diff --git a/Dockerfile b/Dockerfile index 7d99731..9527d02 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,7 +16,7 @@ COPY ./target/${JAR_NAME}-${JAR_VERSION}-sources.jar /app COPY ./conf/default-config.json /app/conf/ COPY ./conf/*.xml /app/conf/ -RUN apk add --no-cache --upgrade libpng && adduser -D uid2-core && mkdir -p /app && chmod 705 -R /app && mkdir -p /app/file-uploads && chmod 777 -R /app/file-uploads && mkdir -p /app/pod_terminating && chmod 777 -R /app/pod_terminating +RUN apk add --no-cache --upgrade libpng gnutls && adduser -D uid2-core && mkdir -p /app && chmod 705 -R /app && mkdir -p /app/file-uploads && chmod 777 -R /app/file-uploads && mkdir -p /app/pod_terminating && chmod 777 -R /app/pod_terminating USER uid2-core CMD java \ diff --git a/src/main/java/com/uid2/core/vertx/CoreVerticle.java b/src/main/java/com/uid2/core/vertx/CoreVerticle.java index cd7fec6..cae72ba 100644 --- a/src/main/java/com/uid2/core/vertx/CoreVerticle.java +++ b/src/main/java/com/uid2/core/vertx/CoreVerticle.java @@ -221,6 +221,8 @@ private Router createRoutesSetup() { .handler(auth.handleWithAudit(attestationMiddleware.handle(this::handlePartnerRefresh), List.of(Role.OPTOUT_SERVICE))); router.get(Endpoints.OPS_HEALTHCHECK.toString()) .handler(this::handleHealthCheck); + router.get(Endpoints.OPERATOR_KEY_CHECK.toString()) + .handler(auth.handleWithAudit(this::handleOperatorKeyCheck, List.of(Role.OPERATOR))); router.get(Endpoints.OPERATOR_CONFIG.toString()) .handler(auth.handleWithAudit(attestationMiddleware.handle(this::handleGetConfig), List.of(Role.OPERATOR))); @@ -269,6 +271,10 @@ private void handleHealthCheck(RoutingContext rc) { } } + private void handleOperatorKeyCheck(RoutingContext rc) { + rc.response().putHeader(HttpHeaders.CONTENT_TYPE, "application/json").end("{\"status\":\"ok\"}"); + } + private void handleAttestAsync(RoutingContext rc) { String token = AuthMiddleware.getAuthToken(rc); IAuthorizable profile = authProvider.get(token); diff --git a/src/main/java/com/uid2/core/vertx/Endpoints.java b/src/main/java/com/uid2/core/vertx/Endpoints.java index 7588f67..3318579 100644 --- a/src/main/java/com/uid2/core/vertx/Endpoints.java +++ b/src/main/java/com/uid2/core/vertx/Endpoints.java @@ -21,7 +21,8 @@ public enum Endpoints { SERVICE_LINKS_REFRESH("/service_links/refresh"), OPERATORS_REFRESH("/operators/refresh"), PARTNERS_REFRESH("/partners/refresh"), - OPERATOR_CONFIG("/operator/config"); + OPERATOR_CONFIG("/operator/config"), + OPERATOR_KEY_CHECK("/ops/operator_key_check"); private final String path; diff --git a/src/test/java/com/uid2/core/vertx/CoreVerticleTest.java b/src/test/java/com/uid2/core/vertx/CoreVerticleTest.java index bd0c4d7..71266bd 100644 --- a/src/test/java/com/uid2/core/vertx/CoreVerticleTest.java +++ b/src/test/java/com/uid2/core/vertx/CoreVerticleTest.java @@ -893,6 +893,28 @@ void keysRefreshSuccessNoHeaderVersion(Vertx vertx, VertxTestContext testContext }); } + @Test + @Tag("dontForceJwt") + void operatorKeyCheckReturns200ForValidOperatorKey(Vertx vertx, VertxTestContext testContext) { + fakeAuth(Role.OPERATOR); + this.get(vertx, Endpoints.OPERATOR_KEY_CHECK.toString(), testContext.succeeding(response -> testContext.verify(() -> { + assertEquals(200, response.statusCode()); + assertEquals("application/json", response.getHeader(HttpHeaders.CONTENT_TYPE)); + assertEquals("{\"status\":\"ok\"}", response.bodyAsString()); + testContext.completeNow(); + }))); + } + + @Test + @Tag("dontForceJwt") + void operatorKeyCheckReturns401ForUnknownKey(Vertx vertx, VertxTestContext testContext) { + when(authProvider.get(any())).thenReturn(null); + this.get(vertx, Endpoints.OPERATOR_KEY_CHECK.toString(), testContext.succeeding(response -> testContext.verify(() -> { + assertEquals(401, response.statusCode()); + testContext.completeNow(); + }))); + } + @Test @Tag("dontForceJwt") void getConfigSuccess(Vertx vertx, VertxTestContext testContext) {