Skip to content

Commit

Permalink
[INJICERT-657] Remove mock-ida-dataprovider-plugin project from relea…
Browse files Browse the repository at this point in the history
…se and last sprint handover review comments (#85)

* [INJICERT-657] Removed mock-ida-dataprovider-plugin project as it is not a part of 0.10.0 certify release

Signed-off-by: Piyush7034 <[email protected]>

* Added code review changes for release

Signed-off-by: Piyush7034 <[email protected]>

---------

Signed-off-by: Piyush7034 <[email protected]>
Signed-off-by: Vishwa <[email protected]>
  • Loading branch information
Piyush7034 authored Dec 14, 2024
1 parent cb220c0 commit c654d79
Show file tree
Hide file tree
Showing 14 changed files with 124 additions and 925 deletions.
41 changes: 0 additions & 41 deletions .github/workflows/push-trigger.yml
Original file line number Diff line number Diff line change
Expand Up @@ -187,47 +187,6 @@ jobs:
GPG_SECRET: ${{ secrets.GPG_SECRET }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

build-maven-mock-ida-dataprovider-plugin:
uses: mosip/kattu/.github/workflows/maven-build.yml@master-java21
with:
SERVICE_LOCATION: mock-ida-dataprovider-plugin
BUILD_ARTIFACT: mock-ida-dataprovider-plugin
secrets:
OSSRH_USER: ${{ secrets.OSSRH_USER }}
OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }}
OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
GPG_SECRET: ${{ secrets.GPG_SECRET }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

publish_to_nexus_mock-ida-dataprovider-plugin:
if: "${{ !contains(github.ref, 'master') && github.event_name != 'pull_request' && github.event_name != 'release' && github.event_name != 'prerelease' && github.event_name != 'publish' }}"
needs: build-maven-mock-ida-dataprovider-plugin
uses: mosip/kattu/.github/workflows/maven-publish-to-nexus.yml@master-java21
with:
SERVICE_LOCATION: ./mock-ida-dataprovider-plugin
secrets:
OSSRH_USER: ${{ secrets.OSSRH_USER }}
OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }}
OSSRH_URL: ${{ secrets.OSSRH_SNAPSHOT_URL }}
OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
GPG_SECRET: ${{ secrets.GPG_SECRET }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

sonar_analysis_mock-ida-dataprovider-plugin:
needs: build-maven-mock-ida-dataprovider-plugin
if: "${{ github.event_name != 'pull_request' }}"
uses: mosip/kattu/.github/workflows/maven-sonar-analysis.yml@master-java21
with:
SERVICE_LOCATION: ./mock-ida-dataprovider-plugin
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
ORG_KEY: ${{ secrets.ORG_KEY }}
OSSRH_USER: ${{ secrets.OSSRH_USER }}
OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }}
OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
GPG_SECRET: ${{ secrets.GPG_SECRET }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

build-maven-postgres-dataprovider-plugin:
uses: mosip/kattu/.github/workflows/maven-build.yml@master-java21
with:
Expand Down

This file was deleted.

Original file line number Diff line number Diff line change
Expand Up @@ -3,32 +3,83 @@

import io.mosip.certify.api.exception.DataProviderExchangeException;
import io.mosip.certify.api.spi.DataProviderPlugin;
import io.mosip.certify.util.CSVReader;
import jakarta.annotation.PostConstruct;
import lombok.extern.slf4j.Slf4j;
import org.json.JSONException;
import org.json.JSONObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.http.HttpMethod;
import org.springframework.stereotype.Component;
import org.springframework.util.ResourceUtils;
import org.springframework.util.StreamUtils;
import org.springframework.web.client.RestTemplate;

import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.util.Map;
import java.util.Set;

@ConditionalOnProperty(value = "mosip.certify.integration.data-provider-plugin", havingValue = "MockCSVDataProviderPlugin")
@Component
@Slf4j
public class MockCSVDataProviderPlugin implements DataProviderPlugin {
@Autowired
private DataProviderService dataService;
@Value("${mosip.certify.mock.vciplugin.id-uri:https://example.com/}")
private String id;
@Autowired
private CSVReader csvReader;
@Value("${mosip.certify.mock.data-provider.csv-registry-uri}")
private String csvRegistryURI;
@Value("${mosip.certify.mock.data-provider.csv.identifier-column}")
private String identifierColumn;
@Value("#{'${mosip.certify.mock.data-provider.csv.data-columns}'.split(',')}")
private Set<String> dataColumns;
@Autowired
private RestTemplate restTemplate;

/**
* initialize sets up a CSV data for this DataProviderPlugin on start of application
* @return
*/
@PostConstruct
public File initialize() throws IOException, JSONException {
File filePath;
if (csvRegistryURI.startsWith("http")) {
// download the file to a path: usecase(docker, spring cloud config)
filePath = restTemplate.execute(csvRegistryURI, HttpMethod.GET, null, resp -> {
File ret = File.createTempFile("download", "tmp");

Check warning

Code scanning / CodeQL

Local information disclosure in a temporary directory Medium

Local information disclosure vulnerability due to use of file readable by other local users.
StreamUtils.copy(resp.getBody(), new FileOutputStream(ret));
return ret;
});
} else if (csvRegistryURI.startsWith("classpath:")) {
try {
// usecase(local setup)
filePath = ResourceUtils.getFile(csvRegistryURI);
} catch (IOException e) {
throw new FileNotFoundException("File not found in: " + csvRegistryURI);
}
} else {
// usecase(local setup)
filePath = new File(csvRegistryURI);
if (!filePath.isFile()) {
// TODO: make sure it crashes the application
throw new FileNotFoundException("File not found: " + csvRegistryURI);
}
}
csvReader.readCSV(filePath, identifierColumn, dataColumns);
return filePath;
}

@Override
public JSONObject fetchData(Map<String, Object> identityDetails) throws DataProviderExchangeException {
try {
String individualId = (String) identityDetails.get("sub");
if (individualId != null) {
JSONObject jsonRes;
jsonRes = dataService.fetchDataFromCSVReader(individualId);
jsonRes.put("id", id + individualId);
JSONObject jsonRes = csvReader.getJsonObjectByIdentifier(individualId);
return jsonRes;
}
} catch (Exception e) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,75 +19,45 @@
@Component
@Slf4j
public class CSVReader {
private Map<String, List<Map<String, String>>> dataMap = new HashMap<>();

@Value("${mosip.certify.data-provider.identifier.column}")
private String identifierColumn;
@Value("${mosip.certify.data-provider.fields.include}")
private String includeFields;

private Set<String> fieldsToInclude;

@PostConstruct
public void init() {
// Convert comma-separated fields to Set
// TODO: https://stackoverflow.com/questions/56454902/spring-value-with-arraylist-split-and-obtain-the-first-value
// We can get all fields in the Set<String> directly
fieldsToInclude = new HashSet<>(Arrays.asList(includeFields.split(",")));
}

public void readCSV(File f) throws IOException {
try {
// TODO: Eliminate nested try-catch
try (FileReader reader = new FileReader(f);
CSVParser csvParser = new CSVParser(reader, CSVFormat.DEFAULT.withFirstRecordAsHeader())) {
// Get header names
List<String> headers = csvParser.getHeaderNames();
// Validate that identifier column exists
if (!headers.contains(identifierColumn)) {
throw new IllegalArgumentException("Identifier column " + identifierColumn + " not found in CSV");
}
private Map<String, JSONObject> dataMap = new HashMap<>();

public void readCSV(File filePath, String identifierColumn, Set<String> dataColumns) throws IOException, JSONException {
try (FileReader reader = new FileReader(filePath);
CSVParser csvParser = new CSVParser(reader, CSVFormat.DEFAULT.withFirstRecordAsHeader())) {
// Get header names
List<String> headers = csvParser.getHeaderNames();
// Validate that identifier column exists
if (!headers.contains(identifierColumn)) {
throw new IllegalArgumentException("Identifier column " + identifierColumn + " not found in CSV");
}

// Process each record
for (CSVRecord record : csvParser) {
String identifier = record.get(identifierColumn);
Map<String, String> rowData = new HashMap<>();
// Store only the configured fields
for (String header : headers) {
if (fieldsToInclude.contains(header) || header.equals(identifierColumn)) {
rowData.put(header, record.get(header));
}
// Process each record
for (CSVRecord record : csvParser) {
String identifier = record.get(identifierColumn);
JSONObject jsonObject = new JSONObject();
// Store only the configured fields
for (String header : headers) {
if (dataColumns.contains(header) || header.equals(identifierColumn)) {
jsonObject.put(header, record.get(header));
}

// Add to dataMap
dataMap.computeIfAbsent(identifier, k -> new ArrayList<>()).add(rowData);
}
} catch (IOException e) {
log.error("Error finding csv file path", e);
throw new IOException("Unable to find the CSV file.");

// Add to dataMap
dataMap.put(identifier, jsonObject);
}
} catch (IOException e) {
log.error("Error fetching csv file from classpath resource", e);
throw new IOException("Unable to find the classpath resource for csv file.");
log.error("Error finding csv file path", e);
throw new IOException("Unable to find the CSV file.");
}
}

public JSONObject getJsonObjectByIdentifier(String identifier) throws DataProviderExchangeException, JSONException {
JSONObject jsonObject = new JSONObject();
List<Map<String, String>> records = dataMap.get(identifier);
if(records == null || records.isEmpty()) {
JSONObject record = dataMap.get(identifier);
if(record == null) {
log.error("No identifier found.");
throw new DataProviderExchangeException("No record found in csv with the provided identifier");
}
if (records != null && !records.isEmpty()) {
Map<String, String> record = records.get(0);
// Add only configured fields to JsonObject
for (Map.Entry<String, String> entry : record.entrySet()) {
if (fieldsToInclude.contains(entry.getKey()) || entry.getKey().equals(identifierColumn)) {
jsonObject.put(entry.getKey(), entry.getValue());
}
}
}
return jsonObject;

return record;
}
}

This file was deleted.

Loading

0 comments on commit c654d79

Please sign in to comment.