diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..ed581df
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,8 @@
+target/
+.idea/
+dependencies/
+conf/*.json
+sync/
+out/
+generated/
+uid2-optout.iml
diff --git a/conf/integ-config.json b/conf/integ-config.json
index a184258..fccaa68 100644
--- a/conf/integ-config.json
+++ b/conf/integ-config.json
@@ -7,7 +7,7 @@
"optout_internal_api_token": "test-optout-internal-key",
"optout_replica_uris": "http://localhost:8081/optout/write,http://localhost:8081/optout/write,http://localhost:8081/optout/write",
"partners_config_path": "/com.uid2.core/test/partners/config.json",
- "clients_metadata_path": "http://localhost:8088/clients/refresh",
- "core_attest_url": "http://localhost:8088/attest/get_token",
- "core_api_token": "test-partner-key"
+ "operators_metadata_path": "http://localhost:8088/operators/refresh",
+ "core_attest_url": "http://localhost:8088/attest",
+ "core_api_token": "trusted-partner-key"
}
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index 27f2827..86b2d59 100644
--- a/pom.xml
+++ b/pom.xml
@@ -17,6 +17,7 @@
3.9.4
1.1.0
+ ${project.version}
@@ -161,6 +162,22 @@
+
+ org.codehaus.mojo
+ properties-maven-plugin
+ 1.0.0
+
+
+ generate-resources
+
+ write-project-properties
+
+
+ ${project.build.outputDirectory}/${project.artifactId}.properties
+
+
+
+
org.codehaus.mojo
exec-maven-plugin
diff --git a/src/main/java/com/uid2/optout/Main.java b/src/main/java/com/uid2/optout/Main.java
index c47c321..f582d96 100644
--- a/src/main/java/com/uid2/optout/Main.java
+++ b/src/main/java/com/uid2/optout/Main.java
@@ -26,6 +26,7 @@
import com.uid2.optout.vertx.OptOutLogProducer;
import com.uid2.optout.vertx.OptOutServiceVerticle;
import com.uid2.optout.vertx.PartnerConfigMonitor;
+import com.uid2.shared.ApplicationVersion;
import com.uid2.shared.Utils;
import com.uid2.shared.attest.UidCoreClient;
import com.uid2.shared.auth.MultisourceAuthProvider;
@@ -80,10 +81,8 @@ public class Main {
private final JsonObject config;
private final ICloudStorage fsLocal = new LocalStorageMock();
private final ICloudStorage fsOptOut;
- private final ICloudStorage fsClientKeyConfig;
private final ICloudStorage fsOperatorKeyConfig;
private final ICloudStorage fsPartnerConfig;
- private final RotatingClientKeyProvider clientKeyProvider;
private final RotatingOperatorKeyProvider operatorKeyProvider;
private final boolean observeOnly;
@@ -133,34 +132,32 @@ public Main(Vertx vertx, JsonObject config) throws Exception {
LOGGER.info("Using CloudStorage for partners config: s3://" + optoutBucket);
}
+ ApplicationVersion appVersion = ApplicationVersion.load("uid2-optout", "uid2-shared", "enclave-attestation-api");
+
String coreAttestUrl = this.config.getString(Const.Config.CoreAttestUrlProp);
+ final ICloudStorage contentStorage;
if (coreAttestUrl != null) {
String coreApiToken = this.config.getString(Const.Config.CoreApiTokenProp);
- this.fsClientKeyConfig = UidCoreClient.createNoAttest(coreAttestUrl, coreApiToken);
- LOGGER.info("Client api-keys - Using uid2-core attestation endpoint: " + coreAttestUrl);
-
- // need separate s3 creds - currently disabled
- String optoutS3Bucket = this.config.getString(Const.Config.OptOutS3BucketProp);
- this.fsOperatorKeyConfig = CloudUtils.createStorage(optoutS3Bucket, config);
- LOGGER.info("Using CloudStorage for operator api-key config: s3://" + optoutS3Bucket);
+ boolean enforceHttps = this.config.getBoolean("enforce_https", true);
+ UidCoreClient uidCoreClient = UidCoreClient.createNoAttest(coreAttestUrl, coreApiToken, appVersion, enforceHttps);
+ if (useStorageMock) uidCoreClient.setAllowContentFromLocalFileSystem(true);
+ this.fsOperatorKeyConfig = uidCoreClient;
+ contentStorage = uidCoreClient.getContentStorage();
+ LOGGER.info("Operator api-keys - Using uid2-core attestation endpoint: " + coreAttestUrl);
} else if (useStorageMock) {
- this.fsClientKeyConfig = new EmbeddedResourceStorage(Main.class);
this.fsOperatorKeyConfig = new EmbeddedResourceStorage(Main.class);
+ contentStorage = this.fsOperatorKeyConfig;
LOGGER.info("Client api-keys - Using EmbeddedResourceStorage");
} else {
- String coreBucket = this.config.getString(Const.Config.CoreS3BucketProp);
- this.fsClientKeyConfig = CloudUtils.createStorage(coreBucket, config);
String optoutS3Bucket = this.config.getString(Const.Config.OptOutS3BucketProp);
this.fsOperatorKeyConfig = CloudUtils.createStorage(optoutS3Bucket, config);
- LOGGER.info("Using CloudStorage for client api-key at s3://" + coreBucket + ", and operator api-key at s3://" + optoutS3Bucket);
+ contentStorage = this.fsOperatorKeyConfig;
+ LOGGER.info("Using CloudStorage for operator api-key at s3://" + optoutS3Bucket);
}
- String clientsMdPath = this.config.getString(Const.Config.ClientsMetadataPathProp);
- this.clientKeyProvider = new RotatingClientKeyProvider(this.fsClientKeyConfig, clientsMdPath);
String operatorsMdPath = this.config.getString(Const.Config.OperatorsMetadataPathProp);
- this.operatorKeyProvider = new RotatingOperatorKeyProvider(this.fsOperatorKeyConfig, this.fsOperatorKeyConfig, operatorsMdPath);
+ this.operatorKeyProvider = new RotatingOperatorKeyProvider(this.fsOperatorKeyConfig, contentStorage, operatorsMdPath);
if (useStorageMock) {
- this.clientKeyProvider.loadContent();
this.operatorKeyProvider.loadContent(this.operatorKeyProvider.getMetadata());
}
}
@@ -258,9 +255,6 @@ public void run(String[] args) throws IOException {
// deploy optout cloud sync verticle
futs.add(this.deploySingleInstance(cloudSyncVerticle));
- // deploy client key rotator
- futs.add(this.createClientKeyRotator());
-
// deploy operator key rotator
futs.add(this.createOperatorKeyRotator());
@@ -281,8 +275,7 @@ public void run(String[] args) throws IOException {
}
Supplier svcSupplier = () -> {
- MultisourceAuthProvider authProvider = new MultisourceAuthProvider(this.operatorKeyProvider, this.clientKeyProvider);
- OptOutServiceVerticle svc = new OptOutServiceVerticle(vertx, authProvider, this.fsOptOut, this.config);
+ OptOutServiceVerticle svc = new OptOutServiceVerticle(vertx, this.operatorKeyProvider, this.fsOptOut, this.config);
// configure where OptOutService receives the latest cloud paths
cs.registerNewCloudPathsHandler(ps -> svc.setCloudPaths(ps));
return svc;
@@ -371,11 +364,6 @@ private Future uploadLastDelta(OptOutCloudSync cs, OptOutLogProducer logProducer
return promise.future();
}
- private Future createClientKeyRotator() {
- RotatingStoreVerticle rotatingStore = new RotatingStoreVerticle("clients", 10000, clientKeyProvider);
- return this.deploySingleInstance(rotatingStore);
- }
-
private Future createOperatorKeyRotator() {
RotatingStoreVerticle rotatingStore = new RotatingStoreVerticle("operators", 10000, operatorKeyProvider);
return this.deploySingleInstance(rotatingStore);
diff --git a/src/main/java/com/uid2/optout/vertx/OptOutLogProducer.java b/src/main/java/com/uid2/optout/vertx/OptOutLogProducer.java
index a80163a..5b1efd2 100644
--- a/src/main/java/com/uid2/optout/vertx/OptOutLogProducer.java
+++ b/src/main/java/com/uid2/optout/vertx/OptOutLogProducer.java
@@ -164,7 +164,9 @@ public void stop(Promise stopPromise) throws Exception {
}
public String getLastDelta() {
- Optional last = Arrays.stream((new File(this.deltaProducerDir)).list())
+ String[] deltaList = (new File(this.deltaProducerDir)).list();
+ if (deltaList == null) return null;
+ Optional last = Arrays.stream(deltaList)
.sorted(OptOutUtils.DeltaFilenameComparatorDescending)
.findFirst();
if (last.isPresent()) return Paths.get(this.deltaProducerDir, last.get()).toString();