feat: handle RSA key with keycloak and paging bookmark api

docker-compose.yml

@@ -36,6 +36,10 @@ services:
       - KEYCLOAK_ROLE_MAPPING=${KEYCLOAK_ROLE_MAPPING}
       - KEYCLOAK_BEARER_ONLY=${KEYCLOAK_BEARER_ONLY}
 
+      - RSA_PUBLIC_KEY_AUTH=${RSA_PUBLIC_KEY_AUTH}
+      - RSA_PRIVATE_KEY_MAIL=${RSA_PRIVATE_KEY_MAIL}
+      - RSA_PUBLIC_KEY_MAIL=${RSA_PUBLIC_KEY_MAIL}
+
     ports:
       - "${PORT}:8080"
     volumes:

src/main/java/org/cardanofoundation/authentication/config/RsaConfig.java

@@ -6,7 +6,7 @@
 import lombok.Getter;
 import lombok.RequiredArgsConstructor;
 import lombok.Setter;
-import org.cardanofoundation.authentication.provider.RsaProvider;
+import org.cardanofoundation.explorer.common.utils.RsaUtils;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.stereotype.Component;
 
@@ -17,25 +17,23 @@
 @RequiredArgsConstructor
 public class RsaConfig {
 
-  private String publicKeyAuthPath;
+  private String publicAuth;
 
-  private String privateKeyMailPath;
+  private String privateMail;
 
-  private String publicKeyMailPath;
+  private String publicMail;
 
   private PublicKey publicKeyAuth;
 
   private PrivateKey privateKeyMail;
 
   private PublicKey publicKeyMail;
 
-  private final RsaProvider rsaProvider;
-
   @PostConstruct
   public void createRsaKey() {
     java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
-    publicKeyAuth = rsaProvider.getPublicKey(publicKeyAuthPath);
-    privateKeyMail = rsaProvider.getPrivateKey(privateKeyMailPath);
-    publicKeyMail = rsaProvider.getPublicKey(publicKeyMailPath);
+    publicKeyAuth = RsaUtils.getPublicKey(publicAuth);
+    privateKeyMail = RsaUtils.getPrivateKey(privateMail);
+    publicKeyMail = RsaUtils.getPublicKey(publicMail);
   }
 }

src/main/java/org/cardanofoundation/authentication/service/impl/BookMarkServiceImpl.java

@@ -81,10 +81,15 @@ public BasePageResponse<BookMarkResponse> findBookMarkByType(
     Map<String, List<String>> attributes = user.getAttributes();
     String bookmarkKey = CommonConstant.ATTRIBUTE_BOOKMARK + network + "_" + bookMarkType;
     List<BookMarkResponse> bookMarkResponseList = new ArrayList<>();
-    List<String> bookmarkList = new ArrayList<>();
+    List<String> bookmarkList;
+    int size = 0;
     if (Objects.nonNull(attributes) && Objects.nonNull(attributes.get(bookmarkKey))) {
       bookmarkList = attributes.get(bookmarkKey);
-      bookmarkList.forEach(value -> bookMarkResponseList.add(
+      size = bookmarkList.size();
+      int start = (int) pageable.getOffset();
+      int end = Math.min((start + pageable.getPageSize()), size);
+      List<String> bookmarkPage = bookmarkList.subList(start, end);
+      bookmarkPage.forEach(value -> bookMarkResponseList.add(
           BookMarkResponse.builder().keyword(
                   StringUtils.substringBefore(value, CommonConstant.ATTRIBUTE_BOOKMARK_ADD_TIME))
               .createdDate(Instant.parse(
@@ -93,7 +98,7 @@ public BasePageResponse<BookMarkResponse> findBookMarkByType(
               .network(network)
               .build()));
     }
-    response.setTotalItems(bookmarkList.size());
+    response.setTotalItems(size);
     response.setData(bookMarkResponseList);
     return response;
   }

src/main/resources/application-dev.yml

@@ -27,3 +27,10 @@ keycloak:
   bearer-only: ${KEYCLOAK_BEARER_ONLY:true}
 
 timeToLiveRedisSignOut: ${TIME_TO_LIVE_REDIS_SIGN_OUT:48}
+
+rsa:
+  key:
+    public-auth: ${RSA_PUBLIC_KEY_AUTH}
+    private-mail: ${RSA_PRIVATE_KEY_MAIL}
+    public-mail: ${RSA_PUBLIC_KEY_MAIL}
+

src/main/resources/application-local.yml

@@ -20,13 +20,19 @@ redis:
       port: 26379
 
 keycloak:
-  realm: ${KEYCLOAK_REALM_NAME:cardano_authen}
+  realm: ${KEYCLOAK_REALM_NAME:cardano_1}
   auth-server-url: ${KEYCLOAK_SERVER_URL:http://10.4.21.151:8080/}
   ssl-required: external
-  resource: ${KEYCLOAK_CLIENT_ID:client_test}
+  resource: ${KEYCLOAK_CLIENT_ID:client_1}
   credentials:
-    secret: ${KEYCLOAK_CLIENT_SECRET:LuJVyHvOipnRFFAWO7AnUFWkyKCJ3ax4}
+    secret: ${KEYCLOAK_CLIENT_SECRET:mJvV0GtwiKUlpBZuNQ4Rmhxo3iY3JsRx}
   use-resource-role-mappings: ${KEYCLOAK_ROLE_MAPPING:true}
   bearer-only: ${KEYCLOAK_BEARER_ONLY:true}
 
-timeToLiveRedisSignOut: ${TIME_TO_LIVE_REDIS_SIGN_OUT:48}
+timeToLiveRedisSignOut: ${TIME_TO_LIVE_REDIS_SIGN_OUT:48}
+
+rsa:
+  key:
+    public-auth: ${RSA_PUBLIC_KEY_AUTH}
+    private-mail: ${RSA_PRIVATE_KEY_MAIL}
+    public-mail: ${RSA_PUBLIC_KEY_MAIL}

src/main/resources/application.yml

@@ -27,12 +27,6 @@ logging:
   level:
     root: info
 
-rsa:
-  key:
-    public-key-auth-path: /key/auth/public_key
-    private-key-mail-path: /key/mail/private_key
-    public-key-mail-path: /key/mail/public_key
-
 mail:
   from: 'test.sotatek1@gmail.com'
   sender: 'Sotatek'

src/test/java/org/cardanofoundation/authentication/controller/UserControllerTest.java

@@ -3,6 +3,7 @@
 import static org.mockito.BDDMockito.given;
 import static org.mockito.Mockito.mock;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
 import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
@@ -65,6 +66,16 @@ void whenCallExistEmail() throws Exception {
         .andDo(print());
   }
 
+  @Test
+  void whenCallRoleMapping() throws Exception {
+    given(keycloakService.roleMapping("resourcePathTest")).willReturn(true);
+    mockMvc.perform(post("/api/v1/user/role-mapping")
+            .content("resourcePathTest")
+            .contentType(MediaType.APPLICATION_JSON))
+        .andExpect(status().isOk())
+        .andDo(print());
+  }
+
   private String asJsonString(final Object obj) {
     try {
       return new Gson().toJson(obj);

src/test/java/org/cardanofoundation/authentication/service/KeycloakServiceTest.java

@@ -1,13 +1,17 @@
 package org.cardanofoundation.authentication.service;
 
+import static org.mockito.Mockito.doNothing;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
 import jakarta.servlet.http.HttpServletRequest;
+import java.util.HashSet;
+import java.util.Set;
 import org.cardanofoundation.authentication.constant.CommonConstant;
 import org.cardanofoundation.authentication.model.response.UserInfoResponse;
 import org.cardanofoundation.authentication.provider.JwtProvider;
 import org.cardanofoundation.authentication.provider.KeycloakProvider;
+import org.cardanofoundation.authentication.provider.RedisProvider;
 import org.cardanofoundation.authentication.service.impl.KeycloakServiceImpl;
 import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.Test;
@@ -35,6 +39,9 @@ class KeycloakServiceTest {
   @Mock
   private JwtProvider jwtProvider;
 
+  @Mock
+  private RedisProvider redisProvider;
+
   private final String EMAIL = "test@gmail.com";
 
   @Test
@@ -69,4 +76,17 @@ void whenUserInfo_returnResponse() {
     Assertions.assertEquals(EMAIL, response.getUsername());
     Assertions.assertEquals("2023-09-21T09:42:15.191104040Z", response.getLastLogin().toString());
   }
+
+  @Test
+  void whenRoleMapping_returnResponse() {
+    String resourcePath = "users/5363d283-2232-4a74-8e38-7c6f419d3218/role-mappings/realm";
+    Set<String> keys = new HashSet<>();
+    keys.add("5363d283-2232-4a74-8e38-7c6f419d3218:");
+    when(redisProvider.getKeys("5363d283-2232-4a74-8e38-7c6f419d3218*")).thenReturn(keys);
+    when(redisProvider.getValue("5363d283-2232-4a74-8e38-7c6f419d3218:")).thenReturn("JWT:");
+    doNothing().when(redisProvider).blacklistJwt("JWT:", "5363d283-2232-4a74-8e38-7c6f419d3218");
+    doNothing().when(redisProvider).remove("5363d283-2232-4a74-8e38-7c6f419d3218:");
+    Boolean response = keycloakService.roleMapping(resourcePath);
+    Assertions.assertTrue(response);
+  }
 }