Feature/as 3018 implement security for rest api (#5)

* AS-3018: Remove extra L from the word enrollment.

* AS-3018: Fix column update_date.

* AS-3018: Call SpringBootServletInitializer's onStartup.

* AS-3018: Override DatabaseCheckHealthValidator so that it works with Postgres.

* AS-3018: Add AadOAuth2ResourceServerSecurityConfig.

* AS-3018: Modify AadOAuth2ResourceServerSecurityConfig.

* AS-3018: Disable security for /checkHealth endpoint.

* AS-3018: Disable logging for CheckHealthEndpointImpl to avoid exception.

* AS-3018: Disable CSRF.

* AS-3018: Fix 401 issue.

* AS-3018: Fix 401 issue.

* AS-3018: Redefine CodeService because of WebADE dependency.

* AS-3018: Redefine BaseEndpointsImpl because of WebADE dependency.

* AS-3018: Redefine CodeTableEndpointsImpl because of WebADE dependency.

* AS-3018: Redefine CodeTableListEndpointsImpl because of WebADE dependency.

* AS-3018: Redefine configs.

* AS-3018: Fix the issue with "invalid_token".

Author: hwang-vividsolutions

.github/workflows/build-package.yml

@@ -56,7 +56,7 @@ jobs:
           export NODE_OPTIONS="--max-old-space-size=4096"
           export RELEASE_URL=${{ vars.RELEASE_URL }}
           export SNAPSHOT_URL=${{ vars.SNAPSHOT_URL }}
-          mvn --settings=settings.xml --batch-mode --update-snapshots -f ${{ inputs.MICROSERVICE_NAME }}/pom.xml -Drepo.login=${{ secrets.IDIR_AS_EMAIL }} -Drepo.password=${{ secrets.IDIR_PASSWORD }}  -DopenshiftRepo.login=${{ secrets.OPENSHIFT_ACCOUNT }} -DopenshiftRepo.password=${{ secrets.OPENSHIFT_PASSWORD }} deploy
+          mvn --settings=settings.xml --batch-mode --update-snapshots -f ${{ inputs.MICROSERVICE_NAME }}/pom.xml -Drepo.login=${{ secrets.IDIR_AS_EMAIL }} -Drepo.password=${{ secrets.IDIR_PASSWORD }}  -DopenshiftRepo.login=${{ secrets.OPENSHIFT_ACCOUNT }} -DopenshiftRepo.password=${{ secrets.OPENSHIFT_PASSWORD }} -Dtenant.id=${{ secrets.TENANT_ID }} -Dclient.id=${{ secrets.CLIENT_ID }} deploy
 
       - name: Cache local Maven repository
         uses: actions/cache@v4

farms-api/deploy-tools/log4j2.xml

@@ -18,8 +18,12 @@
     </Console>
   </Appenders>
   <Loggers>
+    <Logger name="ca.bc.gov.nrs.wfone.common.rest.endpoints" level="WARN" additivity="false">
+      <AppenderRef ref="file" />
+      <AppenderRef ref="Console" />
+    </Logger>
     <Root level="${env:LOG_LEVEL}">
-      <AppenderRef ref="file"/>
+      <AppenderRef ref="file" />
       <AppenderRef ref="Console" />
     </Root>
   </Loggers>

farms-api/farms-api-rest-endpoints/pom.xml

@@ -49,6 +49,24 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-jdbc</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter</artifactId>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.springframework.boot</groupId>
+                    <artifactId>spring-boot-starter-logging</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-log4j2</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.postgresql</groupId>
             <artifactId>postgresql</artifactId>

farms-api/farms-api-rest-endpoints/src/main/java/ca/bc/gov/farms/api/ServletInitializer.java

@@ -10,57 +10,51 @@
 import org.slf4j.LoggerFactory;
 import org.springframework.boot.builder.SpringApplicationBuilder;
 import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
-import org.springframework.web.context.ContextLoaderListener;
-import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
-
 import ca.bc.gov.farms.api.rest.v1.jersey.JerseyApplication;
 import ca.bc.gov.farms.api.rest.v1.spring.CorsFilter;
-import ca.bc.gov.farms.api.rest.v1.spring.EndpointsSpringConfig;
 import ca.bc.gov.nrs.wfone.common.rest.endpoints.filters.RequestMetricsFilter;
 import ca.bc.gov.nrs.wfone.common.rest.endpoints.filters.VersionForwardingFilter;
 
 public class ServletInitializer extends SpringBootServletInitializer {
 
-	private static final Logger logger = LoggerFactory.getLogger(ServletInitializer.class);
-	private static final String PAR_NAME_CTX_CONFIG_LOCATION = "contextConfigLocation";
+    private static final Logger logger = LoggerFactory.getLogger(ServletInitializer.class);
+    private static final String PAR_NAME_CTX_CONFIG_LOCATION = "contextConfigLocation";
 
-	@Override
-	protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
-		return application.sources(FarmApiRestEndpointsApplication.class);
-	}
+    @Override
+    protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
+        return application.sources(FarmApiRestEndpointsApplication.class);
+    }
 
-	@Override
-	public void onStartup(ServletContext servletContext) throws ServletException {
-		logger.info("<onStartup");
+    @Override
+    public void onStartup(ServletContext servletContext) throws ServletException {
+        logger.info("<onStartup");
 
-		// Disable Jersey Spring Context Loader
-		servletContext.setInitParameter(PAR_NAME_CTX_CONFIG_LOCATION, "java configuration");
+        // Disable Jersey Spring Context Loader
+        servletContext.setInitParameter(PAR_NAME_CTX_CONFIG_LOCATION, "java configuration");
 
-		ServletRegistration.Dynamic restServlet = servletContext.addServlet("Rest Servlet", ServletContainer.class);
-		restServlet.setInitParameter("javax.ws.rs.Application", JerseyApplication.class.getName());
-		restServlet.setLoadOnStartup(1);
+        ServletRegistration.Dynamic restServlet = servletContext.addServlet("Rest Servlet", ServletContainer.class);
+        restServlet.setInitParameter("javax.ws.rs.Application", JerseyApplication.class.getName());
+        restServlet.setLoadOnStartup(1);
 
-		restServlet.addMapping("/*");
+        restServlet.addMapping("/*");
 
-		FilterRegistration.Dynamic requestMetricsFilter = servletContext.addFilter("Request Metrics Filter",
-				RequestMetricsFilter.class);
-		requestMetricsFilter.setInitParameter("id_source", "FARMSAPI");
-		requestMetricsFilter.addMappingForUrlPatterns(null, false, "/*");
+        FilterRegistration.Dynamic requestMetricsFilter = servletContext.addFilter("Request Metrics Filter",
+                RequestMetricsFilter.class);
+        requestMetricsFilter.setInitParameter("id_source", "FARMSAPI");
+        requestMetricsFilter.addMappingForUrlPatterns(null, false, "/*");
 
-		FilterRegistration.Dynamic versionForwardingFilter = servletContext.addFilter("Version Forwarding Filter",
-				VersionForwardingFilter.class);
-		versionForwardingFilter.setInitParameter(VersionForwardingFilter.RESPONSE_VERSION_PARAM, "1");
-		versionForwardingFilter.setInitParameter(VersionForwardingFilter.DEFAULT_REQUEST_VERSION_PARAM, "1");
-		versionForwardingFilter.addMappingForUrlPatterns(null, false, "/*");
+        FilterRegistration.Dynamic versionForwardingFilter = servletContext.addFilter("Version Forwarding Filter",
+                VersionForwardingFilter.class);
+        versionForwardingFilter.setInitParameter(VersionForwardingFilter.RESPONSE_VERSION_PARAM, "1");
+        versionForwardingFilter.setInitParameter(VersionForwardingFilter.DEFAULT_REQUEST_VERSION_PARAM, "1");
+        versionForwardingFilter.addMappingForUrlPatterns(null, false, "/*");
 
-		FilterRegistration.Dynamic corsFilter = servletContext.addFilter("CORS Filter", CorsFilter.class);
-		corsFilter.addMappingForUrlPatterns(null, false, "/*");
+        FilterRegistration.Dynamic corsFilter = servletContext.addFilter("CORS Filter", CorsFilter.class);
+        corsFilter.addMappingForUrlPatterns(null, false, "/*");
 
-		AnnotationConfigWebApplicationContext rootAppContext = new AnnotationConfigWebApplicationContext();
-		rootAppContext.register(EndpointsSpringConfig.class);
-		servletContext.addListener(new ContextLoaderListener(rootAppContext));
+        super.onStartup(servletContext);
 
-		logger.info(">onStartup");
+        logger.info(">onStartup");
 
-	}
+    }
 }