diff --git a/.gitignore b/.gitignore index 9620e5e..d3239a4 100644 --- a/.gitignore +++ b/.gitignore @@ -3,7 +3,7 @@ /production.properties /config/ /web/ - +keystore.jks ### OSX fork resources .DS_Store diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..127e744 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,14 @@ +FROM frolvlad/alpine-oraclejdk8 as builder +#Configure the develop environment +RUN apk update +RUN apk add mongodb +RUN apk add maven + +WORKDIR /app +ADD pom.xml /app +RUN mvn verify --fail-never +ADD . /app +RUN ./prepare-bundle-docker.sh + + + diff --git a/Dockerfile.deploy b/Dockerfile.deploy new file mode 100644 index 0000000..93ff10b --- /dev/null +++ b/Dockerfile.deploy @@ -0,0 +1,10 @@ +FROM anapsix/alpine-java +#Configure the production environment +RUN apk update +RUN apk add mongodb + +WORKDIR /CPD +COPY --from=gdimodica/beng-repo:cpd-develop /app/target/deploy-bundle . +RUN chmod 754 *.sh + + diff --git a/example.properties b/example.properties deleted file mode 100644 index 7bfe2dd..0000000 --- a/example.properties +++ /dev/null @@ -1,137 +0,0 @@ -# cluster -cpd.cluster.port=5701 -cpd.cluster.port.autoIncrement=false -cpd.cluster.port.count=10000 -cpd.cluster.interface=10.10.1.* -cpd.cluster.outbound.ports=* -# ssl -cpd.ssl.enabled=false -cpd.ssl.keystore.filename=keystore.jks -cpd.ssl.keystore.password=simpatico -# server -cpd.server.name=Simpatico CPD Server -cpd.server.scheme=http -cpd.server.host=localhost -cpd.server.port=8901 -cpd.server.baseHref=/cpd/ -cpd.server.allowedOriginPattern=^https?:\\\\/\\\\/(www\\\\.)(localhost|my\\\\.domain\\\\.com)(:\\\\d+)?$ -cpd.server.simLagTime=200 -! server.public -cpd.server.pub.scheme=${cpd.server.scheme} -cpd.server.pub.host=${cpd.server.host} -cpd.server.pub.port=${cpd.server.port} -! server.cacheBuilder -cpd.server.cacheBuilder.concurrencyLevel=1 -cpd.server.cacheBuilder.initialCapacity=100 -cpd.server.cacheBuilder.maximumSize=1000 -cpd.server.cacheBuilder.expireAfterAccess=60m -! server.schema -cpd.server.schema.path=schema/ -! server.auth -cpd.server.auth.path=auth/ -cpd.server.auth.login=login/{provider} -cpd.server.auth.logout=logout -cpd.server.auth.getOAuth2Providers=oauth2/providers -cpd.server.auth.getUserIsAuthenticated=user/isAuthenticated -cpd.server.auth.getUser=user -cpd.server.auth.getUserHasAccess=user/hasAccess/{accessRole} -cpd.server.auth.getUserIsAuthorized=user/isAuthorized/{contextName}/{contextId}/{contextRole} -! server.api -cpd.server.api.path=api/ -cpd.server.api.getDiagramSummaryList=diagram/summary/list -cpd.server.api.postUserFeedback=user/feedback -cpd.server.api.getDiagramElement=diagram/{id} -cpd.server.api.putDiagramElement=diagram -cpd.server.api.delDiagramElement=diagram/{id} -cpd.server.api.getModelElement=model/{id} -cpd.server.api.putModelElement=model -cpd.server.api.delModelElement=model/{id} -cpd.server.api.getDiagramElements=diagram/{rootId}/elements -cpd.server.api.getDiagramModels=diagram/{rootId}/models -cpd.server.api.getStencilSetDefinition=data/stencilSetDefinition/{notation} -! server.assets -cpd.server.assets.allowListing=false -# CPD app -cpd.app.path= -cpd.app.useLocalAuth=false -cpd.app.locales="en","es","it" -cpd.app.routes="login","login/*","diagram/*","oauth2/client/callback","schema-validator" -cpd.app.diagramPath=diagram/ -# QAE webapp -cpd.qae.href=https://simpatico.morelab.deusto.es/qae/ -cpd.qae.api.path=api/ -cpd.qae.api.getQuestionCount=stats/diagrams/{elementId} -cpd.qae.link.newQuestion=questions/create?tags={eServiceId},{diagramId},{elementId},Diagram -cpd.qae.link.relatedQuestions=diagrams/list/{elementId} -# mongodb -cpd.mongodb.host=localhost -cpd.mongodb.port=27017 -cpd.mongodb.name=cpd -cpd.mongodb.username= -cpd.mongodb.password= -cpd.mongodb.useObjectId=false -cpd.mongodb.maxPoolSize=100 -cpd.mongodb.maxIdleTimeMS=60000 -cpd.mongodb.maxLifeTimeMS=3600000 -# oauth2 -cpd.oauth2.origin=my redirect callback server origin (e.g. http://my.server:8901) -! NOTE: the oauth2 redirect callback endpoint will be: -!! "${cpd.oauth2.origin}${cpd.server.baseHref}oauth2/server/callback" for AUTH_CODE and CLIENT (1,2) flows -!! "${cpd.oauth2.origin}${cpd.server.baseHref}${cpd.app.path}oauth2/client/callback for IMPLICIT (3) flows -!! leave empty if no oauth2 is required (NOTE: if no oauth2 providers make sure to set cpd.app.useLocalAuth=true) -cpd.oauth2.providers= -! cpd.oauth2.providers must be a list of comma separated json objects (see example): -! example for 2 providers -# cpd.oauth2.providers=\ -# {\ -# "provider":"Google",\ -# "logoUrl":"assets/img/oauth2_google_logo.png",\ -# "site":"https://accounts.google.com",\ -# "authPath":"/o/oauth2/auth",\ -# "tokenPath":"https://www.googleapis.com/oauth2/v3/token",\ -# "introspectionPath":"https://www.googleapis.com/oauth2/v3/tokeninfo",\ -# "clientId":"my google app client id",\ -# "clientSecret":"my google app client secret",\ -# "flows":[\ -# {\ -# "flowType":"AUTH_CODE",\ -# "scope":"email",\ -# "getUserProfile": "https://www.googleapis.com/plus/v1/people/{userId}"\ -# }\ -# ]\ -# },\ -# {\ -# "provider":"AAC",\ -# "logoUrl":"assets/img/oauth2_aac_logo.png",\ -# "site":"http://my.aac:8080",\ -# "authPath":"/aac/eauth/authorize",\ -# "tokenPath":"/aac/oauth/token",\ -# "clientId":"my aac app client id",\ -# "clientSecret":"my aac app client secret",\ -# "flows":[\ -# {\ -# "flowType":"IMPLICIT",\ -# "scope":"profile.basicprofile.me",\ -# "getUserProfile": "http://my.aac:8080/aac/basicprofile/me"\ -# },\ -# {\ -# "flowType":"CLIENT"\ -# }\ -# ]\ -# } -# role -! role.cpd -!! role.cpd.access -role.cpd.access.prefix=role:cpd:access -!!! role.cpd.access.* -role.cpd.access.admin=${role.cpd.access.prefix}:admin -role.cpd.access.civilServant=${role.cpd.access.prefix}:civil-servant -role.cpd.access.citizen=${role.cpd.access.prefix}:citizen -!! role.cpd.context -role.cpd.context.prefix=role:cpd:context -!!! role.cpd.context.diagram.* -role.cpd.context.diagram.owner=${role.cpd.context.prefix}:diagram:owner -role.cpd.context.diagram.editor=${role.cpd.context.prefix}:diagram:editor -role.cpd.context.diagram.reviewer=${role.cpd.context.prefix}:diagram:reviewer -role.cpd.context.diagram.collaborator=${role.cpd.context.prefix}:diagram:collaborator -role.cpd.context.diagram.observer=${role.cpd.context.prefix}:diagram:observer diff --git a/pom.xml b/pom.xml index 20f57d7..b2bbb58 100644 --- a/pom.xml +++ b/pom.xml @@ -26,21 +26,21 @@ true - develop.properties + production false - production.properties + dev-p false - develop.properties + @@ -109,7 +109,7 @@ ../deploy-bundle/web/assets - + + + src/main/deploy-bundle + false + ../deploy-bundle - + - + - + maven-shade-plugin - + diff --git a/prepare-bundle-docker.sh b/prepare-bundle-docker.sh new file mode 100755 index 0000000..c030584 --- /dev/null +++ b/prepare-bundle-docker.sh @@ -0,0 +1,17 @@ +##!/usr/bin/env bash +#!/usr/bin/env sh +PROFILE=$1 +if [ -z "$PROFILE" ]; then + PROFILE=production +fi +if [ "$PROFILE" != "develop" ] && [ "$PROFILE" != "production" ]; then + echo "unknown profile '$PROFILE', it should be 'develop' or 'production'" + exit 1 +fi; +cd "$(dirname "$0")" +echo "starting $PROFILE compilation..." +#mvn -DskipTests -Drelax -gs /usr/share/maven/conf/settings-docker.xml package -P $PROFILE +mvn clean package -P $PROFILE +echo "copying target jar to deploy-bundle..." +cp target/cpd-server-1.3-SNAPSHOT-fat.jar target/deploy-bundle/cpd-server.jar +chmod 754 target/deploy-bundle/*.sh diff --git a/production.properties.tst b/production.properties.tst new file mode 100644 index 0000000..05efd61 --- /dev/null +++ b/production.properties.tst @@ -0,0 +1,71 @@ +# ssl +cpd.ssl.enabled=false +cpd.ssl.keystore.filename=keystore.jks +cpd.ssl.keystore.password=simpatico +# server +cpd.server.host=localhost +cpd.server.port=8901 +cpd.server.baseHref=/cpd/ +cpd.server.allowedOriginPattern=^https?:\\\\/\\\\/(localhost:8901|origin1|origin2|...)$ +# server.public +cpd.server.pub.scheme=https +cpd.server.pub.host=example.host.com +cpd.server.pub.port=443 +# QAE webapp +cpd.qae.href=https://simpatico.morelab.deusto.es/qae/ +cpd.qae.api.path=api/ +cpd.qae.api.getQuestionCount=stats/diagrams/{elementId} +cpd.qae.link.newQuestion=questions/create?tags={eServiceId},{diagramId},{elementId},Diagram +cpd.qae.link.relatedQuestions=diagrams/list/{elementId} +# mongodb +cpd.mongodb.host=localhost +cpd.mongodb.port=27017 +cpd.mongodb.name=cpd +cpd.mongodb.username= +cpd.mongodb.password= +# oauth2 +cpd.oauth2.origin=http://my.server:8901 +! NOTE: the oauth2 redirect callback endpoint will be: +!! "${cpd.oauth2.origin}${cpd.server.baseHref}oauth2/server/callback" for AUTH_CODE and CLIENT (1,2) flows +!! "${cpd.oauth2.origin}${cpd.server.baseHref}${cpd.app.path}oauth2/client/callback for IMPLICIT (3) flows +!! leave empty if no oauth2 is required (NOTE: if no oauth2 providers make sure to set cpd.app.useLocalAuth=true) +cpd.oauth2.providers= #fare qui un read a parte, chiedendo all'utente il percorso del file json (suggerendo ~/oauth2providers.json). quindi copiare su array[1] il contenuto del file, invece array[0] sara' cpd.oauth2.providers +! cpd.oauth2.providers must be a list of comma separated json objects (see example): +! example for 2 providers +# cpd.oauth2.providers=\ +# {\ +# "provider":"Google",\ +# "logoUrl":"assets/img/oauth2_google_logo.png",\ +# "site":"https://accounts.google.com",\ +# "authPath":"/o/oauth2/auth",\ +# "tokenPath":"https://www.googleapis.com/oauth2/v3/token",\ +# "introspectionPath":"https://www.googleapis.com/oauth2/v3/tokeninfo",\ +# "clientId":"my google app client id",\ +# "clientSecret":"my google app client secret",\ +# "flows":[\ +# {\ +# "flowType":"AUTH_CODE",\ +# "scope":"email",\ +# "getUserProfile": "https://www.googleapis.com/plus/v1/people/{userId}"\ +# }\ +# ]\ +# },\ +# {\ +# "provider":"AAC",\ +# "logoUrl":"assets/img/oauth2_aac_logo.png",\ +# "site":"http://my.aac:8080",\ +# "authPath":"/aac/eauth/authorize",\ +# "tokenPath":"/aac/oauth/token",\ +# "clientId":"my aac app client id",\ +# "clientSecret":"my aac app client secret",\ +# "flows":[\ +# {\ +# "flowType":"IMPLICIT",\ +# "scope":"profile.basicprofile.me",\ +# "getUserProfile": "http://my.aac:8080/aac/basicprofile/me"\ +# },\ +# {\ +# "flowType":"CLIENT"\ +# }\ +# ]\ +# } diff --git a/prova.sh b/prova.sh deleted file mode 100755 index d22f6e0..0000000 --- a/prova.sh +++ /dev/null @@ -1,108 +0,0 @@ -#!/usr/bin/env bash - -EXAMPLEFILE=example.properties -PRODUCTIONFILE=production.properties.tst -KEYSTOREFILE=keystore.jks -OAUTH2PROVIDERSFILE=oauth2providers.json - -#checking if oauth2providers file exists -if [ -f $OAUTH2PROVIDERSFILE ]; then - echo "found an oauth2providerse file. Do you want to keep it? (Y/n)" - read keepit - if [ "$keepit" = "n" ]; then - echo "generate a new oauth2providers file and re-run the script!" - exit 0 - fi -else - echo "generate an oauth2providers file and re-run the script!" - exit 0 -fi - -#checking if keystore exists -if [ -f $KEYSTOREFILE ]; then - echo "found a keystore file. Do you want to keep it? (Y/n)" - read keepit - if [ "$keepit" = "n" ]; then - echo "generate a new keystore file and re-run the script!" - exit 0; - fi -else - echo "generate a keystore file and re-run the script!" - exit 0 -fi - -#checking if production.properties exists -if [ -f $PRODUCTIONFILE ]; then - echo "found $PRODUCTIONFILE file. Do you want to keep it? (Y/n)" - read keepit - if [ "$keepit" = "" -o "$keepit" = "y" -o "$keepit" = "Y" ]; then - exit 0; - fi -fi - -#creating a production.properties template file -cp $EXAMPLEFILE $PRODUCTIONFILE - -#grep "^[^#\!].*$" example.properties | while read input; - -foundsslenabled=false -sslenabled=false - -foundserverscheme=false -serverscheme="" - -foundserverhost=false -serverhost="" - -foundserverport=false -serverport="" - -foundoauth2origin=false - - -for input in $(grep "^[^#\!].*$" $PRODUCTIONFILE); -do -#cat "$input" | xxd -p -r > "${input%'.hex'}"; rm "$input"; -IFS='=' read -r -a array <<< "$input" -echo "read ${array[0]}=${array[1]}" -if [[ "${array[0]}" != "cpd.server.pub.scheme" ]]; then # || [[ "${array[0]}" != "cpd.oauth2.origin" ]]; then - echo "Insert value for property \"${array[0]}\" [${array[1]}]" - read userinput - echo "user input=$userinput" - if [ "$userinput" != "" ]; then - array[1]=$userinput - fi -fi - -if [ $foundsslenabled = false -a ${array[0]} = "cpd.ssl.enabled" ]; then - - foundsslenabled=true - sslenabled=${array[1]} - -elif [ $foundserverscheme = false -a ${array[0]} = "cpd.server.pub.scheme" ]; then - foundserverscheme=true - if [ $sslenabled = true ]; then - array[1]="https" - - else - array[1]="http" - fi - serverscheme=${array[1]} - -elif [ $foundserverhost = false -a ${array[0]} = "cpd.server.pub.host" ]; then - foundserverhost=true - serverhost=${array[1]} - -elif [ $foundserverport = false -a ${array[0]} = "cpd.server.pub.port" ]; then - foundserverport=true - serverport=${array[1]} - -elif [ $foundoauth2origin = false -a ${array[0]} = "cpd.oauth2.origin" ]; then - foundoauth2origin=true - array[1]=$serverscheme"://"$serverhost":"$serverport -fi - -echo "writing ${array[0]}=${array[1]} to configuration file" -#sed -i "s/${array[0]}=.*/${array[0]}=${array[1]}/" $PRODUCTIONFILE - -done diff --git a/src/main/deploy-bundle/.properties b/src/main/deploy-bundle/.properties new file mode 100644 index 0000000..d04ba60 --- /dev/null +++ b/src/main/deploy-bundle/.properties @@ -0,0 +1,34 @@ +# ssl +cpd.ssl.enabled=false +cpd.ssl.keystore.filename=keystore.jks +cpd.ssl.keystore.password=simpatico +# server +cpd.server.scheme=http +cpd.server.host=localhost +cpd.server.port=8901 +cpd.server.baseHref=/cpd/ +cpd.server.allowedOriginPattern=^https?:\\\\/\\\\/(localhost:8901|origin1|origin2|...)$ +# server.public +cpd.server.pub.scheme=https +cpd.server.pub.host=example.host.com +cpd.server.pub.port=443 +# QAE webapp +cpd.qae.href=https://simpatico.morelab.deusto.es/qae/ +cpd.qae.api.path=api/ +cpd.qae.api.getQuestionCount=stats/diagrams/{elementId} +cpd.qae.link.newQuestion=questions/create?tags +cpd.qae.link.relatedQuestions=diagrams/list/{elementId} +# mongodb +cpd.mongodb.host=localhost +cpd.mongodb.port=27017 +cpd.mongodb.name=cpd +cpd.mongodb.username= +cpd.mongodb.password= +# oauth2 +cpd.oauth2.origin=http://localhost:8901 +# NOTE: the oauth2 redirect callback endpoint will be: +# "${cpd.oauth2.origin}${cpd.server.baseHref}oauth2/server/callback" for AUTH_CODE and CLIENT (1,2) flows +# "${cpd.oauth2.origin}${cpd.server.baseHref}${cpd.app.path}oauth2/client/callback for IMPLICIT (3) flows +# leave empty if no oauth2 is required (NOTE: if no oauth2 providers make sure to set cpd.app.useLocalAuth=true) +cpd.oauth2.providers=[{"provider":"Google","logoUrl":"assets/img/oauth2_google_logo.png","site":"https://accounts.google.com","authPath":"/o/oauth2/auth","tokenPath":"https://www.googleapis.com/oauth2/v3/token","introspectionPath":"https://www.googleapis.com/oauth2/v3/tokeninfo","clientId":"mygoogleappclientid","clientSecret":"mygoogleappclientsecret","flows":[{"flowType":"AUTH_CODE","scope":"email","getUserProfile":"https://www.googleapis.com/plus/v1/people/{userId}"}]},{"provider":"AAC","logoUrl":"assets/img/oauth2_aac_logo.png","site":"http://my.aac:8080","authPath":"/aac/eauth/authorize","tokenPath":"/aac/oauth/token","clientId":"myaacappclientid","clientSecret":"myaacappclientsecret","flows":[{"flowType":"IMPLICIT","scope":"profile.basicprofile.me","getUserProfile":"http://my.aac:8080/aac/basicprofile/me"},{"flowType":"CLIENT"}]}] + diff --git a/src/main/deploy-bundle/conf/config.json b/src/main/deploy-bundle/conf/config.json index aefc869..1714836 100644 --- a/src/main/deploy-bundle/conf/config.json +++ b/src/main/deploy-bundle/conf/config.json @@ -1,82 +1,62 @@ { - "develop": ${cpd.develop}, - "version": "${version}", + "develop": false, + "version": "1.4-SNAPSHOT", "ssl": { - "enabled": ${cpd.ssl.enabled}, - "keyStoreFilename": "${cpd.ssl.keystore.filename}", - "keyStorePassword": "${cpd.ssl.keystore.password}" + "enabled": false, + "keyStoreFilename": "keystore.jks", + "keyStorePassword": "simpatico" }, "server": { - "name": "${cpd.server.name}", - "scheme": "${cpd.server.scheme}", - "hostname": "${cpd.server.host}", - "port": ${cpd.server.port}, - "baseHref": "${cpd.server.baseHref}", - "allowedOriginPattern": "${cpd.server.allowedOriginPattern}", - "simLagTime": ${cpd.server.simLagTime}, + "name": "Collaborative Procedure Designer Server", + "scheme": "http", + "hostname": "localhost", + "port": 8901, + "baseHref": "/cpd/", + "allowedOriginPattern": "^https?:\\/\\/(localhost:8901|origin1|origin2|...)$", + "simLagTime": -1, "pub": { - "scheme": "${cpd.server.pub.scheme}", - "hostname": "${cpd.server.pub.host}", - "port": ${cpd.server.pub.port} + "scheme": "https", + "hostname": "example.host.com", + "port": 443 }, "cacheBuilder": { - "concurrencyLevel": ${cpd.server.cacheBuilder.concurrencyLevel}, - "initialCapacity": ${cpd.server.cacheBuilder.initialCapacity}, - "maximumSize": ${cpd.server.cacheBuilder.maximumSize}, - "expireAfterAccess": "${cpd.server.cacheBuilder.expireAfterAccess}" + "concurrencyLevel": 1, + "initialCapacity": 100, + "maximumSize": 1000, + "expireAfterAccess": "60s" }, "schema": { - "path": "${cpd.server.schema.path}" + "path": "schema/" }, "auth": { - "path": "${cpd.server.auth.path}" + "path": "auth/" }, "api": { - "path": "${cpd.server.api.path}" + "path": "api/" }, "assets": { - "allowListing": ${cpd.server.assets.allowListing} + "allowListing": false } }, "app": { - "path": "${cpd.app.path}", - "locales": [${cpd.app.locales}], - "routes": [${cpd.app.routes}], - "diagramPath": "${cpd.app.diagramPath}" + "path": "", + "locales": ["en","es","it"], + "routes": ["login","login/*","diagram/*","oauth2/client/callback","schema-validator"], + "diagramPath": "diagram/" }, "mongodb": { - "host": "${cpd.mongodb.host}", - "port": ${cpd.mongodb.port}, - "username": "${cpd.mongodb.username}", - "password": "${cpd.mongodb.password}", - "db_name": "${cpd.mongodb.name}", - "useObjectId": ${cpd.mongodb.useObjectId}, - "maxPoolSize": ${cpd.mongodb.maxPoolSize}, - "maxIdleTimeMS": ${cpd.mongodb.maxIdleTimeMS}, - "maxLifeTimeMS": ${cpd.mongodb.maxLifeTimeMS} + "host": "localhost", + "port": 27017, + "username": "", + "password": "", + "db_name": "cpd", + "useObjectId": false, + "maxPoolSize": 100, + "maxIdleTimeMS": 60000, + "maxLifeTimeMS": 3600000 }, "oauth2": { - "origin": "${cpd.oauth2.origin}", - "providers": [${cpd.oauth2.providers}] - }, - "role": { - "cpd": { - "access": { - "prefix": "${role.cpd.access.prefix}", - "admin": "${role.cpd.access.admin}", - "civilServant": "${role.cpd.access.civilServant}", - "citizen": "${role.cpd.access.citizen}" - }, - "context": { - "prefix": "${role.cpd.context.prefix}", - "diagram": { - "owner": "${role.cpd.context.diagram.owner}", - "editor": "${role.cpd.context.diagram.editor}", - "reviewer": "${role.cpd.context.diagram.reviewer}", - "collaborator": "${role.cpd.context.diagram.collaborator}", - "observer": "${role.cpd.context.diagram.observer}" - } - } - } + "origin": "http://localhost:8901", + "providers": [{"provider":"Google","logoUrl":"assets/img/oauth2_google_logo.png","site":"https://accounts.google.com","authPath":"/o/oauth2/auth","tokenPath":"https://www.googleapis.com/oauth2/v3/token","introspectionPath":"https://www.googleapis.com/oauth2/v3/tokeninfo","clientId":"mygoogleappclientid","clientSecret":"mygoogleappclientsecret","flows":[{"flowType":"AUTH_CODE","scope":"email","getUserProfile":"https://www.googleapis.com/plus/v1/people/{userId}"}]},{"provider":"AAC","logoUrl":"assets/img/oauth2_aac_logo.png","site":"http://my.aac:8080","authPath":"/aac/eauth/authorize","tokenPath":"/aac/oauth/token","clientId":"myaacappclientid","clientSecret":"myaacappclientsecret","flows":[{"flowType":"IMPLICIT","scope":"profile.basicprofile.me","getUserProfile":"http://my.aac:8080/aac/basicprofile/me"},{"flowType":"CLIENT"}]}] } } diff --git a/src/main/deploy-bundle/conf/example.config.json b/src/main/deploy-bundle/conf/example.config.json new file mode 100644 index 0000000..1ed1620 --- /dev/null +++ b/src/main/deploy-bundle/conf/example.config.json @@ -0,0 +1,62 @@ +{ + "develop": false, + "version": "1.4-SNAPSHOT", + "ssl": { + "enabled": ${cpd.ssl.enabled}, + "keyStoreFilename": "${cpd.ssl.keystore.filename}", + "keyStorePassword": "${cpd.ssl.keystore.password}" + }, + "server": { + "name": "Collaborative Procedure Designer Server", + "scheme": "${cpd.server.scheme}", + "hostname": "${cpd.server.host}", + "port": ${cpd.server.port}, + "baseHref": "${cpd.server.baseHref}", + "allowedOriginPattern": "${cpd.server.allowedOriginPattern}", + "simLagTime": -1, + "pub": { + "scheme": "${cpd.server.pub.scheme}", + "hostname": "${cpd.server.pub.host}", + "port": ${cpd.server.pub.port} + }, + "cacheBuilder": { + "concurrencyLevel": 1, + "initialCapacity": 100, + "maximumSize": 1000, + "expireAfterAccess": "60s" + }, + "schema": { + "path": "schema/" + }, + "auth": { + "path": "auth/" + }, + "api": { + "path": "api/" + }, + "assets": { + "allowListing": false + } + }, + "app": { + "path": "", + "locales": ["en","es","it"], + "routes": ["login","login/*","diagram/*","oauth2/client/callback","schema-validator"], + "diagramPath": "diagram/" + }, + "mongodb": { + "host": "${cpd.mongodb.host}", + "port": ${cpd.mongodb.port}, + "username": "${cpd.mongodb.username}", + "password": "${cpd.mongodb.password}", + "db_name": "${cpd.mongodb.name}", + "useObjectId": false, + "maxPoolSize": 100, + "maxIdleTimeMS": 60000, + "maxLifeTimeMS": 3600000 + }, + "oauth2": { + "origin": "${cpd.oauth2.origin}", + "providers": ${cpd.oauth2.providers} + } +} diff --git a/src/main/deploy-bundle/configure.sh b/src/main/deploy-bundle/configure.sh new file mode 100755 index 0000000..65ae077 --- /dev/null +++ b/src/main/deploy-bundle/configure.sh @@ -0,0 +1,146 @@ +#!/usr/bin/env bash + +EXAMPLEFILE=example.properties +PRODUCTIONFILE=.properties +EXAMPLEJSONCONF1=./conf/example.config.json +JSONCONF1=./conf/config.json +EXAMPLEJSONCONF2=./web/assets/conf/example.config.json +JSONCONF2=./web/assets/conf/config.json +KEYSTOREFILE=keystore.jks +OAUTH2PROVIDERSFILE=oauth2providers.json + +#checking if oauth2providers file exists +if [ -f $OAUTH2PROVIDERSFILE ]; then + echo "found an $OAUTH2PROVIDERSFILE file. Do you want to keep it? (Y/n)" + read keepit + if [ "$keepit" = "n" ]; then + echo "generate a new $OAUTH2PROVIDERSFILE file (use example.oauth2providers.json as a template) and re-run the script!" + exit 0 + fi +else + echo "generate an $OAUTH2PROVIDERSFILE file (use example.oauth2providers.json as a template) and re-run the script!" + exit 0 +fi + +#checking if keystore exists +if [ -f $KEYSTOREFILE ]; then + echo "found a keystore file. Do you want to keep it? (Y/n)" + read keepit + if [ "$keepit" = "n" ]; then + echo "generate a new keystore file and re-run the script!" + exit 0; + fi +else + echo "generate a keystore file and re-run the script!" + exit 0 +fi + +#checking if PRODUCTIONFILE exists +if [ -f $PRODUCTIONFILE ]; then + echo "found $PRODUCTIONFILE file. Do you want to keep it? (Y/n)" + read keepit + if [ "$keepit" = "" ] || [ "$keepit" = "y" ] || [ "$keepit" = "Y" ]; then + exit 0; + else + echo "Loading existing $PRODUCTIONFILE file. Creating json config files from template..." + cp $EXAMPLEJSONCONF1 $JSONCONF1 + cp $EXAMPLEJSONCONF2 $JSONCONF2 + #cp $EXAMPLEFILE $PRODUCTIONFILE + fi +else + #creating a PRODUCTIONFILE file + echo "$PRODUCTIONFILE file not found. Creating from template..." + cp $EXAMPLEFILE $PRODUCTIONFILE + echo "Creating json config files from template..." + cp $EXAMPLEJSONCONF1 $JSONCONF1 + cp $EXAMPLEJSONCONF2 $JSONCONF2 +fi + + +#grep "^[^#\!].*$" example.properties | while read input; + +foundsslenabled=false +sslenabled=false + +foundserverscheme=false +serverscheme="" + +foundserverhost=false +serverhost="" + +foundserverport=false +serverport="" + +foundoauth2origin=false + +foundoauth2providers=false + +for input in $(grep "^[^#\!].*$" $PRODUCTIONFILE); +do +#cat "$input" | xxd -p -r > "${input%'.hex'}"; rm "$input"; +IFS='=' read -r -a array <<< "$input" +echo "read ${array[0]}=${array[1]}" +#if [ ${array[0]} != "cpd.server.pub.scheme" ] || [ ${array[0]} != "cpd.oauth2.origin" ] ; then +if ! [[ ${array[0]} =~ ^cpd\.(server\.scheme|oauth2\.origin|oauth2\.providers)$ ]] ; then + echo "Insert value for property \"${array[0]}\" [${array[1]}]" + read userinput + echo "user input=$userinput" + if [ "$userinput" != "" ]; then + array[1]=$userinput + fi +fi + +if [ $foundsslenabled = false -a ${array[0]} = "cpd.ssl.enabled" ]; then + + foundsslenabled=true + sslenabled=${array[1]} + +elif [ $foundserverscheme = false -a ${array[0]} = "cpd.server.scheme" ]; then + foundserverscheme=true + if [ $sslenabled = true ]; then + array[1]="https" + + else + array[1]="http" + fi + serverscheme=${array[1]} + +elif [ $foundserverhost = false -a ${array[0]} = "cpd.server.host" ]; then + foundserverhost=true + serverhost=${array[1]} + +elif [ $foundserverport = false -a ${array[0]} = "cpd.server.port" ]; then + foundserverport=true + serverport=${array[1]} + +elif [ $foundoauth2origin = false -a ${array[0]} = "cpd.oauth2.origin" ]; then + foundoauth2origin=true + array[1]=$serverscheme"://"$serverhost":"$serverport + +elif [ $foundoauth2providers = false -a ${array[0]} = "cpd.oauth2.providers" ]; then + foundoauth2providers=true + + if [[ ${array[1]} != "[*" ]]; then + #array[1]=${array[1]} + #else + array[1]=$(cat $OAUTH2PROVIDERSFILE | sed ':a;N;$!ba;s/\n//g' | tr -d '[:space:]') + #buffer="$(sed ':a;N;$!ba;s/\n//g' <<<$buffer)" + #trimmed_buffer=$(tr -d '[:space:]' $buffer) + #$buffer="$(sed 'sE/[\n ]+//g' <<<$buffer)" + #array[1]=$(tr -d '[:space:]' "$buffer") + #tr '\n' ' ' "$buffer" | echo + fi + #echo "$OAUTH2PROVIDERSFILE json is: ${array[1]}" +fi + +echo "writing ${array[0]}=${array[1]} to $PRODUCTIONFILE file" +sed -i "s|${array[0]}=.*|${array[0]}=${array[1]}|" $PRODUCTIONFILE + +echo "writing ${array[1]} value to \${${array[0]}} property in $JSONCONF1 file" +sed -i "s#\${${array[0]}}#${array[1]}#" $JSONCONF1 + +echo "writing ${array[1]} value to \${${array[0]}} property in $JSONCONF2 file" +sed -i "s#\${${array[0]}}#${array[1]}#" $JSONCONF2 + +#sed -E '/(#.*)/!s/${array[0]}=.*/${array[0]}=${array[1]}/g' $PRODUCTIONFILE +done diff --git a/src/main/deploy-bundle/example.oauth2providers.json b/src/main/deploy-bundle/example.oauth2providers.json new file mode 100644 index 0000000..3135020 --- /dev/null +++ b/src/main/deploy-bundle/example.oauth2providers.json @@ -0,0 +1,37 @@ +[ + { + "provider":"Google", + "logoUrl":"assets/img/oauth2_google_logo.png", + "site":"https://accounts.google.com", + "authPath":"/o/oauth2/auth", + "tokenPath":"https://www.googleapis.com/oauth2/v3/token", + "introspectionPath":"https://www.googleapis.com/oauth2/v3/tokeninfo", + "clientId":"my google app client id", + "clientSecret":"my google app client secret", + "flows":[ + { + "flowType":"AUTH_CODE", + "scope":"email", + "getUserProfile": "https://www.googleapis.com/plus/v1/people/{userId}" + } + ] + }, { + "provider":"AAC", + "logoUrl":"assets/img/oauth2_aac_logo.png", + "site":"http://my.aac:8080", + "authPath":"/aac/eauth/authorize", + "tokenPath":"/aac/oauth/token", + "clientId":"my aac app client id", + "clientSecret":"my aac app client secret", + "flows":[ + { + "flowType":"IMPLICIT", + "scope":"profile.basicprofile.me", + "getUserProfile": "http://my.aac:8080/aac/basicprofile/me" + }, + { + "flowType":"CLIENT" + } + ] + } +] diff --git a/src/main/deploy-bundle/example.properties b/src/main/deploy-bundle/example.properties new file mode 100644 index 0000000..82528e5 --- /dev/null +++ b/src/main/deploy-bundle/example.properties @@ -0,0 +1,34 @@ +# ssl +cpd.ssl.enabled=false +cpd.ssl.keystore.filename=keystore.jks +cpd.ssl.keystore.password=simpatico +# server +cpd.server.scheme=http +cpd.server.host=localhost +cpd.server.port=8901 +cpd.server.baseHref=/cpd/ +cpd.server.allowedOriginPattern=^https?:\\\\/\\\\/(localhost:8901|origin1|origin2|...)$ +# server.public +cpd.server.pub.scheme=https +cpd.server.pub.host=example.host.com +cpd.server.pub.port=443 +# QAE webapp +cpd.qae.href=https://simpatico.morelab.deusto.es/qae/ +cpd.qae.api.path=api/ +cpd.qae.api.getQuestionCount=stats/diagrams/{elementId} +cpd.qae.link.newQuestion=questions/create?tags={eServiceId},{diagramId},{elementId},Diagram +cpd.qae.link.relatedQuestions=diagrams/list/{elementId} +# mongodb +cpd.mongodb.host=localhost +cpd.mongodb.port=27017 +cpd.mongodb.name=cpd +cpd.mongodb.username= +cpd.mongodb.password= +# oauth2 +cpd.oauth2.origin=http://my.server:8901 +# NOTE: the oauth2 redirect callback endpoint will be: +# "${cpd.oauth2.origin}${cpd.server.baseHref}oauth2/server/callback" for AUTH_CODE and CLIENT (1,2) flows +# "${cpd.oauth2.origin}${cpd.server.baseHref}${cpd.app.path}oauth2/client/callback for IMPLICIT (3) flows +# leave empty if no oauth2 is required (NOTE: if no oauth2 providers make sure to set cpd.app.useLocalAuth=true) +cpd.oauth2.providers=oauth2providers.json + diff --git a/src/main/deploy-bundle/keystore.jks b/src/main/deploy-bundle/keystore.jks new file mode 100644 index 0000000..6c0101b Binary files /dev/null and b/src/main/deploy-bundle/keystore.jks differ diff --git a/src/main/deploy-bundle/oauth2providers.json b/src/main/deploy-bundle/oauth2providers.json new file mode 100644 index 0000000..3135020 --- /dev/null +++ b/src/main/deploy-bundle/oauth2providers.json @@ -0,0 +1,37 @@ +[ + { + "provider":"Google", + "logoUrl":"assets/img/oauth2_google_logo.png", + "site":"https://accounts.google.com", + "authPath":"/o/oauth2/auth", + "tokenPath":"https://www.googleapis.com/oauth2/v3/token", + "introspectionPath":"https://www.googleapis.com/oauth2/v3/tokeninfo", + "clientId":"my google app client id", + "clientSecret":"my google app client secret", + "flows":[ + { + "flowType":"AUTH_CODE", + "scope":"email", + "getUserProfile": "https://www.googleapis.com/plus/v1/people/{userId}" + } + ] + }, { + "provider":"AAC", + "logoUrl":"assets/img/oauth2_aac_logo.png", + "site":"http://my.aac:8080", + "authPath":"/aac/eauth/authorize", + "tokenPath":"/aac/oauth/token", + "clientId":"my aac app client id", + "clientSecret":"my aac app client secret", + "flows":[ + { + "flowType":"IMPLICIT", + "scope":"profile.basicprofile.me", + "getUserProfile": "http://my.aac:8080/aac/basicprofile/me" + }, + { + "flowType":"CLIENT" + } + ] + } +] diff --git a/src/main/deploy-bundle/web/assets/conf/config.json b/src/main/deploy-bundle/web/assets/conf/config.json index f0e642d..e7a8bc3 100644 --- a/src/main/deploy-bundle/web/assets/conf/config.json +++ b/src/main/deploy-bundle/web/assets/conf/config.json @@ -1,64 +1,44 @@ { "server": { - "baseHref": "${cpd.server.baseHref}", - "useLocalAuth": ${cpd.app.useLocalAuth}, + "baseHref": "/cpd/", + "useLocalAuth": false, "schema": { - "path": "${cpd.server.schema.path}" + "path": "schema/" }, "auth": { - "path": "${cpd.server.auth.path}", - "login": "${cpd.server.auth.login}", - "logout": "${cpd.server.auth.logout}", - "getOAuth2Providers": "${cpd.server.auth.getOAuth2Providers}", - "getUser": "${cpd.server.auth.getUser}", - "getUserIsAuthenticated": "${cpd.server.auth.getUserIsAuthenticated}", - "getUserHasAccess": "${cpd.server.auth.getUserHasAccess}", - "getUserIsAuthorized": "${cpd.server.auth.getUserIsAuthorized}" + "path": "auth/", + "login": "login/{provider}", + "logout": "logout", + "getOAuth2Providers": "oauth2/providers", + "getUser": "user", + "getUserIsAuthenticated": "user/isAuthenticated", + "getUserHasAccess": "user/hasAccess/{accessRole}", + "getUserIsAuthorized": "user/isAuthorized/{contextName}/{contextId}/{contextRole}" }, "api": { - "path": "${cpd.server.api.path}", - "getDiagramSummaryList": "${cpd.server.api.getDiagramSummaryList}", - "postUserFeedback": "${cpd.server.api.postUserFeedback}", - "getDiagramElement": "${cpd.server.api.getDiagramElement}", - "putDiagramElement": "${cpd.server.api.putDiagramElement}", - "delDiagramElement": "${cpd.server.api.delDiagramElement}", - "getModelElement": "${cpd.server.api.getModelElement}", - "putModelElement": "${cpd.server.api.putModelElement}", - "delModelElement": "${cpd.server.api.delModelElement}", - "getDiagramElements": "${cpd.server.api.getDiagramElements}", - "getDiagramModels": "${cpd.server.api.getDiagramModels}", - "getStencilSetDefinition": "${cpd.server.api.getStencilSetDefinition}" + "path": "api/", + "getDiagramSummaryList": "diagram/summary/list", + "postUserFeedback": "user/feedback", + "getDiagramElement": "diagram/{id}", + "putDiagramElement": "diagram", + "delDiagramElement": "diagram/{id}", + "getModelElement": "model/{id}", + "putModelElement": "model", + "delModelElement": "model/{id}", + "getDiagramElements": "diagram/{rootId}/elements", + "getDiagramModels": "diagram/{rootId}/models", + "getStencilSetDefinition": "data/stencilSetDefinition/{notation}" } }, "qae": { - "href": "${cpd.qae.href}", + "href": "https://simpatico.morelab.deusto.es/qae/", "api": { - "path": "${cpd.qae.api.path}", - "getQuestionCount": "${cpd.qae.api.getQuestionCount}" + "path": "api/", + "getQuestionCount": "stats/diagrams/{elementId}" }, "link": { - "newQuestion": "${cpd.qae.link.newQuestion}", - "relatedQuestions": "${cpd.qae.link.relatedQuestions}" - } - }, - "role": { - "cpd": { - "access": { - "prefix": "${role.cpd.access.prefix}", - "admin": "${role.cpd.access.admin}", - "civilServant": "${role.cpd.access.civilServant}", - "citizen": "${role.cpd.access.citizen}" - }, - "context": { - "prefix": "${role.cpd.context.prefix}", - "diagram": { - "owner": "${role.cpd.context.diagram.owner}", - "editor": "${role.cpd.context.diagram.editor}", - "reviewer": "${role.cpd.context.diagram.reviewer}", - "collaborator": "${role.cpd.context.diagram.collaborator}", - "observer": "${role.cpd.context.diagram.observer}" - } - } + "newQuestion": "questions/create?tags", + "relatedQuestions": "diagrams/list/{elementId}" } } } diff --git a/src/main/deploy-bundle/web/assets/conf/example.config.json b/src/main/deploy-bundle/web/assets/conf/example.config.json new file mode 100644 index 0000000..c811f72 --- /dev/null +++ b/src/main/deploy-bundle/web/assets/conf/example.config.json @@ -0,0 +1,44 @@ +{ + "server": { + "baseHref": "${cpd.server.baseHref}", + "useLocalAuth": false, + "schema": { + "path": "schema/" + }, + "auth": { + "path": "auth/", + "login": "login/{provider}", + "logout": "logout", + "getOAuth2Providers": "oauth2/providers", + "getUser": "user", + "getUserIsAuthenticated": "user/isAuthenticated", + "getUserHasAccess": "user/hasAccess/{accessRole}", + "getUserIsAuthorized": "user/isAuthorized/{contextName}/{contextId}/{contextRole}" + }, + "api": { + "path": "api/", + "getDiagramSummaryList": "diagram/summary/list", + "postUserFeedback": "user/feedback", + "getDiagramElement": "diagram/{id}", + "putDiagramElement": "diagram", + "delDiagramElement": "diagram/{id}", + "getModelElement": "model/{id}", + "putModelElement": "model", + "delModelElement": "model/{id}", + "getDiagramElements": "diagram/{rootId}/elements", + "getDiagramModels": "diagram/{rootId}/models", + "getStencilSetDefinition": "data/stencilSetDefinition/{notation}" + } + }, + "qae": { + "href": "${cpd.qae.href}", + "api": { + "path": "${cpd.qae.api.path}", + "getQuestionCount": "${cpd.qae.api.getQuestionCount}" + }, + "link": { + "newQuestion": "${cpd.qae.link.newQuestion}", + "relatedQuestions": "${cpd.qae.link.relatedQuestions}" + } + } +} diff --git a/src/main/java/it/beng/modeler/config.java b/src/main/java/it/beng/modeler/config.java index 93389ae..39b2713 100644 --- a/src/main/java/it/beng/modeler/config.java +++ b/src/main/java/it/beng/modeler/config.java @@ -5,6 +5,7 @@ import java.util.*; + /** *

This class is a member of modeler-microservice project.

* diff --git a/src/main/resources/cluster.xml b/src/main/resources/cluster.xml index f3d8f2b..e018507 100644 --- a/src/main/resources/cluster.xml +++ b/src/main/resources/cluster.xml @@ -19,9 +19,9 @@ 3 - ${cpd.cluster.port} + 5701 - ${cpd.cluster.outbound.ports} + * @@ -30,13 +30,13 @@ - ${cpd.cluster.interface} + 10.10.1.* - + com.hazelcast.nio.ssl.BasicSSLContextFactory - ${cpd.ssl.keystore.filename} - ${cpd.ssl.keystore.password} + keystore.jks + simpatico @@ -128,4 +128,4 @@ 1 - \ No newline at end of file +