From d680fd7bb84433431fcec1c97dbf710f27ac113b Mon Sep 17 00:00:00 2001 From: hongwei1 Date: Mon, 10 Sep 2018 13:41:34 +0200 Subject: [PATCH] merge back some commits --- README.md | 16 +++++++++++++--- release_notes.md | 2 +- .../scala/code/api/v3_0_0/APIMethods300.scala | 2 +- .../scala/code/api/v3_1_0/APIMethods310.scala | 4 ++-- .../KafkaMappedConnector_vJune2017.scala | 14 ++++++-------- src/main/scala/code/kafka/KafkaConfig.scala | 3 ++- .../scala/code/kafka/kafkaStreamsHelper.scala | 4 ++-- 7 files changed, 27 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index 70f6cfafc..7797a35df 100644 --- a/README.md +++ b/README.md @@ -355,12 +355,11 @@ The Encrypt/Decrypt workflow is : 1st, 2nd and 3rd step can be done using an external tool - -####Encrypting props values with openssl on the commandline +### Encrypting props values with openssl on the commandline 1. Export the public certificate from the keystore: - `keytool -export -/PATH/TO/KEYSTORE.jks -alias CERTIFICATE_ALIAS -rfc -file apipub.cert` + `keytool -export -keystore /PATH/TO/KEYSTORE.jks -alias CERTIFICATE_ALIAS -rfc -file apipub.cert` 2. Extract the public key from the public certificate `openssl x509 -pubkey -noout -in apipub.cert > PUBKEY.pub` @@ -371,6 +370,17 @@ The Encrypt/Decrypt workflow is : echo -n $2 |openssl pkeyutl -pkeyopt rsa_padding_mode:pkcs1 -encrypt -pubin -inkey $1 -out >(base64) ``` +## Using jetty password obfuscation with props file + +You can obfuscate passwords in the props file the same way as for jetty: + +1. Create the obfuscated value as described here: https://www.eclipse.org/jetty/documentation/9.3.x/configuring-security-secure-passwords.html + +2. A props key value, XXX, is considered obfuscated if has an obfuscation property (XXX.is_obfuscated) in addition to the regular props key name in the props file e.g: + + * db.url.is_obfuscated=true + * db.url=OBF:fdsafdsakwaetcetcetc + ## Code Generation We support to generate the OBP-API code from the following two types of json. You can choose one of them as your own requirements. diff --git a/release_notes.md b/release_notes.md index 81bf3bc71..c0634db00 100644 --- a/release_notes.md +++ b/release_notes.md @@ -4,10 +4,10 @@ ``` Date Commit Action +07/07/2018 4944572 Added Props api_instance_id, default is 1. This deceides the current api instance number, start from 1. 29/06/2018 7422894 Added Props logging.database.queries.enable, default is false. This should enable logging all the database queries in log file. 01/06/2018 a286684 Added Props write_connector_metrics, default is false. This decides whether the connector level metric save or not 29/05/2018 c0d50b5 Added Props kafka.partitions, default is 3. This should match the partitions in Kafka config -29/05/2018 c0d50b5 Added Props kafka.client.id, default is false.This is a unique id for each api instance. Must set it manully in props 08/05/2018 38e8641 Added Props require_scopes, default is false. Api will not use the scope role guards. 02/03/2018 6f9ad08 Added Props documented_server_url which is required for some glossary items 19/02/2018 Added possibility of Encryption/Decryption of properties in the props file over SSL Private/Public key infrastructure diff --git a/src/main/scala/code/api/v3_0_0/APIMethods300.scala b/src/main/scala/code/api/v3_0_0/APIMethods300.scala index ee24518c7..8dc890f31 100644 --- a/src/main/scala/code/api/v3_0_0/APIMethods300.scala +++ b/src/main/scala/code/api/v3_0_0/APIMethods300.scala @@ -1028,7 +1028,7 @@ trait APIMethods300 { _ => for { _ <- Bank(bankId) ?~! BankNotFound - ai: InboundAdapterInfoInternal <- Connector.connector.vend.getAdapterInfo() ?~ "Not implemented" + ai: InboundAdapterInfoInternal <- Connector.connector.vend.getAdapterInfo() ?~ s"$ConnectorEmptyResponse or not implemented for this instance " } yield { successJsonResponseNewStyle(createAdapterInfoJson(ai), None) diff --git a/src/main/scala/code/api/v3_1_0/APIMethods310.scala b/src/main/scala/code/api/v3_1_0/APIMethods310.scala index 458a3f919..f268b01d6 100644 --- a/src/main/scala/code/api/v3_1_0/APIMethods310.scala +++ b/src/main/scala/code/api/v3_1_0/APIMethods310.scala @@ -61,7 +61,7 @@ trait APIMethods310 { view <- NewStyle.function.view(viewId, BankIdAccountId(account.bankId, account.accountId), callContext) //TODO need error handling here - checkbookOrders <- Connector.connector.vend.getCheckbookOrdersFuture(bankId.value,accountId.value, Some(cc)) map { + checkbookOrders <- Connector.connector.vend.getCheckbookOrdersFuture(bankId.value,accountId.value, callContext) map { unboxFullOrFail(_, callContext, InvalidConnectorResponseForGetCheckbookOrdersFuture, 400) } } yield @@ -98,7 +98,7 @@ trait APIMethods310 { view <- NewStyle.function.view(viewId, BankIdAccountId(account.bankId, account.accountId), callContext) //TODO need error handling here - checkbookOrders <- Connector.connector.vend.getStatusOfCreditCardOrderFuture(bankId.value,accountId.value, Some(cc)) map { + checkbookOrders <- Connector.connector.vend.getStatusOfCreditCardOrderFuture(bankId.value,accountId.value, callContext) map { unboxFullOrFail(_, callContext, InvalidConnectorResponseForGetStatusOfCreditCardOrderFuture, 400) } diff --git a/src/main/scala/code/bankconnectors/vJune2017/KafkaMappedConnector_vJune2017.scala b/src/main/scala/code/bankconnectors/vJune2017/KafkaMappedConnector_vJune2017.scala index 86d953a45..b6e697364 100644 --- a/src/main/scala/code/bankconnectors/vJune2017/KafkaMappedConnector_vJune2017.scala +++ b/src/main/scala/code/bankconnectors/vJune2017/KafkaMappedConnector_vJune2017.scala @@ -164,8 +164,6 @@ trait KafkaMappedConnector_vJune2017 extends Connector with KafkaHelper with Mdc Full(list) case Full(list) if (list.errorCode!="") => Failure("INTERNAL-"+ list.errorCode+". + CoreBank-Status:"+ list.backendMessages) - case Empty => - Failure(ErrorMessages.ConnectorEmptyResponse) case Failure(msg, e, c) => Failure(msg, e, c) case _ => @@ -574,12 +572,12 @@ trait KafkaMappedConnector_vJune2017 extends Connector with KafkaHelper with Mdc logger.debug(s"Kafka getBankAccounts says res is $future") future map { - case (List(), status) => - Failure(ErrorMessages.ConnectorEmptyResponse, Empty, Empty) case (data, status) if (status.errorCode=="") => Full(data) case (data, status) if (status.errorCode!="") => Failure("INTERNAL-"+ status.errorCode+". + CoreBank-Status:"+ status.backendMessages) + case (List(), status) => + Failure(ErrorMessages.ConnectorEmptyResponse, Empty, Empty) case _ => Failure(ErrorMessages.UnknownError) } @@ -794,12 +792,12 @@ trait KafkaMappedConnector_vJune2017 extends Connector with KafkaHelper with Mdc logger.debug(s"Kafka getCoreBankAccountsFuture says res is $future") future map { - case List() => - Failure(ErrorMessages.ConnectorEmptyResponse, Empty, Empty) case list if (list.head.errorCode=="") => Full(list.map( x => CoreAccount(x.id,x.label,x.bankId,x.accountType, x.accountRoutings))) case list if (list.head.errorCode!="") => Failure("INTERNAL-"+ list.head.errorCode+". + CoreBank-Status:"+ list.head.backendMessages) + case List() => + Failure(ErrorMessages.ConnectorEmptyResponse, Empty, Empty) case _ => Failure(ErrorMessages.UnknownError) } @@ -1597,12 +1595,12 @@ trait KafkaMappedConnector_vJune2017 extends Connector with KafkaHelper with Mdc logger.debug(s"Kafka getCustomersByUserIdFuture Res says: is: $future") val res = future map { - case (List(),status) => - Failure(ErrorMessages.ConnectorEmptyResponse, Empty, Empty) case (list, status) if (status.errorCode=="") => Full(list) case (list, status) if (status.errorCode!="") => Failure("INTERNAL-"+ status.errorCode+". + CoreBank-Status:" + status.backendMessages) + case (List(),status) => + Failure(ErrorMessages.ConnectorEmptyResponse, Empty, Empty) case _ => Failure(ErrorMessages.UnknownError) } diff --git a/src/main/scala/code/kafka/KafkaConfig.scala b/src/main/scala/code/kafka/KafkaConfig.scala index 8ece88ab2..a0349ce9b 100644 --- a/src/main/scala/code/kafka/KafkaConfig.scala +++ b/src/main/scala/code/kafka/KafkaConfig.scala @@ -10,9 +10,10 @@ trait KafkaConfig { val bootstrapServers = APIUtil.getPropsValue("kafka.bootstrap_hosts")openOr("localhost:9092") val groupId = APIUtil.getPropsValue("kafka.group.id").openOr("obp-api") - val clientId = APIUtil.getPropsValue("kafka.client.id").openOrThrowException(s"${ErrorMessages.MissingPropsValueAtThisInstance} kafka.client.id") + val numberOfApiInstances = APIUtil.getPropsAsIntValue("api_instance_id").openOrThrowException(s"${ErrorMessages.MissingPropsValueAtThisInstance} number.of.api.instances") val partitions = APIUtil.getPropsAsIntValue("kafka.partitions", 10) + val clientId = s"obp.api.$numberOfApiInstances" val autoOffsetResetConfig = "earliest" val maxWakeups = 50 //TODO should be less then container's timeout diff --git a/src/main/scala/code/kafka/kafkaStreamsHelper.scala b/src/main/scala/code/kafka/kafkaStreamsHelper.scala index 9f7f7fb18..0b8c5ed23 100644 --- a/src/main/scala/code/kafka/kafkaStreamsHelper.scala +++ b/src/main/scala/code/kafka/kafkaStreamsHelper.scala @@ -235,8 +235,8 @@ object Topics extends KafkaConfig { * to.obp.api.1.caseclass.GetBank */ TopicPair( - s"from.${clientId}.to.adapter.mf.caseclass.${className.replace("$", "")}", - s"to.${clientId}.caseclass.${className.replace("$", "")}" + s"from.obp.api.${numberOfApiInstances}.to.adapter.mf.caseclass.${className.replace("$", "")}", + s"to.obp.api.${numberOfApiInstances}.caseclass.${className.replace("$", "")}" ) }