Merge pull request #889 from /issues/888-backport

Fix #888: Backport configurable TPP app access token expiration and status endpoint
wultra · Sep 30, 2020 · 54316e0 · 54316e0
2 parents b5e3636 + 83fcd93
commit 54316e0
Show file tree

Hide file tree

Showing 5 changed files with 313 additions and 4 deletions.
diff --git a/...ava/io/getlime/security/powerauth/app/tppengine/model/response/ServiceStatusResponse.java b/...ava/io/getlime/security/powerauth/app/tppengine/model/response/ServiceStatusResponse.java
@@ -0,0 +1,130 @@
+/*
+ * Copyright 2020 Wultra s.r.o.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.getlime.security.powerauth.app.tppengine.model.response;
+
+import java.util.Date;
+
+/**
+ * Response object for a system status call.
+ *
+ * @author Roman Strobl, [email protected]
+ */
+public class ServiceStatusResponse {
+
+    private String applicationName;
+    private String applicationDisplayName;
+    private String applicationEnvironment;
+    private String version;
+    private Date buildTime;
+    private Date timestamp;
+
+    /**
+     * Get the application name.
+     * @return Application name.
+     */
+    public String getApplicationName() {
+        return applicationName;
+    }
+
+    /**
+     * Set the application name.
+     * @param applicationName Application name.
+     */
+    public void setApplicationName(String applicationName) {
+        this.applicationName = applicationName;
+    }
+
+    /**
+     * Get the application display name.
+     * @return Application display name.
+     */
+    public String getApplicationDisplayName() {
+        return applicationDisplayName;
+    }
+
+    /**
+     * Set the application display name.
+     * @param applicationDisplayName Application display name.
+     */
+    public void setApplicationDisplayName(String applicationDisplayName) {
+        this.applicationDisplayName = applicationDisplayName;
+    }
+
+    /**
+     * Get application environment name.
+     * @return Environment name.
+     */
+    public String getApplicationEnvironment() {
+        return applicationEnvironment;
+    }
+
+    /**
+     * Set application environment name.
+     * @param applicationEnvironment Environment name.
+     */
+    public void setApplicationEnvironment(String applicationEnvironment) {
+        this.applicationEnvironment = applicationEnvironment;
+    }
+
+    /**
+     * Get version.
+     * @return version.
+     */
+    public String getVersion() {
+        return version;
+    }
+
+    /**
+     * Set version.
+     * @param version Version.
+     */
+    public void setVersion(String version) {
+        this.version = version;
+    }
+
+    /**
+     * Get build time.
+     * @return Build time.
+     */
+    public Date getBuildTime() {
+        return buildTime;
+    }
+
+    /**
+     * Set build time.
+     * @param buildTime Build time.
+     */
+    public void setBuildTime(Date buildTime) {
+        this.buildTime = buildTime;
+    }
+
+    /**
+     * Get current timestamp.
+     * @return Timestamp.
+     */
+    public Date getTimestamp() {
+        return timestamp;
+    }
+
+    /**
+     * Set current timestamp.
+     * @param timestamp Timestamp.
+     */
+    public void setTimestamp(Date timestamp) {
+        this.timestamp = timestamp;
+    }
+}
diff --git a/...ava/io/getlime/security/powerauth/app/tppengine/configuration/TppEngineConfiguration.java b/...ava/io/getlime/security/powerauth/app/tppengine/configuration/TppEngineConfiguration.java
@@ -0,0 +1,91 @@
+/*
+ * Copyright 2020 Wultra s.r.o.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.getlime.security.powerauth.app.tppengine.configuration;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * Configuration for the TPP Engine application.
+ *
+ * @author Roman Strobl, [email protected]
+ */
+@Configuration
+@ConfigurationProperties("ext")
+@ComponentScan(basePackages = {"io.getlime.security.powerauth"})
+public class TppEngineConfiguration {
+
+    /**
+     * Application name.
+     */
+    @Value("${powerauth.tppEngine.service.applicationName}")
+    private String applicationName;
+
+    /**
+     * Application display name.
+     */
+    @Value("${powerauth.tppEngine.service.applicationDisplayName}")
+    private String applicationDisplayName;
+
+    /**
+     * Application environment.
+     */
+    @Value("${powerauth.tppEngine.service.applicationEnvironment}")
+    private String applicationEnvironment;
+
+    /**
+     * When a new app is created in TPP engine, this value is set as the default
+     * access token validity in seconds.
+     */
+    @Value("${powerauth.tppEngine.service.oauth2.defaultAccessTokenValidityInSeconds}")
+    private Long defaultAccessTokenValidityInSeconds;
+
+    /**
+     * Get application name.
+     * @return Application name.
+     */
+    public String getApplicationName() {
+        return applicationName;
+    }
+
+    /**
+     * Get application display name.
+     * @return Application display name.
+     */
+    public String getApplicationDisplayName() {
+        return applicationDisplayName;
+    }
+
+    /**
+     * Get application environment.
+     * @return Application environment.
+     */
+    public String getApplicationEnvironment() {
+        return applicationEnvironment;
+    }
+
+    /**
+     * Get default app access token validity in seconds.
+     * @return Access token validity in seconds.
+     */
+    public Long getDefaultAccessTokenValidityInSeconds() {
+        return defaultAccessTokenValidityInSeconds;
+    }
+
+}
diff --git a/...c/main/java/io/getlime/security/powerauth/app/tppengine/controller/ServiceController.java b/...c/main/java/io/getlime/security/powerauth/app/tppengine/controller/ServiceController.java
@@ -0,0 +1,84 @@
+/*
+ * Copyright 2020 Wultra s.r.o.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.getlime.security.powerauth.app.tppengine.controller;
+
+import io.getlime.core.rest.model.base.response.ObjectResponse;
+import io.getlime.security.powerauth.app.tppengine.configuration.TppEngineConfiguration;
+import io.getlime.security.powerauth.app.tppengine.model.response.ServiceStatusResponse;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.info.BuildProperties;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+import java.util.Date;
+
+/**
+ * Class representing controller used for service and maintenance purpose.
+ *
+ * @author Roman Strobl, [email protected]
+ */
+@Controller
+@RequestMapping(value = "/api/service")
+public class ServiceController {
+
+    private final Logger logger = LoggerFactory.getLogger(ServiceController.class);
+
+    private final TppEngineConfiguration tppEngineConfiguration;
+    private BuildProperties buildProperties;
+
+    /**
+     * Service constructor.
+     * @param tppEngineConfiguration Web Flow server configuration.
+     */
+    @Autowired
+    public ServiceController(TppEngineConfiguration tppEngineConfiguration) {
+        this.tppEngineConfiguration = tppEngineConfiguration;
+    }
+
+    /**
+     * Set build information.
+     * @param buildProperties Build properties.
+     */
+    @Autowired(required = false)
+    public void setBuildProperties(BuildProperties buildProperties) {
+        this.buildProperties = buildProperties;
+    }
+
+    /**
+     * Controller resource with system information.
+     * @return System status info.
+     */
+    @RequestMapping(value = "status", method = RequestMethod.GET)
+    public @ResponseBody ObjectResponse<ServiceStatusResponse> getServiceStatus() {
+        logger.info("Received getServiceStatus request");
+        ServiceStatusResponse response = new ServiceStatusResponse();
+        response.setApplicationName(tppEngineConfiguration.getApplicationName());
+        response.setApplicationDisplayName(tppEngineConfiguration.getApplicationDisplayName());
+        response.setApplicationEnvironment(tppEngineConfiguration.getApplicationEnvironment());
+        if (buildProperties != null) {
+            response.setVersion(buildProperties.getVersion());
+            response.setBuildTime(Date.from(buildProperties.getTime()));
+        }
+        response.setTimestamp(new Date());
+        logger.debug("The getServiceStatus request succeeded");
+        return new ObjectResponse<>(response);
+    }
+}
diff --git a/...-engine/src/main/java/io/getlime/security/powerauth/app/tppengine/service/TppService.java b/...-engine/src/main/java/io/getlime/security/powerauth/app/tppengine/service/TppService.java
@@ -16,6 +16,7 @@
 
 package io.getlime.security.powerauth.app.tppengine.service;
 
+import io.getlime.security.powerauth.app.tppengine.configuration.TppEngineConfiguration;
 import io.getlime.security.powerauth.app.tppengine.converter.TppAppConverter;
 import io.getlime.security.powerauth.app.tppengine.errorhandling.exception.TppAppNotFoundException;
 import io.getlime.security.powerauth.app.tppengine.errorhandling.exception.TppNotFoundException;
@@ -44,17 +45,17 @@
 @Service
 public class TppService {
 
-    private static final Long OAUTH_ACCESS_TOKEN_VALIDITY = 15 * 60L;
-
     private final TppRepository tppRepository;
     private final TppAppDetailRepository appDetailRepository;
+    private final TppEngineConfiguration tppEngineConfiguration;
     private final OAuthClientDetailsRepository clientDetailsRepository;
     private final OAuthAccessTokenRepository accessTokenRepository;
 
     @Autowired
-    public TppService(TppRepository tppRepository, TppAppDetailRepository appDetailRepository, OAuthClientDetailsRepository clientDetailsRepository, OAuthAccessTokenRepository accessTokenRepository) {
+    public TppService(TppRepository tppRepository, TppAppDetailRepository appDetailRepository, TppEngineConfiguration tppEngineConfiguration, OAuthClientDetailsRepository clientDetailsRepository, OAuthAccessTokenRepository accessTokenRepository) {
         this.tppRepository = tppRepository;
         this.appDetailRepository = appDetailRepository;
+        this.tppEngineConfiguration = tppEngineConfiguration;
         this.clientDetailsRepository = clientDetailsRepository;
         this.accessTokenRepository = accessTokenRepository;
     }
@@ -198,7 +199,7 @@ public TppAppDetailResponse createApp(CreateTppAppRequest request) throws Unable
         oAuthClientDetailsEntity.setAuthorizedGrantTypes("authorization_code");
         oAuthClientDetailsEntity.setWebServerRedirectUri(redirectUris);
         oAuthClientDetailsEntity.setScope(scopes);
-        oAuthClientDetailsEntity.setAccessTokenValidity(OAUTH_ACCESS_TOKEN_VALIDITY);
+        oAuthClientDetailsEntity.setAccessTokenValidity(tppEngineConfiguration.getDefaultAccessTokenValidityInSeconds());
         oAuthClientDetailsEntity.setAdditionalInformation("{}");
         oAuthClientDetailsEntity.setAutoapprove("true");
         clientDetailsRepository.save(oAuthClientDetailsEntity);

diff --git a/powerauth-tpp-engine/src/main/resources/application.properties b/powerauth-tpp-engine/src/main/resources/application.properties
@@ -31,6 +31,9 @@ powerauth.tppEngine.service.applicationName=powerauth-tpp-engine
 powerauth.tppEngine.service.applicationDisplayName=PowerAuth Web Flow 3rd Party and Consent Engine
 powerauth.tppEngine.service.applicationEnvironment=
 
+# TPP Engine Configuration
+powerauth.tppEngine.service.oauth2.defaultAccessTokenValidityInSeconds=300
+
 # Disable new Hibernate ID generators
 spring.jpa.hibernate.use-new-id-generator-mappings=false