Merge pull request #444 from IABTechLab/gdm-UID2-5196-cloud-encryption-list

Added new cloud encryption key page

Author: gmsdelmundo

src/main/java/com/uid2/admin/cloudencryption/CloudEncryptionKeyManager.java

@@ -6,6 +6,7 @@
 import com.uid2.shared.auth.RotatingOperatorKeyProvider;
 import com.uid2.shared.model.CloudEncryptionKey;
 import com.uid2.shared.store.reader.RotatingCloudEncryptionKeyProvider;
+import io.vertx.core.json.JsonObject;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -34,6 +35,15 @@ public CloudEncryptionKeyManager(
         this.planner = planner;
     }
 
+    public JsonObject getMetadata() throws Exception {
+        return keyProvider.getMetadata();
+    }
+
+    public Set<CloudEncryptionKeySummary> getKeySummaries() throws Exception {
+        refreshCloudData();
+        return existingKeys.stream().map(CloudEncryptionKeySummary::fromFullKey).collect(Collectors.toSet());
+    }
+
     // For any site that has an operator create a new key activating in one hour
     // Keep up to 10 most recent old keys per site, delete the rest
     public void rotateKeys(boolean shouldFail) throws Exception {
@@ -66,11 +76,6 @@ public void backfillKeys() throws Exception {
         }
     }
 
-    public Set<CloudEncryptionKeySummary> getKeySummaries() throws Exception {
-        refreshCloudData();
-        return existingKeys.stream().map(CloudEncryptionKeySummary::fromFullKey).collect(Collectors.toSet());
-    }
-
     private void writeKeys(Set<CloudEncryptionKey> desiredKeys) throws Exception {
         var keysForWriting = desiredKeys.stream().collect(Collectors.toMap(
                 CloudEncryptionKey::getId,
@@ -85,4 +90,4 @@ private void refreshCloudData() throws Exception {
         operatorKeys = new HashSet<>(operatorKeyProvider.getAll());
         existingKeys = new HashSet<>(keyProvider.getAll().values());
     }
-}
+}

src/main/java/com/uid2/admin/vertx/Endpoints.java

@@ -98,6 +98,7 @@ public enum Endpoints {
     API_SITE_APP_NAMES("/api/site/app_names"),
     API_SITE_UPDATE("/api/site/update"),
 
+    CLOUD_ENCRYPTION_KEY_METADATA("/api/cloud-encryption-key/metadata"),
     CLOUD_ENCRYPTION_KEY_LIST("/api/cloud-encryption-key/list"),
     CLOUD_ENCRYPTION_KEY_ROTATE("/api/cloud-encryption-key/rotate"),
 

src/main/java/com/uid2/admin/vertx/service/CloudEncryptionKeyService.java

@@ -31,6 +31,9 @@ public CloudEncryptionKeyService(
 
     @Override
     public void setupRoutes(Router router) {
+        router.get(Endpoints.CLOUD_ENCRYPTION_KEY_METADATA.toString()).handler(
+                auth.handle(this::handleMetadata, Role.MAINTAINER));
+
         router.get(Endpoints.CLOUD_ENCRYPTION_KEY_LIST.toString()).handler(
                 auth.handle(this::handleList, Role.MAINTAINER)
         );
@@ -40,6 +43,25 @@ public void setupRoutes(Router router) {
         );
     }
 
+    private void handleMetadata(RoutingContext rc) {
+        try {
+            rc.response()
+                    .putHeader(HttpHeaders.CONTENT_TYPE, "application/json")
+                    .end(keyManager.getMetadata().encode());
+        } catch (Exception e) {
+            rc.fail(500, e);
+        }
+    }
+
+    private void handleList(RoutingContext rc) {
+        try {
+            var response = new CloudEncryptionKeyListResponse(keyManager.getKeySummaries());
+            respondWithJson(rc, response);
+        } catch (Exception e) {
+            rc.fail(500, e);
+        }
+    }
+
     private void handleRotate(RoutingContext rc) {
         try {
             var shouldFail = !rc.queryParam("fail").isEmpty();
@@ -59,15 +81,6 @@ private void handleRotate(RoutingContext rc) {
         }
     }
 
-    private void handleList(RoutingContext rc) {
-        try {
-            var response = new CloudEncryptionKeyListResponse(keyManager.getKeySummaries());
-            respondWithJson(rc, response);
-        } catch (Exception e) {
-            rc.fail(500, e);
-        }
-    }
-
     private static void respondWithJson(RoutingContext rc, CloudEncryptionKeyListResponse response) throws JsonProcessingException {
         rc.response()
                 .putHeader(HttpHeaders.CONTENT_TYPE, "application/json")

src/main/java/com/uid2/admin/vertx/service/EncryptedFilesSyncService.java

@@ -33,7 +33,7 @@ public EncryptedFilesSyncService(
         this.jobDispatcher = jobDispatcher;
         this.writeLock = writeLock;
         this.config = config;
-        this.cloudEncryptionKeyProvider =cloudEncryptionKeyProvider;
+        this.cloudEncryptionKeyProvider = cloudEncryptionKeyProvider;
     }
 
     @Override

…uid2/admin/auth/OktaAuthFactoryTest.java …id2/admin/auth/OktaAuthProviderTest.javasrc/test/java/com/uid2/admin/auth/OktaAuthFactoryTest.java renamed to src/test/java/com/uid2/admin/auth/OktaAuthProviderTest.java src/test/java/com/uid2/admin/auth/OktaAuthFactoryTest.java renamed to src/test/java/com/uid2/admin/auth/OktaAuthProviderTest.java

@@ -2,7 +2,6 @@
 
 import io.vertx.core.Vertx;
 import io.vertx.core.json.JsonObject;
-import io.vertx.ext.auth.oauth2.OAuth2Auth;
 import io.vertx.ext.web.Route;
 import io.vertx.ext.web.handler.AuthenticationHandler;
 import io.vertx.ext.web.handler.impl.OAuth2AuthHandlerImpl;

webroot/adm/client-side-keypairs.html webroot/adm/client-side-keypair.htmlwebroot/adm/client-side-keypairs.html renamed to webroot/adm/client-side-keypair.html

@@ -0,0 +1,160 @@
+<html>
+<head>
+    <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>
+    <script src="/js/main.js"></script>
+    <script src="https://unpkg.com/gridjs/dist/gridjs.umd.js"></script>
+    <link href="https://unpkg.com/gridjs/dist/theme/mermaid.min.css" rel="stylesheet" />
+    <style>
+        .active { color: darkgreen; }
+        .inactive { color: darkred; }
+    </style>
+</head>
+<body>
+<h1>UID2 Env - Cloud Encryption Key Management</h1>
+
+<a href="/">Back</a>
+
+<br>
+<br>
+
+<div class="ro-adm" style="display: none">
+    <h3>Operations</h3>
+    <ul>
+        <li><a href="#" id="doMeta">Get Metadata</a></li>
+        <li><a href="#" id="doList">List Cloud Encryption Keys</a></li>
+    </ul>
+
+    <br>
+
+    <h3>Output</h3>
+    <div id="output">
+        <pre id="errorOutput"></pre>
+        <pre id="standardOutput"></pre>
+    </div>
+    <div id="output-table"></div>
+</div>
+
+<script language="JavaScript">
+    const grid = new gridjs.Grid({
+        columns: [
+            {
+                name: "Key ID",
+                formatter: (cell, row) => {
+                    return gridjs.html(`<span class="${row.cells[4].data}">${cell}</span>`)
+                }
+            },
+            {
+                name: "Site",
+                formatter: (cell, row) => {
+                    return gridjs.html(`<span class="${row.cells[4].data}">${cell.siteId} - ${cell.siteName}</span>`)
+                }
+            },
+            {
+                name: "Activates",
+                formatter: (cell, row) => {
+                    return gridjs.html(`<span class="${row.cells[4].data}">${formatDate(cell)}</span>`)
+                }
+            },
+            {
+                name: "Created",
+                formatter: (cell, row) => {
+                    return gridjs.html(`<span class="${row.cells[4].data}">${formatDate(cell)}</span>`)
+                }
+            },
+            {
+                name: "Style",
+                hidden: true
+            }
+        ],
+        data: [],
+        sort: true,
+        search: {
+            selector: (cell, rowIndex, cellIndex) => {
+                if (cellIndex === 0) {
+                    return cell;
+                } else if (cellIndex === 1) {
+                    return `${cell.siteId} - ${cell.siteName}`;
+                }
+            }
+        },
+        language: {
+            search: {
+                placeholder: "Search by Key ID or Site..."
+            }
+        }
+    })
+        .render(document.getElementById("output-table"));
+
+    const formatDate = (text) => {
+        const date = new Date(text);
+        const options = {
+            year: "numeric",
+            month: "long",
+            day: "numeric",
+            hour: "2-digit",
+            minute: "2-digit",
+            second: "2-digit",
+            timeZoneName: "short"
+        };
+        return date.toLocaleString("en-US", options);
+    }
+
+    const updateGrid = (grid, data) => {
+        const groupedData = data.cloudEncryptionKeys.reduce((acc, key) => {
+            if (!acc[key.siteId]) {
+                acc[key.siteId] = [];
+            }
+            acc[key.siteId].push(key);
+            return acc;
+        }, {});
+
+        const gridData = [];
+        for (const siteId in groupedData) {
+            const keys = groupedData[siteId];
+            const latestKey = keys.reduce((latest, key) => new Date(key.activates) > new Date(latest.activates) ? key : latest);
+
+            keys.forEach((key) => {
+                let style = key === latestKey ? "active" : "inactive";
+
+                gridData.push([ key.id, { siteId: key.siteId, siteName: key.siteName }, key.activates, key.created, style ]);
+            });
+        }
+
+        grid
+            .updateConfig({ data: gridData })
+            .forceRender();
+    }
+
+    const clearGrid = (grid) => {
+        grid
+            .updateConfig({ data: [] })
+            .forceRender();
+    }
+
+    $(document).ready(function () {
+        $("#doMeta").on("click", function () {
+            doApiCall("GET", "/api/cloud-encryption-key/metadata", "#standardOutput", "#errorOutput");
+        });
+
+        $("#doList").on("click", function () {
+            clearGrid(grid);
+            doApiCallWithCallback("GET", "/api/site/list", (text) => {
+                const sites = JSON.parse(text);
+                const siteDict = sites.reduce((acc, site) => {
+                    acc[site.id] = site.name;
+                    return acc;
+                }, {});
+
+                doApiCallWithCallback("GET", "/api/cloud-encryption-key/list", (text) => {
+                    const data = JSON.parse(text);
+                    data.cloudEncryptionKeys.forEach((key) => {
+                        key.siteName = !siteDict[key.siteId] ? "Unknown site" : siteDict[key.siteId]
+                    });
+                    updateGrid(grid, data);
+                }, errorCallback);
+            }, errorCallback);
+        });
+    });
+</script>
+</body>
+</html>