-
Notifications
You must be signed in to change notification settings - Fork 467
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' into issue-24307-chainable-metadata-provider-li…
…cense-only
- Loading branch information
Showing
4 changed files
with
361 additions
and
20 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,231 @@ | ||
{ | ||
"info": { | ||
"_postman_id": "029879f9-ad5c-48a1-94b8-12f0369d3605", | ||
"name": "EMA", | ||
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json", | ||
"_exporter_id": "781456" | ||
}, | ||
"item": [ | ||
{ | ||
"name": "GetCurrentSite", | ||
"event": [ | ||
{ | ||
"listen": "test", | ||
"script": { | ||
"exec": [ | ||
"var jsonData = pm.response.json();", | ||
"pm.collectionVariables.set(\"currentSiteId\", jsonData.entity.identifier);" | ||
], | ||
"type": "text/javascript" | ||
} | ||
} | ||
], | ||
"request": { | ||
"auth": { | ||
"type": "basic", | ||
"basic": [ | ||
{ | ||
"key": "password", | ||
"value": "admin", | ||
"type": "string" | ||
}, | ||
{ | ||
"key": "username", | ||
"value": "admin@dotcms.com", | ||
"type": "string" | ||
} | ||
] | ||
}, | ||
"method": "GET", | ||
"header": [], | ||
"url": { | ||
"raw": "{{serverURL}}/api/v1/site/currentSite", | ||
"host": [ | ||
"{{serverURL}}" | ||
], | ||
"path": [ | ||
"api", | ||
"v1", | ||
"site", | ||
"currentSite" | ||
] | ||
} | ||
}, | ||
"response": [] | ||
}, | ||
{ | ||
"name": "NoConfig", | ||
"event": [ | ||
{ | ||
"listen": "test", | ||
"script": { | ||
"exec": [ | ||
"pm.test(\"User FE has not access to EMA\", function () {", | ||
" pm.response.to.have.status(404);", | ||
"", | ||
" ", | ||
"});" | ||
], | ||
"type": "text/javascript" | ||
} | ||
} | ||
], | ||
"request": { | ||
"auth": { | ||
"type": "basic", | ||
"basic": [ | ||
{ | ||
"key": "password", | ||
"value": "admin", | ||
"type": "string" | ||
}, | ||
{ | ||
"key": "username", | ||
"value": "admin@dotcms.com", | ||
"type": "string" | ||
} | ||
] | ||
}, | ||
"method": "GET", | ||
"header": [], | ||
"url": { | ||
"raw": "{{serverURL}}/api/v1/ema", | ||
"host": [ | ||
"{{serverURL}}" | ||
], | ||
"path": [ | ||
"api", | ||
"v1", | ||
"ema" | ||
] | ||
} | ||
}, | ||
"response": [] | ||
}, | ||
{ | ||
"name": "app-save1", | ||
"event": [ | ||
{ | ||
"listen": "test", | ||
"script": { | ||
"exec": [ | ||
"pm.test(\"Status code is 200\", function () {", | ||
" pm.response.to.have.status(200);", | ||
"});" | ||
], | ||
"type": "text/javascript" | ||
} | ||
} | ||
], | ||
"request": { | ||
"auth": { | ||
"type": "basic", | ||
"basic": [ | ||
{ | ||
"key": "password", | ||
"value": "admin", | ||
"type": "string" | ||
}, | ||
{ | ||
"key": "username", | ||
"value": "admin@dotCMS.com", | ||
"type": "string" | ||
}, | ||
{ | ||
"key": "saveHelperData", | ||
"type": "any" | ||
}, | ||
{ | ||
"key": "showPassword", | ||
"value": false, | ||
"type": "boolean" | ||
} | ||
] | ||
}, | ||
"method": "POST", | ||
"header": [ | ||
{ | ||
"key": "Content-Type", | ||
"name": "Content-Type", | ||
"type": "text", | ||
"value": "application/json" | ||
} | ||
], | ||
"body": { | ||
"mode": "raw", | ||
"raw": "{ \n\t \"configuration\": {\n\t\t \"value\": \"{\\r\\n \\\"config\\\":[\\r\\n {\\r\\n \\\"pattern\\\":\\\"\\/blogs\\/(.*)\\\",\\r\\n \\\"url\\\":\\\"https:\\/\\/myspa.blogs.com:3000\\\",\\r\\n \\\"options\\\":{\\r\\n \\\"authenticationToken\\\":\\\"123\\\",\\r\\n \\\"depth\\\":3,\\r\\n \\\"X-CONTENT-APP\\\":\\\"dotCMS\\\"\\r\\n }\\r\\n },\\r\\n {\\r\\n \\\"pattern\\\":\\\".*\\\",\\r\\n \\\"url\\\":\\\"https:\\/\\/myspa.com:3000\\\",\\r\\n \\\"options\\\":{\\r\\n \\\"authenticationToken\\\":\\\"456\\\",\\r\\n \\\"depth\\\":1,\\r\\n \\\"X-CONTENT-APP\\\":\\\"dotCMS\\\"\\r\\n }\\r\\n }\\r\\n ]\\r\\n }\"\n }\n}\n" | ||
}, | ||
"url": { | ||
"raw": "{{serverURL}}/api/v1/apps/dotema-config-v2/{{currentSiteId}}", | ||
"host": [ | ||
"{{serverURL}}" | ||
], | ||
"path": [ | ||
"api", | ||
"v1", | ||
"apps", | ||
"dotema-config-v2", | ||
"{{currentSiteId}}" | ||
] | ||
}, | ||
"description": "This tests the endpoint that brings back one specific App/integration given the App-key followed by the site-id" | ||
}, | ||
"response": [] | ||
}, | ||
{ | ||
"name": "TestConfig", | ||
"event": [ | ||
{ | ||
"listen": "test", | ||
"script": { | ||
"exec": [ | ||
"pm.test(\"Now available the EMA\", function () {", | ||
" pm.response.to.have.status(200);", | ||
"", | ||
" ", | ||
"});" | ||
], | ||
"type": "text/javascript" | ||
} | ||
} | ||
], | ||
"request": { | ||
"auth": { | ||
"type": "basic", | ||
"basic": [ | ||
{ | ||
"key": "password", | ||
"value": "admin", | ||
"type": "string" | ||
}, | ||
{ | ||
"key": "username", | ||
"value": "admin@dotcms.com", | ||
"type": "string" | ||
} | ||
] | ||
}, | ||
"method": "GET", | ||
"header": [], | ||
"url": { | ||
"raw": "{{serverURL}}/api/v1/ema", | ||
"host": [ | ||
"{{serverURL}}" | ||
], | ||
"path": [ | ||
"api", | ||
"v1", | ||
"ema" | ||
] | ||
} | ||
}, | ||
"response": [] | ||
} | ||
], | ||
"variable": [ | ||
{ | ||
"key": "currentSiteId", | ||
"value": "" | ||
} | ||
] | ||
} |
106 changes: 106 additions & 0 deletions
106
dotCMS/src/main/java/com/dotcms/rest/api/v1/ema/EMAResource.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,106 @@ | ||
package com.dotcms.rest.api.v1.ema; | ||
|
||
import com.dotcms.rest.InitDataObject; | ||
import com.dotcms.rest.ResponseEntityView; | ||
import com.dotcms.rest.WebResource; | ||
import com.dotcms.rest.annotation.NoCache; | ||
import com.dotcms.security.apps.AppDescriptor; | ||
import com.dotcms.security.apps.AppSecrets; | ||
import com.dotcms.security.apps.AppsAPI; | ||
import com.dotcms.security.apps.Secret; | ||
import com.dotmarketing.beans.Host; | ||
import com.dotmarketing.business.APILocator; | ||
import com.dotmarketing.business.web.WebAPILocator; | ||
import com.dotmarketing.exception.DoesNotExistException; | ||
import com.dotmarketing.exception.DotDataException; | ||
import com.dotmarketing.exception.DotSecurityException; | ||
import com.dotmarketing.util.Logger; | ||
import com.dotmarketing.util.json.JSONObject; | ||
import com.fasterxml.jackson.jaxrs.json.annotation.JSONP; | ||
import com.google.common.annotations.VisibleForTesting; | ||
import com.liferay.portal.model.User; | ||
|
||
import javax.servlet.http.HttpServletRequest; | ||
import javax.servlet.http.HttpServletResponse; | ||
import javax.ws.rs.GET; | ||
import javax.ws.rs.Path; | ||
import javax.ws.rs.Produces; | ||
import javax.ws.rs.core.Context; | ||
import javax.ws.rs.core.MediaType; | ||
import javax.ws.rs.core.Response; | ||
import java.util.Optional; | ||
|
||
|
||
/** | ||
* Resource API that deals with secrets and their usage on third-party apps integrations. | ||
* @author jsanca | ||
*/ | ||
@Path("/v1/ema") | ||
public class EMAResource { | ||
|
||
private static final String EMA_APP_KEY = "dotema-config-v2"; | ||
|
||
private final WebResource webResource; | ||
private AppsAPI appsAPI; | ||
|
||
@VisibleForTesting | ||
public EMAResource(final WebResource webResource, | ||
final AppsAPI appsAPI) { | ||
this.webResource = webResource; | ||
this.appsAPI = appsAPI; | ||
} | ||
|
||
public EMAResource() { | ||
this(new WebResource(), APILocator.getAppsAPI()); | ||
} | ||
|
||
|
||
/** | ||
* Returns the ema config for the current site | ||
* @param request | ||
* @param response | ||
* @return Response | ||
* @throws DotDataException | ||
* @throws DotSecurityException | ||
*/ | ||
@GET | ||
@JSONP | ||
@NoCache | ||
@Produces({MediaType.APPLICATION_JSON, "application/javascript"}) | ||
public final Response getDetails( | ||
@Context final HttpServletRequest request, | ||
@Context final HttpServletResponse response | ||
) throws DotDataException, DotSecurityException { | ||
|
||
final Host site = WebAPILocator.getHostWebAPI().getCurrentHostNoThrow(request); | ||
final InitDataObject initData = | ||
new WebResource.InitBuilder(webResource) | ||
.requiredBackendUser(true) | ||
.requiredFrontendUser(false) | ||
.requestAndResponse(request, response) | ||
.rejectWhenNoUser(true) | ||
.init(); | ||
|
||
Logger.debug(this, ()-> "Getting EMA config for site: " + site.getHostname()); | ||
|
||
final Optional<AppDescriptor> appDescriptorOptional = appsAPI | ||
.getAppDescriptor(EMA_APP_KEY, APILocator.systemUser()); // we use the system b/c we don't want to check permissions, but only have access to this app and should be backend | ||
if (appDescriptorOptional.isPresent()) { | ||
|
||
final Optional<AppSecrets> optionalAppSecrets = appsAPI | ||
.getSecrets(EMA_APP_KEY, false, site, APILocator.systemUser()); | ||
|
||
if (optionalAppSecrets.isPresent()) { | ||
|
||
final AppSecrets appSecrets = optionalAppSecrets.get(); | ||
final Secret configSecret = appSecrets.getSecrets().get("configuration"); | ||
final String configJson = configSecret.getString(); | ||
|
||
return Response.ok(new ResponseEntityView<>(new JSONObject(configJson))).build(); | ||
} | ||
} | ||
|
||
throw new DoesNotExistException(String.format( | ||
"No configuration was found for EMA on the current site `%s`. ", site.getHostname())); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.