small fixes

smp-angular/src/app/app-config/smp-config.model.ts

@@ -7,4 +7,5 @@ export interface SmpConfig {
   participantSchemaRegExpMessage?: string;
   passwordValidationRegExp?: string;
   passwordValidationRegExpMessage?: string;
+  webServiceAuthTypes?: string[];
 }

smp-angular/src/app/app-config/smp-config.service.ts

@@ -12,7 +12,7 @@ export class SmpConfigService {
 
   getSmpInfo(): Observable<SmpConfig> {
     let subject = new ReplaySubject<SmpConfig>();
-    this.http.get<SmpConfig>(SmpConstants.REST_INTERNAL_APPLICATION_CONFIG)
+    this.http.get<SmpConfig>(SmpConstants.REST_PUBLIC_APPLICATION_CONFIG)
       .subscribe((res: SmpConfig) => {
         subject.next(res);
       }, error => {

smp-angular/src/app/app.component.ts

@@ -98,8 +98,10 @@ export class AppComponent {
 
   logout(event: Event): void {
     event.preventDefault();
+
     this.router.navigate(['/search']).then((ok) => {
       if (ok) {
+
         this.securityService.logout();
       }
     });

smp-angular/src/app/common/global-lookups.ts

@@ -116,7 +116,7 @@ export class GlobalLookups implements OnInit {
     this.securityService.isAuthenticated(false).subscribe((isAuthenticated: boolean) => {
       console.log("Refresh application configuration is authenticated " + isAuthenticated)
       if (isAuthenticated) {
-        this.http.get<SmpConfig>(SmpConstants.REST_INTERNAL_APPLICATION_CONFIG)
+        this.http.get<SmpConfig>(SmpConstants.REST_PUBLIC_APPLICATION_CONFIG)
           .subscribe((res: SmpConfig) => {
               this.cachedApplicationConfig = res;
             }, error => {

smp-angular/src/app/security/security.service.ts

@@ -6,14 +6,13 @@ import {HttpClient, HttpHeaders} from '@angular/common/http';
 import {SmpConstants} from "../smp.constants";
 import {Authority} from "./authority.model";
 import {AlertMessageService} from "../common/alert-message/alert-message.service";
-import {GlobalLookups} from "../common/global-lookups";
 
 @Injectable()
 export class SecurityService {
 
   readonly LOCAL_STORAGE_KEY_CURRENT_USER = 'currentUser';
 
-  constructor (
+  constructor(
     private http: HttpClient,
     private alertService: AlertMessageService,
     private securityEventService: SecurityEventService,
@@ -29,7 +28,7 @@ export class SecurityService {
         username: username,
         password: password
       }),
-      { headers })
+      {headers})
       .subscribe((response: User) => {
           this.updateUserDetails(response);
         },
@@ -39,15 +38,12 @@ export class SecurityService {
   }
 
   refreshLoggedUserFromServer() {
-    let subject = new ReplaySubject<User>();
-
     this.getCurrentUsernameFromServer().subscribe((res: User) => {
-
-        this.updateUserDetails(res);
-      }, (error: any) => {
-        //console.log('getCurrentUsernameFromServer:' + error);
-        this.securityEventService.notifyLoginErrorEvent(error);
-      });
+      this.updateUserDetails(res);
+    }, (error: any) => {
+      // just clean local storage
+      this.clearLocalStorage();
+    });
   }
 
   logout() {
@@ -59,7 +55,7 @@ export class SecurityService {
       });
   }
 
-  finalizeLogout(res){
+  finalizeLogout(res) {
     this.clearLocalStorage();
     this.securityEventService.notifyLogoutSuccessEvent(res);
   }
@@ -86,13 +82,13 @@ export class SecurityService {
     if (callServer) {
       //we get the username from the server to trigger the redirection to the login screen in case the user is not authenticated
       this.getCurrentUsernameFromServer().subscribe((user: User) => {
-          if(!user) {
-            this.clearLocalStorage();
-          }
-          subject.next(user !== null);
-        }, (user: string) => {
-          subject.next(false);
-        });
+        if (!user) {
+          this.clearLocalStorage();
+        }
+        subject.next(user !== null);
+      }, (user: string) => {
+        subject.next(false);
+      });
 
     } else {
       let currentUser = this.getCurrentUser();
@@ -106,11 +102,11 @@ export class SecurityService {
   }
 
   isCurrentUserSMPAdmin(): boolean {
-    return this.isCurrentUserInRole([ Authority.SMP_ADMIN]);
+    return this.isCurrentUserInRole([Authority.SMP_ADMIN]);
   }
 
   isCurrentUserServiceGroupAdmin(): boolean {
-    return this.isCurrentUserInRole([ Authority.SERVICE_GROUP_ADMIN]);
+    return this.isCurrentUserInRole([Authority.SERVICE_GROUP_ADMIN]);
   }
 
   isCurrentUserInRole(roles: Array<Authority>): boolean {
@@ -125,6 +121,7 @@ export class SecurityService {
     }
     return hasRole;
   }
+
   isAuthorized(roles: Array<Authority>): Observable<boolean> {
     let subject = new ReplaySubject<boolean>();
 
@@ -137,9 +134,9 @@ export class SecurityService {
     return subject.asObservable();
   }
 
-  updateUserDetails(userDetails:User) {
-      this.populateLocalStorage(JSON.stringify(userDetails));
-      this.securityEventService.notifyLoginSuccessEvent(userDetails);
+  updateUserDetails(userDetails: User) {
+    this.populateLocalStorage(JSON.stringify(userDetails));
+    this.securityEventService.notifyLoginSuccessEvent(userDetails);
   }
 
   private populateLocalStorage(userDetails: string) {

smp-angular/src/app/smp.constants.ts

@@ -13,6 +13,7 @@ export class SmpConstants {
   public static readonly REST_PUBLIC_SEARCH_SERVICE_GROUP = SmpConstants.REST_PUBLIC + 'search';
   public static readonly REST_PUBLIC_DOMAIN_SEARCH = SmpConstants.REST_PUBLIC + 'domain';
   public static readonly REST_PUBLIC_APPLICATION_INFO = SmpConstants.REST_PUBLIC + 'application/info';
+  public static readonly REST_PUBLIC_APPLICATION_CONFIG = SmpConstants.REST_PUBLIC + 'application/config';
   // user public services
   public static readonly REST_PUBLIC_USER = SmpConstants.REST_PUBLIC + 'user';
   public static readonly REST_PUBLIC_USER_UPDATE = SmpConstants.REST_PUBLIC_USER + "/" + SmpConstants.PATH_PARAM_ENC_USER_ID + "/";
@@ -53,7 +54,6 @@ export class SmpConstants {
     '/' + SmpConstants.PATH_PARAM_ENC_USER_ID + '/' + 'change-password-for'+ '/' + SmpConstants.PATH_PARAM_ENC_MANAGED_USER_ID;
 
   public static readonly REST_INTERNAL_USER_VALIDATE_DELETE = `${SmpConstants.REST_INTERNAL_USER_MANAGE}/validate-delete`;
-  public static readonly REST_INTERNAL_APPLICATION_CONFIG = SmpConstants.REST_INTERNAL + 'application/config';
   public static readonly REST_INTERNAL_KEYSTORE = SmpConstants.REST_INTERNAL + 'keystore';
   public static readonly REST_INTERNAL_TRUSTSTORE = SmpConstants.REST_INTERNAL + 'truststore';
   public static readonly REST_INTERNAL_TRUSTSTORE_UPLOAD_CERT = SmpConstants.REST_INTERNAL_TRUSTSTORE + '/' + SmpConstants.PATH_PARAM_ENC_USER_ID + '/' + 'upload-certificate';

smp-angular/src/app/user/user-details-dialog/user-details-dialog.component.html

@@ -49,7 +49,7 @@
   <div style="display: flex;flex-flow: row;">
     <mat-card style="flex-grow: 1">
       <mat-card-title>UI authentication credentials</mat-card-title>
-      <mat-card-content>
+      <mat-card-content  *ngIf="isUserAuthPasswdEnabled()">
         <fieldset style="border: solid gray 1px;">
           <legend>Username/password credentials</legend>
           <div style="display: flex;flex-flow: row wrap;">
@@ -69,7 +69,7 @@
           </button>
         </fieldset>
       </mat-card-content>
-      <mat-card-content>
+      <mat-card-content *ngIf="isUserAuthSSOEnabled()">
         <fieldset style="border: solid gray 1px;">
           <legend>CAS authentication</legend>
           <mat-form-field style="width: 100%">
@@ -86,7 +86,7 @@
     </mat-card>
     <mat-card style="flex-grow: 2">
       <mat-card-title>Web service credentials</mat-card-title>
-      <mat-card-content>
+      <mat-card-content *ngIf="isWebServiceUserTokenAuthPasswdEnabled()">
         <fieldset style="border: solid gray 1px;">
           <legend>Access token credentials</legend>
           <div style="display: flex;flex-flow: row wrap;">
@@ -106,7 +106,7 @@
         </fieldset>
       </mat-card-content>
 
-      <mat-card-content>
+      <mat-card-content *ngIf="isWebServiceUserCertificateAuthEnabled()">
         <fieldset style="border: solid gray 1px;">
           <legend>Certificate authentication</legend>
           <mat-form-field class="certificate-id">

smp-angular/src/app/user/user-details-dialog/user-details-dialog.component.ts

@@ -377,6 +377,21 @@ export class UserDetailsDialogComponent {
       statusPassword: SearchTableEntityStatus.NEW
     }
   }
+  isUserAuthSSOEnabled(): boolean {
+    return this.lookups.cachedApplicationInfo?.authTypes?.includes('SSO');
+  }
+
+  isUserAuthPasswdEnabled(): boolean {
+    return this.lookups.cachedApplicationInfo?.authTypes?.includes('PASSWORD');
+  }
+
+  isWebServiceUserCertificateAuthEnabled(): boolean {
+    return this.lookups.cachedApplicationConfig?.webServiceAuthTypes?.includes('CERTIFICATE');
+  }
+
+  isWebServiceUserTokenAuthPasswdEnabled(): boolean {
+    return this.lookups.cachedApplicationConfig?.webServiceAuthTypes?.includes('TOKEN');
+  }
 
 }
 

smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/SmpConfigRO.java

 package eu.europa.ec.edelivery.smp.data.ui;
 
 import java.io.Serializable;
-
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * SmpConfigRO properties. opposite to SmpInfoRO user must be logged in to retrieve values
+ * @author Joze Rihtarsic
+ * @since 4.1
+ */
 public class SmpConfigRO implements Serializable {
     private static final long serialVersionUID = -49712226560325303L;
 
@@ -15,6 +22,7 @@ public class SmpConfigRO implements Serializable {
 
     String passwordValidationRegExp;
     String passwordValidationRegExpMessage;
+    List<String> webServiceAuthTypes = new ArrayList<>();
 
 
     public boolean isSmlIntegrationOn() {
@@ -79,5 +87,13 @@ public class SmpConfigRO implements Serializable {
 
     public void setPasswordValidationRegExpMessage(String passwordValidationRegExpMessage) {
         this.passwordValidationRegExpMessage = passwordValidationRegExpMessage;
+   }
+
+    public List<String> getWebServiceAuthTypes() {
+        return webServiceAuthTypes;
+    }
+
+    public void addWebServiceAuthTypes(List<String> webServiceAuthTypes) {
+        this.webServiceAuthTypes.addAll(webServiceAuthTypes);
     }
 }

smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/SmpInfoRO.java

 package eu.europa.ec.edelivery.smp.data.ui;
 
 import java.io.Serializable;
+import java.util.ArrayList;
 import java.util.List;
 
+/**
+ * Public SmpInfoRO properties.
+ * @author Joze Rihtarsic
+ * @since 4.1
+ */
 public class SmpInfoRO implements Serializable {
     private static final long serialVersionUID = -49712226560325302L;
     String version;
     String ssoAuthenticationLabel;
     String ssoAuthenticationURI;
     String contextPath;
-    List<String> authTypes;
+    List<String> authTypes = new ArrayList<>();;
 
     public String getVersion() {
         return version;
@@ -47,7 +53,7 @@ public class SmpInfoRO implements Serializable {
         return authTypes;
     }
 
-    public void setAuthTypes(List<String> authTypes) {
-        this.authTypes = authTypes;
+    public void addAuthTypes(List<String> authTypes) {
+        this.authTypes.addAll(authTypes);
     }
 }

smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/enums/SMPPropertyEnum.java

@@ -97,8 +97,8 @@ public enum SMPPropertyEnum {
 
     // authentication
     UI_AUTHENTICATION_TYPES("smp.ui.authentication.types", "PASSWORD", "Set list of '|' separated authentication types: PASSWORD|SSO.", false, false, false, LIST_STRING),
-    AUTOMATION_AUTHENTICATION_TYPES("smp.automation.authentication.types", "PASSWORD|CERTIFICATE",
-            "Set list of '|' separated application-automation authentication types (Web-Service integration). Currently supported PASSWORD, CERTIFICATE: ex. PASSWORD|CERTIFICATE", false, false, false, LIST_STRING),
+    AUTOMATION_AUTHENTICATION_TYPES("smp.automation.authentication.types", "TOKEN|CERTIFICATE",
+            "Set list of '|' separated application-automation authentication types (Web-Service integration). Currently supported TOKEN, CERTIFICATE: ex. TOKEN|CERTIFICATE", false, false, false, LIST_STRING),
 
     EXTERNAL_TLS_AUTHENTICATION_CLIENT_CERT_HEADER_ENABLED("smp.automation.authentication.external.tls.clientCert.enabled", "false",
             "Authentication with external module as: reverse proxy. Authenticated data are send send to application using 'Client-Cert' HTTP header. Do not enable this feature " +

smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/ui/external/ApplicationResource.java

 package eu.europa.ec.edelivery.smp.ui.external;
 
 
+import eu.europa.ec.edelivery.smp.data.ui.SmpConfigRO;
 import eu.europa.ec.edelivery.smp.data.ui.SmpInfoRO;
+import eu.europa.ec.edelivery.smp.data.ui.auth.SMPAuthority;
 import eu.europa.ec.edelivery.smp.services.ConfigurationService;
 import eu.europa.ec.edelivery.smp.ui.ResourceConstants;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.core.env.Environment;
+import org.springframework.security.access.annotation.Secured;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@@ -49,7 +52,7 @@ public class ApplicationResource {
     public SmpInfoRO getApplicationInfo() {
         SmpInfoRO info = new SmpInfoRO();
         info.setVersion(getDisplayVersion());
-        info.setAuthTypes(configurationService.getUIAuthenticationTypes());
+        info.addAuthTypes(configurationService.getUIAuthenticationTypes());
         if (configurationService.getUIAuthenticationTypes().contains("SSO")){
             info.setSsoAuthenticationLabel(configurationService.getCasUILabel());
             info.setSsoAuthenticationURI(configurationService.getCasSMPLoginRelativePath());
@@ -68,4 +71,22 @@ public class ApplicationResource {
         display.append("]");
         return display.toString();
     }
+
+    @Secured({SMPAuthority.S_AUTHORITY_TOKEN_SYSTEM_ADMIN, SMPAuthority.S_AUTHORITY_TOKEN_SMP_ADMIN,
+            SMPAuthority.S_AUTHORITY_TOKEN_SERVICE_GROUP_ADMIN})
+    @GetMapping(path = "config")
+    public SmpConfigRO getApplicationConfig() {
+        SmpConfigRO info = new SmpConfigRO();
+        info.setSmlIntegrationOn(configurationService.isSMLIntegrationEnabled());
+        info.setSmlParticipantMultiDomainOn(configurationService.isSMLMultiDomainEnabled());
+        info.setParticipantSchemaRegExp(configurationService.getParticipantIdentifierSchemeRexExpPattern());
+        info.setParticipantSchemaRegExpMessage(configurationService.getParticipantIdentifierSchemeRexExpMessage());
+        info.setConcatEBCorePartyId(configurationService.getForceConcatenateEBCorePartyId());
+        info.setPartyIDSchemeMandatory(configurationService.getParticipantSchemeMandatory());
+
+        info.setPasswordValidationRegExp(configurationService.getPasswordPolicyRexExpPattern());
+        info.setPasswordValidationRegExpMessage(configurationService.getPasswordPolicyValidationMessage());
+        info.addWebServiceAuthTypes(configurationService.getAutomationAuthenticationTypes());
+        return info;
+    }
 }

smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/ui/internal/ApplicationAdminResource.java

-package eu.europa.ec.edelivery.smp.ui.internal;
-
-
-import eu.europa.ec.edelivery.smp.data.ui.SmpConfigRO;
-import eu.europa.ec.edelivery.smp.data.ui.auth.SMPAuthority;
-import eu.europa.ec.edelivery.smp.services.ConfigurationService;
-import eu.europa.ec.edelivery.smp.ui.ResourceConstants;
-import org.springframework.security.access.annotation.Secured;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
-
-/**
- * @author Joze Rihtarsic
- * @since 4.1
- */
-@RestController
-@RequestMapping(path = ResourceConstants.CONTEXT_PATH_INTERNAL_APPLICATION)
-public class ApplicationAdminResource {
-
-    final ConfigurationService configurationService;
-
-    public ApplicationAdminResource(ConfigurationService configurationService) {
-        this.configurationService = configurationService;
-    }
-
-    @Secured({SMPAuthority.S_AUTHORITY_TOKEN_SYSTEM_ADMIN, SMPAuthority.S_AUTHORITY_TOKEN_SMP_ADMIN,
-            SMPAuthority.S_AUTHORITY_TOKEN_SERVICE_GROUP_ADMIN})
-    @GetMapping(path = "config")
-    public SmpConfigRO getApplicationConfig() {
-        SmpConfigRO info = new SmpConfigRO();
-        info.setSmlIntegrationOn(configurationService.isSMLIntegrationEnabled());
-        info.setSmlParticipantMultiDomainOn(configurationService.isSMLMultiDomainEnabled());
-        info.setParticipantSchemaRegExp(configurationService.getParticipantIdentifierSchemeRexExpPattern());
-        info.setParticipantSchemaRegExpMessage(configurationService.getParticipantIdentifierSchemeRexExpMessage());
-        info.setConcatEBCorePartyId(configurationService.getForceConcatenateEBCorePartyId());
-        info.setPartyIDSchemeMandatory(configurationService.getParticipantSchemeMandatory());
-
-        info.setPasswordValidationRegExp(configurationService.getPasswordPolicyRexExpPattern());
-        info.setPasswordValidationRegExpMessage(configurationService.getPasswordPolicyValidationMessage());
-        return info;
-    }
-}

smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/controllers/ServiceGroupControllerTest.java

@@ -22,8 +22,6 @@ import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.mock.web.MockServletContext;
-import org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.jdbc.Sql;
 import org.springframework.test.context.junit4.SpringRunner;
@@ -31,13 +29,9 @@ import org.springframework.test.context.web.WebAppConfiguration;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.MvcResult;
 import org.springframework.test.web.servlet.request.RequestPostProcessor;
-import org.springframework.test.web.servlet.setup.MockMvcBuilders;
-import org.springframework.web.context.ContextLoaderListener;
 import org.springframework.web.context.WebApplicationContext;
 import org.springframework.web.server.adapter.ForwardedHeaderTransformer;
 
-import javax.servlet.ServletContextEvent;
-import javax.servlet.ServletContextListener;
 import java.io.IOException;
 
 import static eu.europa.ec.edelivery.smp.ServiceGroupBodyUtil.*;