Merge pull request #185 from IABTechLab/cbc-UID2-4571-cloud-encryption-cleanup

cody-constine-ttd · web-flow · commit 77f476d427a5 · 2024-12-17T12:15:36.000-07:00
Adding logic for salts and clientSideKeys
diff --git a/conf/local-e2e-config.json b/conf/local-e2e-config.json
@@ -35,5 +35,5 @@
     "optout_url": "http://localhost:8081",
     "s3_keys_metadata_path": "s3encryption_keys/metadata.json",
     "cloud_keys_metadata_path": "cloud_encryption_keys/metadata.json",
-    "encryption_support_version": "6.0.0"
+    "encryption_support_version": "5.43.5"
 }
diff --git a/conf/local-e2e-docker-config.json b/conf/local-e2e-docker-config.json
@@ -33,5 +33,5 @@
   "core_public_url": "http://core:8088",
   "optout_url": "http://optout:8081",
   "cloud_encryption_keys_metadata_path": "cloud_encryption_keys/metadata.json",
-  "encryption_support_version": "6.0.0"
+  "encryption_support_version": "5.34.5"
 }
diff --git a/pom.xml b/pom.xml
@@ -6,7 +6,7 @@
 
     <groupId>com.uid2</groupId>
     <artifactId>uid2-core</artifactId>
-    <version>2.22.0</version>
+    <version>2.22.4-alpha-68-SNAPSHOT</version>
 
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@@ -24,7 +24,7 @@
         <vertx.verticle>com.uid2.core.vertx.CoreVerticle</vertx.verticle>
         <launcher.class>io.vertx.core.Launcher</launcher.class>
 
-        <uid2-shared.version>8.0.0</uid2-shared.version>
+        <uid2-shared.version>8.0.25</uid2-shared.version>
         <image.version>${project.version}</image.version>
     </properties>
 
diff --git a/src/main/java/com/uid2/core/service/ClientSideKeypairMetadataProvider.java b/src/main/java/com/uid2/core/service/ClientSideKeypairMetadataProvider.java
@@ -1,6 +1,7 @@
 package com.uid2.core.service;
 
 import com.uid2.core.model.SecretStore;
+import com.uid2.core.util.OperatorInfo;
 import com.uid2.shared.cloud.ICloudStorage;
 import com.uid2.shared.store.CloudPath;
 import com.uid2.shared.store.scope.GlobalScope;
@@ -11,6 +12,7 @@
 import java.io.InputStream;
 import java.io.InputStreamReader;
 
+import static com.uid2.core.util.MetadataHelper.getMetadataPathName;
 import static com.uid2.core.util.MetadataHelper.readToEndAsString;
 
 public class ClientSideKeypairMetadataProvider implements IClientSideKeypairMetadataProvider {
@@ -24,8 +26,8 @@ public ClientSideKeypairMetadataProvider(ICloudStorage cloudStorage) {
     }
 
     @Override
-    public String getMetadata() throws Exception {
-        String pathname = new GlobalScope(new CloudPath(SecretStore.Global.get(ClientSideKeypairMetadataPathName))).getMetadataPath().toString();
+    public String getMetadata(OperatorInfo info) throws Exception {
+        String pathname = getMetadataPathName(info, SecretStore.Global.get(ClientSideKeypairMetadataPathName));
         String original = readToEndAsString(metadataStreamProvider.download(pathname));
         JsonObject main = (JsonObject) Json.decodeValue(original);
         JsonObject obj = main.getJsonObject("client_side_keypairs");
diff --git a/src/main/java/com/uid2/core/service/IClientSideKeypairMetadataProvider.java b/src/main/java/com/uid2/core/service/IClientSideKeypairMetadataProvider.java
@@ -1,6 +1,8 @@
 package com.uid2.core.service;
 
 
+import com.uid2.core.util.OperatorInfo;
+
 public interface IClientSideKeypairMetadataProvider {
-    String getMetadata() throws Exception;
+    String getMetadata(OperatorInfo info) throws Exception;
 }
diff --git a/src/main/java/com/uid2/core/service/ISaltMetadataProvider.java b/src/main/java/com/uid2/core/service/ISaltMetadataProvider.java
@@ -1,5 +1,7 @@
 package com.uid2.core.service;
 
+import com.uid2.core.util.OperatorInfo;
+
 public interface ISaltMetadataProvider {
-    String getMetadata() throws Exception;
+    String getMetadata(OperatorInfo info) throws Exception;
 }
diff --git a/src/main/java/com/uid2/core/service/SaltMetadataProvider.java b/src/main/java/com/uid2/core/service/SaltMetadataProvider.java
@@ -1,17 +1,22 @@
 package com.uid2.core.service;
 
 import com.uid2.core.model.SecretStore;
+import com.uid2.core.util.OperatorInfo;
 import com.uid2.shared.cloud.ICloudStorage;
 import io.vertx.core.json.Json;
 import io.vertx.core.json.JsonArray;
 import io.vertx.core.json.JsonObject;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
-import static com.uid2.core.util.MetadataHelper.readToEndAsString;
+
+import static com.uid2.core.util.MetadataHelper.*;
 
 public class SaltMetadataProvider implements ISaltMetadataProvider {
+    private static final Logger LOGGER = LoggerFactory.getLogger(SaltMetadataProvider.class);
 
     public static final String SaltsMetadataPathName = "salts_metadata_path";
 
@@ -28,8 +33,9 @@ public SaltMetadataProvider(ICloudStorage fileStreamProvider, ICloudStorage down
     }
 
     @Override
-    public String getMetadata() throws Exception {
-        String original = readToEndAsString(metadataStreamProvider.download(SecretStore.Global.get(SaltsMetadataPathName)));
+    public String getMetadata(OperatorInfo info) throws Exception {
+        String pathname = getMetadataPathNameOldPrivateNoSite(info, SecretStore.Global.get(SaltsMetadataPathName));
+        String original = readToEndAsString(metadataStreamProvider.download(pathname));
         JsonObject main = (JsonObject) Json.decodeValue(original);
         JsonArray salts = main.getJsonArray("salts");
         for(int i=0;i<salts.size();++i) {
diff --git a/src/main/java/com/uid2/core/util/MetadataHelper.java b/src/main/java/com/uid2/core/util/MetadataHelper.java
@@ -55,6 +55,25 @@ public static String getMetadataPathName(OperatorType operatorType, int siteId,
         return store.getMetadataPath().toString();
     }
 
+    // This exists because salts were never split into site folders for private operators.
+    public static String getMetadataPathNameOldPrivateNoSite(OperatorInfo info, String metadataPathName) {
+        StoreScope store;
+        Boolean providePrivateSiteData = ConfigStore.Global.getBoolean("provide_private_site_data");
+        if (info.getSupportsEncryption()) { // Check if decryption is possible
+            if (info.getOperatorType() == OperatorType.PUBLIC ) //siteId_public folder
+            {
+                store = new EncryptedScope(new CloudPath(metadataPathName), info.getSiteId(), true);
+            } else //siteId_private folder
+            {
+                store = new EncryptedScope(new CloudPath(metadataPathName), info.getSiteId(), false);
+            }
+        } else {
+            store = new GlobalScope(new CloudPath(metadataPathName));
+        }
+
+        return store.getMetadataPath().toString();
+    }
+
     public static String readToEndAsString(InputStream stream) throws IOException {
         final InputStreamReader reader = new InputStreamReader(stream);
         final char[] buff = new char[1024];
diff --git a/src/main/java/com/uid2/core/vertx/CoreVerticle.java b/src/main/java/com/uid2/core/vertx/CoreVerticle.java
@@ -392,8 +392,9 @@ private void handleSiteRefresh(RoutingContext rc) {
 
     private void handleSaltRefresh(RoutingContext rc) {
         try {
+            OperatorInfo info = OperatorInfo.getOperatorInfo(rc);
             rc.response().putHeader(HttpHeaders.CONTENT_TYPE, "application/json")
-                    .end(saltMetadataProvider.getMetadata());
+                    .end(saltMetadataProvider.getMetadata(info));
         } catch (Exception e) {
             logger.warn("exception in handleSaltRefresh: " + e.getMessage(), e);
             Error("error", 500, rc, "error processing salt refresh");
@@ -463,7 +464,7 @@ private void handleClientSideKeypairRefresh(RoutingContext rc) {
                 return;
             }
             rc.response().putHeader(HttpHeaders.CONTENT_TYPE, "application/json")
-                    .end(clientSideKeypairMetadataProvider.getMetadata());
+                    .end(clientSideKeypairMetadataProvider.getMetadata(info));
         } catch (Exception e) {
             logger.warn("exception in handleClientSideKeypairRefresh: " + e.getMessage(), e);
             Error("error", 500, rc, "error processing client_side_keypairs refresh");

Original file line number	Diff line number	Diff line change
`@@ -35,5 +35,5 @@`
`35`	`35`	`"optout_url": "http://localhost:8081",`
`36`	`36`	`"s3_keys_metadata_path": "s3encryption_keys/metadata.json",`
`37`	`37`	`"cloud_keys_metadata_path": "cloud_encryption_keys/metadata.json",`
`38`		`- "encryption_support_version": "6.0.0"`
	`38`	`+ "encryption_support_version": "5.43.5"`
`39`	`39`	`}`
Original file line number	Diff line number	Diff line change
`@@ -33,5 +33,5 @@`
`33`	`33`	`"core_public_url": "http://core:8088",`
`34`	`34`	`"optout_url": "http://optout:8081",`
`35`	`35`	`"cloud_encryption_keys_metadata_path": "cloud_encryption_keys/metadata.json",`
`36`		`- "encryption_support_version": "6.0.0"`
	`36`	`+ "encryption_support_version": "5.34.5"`
`37`	`37`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,8 @@`
`1`	`1`	`package com.uid2.core.service;`
`2`	`2`
`3`	`3`
	`4`	`+import com.uid2.core.util.OperatorInfo;`
	`5`	`+`
`4`	`6`	`public interface IClientSideKeypairMetadataProvider {`
`5`		`- String getMetadata() throws Exception;`
	`7`	`+ String getMetadata(OperatorInfo info) throws Exception;`
`6`	`8`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,7 @@`
`1`	`1`	`package com.uid2.core.service;`
`2`	`2`
	`3`	`+import com.uid2.core.util.OperatorInfo;`
	`4`	`+`
`3`	`5`	`public interface ISaltMetadataProvider {`
`4`		`- String getMetadata() throws Exception;`
	`6`	`+ String getMetadata(OperatorInfo info) throws Exception;`
`5`	`7`	`}`