Merge pull request indigo-iam#796 from indigo-iam/develop

INDIGO IAM v1.9.0 release

.github/workflows/maven.yml

@@ -35,19 +35,25 @@ jobs:
         mysql -uroot -proot -e "CREATE DATABASE iam CHARACTER SET latin1 COLLATE latin1_swedish_ci;"
         mysql -uroot -proot -e "GRANT ALL ON *.* TO 'iam'@'%';"
         mysql -uroot -proot -e "FLUSH PRIVILEGES;"
-        mvn -Dspring.profiles.active=mysql-test package install
+        mvn -Dspring.profiles.active=mysql-test -q package install
 
     - name: Copy artifacts to docker dir
       run: |
         cp iam-login-service/target/iam-login-service.war iam-login-service/docker
         cp iam-test-client/target/iam-test-client.jar iam-test-client/docker
 
     - name: Generate buildpacks
-      run: mvn -DskipTests -U -B spring-boot:build-image
-
+      run: mvn -DskipTests -U -B -q spring-boot:build-image
+
+    - name: Setup QEMU
+      uses: docker/setup-qemu-action@v3
+
+    - name: Setup Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
     - name: Docker login
       if: startsWith(github.ref, 'refs/tags/')
-      uses: docker/login-action@v1
+      uses: docker/login-action@v3
       with:
         username: ${{ secrets.DOCKERHUB_USERNAME }}
         password: ${{ secrets.DOCKERHUB_PASSWORD }}
@@ -60,7 +66,7 @@ jobs:
 
     - name: Docker metainformation for iam-login-service
       id: ls-meta
-      uses: docker/metadata-action@v3
+      uses: docker/metadata-action@v5
       with:
         images: indigoiam/iam-login-service
         tags: |
@@ -69,27 +75,29 @@ jobs:
 
     - name: Docker metainformation for iam-test-client
       id: tc-meta
-      uses: docker/metadata-action@v3
+      uses: docker/metadata-action@v5
       with:
         images: indigoiam/iam-test-client
         tags: |
           type=sha
           type=ref,event=tag
 
     - name: Build & push iam-login-service docker image
-      uses: docker/build-push-action@v2
+      uses: docker/build-push-action@v5
       with:
         tags: ${{ steps.ls-meta.outputs.tags }}
         labels: ${{ steps.ls-meta.outputs.labels }}
         context: iam-login-service/docker/
         file: iam-login-service/docker/Dockerfile.prod
+        platforms: linux/amd64,linux/arm64
         push: ${{ startsWith(github.ref, 'refs/tags/') }}
 
     - name: Build & push iam-test-client docker image
-      uses: docker/build-push-action@v2
+      uses: docker/build-push-action@v5
       with:
         tags: ${{ steps.tc-meta.outputs.tags }}
         labels: ${{ steps.tc-meta.outputs.labels }}
         context: iam-test-client/docker/
         file: iam-test-client/docker/Dockerfile.prod
+        platforms: linux/amd64,linux/arm64
         push: ${{ startsWith(github.ref, 'refs/tags/') }}

iam-common/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>it.infn.mw.iam-parent</groupId>
     <artifactId>iam-parent</artifactId>
-    <version>1.8.4</version>
+    <version>1.9.0</version>
   </parent>
 
   <groupId>it.infn.mw.iam-common</groupId>

iam-common/src/main/java/it/infn/mw/iam/service/aup/DefaultAupSignatureCheckService.java

@@ -23,7 +23,6 @@
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
 import it.infn.mw.iam.core.time.TimeProvider;
@@ -41,7 +40,6 @@ public class DefaultAupSignatureCheckService implements AUPSignatureCheckService
   final IamAupSignatureRepository signatureRepo;
   final TimeProvider timeProvider;
 
-  @Autowired
   public DefaultAupSignatureCheckService(IamAupRepository aupRepo,
       IamAupSignatureRepository signatureRepo, TimeProvider timeProvider) {
     this.aupRepo = aupRepo;

iam-login-service/pom.xml

@@ -22,7 +22,7 @@
   <parent>
     <groupId>it.infn.mw.iam-parent</groupId>
     <artifactId>iam-parent</artifactId>
-    <version>1.8.4</version>
+    <version>1.9.0</version>
   </parent>
 
   <groupId>it.infn.mw.iam-login-service</groupId>

iam-login-service/src/main/java/it/infn/mw/iam/IamLoginService.java

@@ -46,6 +46,7 @@
     "it.infn.mw.iam.authn",
     "it.infn.mw.iam.persistence", 
     "it.infn.mw.iam.core",
+    "it.infn.mw.iam.core.web.wellknown",
     "it.infn.mw.iam.core.oauth.scope",
     "it.infn.mw.iam.core.time",
     "it.infn.mw.iam.api", 

iam-login-service/src/main/java/it/infn/mw/iam/api/account/authority/DefaultAccountAuthorityService.java

@@ -20,7 +20,6 @@
 import java.util.Set;
 import java.util.stream.Collectors;
 
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.ApplicationEventPublisher;
 import org.springframework.context.ApplicationEventPublisherAware;
 import org.springframework.stereotype.Service;
@@ -42,7 +41,6 @@ public class DefaultAccountAuthorityService
   final IamAccountRepository accountRepo;
   private ApplicationEventPublisher eventPublisher;
 
-  @Autowired
   public DefaultAccountAuthorityService(IamAuthoritiesRepository authRepo,
       IamAccountRepository accountRepo) {
     this.authRepo = authRepo;

iam-login-service/src/main/java/it/infn/mw/iam/api/account/find/DefaultFindAccountService.java

@@ -16,6 +16,7 @@
 package it.infn.mw.iam.api.account.find;
 
 import static it.infn.mw.iam.api.utils.FindUtils.responseFromPage;
+import static it.infn.mw.iam.api.utils.FindUtils.responseFromOptional;
 
 import java.util.Optional;
 import java.util.function.Supplier;
@@ -25,11 +26,9 @@
 import org.springframework.data.domain.Pageable;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
-
 import it.infn.mw.iam.api.scim.converter.UserConverter;
 import it.infn.mw.iam.api.scim.exception.IllegalArgumentException;
 import it.infn.mw.iam.api.scim.model.ScimListResponse;
-import it.infn.mw.iam.api.scim.model.ScimListResponse.ScimListResponseBuilder;
 import it.infn.mw.iam.api.scim.model.ScimUser;
 import it.infn.mw.iam.persistence.model.IamAccount;
 import it.infn.mw.iam.persistence.model.IamGroup;
@@ -65,18 +64,13 @@ public ScimListResponse<ScimUser> findAccountByLabel(String labelName, String la
   @Override
   public ScimListResponse<ScimUser> findAccountByEmail(String emailAddress) {
     Optional<IamAccount> account = repo.findByEmail(emailAddress);
-
-    ScimListResponseBuilder<ScimUser> builder = ScimListResponse.builder();
-    account.ifPresent(a -> builder.singleResource(converter.dtoFromEntity(a)));
-    return builder.build();
+    return responseFromOptional(account, converter);
   }
 
   @Override
   public ScimListResponse<ScimUser> findAccountByUsername(String username) {
     Optional<IamAccount> account = repo.findByUsername(username);
-    ScimListResponseBuilder<ScimUser> builder = ScimListResponse.builder();
-    account.ifPresent(a -> builder.singleResource(converter.dtoFromEntity(a)));
-    return builder.build();
+    return responseFromOptional(account, converter);
   }
 
   @Override
@@ -115,9 +109,7 @@ private Supplier<IllegalArgumentException> groupNotFoundError(String groupNameOr
   @Override
   public ScimListResponse<ScimUser> findAccountByCertificateSubject(String certSubject) {
     Optional<IamAccount> account = repo.findByCertificateSubject(certSubject);
-    ScimListResponseBuilder<ScimUser> builder = ScimListResponse.builder();
-    account.ifPresent(a -> builder.singleResource(converter.dtoFromEntity(a)));
-    return builder.build();
+    return responseFromOptional(account, converter);
   }
 
   @Override
@@ -143,4 +135,9 @@ public ScimListResponse<ScimUser> findAccountByGroupUuidWithFilter(String groupU
     Page<IamAccount> results = repo.findByGroupUuidWithFilter(group.getUuid(), filter, pageable);
     return responseFromPage(results, converter, pageable);
   }
+
+  public ScimListResponse<ScimUser> findAccountByUuid(String uuid) {
+    Optional<IamAccount> account = repo.findByUuid(uuid);
+    return responseFromOptional(account, converter);
+  }
 }

iam-login-service/src/main/java/it/infn/mw/iam/api/account/find/FindAccountController.java

@@ -25,6 +25,7 @@
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.BindingResult;
 import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
@@ -44,6 +45,7 @@ public class FindAccountController {
   public static final String FIND_BY_LABEL_RESOURCE = "/iam/account/find/bylabel";
   public static final String FIND_BY_EMAIL_RESOURCE = "/iam/account/find/byemail";
   public static final String FIND_BY_USERNAME_RESOURCE = "/iam/account/find/byusername";
+  public static final String FIND_BY_UUID_RESOURCE = "/iam/account/find/byuuid/{accountUuid}";
   public static final String FIND_BY_CERT_SUBJECT_RESOURCE = "/iam/account/find/bycertsubject";
   public static final String FIND_BY_GROUP_RESOURCE = "/iam/account/find/bygroup/{groupUuid}";
   public static final String FIND_NOT_IN_GROUP_RESOURCE =
@@ -121,4 +123,8 @@ public ListResponseDTO<ScimUser> findNotInGroup(@PathVariable String groupUuid,
     }
   }
 
+  @GetMapping(value = FIND_BY_UUID_RESOURCE, produces = ScimConstants.SCIM_CONTENT_TYPE)
+  public ListResponseDTO<ScimUser> findByUuid(@PathVariable String accountUuid) {
+    return service.findAccountByUuid(accountUuid);
+  }
 }

iam-login-service/src/main/java/it/infn/mw/iam/api/account/find/FindAccountService.java

@@ -45,5 +45,6 @@ ScimListResponse<ScimUser> findAccountByGroupUuidWithFilter(String groupUuid, St
 
   ScimListResponse<ScimUser> findAccountNotInGroupWithFilter(String groupUuid, String filter,
       Pageable pageable);
-
+
+  ScimListResponse<ScimUser> findAccountByUuid(String uuid);
 }