gowthaman/readymixerp_modules_api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add tamper protection

Browse Source
This commit is contained in:
gowthaman.b 2023-11-12 09:59:14 +05:30
parent bf0a9ccbc9
commit 4e0d5d0296
7 changed files with 66 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -42,4 +42,5 @@ bin/
.DS_Store .DS_Store
application.yaml application.yaml
initial-data.sql initial-data.sql
app.yaml
*.env.json *.env.json

14
app-sample.properties
View File

@ -1,14 +0,0 @@
app.port=9001
app.cors.enabled=true
app.cors.hosts=www.readymixerp.com,app.readymixerp.com
app.db.user=postgres
app.db.pass=postgres
app.db.url=jdbc:postgresql://192.168.64.6/modules_app
app.db.run_migration=true
app.db.seed_sql=initial-data.sql
app.iam.url=https://auth.compegence.com
app.iam.realm=forewarn-dev
app.iam.client=forewarn
app.iam.client_redirect_uri=http://localhost:9001/auth/code
app.cache.redis_uri=redis://127.0.0.1:6379/0
app.scripts.path=/Users/gowthaman.b/IdeaProjects/rmc_modules_api/src/main/resources/scripts

60
app-sample.yaml Normal file
View File

@ -0,0 +1,60 @@
#DO Not edit this file, copy to your HOME Directory and then rename it to app.yaml and then edit it
app:
db:
pass: postgres
url: jdbc:postgresql://192.168.64.6/modules_app
user: postgres
run_migration: 'true'
cors:
enabled: 'true'
hosts: www.readymixerp.com,app.readymixerp.com
port: '9001'
cache:
redis_uri: redis://127.0.0.1:6379/0
iam:
url: https://auth.compegence.com
realm: forewarn-dev
client_redirect_uri: http://localhost:9001/auth/code
client: forewarn
scripts:
path: /Users/gowthaman.b/IdeaProjects/rmc_modules_api/src/main/resources/scripts
security:
private_key: |-
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQD4ba8OhlyB9MUx
MFmT8c9sOKqXOG6ZM6qLxr5SnY1au47rYsHXt8Hb+tTUxpkf+5bndaZYGVgQ1mtw
eEVj3qZq9A+FnxxwZ9uIIdbOUPvsZLzNYnK3bFFRsmWMf30gDs6ZdS63b2tnXXE0
aoItwVguElUKVXKUymS0VlBB0ZLCYTlD6Q4sDm7HGXJZj5kVNVbBCBe42yLx8Y1F
TyNL8nPSS+SAdLUaPJ/6j+741+exAIOc0rSBJOMF0XNOwBZ85EuOiPa0e1sUz0qj
VfmZyeRFxkSWJBnqum1jrVFp55bMb37DYtZa0aFIcPdDfY42frDlPLcI4zzRwCn3
ggHL/nL9AgMBAAECggEAJ85sxu8zl8/l4EsG3M8EdVWidrGgUyRgDElFCiLcWVta
prqVJIt5YNYRJU5J5Jc2fRGxHPEOrJVW84IUsvskVQM/ZiHyd3ZvdaGKdFZYpO5t
VvGSlR53l0IhGxal24L+isCn7X+ec5pu6b8JQJX4RbBConHCTDdz/yDMzQcXiiqj
ezzSovZ1Xy/2dn7sOTFtEZi47d3AhBnjh8Xqk3Dc9UChooxuIU6WEbqWFxEkbzJS
sXIv9xADVDqFqjHGv6Tk1W+y7y8M2EHosJfhO0LmWFL7nUdw0WSJV+UqQxHrUSJs
SnYHkKRTYl2ljpjkuECp/YqUqdlNq/5T5jBE6cyopwKBgQD6+XGZfssdAqfnaEK2
nHdUAdklUFAFQpSmwIUwTZEHDC/CD+ErVjfbEfZ2mFOvWAIMwLmiLFuDT7E5sHaT
K4A2DQ8KyU3iJkH4nhxdYepLc7MSYElkn6fHNrXcJ9vPACmrtoa9rVW/LpAjsRq6
fDxLo12/+EmFvpZ0oEAIQXk6ZwKBgQD9ZzBgPapI8m7cjcdojqq0dJ2M5Sw7Bx5n
VFOC3H4Cx0xWTdwwZ9CZQ4v/XiiHiUGzwhfkNJ2x3DdpUCkPDD8o3cFXPRW4GsjD
kv/D0kL/JJAesG9XB9yMTMBoe2yGMudDVc7SYgUI2YXhmHYkpcjSzM0DftLL2Z47
GY1h385Q+wKBgGTRxe/Kfp+lzHtqZ7ph+pG1uFyD+dFTINIn7pkr38G8BIdpx6OY
HBIWEjMsGBoNOa2T0j6yoQSMA/7Pw6J1TCjqcAt+OJpLkh7krTJaPjuXO+163qDc
fhLKCJ5rKKLsRtEjHtedhR+q/d5IrBsUA0jDVMrkW+ytVlV9dpuaaa+rAoGASON8
m8JBD/iEAPbbK+0VlxCQHO3ymgwDJ8+usc6AhIYVJCIDOv0xmFRAmbTYzZuihXVH
8AFedsGUQrunA8gPBs86hMByVeGGbBMFdKsvUDqRJfK0JAGD4+tT0PnnjnZn5Qty
kTtWnWQMSYbUPNhe+pukQOQi+DXheLhx3XxF2S8CgYEAopLjGIR/xeuV7QkGJfCO
d2wEJROBPd3pbDlR4fLDO8RCw3irFYQgQd9WgGJY5KgyfjKLHkK7DMQKn+/yfUp5
UKeesBDXATpyQQrpfoKIhhZKtYphOwvIzugtLsd5sza++sjC9RwkRmYr0rzlHdUl
vtr3fru0Bzven2MeiQnqmCM=
-----END PRIVATE KEY-----
public_key: |-
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+G2vDoZcgfTFMTBZk/HP
bDiqlzhumTOqi8a+Up2NWruO62LB17fB2/rU1MaZH/uW53WmWBlYENZrcHhFY96m
avQPhZ8ccGfbiCHWzlD77GS8zWJyt2xRUbJljH99IA7OmXUut29rZ11xNGqCLcFY
LhJVClVylMpktFZQQdGSwmE5Q+kOLA5uxxlyWY+ZFTVWwQgXuNsi8fGNRU8jS/Jz
0kvkgHS1Gjyf+o/u+NfnsQCDnNK0gSTjBdFzTsAWfORLjoj2tHtbFM9Ko1X5mcnk
RcZEliQZ6rptY61RaeeWzG9+w2LWWtGhSHD3Q32ONn6w5Ty3COM80cAp94IBy/5y
/QIDAQAB
-----END PUBLIC KEY-----

2
build.gradle.kts
View File

@ -33,7 +33,9 @@ dependencies {
implementation("org.jetbrains.kotlin:kotlin-script-runtime:1.9.20") implementation("org.jetbrains.kotlin:kotlin-script-runtime:1.9.20")
implementation("org.bouncycastle:bcprov-jdk18on:1.76") implementation("org.bouncycastle:bcprov-jdk18on:1.76")
implementation("org.bouncycastle:bcpkix-jdk18on:1.76") implementation("org.bouncycastle:bcpkix-jdk18on:1.76")
implementation("org.yaml:snakeyaml:2.2")
api ("net.cactusthorn.config:config-core:0.81") api ("net.cactusthorn.config:config-core:0.81")
api ("net.cactusthorn.config:config-yaml:0.81")
kapt("net.cactusthorn.config:config-compiler:0.81") kapt("net.cactusthorn.config:config-compiler:0.81")
kapt("io.ebean:kotlin-querybean-generator:13.23.2") kapt("io.ebean:kotlin-querybean-generator:13.23.2")
} }

11
src/main/kotlin/com/restapi/config/AppConfig.kt
View File

@ -7,14 +7,8 @@ import net.cactusthorn.config.core.factory.ConfigFactory
import net.cactusthorn.config.core.loader.LoadStrategy import net.cactusthorn.config.core.loader.LoadStrategy
import java.util.Optional import java.util.Optional
const val INITIAL_ROLES_JSON = """{
"roles": []
}"""
@Config( @Config(
sources = [ sources = ["file:~/app.yaml", "system:env"],
"file:~/app.properties", "system:env"
],
loadStrategy = LoadStrategy.FIRST_KEYCASEINSENSITIVE loadStrategy = LoadStrategy.FIRST_KEYCASEINSENSITIVE
) )
interface AppConfig { interface AppConfig {
@ -46,9 +40,6 @@ interface AppConfig {
@Key("app.db.run_migration") @Key("app.db.run_migration")
fun dbRunMigration(): Boolean fun dbRunMigration(): Boolean
@Key("app.db.seed_sql")
fun seedSqlFile(): Optional<String>
@Key("app.iam.url") @Key("app.iam.url")
fun iamUrl(): String fun iamUrl(): String

5
src/main/kotlin/com/restapi/domain/db.kt
View File

@ -45,7 +45,7 @@ object Session {
//if not passed in ENV, then we shall generate and print //if not passed in ENV, then we shall generate and print
private fun makeRsaJsonWebKey(publicKey: String, privateKey: String): RsaJsonWebKey { private fun makeRsaJsonWebKey(publicKey: String, privateKey: String): RsaJsonWebKey {
logger.warn("making KeyPair from Config \n$publicKey\n\n$privateKey")
val newPublicKey = readPublicKey(publicKey) val newPublicKey = readPublicKey(publicKey)
val newPrivateKey = readPrivateKey(privateKey) val newPrivateKey = readPrivateKey(privateKey)
val rsa = PublicJsonWebKey.Factory.newPublicJwk(newPublicKey) as RsaJsonWebKey val rsa = PublicJsonWebKey.Factory.newPublicJwk(newPublicKey) as RsaJsonWebKey
@ -143,9 +143,6 @@ object Session {
setProperty("datasource.db.password", appConfig.dbPass()) setProperty("datasource.db.password", appConfig.dbPass())
setProperty("datasource.db.url", appConfig.dbUrl()) setProperty("datasource.db.url", appConfig.dbUrl())
setProperty("ebean.migration.run", appConfig.dbRunMigration().toString()) setProperty("ebean.migration.run", appConfig.dbRunMigration().toString())
if (appConfig.seedSqlFile().isPresent) {
setProperty("ebean.ddl.seedSql", appConfig.seedSqlFile().get())
}
}) })
tenantMode = TenantMode.PARTITION tenantMode = TenantMode.PARTITION
currentTenantProvider = CurrentTenantProvider { currentUser.get().tenant } currentTenantProvider = CurrentTenantProvider { currentUser.get().tenant }

5
src/main/resources/logback.xml
View File

@ -6,14 +6,11 @@
</appender> </appender>
<!-- SQL and bind values --> <!-- SQL and bind values -->
<logger name="io.ebean.SQL" level="TRACE"/> <logger name="io.ebean.SQL" level="INFO"/>
<!-- Transaction Commit and Rollback events --> <!-- Transaction Commit and Rollback events -->
<logger name="io.ebean.TXN" level="WARN"/> <logger name="io.ebean.TXN" level="WARN"/>
<logger name="io.ebean.SUM" level="WARN"/> <logger name="io.ebean.SUM" level="WARN"/>
<logger name="io.ebean.migration" level="TRACE"/>
<logger name="io.ebean.dbmigration" level="TRACE"/>
<logger name="io.ebean" level="TRACE"/>
<root level="info"> <root level="info">
<appender-ref ref="STDOUT" /> <appender-ref ref="STDOUT" />