Merge pull request #167 from bci-oss/feature/base64-param-encryption-…

…A1SLDT-1239

Feat: Base64 decoding for input parameters

CHANGELOG.md

@@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 0.3.10-M1
+### Added
+- In this new version, Base64 decoding is provided for the provided encoded parameters. All the provided path parameters has to be Base64 URL encoded.
+
+## fixed
+
+
 ## 0.3.9-M1
 ### Added
 - In this new version, Cursor pagination is provided for search instead of classical offset pagination in previous version.

backend/src/main/java/org/eclipse/tractusx/semantics/registry/controller/AssetAdministrationShellApiDelegate.java

@@ -69,18 +69,19 @@ public ResponseEntity<ServiceDescription> getDescription() {
     }
 
     @Override
-    public ResponseEntity<Void> deleteAssetAdministrationShellDescriptorById( String  aasIdentifier ) {
-        shellService.deleteShell( aasIdentifier );
+    public ResponseEntity<Void> deleteAssetAdministrationShellDescriptorById( byte[]  aasIdentifier ) {
+        shellService.deleteShell( getDecodedId(aasIdentifier) );
         return new ResponseEntity<>(HttpStatus.NO_CONTENT);
     }
     @Override
-    public ResponseEntity<Void> deleteAllAssetLinksById(String aasIdentifier) {
-        shellService.deleteAllIdentifiers(aasIdentifier);
+    public ResponseEntity<Void> deleteAllAssetLinksById(byte[] aasIdentifier) {
+
+        shellService.deleteAllIdentifiers(getDecodedId(aasIdentifier));
         return new ResponseEntity<>(HttpStatus.NO_CONTENT);
     }
     @Override
-    public ResponseEntity<Void> deleteSubmodelDescriptorByIdThroughSuperpath( String aasIdentifier, String submodelIdentifier ) {
-        shellService.deleteSubmodel(aasIdentifier, submodelIdentifier,getExternalSubjectIdOrEmpty( null ));
+    public ResponseEntity<Void> deleteSubmodelDescriptorByIdThroughSuperpath( byte[] aasIdentifier, byte[] submodelIdentifier ) {
+        shellService.deleteSubmodel(getDecodedId( aasIdentifier ), getDecodedId( submodelIdentifier ),getExternalSubjectIdOrEmpty( null ));
         return new ResponseEntity<>(HttpStatus.NO_CONTENT);
 
     }
@@ -95,22 +96,23 @@ public ResponseEntity<GetAssetAdministrationShellDescriptorsResult> getAllAssetA
 
     @Override
     // new todo: correct implementation
-    public ResponseEntity<GetSubmodelDescriptorsResult> getAllSubmodelDescriptorsThroughSuperpath( String aasIdentifier, Integer limit, String cursor, @RequestHeader String externalSubjectId  ) {
-        Shell savedShell = shellService.findShellByExternalId(aasIdentifier,getExternalSubjectIdOrEmpty(externalSubjectId));
+    public ResponseEntity<GetSubmodelDescriptorsResult> getAllSubmodelDescriptorsThroughSuperpath( byte[] aasIdentifier, Integer limit, String cursor, @RequestHeader String externalSubjectId  ) {
+        Shell savedShell = shellService.findShellByExternalId(getDecodedId( aasIdentifier ),getExternalSubjectIdOrEmpty(externalSubjectId));
         SubmodelCollectionDto dto = shellService.findAllSubmodel( limit,cursor, savedShell);
         GetSubmodelDescriptorsResult result= submodelMapper.toApiDto( dto );
         return new ResponseEntity<>(result, HttpStatus.OK);
     }
 
     @Override
-    public ResponseEntity<AssetAdministrationShellDescriptor> getAssetAdministrationShellDescriptorById( String aasIdentifier, @RequestHeader String externalSubjectId ) {
-            Shell saved = shellService.findShellByExternalId(aasIdentifier, getExternalSubjectIdOrEmpty(externalSubjectId));
+    public ResponseEntity<AssetAdministrationShellDescriptor> getAssetAdministrationShellDescriptorById( byte[] aasIdentifier, @RequestHeader String externalSubjectId ) {
+        String decodedAasIdentifier = getDecodedId( aasIdentifier );
+        Shell saved = shellService.findShellByExternalId(decodedAasIdentifier, getExternalSubjectIdOrEmpty(externalSubjectId));
            return new ResponseEntity<>(shellMapper.toApiDto(saved), HttpStatus.OK);
     }
 
     @Override
-    public ResponseEntity<SubmodelDescriptor> getSubmodelDescriptorByIdThroughSuperpath( String aasIdentifier, String submodelIdentifier ) {
-        Submodel submodel = shellService.findSubmodelByExternalId(aasIdentifier, submodelIdentifier,getExternalSubjectIdOrEmpty( null ));
+    public ResponseEntity<SubmodelDescriptor> getSubmodelDescriptorByIdThroughSuperpath( byte[] aasIdentifier, byte[]  submodelIdentifier ) {
+        Submodel submodel = shellService.findSubmodelByExternalId(getDecodedId( aasIdentifier ), getDecodedId( submodelIdentifier ),getExternalSubjectIdOrEmpty( null ));
         return new ResponseEntity<>(submodelMapper.toApiDto(submodel), HttpStatus.OK);
     }
 
@@ -123,27 +125,27 @@ public ResponseEntity<AssetAdministrationShellDescriptor> postAssetAdministratio
     }
 
     @Override
-    public ResponseEntity<SubmodelDescriptor> postSubmodelDescriptorThroughSuperpath( String aasIdentifier, SubmodelDescriptor submodelDescriptor ) {
+    public ResponseEntity<SubmodelDescriptor> postSubmodelDescriptorThroughSuperpath( byte[] aasIdentifier, SubmodelDescriptor submodelDescriptor ) {
         Submodel toBeSaved = submodelMapper.fromApiDto(submodelDescriptor);
         toBeSaved.setIdExternal( submodelDescriptor.getId() );
-        Submodel savedSubModel = shellService.save(aasIdentifier, toBeSaved, getExternalSubjectIdOrEmpty(null));
+        Submodel savedSubModel = shellService.save(getDecodedId( aasIdentifier ), toBeSaved, getExternalSubjectIdOrEmpty(null));
         return new ResponseEntity<>(submodelMapper.toApiDto(savedSubModel), HttpStatus.CREATED);
     }
 
     @Override
-    public ResponseEntity<Void> putAssetAdministrationShellDescriptorById( String aasIdentifier, AssetAdministrationShellDescriptor assetAdministrationShellDescriptor ) {
+    public ResponseEntity<Void> putAssetAdministrationShellDescriptorById( byte[] aasIdentifier, AssetAdministrationShellDescriptor assetAdministrationShellDescriptor ) {
         Shell shell = shellMapper.fromApiDto( assetAdministrationShellDescriptor );
-        Shell shellFromDb = shellService.findShellByExternalId( aasIdentifier,getExternalSubjectIdOrEmpty(null) );
-        shellService.update( shell.withId( shellFromDb.getId() ).withIdExternal(aasIdentifier  ),aasIdentifier);
+        Shell shellFromDb = shellService.findShellByExternalId( getDecodedId( aasIdentifier),getExternalSubjectIdOrEmpty(null) );
+        shellService.update( shell.withId( shellFromDb.getId() ).withIdExternal(getDecodedId(aasIdentifier)  ),getDecodedId(aasIdentifier));
         return new ResponseEntity<>(HttpStatus.NO_CONTENT);
     }
 
     @Override
-    public ResponseEntity<Void> putSubmodelDescriptorByIdThroughSuperpath( String aasIdentifier, String submodelIdentifier, SubmodelDescriptor submodelDescriptor ) {
+    public ResponseEntity<Void> putSubmodelDescriptorByIdThroughSuperpath( byte[] aasIdentifier, byte[] submodelIdentifier, SubmodelDescriptor submodelDescriptor ) {
         Submodel submodel = submodelMapper.fromApiDto( submodelDescriptor );
-        Submodel fromDB = shellService.findSubmodelByExternalId( aasIdentifier,submodelIdentifier,getExternalSubjectIdOrEmpty( null ) );
-        shellService.deleteSubmodel(aasIdentifier,  submodelIdentifier,getExternalSubjectIdOrEmpty( null ));
-        shellService.update( aasIdentifier, submodel.withIdExternal( submodelIdentifier ).withId( fromDB.getId() ) ,getExternalSubjectIdOrEmpty( "" ));
+        Submodel fromDB = shellService.findSubmodelByExternalId( getDecodedId( aasIdentifier ),getDecodedId( submodelIdentifier ),getExternalSubjectIdOrEmpty( null ) );
+        shellService.deleteSubmodel(getDecodedId( aasIdentifier ),  getDecodedId( submodelIdentifier ),getExternalSubjectIdOrEmpty( null ));
+        shellService.update( getDecodedId( aasIdentifier ), submodel.withIdExternal( getDecodedId( submodelIdentifier ) ).withId( fromDB.getId() ) ,getExternalSubjectIdOrEmpty( "" ));
         return new ResponseEntity<>( HttpStatus.NO_CONTENT );
     }
 
@@ -159,14 +161,14 @@ public ResponseEntity<GetAllAssetAdministrationShellIdsByAssetLink200Response> g
     }
 
     @Override
-        public ResponseEntity<List<SpecificAssetId>> getAllAssetLinksById(String aasIdentifier,@RequestHeader String externalSubjectId) {
-            Set<ShellIdentifier> identifiers = shellService.findShellIdentifiersByExternalShellId(aasIdentifier,getExternalSubjectIdOrEmpty(externalSubjectId));
+        public ResponseEntity<List<SpecificAssetId>> getAllAssetLinksById(byte[] aasIdentifier,@RequestHeader String externalSubjectId) {
+            Set<ShellIdentifier> identifiers = shellService.findShellIdentifiersByExternalShellId(getDecodedId( aasIdentifier ),getExternalSubjectIdOrEmpty(externalSubjectId));
             return new ResponseEntity<>(shellMapper.toApiDto(identifiers), HttpStatus.OK);
         }
 
         @Override
-    public ResponseEntity<List<SpecificAssetId>> postAllAssetLinksById(String aasIdentifier, List<SpecificAssetId> specificAssetId) {
-        Set<ShellIdentifier> shellIdentifiers = shellService.save(aasIdentifier, shellMapper.fromApiDto(specificAssetId),getExternalSubjectIdOrEmpty( null ));
+    public ResponseEntity<List<SpecificAssetId>> postAllAssetLinksById(byte[] aasIdentifier, List<SpecificAssetId> specificAssetId) {
+        Set<ShellIdentifier> shellIdentifiers = shellService.save(getDecodedId( aasIdentifier ), shellMapper.fromApiDto(specificAssetId),getExternalSubjectIdOrEmpty( null ));
         List<SpecificAssetId> list = shellMapper.toApiDto(shellIdentifiers);
         return new ResponseEntity<>(list, HttpStatus.CREATED);
     }
@@ -181,5 +183,15 @@ public ResponseEntity<List<String>> postQueryAllAssetAdministrationShellIds(Shel
         private String getExternalSubjectIdOrEmpty(String externalSubjectId) {
             return (null ==externalSubjectId) ? "" : externalSubjectId;
         }
+
+    private String getDecodedId( byte[] aasIdentifier ) {
+        try {
+            byte[] decodedBytes = Base64.getUrlDecoder().decode( aasIdentifier );
+            return new String( decodedBytes );
+        }catch ( Exception e ){
+            throw new IllegalArgumentException("Incorrect Base64 encoded value provided as parameter");
+        }
+    }
+
     }
 

backend/src/main/resources/static/aas-registry-openapi.yaml

@@ -194,8 +194,8 @@ paths:
           explode: false
           schema:
             type: string
+            format: byte
         - $ref: '#/components/parameters/ExternalSubjectIdHeader'
-      #          format: byte
       responses:
         "200":
           description: Requested Asset Administration Shell Descriptor
@@ -249,7 +249,7 @@ paths:
           explode: false
           schema:
             type: string
-      #          format: byte
+            format: byte
       requestBody:
         description: Asset Administration Shell Descriptor object
         content:
@@ -306,7 +306,7 @@ paths:
           explode: false
           schema:
             type: string
-      #          format: byte
+            format: byte
       responses:
         "204":
           description: Asset Administration Shell Descriptor deleted successfully
@@ -351,7 +351,7 @@ paths:
           explode: false
           schema:
             type: string
-        #          format: byte
+            format: byte
         - name: limit
           in: query
           description: The maximum number of elements in the response array
@@ -417,7 +417,7 @@ paths:
           explode: false
           schema:
             type: string
-      #          format: byte
+            format: byte
       requestBody:
         description: Submodel Descriptor object
         content:
@@ -484,7 +484,7 @@ paths:
           explode: false
           schema:
             type: string
-        #          format: byte
+            format: byte
         - name: submodelIdentifier
           in: path
           description: The Submodel’s unique id (UTF8-BASE64-URL-encoded)
@@ -493,7 +493,7 @@ paths:
           explode: false
           schema:
             type: string
-      #          format: byte
+            format: byte
       responses:
         "200":
           description: Requested Submodel Descriptor
@@ -547,7 +547,7 @@ paths:
           explode: false
           schema:
             type: string
-        #          format: byte
+            format: byte
         - name: submodelIdentifier
           in: path
           description: The Submodel’s unique id (UTF8-BASE64-URL-encoded)
@@ -556,7 +556,7 @@ paths:
           explode: false
           schema:
             type: string
-      #          format: byte
+            format: byte
       requestBody:
         description: Submodel Descriptor object
         content:
@@ -612,7 +612,7 @@ paths:
           explode: false
           schema:
             type: string
-        #          format: byte
+            format: byte
         - name: submodelIdentifier
           in: path
           description: The Submodel’s unique id (UTF8-BASE64-URL-encoded)
@@ -621,7 +621,7 @@ paths:
           explode: false
           schema:
             type: string
-      #          format: byte
+            format: byte
       responses:
         "204":
           description: Submodel Descriptor deleted successfully
@@ -754,6 +754,7 @@ paths:
           explode: false
           schema:
             type: string
+            format: byte
         - $ref: '#/components/parameters/ExternalSubjectIdHeader'
       responses:
         "200":
@@ -784,6 +785,7 @@ paths:
           explode: false
           schema:
             type: string
+            format: byte
       requestBody:
         description: Asset identifier key-value-pairs
         content:
@@ -826,6 +828,7 @@ paths:
           explode: false
           schema:
             type: string
+            format: byte
       responses:
         "204":
           description: Asset identifier key-value-pairs deleted successfully