Merge branch 'develop' into develop-mpa-8170-Update-Implement-Tests-F…

…or-Org-Service

pom.xml

@@ -9,7 +9,7 @@
   </parent>
 
   <artifactId>scalecube-organization-parent</artifactId>
-  <version>2.1.3-SNAPSHOT</version>
+  <version>2.1.5-SNAPSHOT</version>
 
   <packaging>pom</packaging>
 
@@ -25,7 +25,7 @@
 
   <properties>
     <scalecube.config.version>0.3.9</scalecube.config.version>
-    <scalecube-services.version>2.5.4</scalecube-services.version>
+    <scalecube-services.version>2.5.9</scalecube-services.version>
     <scalecube-security-jwt.version>1.0.7</scalecube-security-jwt.version>
     <junit-jupiter.version>5.3.2</junit-jupiter.version>
     <jackson.version>2.9.8</jackson.version>

scalecube-organization-api/pom.xml

@@ -4,7 +4,7 @@
   <parent>
     <groupId>io.scalecube</groupId>
     <artifactId>scalecube-organization-parent</artifactId>
-    <version>2.1.3-SNAPSHOT</version>
+    <version>2.1.5-SNAPSHOT</version>
   </parent>
 
   <artifactId>scalecube-organization-api</artifactId>

scalecube-organization-api/src/main/java/io/scalecube/account/api/ApiKey.java

@@ -4,10 +4,15 @@
 
 public class ApiKey {
 
+  protected String keyId;
   protected String name;
   protected Map<String, String> claims;
   protected String key;
 
+  public String keyId() {
+    return this.keyId;
+  }
+
   public String name() {
     return this.name;
   }
@@ -31,6 +36,9 @@ public boolean equals(Object o) {
 
     ApiKey apiKey = (ApiKey) o;
 
+    if (keyId != null ? !keyId.equals(apiKey.keyId) : apiKey.keyId != null) {
+      return false;
+    }
     if (name != null ? !name.equals(apiKey.name) : apiKey.name != null) {
       return false;
     }
@@ -42,7 +50,8 @@ public boolean equals(Object o) {
 
   @Override
   public int hashCode() {
-    int result = name != null ? name.hashCode() : 0;
+    int result = keyId != null ? keyId.hashCode() : 0;
+    result = 31 * result + (name != null ? name.hashCode() : 0);
     result = 31 * result + (claims != null ? claims.hashCode() : 0);
     result = 31 * result + (key != null ? key.hashCode() : 0);
     return result;

scalecube-organization/pom.xml

@@ -4,7 +4,7 @@
   <parent>
     <groupId>io.scalecube</groupId>
     <artifactId>scalecube-organization-parent</artifactId>
-    <version>2.1.3-SNAPSHOT</version>
+    <version>2.1.5-SNAPSHOT</version>
   </parent>
 
   <artifactId>scalecube-organization</artifactId>

scalecube-organization/src/main/java/io/scalecube/organization/OrganizationServiceImpl.java

@@ -84,8 +84,6 @@ public Mono<CreateOrganizationResponse> createOrganization(CreateOrganizationReq
                 CreateOrganization.builder()
                     .tokenVerifier(tokenVerifier)
                     .repository(repository)
-                    .keyPairGenerator(keyPairGenerator)
-                    .keyStore(keyStore)
                     .build()
                     .execute(request);
 
@@ -134,6 +132,7 @@ public Mono<DeleteOrganizationResponse> deleteOrganization(DeleteOrganizationReq
                 DeleteOrganization.builder()
                     .tokenVerifier(tokenVerifier)
                     .repository(repository)
+                    .keyStore(keyStore)
                     .build()
                     .execute(request);
             logger.debug("deleteOrganization: exit, request: {}, response: {}", request, response);
@@ -266,6 +265,7 @@ public Mono<GetOrganizationResponse> addOrganizationApiKey(AddOrganizationApiKey
                 AddOrganizationApiKey.builder()
                     .tokenVerifier(tokenVerifier)
                     .repository(repository)
+                    .keyPairGenerator(keyPairGenerator)
                     .keyStore(keyStore)
                     .build()
                     .execute(request);
@@ -291,6 +291,7 @@ public Mono<GetOrganizationResponse> deleteOrganizationApiKey(
                 DeleteOrganizationApiKey.builder()
                     .tokenVerifier(tokenVerifier)
                     .repository(repository)
+                    .keyStore(keyStore)
                     .build()
                     .execute(request);
             logger.debug(

scalecube-organization/src/main/java/io/scalecube/organization/domain/Organization.java

@@ -15,7 +15,6 @@ public class Organization extends Entity {
 
   private String name;
   private String email;
-  private String keyId;
   private Set<OrganizationMember> members = new HashSet<>();
   private Set<ApiKey> apiKeys = new HashSet<>();
 
@@ -27,14 +26,12 @@ public class Organization extends Entity {
    * @param id organization id.
    * @param name organization name.
    * @param email organization email.
-   * @param keyId organization key id.
    * @param creatorUserId user id of organization creator.
    */
-  public Organization(String id, String name, String email, String keyId, String creatorUserId) {
+  public Organization(String id, String name, String email, String creatorUserId) {
     this.id = requireNonNull(id, "organization id cannot be null");
     this.name = requireNonNull(name, "organization name cannot be null");
     this.email = requireNonNull(email, "organization email cannot be null");
-    this.keyId = requireNonNull(keyId, "organization keyId cannot be null");
 
     addMember(
         new OrganizationMember(
@@ -50,10 +47,6 @@ public String email() {
     return email;
   }
 
-  public String keyId() {
-    return keyId;
-  }
-
   public Set<OrganizationMember> members() {
     return Collections.unmodifiableSet(members);
   }
@@ -101,7 +94,6 @@ public String toString() {
         .add("id='" + id + "'")
         .add("name='" + name + "'")
         .add("email='" + email + "'")
-        .add("keyId='" + keyId + "'")
         .add("members=" + members)
         .toString();
   }

scalecube-organization/src/main/java/io/scalecube/organization/operation/AddOrganizationApiKey.java

@@ -12,15 +12,20 @@
 import io.scalecube.organization.tokens.TokenVerifier;
 import io.scalecube.organization.tokens.store.ApiKeyBuilder;
 import io.scalecube.organization.tokens.store.KeyStore;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
 import java.util.EnumSet;
+import java.util.UUID;
 
 public class AddOrganizationApiKey
     extends ServiceOperation<AddOrganizationApiKeyRequest, GetOrganizationResponse> {
 
+  private final KeyPairGenerator keyPairGenerator;
   private final KeyStore keyStore;
 
   private AddOrganizationApiKey(Builder builder) {
     super(builder.tokenVerifier, builder.repository);
+    this.keyPairGenerator = builder.keyPairGenerator;
     this.keyStore = builder.keyStore;
   }
 
@@ -47,16 +52,15 @@ protected GetOrganizationResponse process(
           throw new AccessPermissionException(
               String.format(
                   "user: '%s', name: '%s', role: '%s' cannot add api key with higher role '%s'",
-                  context.profile().userId(),
-                  context.profile().name(),
-                  callerRole,
-                  targetRole));
+                  context.profile().userId(), context.profile().name(), callerRole, targetRole));
         }
       }
     }
 
-    ApiKey apiKey = ApiKeyBuilder.build(keyStore, organization, request);
+    String keyId = UUID.randomUUID().toString();
 
+    KeyPair keyPair = generateKeyPair(keyId);
+    ApiKey apiKey = ApiKeyBuilder.build(keyPair.getPrivate(), organization.id(), keyId, request);
     organization.addApiKey(apiKey);
 
     context.repository().save(organization.id(), organization);
@@ -81,6 +85,12 @@ protected void validate(AddOrganizationApiKeyRequest request, OperationServiceCo
     }
   }
 
+  private KeyPair generateKeyPair(String keyId) {
+    KeyPair keyPair = keyPairGenerator.generateKeyPair();
+    keyStore.store(keyId, keyPair);
+    return keyPair;
+  }
+
   @Override
   protected Token getToken(AddOrganizationApiKeyRequest request) {
     return request.token();
@@ -93,6 +103,7 @@ public static Builder builder() {
   public static class Builder {
     private TokenVerifier tokenVerifier;
     private OrganizationsRepository repository;
+    private KeyPairGenerator keyPairGenerator;
     private KeyStore keyStore;
 
     public Builder tokenVerifier(TokenVerifier tokenVerifier) {
@@ -105,6 +116,11 @@ public Builder repository(OrganizationsRepository repository) {
       return this;
     }
 
+    public Builder keyPairGenerator(KeyPairGenerator keyPairGenerator) {
+      this.keyPairGenerator = keyPairGenerator;
+      return this;
+    }
+
     public Builder keyStore(KeyStore keyStore) {
       this.keyStore = keyStore;
       return this;

scalecube-organization/src/main/java/io/scalecube/organization/operation/CreateOrganization.java

@@ -9,21 +9,12 @@
 import io.scalecube.organization.repository.OrganizationsRepository;
 import io.scalecube.organization.tokens.IdGenerator;
 import io.scalecube.organization.tokens.TokenVerifier;
-import io.scalecube.organization.tokens.store.KeyStore;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.util.UUID;
 
 public final class CreateOrganization
     extends OrganizationInfoOperation<CreateOrganizationRequest, CreateOrganizationResponse> {
 
-  private final KeyPairGenerator keyPairGenerator;
-  private final KeyStore keyStore;
-
   private CreateOrganization(Builder builder) {
     super(builder.tokenVerifier, builder.repository);
-    this.keyPairGenerator = builder.keyPairGenerator;
-    this.keyStore = builder.keyStore;
   }
 
   public static Builder builder() {
@@ -40,14 +31,6 @@ protected CreateOrganizationResponse process(
 
     Organization organization = createOrganization(request, context, id);
 
-    try {
-      generateOrganizationKeyPair(organization);
-    } catch (Exception ex) {
-      // failed to persist organization secret rollback
-      context.repository().deleteById(organization.id());
-      throw ex;
-    }
-
     return new CreateOrganizationResponse(
         OrganizationInfo.builder()
             .id(organization.id())
@@ -63,17 +46,11 @@ private Organization createOrganization(
             id,
             request.name(),
             request.email(),
-            UUID.randomUUID().toString(),
             context.profile().userId());
 
     return context.repository().save(organization.id(), organization);
   }
 
-  private void generateOrganizationKeyPair(Organization organization) {
-    KeyPair keyPair = keyPairGenerator.generateKeyPair();
-    keyStore.store(organization.keyId(), keyPair);
-  }
-
   @Override
   protected Token getToken(CreateOrganizationRequest request) {
     return request.token();
@@ -82,8 +59,6 @@ protected Token getToken(CreateOrganizationRequest request) {
   public static class Builder {
     private TokenVerifier tokenVerifier;
     private OrganizationsRepository repository;
-    private KeyPairGenerator keyPairGenerator;
-    private KeyStore keyStore;
 
     public Builder tokenVerifier(TokenVerifier tokenVerifier) {
       this.tokenVerifier = tokenVerifier;
@@ -95,16 +70,6 @@ public Builder repository(OrganizationsRepository repository) {
       return this;
     }
 
-    public Builder keyPairGenerator(KeyPairGenerator keyPairGenerator) {
-      this.keyPairGenerator = keyPairGenerator;
-      return this;
-    }
-
-    public Builder keyStore(KeyStore keyStore) {
-      this.keyStore = keyStore;
-      return this;
-    }
-
     public CreateOrganization build() {
       return new CreateOrganization(this);
     }

scalecube-organization/src/main/java/io/scalecube/organization/operation/DeleteOrganization.java

@@ -6,12 +6,16 @@
 import io.scalecube.organization.domain.Organization;
 import io.scalecube.organization.repository.OrganizationsRepository;
 import io.scalecube.organization.tokens.TokenVerifier;
+import io.scalecube.organization.tokens.store.KeyStore;
 
 public class DeleteOrganization
     extends ServiceOperation<DeleteOrganizationRequest, DeleteOrganizationResponse> {
+  private final KeyStore keyStore;
 
-  private DeleteOrganization(TokenVerifier tokenVerifier, OrganizationsRepository repository) {
+  private DeleteOrganization(
+      TokenVerifier tokenVerifier, OrganizationsRepository repository, KeyStore keyStore) {
     super(tokenVerifier, repository);
+    this.keyStore = keyStore;
   }
 
   @Override
@@ -20,6 +24,10 @@ protected DeleteOrganizationResponse process(
     Organization organization = getOrganization(request.organizationId());
     checkOwnerAccess(organization, context.profile());
     context.repository().deleteById(organization.id());
+    organization.apiKeys().stream()
+        .map(apiKey -> apiKey.keyId())
+        .filter(keyId -> keyId != null && !keyId.isEmpty())
+        .forEach(keyId -> keyStore.delete(keyId));
     return new DeleteOrganizationResponse(organization.id(), true);
   }
 
@@ -42,6 +50,7 @@ public static Builder builder() {
   public static class Builder {
     private TokenVerifier tokenVerifier;
     private OrganizationsRepository repository;
+    private KeyStore keyStore;
 
     public Builder tokenVerifier(TokenVerifier tokenVerifier) {
       this.tokenVerifier = tokenVerifier;
@@ -54,7 +63,12 @@ public Builder repository(OrganizationsRepository repository) {
     }
 
     public DeleteOrganization build() {
-      return new DeleteOrganization(tokenVerifier, repository);
+      return new DeleteOrganization(tokenVerifier, repository, keyStore);
+    }
+
+    public Builder keyStore(KeyStore keyStore) {
+      this.keyStore = keyStore;
+      return this;
     }
   }
 }