Merge pull request #2338 from OpenBankProject/develop

merge image build fix
2026-02-06 18:46:46 +00:00 · 2023-11-23 15:05:08 +01:00 · 2023-11-23 15:05:08 +01:00 · da9c32055d
commit da9c32055d
parent 373aabc4ff 8ae99f735a
7 changed files with 103 additions and 39 deletions
--- a/.github/workflows/build_package.yml
+++ b/.github/workflows/build_package.yml
@ -72,7 +72,7 @@ jobs:
          echo ResetPasswordUrlEnabled=true >> obp-api/src/main/resources/props/test.default.props

          echo consents.allowed=true >> obp-api/src/main/resources/props/test.default.props
-          MAVEN_OPTS="-Xmx3G -Xss2m" mvn package
+          MAVEN_OPTS="-Xmx3G -Xss2m" mvn clean package -Pprod
      - name: Build the Docker image
        run: |
          echo "${{ secrets.DOCKER_HUB_TOKEN }}" | docker login -u "${{ secrets.DOCKER_HUB_USERNAME }}" --password-stdin docker.io
--- a/obp-api/pom.xml
+++ b/obp-api/pom.xml
@ -13,7 +13,17 @@
  <artifactId>obp-api</artifactId>
  <packaging>war</packaging>
  <name>Open Bank Project API</name>
-
+  <properties>
+    <webXmlPath>src/main/webapp/WEB-INF/web.xml</webXmlPath>
+  </properties>
+  <profiles>
+    <profile>
+      <id>prod</id>
+      <properties>
+        <webXmlPath>src/main/resources/web.xml</webXmlPath>
+      </properties>
+    </profile>
+  </profiles>
  <pluginRepositories>
    <pluginRepository>
      <id>org.sonatype.oss.groups.public</id>
@ -563,6 +573,9 @@
          <groupId>org.apache.maven.plugins</groupId>
          <artifactId>maven-war-plugin</artifactId>
          <version>2.6</version>
+          <configuration>
+            <webXml>${webXmlPath}</webXml>
+          </configuration>
        </plugin>
        <plugin>
          <groupId>org.apache.maven.plugins</groupId>
--- a/obp-api/src/main/resources/web.xml
+++ b/obp-api/src/main/resources/web.xml
@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+
+<!DOCTYPE web-app
+        PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
+        "web-app_2_3.dtd">
+
+<web-app>
+    <filter>
+        <filter-name>LiftFilter</filter-name>
+        <display-name>Lift Filter</display-name>
+        <description>The Filter that intercepts lift calls</description>
+        <filter-class>net.liftweb.http.LiftFilter</filter-class>
+    </filter>
+
+
+    <filter-mapping>
+        <filter-name>LiftFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
+
+    <!--set  the status of HttpOnly and Secure cookie flags-->
+    <session-config>
+        <cookie-config>
+            <secure>true</secure>
+            <http-only>true</http-only>
+        </cookie-config>
+    </session-config>
+
+
+    <!-- H2 web console 
+    <servlet>
+      <servlet-name>H2Console</servlet-name>
+      <servlet-class>org.h2.server.web.WebServlet</servlet-class>
+      <load-on-startup>0</load-on-startup>
+    </servlet>
+    <servlet-mapping>
+      <servlet-name>H2Console</servlet-name>
+      <url-pattern>/console/*</url-pattern>
+    </servlet-mapping>
+    -->
+
+</web-app>
--- a/obp-api/src/main/scala/code/api/util/APIUtil.scala
+++ b/obp-api/src/main/scala/code/api/util/APIUtil.scala
@ -782,7 +782,7 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{
    // redirectUrl = http%3A%2F%2Flocalhost%3A8016%3Foauth_token%3DEBRZBMOPDXEUGGJP421FPFGK01IY2DGM5O3TLVSK%26oauth_verifier%3D63461
    // URLDecoder.decode(urlString,"UTF-8")-->http://localhost:8016?oauth_token=EBRZBMOPDXEUGGJP421FPFGK01IY2DGM5O3TLVSK&oauth_verifier=63461
    val regex =
-      """((([A-Za-z]{3,9}:(?:\/\/)?)(?:[-;:&=\+\$,\w]+@)?[A-Za-z0-9.-]+(:[0-9]+)?|(?:www.|[-;:&=\+\$,\w]+@)[A-Za-z0-9.-]+)((?:\/[\+~%\/.\w-_]*)?\??(?:[-\+=&;%@.\w_]*)#?(?:[\w]*))?)""".r
+      """((([A-Za-z]{3,9}:(?:\/\/)?)(?:[-;:&=\+\$,\w]+@)?[A-Za-z0-9.-]+(:[0-9]+)?|(?:www.|[-;:&=\+\$,\w]+@)[A-Za-z0-9.-]+)((?:\/[\+~%\/.\w-_]*)?\??(?:[-\+=&;%@.\w_\/]*)#?(?:[\w]*))?)""".r
    val decodeUrlValue = URLDecoder.decode(urlString, "UTF-8").trim()
    decodeUrlValue match {
      case regex(_*) if (decodeUrlValue.length <= 2048) => true
--- a/obp-api/src/main/scala/code/util/Helper.scala
+++ b/obp-api/src/main/scala/code/util/Helper.scala
@ -485,7 +485,7 @@ object Helper extends Loggable {
            result.asInstanceOf[Box[String]].filter(APIUtil.checkMediumString(_)==SILENCE_IS_GOLDEN)
          }
        if(resultAfterChecked.isEmpty) { 
-          logger.debug(s"ObpS.${methodName} validation failed. The input key is: ${if (args.length>0)args.apply(0) else ""}, value is:$result")
+          logger.debug(s"ObpS.${methodName} validation failed. (resultAfterChecked.isEmpty A) The input key is: ${if (args.length>0)args.apply(0) else ""}, value is:$result")
        }
        resultAfterChecked
      } else if (methodName.equals("uri") && result.isInstanceOf[String]){
@ -493,14 +493,14 @@ object Helper extends Loggable {
        if(resultAfterChecked.isDefined) {
          resultAfterChecked.head
        }else{
-          logger.debug(s"ObpS.${methodName} validation failed. The value is:$result")
+          logger.debug(s"ObpS.${methodName} validation failed (NOT resultAfterChecked.isDefined). The value is:$result")
          resultAfterChecked.getOrElse("")
        }
      } else if (methodName.equals("uriAndQueryString") && result.isInstanceOf[Box[String]] && result.asInstanceOf[Box[String]].isDefined ||
        methodName.equals("queryString") && result.isInstanceOf[Box[String]]&&result.asInstanceOf[Box[String]].isDefined){
        val resultAfterChecked = result.asInstanceOf[Box[String]].filter(APIUtil.basicUriAndQueryStringValidation(_))
        if(resultAfterChecked.isEmpty) { 
-          logger.debug(s"ObpS.${methodName} validation failed. The value is:$result")
+          logger.debug(s"ObpS.${methodName} validation failed. (resultAfterChecked.isEmpty B) The value is:$result")
        }
        resultAfterChecked
      } else {
--- a/obp-api/src/main/webapp/WEB-INF/web.xml
+++ b/obp-api/src/main/webapp/WEB-INF/web.xml
@ -1,42 +1,42 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>

 <!DOCTYPE web-app
-PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
-"web-app_2_3.dtd">
+        PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
+        "web-app_2_3.dtd">

 <web-app>
-<filter>
-  <filter-name>LiftFilter</filter-name>
-  <display-name>Lift Filter</display-name>
-  <description>The Filter that intercepts lift calls</description>
-  <filter-class>net.liftweb.http.LiftFilter</filter-class>
-</filter>
-  	
+    <filter>
+        <filter-name>LiftFilter</filter-name>
+        <display-name>Lift Filter</display-name>
+        <description>The Filter that intercepts lift calls</description>
+        <filter-class>net.liftweb.http.LiftFilter</filter-class>
+    </filter>

-<filter-mapping>
-  <filter-name>LiftFilter</filter-name>
-  <url-pattern>/*</url-pattern>
-</filter-mapping>

-<!--set  the status of HttpOnly and Secure cookie flags-->
-<session-config>
-  <cookie-config>
-    <secure>true</secure>
-    <http-only>true</http-only>
-  </cookie-config>
-</session-config>
+    <filter-mapping>
+        <filter-name>LiftFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
+
+    <!--set  the status of HttpOnly and Secure cookie flags-->
+    <!--<session-config>-->
+    <!--  <cookie-config>-->
+    <!--    <secure>true</secure>-->
+    <!--    <http-only>true</http-only>-->
+    <!--  </cookie-config>-->
+    <!--</session-config>-->
+
+
+    <!-- H2 web console 
+    <servlet>
+      <servlet-name>H2Console</servlet-name>
+      <servlet-class>org.h2.server.web.WebServlet</servlet-class>
+      <load-on-startup>0</load-on-startup>
+    </servlet>
+    <servlet-mapping>
+      <servlet-name>H2Console</servlet-name>
+      <url-pattern>/console/*</url-pattern>
+    </servlet-mapping>
+    -->

-  
-<!-- H2 web console 
-<servlet>
-  <servlet-name>H2Console</servlet-name>
-  <servlet-class>org.h2.server.web.WebServlet</servlet-class>
-  <load-on-startup>0</load-on-startup>
-</servlet>
-<servlet-mapping>
-  <servlet-name>H2Console</servlet-name>
-  <url-pattern>/console/*</url-pattern>
-</servlet-mapping>
-->
-  
 </web-app>
--- a/obp-api/src/test/scala/code/util/APIUtilTest.scala
+++ b/obp-api/src/test/scala/code/util/APIUtilTest.scala
@ -697,6 +697,15 @@ class APIUtilTest extends FeatureSpec with Matchers with GivenWhenThen with Prop
    APIUtil.getObpFormatOperationId("OBPv3.0.0-getCoreAccountById") should be ("OBPv3.0.0-getCoreAccountById")
    APIUtil.getObpFormatOperationId("xxx") should be ("xxx")
  }
+  
+  feature("test APIUtil.basicUrlValidation method") {
+    val testString1 = "https%3A%2F%2Fapisandbox.openbankproject.com%2Foauth%2Fauthorize%3Fnext%3D%2Fen%2Fusers%2Fmyuser%26oauth_token%3DWTOBT2YRCTMI1BCCF4XAIKRXPLLZDZPFAIL5K03Z%26oauth_verifier%3D45381"
+    val testString2 = "http%3A%2F%2Flocalhost%3A8016%3Foauth_token%3DEBRZBMOPDXEUGGJP421FPFGK01IY2DGM5O3TLVSK%26oauth_verifier%3D63461"
+    
+    APIUtil.basicUrlValidation(testString1) should be (true)
+    APIUtil.basicUrlValidation(testString2) should be (true)
+    
+  }

  feature("test APIUtil.getBankIdAccountIdPairsFromUserAuthContexts method") {