Merge pull request #584 from IABTechLab/UID2-6240-remove-eu-regioncheck

lizk886 · web-flow · commit bc5173192400 · 2025-12-20T16:44:43.000-08:00
UID2-6240-remove-eu-regioncheck
diff --git a/src/main/java/com/uid2/shared/secure/gcpoidc/PolicyValidator.java b/src/main/java/com/uid2/shared/secure/gcpoidc/PolicyValidator.java
@@ -30,8 +30,6 @@ public class PolicyValidator implements IPolicyValidator {
     public static final String ENV_DEBUG_MODE = "DEBUG_MODE";
     public static final String ENV_SKIP_VALIDATIONS = "SKIP_VALIDATIONS";
 
-    public static final String EU_REGION_PREFIX = "europe";
-
     private static final List<String> REQUIRED_ENV_OVERRIDES = ImmutableList.of(
             ENV_ENVIRONMENT,
             ENV_OPERATOR_API_KEY_SECRET_NAME
@@ -88,13 +86,13 @@ private static String checkWorkload(TokenPayload payload) throws AttestationExce
         return payload.getWorkloadImageDigest();
     }
 
-    // We don't support to launch UID2 instance in EU.
-    // Currently, there's no GCP serving options in China mainland, so we will skip the check for CN.
+    // Verify that region is specified.
+    // Currently, there's no GCP serving options in China mainland, so we skip the check for CN.
     // More details about zone in https://cloud.google.com/compute/docs/regions-zones.
     private static String checkRegion(TokenPayload payload) throws AttestationException{
         var region = payload.getGceZone();
-        if(Strings.isNullOrEmpty(region) || region.startsWith(EU_REGION_PREFIX)){
-            throw new AttestationClientException("Region is not supported. Value: " + region, AttestationFailure.BAD_FORMAT);
+        if(Strings.isNullOrEmpty(region)){
+            throw new AttestationClientException("Region is not specified.", AttestationFailure.BAD_FORMAT);
         }
         return region;
     }
diff --git a/src/test/java/com/uid2/shared/secure/gcpoidc/PolicyValidatorTest.java b/src/test/java/com/uid2/shared/secure/gcpoidc/PolicyValidatorTest.java
@@ -87,13 +87,12 @@ public void testValidationFailure_NotConfidentialSpace() {
     }
 
     @Test
-    public void testValidationFailure_EURegion() {
+    public void testValidationSuccess_EURegion() {
         var validator = new PolicyValidator(ATTESTATION_URL);
         var payload = generateBasicPayload().toBuilder()
                 .gceZone("europe-north1-a")
                 .build();
-        var e = assertThrows(AttestationException.class, () -> validator.validate(payload));
-        assertEquals(AttestationFailure.BAD_FORMAT, ((AttestationClientException) e).getAttestationFailure());
+        assertDoesNotThrow(() -> validator.validate(payload));
     }
 
     @Test

Original file line number	Diff line number	Diff line change
`@@ -87,13 +87,12 @@ public void testValidationFailure_NotConfidentialSpace() {`
`87`	`87`	`}`
`88`	`88`
`89`	`89`	`@Test`
`90`		`- public void testValidationFailure_EURegion() {`
	`90`	`+ public void testValidationSuccess_EURegion() {`
`91`	`91`	`var validator = new PolicyValidator(ATTESTATION_URL);`
`92`	`92`	`var payload = generateBasicPayload().toBuilder()`
`93`	`93`	`.gceZone("europe-north1-a")`
`94`	`94`	`.build();`
`95`		`- var e = assertThrows(AttestationException.class, () -> validator.validate(payload));`
`96`		`- assertEquals(AttestationFailure.BAD_FORMAT, ((AttestationClientException) e).getAttestationFailure());`
	`95`	`+ assertDoesNotThrow(() -> validator.validate(payload));`
`97`	`96`	`}`
`98`	`97`
`99`	`98`	`@Test`