diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 1eac41b..6925244 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -14,6 +14,4 @@ jobs:
uses: ./.github/workflows/maven.yaml
with:
maven-goal: package
- needs: security
-
-
+ needs: security
\ No newline at end of file
diff --git a/.snyk b/.snyk
index 259c5cc..fb2a71f 100644
--- a/.snyk
+++ b/.snyk
@@ -5,31 +5,31 @@ ignore:
SNYK-JAVA-ORGYAML-6056527:
- '*':
reason: None Given
- expires: 2024-06-07T14:31:51.386Z
+ expires: 2024-07-07T14:31:51.386Z
created: 2024-05-08T14:31:51.388Z
SNYK-JAVA-SOFTWAREAMAZONION-6153869:
- '*':
reason: None Given
- expires: 2024-06-07T14:34:11.840Z
+ expires: 2024-07-07T14:34:11.840Z
created: 2024-05-08T14:34:11.846Z
SNYK-JAVA-DOM4J-2812975:
- '*':
reason: None Given
- expires: 2024-06-07T14:38:10.419Z
+ expires: 2024-07-07T14:38:10.419Z
created: 2024-05-08T14:38:10.424Z
SNYK-JAVA-DOM4J-174153:
- '*':
reason: None Given
- expires: 2024-06-07T14:38:48.420Z
+ expires: 2024-07-07T14:38:48.420Z
created: 2024-05-08T14:38:48.425Z
SNYK-JAVA-ORGYAML-2806360:
- '*':
reason: None Given
- expires: 2024-06-07T14:51:31.152Z
+ expires: 2024-07-07T14:51:31.152Z
created: 2024-05-08T14:51:31.158Z
SNYK-JAVA-ORGYAML-537645:
- '*':
reason: None Given
- expires: 2024-06-30T15:24:50.162Z
+ expires: 2024-07-30T15:24:50.162Z
created: 2024-05-31T15:24:50.169Z
patch: {}
diff --git a/pom.xml b/pom.xml
index aedaa47..c329ac0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,8 +6,6 @@
vol-api-calls
2.4.1-SNAPSHOT
-
-
2.2.1
@@ -18,6 +16,8 @@
5.3.1
3.8.1
https://maven.pkg.github.com/dvsa/vol-api-calls
+ 1.12.610
+ 1.12.610
@@ -108,5 +108,15 @@
snakeyaml
2.2
+
+ com.amazonaws
+ aws-java-sdk-secretsmanager
+ ${aws-secrets-manager.version}
+
+
+ com.amazonaws
+ aws-java-sdk
+ ${aws-java-sdk-s3.version}
+
diff --git a/src/main/java/apiCalls/Utils/generic/BaseAPI.java b/src/main/java/apiCalls/Utils/generic/BaseAPI.java
index 5bf1c94..90f477b 100644
--- a/src/main/java/apiCalls/Utils/generic/BaseAPI.java
+++ b/src/main/java/apiCalls/Utils/generic/BaseAPI.java
@@ -11,11 +11,20 @@
public class BaseAPI extends Token {
protected static EnvironmentType env = EnvironmentType.getEnum(Properties.get("env", true));
+ protected SecretsManager secrets;
+
+
+ public BaseAPI() {
+ secrets= new SecretsManager();
+ }
+
static Headers headers = new Headers();
public synchronized String adminJWT() throws HttpException {
+ String adminUser =secrets.getSecret("adminUser");
+ String adminPassword = secrets.getSecret("adminPassword");
if(getAdminToken() == null){
- generateAdminToken();
+ generateAdminToken(adminUser, adminPassword);
}
return getAdminToken();
}
diff --git a/src/main/java/apiCalls/Utils/generic/SecretsManager.java b/src/main/java/apiCalls/Utils/generic/SecretsManager.java
new file mode 100644
index 0000000..76df58b
--- /dev/null
+++ b/src/main/java/apiCalls/Utils/generic/SecretsManager.java
@@ -0,0 +1,55 @@
+package apiCalls.Utils.generic;
+
+import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
+import com.amazonaws.regions.Regions;
+import com.amazonaws.services.secretsmanager.AWSSecretsManager;
+import com.amazonaws.services.secretsmanager.AWSSecretsManagerClientBuilder;
+import com.amazonaws.services.secretsmanager.model.*;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+import org.json.JSONObject;
+
+public class SecretsManager {
+
+ public static String secretsId = "OLCS-DEVAPPCI-DEVCI-BATCHTESTRUNNER-MAIN-APPLICATION";
+
+ private static final Logger LOGGER = LogManager.getLogger(SecretsManager.class);
+
+ public static AWSSecretsManager awsClientSetup(){
+ Regions region = Regions.EU_WEST_1;
+ return AWSSecretsManagerClientBuilder
+ .standard()
+ .withCredentials(new DefaultAWSCredentialsProviderChain())
+ .withRegion(region)
+ .build();
+ }
+
+ public static String getSecret(String secretKey) {
+ String secret = null;
+
+ GetSecretValueRequest getSecretValueRequest = new GetSecretValueRequest()
+ .withSecretId(secretsId);
+ GetSecretValueResult getSecretValueResult = null;
+
+ try {
+ getSecretValueResult = awsClientSetup().getSecretValue(getSecretValueRequest);
+
+ } catch (ResourceNotFoundException e) {
+ LOGGER.info("The requested secret " + secretKey + " was not found");
+ } catch (InvalidRequestException e) {
+ LOGGER.info("The request was invalid due to: " + e.getMessage());
+ } catch (InvalidParameterException e) {
+ LOGGER.info("The request had invalid params: " + e.getMessage());
+ }
+
+ assert getSecretValueResult != null;
+
+ if (getSecretValueResult != null && getSecretValueResult.getSecretString() != null) {
+ secret = getSecretValueResult.getSecretString();
+ JSONObject jsonObject = new JSONObject(secret);
+ secret = jsonObject.getString(secretKey);
+ }
+ return secret;
+ }
+
+}
\ No newline at end of file
diff --git a/src/main/java/apiCalls/actions/Token.java b/src/main/java/apiCalls/actions/Token.java
index 980021f..7072ad2 100644
--- a/src/main/java/apiCalls/actions/Token.java
+++ b/src/main/java/apiCalls/actions/Token.java
@@ -15,14 +15,16 @@
public class Token {
private String adminToken;
+
EnvironmentType env = EnvironmentType.getEnum(Properties.get("env", true));
HashMap header = new HashMap<>();
TokenRequestBuilder tokenBody = new TokenRequestBuilder();
+
- public synchronized String generateAdminToken() throws HttpException {
+ public synchronized String generateAdminToken(String adminUser, String adminPassword) throws HttpException {
String adminToken = null;
if (getAdminToken() == null) {
- adminToken = getToken(Utils.config.getString("adminUser"), Utils.config.getString("adminPassword"), UserType.INTERNAL.asString());
+ adminToken = getToken(adminUser, adminPassword, UserType.INTERNAL.asString());
setToken(adminToken);
}
return adminToken;
diff --git a/src/main/java/apiCalls/eupaActions/BaseAPI.java b/src/main/java/apiCalls/eupaActions/BaseAPI.java
index 39a4dea..f9b6778 100644
--- a/src/main/java/apiCalls/eupaActions/BaseAPI.java
+++ b/src/main/java/apiCalls/eupaActions/BaseAPI.java
@@ -1,6 +1,7 @@
package apiCalls.eupaActions;
import activesupport.system.Properties;
+import apiCalls.Utils.generic.SecretsManager;
import apiCalls.Utils.generic.Utils;
import apiCalls.actions.Token;
import apiCalls.enums.UserRoles;
@@ -18,12 +19,13 @@
public abstract class BaseAPI {
private static final Map headers = new HashMap<>();
-
+ protected static SecretsManager secrets;
static {
+ secrets = new SecretsManager();
Token token = new Token();
URL.build(EnvironmentType.getEnum(Properties.get("env", true)));
try {
- setHeader( "Authorization", "Bearer " + token.getToken(Utils.config.getString("adminUser"), Utils.config.getString("adminPassword"), UserRoles.INTERNAL.asString()));
+ setHeader( "Authorization", "Bearer " + token.getToken(SecretsManager.getSecret("adminUser"), SecretsManager.getSecret("adminPassword"), UserRoles.INTERNAL.asString()));
} catch (HttpException e) {
throw new RuntimeException(e);
}
diff --git a/src/main/java/apiCalls/eupaActions/external/UserAPI.java b/src/main/java/apiCalls/eupaActions/external/UserAPI.java
index 38222c8..74f24c9 100644
--- a/src/main/java/apiCalls/eupaActions/external/UserAPI.java
+++ b/src/main/java/apiCalls/eupaActions/external/UserAPI.java
@@ -31,7 +31,7 @@ public class UserAPI extends BaseAPI {
*/
public static PersonModel register(@NotNull UserRegistrationDetailsModel userRegistrationDetailsModel) throws HttpException {
Token accessToken = new Token();
- BaseAPI.setHeader("Authorization", "Bearer " + accessToken.getToken(Utils.config.getString("adminUser"), Utils.config.getString("adminPassword"), UserRoles.INTERNAL.asString()));
+ BaseAPI.setHeader("Authorization", "Bearer " + accessToken.getToken(secrets.getSecret("adminUser"), secrets.getSecret("adminPassword"), UserRoles.INTERNAL.asString()));
URL.build(EnvironmentType.getEnum(Properties.get("env", true)), baseResource + "register");
int maxTries = 5;
@@ -71,7 +71,7 @@ public static PersonModel register(@NotNull UserRegistrationDetailsModel userReg
* @return the information associated with the person passed in as an argument.
*/
public static UserModel get(@NotNull PersonModel personModel) {
- BaseAPI.getHeaders().put("x-pid", Utils.config.getString("apiHeader"));
+ BaseAPI.getHeaders().put("x-pid", secrets.getSecret("apiHeader"));
URL.build(EnvironmentType.getEnum(Properties.get("env", true)), baseResource + personModel.getUserId());
response = RestUtils.get(String.valueOf(URL.getURL()), getHeaders());
diff --git a/src/main/java/apiCalls/eupaActions/internal/CaseWorkerAPI.java b/src/main/java/apiCalls/eupaActions/internal/CaseWorkerAPI.java
index 57413dc..b56c2b5 100644
--- a/src/main/java/apiCalls/eupaActions/internal/CaseWorkerAPI.java
+++ b/src/main/java/apiCalls/eupaActions/internal/CaseWorkerAPI.java
@@ -22,7 +22,7 @@ public class CaseWorkerAPI extends BaseAPI {
private static Token accessToken = new Token();
public static void overview(@NotNull OverviewModel overview) throws HttpException {
- updateHeader("Authorization", "Bearer " + accessToken.getToken(Utils.config.getString("adminUser"), Utils.config.getString("adminPassword"), UserRoles.INTERNAL.asString()));
+ updateHeader("Authorization", "Bearer " + accessToken.getToken(secrets.getSecret("adminUser"), secrets.getSecret("adminPassword"), UserRoles.INTERNAL.asString()));
URL.build(EnvironmentType.getEnum(Properties.get("env", true)), String.format("application/%s/overview/", overview.getApplicationId()));
int version = 1;
@@ -43,7 +43,7 @@ public static void overview(@NotNull OverviewModel overview) throws HttpExceptio
}
public static StandardResponseModel grantApplication(@NotNull GrantApplicationModel grantApplication) throws HttpException {
- updateHeader( "Authorization", "Bearer " + accessToken.getToken(Utils.config.getString("adminUser"), Utils.config.getString("adminPassword"), UserRoles.INTERNAL.asString()));
+ updateHeader( "Authorization", "Bearer " + accessToken.getToken(secrets.getSecret("adminUser"), secrets.getSecret("adminPassword"), UserRoles.INTERNAL.asString()));
URL.build(EnvironmentType.getEnum(Properties.get("env", true)), String.format("application/%s/grant/", grantApplication.getId()));
response = RestUtils.put(grantApplication, String.valueOf(URL.getURL()), getHeaders());
diff --git a/src/main/java/apiCalls/eupaActions/internal/IrhpPermitStockAPI.java b/src/main/java/apiCalls/eupaActions/internal/IrhpPermitStockAPI.java
index 3d7bfd6..4bbee9f 100644
--- a/src/main/java/apiCalls/eupaActions/internal/IrhpPermitStockAPI.java
+++ b/src/main/java/apiCalls/eupaActions/internal/IrhpPermitStockAPI.java
@@ -19,7 +19,7 @@ public class IrhpPermitStockAPI extends BaseAPI {
public static AvailableCountriesModel availableCountries() throws HttpException {
Token accessToken = new Token();
- updateHeader( "Authorization", "Bearer " + accessToken.getToken(Utils.config.getString("adminUser"), Utils.config.getString("adminPassword"), UserRoles.INTERNAL.asString()));
+ updateHeader( "Authorization", "Bearer " + accessToken.getToken(secrets.getSecret("adminUser"), secrets.getSecret("adminPassword"), UserRoles.INTERNAL.asString()));
URL.build(EnvironmentType.getEnum(Properties.get("env", true)), baseResource.concat("available-countries/?dto=Dvsa%5COlcs%5CTransfer%5CQuery%5CIrhpPermitStock%5CAvailableCountries"));
diff --git a/src/main/java/apiCalls/eupaActions/internal/IrhpPermitWindowAPI.java b/src/main/java/apiCalls/eupaActions/internal/IrhpPermitWindowAPI.java
index 457070e..358e371 100644
--- a/src/main/java/apiCalls/eupaActions/internal/IrhpPermitWindowAPI.java
+++ b/src/main/java/apiCalls/eupaActions/internal/IrhpPermitWindowAPI.java
@@ -4,6 +4,7 @@
import activesupport.system.Properties;
import apiCalls.Utils.eupaBuilders.internal.irhp.permit.stock.OpenByCountryModel;
import apiCalls.Utils.generic.Headers;
+import apiCalls.Utils.generic.SecretsManager;
import apiCalls.Utils.generic.Utils;
import apiCalls.actions.Token;
import apiCalls.enums.UserRoles;
@@ -25,7 +26,7 @@ public class IrhpPermitWindowAPI {
public static OpenByCountryModel openByCountry(String[] countryIds) throws HttpException {
Token accessToken = new Token();
- apiHeaders.apiHeader.put( "Authorization", "Bearer " + accessToken.getToken(Utils.config.getString("adminUser"), Utils.config.getString("adminPassword"), UserRoles.INTERNAL.asString()));
+ apiHeaders.apiHeader.put( "Authorization", "Bearer " + accessToken.getToken(SecretsManager.getSecret("adminUser"), SecretsManager.getSecret("adminPassword"), UserRoles.INTERNAL.asString()));
String openCountries = URL.build(env,"irhp-permit-window/open-by-country").toString();
Map map = new HashMap<>();
diff --git a/src/main/java/apiCalls/eupaActions/internal/LicenceAPI.java b/src/main/java/apiCalls/eupaActions/internal/LicenceAPI.java
index 1005527..f49a766 100644
--- a/src/main/java/apiCalls/eupaActions/internal/LicenceAPI.java
+++ b/src/main/java/apiCalls/eupaActions/internal/LicenceAPI.java
@@ -19,7 +19,7 @@ public class LicenceAPI extends BaseAPI {
public static String licenceNumber(@NotNull String licenceId) throws HttpException {
Token accessToken = new Token();
- updateHeader( "Authorization", "Bearer " + accessToken.getToken(Utils.config.getString("adminUser"), Utils.config.getString("adminPassword"), UserRoles.INTERNAL.asString()));
+ updateHeader( "Authorization", "Bearer " + accessToken.getToken(secrets.getSecret("adminUser"), secrets.getSecret("adminPassword"), UserRoles.INTERNAL.asString()));
String env = Properties.get("env", true);
URL.build(EnvironmentType.getEnum(env), baseResource.concat(licenceId));