Only respect value in request header (#258)

* Only respect value in request header for encrypted files

---------

Co-authored-by: Release Workflow <[email protected]>

Author: abuabraham-ttd

src/main/java/com/uid2/core/util/OperatorInfo.java

@@ -1,19 +1,10 @@
 package com.uid2.core.util;
-import com.uid2.core.Const;
 import com.uid2.shared.auth.IAuthorizable;
 import com.uid2.shared.auth.OperatorKey;
 import com.uid2.shared.auth.OperatorType;
-import io.vertx.core.http.HttpServerRequest;
 import io.vertx.ext.web.RoutingContext;
-
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-import com.uid2.core.model.ConfigStore;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-
-import static com.uid2.shared.Const.Config.encryptionSupportVersion;
-import static com.uid2.shared.Const.Http.AppVersionHeader;
 import static com.uid2.shared.middleware.AuthMiddleware.API_CLIENT_PROP;
 
 /**
@@ -53,54 +44,6 @@ public static OperatorInfo getOperatorInfo(RoutingContext rc) throws Exception {
     }
 
     static boolean supportsEncryption(RoutingContext rc) {
-        String appVersion = rc.request().getHeader(AppVersionHeader);
-        if (appVersion == null) {
-            logger.warn("AppVersion header is missing.");
-            return false;
-        }
-        String[] versions = appVersion.split(";");
-        for (String version : versions) {
-            if (version.startsWith("uid2-operator=")) {
-                String operatorVersion = version.substring("uid2-operator=".length());
-                boolean isSupported = isVersionGreaterOrEqual(operatorVersion, ConfigStore.Global.getOrDefault(encryptionSupportVersion, "9999"));
-                logger.debug("Operator version: {}, {}",
-                        operatorVersion, isSupported ? "Supports encryption" : "Does not support encryption");
-                return isSupported;
-            }
-        }
-        return false;
-    }
-
-    /*
-    Returns if the version of a semvar v1 is greater or equal to v2
-     */
-    static boolean isVersionGreaterOrEqual(String v1, String v2) {
-        Pattern pattern = Pattern.compile("(\\d+)(?:\\.(\\d+))?(?:\\.(\\d+))?");
-        Matcher m1 = pattern.matcher(v1);
-        Matcher m2 = pattern.matcher(v2);
-
-        int[] parts1 = extractParts(m1);
-        int[] parts2 = extractParts(m2);
-
-        for (int i = 0; i < Math.max(parts1.length, parts2.length); i++) {
-            int p1 = i < parts1.length ? parts1[i] : 0;
-            int p2 = i < parts2.length ? parts2[i] : 0;
-            if (p1 != p2) {
-                return p1 > p2;
-            }
-        }
-
-        return true;
-    }
-
-    private static int[] extractParts(Matcher matcher) {
-        int[] parts = new int[3];
-        if (matcher.find()) {
-            for (int i = 1; i <= 3; i++) {
-                String group = matcher.group(i);
-                parts[i - 1] = group != null ? Integer.parseInt(group) : 0;
-            }
-        }
-        return parts;
+        return Boolean.parseBoolean(rc.request().getHeader("Encrypted"));
     }
 }

src/test/java/com/uid2/core/util/OperatorInfoTest.java

@@ -52,8 +52,7 @@ void testGetOperatorInfo() throws Exception {
         Map<String, Object> data = new HashMap<>();
         data.put(API_CLIENT_PROP, mockOperatorKey);
         when(mockRoutingContext.data()).thenReturn(data);
-        when(mockRequest.getHeader(AppVersionHeader)).thenReturn("uid2-operator=3.0.0");
-
+        when(mockRequest.getHeader("Encrypted")).thenReturn("true");
         OperatorInfo result = OperatorInfo.getOperatorInfo(mockRoutingContext);
 
         assertNotNull(result);
@@ -73,7 +72,7 @@ void testGetOperatorInfoThrowsException() {
 
     @Test
     void testSupportsEncryptionTrue() {
-        when(mockRequest.getHeader(AppVersionHeader)).thenReturn("uid2-operator=3.0.0");
+        when(mockRequest.getHeader("Encrypted")).thenReturn("true");
         assertTrue(OperatorInfo.supportsEncryption(mockRoutingContext));
     }
 
@@ -88,18 +87,4 @@ void testSupportsEncryptionMissingHeader() {
         when(mockRequest.getHeader(AppVersionHeader)).thenReturn(null);
         assertFalse(OperatorInfo.supportsEncryption(mockRoutingContext));
     }
-
-    @Test
-    void testIsVersionGreaterOrEqual() {
-        assertTrue(OperatorInfo.isVersionGreaterOrEqual("2.0.0", "1.0.0"));
-        assertTrue(OperatorInfo.isVersionGreaterOrEqual("2.0.0", "2.0.0"));
-        assertFalse(OperatorInfo.isVersionGreaterOrEqual("1.0.0", "2.0.0"));
-        assertTrue(OperatorInfo.isVersionGreaterOrEqual("2.1.0", "2.0.0"));
-        assertFalse(OperatorInfo.isVersionGreaterOrEqual("2.0.1", "2.1.0"));
-        assertFalse(OperatorInfo.isVersionGreaterOrEqual("operator.5.26.19-56899dc0d7", "operator.5.27.19-56899dc0d7"));
-        assertTrue(OperatorInfo.isVersionGreaterOrEqual("operator.5.27.19-56899dc0d7", "operator.5.27.19-56899dc0d7"));
-        assertTrue(OperatorInfo.isVersionGreaterOrEqual("operator.5.27.19-56899dc0d7", "operator.5.26.19-56899dc0d7"));
-
-        assertTrue(OperatorInfo.isVersionGreaterOrEqual("uid2-operator.5.40.25-alpha-15-SNAPSHOT", "uid2-operator.5.40.25-alpha-15-SNAPSHOT"));
-    }
 }

src/test/java/com/uid2/core/vertx/CoreVerticleTest.java

@@ -815,7 +815,7 @@ void cloudEncryptionKeyRetrieveNoKeysOrError(Vertx vertx, VertxTestContext testC
 
     @Tag("dontForceJwt")
     @Test
-    void keysetRefreshSuccessHigherVersion(Vertx vertx, VertxTestContext testContext) throws Exception {
+    void keysetRefreshSuccessEncrypted(Vertx vertx, VertxTestContext testContext) throws Exception {
         fakeAuth(attestationProtocolPublic, Role.OPERATOR);
         addAttestationProvider(attestationProtocolPublic);
         onHandleAttestationRequest(() -> {
@@ -824,8 +824,7 @@ void keysetRefreshSuccessHigherVersion(Vertx vertx, VertxTestContext testContext
         });
 
         MultiMap headers = MultiMap.caseInsensitiveMultiMap();
-        headers.add(Const.Http.AppVersionHeader, "uid2-operator=3.7.16-SNAPSHOT;uid2-attestation-api=1.1.0;uid2-shared=2.7.0-3e279acefa");
-
+        headers.add("Encrypted","true");
         getWithVersion(vertx, "key/keyset/refresh", headers, ar -> {
             assertTrue(ar.succeeded());
             if (ar.succeeded()) {