Add missing DID Specifications

WorldHealthOrganization · May 21, 2024 · dd91266 · dd91266
1 parent 7e61c39
commit dd91266
Show file tree

Hide file tree

Showing 4 changed files with 145 additions and 51 deletions.
diff --git a/src/main/java/tng/trustnetwork/keydistribution/repository/SignerInformationRepository.java b/src/main/java/tng/trustnetwork/keydistribution/repository/SignerInformationRepository.java
@@ -23,13 +23,10 @@
 import java.util.List;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.Query;
-import org.springframework.data.repository.query.Param;
 import tng.trustnetwork.keydistribution.entity.SignerInformationEntity;
 
 public interface SignerInformationRepository extends JpaRepository<SignerInformationEntity, Long> {
 
-    List<SignerInformationEntity> getByCountryIsIn(List<String> country);
-
     List<SignerInformationEntity> getByCountryIs(String country);
 
     List<SignerInformationEntity> getByDomainIs(String domain);
@@ -38,6 +35,10 @@ public interface SignerInformationRepository extends JpaRepository<SignerInforma
 
     List<SignerInformationEntity> getByCountryIsAndGroupIs(String country, String group);
 
+    List<SignerInformationEntity> getByDomainIsAndGroupIs(String domain, String group);
+
+    List<SignerInformationEntity> getByGroupIs(String group);
+
     List<SignerInformationEntity> getByDomainIsAndCountryIsAndGroupIs(String domain, String country, String group);
 
 
@@ -49,7 +50,4 @@ public interface SignerInformationRepository extends JpaRepository<SignerInforma
 
     @Query("SELECT DISTINCT s.group FROM SignerInformationEntity s")
     List<String> getGroupList();
-
-    @Query("SELECT DISTINCT s.country FROM SignerInformationEntity s WHERE s.domain = :domain")
-    List<String> getParticipantsByDomain(@Param("domain") String domain);
 }
diff --git a/src/main/java/tng/trustnetwork/keydistribution/service/SignerInformationService.java b/src/main/java/tng/trustnetwork/keydistribution/service/SignerInformationService.java
@@ -66,8 +66,7 @@ private SignerInformationEntity getSignerInformationEntity(TrustedCertificateTru
     }
 
     /**
-     * Returns a list of 2-Digit Country-Codes which have at least one signing certificates present in DB which is not
-     * marked for deletion.
+     * Returns a list of 2-Digit Country-Codes which have at least one signing certificates present in DB.
      *
      * @return Distinct list of Country-Codes
      */
@@ -76,48 +75,34 @@ public List<String> getCountryList() {
         return signerInformationRepository.getCountryList();
     }
 
+    /**
+     * Returns a list of groups for which certificates are imported.
+     *
+     * @return list of groups
+     */
     public List<String> getGroupList() {
 
         return signerInformationRepository.getGroupList();
     }
 
     /**
-     * Returns a list of all active certificates.
+     * Returns a list of domains for which certificates are imported.
      *
-     * @return List of SignerInformationEntity
+     * @return list of domains
      */
-    public List<SignerInformationEntity> getAllCertificates() {
+    public List<String> getDomainsList() {
 
-        return signerInformationRepository.findAll();
+        return signerInformationRepository.getDomainsList();
     }
 
     /**
-     * Returns a list of active certificates for given list of countries.
+     * Returns a list of all certificates.
      *
-     * @param countries List of Country Codes to filter for.     *
      * @return List of SignerInformationEntity
      */
-    public List<SignerInformationEntity> getCertificatesForCountries(List<String> countries) {
-
-        return signerInformationRepository.getByCountryIsIn(countries);
-    }
+    public List<SignerInformationEntity> getAllCertificates() {
 
-    /**
-     * Returns signer information that are active filtered by domain and participant.
-     *
-     * @param domain      a domain name used as filter
-     * @param participant a participant aka country code, used as filter
-     * @return active signer information
-     */
-    public List<SignerInformationEntity> getCertificatesForFilter(String domain, String participant) {
-
-        if (domain != null && participant != null) {
-            return signerInformationRepository.getByDomainIsAndCountryIs(domain, participant);
-        } else if (domain != null) {
-            return signerInformationRepository.getByDomainIs(domain);
-        } else {
-            return getAllCertificates();
-        }
+        return signerInformationRepository.findAll();
     }
 
     /**
@@ -126,52 +111,80 @@ public List<SignerInformationEntity> getCertificatesForFilter(String domain, Str
      * @param domain      a domain name used as filter
      * @param participant a participant aka country code, used as filter
      * @param group       group name, used as filter
-     * @return active signer information
+     * @return matching SignerInformationEntities
      */
     public List<SignerInformationEntity> getCertificatesByDomainParticipantGroup(
         String domain, String participant, String group) {
 
         return signerInformationRepository.getByDomainIsAndCountryIsAndGroupIs(domain, participant, group);
     }
 
+    /**
+     * Returns signer information that are filtered by participant.
+     *
+     * @param country a participant aka country code, used as filter
+     * @return matching SignerInformationEntities
+     */
     public List<SignerInformationEntity> getCertificatesByCountry(String country) {
 
         return signerInformationRepository.getByCountryIs(country);
     }
 
+    /**
+     * Returns signer information that are filtered by domain and participant.
+     *
+     * @param domain      a domain name used as filter
+     * @param country     a participant aka country code, used as filter
+     * @return matching SignerInformationEntities
+     */
     public List<SignerInformationEntity> getCertificatesByCountryDomain(String country, String domain) {
 
         return signerInformationRepository.getByDomainIsAndCountryIs(domain, country);
     }
 
+    /**
+     * Returns signer information that are filtered by domain.
+     *
+     * @param domain      a domain name used as filter
+     * @return matching SignerInformationEntities
+     */
     public List<SignerInformationEntity> getCertificatesByDomain(String domain) {
 
         return signerInformationRepository.getByDomainIs(domain);
     }
 
+    /**
+     * Returns signer information that are filtered by participant and group.
+     *
+     * @param group       group name, used as filter
+     * @param country a participant aka country code, used as filter
+     * @return matching SignerInformationEntities
+     */
     public List<SignerInformationEntity> getCertificatesByGroupCountry(String group, String country) {
 
         return signerInformationRepository.getByCountryIsAndGroupIs(country, group);
     }
 
     /**
-     * Returns a list of domains for which certificates are imported.
+     * Returns signer information that are filtered by domain and group.
      *
-     * @return list of domains
+     * @param domain      a domain name used as filter
+     * @param group       group name, used as filter
+     * @return matching SignerInformationEntities
      */
-    public List<String> getDomainsList() {
+    public List<SignerInformationEntity> getCertificatesByDomainGroup(String domain, String group) {
 
-        return signerInformationRepository.getDomainsList();
+        return signerInformationRepository.getByDomainIsAndGroupIs(domain, group);
     }
 
     /**
-     * Returns a list of participants filtered by domain.
+     * Returns signer information that are filtered by group.
      *
-     * @param domain a domain name used as filter
-     * @return list of participants
+     * @param group       group name, used as filter
+     * @return matching SignerInformationEntities
      */
-    public List<String> getParticipantsByDomain(String domain) {
+    public List<SignerInformationEntity> getCertificatesByGroup(String group) {
 
-        return signerInformationRepository.getParticipantsByDomain(domain);
+        return signerInformationRepository.getByGroupIs(group);
     }
 }
diff --git a/src/main/java/tng/trustnetwork/keydistribution/service/did/DidTrustListService.java b/src/main/java/tng/trustnetwork/keydistribution/service/did/DidTrustListService.java
@@ -137,10 +137,6 @@ public void job() {
         List<String> groups = signerInformationService.getGroupList();
         //CHECKSTYLE:ON
 
-        // TODO: Add tng-cdn.who.int/trustlist/-/<PARTICIPANT_CODE>/<USAGE>
-        //  (matches all domains for a specific participant and usage code)
-        // TODO: Add tng-cdn.who.int/trustlist/<DOMAIN>/-/<USAGE> (matches all participants for a specific domain)
-
         // Add overall DID
         didSpecifications.add(new DidSpecification(
             Collections.emptyList(),
@@ -179,6 +175,29 @@ public void job() {
                         () -> signerInformationService.getCertificatesByDomainParticipantGroup(domain, country, group),
                         trustedIssuerService::getAllDid)))));
 
+        // Add all country and group specific did
+        countries.forEach(
+            country -> groups.forEach(
+                group -> didSpecifications.add(new DidSpecification(
+                    List.of(WILDCARD_CHAR, getParticipantCode(country), getMappedGroupName(group)),
+                    () -> signerInformationService.getCertificatesByGroupCountry(group, country),
+                    trustedIssuerService::getAllDid))));
+
+        // Add all domain and group specific did
+        domains.forEach(
+            domain -> groups.forEach(
+                group -> didSpecifications.add(new DidSpecification(
+                    List.of(domain, WILDCARD_CHAR, getMappedGroupName(group)),
+                    () -> signerInformationService.getCertificatesByDomainGroup(domain, group),
+                    trustedIssuerService::getAllDid))));
+
+        // Add all group specific did
+        groups.forEach(
+            group -> didSpecifications.add(new DidSpecification(
+            List.of(WILDCARD_CHAR, WILDCARD_CHAR, getMappedGroupName(group)),
+                () -> signerInformationService.getCertificatesByGroup(group),
+                trustedIssuerService::getAllDid)));
+
         Map<DidSpecification, String> didDocuments = new HashMap<>();
         didSpecifications.forEach(specification -> didDocuments
             .put(specification, this.generateTrustList(specification)));

diff --git a/src/test/java/tng/trustnetwork/keydistribution/service/DidTrustListServiceTest.java b/src/test/java/tng/trustnetwork/keydistribution/service/DidTrustListServiceTest.java
@@ -202,16 +202,16 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
 
         didTrustListService.job();
 
-        Assertions.assertEquals(12, uploadArgumentCaptor.getAllValues().size());
+        Assertions.assertEquals(24, uploadArgumentCaptor.getAllValues().size());
 
-        int expectedNullDid = 3;
+        int expectedNullDid = 6;
 
         for (byte[] uploadedDid : uploadArgumentCaptor.getAllValues()) {
 
             if (uploadedDid == null) {
                 expectedNullDid--;
 
-                Assertions.assertTrue(expectedNullDid >= 0, "DID Collection contains more empty documents than expected.");
+                Assertions.assertTrue(expectedNullDid >= 0, "DID Collection contains more empty documents than expected. (" + expectedNullDid * -1 + " too much)");
                 continue;
             }
 
@@ -306,6 +306,70 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
                     assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:DCC:XEU#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)),
                                              certCscaEuKid, certCscaEu, null, "xeu", "did:web:abc:DCC:XEU");
                     break;
+                case "did:web:abc:-:XEU:DSC":
+                    Assertions.assertEquals("did:web:abc:-:XEU:DSC", parsed.getController());
+                    Assertions.assertEquals(4, parsed.getVerificationMethod().size());
+
+                    assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:-:XEU:DSC#" + URLEncoder.encode(certDscEuKid, StandardCharsets.UTF_8)),
+                                             certDscEuKid, certDscEu, null, "xeu", "did:web:abc:-:XEU:DSC");
+                    break;
+                case "did:web:abc:-:DEU:DSC":
+                    Assertions.assertEquals("did:web:abc:-:DEU:DSC", parsed.getController());
+                    Assertions.assertEquals(4, parsed.getVerificationMethod().size());
+
+                    assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:-:DEU:DSC#" + URLEncoder.encode(certDscDeKid, StandardCharsets.UTF_8)),
+                                             certDscDeKid, certDscDe, null, "deu", "did:web:abc:-:DEU:DSC");
+                    break;
+                case "did:web:abc:-:DEU:CSA":
+                    Assertions.assertEquals("did:web:abc:-:DEU:CSA", parsed.getController());
+                    Assertions.assertEquals(4, parsed.getVerificationMethod().size());
+
+                    assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:-:DEU:CSA#" + URLEncoder.encode(certCscaDeKid, StandardCharsets.UTF_8)),
+                                             certCscaDeKid, certCscaDe, null, "deu", "did:web:abc:-:DEU:CSA");
+                    break;
+                case "did:web:abc:-:-:CSA":
+                    Assertions.assertEquals("did:web:abc:-:-:CSA", parsed.getController());
+                    Assertions.assertEquals(5, parsed.getVerificationMethod().size());
+
+                    assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:-:-:CSA#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)),
+                                             certCscaEuKid, certCscaEu, null, "xeu", "did:web:abc:-:-:CSA");
+                    assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:-:-:CSA#" + URLEncoder.encode(certCscaDeKid, StandardCharsets.UTF_8)),
+                                             certCscaDeKid, certCscaDe, null, "deu", "did:web:abc:-:-:CSA");
+                    break;
+                case "did:web:abc:-:-:DSC":
+                    Assertions.assertEquals("did:web:abc:-:-:DSC", parsed.getController());
+                    Assertions.assertEquals(5, parsed.getVerificationMethod().size());
+
+                    assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:-:-:DSC#" + URLEncoder.encode(certDscEuKid, StandardCharsets.UTF_8)),
+                                             certDscEuKid, certDscEu, null, "xeu", "did:web:abc:-:-:DSC");
+                    assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:-:-:DSC#" + URLEncoder.encode(certDscDeKid, StandardCharsets.UTF_8)),
+                                             certDscDeKid, certDscDe, null, "deu", "did:web:abc:-:-:DSC");
+                    break;
+                case "did:web:abc:-:XEU:CSA":
+                    Assertions.assertEquals("did:web:abc:-:XEU:CSA", parsed.getController());
+                    Assertions.assertEquals(4, parsed.getVerificationMethod().size());
+
+                    assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:-:XEU:CSA#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)),
+                                             certCscaEuKid, certCscaEu, null, "xeu", "did:web:abc:-:XEU:CSA");
+                    break;
+                case "did:web:abc:DCC:-:DSC":
+                    Assertions.assertEquals("did:web:abc:DCC:-:DSC", parsed.getController());
+                    Assertions.assertEquals(5, parsed.getVerificationMethod().size());
+
+                    assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:DCC:-:DSC#" + URLEncoder.encode(certDscDeKid, StandardCharsets.UTF_8)),
+                                             certDscDeKid, certDscDe, null, "deu", "did:web:abc:DCC:-:DSC");
+                    assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:DCC:-:DSC#" + URLEncoder.encode(certDscEuKid, StandardCharsets.UTF_8)),
+                                             certDscEuKid, certDscEu, null, "xeu", "did:web:abc:DCC:-:DSC");
+                    break;
+                case "did:web:abc:DCC:-:CSA":
+                    Assertions.assertEquals("did:web:abc:DCC:-:CSA", parsed.getController());
+                    Assertions.assertEquals(5, parsed.getVerificationMethod().size());
+
+                    assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:DCC:-:CSA#" + URLEncoder.encode(certCscaDeKid, StandardCharsets.UTF_8)),
+                                             certCscaDeKid, certCscaDe, null, "deu", "did:web:abc:DCC:-:CSA");
+                    assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:DCC:-:CSA#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)),
+                                             certCscaEuKid, certCscaEu, null, "xeu", "did:web:abc:DCC:-:CSA");
+                    break;
                 default:
                         Assertions.fail("Unexpected Document in DID Collection! (" +  parsed.getId() + ")");
             }