Merge pull request #155 from wultra/develop

Merge all changes for release 2022.12

.env

@@ -69,6 +69,10 @@ POWERAUTH_ADMIN_LDAP_ROOT=dc=powerauth,dc=com
 POWERAUTH_ADMIN_LDAP_LDIF=file:/usr/local/tomcat/conf/ldap/ldap-local.ldif
 POWERAUTH_ADMIN_LDAP_MANAGER_DN=
 POWERAUTH_ADMIN_LDAP_MANAGER_PASSWORD=
+POWERAUTH_ADMIN_AD_DOMAIN=
+POWERAUTH_ADMIN_AD_URL=
+POWERAUTH_ADMIN_AD_ROOT=
+POWERAUTH_ADMIN_AD_USER_SEARCH_FILTER=
 POWERAUTH_ADMIN_APPLICATION_NAME=powerauth-admin
 POWERAUTH_ADMIN_APPLICATION_DISPLAY_NAME=PowerAuth Admin
 POWERAUTH_ADMIN_APPLICATION_ENVIRONMENT=

arm64v8/docker-powerauth-data-adapter/Dockerfile

@@ -1,15 +1,15 @@
-FROM arm64v8/tomcat:9-jre11@sha256:cdf6a9ca2a039f9cfbf0c6546f77c0d6b3664dbdc49a4284a2dd6e84bed2defd
+FROM arm64v8/tomcat:9-jre11@sha256:0464902846f45cf1bbcfc52adc2be69cd53d3954569e3c709c346614f19ecad0
 LABEL maintainer="[email protected]"
 
 # Prepare environment variables
-ENV JAVA_HOME /usr/local/openjdk-11
+ENV JAVA_HOME /opt/java/openjdk
 ENV TOMCAT_HOME /usr/local/tomcat
 
 # Clear root context
 RUN rm -rf $TOMCAT_HOME/webapps/*
 
 # Copy libraries
-ADD ../deploy/lib/ojdbc6.jar $TOMCAT_HOME/lib/
+ADD ../deploy/lib/ojdbc8.jar $TOMCAT_HOME/lib/
 ADD ../deploy/lib/postgresql.jar $TOMCAT_HOME/lib/
 
 # Deploy and run applications

arm64v8/docker-powerauth-nextstep/Dockerfile

@@ -1,15 +1,15 @@
-FROM arm64v8/tomcat:9-jre11@sha256:cdf6a9ca2a039f9cfbf0c6546f77c0d6b3664dbdc49a4284a2dd6e84bed2defd
+FROM arm64v8/tomcat:9-jre11@sha256:0464902846f45cf1bbcfc52adc2be69cd53d3954569e3c709c346614f19ecad0
 LABEL maintainer="[email protected]"
 
 # Prepare environment variables
-ENV JAVA_HOME /usr/local/openjdk-11
+ENV JAVA_HOME /opt/java/openjdk
 ENV TOMCAT_HOME /usr/local/tomcat
 
 # Clear root context
 RUN rm -rf $TOMCAT_HOME/webapps/*
 
 # Copy libraries
-ADD ../deploy/lib/ojdbc6.jar $TOMCAT_HOME/lib/
+ADD ../deploy/lib/ojdbc8.jar $TOMCAT_HOME/lib/
 ADD ../deploy/lib/postgresql.jar $TOMCAT_HOME/lib/
 
 # Deploy and run applications

arm64v8/docker-powerauth-push-server/Dockerfile

@@ -1,15 +1,15 @@
-FROM arm64v8/tomcat:9-jre11@sha256:cdf6a9ca2a039f9cfbf0c6546f77c0d6b3664dbdc49a4284a2dd6e84bed2defd
+FROM arm64v8/tomcat:9-jre11@sha256:0464902846f45cf1bbcfc52adc2be69cd53d3954569e3c709c346614f19ecad0
 LABEL maintainer="[email protected]"
 
 # Prepare environment variables
-ENV JAVA_HOME /usr/local/openjdk-11
+ENV JAVA_HOME /opt/java/openjdk
 ENV TOMCAT_HOME /usr/local/tomcat
 
 # Clear root context
 RUN rm -rf $TOMCAT_HOME/webapps/*
 
 # Copy libraries
-ADD ../deploy/lib/ojdbc6.jar $TOMCAT_HOME/lib/
+ADD ../deploy/lib/ojdbc8.jar $TOMCAT_HOME/lib/
 ADD ../deploy/lib/postgresql.jar $TOMCAT_HOME/lib/
 
 # Deploy and run applications

arm64v8/docker-powerauth-server/Dockerfile

@@ -1,15 +1,15 @@
-FROM arm64v8/tomcat:9-jre11@sha256:cdf6a9ca2a039f9cfbf0c6546f77c0d6b3664dbdc49a4284a2dd6e84bed2defd
+FROM arm64v8/tomcat:9-jre11@sha256:0464902846f45cf1bbcfc52adc2be69cd53d3954569e3c709c346614f19ecad0
 LABEL maintainer="[email protected]"
 
 # Prepare environment variables
-ENV JAVA_HOME /usr/local/openjdk-11
+ENV JAVA_HOME /opt/java/openjdk
 ENV TOMCAT_HOME /usr/local/tomcat
 
 # Clear root context
 RUN rm -rf $TOMCAT_HOME/webapps/*
 
 # Copy libraries
-ADD ../deploy/lib/ojdbc6.jar $TOMCAT_HOME/lib/
+ADD ../deploy/lib/ojdbc8.jar $TOMCAT_HOME/lib/
 ADD ../deploy/lib/postgresql.jar $TOMCAT_HOME/lib/
 
 # Deploy and run applications

arm64v8/docker-powerauth-tpp-engine/Dockerfile

@@ -1,15 +1,15 @@
-FROM arm64v8/tomcat:9-jre11@sha256:cdf6a9ca2a039f9cfbf0c6546f77c0d6b3664dbdc49a4284a2dd6e84bed2defd
+FROM arm64v8/tomcat:9-jre11@sha256:0464902846f45cf1bbcfc52adc2be69cd53d3954569e3c709c346614f19ecad0
 LABEL maintainer="[email protected]"
 
 # Prepare environment variables
-ENV JAVA_HOME /usr/local/openjdk-11
+ENV JAVA_HOME /opt/java/openjdk
 ENV TOMCAT_HOME /usr/local/tomcat
 
 # Clear root context
 RUN rm -rf $TOMCAT_HOME/webapps/*
 
 # Copy libraries
-ADD ../deploy/lib/ojdbc6.jar $TOMCAT_HOME/lib/
+ADD ../deploy/lib/ojdbc8.jar $TOMCAT_HOME/lib/
 ADD ../deploy/lib/postgresql.jar $TOMCAT_HOME/lib/
 
 # Deploy and run applications

arm64v8/docker-powerauth-webflow/Dockerfile

@@ -1,16 +1,16 @@
-FROM arm64v8/tomcat:9-jre11@sha256:cdf6a9ca2a039f9cfbf0c6546f77c0d6b3664dbdc49a4284a2dd6e84bed2defd
+FROM arm64v8/tomcat:9-jre11@sha256:0464902846f45cf1bbcfc52adc2be69cd53d3954569e3c709c346614f19ecad0
 LABEL maintainer="[email protected]"
 
 # Prepare environment variables
-ENV JAVA_HOME /usr/local/openjdk-11
+ENV JAVA_HOME /opt/java/openjdk
 ENV TOMCAT_HOME /usr/local/tomcat
 ENV WEBFLOW_RESOURCES /opt/ext-resources
 
 # Clear root context
 RUN rm -rf $TOMCAT_HOME/webapps/*
 
 # Copy libraries
-ADD ../deploy/lib/ojdbc6.jar $TOMCAT_HOME/lib/
+ADD ../deploy/lib/ojdbc8.jar $TOMCAT_HOME/lib/
 ADD ../deploy/lib/postgresql.jar $TOMCAT_HOME/lib/
 
 # Add valve for proxy with SSL termination

build-arm64v8.sh

@@ -9,7 +9,7 @@ fi
 
 # Prepare Build Number
 if [ -z ${TAG+x} ]; then
-    export PRODUCT_VERSION="2022.05"
+    export PRODUCT_VERSION="2022.12"
     if [ -z ${BUILD+x} ]; then
         export BUILD=$(date +%s)
     fi

build.sh

@@ -9,7 +9,7 @@ fi
 
 # Prepare Build Number
 if [ -z ${TAG+x} ]; then
-    export PRODUCT_VERSION="2022.05"
+    export PRODUCT_VERSION="2022.12"
     if [ -z ${BUILD+x} ]; then
         export BUILD=$(date +%s)
     fi

deploy/conf/powerauth-admin.xml

@@ -9,8 +9,10 @@
     <Parameter name="powerauth.service.security.clientSecret" value="${POWERAUTH_ADMIN_SECURITY_CLIENT_SECRET}"/>
     <Parameter name="powerauth.service.ssl.acceptInvalidSslCertificate" value="${POWERAUTH_ADMIN_ACCEPT_INVALID_SSL_CERTIFICATE}"/>
 
-    <!-- LDAP Settings -->
+    <!-- Admin Authentication Settings -->
     <Parameter name="powerauth.admin.security.method" value="${POWERAUTH_ADMIN_SECURITY_METHOD}"/>
+
+    <!-- LDAP Settings -->
     <Parameter name="powerauth.admin.security.ldap.userDNPatterns" value="${POWERAUTH_ADMIN_LDAP_USER_DN_PATTERNS}"/>
     <Parameter name="powerauth.admin.security.ldap.userSearchBase" value="${POWERAUTH_ADMIN_LDAP_USER_SEARCH_BASE}"/>
     <Parameter name="powerauth.admin.security.ldap.userSearchFilter" value="${POWERAUTH_ADMIN_LDAP_USER_SEARCH_FILTER}"/>
@@ -24,6 +26,12 @@
     <Parameter name="powerauth.admin.security.ldap.managerDN" value="${POWERAUTH_ADMIN_LDAP_MANAGER_DN}"/>
     <Parameter name="powerauth.admin.security.ldap.managerPassword" value="${POWERAUTH_ADMIN_LDAP_MANAGER_PASSWORD}"/>
 
+    <!-- Active Directory Settings -->
+    <Parameter name="powerauth.admin.security.activeDirectory.domain" value="${POWERAUTH_ADMIN_AD_DOMAIN:}"/>
+    <Parameter name="powerauth.admin.security.activeDirectory.url" value="${POWERAUTH_ADMIN_AD_URL:}"/>
+    <Parameter name="powerauth.admin.security.activeDirectory.root" value="${POWERAUTH_ADMIN_AD_ROOT:}"/>
+    <Parameter name="powerauth.admin.security.activeDirectory.userSearchFilter" value="${POWERAUTH_ADMIN_AD_USER_SEARCH_FILTER:}"/>
+
     <!-- Application Service Configuration -->
     <Parameter name="powerauth.admin.service.applicationName" value="${POWERAUTH_ADMIN_APPLICATION_NAME}"/>
     <Parameter name="powerauth.admin.service.applicationDisplayName" value="${POWERAUTH_ADMIN_APPLICATION_DISPLAY_NAME}"/>

deploy/data/ext-resources/messages_cs.properties

@@ -158,4 +158,15 @@ browser.close.warning=Opravdu si přejete zrušit tuto operaci?
 clientCertificate.login=Přihlásit se certifikátem
 clientCertificate.use=Vybrat certifikát
 clientCertificate.failed=Ověření klientského certifikátu selhalo.
-clientCertificate.approval=Pro ověření bude použit klientský certifikát.
+
+qualifiedCertificate.approve=Potvrdit certifikátem
+qualifiedCertificate.choose=Vybrat certifikát
+qualifiedCertificate.sign=Podepsat
+
+signer.error.init.notSupported=Potvrzení certifikátem není podporované.
+signer.error.init.extension.failed=Podpisový plug-in není nainstalovaný v prohlížeči.
+signer.error.init.host.failed=Selhala inicializace podpisové komponenty.
+signer.error.certificate.notFound=Nebyl nalezen žádný certifikát pro podpis.
+signer.error.unknown=Selhala příprava podpisu.
+signer.result.success=Data operace byla úspěšně podepsána.
+signer.result.failed=Selhal výpočet podpisu dat operace.

deploy/data/ext-resources/messages_en.properties

@@ -159,4 +159,15 @@ browser.close.warning=Are you sure you want to cancel current operation?
 clientCertificate.login=Login with Certificate
 clientCertificate.use=Choose Certificate
 clientCertificate.failed=Client certificate verification failed.
-clientCertificate.approval=Client certificate will be used for authorization.
+
+qualifiedCertificate.approve=Approve with Certificate
+qualifiedCertificate.choose=Choose Certificate
+qualifiedCertificate.sign=Sign
+
+signer.error.init.notSupported=Approval with certificate is not supported.
+signer.error.init.extension.failed=Browser extension for signing is not installed.
+signer.error.init.host.failed=Signer component initialization failed.
+signer.error.certificate.notFound=No certificate was found for signing.
+signer.error.unknown=Signature preparation failed.
+signer.result.success=Operation data was signed successfully.
+signer.result.failed=Data signature calculation failed.

deploy/data/postgresql/powerauth-push-server.sql

@@ -15,6 +15,7 @@ CREATE SEQUENCE push_device_registration_seq;
 CREATE SEQUENCE push_message_seq;
 CREATE SEQUENCE push_campaign_seq;
 CREATE SEQUENCE push_campaign_user_seq;
+CREATE SEQUENCE push_inbox_seq;
 
 ---
 --- DB Tables
@@ -23,7 +24,7 @@ CREATE SEQUENCE push_campaign_user_seq;
 -- Create table for application credentials used for APNS and FCM
 CREATE TABLE push_app_credentials (
 	id INTEGER NOT NULL CONSTRAINT push_app_credentials_pkey PRIMARY KEY,
-	app_id INTEGER NOT NULL,
+	app_id VARCHAR(255) NOT NULL,
 	ios_key_id VARCHAR(255),
 	ios_private_key BYTEA,
 	ios_team_id VARCHAR(255),
@@ -81,6 +82,25 @@ CREATE TABLE push_campaign_user (
 	timestamp_created TIMESTAMP(6) NOT NULL
 );
 
+-- Create table for message inbox
+CREATE TABLE push_inbox (
+    id INTEGER NOT NULL CONSTRAINT push_inbox_pk PRIMARY KEY,
+    inbox_id VARCHAR(37),
+    user_id VARCHAR(255) NOT NULL,
+    subject TEXT NOT NULL,
+    body TEXT NOT NULL,
+    read BOOLEAN DEFAULT false NOT NULL,
+    timestamp_created TIMESTAMP NOT NULL,
+    timestamp_read TIMESTAMP
+);
+
+-- Create table for assignment of inbox messages to apps
+CREATE TABLE push_inbox_app (
+    app_credentials_id INTEGER NOT NULL,
+    inbox_id           INTEGER NOT NULL,
+    CONSTRAINT push_inbox_app_pk PRIMARY KEY (inbox_id, app_credentials_id)
+);
+
 --
 -- DB Indexes (recommended for better performance)
 --
@@ -103,5 +123,6 @@ CREATE INDEX push_campaign_user_campaign ON push_campaign_user (campaign_id, use
 
 CREATE INDEX push_campaign_user_detail ON push_campaign_user (user_id);
 
-GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO powerauth;
-GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO powerauth;
+CREATE INDEX push_inbox_id ON push_inbox (inbox_id);
+CREATE INDEX push_inbox_user ON push_inbox (user_id);
+CREATE INDEX push_inbox_user_read ON push_inbox (user_id, read);