Merge pull request #663 from wultra/develop

Merge develop to master

.github/dependabot.yml

@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "maven"
+    directory: "/"
+    schedule:
+      interval: "weekly"

.github/workflows/codeql-analysis.yml

@@ -1,67 +1,22 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
 name: "CodeQL"
 
 on:
+  workflow_dispatch:
   push:
-    branches: [ develop, master ]
+    branches: [ 'develop', 'master', 'releases/**' ]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ develop ]
+    branches: [ 'develop', 'master', 'releases/**' ]
   schedule:
     - cron: '19 7 * * 4'
 
 jobs:
-  analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'java', 'javascript' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
-        # Learn more:
-        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+  codeql-analysis:
+    uses: wultra/wultra-infrastructure/.github/workflows/codeql-analysis.yml@develop
+    secrets: inherit
+    with:
+      languages: "['java', 'javascript']"
+      # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+      # Use only 'java' to analyze code written in Java, Kotlin or both
+      # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
+      # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support

.run/PowerAuthPushServerJavaApplication.run.xml

@@ -0,0 +1,12 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="PowerAuthPushServerJavaApplication" type="SpringBootApplicationConfigurationType" factoryName="Spring Boot">
+    <option name="ACTIVE_PROFILES" value="dev" />
+    <module name="powerauth-push-server" />
+    <option name="SPRING_BOOT_MAIN_CLASS" value="io.getlime.push.PowerAuthPushServerJavaApplication" />
+    <option name="VM_PARAMETERS" value="-Dserver.servlet.context-path=/powerauth-push-server -Dserver.port=8089" />
+    <method v="2">
+      <option name="Make" enabled="true" />
+      <option name="Maven.BeforeRunTask" enabled="true" file="$PROJECT_DIR$/powerauth-push-server/pom.xml" goal="process-resources" />
+    </method>
+  </configuration>
+</component>

docs-private/Developer-How-To-Start.md

@@ -0,0 +1,24 @@
+# Developer - How to Start Guide
+
+
+## Push Server
+
+
+### Standalone Run
+
+- Enable maven profile `standalone`
+- Use IntelliJ Idea run configuration at `../.run/PowerAuthPushServerJavaApplication.run.xml`
+- Open [http://localhost:8089/powerauth-push-server/actuator/health](http://localhost:8089/powerauth-push-server/actuator/health) and you should get `{"status":"UP"}`
+
+
+### Database
+
+Database changes are driven by Liquibase.
+
+This is an example how to manually check the Liquibase status.
+Important and fixed parameter is `changelog-file`.
+Others (like URL, username, password) depend on your environment.
+
+```shell
+liquibase --changelog-file=./docs/db/changelog/changesets/powerauth-push-server/db.changelog-module.xml --url=jdbc:postgresql://localhost:5432/powerauth --username=powerauth status
+``` 

docs/Configuration-Properties.md

@@ -78,4 +78,4 @@ The Push Server uses the following public configuration properties:
 | `powerauth.service.correlation-header.enabled` | `false` | Whether correlation header is enabled |
 | `powerauth.service.correlation-header.name` | `X-Correlation-ID` | Correlation header name |
 | `powerauth.service.correlation-header.value.validation-regexp` | `[a-zA-Z0-9\\-]{8,1024}` | Regular expression for correlation header value validation |
-| `logging.pattern.console` | [See application.properties](https://github.com/wultra/powerauth-push-server/blob/develop/powerauth-push-server/src/main/resources/application.properties#L105) | Logging pattern for console which includes the correlation header value |
+| `logging.pattern.console` | [See application.properties](https://github.com/wultra/powerauth-push-server/blob/develop/powerauth-push-server/src/main/resources/application.properties#docucheck-keep-link) | Logging pattern for console which includes the correlation header value |

docs/Migration-Instructions.md

@@ -2,6 +2,8 @@
 
 This page contains PowerAuth Push Server migration instructions.
 
+- [PowerAuth Push Server 1.5.0](./PowerAuth-Push-Server-1.5.0.md)
+- [PowerAuth Push Server 1.4.0](./PowerAuth-Push-Server-1.4.0.md)
 - [PowerAuth Push Server 1.3.0](./PowerAuth-Push-Server-1.3.0.md)
 - [PowerAuth Push Server 1.2.0](./PowerAuth-Push-Server-1.2.0.md)
 - [PowerAuth Push Server 1.1.0](./PowerAuth-Push-Server-1.1.0.md)

docs/PowerAuth-Push-Server-1.3.0.md

@@ -14,8 +14,29 @@ powerauth.push.service.apns.useDevelopment=false
 
 ### Migrating Application ID
 
-Push server now uses `String` application ID instead of numeric one. Therefore, you need to transfer the correct application name to the `push_app_credentials` table. In case you use the same schema to run PowerAuth Server and PowerAuth Push Server, you can use the following script to do it:
+Push server now uses `String` application ID instead of numeric one. Therefore, you need to transfer the correct application name to the `push_app_credentials` table. In case you use the same schema to run PowerAuth Server and PowerAuth Push Server, you can use the following script to do it.
 
+Oracle:
+```sql
+-- rename the original app_id column to app_id_orig 
+ALTER TABLE push_app_credentials RENAME COLUMN app_id TO app_id_orig;
+
+-- create a new column for the string app ID value
+ALTER TABLE push_app_credentials ADD app_id VARCHAR2(255 CHAR);
+
+-- migrate the string app ID value from the PowerAuth table with applications
+UPDATE push_app_credentials push
+SET app_id = (SELECT pa.name FROM pa_application pa WHERE pa.id = push.app_id_orig)
+WHERE EXISTS (SELECT 1 FROM pa_application pa WHERE pa.id = push.app_id_orig);
+
+-- remove the original column with numeric app ID value 
+ALTER TABLE push_app_credentials DROP COLUMN app_id_orig;
+
+-- reintroduce the unique index
+CREATE UNIQUE INDEX push_app_cred_app ON push_app_credentials(app_id);
+```
+
+PostgreSQL:
 ```sql
 -- rename the original app_id column to app_id_orig 
 ALTER TABLE push_app_credentials RENAME COLUMN app_id TO app_id_orig;
@@ -31,6 +52,9 @@ WHERE pa.id = push_app_credentials.app_id_orig;
 
 -- remove the original column with numeric app ID value 
 ALTER TABLE push_app_credentials DROP COLUMN app_id_orig;
+
+-- reintroduce the unique index
+CREATE UNIQUE INDEX push_app_cred_app ON push_app_credentials(app_id);
 ```
 
 Alternatively, you can alter the table manually to have `app_id` column of `VARCHAR(255)` type and value of PowerAuth application name.

docs/PowerAuth-Push-Server-1.4.0.md

@@ -16,9 +16,11 @@ Message inbox requires a simple database structure below:
 -- Create table for message inbox
 CREATE TABLE push_inbox (
     id INTEGER NOT NULL CONSTRAINT push_inbox_pk PRIMARY KEY,
-    inbox_id VARCHAR(37),
+    inbox_id VARCHAR(37) NOT NULL,
     user_id VARCHAR(255) NOT NULL,
+    type VARCHAR(32) NOT NULL,
     subject TEXT NOT NULL,
+    summary TEXT NOT NULL,
     body TEXT NOT NULL,
     read BOOLEAN DEFAULT false NOT NULL,
     timestamp_created TIMESTAMP NOT NULL,
@@ -44,7 +46,9 @@ CREATE TABLE PUSH_INBOX (
   ID NUMBER(19) PRIMARY KEY NOT NULL,
   INBOX_ID VARCHAR2(37 CHAR),
   USER_ID VARCHAR2(255 CHAR) NOT NULL,
+  TYPE VARCHAR2(32 CHAR) NOT NULL,
   SUBJECT VARCHAR2(4000 CHAR) NOT NULL,
+  SUMMARY VARCHAR2(4000 CHAR) NOT NULL,
   BODY CLOB NOT NULL,
   READ NUMBER(1) DEFAULT 0 NOT NULL,
   TIMESTAMP_CREATED TIMESTAMP(6) NOT NULL,
@@ -70,7 +74,9 @@ CREATE TABLE `push_inbox` (
   `id` bigint(20) NOT NULL AUTO_INCREMENT,
   `inbox_id` VARCHAR(37),
   `user_id` VARCHAR(255) NOT NULL,
+  `type` VARCHAR(32) NOT NULL,
   `subject` TEXT NOT NULL,
+  `summary` TEXT NOT NULL,
   `body` TEXT NOT NULL,
   `read` BOOLEAN DEFAULT false NOT NULL,
   `timestamp_created` TIMESTAMP NOT NULL,
@@ -89,8 +95,3 @@ CREATE INDEX `push_inbox_id` ON `push_inbox` (`inbox_id`);
 CREATE INDEX `push_inbox_user` ON `push_inbox` (`user_id`);
 CREATE INDEX `push_inbox_user_read` ON `push_inbox` (`user_id`, `read`);
 ```
-
-## Bouncy Castle Library Update to Version 1.72
-
-Bouncy Castle library has been updated to version `1.72`.
-The newest version of Bouncy Castle library can be downloaded from: [https://www.bouncycastle.org/download/bcprov-jdk18on-172.jar](https://www.bouncycastle.org/download/bcprov-jdk18on-172.jar)