Merge branch 'develop' into feature/non-null-licensekey

# Conflicts:
#	backend/src/main/java/org/cryptomator/hub/api/AuditLogResource.java
#	backend/src/main/java/org/cryptomator/hub/license/LicenseHolder.java
#	backend/src/test/java/org/cryptomator/hub/license/LicenseHolderTest.java

Author: overheadhunter

backend/src/main/java/org/cryptomator/hub/api/AuditLogResource.java

@@ -44,6 +44,10 @@
 @Path("/auditlog")
 public class AuditLogResource {
 
+	private static final Set<String> EVENT_TYPES = Set.of(DeviceRegisteredEvent.TYPE, DeviceRemovedEvent.TYPE, UserAccountResetEvent.TYPE, UserKeysChangeEvent.TYPE, UserSetupCodeChangeEvent.TYPE,
+			SettingWotUpdateEvent.TYPE, SignedWotIdEvent.TYPE, VaultCreatedEvent.TYPE, VaultUpdatedEvent.TYPE, VaultAccessGrantedEvent.TYPE,
+			VaultKeyRetrievedEvent.TYPE, VaultMemberAddedEvent.TYPE, VaultMemberRemovedEvent.TYPE, VaultMemberUpdatedEvent.TYPE, VaultOwnershipClaimedEvent.TYPE);
+
 	@Inject
 	AuditEvent.Repository auditEventRepo;
 	@Inject
@@ -81,17 +85,16 @@ public List<AuditEventDto> getAllEvents(@QueryParam("startDate") Instant startDa
 			throw new BadRequestException("pageSize must be between 1 and 100");
 		} else if (type == null) {
 			throw new BadRequestException("type must be specified");
-		} else if (!type.isEmpty()) {
-			var validTypes = Set.of(DeviceRegisteredEvent.TYPE, DeviceRemovedEvent.TYPE, UserAccountResetEvent.TYPE, UserKeysChangeEvent.TYPE, UserSetupCodeChangeEvent.TYPE,
-					SettingWotUpdateEvent.TYPE, SignedWotIdEvent.TYPE, VaultCreatedEvent.TYPE, VaultUpdatedEvent.TYPE, VaultAccessGrantedEvent.TYPE,
-					VaultKeyRetrievedEvent.TYPE, VaultMemberAddedEvent.TYPE, VaultMemberRemovedEvent.TYPE, VaultMemberUpdatedEvent.TYPE, VaultOwnershipClaimedEvent.TYPE);
-			if (!validTypes.containsAll(type)) {
-				throw new BadRequestException("Invalid event type provided");
-			}
 		} else if (paginationId == null) {
 			throw new BadRequestException("paginationId must be specified");
 		}
 
+		if (!type.isEmpty()) {
+			if (!EVENT_TYPES.containsAll(type)) {
+				throw new BadRequestException("Invalid event type provided");
+			}
+		}
+
 		// cut off startDate at retention threshold
 		startDate = startDate.isBefore(retentionThreshold) ? retentionThreshold : startDate;
 

backend/src/main/java/org/cryptomator/hub/license/LicenseHolder.java

@@ -3,6 +3,7 @@
 import com.auth0.jwt.exceptions.JWTVerificationException;
 import com.auth0.jwt.interfaces.DecodedJWT;
 import io.quarkus.scheduler.Scheduled;
+import io.smallrye.common.annotation.RunOnVirtualThread;
 import jakarta.enterprise.context.ApplicationScoped;
 import jakarta.inject.Inject;
 import jakarta.transaction.Transactional;
@@ -23,6 +24,7 @@
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.time.Instant;
+import java.time.temporal.ChronoUnit;
 import java.util.HexFormat;
 import java.util.Optional;
 
@@ -47,7 +49,7 @@ public class LicenseHolder {
 	LicenseValidator licenseValidator;
 
 	@Inject
-	RandomMinuteSleeper randomMinuteSleeper;
+	RandomSleeper randomSleeper;
 
 	@Inject
 	Settings.Repository settingsRepo;
@@ -154,23 +156,27 @@ public void set(String token) throws JWTVerificationException {
 	 * Attempts to refresh the Hub licence every day between 01:00:00 and 02:00:00 AM UTC if claim refreshURL is present.
 	 */
 	@Scheduled(cron = "0 0 1 * * ?", timeZone = "UTC", concurrentExecution = Scheduled.ConcurrentExecution.SKIP)
-	void refreshLicense() throws InterruptedException {
-		if (get() != null) {
-			randomMinuteSleeper.sleep(); // add random sleep between [0,59]min to reduce infrastructure load
-			var refreshUrlClaim = get().getClaim("refreshUrl");
-			if (refreshUrlClaim != null) {
-				try {
-					var refreshUrl = URI.create(refreshUrlClaim.asString());
-					var refreshedLicense = requestLicenseRefresh(refreshUrl, get().getToken());
-					set(refreshedLicense);
-				} catch (LicenseRefreshFailedException e) {
-					LOG.errorv("Failed to refresh license token. Request to {0} was answered with response code {1,number,integer}", refreshUrlClaim, e.statusCode);
-				} catch (IllegalArgumentException | IOException e) {
-					LOG.error("Failed to refresh license token", e);
-				} catch (JWTVerificationException e) {
-					LOG.error("Failed to refresh license token. Refreshed token is invalid.", e);
-				}
-			}
+	@RunOnVirtualThread
+	void refreshLicense() {
+		var refreshUrlClaim = get().getClaim("refreshUrl");
+		if (refreshUrlClaim.isMissing()) {
+			LOG.error("Missing refreshUrl claim.");
+			return;
+		}
+		try {
+			randomSleeper.sleep(0, 59, ChronoUnit.MINUTES); // add random sleep to reduce infrastructure load
+			var refreshUrl = URI.create(refreshUrlClaim.asString());
+			var refreshedLicense = requestLicenseRefresh(refreshUrl, get().getToken());
+			set(refreshedLicense);
+		} catch (LicenseRefreshFailedException e) {
+			LOG.errorv("Failed to refresh license token. Request to {0} was answered with response code {1,number,integer}", refreshUrlClaim, e.statusCode);
+		} catch (IllegalArgumentException | IOException e) {
+			LOG.error("Failed to refresh license token", e);
+		} catch (JWTVerificationException e) {
+			LOG.error("Failed to refresh license token. Refreshed token is invalid.", e);
+		} catch (InterruptedException e) {
+			Thread.currentThread().interrupt();
+			LOG.warn("License refresh was interrupted", e);
 		}
 	}
 

backend/src/main/java/org/cryptomator/hub/license/LicenseValidator.java

@@ -32,7 +32,7 @@ public DecodedJWT validate(String token, String expectedHubId) throws JWTVerific
 			throw new InvalidClaimException("Token ID " + jwt.getId() + " does not match your Hub ID " + expectedHubId);
 		}
 		for (var claim : REQUIRED_CLAIMS) {
-			if (Objects.isNull(jwt.getClaim(claim))) {
+			if (jwt.getClaim(claim).isMissing()) {
 				throw new InvalidClaimException("The claim " + claim + " is required, but not present.");
 			}
 		}

backend/src/main/java/org/cryptomator/hub/license/RandomMinuteSleeper.java

@@ -0,0 +1,23 @@
+package org.cryptomator.hub.license;
+
+import jakarta.enterprise.context.ApplicationScoped;
+
+import java.time.Duration;
+import java.time.temporal.TemporalUnit;
+import java.util.random.RandomGenerator;
+
+@ApplicationScoped
+public class RandomSleeper {
+
+	private final RandomGenerator rng;
+
+	public RandomSleeper() {
+		this.rng = RandomGenerator.getDefault();
+	}
+
+	void sleep(int min, int max, TemporalUnit unit) throws InterruptedException {
+		var delay = Duration.of(rng.nextInt(min, max), unit);
+		Thread.sleep(delay.toMillis());
+	}
+
+}

backend/src/main/java/org/cryptomator/hub/license/RandomSleeper.java

@@ -30,7 +30,7 @@
 public class LicenseHolderTest {
 
 	Settings.Repository settingsRepo = mock(Settings.Repository.class);
-	RandomMinuteSleeper randomMinuteSleeper = mock(RandomMinuteSleeper.class);
+	RandomSleeper randomSleeper = mock(RandomSleeper.class);
 	LicenseValidator validator = mock(LicenseValidator.class);
 	LicenseApi licenseApi = mock(LicenseApi.class);
 
@@ -41,7 +41,7 @@ public void resetTestclass() {
 		licenseHolder = new LicenseHolder();
 		licenseHolder.licenseValidator = validator;
 		licenseHolder.settingsRepo = settingsRepo;
-		licenseHolder.randomMinuteSleeper = randomMinuteSleeper;
+		licenseHolder.randomSleeper = randomSleeper;
 		licenseHolder.licenseApi = licenseApi;
 	}
 
@@ -221,7 +221,7 @@ class TestSetter {
 
 		@BeforeEach
 		void setup() throws InterruptedException {
-			Mockito.doNothing().when(randomMinuteSleeper).sleep();
+			Mockito.doNothing().when(randomSleeper).sleep(Mockito.anyInt(), Mockito.anyInt(), Mockito.any());
 		}
 
 		@Test
@@ -280,7 +280,9 @@ void setup() {
 		@Test
 		@DisplayName("If license does not have a refreshUrl, skip refresh")
 		void testRefreshLicenseNoRefreshURL() throws InterruptedException, IOException {
-			Mockito.doReturn(null).when(licenseJwt).getClaim("refreshUrl");
+			var missingClaim = mock(Claim.class);
+			Mockito.doReturn(true).when(missingClaim).isMissing();
+			Mockito.doReturn(missingClaim).when(licenseJwt).getClaim("refreshUrl");
 
 			licenseHolderSpy.refreshLicense();