diff --git a/README.md b/README.md
index d4955d7..b3a0934 100644
--- a/README.md
+++ b/README.md
@@ -10,10 +10,15 @@ Version 2.0. See the file "[LICENSE](LICENSE)" for more information.
Edge API for mod-ncip
## Overview
-The purpose of this module is to expose mod-ncip to external applications/3rd party software. It simply passes requests through to the NCIP module (after the API key is authenticated). It does not contain any other functionality
+
+The purpose of this module is to expose mod-ncip to external applications/3rd party software. It simply passes requests
+through to the NCIP module (after the API key is authenticated). It does not contain any other functionality
## Permissions
-Institutional users should be granted the following permissions in order to use this edge API (because these are required for the NCIP module itself):
+
+Institutional users should be granted the following permissions in order to use this edge API (because these are
+required for the NCIP module itself):
+
```
ncip.all
inventory-storage.items.collection.get
@@ -24,23 +29,69 @@ Institutional users should be granted the following permissions in order to use
manualblocks.collection.get
```
-### IMPORTANT NOTE ABOUT INSTITUTIONAL USER - It has to be assigned a patron group. There is an issue with create item which requires the user to be assigned a patron group.
-## Security & Configuration
-The edge-ncip module is secured via the functionality provided by the edge-common project (via API key).
+### IMPORTANT NOTE ABOUT INSTITUTIONAL USER - It has to be assigned a patron group. There is an issue with create item which requires the user to be assigned a patron group.
-The configuration for this module conforms to the edge-common project.
+## Security Configuration
+Configuration information is specified in two forms:
-https://github.com/folio-org/edge-common
+1. System Properties - General configuration
+2. Properties File - Configuration specific to the desired secure store
-## endpoints (you can use either)
+### System Properties
+
+| Property | Default | Description |
+|---------------------------|---------------------|---------------------------------------------------------------------|
+| `port` | `8081` | Server port to listen on |
+| `okapi_url` | *required* | Where to find Okapi (URL) |
+| `secure_store` | `Ephemeral` | Type of secure store to use. Valid: `Ephemeral`, `AwsSsm`, `Vault` |
+| `secure_store_props` | `NA` | Path to a properties file specifying secure store configuration |
+| `token_cache_ttl_ms` | `3600000` | How long to cache JWTs, in milliseconds (ms) |
+| `null_token_cache_ttl_ms` | `30000` | How long to cache login failure (null JWTs), in milliseconds (ms) |
+| `token_cache_capacity` | `100` | Max token cache size |
+| `log_level` | `INFO` | Log4j Log Level |
+| `request_timeout_ms` | `30000` | Request Timeout |
+| `api_key_sources` | `PARAM,HEADER,PATH` | Defines the sources (order of precedence) of the API key. |
+
+### Env variables for TLS configuration for Http server
+
+To configure Transport Layer Security (TLS) for the HTTP server in an edge module, the following configuration parameters should be used.
+Parameters marked as Required are required only in case when TLS for the server should be enabled.
+
+| Property | Default | Description |
+|-----------------------------------------------------|------------------|---------------------------------------------------------------------------------------------|
+| `SPRING_SSL_BUNDLE_JKS_WEBSERVER_KEYSTORE_TYPE` | `NA` | (Required). Set the type of the keystore. Common types include `JKS`, `PKCS12`, and `BCFKS` |
+| `SPRING_SSL_BUNDLE_JKS_WEBSERVER_KEYSTORE_LOCATION` | `NA` | (Required). Set the location of the keystore file in the local file system |
+| `SPRING_SSL_BUNDLE_JKS_WEBSERVER_KEYSTORE_PASSWORD` | `NA` | (Required). Set the password for the keystore |
+| `SPRING_SSL_BUNDLE_JKS_WEBSERVER_KEY_ALIAS` | `NA` | Set the alias of the key within the keystore. |
+| `SPRING_SSL_BUNDLE_JKS_WEBSERVER_KEY_PASSWORD` | `NA` | Optional param that points to a password of `KEY_ALIAS` if it protected |
+
+### Env variables for TLS configuration for Web Client
+
+To configure Transport Layer Security (TLS) for Web clients in the edge module, you can use the following configuration parameters.
+Truststore parameters for configuring Web clients are optional even when `FOLIO_CLIENT_TLS_ENABLED = true`.
+If truststore parameters need to be populated, `FOLIO_CLIENT_TLS_TRUSTSTORETYPE`, `FOLIO_CLIENT_TLS_TRUSTSTOREPATH` and `FOLIO_CLIENT_TLS_TRUSTSTOREPASSWORD` are required.
+
+| Property | Default | Description |
+|-----------------------------------------|-------------------|----------------------------------------------------------------------------------|
+| `FOLIO_CLIENT_TLS_ENABLED` | `false` | Set whether SSL/TLS is enabled for Vertx Http Server |
+| `FOLIO_CLIENT_TLS_TRUSTSTORETYPE` | `NA` | Set the type of the keystore. Common types include `JKS`, `PKCS12`, and `BCFKS` |
+| `FOLIO_CLIENT_TLS_TRUSTSTOREPATH` | `NA` | Set the location of the keystore file in the local file system |
+| `FOLIO_CLIENT_TLS_TRUSTSTOREPASSWORD` | `NA` | Set the password for the keystore |
-.../ncip/yourapikeygoeshere
-.../ncip?apikey=yourapikeygoeshere
## Additional information
+There will be a single instance of okapi client per OkapiClientFactory and per tenant,
+which means that this client should never be closed or else there will be runtime errors.
+To enforce this behaviour, method close() has been removed from OkapiClient class.
+
+## Endpoints (you can use either)
+
+.../ncip/yourapikeygoeshere
+.../ncip?apikey=yourapikeygoeshere
+
### Issue tracker
See project [EDGNCIP](https://issues.folio.org/browse/EDGNCIP)
@@ -64,5 +115,4 @@ and the [Docker image](https://hub.docker.com/r/folioorg/edge-ncip/).
### Other documentation
Other [modules](https://dev.folio.org/source-code/#server-side) are described,
-with further FOLIO Developer documentation at [dev.folio.org](https://dev.folio.org/)
-
+with further FOLIO Developer documentation at [dev.folio.org](https://dev.folio.org/)
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index 0cd02d8..f02ebb1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -13,7 +13,7 @@
- 4.4.6
+ 4.5.7
UTF-8
UTF-8
17
@@ -66,7 +66,7 @@
org.folio
edge-common
- 4.5.1
+ 4.7.0
args4j
@@ -220,6 +220,14 @@
shade
+
+
+ *:*
+
+ **/Log4j2Plugins.dat
+
+
+
diff --git a/src/main/java/org/folio/edge/ncip/MainVerticle.java b/src/main/java/org/folio/edge/ncip/MainVerticle.java
index 3e59681..0458d2b 100644
--- a/src/main/java/org/folio/edge/ncip/MainVerticle.java
+++ b/src/main/java/org/folio/edge/ncip/MainVerticle.java
@@ -1,32 +1,17 @@
package org.folio.edge.ncip;
import org.folio.edge.core.EdgeVerticleHttp;
-import org.folio.edge.ncip.utils.NcipOkapiClientFactory;
import io.vertx.ext.web.Router;
import io.vertx.core.http.HttpMethod;
import io.vertx.ext.web.handler.BodyHandler;
-import static org.folio.edge.core.Constants.SYS_OKAPI_URL;
-import static org.folio.edge.core.Constants.SYS_REQUEST_TIMEOUT_MS;
-
+import org.folio.edge.core.utils.OkapiClientFactory;
+import org.folio.edge.core.utils.OkapiClientFactoryInitializer;
public class MainVerticle extends EdgeVerticleHttp {
- final private String okapiUrl = System.getProperty(SYS_OKAPI_URL);
- private int reqTimeoutMs;
-
-
- public MainVerticle() {
- super();
- if (System.getProperty(SYS_REQUEST_TIMEOUT_MS) != null) {
- reqTimeoutMs = Integer.parseInt(System.getProperty(SYS_REQUEST_TIMEOUT_MS));
- } else {
- reqTimeoutMs = 35000;
- }
- }
-
@Override
public Router defineRoutes() {
- NcipOkapiClientFactory ocf = new NcipOkapiClientFactory(vertx, okapiUrl, reqTimeoutMs);
+ OkapiClientFactory ocf = OkapiClientFactoryInitializer.createInstance(vertx, config());
NcipHandler ncipHandler = new NcipHandler(secureStore, ocf);
Router router = Router.router(vertx);
router.route().handler(BodyHandler.create());
diff --git a/src/main/java/org/folio/edge/ncip/NcipHandler.java b/src/main/java/org/folio/edge/ncip/NcipHandler.java
index a193431..77a5e6e 100644
--- a/src/main/java/org/folio/edge/ncip/NcipHandler.java
+++ b/src/main/java/org/folio/edge/ncip/NcipHandler.java
@@ -11,8 +11,8 @@
import org.apache.logging.log4j.Logger;
import org.folio.edge.core.Handler;
import org.folio.edge.core.security.SecureStore;
+import org.folio.edge.core.utils.OkapiClientFactory;
import org.folio.edge.ncip.utils.NcipOkapiClient;
-import org.folio.edge.ncip.utils.NcipOkapiClientFactory;
import org.folio.edge.core.utils.OkapiClient;
import com.fasterxml.jackson.core.JsonProcessingException;
@@ -30,7 +30,7 @@ public class NcipHandler extends Handler {
private static final Logger logger = LogManager.getLogger(NcipHandler.class);
- public NcipHandler(SecureStore secureStore, NcipOkapiClientFactory ocf) {
+ public NcipHandler(SecureStore secureStore, OkapiClientFactory ocf) {
super(secureStore, ocf);
}
diff --git a/src/main/java/org/folio/edge/ncip/utils/NcipOkapiClient.java b/src/main/java/org/folio/edge/ncip/utils/NcipOkapiClient.java
index f80dfec..98b7aca 100644
--- a/src/main/java/org/folio/edge/ncip/utils/NcipOkapiClient.java
+++ b/src/main/java/org/folio/edge/ncip/utils/NcipOkapiClient.java
@@ -5,7 +5,6 @@
import org.folio.edge.core.utils.OkapiClient;
import io.vertx.core.Handler;
import io.vertx.core.MultiMap;
-import io.vertx.core.Vertx;
@@ -13,10 +12,6 @@
public class NcipOkapiClient extends OkapiClient {
- protected NcipOkapiClient(Vertx vertx, String okapiURL, String tenant, int timeout) {
- super(vertx, okapiURL, tenant, timeout);
- }
-
public NcipOkapiClient(OkapiClient client) {
super(client);
}
diff --git a/src/main/java/org/folio/edge/ncip/utils/NcipOkapiClientFactory.java b/src/main/java/org/folio/edge/ncip/utils/NcipOkapiClientFactory.java
deleted file mode 100644
index cb5fa64..0000000
--- a/src/main/java/org/folio/edge/ncip/utils/NcipOkapiClientFactory.java
+++ /dev/null
@@ -1,16 +0,0 @@
-package org.folio.edge.ncip.utils;
-
-import org.folio.edge.core.utils.OkapiClientFactory;
-
-import io.vertx.core.Vertx;
-
-public class NcipOkapiClientFactory extends OkapiClientFactory {
-
- public NcipOkapiClientFactory(Vertx vertx, String okapiURL, int reqTimeoutMs) {
- super(vertx, okapiURL, reqTimeoutMs);
- }
-
- public NcipOkapiClient getNcipOkapiClient(String tenant) {
- return new NcipOkapiClient(vertx, okapiURL, tenant, reqTimeoutMs);
- }
- }
\ No newline at end of file