gowthaman/readymixerp_modules_api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

start adding signature and encryption

Browse Source
This commit is contained in:
gowthaman.b
2023-11-12 08:25:52 +05:30
parent 1a22043cf2
commit 10813529f2
9 changed files with 254 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
src/main/kotlin/com/restapi/Main.kt
View File

@@ -3,11 +3,15 @@ package com.restapi
import AuthTokenResponse
import com.fasterxml.jackson.databind.JsonMappingException
import com.fasterxml.jackson.module.kotlin.readValue
import com.restapi.config.Action
import com.restapi.config.AppConfig.Companion.appConfig
import com.restapi.config.Auth.getAuthEndpoint
import com.restapi.config.Auth.parseAuthToken
import com.restapi.config.Auth.validateAuthToken
import com.restapi.config.Role
import com.restapi.config.Roles
import com.restapi.controllers.Entities
import com.restapi.domain.DataNotFoundException
import com.restapi.domain.Session
import com.restapi.domain.Session.objectMapper
import com.restapi.domain.Session.redis
import com.restapi.domain.Session.setAuthorizedUser
@@ -19,7 +23,6 @@ import io.javalin.http.*
import io.javalin.http.util.NaiveRateLimit
import io.javalin.http.util.RateLimitUtil
import io.javalin.json.JavalinJackson
import io.javalin.security.RouteRole
import org.jose4j.jwt.consumer.InvalidJwtException
import org.slf4j.LoggerFactory
import java.net.URI
@@ -34,6 +37,11 @@ import kotlin.jvm.optionals.getOrDefault
fun main(args: Array<String>) {
val logger = LoggerFactory.getLogger("api")
val adminRole = Role.Standard(Action.ADMIN)
val viewRole = Role.Standard(Action.VIEW)
val createRole = Role.Standard(Action.CREATE)
val updateRole = Role.Standard(Action.UPDATE)
val approveOrRejectRole = Role.Standard(Action.APPROVE)
//ratelimit based on IP Only
RateLimitUtil.keyFunction = { ctx -> ctx.header("X-Forwarded-For")?.split(",")?.get(0) ?: ctx.ip() }
@@ -58,6 +66,7 @@ fun main(args: Array<String>) {
.routes {
path("/auth") {
//for testing, development only
get("/init") {
val endpoint = getAuthEndpoint().authorizationEndpoint
@@ -110,18 +119,26 @@ fun main(args: Array<String>) {
?.replace("Bearer: ", "")
?.trim() ?: throw UnauthorizedResponse()
setAuthorizedUser(parseAuthToken(authToken = authToken))
setAuthorizedUser(validateAuthToken(authToken = authToken))
if(appConfig.enforcePayloadEncryption()){
//todo: decrypt the request from user
}
}
after("/api/*") {
it.header("X-Signature", Session.sign(it.body()))
if(appConfig.enforcePayloadEncryption()){
//todo:, encrypt and set the response back to user
}
}
val adminRole = Role.Standard(Action.ADMIN)
val viewRole = Role.Standard(Action.VIEW)
val createRole = Role.Standard(Action.CREATE)
val updateRole = Role.Standard(Action.UPDATE)
val approveOrRejectRole = Role.Standard(Action.APPROVE)
path("/api") {
post("/execute/{name}", Entities::executeStoredProcedure, Roles(adminRole, Role.DbOps))
post("/script/{name}", Entities::executeScript, Roles(adminRole, Role.DbOps))
post("/script/database/{name}", Entities::executeStoredProcedure, Roles(adminRole, Role.DbOps))
post("/script/{file}/{name}", Entities::executeScript, Roles(adminRole, Role.DbOps))
get("/{entity}/{id}", Entities::view, Roles(adminRole, viewRole))
post("/{entity}/query/{id}", Entities::sqlQueryById, Roles(adminRole, viewRole))
@@ -191,23 +208,10 @@ fun main(args: Array<String>) {
}
enum class Action {
CREATE, VIEW, UPDATE, DELETE, APPROVE, ADMIN
}
sealed class Role {
open class Standard(vararg val action: Action) : Role()
data object Entity : Role()
data object DbOps : Role()
}
open class Roles(vararg val roles: Role) : RouteRole
private fun getFormDataAsString(formData: Map<String, String>): String {
val formBodyBuilder = StringBuilder()
for ((key, value) in formData) {
if (formBodyBuilder.length > 0) {
if (formBodyBuilder.isNotEmpty()) {
formBodyBuilder.append("&")
}
formBodyBuilder.append(URLEncoder.encode(key, StandardCharsets.UTF_8))