token = withExpiresAt.withClaim("scope", "aaa bbb").sign(mockAlgo); - - when(environment.getProperty(Constants.CLAIM_PROPERTY)).thenReturn("claim"); - - accessTokenResponse.setAccess_token(token); - accessTokenResponse.setId_token(token); + accessTokenResponse.setAccess_token("mock-access-token"); accessTokenResponse.setExpires_in("111"); mockServer @@ -569,44 +206,9 @@ public void loginRedirectWithClaimTest() throws Exception { .andExpect(method(HttpMethod.POST)) .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON) .body(objectMapper.writeValueAsString(accessTokenResponse))); - Cookie cookie = new Cookie("state", "mockstate"); mockMvc.perform(get( - "/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLw==?state=mockstate&session_state=mock-session-state&code=mockcode&claims=mockClaim") - .contentType(MediaType.APPLICATION_JSON).cookie(cookie)) - .andExpect(status().is3xxRedirection()); - } - - @Test - public void loginRedirectWithPrivateKeyJwtAuthEnabled() throws Exception { - AccessTokenResponse accessTokenResponse = new AccessTokenResponse(); - - Builder withExpiresAt = JWT.create().withExpiresAt(Date.from(DateUtils.getUTCCurrentDateTime().plusHours(1).toInstant(ZoneOffset.UTC))); - withExpiresAt.withClaim(AuthConstant.ISSUER, "http://localhost"); - ReflectionTestUtils.setField(loginService, "isJwtAuthEnabled", true); - when(mockAlgo.getName()).thenReturn("RSA256"); - - String token = withExpiresAt.withClaim("scope", "aaa bbb").sign(mockAlgo); - JWTSignatureResponseDto jwtSignatureResponseDto = new JWTSignatureResponseDto(); - jwtSignatureResponseDto.setJwtSignedData("abc"); - jwtSignatureResponseDto.setTimestamp(DateUtils.getUTCCurrentDateTime()); - ResponseWrapper responseWrapper = new ResponseWrapper<>(); - responseWrapper.setResponse(jwtSignatureResponseDto); - when(selfTokenRestTemplate.exchange((URI) any(), (HttpMethod) any(), (HttpEntity) any(), (Class) any())) - .thenReturn(ResponseEntity.ok(responseWrapper)); - accessTokenResponse.setAccess_token(token); - accessTokenResponse.setId_token(token); - accessTokenResponse.setExpires_in("111"); - mockServer - .expect(ExpectedCount.once(), - requestTo(new URI( - "http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token"))) - .andExpect(method(HttpMethod.POST)) - .andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON) - .body(objectMapper.writeValueAsString(accessTokenResponse))); - Cookie cookie = new Cookie("state", "mockstate"); - mockMvc.perform(get( - "/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLw==?state=mockstate&session_state=mock-session-state&code=mockcode&claims=mockClaim") + "/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLyMvcmFuZG9tcGF0bS9yYW5kb21wYXRo?state=mockstate&session_state=mock-session-state&code=mockcode") .contentType(MediaType.APPLICATION_JSON).cookie(cookie)) .andExpect(status().is3xxRedirection()); } @@ -658,14 +260,7 @@ public void loginInvalidUUIDTest() throws Exception { @Test public void logoutRedirectHostCheckTest() throws Exception { AccessTokenResponse accessTokenResponse = new AccessTokenResponse(); - Builder withExpiresAt = JWT.create().withExpiresAt(Date.from(DateUtils.getUTCCurrentDateTime().plusHours(1).toInstant(ZoneOffset.UTC))); - withExpiresAt.withClaim(AuthConstant.ISSUER, "http://localhost"); - - when(mockAlgo.getName()).thenReturn("RSA256"); - String token = withExpiresAt.withClaim("scope", "aaa bbb").sign(mockAlgo); - - accessTokenResponse.setAccess_token(token); - accessTokenResponse.setId_token(token); + accessTokenResponse.setAccess_token("mock-access-token"); accessTokenResponse.setExpires_in("111"); mockServer @@ -681,7 +276,7 @@ public void logoutRedirectHostCheckTest() throws Exception { .contentType(MediaType.APPLICATION_JSON).cookie(cookie)) .andExpect(status().isOk()) .andExpect(jsonPath("$.errors[0].errorCode", is(Errors.ALLOWED_URL_EXCEPTION.getErrorCode()))); - + ; } -} +} \ No newline at end of file diff --git a/kernel/kernel-biometrics-api/README.md b/kernel/kernel-biometrics-api/README.md index a3f31815c91..d55fbeb07de 100644 --- a/kernel/kernel-biometrics-api/README.md +++ b/kernel/kernel-biometrics-api/README.md @@ -1,4 +1,12 @@ # Kernel Biometrics Api ## [DEPRECATED] + THIS MODULE IS MOVED TO https://github.com/mosip/bio-utils + +## Overview +This library provides core funtions related to biometrics. + +## Technical features +- Creation and conversion of XML and BIR models. +- Biometric opertions like matching and quality assessment. diff --git a/kernel/kernel-core/src/main/java/io/mosip/kernel/core/util/ZipUtils.java b/kernel/kernel-core/src/main/java/io/mosip/kernel/core/util/ZipUtils.java index 706d0b99efb..9e204124beb 100644 --- a/kernel/kernel-core/src/main/java/io/mosip/kernel/core/util/ZipUtils.java +++ b/kernel/kernel-core/src/main/java/io/mosip/kernel/core/util/ZipUtils.java @@ -361,7 +361,7 @@ public static boolean unZipDirectory(String zipFilePath, String destDirectory) t try (ZipInputStream zipIn = new ZipInputStream(new FileInputStream(zipFilePath))) { - ZipEntry entry = zipIn.getNextEntry(); + ZipEntry entry = zipIn.getNextEntry(); //NOSONAR Setting the ZipEntry here. while (entry != null) { String filePath = destDirectory + File.separator + entry.getName(); @@ -387,7 +387,7 @@ public static boolean unZipDirectory(String zipFilePath, String destDirectory) t } } zipIn.closeEntry(); - entry = zipIn.getNextEntry(); + entry = zipIn.getNextEntry(); //NOSONAR Setting the Next Entry here. } } catch (java.io.FileNotFoundException e) { throw new FileNotFoundException(ZipUtilConstants.FILE_NOT_FOUND_ERROR_CODE.getErrorCode(), diff --git a/kernel/kernel-logger-logback/src/main/java/io/mosip/kernel/logger/logback/impl/LoggerImpl.java b/kernel/kernel-logger-logback/src/main/java/io/mosip/kernel/logger/logback/impl/LoggerImpl.java index be8b426287d..88684461e9f 100644 --- a/kernel/kernel-logger-logback/src/main/java/io/mosip/kernel/logger/logback/impl/LoggerImpl.java +++ b/kernel/kernel-logger-logback/src/main/java/io/mosip/kernel/logger/logback/impl/LoggerImpl.java @@ -68,12 +68,12 @@ private LoggerImpl(ConsoleAppender mosipConsoleAppender, String name, LogLevel l consoleAppender.setTarget(mosipConsoleAppender.getTarget()); consoleAppender.start(); if (logLevel != null) { - this.logger.setLevel(Level.valueOf(logLevel.getLevel())); + this.logger.setLevel(Level.valueOf(logLevel.getLevel())); //NOSONAR Setting the loglevel here. } else { - this.logger.setLevel(Level.valueOf(LogLevel.DEBUG.getLevel())); + this.logger.setLevel(Level.valueOf(LogLevel.DEBUG.getLevel())); //NOSONAR Setting the loglevel to DEBUG here. } this.logger.setAdditive(false); - this.logger.addAppender(consoleAppender); + this.logger.addAppender(consoleAppender); //NOSONAR Adding the console appender here. } /** @@ -106,11 +106,11 @@ private LoggerImpl(FileAppender mosipFileAppender, String name, LogLevel logLeve .get(mosipFileAppender.getAppenderName()); } if (logLevel != null) { - this.logger.setLevel(Level.valueOf(logLevel.getLevel())); + this.logger.setLevel(Level.valueOf(logLevel.getLevel())); //NOSONAR Setting the loglevel here. } else { - this.logger.setLevel(Level.valueOf(LogLevel.DEBUG.getLevel())); + this.logger.setLevel(Level.valueOf(LogLevel.DEBUG.getLevel())); //NOSONAR Setting the loglevel to DEBUG here. } - this.logger.addAppender(fileAppender); + this.logger.addAppender(fileAppender); //NOSONAR Adding the file appender here. } /** @@ -148,11 +148,11 @@ private LoggerImpl(RollingFileAppender mosipRollingFileAppender, String name, Lo .get(mosipRollingFileAppender.getAppenderName()); } if (logLevel != null) { - this.logger.setLevel(Level.valueOf(logLevel.getLevel())); + this.logger.setLevel(Level.valueOf(logLevel.getLevel())); //NOSONAR Setting the loglevel here. } else { - this.logger.setLevel(Level.valueOf(LogLevel.DEBUG.getLevel())); + this.logger.setLevel(Level.valueOf(LogLevel.DEBUG.getLevel())); //NOSONAR Setting the loglevel to DEBUG here. } - this.logger.addAppender(rollingFileAppender); + this.logger.addAppender(rollingFileAppender); //NOSONAR Adding the rolling file appender here. }