Merge pull request #69 from IABTechLab/gdm-UID2-1504-operator-plainte…

…xt-key-field-removal

Operator plaintext key field removal

pom.xml

@@ -24,7 +24,7 @@
     <vertx.verticle>com.uid2.core.vertx.CoreVerticle</vertx.verticle>
     <launcher.class>io.vertx.core.Launcher</launcher.class>
 
-    <uid2-shared.version>5.3.0-c5ed833119</uid2-shared.version>
+    <uid2-shared.version>5.7.0-b6571a9981</uid2-shared.version>
     <image.version>${project.version}</image.version>
   </properties>
 

src/main/java/com/uid2/core/handler/AttestationFailureHandler.java

@@ -9,7 +9,6 @@
 import io.vertx.core.json.JsonObject;
 import io.vertx.core.net.SocketAddress;
 import io.vertx.ext.web.RoutingContext;
-import org.apache.commons.codec.digest.DigestUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -41,15 +40,13 @@ private void logAttestationFailure(RoutingContext context) {
         final AttestationFailureReason attestationFailureReason = context.get(Const.RoutingContextData.ATTESTATION_FAILURE_REASON_PROP);
         final String attestationFailureDataJson = getAttestationFailureDataJson(context);
 
-        final String operatorKeyHash = DigestUtils.sha256Hex(operatorKey.getKey());
-
         final String originatingIpAddress = getOriginatingIpAddress(context);
 
         LOG.warn("Attestation failed. StatusCode={} Reason={} Data={} OperatorKeyHash={} OperatorKeyName={} SiteId={} Protocol={} OperatorType={} OriginatingIpAddress={}",
                 context.response().getStatusCode(),
                 attestationFailureReason,
                 attestationFailureDataJson,
-                operatorKeyHash,
+                operatorKey.getKeyHash(),
                 operatorKey.getName(),
                 operatorKey.getSiteId(),
                 operatorKey.getProtocol(),

src/test/java/com/uid2/core/vertx/TestClientSideKeypairMetadataPath.java

@@ -81,8 +81,8 @@ private String getUrlForEndpoint(String endpoint) {
     }
 
     private void fakeAuth(OperatorType operatorType, int siteId) {
-        OperatorKey clientKey = new OperatorKey("test-key", "test-key-hash", "test-key-salt", "", "", attestationProtocol, 0, false, siteId, new HashSet<>(), operatorType);
-        when(authProvider.get(any())).thenReturn(clientKey);
+        OperatorKey operatorKey = new OperatorKey("test-key-hash", "test-key-salt", "", "", attestationProtocol, 0, false, siteId, new HashSet<>(), operatorType);
+        when(authProvider.get(any())).thenReturn(operatorKey);
     }
 
     private void get(Vertx vertx, String endpoint, String body, Handler<AsyncResult<HttpResponse<Buffer>>> handler) {

src/test/java/com/uid2/core/vertx/TestCoreVerticle.java

@@ -81,8 +81,8 @@ private String getUrlForEndpoint(String endpoint) {
     }
 
     private void fakeAuth(Role... roles) {
-        OperatorKey clientKey = new OperatorKey("test-key", "test-key-hash", "test-key-salt", "test-name", "test-contact", attestationProtocol, 0, false, 88, new HashSet<>(Arrays.asList(roles)), OperatorType.PRIVATE);
-        when(authProvider.get(any())).thenReturn(clientKey);
+        OperatorKey operatorKey = new OperatorKey("test-key-hash", "test-key-salt", "test-name", "test-contact", attestationProtocol, 0, false, 88, new HashSet<>(Arrays.asList(roles)), OperatorType.PRIVATE);
+        when(authProvider.get(any())).thenReturn(operatorKey);
     }
 
     private void post(Vertx vertx, String endpoint, String body, Handler<AsyncResult<HttpResponse<Buffer>>> handler) {

src/test/java/com/uid2/core/vertx/TestServiceLinkMetadataPath.java

@@ -80,8 +80,8 @@ private String getUrlForEndpoint(String endpoint) {
     }
 
     private void fakeAuth(OperatorType operatorType, int siteId) {
-        OperatorKey clientKey = new OperatorKey("test-key", "test-key-hash", "test-key-salt", "", "", attestationProtocol, 0, false, siteId, new HashSet<>(), operatorType);
-        when(authProvider.get(any())).thenReturn(clientKey);
+        OperatorKey operatorKey = new OperatorKey("test-key-hash", "test-key-salt", "", "", attestationProtocol, 0, false, siteId, new HashSet<>(), operatorType);
+        when(authProvider.get(any())).thenReturn(operatorKey);
     }
 
     private void get(Vertx vertx, String endpoint, String body, Handler<AsyncResult<HttpResponse<Buffer>>> handler) {

src/test/java/com/uid2/core/vertx/TestServiceMetadataPath.java

@@ -80,8 +80,8 @@ private String getUrlForEndpoint(String endpoint) {
     }
 
     private void fakeAuth(OperatorType operatorType, int siteId) {
-        OperatorKey clientKey = new OperatorKey("test-key", "test-key-hash", "test-key-salt", "", "", attestationProtocol, 0, false, siteId, new HashSet<>(), operatorType);
-        when(authProvider.get(any())).thenReturn(clientKey);
+        OperatorKey operatorKey = new OperatorKey("test-key-hash", "test-key-salt", "", "", attestationProtocol, 0, false, siteId, new HashSet<>(), operatorType);
+        when(authProvider.get(any())).thenReturn(operatorKey);
     }
 
     private void get(Vertx vertx, String endpoint, String body, Handler<AsyncResult<HttpResponse<Buffer>>> handler) {

src/test/java/com/uid2/core/vertx/TestSiteSpecificMetadataPath.java

@@ -79,8 +79,8 @@ private String getUrlForEndpoint(String endpoint) {
   }
 
   private void fakeAuth(OperatorType operatorType, int siteId) {
-    OperatorKey clientKey = new OperatorKey("test-key", "test-key-hash", "test-key-salt", "", "", attestationProtocol, 0, false, siteId, new HashSet<>(), operatorType);
-    when(authProvider.get(any())).thenReturn(clientKey);
+    OperatorKey operatorKey = new OperatorKey("test-key-hash", "test-key-salt", "", "", attestationProtocol, 0, false, siteId, new HashSet<>(), operatorType);
+    when(authProvider.get(any())).thenReturn(operatorKey);
   }
 
   private void get(Vertx vertx, String endpoint, String body, Handler<AsyncResult<HttpResponse<Buffer>>> handler) {

src/test/java/com/uid2/core/vertx/TestSiteSpecificMetadataPathDisabled.java

@@ -80,8 +80,8 @@ private String getUrlForEndpoint(String endpoint) {
   }
 
   private void fakeAuth(OperatorType operatorType, int siteId) {
-    OperatorKey clientKey = new OperatorKey("test-key", "test-key-hash", "test-key-salt", "", "", attestationProtocol, 0, false, siteId, new HashSet<>(), operatorType);
-    when(authProvider.get(any())).thenReturn(clientKey);
+    OperatorKey operatorKey = new OperatorKey("test-key-hash", "test-key-salt", "", "", attestationProtocol, 0, false, siteId, new HashSet<>(), operatorType);
+    when(authProvider.get(any())).thenReturn(operatorKey);
   }
 
   private void get(Vertx vertx, String endpoint, String body, Handler<AsyncResult<HttpResponse<Buffer>>> handler) {

src/test/java/com/uid2/core/vertx/TestSitesMetadataPath.java

@@ -83,8 +83,8 @@ private String getUrlForEndpoint(String endpoint) {
     }
 
     private void fakeAuth(OperatorType operatorType, int siteId) {
-        OperatorKey clientKey = new OperatorKey("test-key", "test-key-hash", "test-key-salt", "", "", attestationProtocol, 0, false, siteId, new HashSet<>(), operatorType);
-        when(authProvider.get(any())).thenReturn(clientKey);
+        OperatorKey operatorKey = new OperatorKey("test-key-hash", "test-key-salt", "", "", attestationProtocol, 0, false, siteId, new HashSet<>(), operatorType);
+        when(authProvider.get(any())).thenReturn(operatorKey);
     }
 
     private void get(Vertx vertx, String endpoint, String body, Handler<AsyncResult<HttpResponse<Buffer>>> handler) {