diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationApproveRequest.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationApproveRequest.java index a27a82c45..bcc932a5f 100644 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationApproveRequest.java +++ b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationApproveRequest.java @@ -21,6 +21,9 @@ import com.fasterxml.jackson.annotation.JsonSetter; import com.fasterxml.jackson.annotation.Nulls; import com.wultra.security.powerauth.client.model.enumeration.SignatureType; +import io.swagger.v3.oas.annotations.media.Schema; +import jakarta.validation.constraints.NotBlank; +import jakarta.validation.constraints.NotNull; import lombok.Data; import java.util.LinkedHashMap; @@ -34,12 +37,27 @@ @Data public class OperationApproveRequest { + @Schema(description = "The identifier of the operation", requiredMode = Schema.RequiredMode.REQUIRED) + @NotBlank(message = "Operation ID must not be empty when approving operation") private String operationId; + + @Schema(description = "The identifier of the user", requiredMode = Schema.RequiredMode.REQUIRED) + @NotBlank(message = "User ID must not be empty when approving operation") private String userId; + + @Schema(description = "The identifier of the application", requiredMode = Schema.RequiredMode.REQUIRED) + @NotBlank(message = "Application ID must not be empty when approving operation") private String applicationId; + + @Schema(description = "Operation data to approve", requiredMode = Schema.RequiredMode.REQUIRED) + @NotBlank(message = "Data must not be empty when approving operation") private String data; + + @Schema(description = "PowerAuth signature type", requiredMode = Schema.RequiredMode.REQUIRED) + @NotNull(message = "Signature type must not be null when approving operation") private SignatureType signatureType; + @Schema(description = "Additional data associated with the operation", requiredMode = Schema.RequiredMode.NOT_REQUIRED) @JsonSetter(nulls = Nulls.SKIP) private final Map additionalData = new LinkedHashMap<>(); diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationCancelRequest.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationCancelRequest.java index 8e33c29a4..76bb18f05 100644 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationCancelRequest.java +++ b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationCancelRequest.java @@ -21,6 +21,7 @@ import com.fasterxml.jackson.annotation.JsonSetter; import com.fasterxml.jackson.annotation.Nulls; import io.swagger.v3.oas.annotations.media.Schema; +import jakarta.validation.constraints.NotBlank; import jakarta.validation.constraints.Size; import lombok.Data; @@ -35,8 +36,11 @@ @Data public class OperationCancelRequest { + @Schema(description = "The identifier of the operation", requiredMode = Schema.RequiredMode.REQUIRED) + @NotBlank(message = "Operation ID must not be empty when cancelling operation") private String operationId; + @Schema(description = "Additional data associated with the operation", requiredMode = Schema.RequiredMode.NOT_REQUIRED) @JsonSetter(nulls = Nulls.SKIP) private final Map additionalData = new LinkedHashMap<>(); diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationClaimRequest.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationClaimRequest.java index 025723c1e..35721885a 100644 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationClaimRequest.java +++ b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationClaimRequest.java @@ -18,6 +18,8 @@ package com.wultra.security.powerauth.client.model.request; +import io.swagger.v3.oas.annotations.media.Schema; +import jakarta.validation.constraints.NotBlank; import lombok.Data; /** @@ -31,11 +33,15 @@ public class OperationClaimRequest { /** * Operation identifier. */ + @Schema(description = "The identifier of the operation", requiredMode = Schema.RequiredMode.REQUIRED) + @NotBlank(message = "Operation ID must not be empty when requesting operation claim") private String operationId; /** * User identifier of the user who is claiming the operation. */ + @Schema(description = "The identifier of the user", requiredMode = Schema.RequiredMode.REQUIRED) + @NotBlank(message = "User ID must not be empty when requesting operation claim") private String userId; } diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationCreateRequest.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationCreateRequest.java index ec7c6035d..08bf008c6 100644 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationCreateRequest.java +++ b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationCreateRequest.java @@ -1,48 +1,30 @@ -/* - * PowerAuth Server and related software components - * Copyright (C) 2020 Wultra s.r.o. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published - * by the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - package com.wultra.security.powerauth.client.model.request; import com.fasterxml.jackson.annotation.JsonSetter; import com.fasterxml.jackson.annotation.Nulls; import io.swagger.v3.oas.annotations.media.Schema; +import jakarta.validation.constraints.*; import lombok.Data; import java.util.*; -/** - * Request method for creating a new operation. - * - * @author Petr Dvorak, petr@wultra.com - */ @Data public class OperationCreateRequest { @Schema(description = "The identifier of the user", requiredMode = Schema.RequiredMode.NOT_REQUIRED) + @Size(min = 1, message = "User ID must not be empty when creating operation") private String userId; @Schema(description = "List of associated applications", requiredMode = Schema.RequiredMode.REQUIRED) + @NotNull(message = "Application ID list must not be null when creating operation") + @Size(min = 1, message = "Application ID list must not be empty when creating operation") private List applications = new ArrayList<>(); @Schema(description = "Activation flag associated with the operation", requiredMode = Schema.RequiredMode.NOT_REQUIRED) private String activationFlag; @Schema(description = "Name of the template used for creating the operation", requiredMode = Schema.RequiredMode.REQUIRED) + @NotBlank(message = "Template name must not be empty when creating operation") private String templateName; @Schema(description = "Timestamp of when the operation will expire, overrides expiration period from operation template", requiredMode = Schema.RequiredMode.NOT_REQUIRED) @@ -63,6 +45,6 @@ public class OperationCreateRequest { private Boolean proximityCheckEnabled; @Schema(description = "Activation ID. It is possible to specify a single device (otherwise all user's activations are taken into account).", requiredMode = Schema.RequiredMode.NOT_REQUIRED, maxLength = 37) + @Size(max = 37, message = "Activation ID must not exceed 37 characters when creating operation") private String activationId; - } diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationDetailRequest.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationDetailRequest.java index a59fffd2c..8614a3fc9 100644 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationDetailRequest.java +++ b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationDetailRequest.java @@ -18,6 +18,8 @@ package com.wultra.security.powerauth.client.model.request; +import io.swagger.v3.oas.annotations.media.Schema; +import jakarta.validation.constraints.NotBlank; import lombok.Data; /** @@ -28,6 +30,8 @@ @Data public class OperationDetailRequest { + @Schema(description = "The identifier of the operation", requiredMode = Schema.RequiredMode.REQUIRED) + @NotBlank(message = "Operation ID must not be empty when requesting operation detail") private String operationId; } diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationExtIdRequest.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationExtIdRequest.java index a7d60be00..2036fd54f 100644 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationExtIdRequest.java +++ b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationExtIdRequest.java @@ -18,7 +18,8 @@ package com.wultra.security.powerauth.client.model.request; -import jakarta.validation.constraints.Min; +import io.swagger.v3.oas.annotations.media.Schema; +import jakarta.validation.constraints.*; import lombok.Data; import java.util.ArrayList; @@ -32,10 +33,18 @@ @Data public class OperationExtIdRequest { + @Schema(description = "External identifier of the operation", requiredMode = Schema.RequiredMode.REQUIRED) + @NotBlank(message = "External ID must not be empty when requesting operation lookup by external ID") private String externalId; + + @Schema(description = "Associated application identifiers", requiredMode = Schema.RequiredMode.REQUIRED) + @NotNull(message = "Application ID list must not be null when requesting operation lookup by external ID") + @Size(min = 1, message = "Application ID list must not be empty when requesting operation lookup by external ID") private List applications = new ArrayList<>(); + @Min(0) private Integer pageNumber; + @Min(1) private Integer pageSize; diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationFailApprovalRequest.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationFailApprovalRequest.java index 4f2ebbf8e..acee00b3e 100644 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationFailApprovalRequest.java +++ b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationFailApprovalRequest.java @@ -20,6 +20,8 @@ import com.fasterxml.jackson.annotation.JsonSetter; import com.fasterxml.jackson.annotation.Nulls; +import io.swagger.v3.oas.annotations.media.Schema; +import jakarta.validation.constraints.NotBlank; import lombok.Data; import java.util.LinkedHashMap; @@ -33,8 +35,11 @@ @Data public class OperationFailApprovalRequest { + @Schema(description = "The identifier of the operation", requiredMode = Schema.RequiredMode.REQUIRED) + @NotBlank(message = "Operation ID must not be empty when requesting operation approval failure") private String operationId; + @Schema(description = "Additional data associated with the operation", requiredMode = Schema.RequiredMode.NOT_REQUIRED) @JsonSetter(nulls = Nulls.SKIP) private final Map additionalData = new LinkedHashMap<>(); diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationListForUserRequest.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationListForUserRequest.java index 40964c115..fd504b59f 100644 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationListForUserRequest.java +++ b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationListForUserRequest.java @@ -18,7 +18,11 @@ package com.wultra.security.powerauth.client.model.request; +import io.swagger.v3.oas.annotations.media.Schema; import jakarta.validation.constraints.Min; +import jakarta.validation.constraints.NotBlank; +import jakarta.validation.constraints.NotNull; +import jakarta.validation.constraints.Size; import lombok.Data; import java.util.ArrayList; @@ -32,12 +36,22 @@ @Data public class OperationListForUserRequest { + @Schema(description = "The identifier of the user", requiredMode = Schema.RequiredMode.REQUIRED) + @NotBlank(message = "User ID must not be empty when requesting operation list") private String userId; + + @Schema(description = "Associated application identifiers", requiredMode = Schema.RequiredMode.REQUIRED) + @NotNull(message = "Application ID list must not be null when requesting operation list") + @Size(min = 1, message = "Application ID list must not be empty when requesting operation list") private List applications = new ArrayList<>(); + @Min(0) private Integer pageNumber; + @Min(1) private Integer pageSize; + + @Schema(description = "The identifier of the activation", requiredMode = Schema.RequiredMode.NOT_REQUIRED) private String activationId; } diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationRejectRequest.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationRejectRequest.java index ddc211ed5..8a9128e14 100644 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationRejectRequest.java +++ b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/request/OperationRejectRequest.java @@ -20,6 +20,8 @@ import com.fasterxml.jackson.annotation.JsonSetter; import com.fasterxml.jackson.annotation.Nulls; +import io.swagger.v3.oas.annotations.media.Schema; +import jakarta.validation.constraints.NotBlank; import lombok.Data; import java.util.LinkedHashMap; @@ -33,10 +35,19 @@ @Data public class OperationRejectRequest { + @Schema(description = "The identifier of the operation", requiredMode = Schema.RequiredMode.REQUIRED) + @NotBlank(message = "Operation ID must not be empty when rejecting operation") private String operationId; + + @Schema(description = "The identifier of the user", requiredMode = Schema.RequiredMode.REQUIRED) + @NotBlank(message = "User ID must not be empty when rejecting operation") private String userId; + + @Schema(description = "The identifier of the application", requiredMode = Schema.RequiredMode.REQUIRED) + @NotBlank(message = "Application ID must not be empty when rejecting operation") private String applicationId; + @Schema(description = "Additional data associated with the operation", requiredMode = Schema.RequiredMode.NOT_REQUIRED) @JsonSetter(nulls = Nulls.SKIP) private final Map additionalData = new LinkedHashMap<>(); diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationApproveRequestValidator.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationApproveRequestValidator.java deleted file mode 100644 index 7f59eb7fb..000000000 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationApproveRequestValidator.java +++ /dev/null @@ -1,62 +0,0 @@ -/* - * PowerAuth Server and related software components - * Copyright (C) 2021 Wultra s.r.o. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published - * by the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -package com.wultra.security.powerauth.client.model.validator; - -import com.wultra.security.powerauth.client.model.request.OperationApproveRequest; -import org.springframework.util.StringUtils; - -/** - * Validator for OperationApproveRequest class. - * - * @author Petr Dvorak, petr@wultra.com - */ -public class OperationApproveRequestValidator { - - public static String validate(OperationApproveRequest source) { - if (source == null) { - return "Operation approve request must not be null"; - } - if (!StringUtils.hasText(source.getApplicationId())) { - return "Application ID must not be null or empty when creating operation"; - } - if (source.getOperationId() == null) { - return "Operation ID must not be null when approving operation"; - } - if (source.getOperationId().isEmpty()) { - return "Operation ID must not be empty when approving operation"; - } - if (source.getUserId() == null) { - return "User ID must not be null when approving operation"; - } - if (source.getUserId().isEmpty()) { - return "User ID must not be empty when approving operation"; - } - if (source.getData() == null) { - return "Data must not be null when approving operation"; - } - if (source.getData().isEmpty()) { - return "Data must not be empty when approving operation"; - } - if (source.getSignatureType() == null) { - return "Signature type must not be empty when approving operation"; - } - return null; - } - -} diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationCancelRequestValidator.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationCancelRequestValidator.java deleted file mode 100644 index 093c06d60..000000000 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationCancelRequestValidator.java +++ /dev/null @@ -1,43 +0,0 @@ -/* - * PowerAuth Server and related software components - * Copyright (C) 2021 Wultra s.r.o. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published - * by the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -package com.wultra.security.powerauth.client.model.validator; - -import com.wultra.security.powerauth.client.model.request.OperationCancelRequest; - -/** - * Validator for OperationCancelRequest class. - * - * @author Petr Dvorak, petr@wultra.com - */ -public class OperationCancelRequestValidator { - - public static String validate(OperationCancelRequest source) { - if (source == null) { - return "Operation cancel request must not be null"; - } - if (source.getOperationId() == null) { - return "Operation ID must not be null when cancelling operation"; - } - if (source.getOperationId().isEmpty()) { - return "Operation ID must not be empty when cancelling operation"; - } - return null; - } - -} diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationClaimRequestValidator.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationClaimRequestValidator.java deleted file mode 100644 index a56a26812..000000000 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationClaimRequestValidator.java +++ /dev/null @@ -1,43 +0,0 @@ -/* - * PowerAuth Server and related software components - * Copyright (C) 2024 Wultra s.r.o. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published - * by the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -package com.wultra.security.powerauth.client.model.validator; - -import com.wultra.security.powerauth.client.model.request.OperationClaimRequest; - -/** - * Validator for OperationClaimRequest class. - * - * @author Roman Strobl, roman.strobl@wultra.com - */ -public class OperationClaimRequestValidator { - - public static String validate(OperationClaimRequest source) { - if (source == null) { - return "Operation claim request must not be null"; - } - if (source.getOperationId() == null || source.getOperationId().isEmpty()) { - return "Operation ID must be specified when requesting operation claim"; - } - if (source.getUserId() == null || source.getUserId().isEmpty()) { - return "User ID must be specified when requesting operation claim"; - } - return null; - } - -} diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationCreateRequestValidator.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationCreateRequestValidator.java deleted file mode 100644 index 6958f470a..000000000 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationCreateRequestValidator.java +++ /dev/null @@ -1,54 +0,0 @@ -/* - * PowerAuth Server and related software components - * Copyright (C) 2021 Wultra s.r.o. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published - * by the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -package com.wultra.security.powerauth.client.model.validator; - -import com.wultra.security.powerauth.client.model.request.OperationCreateRequest; - -/** - * Validator for OperationCreateRequest class. - * - * @author Petr Dvorak, petr@wultra.com - */ -public class OperationCreateRequestValidator { - - private static final int MAX_ACTIVATION_ID_LENGTH = 37; - - public static String validate(OperationCreateRequest source) { - if (source == null) { - return "Operation create request must not be null when creating operation"; - } - if (source.getApplications() == null || source.getApplications().isEmpty()) { - return "Application ID list must not be null or empty when creating operation"; - } - if (source.getUserId() != null && source.getUserId().isEmpty()) { - return "User ID must not be empty when creating operation"; - } - if (source.getTemplateName() == null) { - return "Template name must not be null when creating operation"; - } - if (source.getTemplateName().isEmpty()) { - return "Template name must not be empty when creating operation"; - } - if (source.getActivationId() != null && source.getActivationId().length() > MAX_ACTIVATION_ID_LENGTH) { - return "Activation ID must not exceed 37 characters when creating operation"; - } - return null; - } - -} diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationDetailRequestValidator.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationDetailRequestValidator.java deleted file mode 100644 index 2463782f6..000000000 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationDetailRequestValidator.java +++ /dev/null @@ -1,43 +0,0 @@ -/* - * PowerAuth Server and related software components - * Copyright (C) 2021 Wultra s.r.o. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published - * by the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -package com.wultra.security.powerauth.client.model.validator; - -import com.wultra.security.powerauth.client.model.request.OperationDetailRequest; - -/** - * Validator for OperationDetailRequest class. - * - * @author Petr Dvorak, petr@wultra.com - */ -public class OperationDetailRequestValidator { - - public static String validate(OperationDetailRequest source) { - if (source == null) { - return "Operation detail request must not be null"; - } - if (source.getOperationId() == null) { - return "Operation ID must not be null when requesting operation detail"; - } - if (source.getOperationId().isEmpty()) { - return "Operation ID must not be empty when requesting operation detail"; - } - return null; - } - -} diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationExtIdRequestValidator.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationExtIdRequestValidator.java deleted file mode 100644 index ef6d828ce..000000000 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationExtIdRequestValidator.java +++ /dev/null @@ -1,46 +0,0 @@ -/* - * PowerAuth Server and related software components - * Copyright (C) 2021 Wultra s.r.o. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published - * by the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -package com.wultra.security.powerauth.client.model.validator; - -import com.wultra.security.powerauth.client.model.request.OperationExtIdRequest; - -/** - * Validator for OperationExtIdRequest class. - * - * @author Petr Dvorak, petr@wultra.com - */ -public class OperationExtIdRequestValidator { - - public static String validate(OperationExtIdRequest source) { - if (source == null) { - return "Operation lookup by external ID request must not be null"; - } - if (source.getApplications() == null || source.getApplications().isEmpty()) { - return "Application ID must not be null or empty when requesting operation lookup by external ID"; - } - if (source.getExternalId() == null) { - return "External ID must not be null when requesting operation lookup by external ID"; - } - if (source.getExternalId().isEmpty()) { - return "External ID must not be empty when requesting operation lookup by external ID"; - } - return null; - } - -} diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationFailApprovalRequestValidator.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationFailApprovalRequestValidator.java deleted file mode 100644 index f208ac3c7..000000000 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationFailApprovalRequestValidator.java +++ /dev/null @@ -1,43 +0,0 @@ -/* - * PowerAuth Server and related software components - * Copyright (C) 2021 Wultra s.r.o. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published - * by the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -package com.wultra.security.powerauth.client.model.validator; - -import com.wultra.security.powerauth.client.model.request.OperationFailApprovalRequest; - -/** - * Validator for OperationFailApprovalRequest class. - * - * @author Petr Dvorak, petr@wultra.com - */ -public class OperationFailApprovalRequestValidator { - - public static String validate(OperationFailApprovalRequest source) { - if (source == null) { - return "Operation approve request must not be null"; - } - if (source.getOperationId() == null) { - return "Operation ID must not be null when approving operation"; - } - if (source.getOperationId().isEmpty()) { - return "Operation ID must not be empty when approving operation"; - } - return null; - } - -} diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationListForUserRequestValidator.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationListForUserRequestValidator.java deleted file mode 100644 index f22a547e0..000000000 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationListForUserRequestValidator.java +++ /dev/null @@ -1,46 +0,0 @@ -/* - * PowerAuth Server and related software components - * Copyright (C) 2021 Wultra s.r.o. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published - * by the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -package com.wultra.security.powerauth.client.model.validator; - -import com.wultra.security.powerauth.client.model.request.OperationListForUserRequest; - -/** - * Validator for OperationListForUserRequest class. - * - * @author Petr Dvorak, petr@wultra.com - */ -public class OperationListForUserRequestValidator { - - public static String validate(OperationListForUserRequest source) { - if (source == null) { - return "Operation create request must not be null"; - } - if (source.getApplications() == null || source.getApplications().isEmpty()) { - return "Application ID must not be null or empty when requesting operation list"; - } - if (source.getUserId() == null) { - return "User ID must not be null when requesting operation list"; - } - if (source.getUserId().isEmpty()) { - return "User ID must not be empty when requesting operation list"; - } - return null; - } - -} diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationRejectRequestValidator.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationRejectRequestValidator.java deleted file mode 100644 index 25b32dd80..000000000 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/validator/OperationRejectRequestValidator.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * PowerAuth Server and related software components - * Copyright (C) 2021 Wultra s.r.o. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published - * by the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -package com.wultra.security.powerauth.client.model.validator; - -import com.wultra.security.powerauth.client.model.request.OperationRejectRequest; -import org.springframework.util.StringUtils; - -/** - * Validator for OperationRejectRequest class. - * - * @author Petr Dvorak, petr@wultra.com - */ -public class OperationRejectRequestValidator { - - public static String validate(OperationRejectRequest source) { - if (source == null) { - return "Operation reject request must not be null"; - } - if (!StringUtils.hasText(source.getApplicationId())) { - return "Application ID must not be null or empty when rejecting operation"; - } - if (source.getOperationId() == null) { - return "Operation ID must not be null when rejecting operation"; - } - if (source.getOperationId().isEmpty()) { - return "Operation ID must not be empty when rejecting operation"; - } - if (source.getUserId() == null) { - return "User ID must not be null when rejecting operation"; - } - if (source.getUserId().isEmpty()) { - return "User ID must not be empty when rejecting operation"; - } - return null; - } - -} diff --git a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/controller/api/OperationsController.java b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/controller/api/OperationsController.java index 25cfe9a7a..9bf38edfd 100644 --- a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/controller/api/OperationsController.java +++ b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/controller/api/OperationsController.java @@ -26,8 +26,10 @@ import io.getlime.core.rest.model.base.response.ObjectResponse; import io.getlime.security.powerauth.app.server.service.behavior.tasks.OperationServiceBehavior; import io.swagger.v3.oas.annotations.tags.Tag; +import jakarta.validation.Valid; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -37,10 +39,12 @@ * Controller managing the endpoints related to operations. * * @author Petr Dvorak, petr@wultra.com + * @author Roman Strobl, roman.strobl@wultra.com */ @RestController("operationsController") @RequestMapping("/rest/v3/operation") @Tag(name = "PowerAuth Operations Controller (V3)") +@Validated @Slf4j public class OperationsController { @@ -59,10 +63,13 @@ public OperationsController(OperationServiceBehavior service) { * @throws Exception In case the service throws exception. */ @PostMapping("/create") - public ObjectResponse createOperation(@RequestBody ObjectRequest request) throws Exception { - logger.info("OperationCreateRequest received: {}", request); + public ObjectResponse createOperation(@Valid @RequestBody ObjectRequest request) throws Exception { + final OperationCreateRequest req = request.getRequestObject(); + logger.info("action: createOperation, state: initiated, userId: {}, applications: {}, templateName: {}", req.getUserId(), req.getApplications(), req.getTemplateName()); + logger.debug("action: createOperation, state: initiated, request: {}", request); final ObjectResponse response = new ObjectResponse<>(service.createOperation(request.getRequestObject())); - logger.info("OperationCreateRequest succeeded: {}", response); + logger.info("action: createOperation, state: succeeded"); + logger.debug("action: createOperation, state: succeeded, response: {}", response); return response; } @@ -74,10 +81,13 @@ public ObjectResponse createOperation(@RequestBody Obje * @throws Exception In case the service throws exception. */ @PostMapping("/detail") - public ObjectResponse operationDetail(@RequestBody ObjectRequest request) throws Exception { - logger.info("OperationDetailRequest received: {}", request); + public ObjectResponse operationDetail(@Valid @RequestBody ObjectRequest request) throws Exception { + final OperationDetailRequest req = request.getRequestObject(); + logger.info("action: operationDetail, state: initiated, operationId: {}", req.getOperationId()); + logger.debug("action: operationDetail, state: initiated, request: {}", request); final ObjectResponse response = new ObjectResponse<>(service.operationDetail(request.getRequestObject())); - logger.info("OperationDetailRequest succeeded: {}", response); + logger.info("action: operationDetail, state: succeeded"); + logger.debug("action: operationDetail, state: succeeded, response: {}", response); return response; } @@ -89,10 +99,13 @@ public ObjectResponse operationDetail(@RequestBody Obje * @throws Exception In case the service throws exception. */ @PostMapping("/claim") - public ObjectResponse operationClaim(@RequestBody ObjectRequest request) throws Exception { - logger.info("OperationClaimRequest received: {}", request); + public ObjectResponse operationClaim(@Valid @RequestBody ObjectRequest request) throws Exception { + final OperationClaimRequest req = request.getRequestObject(); + logger.info("action: operationClaim, state: initiated, operationId: {}, userId: {}", req.getOperationId(), req.getUserId()); + logger.debug("action: operationClaim, state: initiated, request: {}", request); final ObjectResponse response = new ObjectResponse<>(service.operationClaim(request.getRequestObject())); - logger.info("OperationClaimRequest succeeded: {}", response); + logger.info("action: operationClaim, state: succeeded"); + logger.debug("action: operationClaim, state: succeeded, response: {}", response); return response; } @@ -104,10 +117,13 @@ public ObjectResponse operationClaim(@RequestBody Objec * @throws Exception In case the service throws exception. */ @PostMapping("/list") - public ObjectResponse operationList(@RequestBody ObjectRequest request) throws Exception { - logger.info("OperationListForUserRequest received: {}", request); + public ObjectResponse operationList(@Valid @RequestBody ObjectRequest request) throws Exception { + final OperationListForUserRequest req = request.getRequestObject(); + logger.info("action: operationList, state: initiated, userId: {}, applications: {}", req.getUserId(), req.getApplications()); + logger.debug("action: operationList, state: initiated, request: {}", request); final ObjectResponse response = new ObjectResponse<>(service.findAllOperationsForUser(request.getRequestObject())); - logger.info("OperationListForUserRequest succeeded: {}", response); + logger.info("action: operationList, state: succeeded"); + logger.debug("action: operationList, state: succeeded, response: {}", response); return response; } @@ -119,10 +135,13 @@ public ObjectResponse operationList(@RequestBody ObjectRe * @throws Exception In case the service throws exception. */ @PostMapping("/list/pending") - public ObjectResponse pendingOperationList(@RequestBody ObjectRequest request) throws Exception { - logger.info("OperationListForUserRequest received: {}", request); + public ObjectResponse pendingOperationList(@Valid @RequestBody ObjectRequest request) throws Exception { + final OperationListForUserRequest req = request.getRequestObject(); + logger.info("action: pendingOperationList, state: initiated, userId: {}, applications: {}", req.getUserId(), req.getApplications()); + logger.debug("action: pendingOperationList, state: initiated, request: {}", request); final ObjectResponse response = new ObjectResponse<>(service.findPendingOperationsForUser(request.getRequestObject())); - logger.info("OperationListForUserRequest succeeded: {}", response); + logger.info("action: pendingOperationList, state: succeeded"); + logger.debug("action: pendingOperationList, state: succeeded, response: {}", response); return response; } @@ -134,10 +153,13 @@ public ObjectResponse pendingOperationList(@RequestBody O * @throws Exception In case the service throws exception. */ @PostMapping("/list/external") - public ObjectResponse findAllOperationsByExternalId(@RequestBody ObjectRequest request) throws Exception { - logger.info("findAllOperationsByExternalId received: {}", request); + public ObjectResponse findAllOperationsByExternalId(@Valid @RequestBody ObjectRequest request) throws Exception { + final OperationExtIdRequest req = request.getRequestObject(); + logger.info("action: findAllOperationsByExternalId, state: initiated, externalId: {}, applications: {}", req.getExternalId(), req.getApplications()); + logger.debug("action: findAllOperationsByExternalId, state: initiated, request: {}", request); final ObjectResponse response = new ObjectResponse<>(service.findOperationsByExternalId(request.getRequestObject())); - logger.info("findAllOperationsByExternalId succeeded: {}", response); + logger.info("action: findAllOperationsByExternalId, state: succeeded"); + logger.debug("action: findAllOperationsByExternalId, state: succeeded, response: {}", response); return response; } @@ -149,10 +171,13 @@ public ObjectResponse findAllOperationsByExternalId(@Requ * @throws Exception In case the service throws exception. */ @PostMapping("/cancel") - public ObjectResponse cancelOperation(@RequestBody ObjectRequest request) throws Exception { - logger.info("OperationCancelRequest received: {}", request); + public ObjectResponse cancelOperation(@Valid @RequestBody ObjectRequest request) throws Exception { + final OperationCancelRequest req = request.getRequestObject(); + logger.info("action: cancelOperation, state: initiated, operationId: {}", req.getOperationId()); + logger.debug("action: cancelOperation, state: initiated, request: {}", request); final ObjectResponse response = new ObjectResponse<>(service.cancelOperation(request.getRequestObject())); - logger.info("OperationCancelRequest succeeded: {}", response); + logger.info("action: cancelOperation, state: succeeded"); + logger.debug("action: cancelOperation, state: succeeded, response: {}", response); return response; } @@ -164,10 +189,13 @@ public ObjectResponse cancelOperation(@RequestBody Obje * @throws Exception In case the service throws exception. */ @PostMapping("/approve") - public ObjectResponse approveOperation(@RequestBody ObjectRequest request) throws Exception { - logger.info("OperationApproveRequest received: {}", request); + public ObjectResponse approveOperation(@Valid @RequestBody ObjectRequest request) throws Exception { + final OperationApproveRequest req = request.getRequestObject(); + logger.info("action: approveOperation, state: initiated, operationId: {}, userId: {}, applicationId: {}", req.getOperationId(), req.getUserId(), req.getApplicationId()); + logger.debug("action: approveOperation, state: initiated, request: {}", request); final ObjectResponse response = new ObjectResponse<>(service.attemptApproveOperation(request.getRequestObject())); - logger.info("OperationApproveRequest succeeded: {}", response); + logger.info("action: approveOperation, state: succeeded"); + logger.debug("action: approveOperation, state: succeeded, response: {}", response); return response; } @@ -179,10 +207,13 @@ public ObjectResponse approveOperation(@RequestBody * @throws Exception In case the service throws exception. */ @PostMapping("/approve/fail") - public ObjectResponse failApprovalOperation(@RequestBody ObjectRequest request) throws Exception { - logger.info("OperationFailApprovalRequest received: {}", request); + public ObjectResponse failApprovalOperation(@Valid @RequestBody ObjectRequest request) throws Exception { + final OperationFailApprovalRequest req = request.getRequestObject(); + logger.info("action: failApprovalOperation, state: initiated, operationId: {}", req.getOperationId()); + logger.debug("action: failApprovalOperation, state: initiated, request: {}", request); final ObjectResponse response = new ObjectResponse<>(service.failApprovalOperation(request.getRequestObject())); - logger.info("OperationFailApprovalRequest succeeded: {}", response); + logger.info("action: failApprovalOperation, state: succeeded"); + logger.debug("action: failApprovalOperation, state: succeeded, response: {}", response); return response; } @@ -194,10 +225,13 @@ public ObjectResponse failApprovalOperation(@Reques * @throws Exception In case the service throws exception. */ @PostMapping("/reject") - public ObjectResponse rejectOperation(@RequestBody ObjectRequest request) throws Exception { - logger.info("OperationRejectRequest received: {}", request); + public ObjectResponse rejectOperation(@Valid @RequestBody ObjectRequest request) throws Exception { + final OperationRejectRequest req = request.getRequestObject(); + logger.info("action: rejectOperation, state: initiated, operationId: {}, userId: {}, applicationId: {}", req.getOperationId(), req.getUserId(), req.getApplicationId()); + logger.debug("action: rejectOperation, state: initiated, request: {}", request); final ObjectResponse response = new ObjectResponse<>(service.rejectOperation(request.getRequestObject())); - logger.info("OperationRejectRequest succeeded: {}", response); + logger.info("action: rejectOperation, state: succeeded"); + logger.debug("action: rejectOperation, state: succeeded, response: {}", response); return response; } } diff --git a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/OperationServiceBehavior.java b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/OperationServiceBehavior.java index 0c78af0fe..a36c5903f 100644 --- a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/OperationServiceBehavior.java +++ b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/OperationServiceBehavior.java @@ -144,10 +144,6 @@ public void setLocalizationProvider(LocalizationProvider localizationProvider) { @Transactional public OperationDetailResponse createOperation(OperationCreateRequest request) throws GenericServiceException { try { - final String error = OperationCreateRequestValidator.validate(request); - if (error != null) { - throw new GenericServiceException(ServiceError.INVALID_REQUEST, error); - } validate(request); final List applications = request.getApplications(); @@ -332,11 +328,6 @@ public OperationUserActionResponse attemptApproveOperation(OperationApproveReque @Transactional public OperationUserActionResponse attemptApproveOperation(OperationApproveRequest request, OperationApprovalCustomizer operationApprovalCustomizer) throws GenericServiceException { try { - final String error = OperationApproveRequestValidator.validate(request); - if (error != null) { - throw new GenericServiceException(ServiceError.INVALID_REQUEST, error); - } - final Instant currentInstant = Instant.now(); final Date currentTimestamp = Date.from(currentInstant); @@ -503,11 +494,6 @@ && proximityCheckPassed(proximityCheckResult) @Transactional public OperationUserActionResponse rejectOperation(OperationRejectRequest request) throws GenericServiceException { try { - final String error = OperationRejectRequestValidator.validate(request); - if (error != null) { - throw new GenericServiceException(ServiceError.INVALID_REQUEST, error); - } - final Date currentTimestamp = new Date(); final String operationId = request.getOperationId(); @@ -606,11 +592,6 @@ public OperationUserActionResponse rejectOperation(OperationRejectRequest reques @Transactional public OperationUserActionResponse failApprovalOperation(OperationFailApprovalRequest request) throws GenericServiceException { try { - final String error = OperationFailApprovalRequestValidator.validate(request); - if (error != null) { - throw new GenericServiceException(ServiceError.INVALID_REQUEST, error); - } - final Date currentTimestamp = new Date(); final String operationId = request.getOperationId(); @@ -697,11 +678,6 @@ public OperationUserActionResponse failApprovalOperation(OperationFailApprovalRe @Transactional public OperationDetailResponse cancelOperation(OperationCancelRequest request) throws GenericServiceException { try { - final String error = OperationCancelRequestValidator.validate(request); - if (error != null) { - throw new GenericServiceException(ServiceError.INVALID_REQUEST, error); - } - final Date currentTimestamp = new Date(); final String operationId = request.getOperationId(); @@ -758,11 +734,6 @@ public OperationDetailResponse cancelOperation(OperationCancelRequest request) t @Transactional // operation is modified when expiration happens public OperationDetailResponse operationDetail(OperationDetailRequest request) throws GenericServiceException { try { - final String error = OperationDetailRequestValidator.validate(request); - if (error != null) { - throw new GenericServiceException(ServiceError.INVALID_REQUEST, error); - } - final Date currentTimestamp = new Date(); final String operationId = request.getOperationId(); @@ -790,11 +761,6 @@ public OperationDetailResponse operationDetail(OperationDetailRequest request) t @Transactional // operation is modified when expiration happens public OperationDetailResponse operationClaim(OperationClaimRequest request) throws GenericServiceException { try { - final String error = OperationClaimRequestValidator.validate(request); - if (error != null) { - throw new GenericServiceException(ServiceError.INVALID_REQUEST, error); - } - final Date currentTimestamp = new Date(); final String operationId = request.getOperationId(); @@ -824,11 +790,6 @@ public OperationDetailResponse operationClaim(OperationClaimRequest request) thr @Transactional public OperationListResponse findAllOperationsForUser(final OperationListForUserRequest request) throws GenericServiceException { try { - final String error = OperationListForUserRequestValidator.validate(request); - if (error != null) { - throw new GenericServiceException(ServiceError.INVALID_REQUEST, error); - } - final Date currentTimestamp = new Date(); final OperationListRequest operationListRequest = convert(request); @@ -873,11 +834,6 @@ public OperationListResponse findAllOperationsForUser(final OperationListForUser @Transactional // operation is modified when expiration happens public OperationListResponse findPendingOperationsForUser(OperationListForUserRequest request) throws GenericServiceException { try { - final String error = OperationListForUserRequestValidator.validate(request); - if (error != null) { - throw new GenericServiceException(ServiceError.INVALID_REQUEST, error); - } - final OperationListRequest operationListRequest = convert(request); final Date currentTimestamp = new Date(); @@ -932,11 +888,6 @@ public OperationListResponse findPendingOperationsForUser(OperationListForUserRe @Transactional // operation is modified when expiration happens public OperationListResponse findOperationsByExternalId(OperationExtIdRequest request) throws GenericServiceException { try { - final String error = OperationExtIdRequestValidator.validate(request); - if (error != null) { - throw new GenericServiceException(ServiceError.INVALID_REQUEST, error); - } - final Date currentTimestamp = new Date(); final OperationListRequestWithExternalId requestWithExternalId = convert(request);