Merge pull request #201 from pagopa/feature/PN-13461

[PN-13461] restore AdE checkCf service

Author: abertu75

docs/external/AdE/VerificaCodiceFiscale.yaml

@@ -19,10 +19,6 @@ x-commons:
       $ref: '#/components/responses/503ServiceUnavailable'
     default:
       $ref: '#/components/responses/default'
-
-security:
-  - IBM-Client-Secret: []
-    IBM-Client-Id: []
 
 openapi: 3.0.0
 info:
@@ -249,18 +245,6 @@ components:
           format: uri
           type: string
       type: object
-  securitySchemes:
-      IBM-Client-Secret:
-        type: apiKey
-        description: ''
-        name: X-IBM-Client-Secret
-        in: header
-      IBM-Client-Id:
-        type: apiKey
-        description: ''
-        name: X-IBM-Client-Id
-        in: header
-
   headers:
     Retry-After:
       description: |-
@@ -329,3 +313,11 @@ components:
           $ref: '#/components/headers/Retry-After'
     default:
       description: Unexpected error
+  securitySchemes:
+    bearerAuth:
+      type: http
+      scheme: bearer
+      bearerFormat: JWT
+      description: Implementazione conforme ad RFC8725. Contiene il JWT recuperato da PDND interoperabilità applicando le Linee Guida sull'infrastruttura tecnologica della Piattaforma Digitale Nazionale Dati per l'interoperabilità dei sistemi informativi e delle basi di dati ai sensi dell'articolo 50-ter, comma 2 del CAD
+security:
+  - bearerAuth: [ ]

pom.xml

@@ -401,6 +401,29 @@
                             <apiPackage>it.pagopa.pn.national.registries.generated.openapi.msclient.ipa.v1.api</apiPackage>
                         </configuration>
                     </execution>
+                    <execution>
+                        <id>generate-ADE-client</id>
+                        <goals>
+                            <goal>generate</goal>
+                        </goals>
+                        <phase>process-resources</phase>
+                        <configuration>
+                            <inputSpec>${project.basedir}/docs/external/AdE/VerificaCodiceFiscale.yaml</inputSpec>
+                            <generatorName>java</generatorName>
+                            <library>webclient</library>
+                            <generateApiDocumentation>false</generateApiDocumentation>
+                            <generateApiTests>false</generateApiTests>
+                            <generateModelTests>false</generateModelTests>
+                            <generateSupportingFiles>true</generateSupportingFiles>
+                            <templateDirectory>${project.build.directory}/dependency-resources/scripts/openapi/templates/6.0.0/client</templateDirectory>
+                            <configOptions>
+                                <swaggerAnnotations>false</swaggerAnnotations>
+                                <openApiNullable>false</openApiNullable>
+                            </configOptions>
+                            <modelPackage>it.pagopa.pn.national.registries.generated.openapi.msclient.ade.v1.dto</modelPackage>
+                            <apiPackage>it.pagopa.pn.national.registries.generated.openapi.msclient.ade.v1.api</apiPackage>
+                        </configuration>
+                    </execution>
                 </executions>
             </plugin>
             <plugin>

src/main/java/it/pagopa/pn/national/registries/client/agenziaentrate/CheckCfClient.java

@@ -0,0 +1,78 @@
+package it.pagopa.pn.national.registries.client.agenziaentrate;
+
+import it.pagopa.pn.commons.exceptions.PnInternalException;
+import it.pagopa.pn.commons.log.PnLogger;
+import it.pagopa.pn.national.registries.cache.AccessTokenCacheEntry;
+import it.pagopa.pn.national.registries.cache.AccessTokenExpiringMap;
+import it.pagopa.pn.national.registries.config.adecheckcf.CheckCfSecretConfig;
+import it.pagopa.pn.national.registries.exceptions.PnNationalRegistriesException;
+import it.pagopa.pn.national.registries.generated.openapi.msclient.ade.v1.api.VerificheApi;
+import it.pagopa.pn.national.registries.generated.openapi.msclient.ade.v1.dto.Richiesta;
+import it.pagopa.pn.national.registries.generated.openapi.msclient.ade.v1.dto.VerificaCodiceFiscale;
+import it.pagopa.pn.national.registries.model.PdndSecretValue;
+import it.pagopa.pn.national.registries.model.agenziaentrate.TaxIdResponseKO;
+import it.pagopa.pn.national.registries.service.PnNationalRegistriesSecretService;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Component;
+import org.springframework.web.reactive.function.client.WebClientResponseException;
+import reactor.core.publisher.Mono;
+import reactor.util.retry.Retry;
+
+import java.nio.charset.Charset;
+
+import static it.pagopa.pn.national.registries.constant.ProcessStatus.PROCESS_SERVICE_AGENZIA_ENTRATE_CHECK_TAX_ID;
+import static it.pagopa.pn.national.registries.exceptions.PnNationalRegistriesExceptionCodes.*;
+
+@Component
+@lombok.CustomLog
+public class CheckCfClient {
+
+    private final AccessTokenExpiringMap accessTokenExpiringMap;
+    private final VerificheApi verificheApi;
+    private final CheckCfSecretConfig checkCfSecretConfig;
+
+
+    private final PnNationalRegistriesSecretService pnNationalRegistriesSecretService;
+
+    protected CheckCfClient(AccessTokenExpiringMap accessTokenExpiringMap,
+                            VerificheApi verificheApi,
+                            CheckCfSecretConfig checkCfSecretConfig,
+                            PnNationalRegistriesSecretService pnNationalRegistriesSecretService) {
+        this.accessTokenExpiringMap = accessTokenExpiringMap;
+        this.checkCfSecretConfig = checkCfSecretConfig;
+        this.verificheApi = verificheApi;
+        this.pnNationalRegistriesSecretService = pnNationalRegistriesSecretService;
+    }
+
+    public Mono<VerificaCodiceFiscale> callEService(Richiesta richiesta) {
+        PdndSecretValue pdndSecretValue = pnNationalRegistriesSecretService.getPdndSecretValue(checkCfSecretConfig.getPdndSecret());
+        return accessTokenExpiringMap.getPDNDToken(pdndSecretValue.getJwtConfig().getPurposeId(), pdndSecretValue, false)
+                .flatMap(tokenEntry -> callVerifica(richiesta, tokenEntry))
+                .retryWhen(Retry.max(1).filter(this::shouldRetry)
+                        .onRetryExhaustedThrow((retryBackoffSpec, retrySignal) ->
+                                new PnInternalException(ERROR_MESSAGE_ADE_UNAUTHORIZED, ERROR_CODE_UNAUTHORIZED, retrySignal.failure()))
+                );
+    }
+
+    private Mono<VerificaCodiceFiscale> callVerifica(Richiesta request, AccessTokenCacheEntry tokenEntry) {
+        log.logInvokingExternalDownstreamService(PnLogger.EXTERNAL_SERVICES.ADE, PROCESS_SERVICE_AGENZIA_ENTRATE_CHECK_TAX_ID);
+        verificheApi.getApiClient().setBearerToken(tokenEntry.getTokenValue());
+        return verificheApi.postVerificaCodiceFiscale(request)
+                .doOnError(throwable -> {
+                    log.logInvokationResultDownstreamFailed(PnLogger.EXTERNAL_SERVICES.ADE, throwable.getMessage());
+                    if (!shouldRetry(throwable) && throwable instanceof WebClientResponseException e) {
+                        throw new PnNationalRegistriesException(e.getMessage(), e.getStatusCode().value(),
+                                e.getStatusText(), e.getHeaders(), e.getResponseBodyAsByteArray(),
+                                Charset.defaultCharset(), TaxIdResponseKO.class);
+                    }
+                });
+    }
+
+    protected boolean shouldRetry(Throwable throwable) {
+        if (throwable instanceof WebClientResponseException exception && exception.getStatusCode() == HttpStatus.UNAUTHORIZED) {
+            log.debug("Try Retry call to CheckCf");
+            return true;
+        }
+        return false;
+    }
+}

src/main/java/it/pagopa/pn/national/registries/config/adecheckcf/CheckCfClientConfig.java

@@ -0,0 +1,62 @@
+package it.pagopa.pn.national.registries.config.adecheckcf;
+
+import io.netty.handler.ssl.SslContext;
+import io.netty.handler.ssl.SslContextBuilder;
+import it.pagopa.pn.commons.exceptions.PnInternalException;
+import it.pagopa.pn.commons.pnclients.CommonBaseClient;
+import it.pagopa.pn.national.registries.client.SecureWebClientUtils;
+import it.pagopa.pn.national.registries.config.CustomRetryConfig;
+import it.pagopa.pn.national.registries.generated.openapi.msclient.ade.v1.ApiClient;
+import it.pagopa.pn.national.registries.generated.openapi.msclient.ade.v1.api.VerificheApi;
+import it.pagopa.pn.national.registries.model.TrustData;
+import it.pagopa.pn.national.registries.service.PnNationalRegistriesSecretService;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.reactive.function.client.ExchangeFilterFunction;
+import reactor.netty.http.client.HttpClient;
+
+import java.io.IOException;
+
+import static it.pagopa.pn.national.registries.exceptions.PnNationalRegistriesExceptionCodes.ERROR_CODE_CHECK_CF;
+import static it.pagopa.pn.national.registries.exceptions.PnNationalRegistriesExceptionCodes.ERROR_MESSAGE_CHECK_CF;
+
+@Configuration
+@Slf4j
+@RequiredArgsConstructor
+public class CheckCfClientConfig extends CommonBaseClient {
+
+    private final CustomRetryConfig customRetryConfig;
+    private final PnNationalRegistriesSecretService pnNationalRegistriesSecretService;
+    private final CheckCfSecretConfig checkCfSecretConfig;
+    private final SecureWebClientUtils secureWebClientUtils;
+
+    @Bean
+    VerificheApi verificheApi(@Value("${pn.national.registries.ade-check-cf.base-path}") String basePath) {
+        var apiClient = new ApiClient(initWebClient(ApiClient.buildWebClientBuilder()));
+        apiClient.setBasePath(basePath);
+        return new VerificheApi(apiClient);
+    }
+
+    @Override
+    protected HttpClient buildHttpClient() {
+        return super.buildHttpClient()
+                .secure(t -> t.sslContext(buildSslContext()));
+    }
+
+    protected SslContext buildSslContext() {
+        try {
+            TrustData trustData = pnNationalRegistriesSecretService.getTrustedCertFromSecret(checkCfSecretConfig.getTrustData());
+            return secureWebClientUtils.getSslContext(SslContextBuilder.forClient(), trustData.getTrust());
+        } catch (IOException e) {
+            throw new PnInternalException(ERROR_MESSAGE_CHECK_CF, ERROR_CODE_CHECK_CF, e);
+        }
+    }
+
+    @Override
+    protected ExchangeFilterFunction buildRetryExchangeFilterFunction() {
+        return customRetryConfig.buildRetryExchangeFilterFunction();
+    }
+}

src/main/java/it/pagopa/pn/national/registries/config/adecheckcf/CheckCfSecretConfig.java

@@ -0,0 +1,20 @@
+package it.pagopa.pn.national.registries.config.adecheckcf;
+
+import lombok.Getter;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+@Component
+@Slf4j
+@Getter
+public class CheckCfSecretConfig{
+    private final String pdndSecret;
+    private final String trustData;
+
+    public CheckCfSecretConfig(@Value("${pn.national.registries.pdnd.ade-check-cf.secret}") String pdndSecret,
+                               @Value("${pn.national.registries.trust.ade-check-cf.secret}") String trustData) {
+        this.pdndSecret = pdndSecret;
+        this.trustData = trustData;
+    }
+}

src/main/java/it/pagopa/pn/national/registries/converter/AgenziaEntrateConverter.java

@@ -1,6 +1,8 @@
 package it.pagopa.pn.national.registries.converter;
 
+import it.pagopa.pn.national.registries.generated.openapi.msclient.ade.v1.dto.VerificaCodiceFiscale;
 import it.pagopa.pn.national.registries.generated.openapi.server.v1.dto.ADELegalOKDto;
+import it.pagopa.pn.national.registries.generated.openapi.server.v1.dto.CheckTaxIdOKDto;
 import it.pagopa.pn.national.registries.model.agenziaentrate.CheckValidityRappresentanteResp;
 import it.pagopa.pn.national.registries.model.agenziaentrate.ResultCodeEnum;
 import it.pagopa.pn.national.registries.model.agenziaentrate.ResultDetailEnum;
@@ -9,6 +11,10 @@
 @Component
 public class AgenziaEntrateConverter {
 
+    public static final String CODICE_FISCALE_VALIDO_NON_UTILIZZABILE = "Codice fiscale valido, non più utilizzabile in quanto aggiornato in altro codice fiscale";
+    public static final String CODICE_FISCALE_NON_VALIDO_AGGIORNATO_IN_ALTRO = "Codice fiscale non utilizzabile in quanto aggiornato in altro codice fiscale";
+    public static final String CODICE_FISCALE_NON_VALIDO = "Codice fiscale non valido";
+
     public ADELegalOKDto adELegalResponseToDto(CheckValidityRappresentanteResp checkValidityRappresentanteResp) {
         ADELegalOKDto adeLegalOKDto = new ADELegalOKDto();
         adeLegalOKDto.setResultCode(ResultCodeEnum.fromValue(checkValidityRappresentanteResp.codiceRitorno));
@@ -19,4 +25,23 @@ public ADELegalOKDto adELegalResponseToDto(CheckValidityRappresentanteResp check
         return adeLegalOKDto;
     }
 
+    public CheckTaxIdOKDto convertToCfStatusDto(VerificaCodiceFiscale taxIdVerification) {
+        CheckTaxIdOKDto cfStatusDto = new CheckTaxIdOKDto();
+        cfStatusDto.setIsValid(taxIdVerification.getValido());
+        cfStatusDto.setTaxId(taxIdVerification.getCodiceFiscale());
+        if (taxIdVerification.getMessaggio() != null) {
+            cfStatusDto.setErrorCode(decodeError(taxIdVerification.getMessaggio()));
+        }
+        return cfStatusDto;
+    }
+
+    public CheckTaxIdOKDto.ErrorCodeEnum decodeError(String message) {
+        return switch (message) {
+            case CODICE_FISCALE_VALIDO_NON_UTILIZZABILE -> CheckTaxIdOKDto.ErrorCodeEnum.ERR01;
+            case CODICE_FISCALE_NON_VALIDO_AGGIORNATO_IN_ALTRO -> CheckTaxIdOKDto.ErrorCodeEnum.ERR02;
+            case CODICE_FISCALE_NON_VALIDO -> CheckTaxIdOKDto.ErrorCodeEnum.ERR03;
+            default -> null;
+        };
+    }
+
 }

src/main/java/it/pagopa/pn/national/registries/model/agenziaentrate/Request.java

@@ -3,6 +3,8 @@
 import it.pagopa.pn.national.registries.generated.openapi.server.v1.api.AgenziaEntrateApi;
 import it.pagopa.pn.national.registries.generated.openapi.server.v1.dto.ADELegalOKDto;
 import it.pagopa.pn.national.registries.generated.openapi.server.v1.dto.ADELegalRequestBodyDto;
+import it.pagopa.pn.national.registries.generated.openapi.server.v1.dto.CheckTaxIdOKDto;
+import it.pagopa.pn.national.registries.generated.openapi.server.v1.dto.CheckTaxIdRequestBodyDto;
 import it.pagopa.pn.national.registries.service.AgenziaEntrateService;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.RestController;
@@ -25,19 +27,35 @@ public AgenziaEntrateController(AgenziaEntrateService agenziaEntrateService, Sch
 
     }
 
+    /**
+     * POST /national-registries-private/agenzia-entrate/tax-id : Questo servizio ritorna la validità e l’esistenza di un dato codice fiscale descritta da un campo di ritorno booleano nell’oggetto json di response
+     * Questo servizio ritorna la validità e l’esistenza di un dato codice fiscale descritta da un campo di ritorno booleano nell’oggetto json di response
+     *
+     * @param checkTaxIdRequestBodyDto Effettua la ricerca di un codice fiscale (required)
+     * @return OK (status code 200)
+     * or Bad request (status code 400)
+     * or Internal server error (status code 500)
+     */
+    @Override
+    public Mono<ResponseEntity<CheckTaxIdOKDto>> checkTaxId(Mono<CheckTaxIdRequestBodyDto> checkTaxIdRequestBodyDto, final ServerWebExchange exchange) {
+        return checkTaxIdRequestBodyDto.flatMap(agenziaEntrateService::callEService)
+                .map(t -> ResponseEntity.ok().body(t))
+                .publishOn(scheduler);
+    }
+
     /**
      * POST /national-registries-private/agenzia-entrate/legal : Il servizio consente la verifica di corrispondenza fra il codice fiscale del rappresentante legale di un soggetto giuridico e il soggetto giuridico stesso.
      * Il servizio consente la verifica di corrispondenza fra il codice fiscale del rappresentante legale di un soggetto giuridico e il soggetto giuridico stesso.
      *
-     * @param adELegalRequestBodyDto  (required)
+     * @param adELegalRequestBodyDto (required)
      * @return OK (status code 200)
-     *         or Unauthorized (status code 401)
-     *         or Internal server error (status code 500)
-     *         or Service Unavailable (status code 503)
+     * or Unauthorized (status code 401)
+     * or Internal server error (status code 500)
+     * or Service Unavailable (status code 503)
      */
 
     @Override
-    public  Mono<ResponseEntity<ADELegalOKDto>> adeLegal(Mono<ADELegalRequestBodyDto> adELegalRequestBodyDto,  final ServerWebExchange exchange) {
+    public Mono<ResponseEntity<ADELegalOKDto>> adeLegal(Mono<ADELegalRequestBodyDto> adELegalRequestBodyDto, final ServerWebExchange exchange) {
         return adELegalRequestBodyDto.flatMap(agenziaEntrateService::checkTaxIdAndVatNumber)
                 .map(t -> ResponseEntity.ok().body(t))
                 .publishOn(scheduler);