Merge pull request #426 from wultra/develop

Merge develop to master

.github/dependabot.yml

@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "maven"
+    directory: "/"
+    schedule:
+      interval: "weekly"

.github/workflows/codeql-analysis.yml

@@ -1,67 +1,22 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
 name: "CodeQL"
 
 on:
+  workflow_dispatch:
   push:
-    branches: [ develop, master ]
+    branches: [ 'develop', 'master', 'releases/**' ]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ develop ]
+    branches: [ 'develop', 'master', 'releases/**' ]
   schedule:
-    - cron: '27 4 * * 2'
+    - cron: '0 2 * * 4'
 
 jobs:
-  analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'java' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
-        # Learn more:
-        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+  codeql-analysis:
+    uses: wultra/wultra-infrastructure/.github/workflows/codeql-analysis.yml@develop
+    secrets: inherit
+    with:
+      languages: "['java']"
+      # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+      # Use only 'java' to analyze code written in Java, Kotlin or both
+      # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
+      # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support

docs/RESTful-API-for-Spring.md

@@ -394,16 +394,16 @@ You can encrypt data in `application` scope (non-personalized) using following p
 public class EncryptedDataExchangeController {
 
     @RequestMapping(value = "application", method = RequestMethod.POST)
-    @PowerAuthEncryption(scope = EciesScope.APPLICATION_SCOPE)
+    @PowerAuthEncryption(scope = EncryptionScope.APPLICATION_SCOPE)
     public DataExchangeResponse exchangeInApplicationScope(@EncryptedRequestBody DataExchangeRequest request,
-                                             EciesEncryptionContext eciesContext) throws PowerAuthEncryptionException {
+                                                           EncryptionContext encryptionContext) throws PowerAuthEncryptionException {
 
-        if (eciesContext == null) {
+        if (encryptionContext == null) {
             throw new PowerAuthEncryptionException();
         }
 
         // Return a slightly different String containing original data in response
-        return new DataExchangeResponse("Server successfully decrypted signed data: " + (request == null ? "''" : request.getData()) + ", scope: " + eciesContext.getEciesScope());
+        return new DataExchangeResponse("Server successfully decrypted signed data: " + (request == null ? "''" : request.getData()) + ", scope: " + encryptionContext.getEncryptionScope());
     }
 }
 ```
@@ -422,16 +422,16 @@ You can encrypt data in `activation` scope (personalized) using following patter
 public class EncryptedDataExchangeController {
 
     @RequestMapping(value = "activation", method = RequestMethod.POST)
-    @PowerAuthEncryption(scope = EciesScope.ACTIVATION_SCOPE)
+    @PowerAuthEncryption(scope = EncryptionScope.ACTIVATION_SCOPE)
     public DataExchangeResponse exchangeInActivationScope(@EncryptedRequestBody DataExchangeRequest request,
-                                            EciesEncryptionContext eciesContext) throws PowerAuthEncryptionException {
+                                                          EncryptionContext encryptionContext) throws PowerAuthEncryptionException {
 
-        if (eciesContext == null) {
+        if (encryptionContext == null) {
             throw new PowerAuthEncryptionException();
         }
 
         // Return a slightly different String containing original data in response
-        return new DataExchangeResponse("Server successfully decrypted signed data: " + (request == null ? "''" : request.getData()) + ", scope: " + eciesContext.getEciesScope());
+        return new DataExchangeResponse("Server successfully decrypted signed data: " + (request == null ? "''" : request.getData()) + ", scope: " + encryptionContext.getEncryptionScope());
     }
 }
 ```
@@ -451,16 +451,16 @@ public class EncryptedDataExchangeController {
 
     @RequestMapping(value = "signed", method = RequestMethod.POST)
     @PowerAuth(resourceId = "/exchange/signed")
-    @PowerAuthEncryption(scope = EciesScope.ACTIVATION_SCOPE)
+    @PowerAuthEncryption(scope = EncryptionScope.ACTIVATION_SCOPE)
     public DataExchangeResponse exchangeSignedAndEncryptedData(@EncryptedRequestBody DataExchangeRequest request,
-                                                                EciesEncryptionContext eciesContext,
+                                                                EncryptionContext encryptionContext,
                                                                 PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException, PowerAuthEncryptionException {
 
         if (auth == null || auth.getUserId() == null) {
             throw new PowerAuthSignatureInvalidException();
         }
 
-        if (eciesContext == null) {
+        if (encryptionContext == null) {
             throw new PowerAuthEncryptionException();
         }
 

docs/Readme.md

@@ -1,12 +1,12 @@
 # PowerAuth RESTful Integration Libraries
 
-In order to easily secure your RESTful APIs with PowerAuth, you can use our easy to use integration libraries for Java technology. Integration libraries are responsible for connecting to PowerAuth Server and for publishing required endpoints toward mobile apps.
+In order to easily secure your RESTful APIs with PowerAuth, you can use our integration libraries for Spring technology. Integration libraries are responsible for connecting to PowerAuth Server and for publishing required endpoints toward mobile apps.
 
-**Integration Tutorials**
+## Integration Tutorials
 
 - [Introduction](./Introduction.md)
 - [Build Secure RESTful API (Spring)](./RESTful-API-for-Spring.md)
 
-**Deployment Tutorials**
+## Deployment Tutorials
 
 - [Deploy PowerAuth REST API Standalone Application](./Deploying-PowerAuth-Standard-RESTful-API.md)

lombok.config

@@ -0,0 +1 @@
+lombok.log.fieldName=logger

pom.xml

@@ -28,7 +28,7 @@
 
     <groupId>io.getlime.security</groupId>
     <artifactId>powerauth-restful-integration-parent</artifactId>
-    <version>1.4.0</version>
+    <version>1.5.0</version>
     <packaging>pom</packaging>
 
     <inceptionYear>2017</inceptionYear>
@@ -75,21 +75,20 @@
 
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <maven.compiler.source>1.8</maven.compiler.source>
-        <maven.compiler.target>1.8</maven.compiler.target>
+        <java.version>17</java.version>
+        <maven.compiler.source>${java.version}</maven.compiler.source>
+        <maven.compiler.target>${java.version}</maven.compiler.target>
         <maven-jar-plugin.version>3.3.0</maven-jar-plugin.version>
-        <maven-deploy-plugin.version>3.0.0</maven-deploy-plugin.version>
-        <maven-javadoc-plugin.version>3.4.1</maven-javadoc-plugin.version>
-        <maven-source-plugin.version>3.2.1</maven-source-plugin.version>
-        <maven-war-plugin.version>3.3.2</maven-war-plugin.version>
-        <javax.servlet-api.version>4.0.1</javax.servlet-api.version>
-        <spring-boot.version>2.6.14</spring-boot.version>
+        <maven-deploy-plugin.version>3.1.1</maven-deploy-plugin.version>
+        <maven-javadoc-plugin.version>3.6.0</maven-javadoc-plugin.version>
+        <maven-source-plugin.version>3.3.0</maven-source-plugin.version>
+        <maven-war-plugin.version>3.4.0</maven-war-plugin.version>
+        <spring-boot.version>3.1.3</spring-boot.version>
         <commons-text.version>1.10.0</commons-text.version>
-        <bcprov.version>1.72</bcprov.version>
-        <rest-model-base.version>1.6.0</rest-model-base.version>
-        <powerauth-java-crypto.version>1.4.0</powerauth-java-crypto.version>
-        <powerauth-java-http.version>1.4.0</powerauth-java-http.version>
-        <powerauth-rest-client-spring.version>1.4.0</powerauth-rest-client-spring.version>
+        <bcprov.version>1.76</bcprov.version>
+        <wultra-core.version>1.7.0</wultra-core.version>
+        <powerauth.version>1.5.0</powerauth.version>
+        <powerauth-crypto.version>1.5.1</powerauth-crypto.version>
     </properties>
 
     <dependencyManagement>
@@ -115,6 +114,18 @@
                 <version>${project.version}</version>
             </dependency>
 
+            <dependency>
+                <groupId>io.getlime.core</groupId>
+                <artifactId>annotations</artifactId>
+                <version>${wultra-core.version}</version>
+            </dependency>
+
+            <dependency>
+                <groupId>io.getlime.core</groupId>
+                <artifactId>rest-model-base</artifactId>
+                <version>${wultra-core.version}</version>
+            </dependency>
+
             <!-- 3rd Party Dependencies -->
             <dependency>
                 <groupId>org.bouncycastle</groupId>
@@ -124,6 +135,14 @@
         </dependencies>
     </dependencyManagement>
 
+    <dependencies>
+        <dependency>
+            <groupId>org.projectlombok</groupId>
+            <artifactId>lombok</artifactId>
+            <scope>provided</scope>
+        </dependency>
+    </dependencies>
+
     <build>
         <plugins>
             <plugin>

powerauth-restful-model/pom.xml

@@ -30,14 +30,13 @@
     <parent>
         <groupId>io.getlime.security</groupId>
         <artifactId>powerauth-restful-integration-parent</artifactId>
-        <version>1.4.0</version>
+        <version>1.5.0</version>
     </parent>
 
     <dependencies>
         <dependency>
             <groupId>io.getlime.core</groupId>
             <artifactId>rest-model-base</artifactId>
-            <version>${rest-model-base.version}</version>
         </dependency>
     </dependencies>
 

powerauth-restful-model/src/main/java/io/getlime/security/powerauth/rest/api/model/response/v3/TokenRemoveResponse.java → powerauth-restful-model/src/main/java/io/getlime/security/powerauth/rest/api/model/entity/UserInfoStage.java

@@ -2,7 +2,7 @@
  * PowerAuth integration libraries for RESTful API applications, examples and
  * related software components
  *
- * Copyright (C) 2018 Wultra s.r.o.
+ * Copyright (C) 2023 Wultra s.r.o.
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU Affero General Public License as published
@@ -17,34 +17,34 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.model.response.v3;
+package io.getlime.security.powerauth.rest.api.model.entity;
 
 /**
- * Class representing response transport object for token removal.
+ * Information about where the user info is requested from, i.e., during the activation, or via a separate user info
+ * endpoint.
  *
  * @author Petr Dvorak, [email protected]
  */
-public class TokenRemoveResponse {
+public enum UserInfoStage {
 
     /**
-     * Token ID of the token to be removed.
+     * The user info was requested from the activation process carried out via activation code.
      */
-    private String tokenId;
+    ACTIVATION_PROCESS_ACTIVATION_CODE,
 
     /**
-     * Get token ID.
-     * @return Token ID.
+     * The user info was requested from the activation process carried out via custom attributes.
      */
-    public String getTokenId() {
-        return tokenId;
-    }
+    ACTIVATION_PROCESS_CUSTOM,
 
     /**
-     * Set token ID.
-     * @param tokenId Token ID.
+     * The user info was requested from the activation process carried out via recovery codes.
      */
-    public void setTokenId(String tokenId) {
-        this.tokenId = tokenId;
-    }
+    ACTIVATION_PROCESS_RECOVERY,
+
+    /**
+     * The user info was requested from the user info endpoint.
+     */
+    USER_INFO_ENDPOINT
 
 }

powerauth-restful-model/src/main/java/io/getlime/security/powerauth/rest/api/model/request/v3/ActivationLayer1Request.java → powerauth-restful-model/src/main/java/io/getlime/security/powerauth/rest/api/model/request/ActivationLayer1Request.java

@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.model.request.v3;
+package io.getlime.security.powerauth.rest.api.model.request;
 
 import io.getlime.security.powerauth.rest.api.model.entity.ActivationType;
 

powerauth-restful-model/src/main/java/io/getlime/security/powerauth/rest/api/model/request/v3/ActivationLayer2Request.java → powerauth-restful-model/src/main/java/io/getlime/security/powerauth/rest/api/model/request/ActivationLayer2Request.java

@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.model.request.v3;
+package io.getlime.security.powerauth.rest.api.model.request;
 
 /**
  * Request object for activation layer 2 request.

powerauth-restful-model/src/main/java/io/getlime/security/powerauth/rest/api/model/request/v3/ActivationStatusRequest.java → powerauth-restful-model/src/main/java/io/getlime/security/powerauth/rest/api/model/request/ActivationStatusRequest.java

@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.model.request.v3;
+package io.getlime.security.powerauth.rest.api.model.request;
 
 /**
  * Request object for /pa/v3/activation/status end-point.