Feature/passport visa

src/main/java/bio/overture/ego/controller/PassportController.java

@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 2017. The Ontario Institute for Cancer Research. All rights reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package bio.overture.ego.controller;
+
+import static org.springframework.http.HttpStatus.*;
+import static org.springframework.web.bind.annotation.RequestMethod.*;
+
+import bio.overture.ego.model.entity.VisaPermission;
+import bio.overture.ego.service.PassportService;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import java.util.List;
+import lombok.NonNull;
+import lombok.SneakyThrows;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.*;
+
+@Slf4j
+@RestController
+@RequestMapping("/passport")
+@Tag(name = "Passport", description = "poassport-controller")
+public class PassportController {
+
+  private final PassportService passportService;
+
+  @Autowired
+  public PassportController(@NonNull PassportService passportService) {
+    this.passportService = passportService;
+  }
+
+  @RequestMapping(method = POST, value = "/passport/token")
+  @ResponseStatus(value = OK)
+  @SneakyThrows
+  public @ResponseBody List<VisaPermission> getVisaPermissions(@RequestBody String authToken) {
+    return passportService.getPermissions(authToken);
+  }
+}

src/main/java/bio/overture/ego/model/dto/Ga4ghVisaV1.java

@@ -0,0 +1,31 @@
+package bio.overture.ego.model.dto;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class Ga4ghVisaV1 {
+
+  @JsonProperty("asserted")
+  private int asserted;
+
+  @JsonProperty("by")
+  private String by;
+
+  @JsonProperty("source")
+  private Object source;
+
+  @JsonProperty("type")
+  private String type;
+
+  @JsonProperty("value")
+  private String value;
+}

src/main/java/bio/overture/ego/model/dto/Passport.java

@@ -0,0 +1,35 @@
+package bio.overture.ego.model.dto;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import java.util.List;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class Passport {
+
+  @JsonProperty("sub")
+  private String sub;
+
+  @JsonProperty("iss")
+  private String iss;
+
+  @JsonProperty("exp")
+  private long exp;
+
+  @JsonProperty("iat")
+  private int iat;
+
+  @JsonProperty("ga4gh_passport_v1")
+  private List<String> ga4ghPassportV1;
+
+  @JsonProperty("jti")
+  private String jti;
+}

src/main/java/bio/overture/ego/model/dto/PassportVisa.java

@@ -0,0 +1,34 @@
+package bio.overture.ego.model.dto;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class PassportVisa {
+
+  @JsonProperty("sub")
+  private String sub;
+
+  @JsonProperty("ga4gh_visa_v1")
+  private Ga4ghVisaV1 ga4ghVisaV1;
+
+  @JsonProperty("iss")
+  private String iss;
+
+  @JsonProperty("exp")
+  private long exp;
+
+  @JsonProperty("iat")
+  private int iat;
+
+  @JsonProperty("jti")
+  private String jti;
+}

src/main/java/bio/overture/ego/service/PassportService.java

@@ -0,0 +1,131 @@
+package bio.overture.ego.service;
+
+import bio.overture.ego.model.dto.Passport;
+import bio.overture.ego.model.dto.PassportVisa;
+import bio.overture.ego.model.entity.Visa;
+import bio.overture.ego.model.entity.VisaPermission;
+import bio.overture.ego.model.exceptions.InternalServerException;
+import bio.overture.ego.model.exceptions.InvalidTokenException;
+import bio.overture.ego.token.signer.BrokerTokenSigner;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import java.util.*;
+import java.util.stream.Collectors;
+import lombok.NonNull;
+import lombok.extern.slf4j.Slf4j;
+import lombok.val;
+import org.apache.commons.codec.binary.Base64;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Slf4j
+@Service
+@Transactional
+public class PassportService {
+
+  private final BrokerTokenSigner tokenSigner;
+  /** Dependencies */
+  @Autowired private VisaService visaService;
+
+  @Autowired private VisaPermissionService visaPermissionService;
+
+  @Autowired
+  public PassportService(
+      @NonNull VisaPermissionService visaPermissionService,
+      @NonNull VisaService visaService,
+      @NonNull BrokerTokenSigner tokenSigner) {
+    this.visaService = visaService;
+    this.visaPermissionService = visaPermissionService;
+    this.tokenSigner = tokenSigner;
+  }
+
+  public List<VisaPermission> getPermissions(String authToken) throws JsonProcessingException {
+    // Validates passport auth token
+    if (!isValidPassport(authToken)) {
+      throw new InvalidTokenException("The passport token received from broker is invalid");
+    }
+    // Parses passport JWT token
+    Passport parsedPassport = parsePassport(authToken);
+    // Fetches visas for parsed passport
+    List<PassportVisa> visas = getVisas(parsedPassport);
+    // Fetches visa permissions for extracted visas
+    List<VisaPermission> visaPermissions = getVisaPermissions(visas);
+    // removes deduplicates from visaPermissions
+    visaPermissions = deDupeVisaPermissions(visaPermissions);
+    return visaPermissions;
+  }
+
+  // Validates passport token based on public key
+  private boolean isValidPassport(@NonNull String authToken) {
+    Claims claims;
+    val tokenKey =
+        tokenSigner
+            .getEncodedPublicKey()
+            .orElseThrow(() -> new InternalServerException("Internal issue with token signer."));
+    try {
+      claims = Jwts.parser().setSigningKey(tokenKey).parseClaimsJws(authToken).getBody();
+      if (claims != null) {
+        return true;
+      }
+    } catch (Exception exception) {
+      throw new InvalidTokenException("The passport token received from broker is invalid");
+    }
+    return false;
+  }
+
+  // Extracts Visas from parsed passport object
+  private List<PassportVisa> getVisas(Passport passport) {
+    List<PassportVisa> visas = new ArrayList<>();
+    passport.getGa4ghPassportV1().stream()
+        .forEach(
+            visaJwt -> {
+              try {
+                if (visaService.isValidVisa(visaJwt)) {
+                PassportVisa visa = visaService.parseVisa(visaJwt);
+                if (visa != null) {
+                  visas.add(visa);
+                }
+                }
+              } catch (JsonProcessingException e) {
+                e.printStackTrace();
+              }
+            });
+    return visas;
+  }
+
+  // Fetches Visa Permissions for extracted Visa list
+  private List<VisaPermission> getVisaPermissions(List<PassportVisa> visas) {
+    List<VisaPermission> visaPermissions = new ArrayList<>();
+    visas.stream()
+        .distinct()
+        .forEach(
+            visa -> {
+              Visa visaEntity = new Visa();
+              visaEntity.setId(UUID.fromString(visa.getJti()));
+              visaPermissions.addAll(visaPermissionService.getPermissionsForVisa(visaEntity));
+            });
+    return visaPermissions;
+  }
+
+  // Parse Passport token to extract the passport body
+  public Passport parsePassport(@NonNull String passportJwtToken) throws JsonProcessingException {
+    String[] split_string = passportJwtToken.split("\\.");
+    String base64EncodedHeader = split_string[0];
+    String base64EncodedBody = split_string[1];
+    String base64EncodedSignature = split_string[2];
+    Base64 base64Url = new Base64(true);
+    String header = new String(base64Url.decode(base64EncodedHeader));
+    String body = new String(base64Url.decode(base64EncodedBody));
+    return new ObjectMapper().readValue(body, Passport.class);
+  }
+
+  // Removes duplicates from the VisaPermissons List
+  private List<VisaPermission> deDupeVisaPermissions(List<VisaPermission> visaPermissions) {
+    Set<VisaPermission> permissionsSet = new HashSet<VisaPermission>();
+    permissionsSet.addAll(visaPermissions);
+    return permissionsSet.stream().collect(Collectors.toList());
+  }
+}

src/main/java/bio/overture/ego/service/VisaPermissionService.java

@@ -5,6 +5,7 @@
 
 import bio.overture.ego.event.token.ApiKeyEventsPublisher;
 import bio.overture.ego.model.dto.VisaPermissionRequest;
+import bio.overture.ego.model.entity.Visa;
 import bio.overture.ego.model.entity.VisaPermission;
 import bio.overture.ego.model.exceptions.NotFoundException;
 import bio.overture.ego.repository.VisaPermissionRepository;
@@ -26,17 +27,14 @@
 @Service
 @Transactional
 public class VisaPermissionService extends AbstractNamedService<VisaPermission, UUID> {
-
   /** Dependencies */
   @Autowired private VisaService visaService;
 
   @Autowired private PolicyService policyService;
-
   @Autowired private VisaPermissionRepository visaPermissionRepository;
   private final ApiKeyEventsPublisher apiKeyEventsPublisher;
-
-  private static final VisaPermissionService.VisaPermissionConverter VISA_PERMISSION_CONVERTER =
-      getMapper(VisaPermissionService.VisaPermissionConverter.class);
+  private static final VisaPermissionConverter VISA_PERMISSION_CONVERTER =
+      getMapper(VisaPermissionConverter.class);
 
   @Autowired
   public VisaPermissionService(
@@ -96,6 +94,12 @@ public void removePermission(@NonNull UUID policyId, @NotNull UUID visaId) {
     }
   }
 
+  // Fetches visa permissions for given visa request
+  public List<VisaPermission> getPermissionsForVisa(@NonNull Visa visa) {
+    val result = (List<VisaPermission>) visaPermissionRepository.findByVisa_Id(visa.getId());
+    return result;
+  }
+
   @Override
   public VisaPermission getById(@NonNull UUID uuid) {
     return super.getById(uuid);