From b0600ee86170cbf62d8dd9b043c7b44a4cc0ca31 Mon Sep 17 00:00:00 2001 From: Stoyan Tzenkov Date: Mon, 7 Jan 2019 16:34:57 +0200 Subject: [PATCH 1/3] NY-5138: Authentication providers per profile limited to max-authenticationproviders-per-profile. Signed-off-by: Stoyan Tzenkov --- .../ProfileDataConfiguration.java | 21 +++++++++++++++++++ .../account/services/AccountServiceImpl.java | 13 +++++++++++- src/main/resources/application-dev.yml | 3 +++ src/main/resources/application-production.yml | 3 +++ 4 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 src/main/java/biz/nynja/account/configuration/ProfileDataConfiguration.java diff --git a/src/main/java/biz/nynja/account/configuration/ProfileDataConfiguration.java b/src/main/java/biz/nynja/account/configuration/ProfileDataConfiguration.java new file mode 100644 index 0000000..0d37511 --- /dev/null +++ b/src/main/java/biz/nynja/account/configuration/ProfileDataConfiguration.java @@ -0,0 +1,21 @@ +/** + * Copyright (C) 2018 Nynja Inc. All rights reserved. + */ +package biz.nynja.account.configuration; + +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +@Configuration +@ConfigurationProperties(prefix = "profile-data") +public class ProfileDataConfiguration { + private int maxProvidersPerProfile; + + public int getMaxProvidersPerProfile() { + return maxProvidersPerProfile; + } + + public void setMaxProvidersPerProfile(int maxProvidersPerProfile) { + this.maxProvidersPerProfile = maxProvidersPerProfile; + } +} diff --git a/src/main/java/biz/nynja/account/services/AccountServiceImpl.java b/src/main/java/biz/nynja/account/services/AccountServiceImpl.java index a3cd2a7..f625656 100644 --- a/src/main/java/biz/nynja/account/services/AccountServiceImpl.java +++ b/src/main/java/biz/nynja/account/services/AccountServiceImpl.java @@ -18,6 +18,8 @@ import org.lognet.springboot.grpc.GRpcService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import biz.nynja.account.configuration.AccountDataConfiguration; +import biz.nynja.account.configuration.ProfileDataConfiguration; import biz.nynja.account.grpc.AccountByAccountIdRequest; import biz.nynja.account.grpc.AccountResponse; import biz.nynja.account.grpc.AccountServiceGrpc; @@ -100,6 +102,7 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas private final AccountCreator accountCreator; private final ProfileProvider profileProvider; private final PermissionsValidator permissionsValidator; + private final ProfileDataConfiguration profileDataConfiguration; public AccountServiceImpl(AccountRepositoryAdditional accountRepositoryAdditional, ProfileRepository profileRepository, @@ -108,7 +111,7 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas AccountByUsernameRepository accountByUsernameRepository, AccountProvider accountProvider, AccountByProfileIdRepository accountByProfileIdRepository, PhoneNumberNormalizer phoneNumberNormalizer, AccountCreator accountCreator, ProfileProvider profileProvider, - PermissionsValidator permissionsValidator) { + PermissionsValidator permissionsValidator, ProfileDataConfiguration profileDataConfiguration) { this.accountRepositoryAdditional = accountRepositoryAdditional; this.profileRepository = profileRepository; this.profileByAutheticationProviderRepository = profileByAutheticationProviderRepository; @@ -120,6 +123,7 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas this.accountCreator = accountCreator; this.profileProvider = profileProvider; this.permissionsValidator = permissionsValidator; + this.profileDataConfiguration = profileDataConfiguration; } @Override @@ -647,6 +651,13 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas return; } + // Make sure there will be no more than providers in this profile + if(profile.getAuthenticationProviders().size() >= profileDataConfiguration.getMaxProvidersPerProfile()) { + logAndBuildGrpcStatusResponse(responseObserver, StatusResponse.newBuilder(), + "Max number of authentication providers reached for profile id {}.", request.getProfileId(), Cause.MAX_PROVIDERS_PER_PROFILE_REACHED); + return; + } + // Make sure that the requested authentication provider is not already used in the system. ProfileByAuthenticationProvider profileByAuthProvider = profileByAutheticationProviderRepository .findByAuthenticationProviderAndAuthenticationProviderType( diff --git a/src/main/resources/application-dev.yml b/src/main/resources/application-dev.yml index 5de0eb4..3492976 100644 --- a/src/main/resources/application-dev.yml +++ b/src/main/resources/application-dev.yml @@ -37,6 +37,9 @@ pending-account: account-data: max-contact-info-of-type: 10 +profile-data: + max-authenticationproviders-per-profile: 3 + erlang-bridge: enable: false; ip: diff --git a/src/main/resources/application-production.yml b/src/main/resources/application-production.yml index e42ba70..f6221bf 100644 --- a/src/main/resources/application-production.yml +++ b/src/main/resources/application-production.yml @@ -31,6 +31,9 @@ pending-account: account-data: max-contact-info-of-type: ${MAX_CONTACT_INFO_OF_TYPE:10} +profile-data: +max-authenticationproviders-per-profile: 3 + erlang-bridge: enable: false; ip: ${ERLANG_IP} -- GitLab From e53a31457d3c632368554b0ac92dc3850c0b84f1 Mon Sep 17 00:00:00 2001 From: Stoyan Tzenkov Date: Tue, 8 Jan 2019 17:06:26 +0200 Subject: [PATCH 2/3] NY-5138: authenticationproviders per profile increased to 20. Signed-off-by: Stoyan Tzenkov --- src/main/resources/application-dev.yml | 2 +- src/main/resources/application-production.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/resources/application-dev.yml b/src/main/resources/application-dev.yml index 3492976..a958a6a 100644 --- a/src/main/resources/application-dev.yml +++ b/src/main/resources/application-dev.yml @@ -38,7 +38,7 @@ account-data: max-contact-info-of-type: 10 profile-data: - max-authenticationproviders-per-profile: 3 + max-authenticationproviders-per-profile: 20 erlang-bridge: enable: false; diff --git a/src/main/resources/application-production.yml b/src/main/resources/application-production.yml index f6221bf..fb7c565 100644 --- a/src/main/resources/application-production.yml +++ b/src/main/resources/application-production.yml @@ -32,7 +32,7 @@ account-data: max-contact-info-of-type: ${MAX_CONTACT_INFO_OF_TYPE:10} profile-data: -max-authenticationproviders-per-profile: 3 +max-authenticationproviders-per-profile: 20 erlang-bridge: enable: false; -- GitLab From e249df8f6a414fda294906bbd0812ec0d4fe7733 Mon Sep 17 00:00:00 2001 From: Stoyan Tzenkov Date: Tue, 8 Jan 2019 18:02:07 +0200 Subject: [PATCH 3/3] NY-5138: ProfileCOnfig fixed. Signed-off-by: Stoyan Tzenkov --- .../configuration/ProfileDataConfiguration.java | 10 +++++----- .../biz/nynja/account/services/AccountServiceImpl.java | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/main/java/biz/nynja/account/configuration/ProfileDataConfiguration.java b/src/main/java/biz/nynja/account/configuration/ProfileDataConfiguration.java index 0d37511..bcb6ad9 100644 --- a/src/main/java/biz/nynja/account/configuration/ProfileDataConfiguration.java +++ b/src/main/java/biz/nynja/account/configuration/ProfileDataConfiguration.java @@ -9,13 +9,13 @@ import org.springframework.context.annotation.Configuration; @Configuration @ConfigurationProperties(prefix = "profile-data") public class ProfileDataConfiguration { - private int maxProvidersPerProfile; + private int maxAuthenticationprovidersPerProfile; - public int getMaxProvidersPerProfile() { - return maxProvidersPerProfile; + public int getMaxAuthenticationprovidersPerProfile() { + return maxAuthenticationprovidersPerProfile; } - public void setMaxProvidersPerProfile(int maxProvidersPerProfile) { - this.maxProvidersPerProfile = maxProvidersPerProfile; + public void setMaxAuthenticationprovidersPerProfile(int maxAuthenticationprovidersPerProfile) { + this.maxAuthenticationprovidersPerProfile = maxAuthenticationprovidersPerProfile; } } diff --git a/src/main/java/biz/nynja/account/services/AccountServiceImpl.java b/src/main/java/biz/nynja/account/services/AccountServiceImpl.java index f625656..7545533 100644 --- a/src/main/java/biz/nynja/account/services/AccountServiceImpl.java +++ b/src/main/java/biz/nynja/account/services/AccountServiceImpl.java @@ -652,7 +652,7 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas } // Make sure there will be no more than providers in this profile - if(profile.getAuthenticationProviders().size() >= profileDataConfiguration.getMaxProvidersPerProfile()) { + if(profile.getAuthenticationProviders().size() >= profileDataConfiguration.getMaxAuthenticationprovidersPerProfile()) { logAndBuildGrpcStatusResponse(responseObserver, StatusResponse.newBuilder(), "Max number of authentication providers reached for profile id {}.", request.getProfileId(), Cause.MAX_PROVIDERS_PER_PROFILE_REACHED); return; -- GitLab