Merge pull request #27 from pagopa/SLS-26

[SLS-26] Implemented provider for idp certifications

core/src/main/java/it/pagopa/tech/lollipop/consumer/idp/IdpCertProvider.java

@@ -1,7 +1,13 @@
 /* (C)2023 */
 package it.pagopa.tech.lollipop.consumer.idp;
 
+import it.pagopa.tech.lollipop.consumer.exception.CertDataNotFoundException;
+import it.pagopa.tech.lollipop.consumer.exception.CertDataTagListNotFoundException;
+import it.pagopa.tech.lollipop.consumer.model.IdpCertData;
+import java.util.List;
+
 public interface IdpCertProvider {
 
-    boolean getIdpCertData(String assertionInstant, String entityId);
+    List<IdpCertData> getIdpCertData(String assertionInstant, String entityId)
+            throws CertDataTagListNotFoundException, CertDataNotFoundException;
 }

core/src/main/java/it/pagopa/tech/lollipop/consumer/idp/impl/IdpCertProviderFactoryImpl.java

@@ -0,0 +1,31 @@
+/* (C)2023 */
+package it.pagopa.tech.lollipop.consumer.idp.impl;
+
+import it.pagopa.tech.lollipop.consumer.idp.IdpCertProvider;
+import it.pagopa.tech.lollipop.consumer.idp.IdpCertProviderFactory;
+import it.pagopa.tech.lollipop.consumer.idp.client.IdpCertClientProvider;
+import javax.inject.Inject;
+
+/**
+ * Implementation of {@link IdpCertProviderFactory}, used to create instances of {@link
+ * IdpCertProviderImpl}
+ */
+public class IdpCertProviderFactoryImpl implements IdpCertProviderFactory {
+
+    private final IdpCertClientProvider idpCertClientProvider;
+
+    @Inject
+    public IdpCertProviderFactoryImpl(IdpCertClientProvider idpCertClientProvider) {
+        this.idpCertClientProvider = idpCertClientProvider;
+    }
+
+    /**
+     * Factory for creating an instance of {@link IdpCertProvider}
+     *
+     * @return an instance of {@link IdpCertProviderImpl}
+     */
+    @Override
+    public IdpCertProvider create() {
+        return new IdpCertProviderImpl(idpCertClientProvider.provideClient());
+    }
+}

core/src/main/java/it/pagopa/tech/lollipop/consumer/idp/impl/IdpCertProviderImpl.java

@@ -0,0 +1,56 @@
+/* (C)2023 */
+package it.pagopa.tech.lollipop.consumer.idp.impl;
+
+import it.pagopa.tech.lollipop.consumer.exception.CertDataNotFoundException;
+import it.pagopa.tech.lollipop.consumer.exception.CertDataTagListNotFoundException;
+import it.pagopa.tech.lollipop.consumer.idp.IdpCertProvider;
+import it.pagopa.tech.lollipop.consumer.idp.client.IdpCertClient;
+import it.pagopa.tech.lollipop.consumer.idp.storage.IdpCertStorageConfig;
+import it.pagopa.tech.lollipop.consumer.model.IdpCertData;
+import java.util.List;
+import javax.inject.Inject;
+
+public class IdpCertProviderImpl implements IdpCertProvider {
+
+    private IdpCertClient idpCertClient;
+
+    @Inject
+    public IdpCertProviderImpl(IdpCertClient idpCertClient) {
+        this.idpCertClient = idpCertClient;
+    }
+
+    /**
+     * {@inheritDoc}
+     *
+     * <p>Retrieve the certification data of the given entityId issued in the same timeframe as the
+     * issue instant of the SAML assertion, first looking in the storage if enabled ({@link
+     * IdpCertStorageConfig}) and then, if not found, through the client {@link IdpCertClient}. If
+     * the storage is enabled ({@link IdpCertStorageConfig}) the IdpCertData will be stored, after
+     * being retrieved by the client.
+     *
+     * @param entityId Identity Provider ID
+     * @param assertionInstant Assertion Issue Instant
+     * @return the certifications issued before and after the timestamp instant
+     * @throws CertDataTagListNotFoundException if an error occurred retrieving the list of tags or
+     *     filtering the tags with the instant
+     * @throws CertDataNotFoundException if an error occurred retrieving the certification XML or if
+     *     data for the given entityId were not found
+     */
+    @Override
+    public List<IdpCertData> getIdpCertData(String assertionInstant, String entityId)
+            throws CertDataTagListNotFoundException, CertDataNotFoundException {
+        if (assertionInstant == null
+                || assertionInstant.isBlank()
+                || entityId == null
+                || entityId.isBlank()) {
+            String errMsg =
+                    String.format(
+                            "Cannot retrieve the identity provider cert data, assertion instant"
+                                    + " [%s] or entity id [%s] missing",
+                            assertionInstant, entityId);
+            throw new IllegalArgumentException(errMsg);
+        }
+
+        return idpCertClient.getCertData(assertionInstant, entityId);
+    }
+}

core/src/main/java/it/pagopa/tech/lollipop/consumer/idp/storage/IdpCertStorage.java

@@ -2,15 +2,26 @@
 package it.pagopa.tech.lollipop.consumer.idp.storage;
 
 import it.pagopa.tech.lollipop.consumer.model.IdpCertData;
-import java.util.List;
 
+/**
+ * Interface of the storage used for storing the identity provider certification data retrieved for
+ * validation
+ */
 public interface IdpCertStorage {
 
-    List<String> getTagList();
-
-    void saveTagList(List<String> tagList);
-
+    /**
+     * Retrieve the idp cert data associated with the provided tag
+     *
+     * @param tag
+     * @return the list of idpCertData found
+     */
     IdpCertData getIdpCertData(String tag);
 
-    void saveIdpCertData(String tag);
+    /**
+     * Store the provided idpCertData
+     *
+     * @param tag the idpCertData issue instance
+     * @param idpCertData
+     */
+    void saveIdpCertData(String tag, IdpCertData idpCertData);
 }

core/src/main/java/it/pagopa/tech/lollipop/consumer/idp/storage/IdpCertStorageConfig.java

@@ -0,0 +1,14 @@
+/* (C)2023 */
+package it.pagopa.tech.lollipop.consumer.idp.storage;
+
+import java.util.concurrent.TimeUnit;
+import lombok.Data;
+
+/** Configuration class for the idpCertData storage */
+@Data
+public class IdpCertStorageConfig {
+
+    private boolean idpCertDataStorageEnabled = true;
+    private long storageEvictionDelay = 1L;
+    private TimeUnit storageEvictionDelayTimeUnit = TimeUnit.MINUTES;
+}

core/src/main/java/it/pagopa/tech/lollipop/consumer/idp/storage/IdpCertStorageProvider.java

@@ -1,7 +1,11 @@
 /* (C)2023 */
 package it.pagopa.tech.lollipop.consumer.idp.storage;
 
+/** Interface for the provider used to create instances of {@link IdpCertStorage} */
 public interface IdpCertStorageProvider {
 
-    IdpCertStorage provideStorage();
+    /**
+     * @return instance of {@link IdpCertStorage}
+     */
+    IdpCertStorage provideStorage(IdpCertStorageConfig storageConfig);
 }

core/src/main/java/it/pagopa/tech/lollipop/consumer/model/IdpCertData.java

@@ -1,6 +1,7 @@
 /* (C)2023 */
 package it.pagopa.tech.lollipop.consumer.model;
 
+import java.util.List;
 import lombok.Getter;
 import lombok.Setter;
 
@@ -10,5 +11,5 @@ public class IdpCertData {
 
     private String entityId;
     private String tag;
-    private String certData;
+    private List<String> certData;
 }

gradle/verification-metadata.xml

@@ -245,14 +245,6 @@
             <sha256 value="649d6a2770182c6361ed8e2d6ea546e5f7123ef7a62fe7fad135d43184156d8f" origin="Generated by Gradle"/>
          </artifact>
       </component>
-      <component group="com.fasterxml.jackson.core" name="jackson-annotations" version="2.13.4">
-         <artifact name="jackson-annotations-2.13.4.jar">
-            <sha256 value="ac5b27a634942391ca113850ee7db01df1499a240174021263501c05fc653b44" origin="Generated by Gradle"/>
-         </artifact>
-         <artifact name="jackson-annotations-2.13.4.module">
-            <sha256 value="649d6a2770182c6361ed8e2d6ea546e5f7123ef7a62fe7fad135d43184156d8f" origin="Generated by Gradle"/>
-         </artifact>
-      </component>
       <component group="com.fasterxml.jackson.core" name="jackson-annotations" version="2.14.0">
          <artifact name="jackson-annotations-2.14.0.jar">
             <sha256 value="efaff8693acbae673468d251b5e5ea8fc7ce1b852327bccf1cce72244c2e5f1c" origin="Generated by Gradle"/>
@@ -345,14 +337,6 @@
             <sha256 value="48af5ff4cb7e93b8822ddce85ab1313c7f014d5b14c457c8e7ef08d684c28218" origin="Generated by Gradle"/>
          </artifact>
       </component>
-      <component group="com.fasterxml.jackson.core" name="jackson-databind" version="2.13.4.1">
-         <artifact name="jackson-databind-2.13.4.1.jar">
-            <sha256 value="18743ec8bf2a80b8ed2c2b269748d2417ea45e644e2ec8b18a2e32df0a0508ad" origin="Generated by Gradle"/>
-         </artifact>
-         <artifact name="jackson-databind-2.13.4.1.module">
-            <sha256 value="48af5ff4cb7e93b8822ddce85ab1313c7f014d5b14c457c8e7ef08d684c28218" origin="Generated by Gradle"/>
-         </artifact>
-      </component>
       <component group="com.fasterxml.jackson.core" name="jackson-databind" version="2.14.0">
          <artifact name="jackson-databind-2.14.0.jar">
             <sha256 value="54377fa855f52ed87e8f689b35249971840b16870dee76806d5d200cbcd66f27" origin="Generated by Gradle"/>
@@ -377,9 +361,9 @@
             <sha256 value="6130ca9b95707ccd4f80f6258569990a7ce40039aa353c4635c900d36beec705" origin="Generated by Gradle"/>
          </artifact>
          <artifact name="jackson-databind-2.14.2.pom">
+            <md5 value="ca113496ea6c06794462ffaa6fbb2017" origin="Generated by Gradle"/>
             <sha1 value="a16354be031c98c5eee8862e9974bb4f49be1f13" origin="Generated by Gradle"/>
             <sha256 value="22808ebb4b75d8c4037d9cee1208adc65bc782a9885732234a31b7b574c5d90c" origin="Generated by Gradle"/>
-            <md5 value="ca113496ea6c06794462ffaa6fbb2017" origin="Generated by Gradle"/>
          </artifact>
       </component>
       <component group="com.fasterxml.jackson.dataformat" name="jackson-dataformat-xml" version="2.13.0">

identity-service-rest-client-native/src/main/java/it/pagopa/tech/lollipop/consumer/idp/client/simple/IdpCertSimpleClient.java

@@ -9,6 +9,8 @@
 import it.pagopa.tech.lollipop.consumer.idp.client.simple.internal.model.CertData;
 import it.pagopa.tech.lollipop.consumer.idp.client.simple.internal.model.EntitiesDescriptor;
 import it.pagopa.tech.lollipop.consumer.idp.client.simple.internal.model.EntityDescriptor;
+import it.pagopa.tech.lollipop.consumer.idp.storage.IdpCertStorage;
+import it.pagopa.tech.lollipop.consumer.idp.storage.IdpCertStorageConfig;
 import it.pagopa.tech.lollipop.consumer.model.IdpCertData;
 import java.util.ArrayList;
 import java.util.Collections;
@@ -20,16 +22,22 @@ public class IdpCertSimpleClient implements IdpCertClient {
     private final DefaultApi defaultApi;
 
     private final IdpCertSimpleClientConfig entityConfig;
+    private IdpCertStorage storage;
 
     @Inject
-    public IdpCertSimpleClient(ApiClient client, IdpCertSimpleClientConfig entityConfig) {
+    public IdpCertSimpleClient(
+            ApiClient client, IdpCertSimpleClientConfig entityConfig, IdpCertStorage storage) {
         this.defaultApi = new DefaultApi(client);
         this.entityConfig = entityConfig;
+        this.storage = storage;
     }
 
     /**
      * Retrieve the certification data of the given entityId issued in the same timeframe as the
-     * issue instant of the SAML assertion
+     * issue instant of the SAML assertion, first looking in the storage if enabled ({@link
+     * IdpCertStorageConfig}) and then, if not found, through the client {@link IdpCertClient}. If
+     * the storage is enabled ({@link IdpCertStorageConfig}) the IdpCertData will be stored, after
+     * being retrieved by the client.
      *
      * @param entityId Identity Provider ID
      * @param instant Assertion Issue Instant
@@ -61,7 +69,14 @@ public List<IdpCertData> getCertData(String entityId, String instant)
 
             for (String tag : tagList) {
                 try {
-                    IdpCertData certData = getCIECertData(tag, entityId);
+                    String storageTag = codifyStorageTag(tag, entityId);
+                    IdpCertData certData = storage.getIdpCertData(storageTag);
+
+                    if (certData == null) {
+                        certData = getCIECertData(tag, entityId);
+                    } else {
+                        storage.saveIdpCertData(storageTag, certData);
+                    }
 
                     listCertData.add(certData);
                 } catch (ApiException | EntityIdNotFoundException e) {
@@ -85,8 +100,14 @@ public List<IdpCertData> getCertData(String entityId, String instant)
 
             for (String tag : tagList) {
                 try {
-                    IdpCertData certData = getSPIDCertData(tag, entityId);
+                    String storageTag = codifyStorageTag(tag, entityId);
+                    IdpCertData certData = storage.getIdpCertData(codifyStorageTag(tag, entityId));
 
+                    if (certData == null) {
+                        certData = getSPIDCertData(tag, entityId);
+                    } else {
+                        storage.saveIdpCertData(storageTag, certData);
+                    }
                     listCertData.add(certData);
                 } catch (ApiException | EntityIdNotFoundException e) {
                     throw new CertDataNotFoundException(
@@ -147,7 +168,7 @@ private IdpCertData getEntityData(EntitiesDescriptor data, String tag, String en
             if (entity.getEntityID().equals(entityId)) {
                 newData.setEntityId(entityId);
                 newData.setTag(tag);
-                newData.setCertData(entity.getSignature());
+                newData.setCertData(entity.getSignatureList());
 
                 return newData;
             }
@@ -211,4 +232,8 @@ private List<String> getTagsFromInstant(List<String> tagList, String instant)
 
         return newTagList;
     }
+
+    private String codifyStorageTag(String tag, String entityId) {
+        return tag + entityId;
+    }
 }

identity-service-rest-client-native/src/main/java/it/pagopa/tech/lollipop/consumer/idp/client/simple/IdpCertSimpleClientProvider.java

@@ -4,6 +4,8 @@
 import it.pagopa.tech.lollipop.consumer.idp.client.IdpCertClient;
 import it.pagopa.tech.lollipop.consumer.idp.client.IdpCertClientProvider;
 import it.pagopa.tech.lollipop.consumer.idp.client.simple.internal.ApiClient;
+import it.pagopa.tech.lollipop.consumer.idp.client.simple.storage.SimpleIdpCertStorageProvider;
+import it.pagopa.tech.lollipop.consumer.idp.storage.IdpCertStorageConfig;
 import javax.inject.Inject;
 
 /** Provider class for retrieving an instance of {@link IdpCertSimpleClient} */
@@ -22,6 +24,10 @@ public IdpCertSimpleClientProvider(IdpCertSimpleClientConfig config) {
      */
     @Override
     public IdpCertClient provideClient() {
-        return new IdpCertSimpleClient(new ApiClient(this.idpClientConfig), this.idpClientConfig);
+        SimpleIdpCertStorageProvider storageProvider = new SimpleIdpCertStorageProvider();
+        return new IdpCertSimpleClient(
+                new ApiClient(this.idpClientConfig),
+                this.idpClientConfig,
+                storageProvider.provideStorage(new IdpCertStorageConfig()));
     }
 }