From 3b5113cf3dcd4f6aa38ae224384bcb6e62891480 Mon Sep 17 00:00:00 2001 From: Loganathan Sekar <42532387+LoganathanSekar7627@users.noreply.github.com> Date: Wed, 4 Jan 2023 13:40:10 +0530 Subject: [PATCH] Merge develop to 1201b2 7 (#655) * [MOSIP-22639] Resolved security hotspots in code (#605) * [MOSIP-24670] Updated API correction id and version * [MOSIP-24670] Updated API body correction * [MOSIP-22640] Fixed Sonar Bugs * updated PR * updated PR * updated review code * [MOSIP-22640] Fixed sonar bugs * updated PR * updated PR * [MOSIP-22639] Resolved security hotspots in code * MOSIP-24939 Improved code coverage. (#604) * MOSIP-24939 Improved code coverage of utility. * MOSIP-24939 Changed hard coded value from properties. * MOSIP-24939 Improved code coverage of RequestValidator * MOSIP-24939 Fixed test case failure. * MOSIP-24939 Changed code as per review comment. * Mosip 24879 add event id in the response of the below stories (#606) * added error for invalid user * added status in 2 apis * changed response of auth-lock-unlock api * updated response of validate otp * added eventid and status in response * added eventId in response header for download eventid api * fixed service history pdf file name * added eventid in response of download card api * convert eventId to constant Co-authored-by: Ritik Jain * MOSIP-24939 Improved code coverage of validator class. (#607) * MOSIP-24939 Improved code coverage of Document validator. * MOSIP-24939 Improved code coverage of Request validator. * MOSIP-24939 Improved code coverage of Request validator. * MOSIP-24939 Improved code coverage of Request validator. * MOSIP-24939 Improved code coverage of Request validator. * MOSIP-24939 Improved code coverage of Request validator. * Fixed service history issue. (#609) * [MOSIP-24630] Fixed Security Vulnerability in code (#608) * [MOSIP-24670] Updated API correction id and version * [MOSIP-24670] Updated API body correction * [MOSIP-22640] Fixed Sonar Bugs * updated PR * updated PR * updated review code * [MOSIP-22640] Fixed sonar bugs * updated PR * updated PR * [MOSIP-22639] Resolved security hotspots in code * [MOSIP-24630] Fixed Security Vulnerability in code * added error for isValidUrl method * renamed vaildateURL method * updated PR * updated PR * email and phone added in profile info (#610) * email and phone added in profile info * validation added when claim is not available * Changes done in identityservice * log added * sysout removed Co-authored-by: Neha Farheen * identity/info API method changed to get photo (#611) * email and phone added in profile info * validation added when claim is not available * Changes done in identityservice * log added * sysout removed * method changed Co-authored-by: Neha Farheen * added masked VID (#612) * email and phone added in profile info * validation added when claim is not available * Changes done in identityservice * log added * sysout removed * method changed * Added masked VID Co-authored-by: Neha Farheen * Mosip 24879 add event id in the response of the below stories (#613) * added error for invalid user * added status in 2 apis * changed response of auth-lock-unlock api * updated response of validate otp * added eventid and status in response * added eventId in response header for download eventid api * fixed service history pdf file name * added eventid in response of download card api * convert eventId to constant * added eventId for error scenarios Co-authored-by: Ritik Jain * Mosip 24879 add event id in the response of the below stories (#614) * added error for invalid user * added status in 2 apis * changed response of auth-lock-unlock api * updated response of validate otp * added eventid and status in response * added eventId in response header for download eventid api * fixed service history pdf file name * added eventid in response of download card api * convert eventId to constant * added eventId for error scenarios * fixed reliability bug * fixed response of share credential API * fixed test failure * updated response for auth lock unlock API * covered code for one method Co-authored-by: Ritik Jain * MOSIP-25310 MOSIP-24730 MOSIP-25312 MOSIP-24731 Added grievance api (#615) * Fixed service history issue. * MOSIP-25310 Added resident_grievance_ticket.sql * MOSIP-25310 Added hasAttachment column to grievance table. * MOSIP-25310 Added hasAttachment column to grievance table. * MOSIP-25310 Added hasAttachment column to grievance table. * MOSIP-25310 Added service class of GrievanceController * MOSIP-25310 Added entity and repository class of grievance table. * MOSIP-25310 Added status in resident entity. * MOSIP-25310 Fixed test case failure. * MOSIP-25310 Get default name from profile. * MOSIP-25310 Added card format to vid card. * MOSIP-25310 made message max length configurable. * MOSIP-25307 Created API to get DocumentType from masterdata (#617) * MOSIP-25307 Created API to get DocumentType from masterdata * JUNIT added for document API Co-authored-by: Neha Farheen * MOSIP-24784 Fixed download card api. (#619) * Fixed service history issue. * MOSIP-24784 Fixed download card api. * Mosip 24879 add event id in the response of the below stories (#618) * added error for invalid user * added status in 2 apis * changed response of auth-lock-unlock api * updated response of validate otp * added eventid and status in response * added eventId in response header for download eventid api * fixed service history pdf file name * added eventid in response of download card api * convert eventId to constant * added eventId for error scenarios * fixed reliability bug * fixed response of share credential API * fixed test failure * updated response for auth lock unlock API * covered code for one method * updated response of request vid card * updated response of validate otp API * created contant for NA Co-authored-by: Ritik Jain * Mosip 24879 add event id in the response of the below stories (#620) * added error for invalid user * added status in 2 apis * changed response of auth-lock-unlock api * updated response of validate otp * added eventid and status in response * added eventId in response header for download eventid api * fixed service history pdf file name * added eventid in response of download card api * convert eventId to constant * added eventId for error scenarios * fixed reliability bug * fixed response of share credential API * fixed test failure * updated response for auth lock unlock API * covered code for one method * updated response of request vid card * updated response of validate otp API * created contant for NA * updated response of generate and revoke vid Co-authored-by: Ritik Jain * Mosip 25307 api create the following proxy ap is from masterdata (#621) * MOSIP-25307 Created API to get DocumentType from masterdata * JUNIT added for document API * MOSIP-25307 done * Changes done Co-authored-by: Neha Farheen * MOSIP-22046 change input LocalDateTime to LocalDate. (#622) * Fixed service history issue. * MOSIP-22046 change input LocalDateTime to LocalDate. * MOSIP-22046 Refactor code. * MOSIP-22046 Fixed test case failure. * MOSIP-22046 Covered edge case of fromDate. * MOSIP-22046 corrected query param for service history api. (#623) * Fixed service history issue. * MOSIP-22046 change input LocalDateTime to LocalDate. * MOSIP-22046 Refactor code. * MOSIP-22046 Fixed test case failure. * MOSIP-22046 Covered edge case of fromDate. * MOSIP-22046 corrected query param for service history api. * Mosip 24879 add event id in the response of the below stories (#625) * added error for invalid user * added status in 2 apis * changed response of auth-lock-unlock api * updated response of validate otp * added eventid and status in response * added eventId in response header for download eventid api * fixed service history pdf file name * added eventid in response of download card api * convert eventId to constant * added eventId for error scenarios * fixed reliability bug * fixed response of share credential API * fixed test failure * updated response for auth lock unlock API * covered code for one method * updated response of request vid card * updated response of validate otp API * created contant for NA * updated response of generate and revoke vid * updated response of update data API and made entry to db * set phone email id in status comment * add phone/email in status comment Co-authored-by: Ritik Jain * MOSIP-21674 Added custom response for download card api. (#624) * Fixed service history issue. * MOSIP-21674 Added getRidStatus method in utility. * MOSIP-21674 Added junit for GrievanceServiceImpl. * Revert "MOSIP-21674 Added junit for GrievanceServiceImpl." This reverts commit a23e63350c411204694f9fd0d7b3322ad953793d. * MOSIP-21674 Added junit for GrievanceServiceImpl. * MOSIP-21674 Fixed getRidStatus Utilities. * MOSIP-21674 Added custom response. * MOSIP-21674 Fixed service history. * MOSIP-21674 Added junit for RequestValidatorTest * MOSIP-21674 Added junit for RequestValidatorTest * MOSIP-21674 Added junit for GrievanceServiceImpl * MOSIP-21674 Added junit for NotificationServiceTest * MOSIP-21674 Added junit for NotificationServiceTest * MOSIP-21674 Added junit for NotificationServiceTest * MOSIP-21674 Added junit for NotificationServiceTest * MOSIP-21674 Added junit for NotificationServiceTest * MOSIP-21674 Added junit for NotificationServiceTest * MOSIP-21674 Added junit for NotificationServiceTest * MOSIP-21674 Added junit for NotificationServiceTest * MOSIP-21674 Removed un-necessary enums. * MOSIP-21674 Refactor code. * MOSIP-21674 Refactor code. * MOSIP-21674 Refactor code. * Mosip 24879 add event id in the response of the below stories (#627) * added error for invalid user * added status in 2 apis * changed response of auth-lock-unlock api * updated response of validate otp * added eventid and status in response * added eventId in response header for download eventid api * fixed service history pdf file name * added eventid in response of download card api * convert eventId to constant * added eventId for error scenarios * fixed reliability bug * fixed response of share credential API * fixed test failure * updated response for auth lock unlock API * covered code for one method * updated response of request vid card * updated response of validate otp API * created contant for NA * updated response of generate and revoke vid * updated response of update data API and made entry to db * set phone email id in status comment * add phone/email in status comment * updated the response of update my uin API * added else statement * added else exception Co-authored-by: Ritik Jain * [MOSIP-24670] Made corrections in id and version (#626) * [MOSIP-24670] Updated API correction id and version * [MOSIP-24670] Updated API body correction * [MOSIP-22640] Fixed Sonar Bugs * updated PR * updated PR * updated review code * [MOSIP-22640] Fixed sonar bugs * updated PR * updated PR * [MOSIP-22639] Resolved security hotspots in code * [MOSIP-24630] Fixed Security Vulnerability in code * added error for isValidUrl method * renamed vaildateURL method * updated PR * updated PR * [MOSIP-24670] Made corrections in id and version * resolved conflicts * updated PR * updated PR * MOSIP-24939 Improved code coverage. (#628) * Fixed service history issue. * MOSIP-24939 Improved code coverage. * MOSIP-24939 Improved code coverage. * added get status of individual id api. (#629) * Fixed service history issue. * MOSIP-24939 Improved code coverage. * MOSIP-24939 Improved code coverage. * added get status of individual id api. * added get status of individual id api. * added get status of individual id api. * Mosip 21147 Upload document changes done (#630) * MOSIP-25307 Created API to get DocumentType from masterdata * JUNIT added for document API * MOSIP-25307 done * Changes done * Upload document changes done * Changes in validaton * JUNIT fixed * Catch clause removed Co-authored-by: Neha Farheen * changes done (#631) Co-authored-by: Ritik Jain * refactored-for-auth-adapter-changes (#632) Co-authored-by: Loganathan Sekar * MOSIP-25274 changes done (#616) * email and phone added in profile info * validation added when claim is not available * Changes done in identityservice * log added * sysout removed * method changed * Added masked VID * MOSIP-25274 done Co-authored-by: Neha Farheen * MOSIP-24939 Fixed sonar bug. (#633) * Fixed service history issue. * MOSIP-24939 Fixed sonar bug. * MOSIP-24939 Fixed validation for download card api. * MOSIP-24939 Improved code coverage. (#634) * Fixed service history issue. * MOSIP-24939 Fixed sonar bug. * MOSIP-24939 Fixed validation for download card api. * MOSIP-24939 Improved code coverage of IdentityService * MOSIP-24939 Improved code coverage of GrievanceController. * MOSIP-24939 Improved code coverage of DownloadCardService. * MOSIP-24939 Removed un-used imports. * MOSIP-24939 Improved code coverage of ResidentServiceImpl. * Changes in identityserviceImpl to check UIN (#635) * email and phone added in profile info * validation added when claim is not available * Changes done in identityservice * log added * sysout removed * method changed * Added masked VID * MOSIP-25274 done * changes in identityServiceimpl to check UIN * Junit fixed Co-authored-by: Neha Farheen * MOSIP-24939 Improved code coverage. (#636) * Fixed service history issue. * MOSIP-24939 Fixed sonar bug. * MOSIP-24939 Fixed validation for download card api. * MOSIP-24939 Improved code coverage of IdentityService * MOSIP-24939 Improved code coverage of GrievanceController. * MOSIP-24939 Improved code coverage of DownloadCardService. * MOSIP-24939 Removed un-used imports. * MOSIP-24939 Improved code coverage of ResidentServiceImpl. * MOSIP-24939 Improved code coverage of IdentityServiceImpl. * MOSIP-24939 Improved code coverage of IdentityServiceImpl. * MOSIP-24939 Improved code coverage of WebSubUpdateAuthTypeServiceTest. * MOSIP-24939 Improved code coverage of IdentityServiceTest. * MOSIP-24939 Removed un-necessary mockito stubbing. * MOSIP-24939 Improved code coverage of IdentityService * MOSIP-24939 Fixed aid otp issue. (#637) * Fixed service history issue. * MOSIP-24939 Fixed sonar bug. * MOSIP-24939 Fixed validation for download card api. * MOSIP-24939 Improved code coverage of IdentityService * MOSIP-24939 Improved code coverage of GrievanceController. * MOSIP-24939 Improved code coverage of DownloadCardService. * MOSIP-24939 Removed un-used imports. * MOSIP-24939 Improved code coverage of ResidentServiceImpl. * MOSIP-24939 Improved code coverage of IdentityServiceImpl. * MOSIP-24939 Improved code coverage of IdentityServiceImpl. * MOSIP-24939 Improved code coverage of WebSubUpdateAuthTypeServiceTest. * MOSIP-24939 Improved code coverage of IdentityServiceTest. * MOSIP-24939 Removed un-necessary mockito stubbing. * MOSIP-24939 Improved code coverage of IdentityService * MOSIP-24939 Fixed aid otp issue. * MOSIP-24939 Fixed aid otp issue. * MOSIP-24939 Fixed test case failure. * updated id version for document APIs (#638) * updated id version for document APIs * fixed version and response msg * fixed version for update uin API * removed extra variable * added junit Co-authored-by: Ritik Jain * Handle client exception from auth codeflow proxy apis (#640) * refactored-for-auth-adapter-changes * Fix to return kernel auth error code for auth failures * corrected merge issues * Handle client exception from auth codeflow proxy apis Co-authored-by: Loganathan Sekar * MOSIP-25438 Fixed placeholder issue. (#641) * Fixed service history issue. * MOSIP-25438 Added default attribute for identity attributes. * MOSIP-25438 Removed send otp from service history. * MOSIP-25438 Added auth type to db in auth lock api. * MOSIP-25438 Added authTypes placeholder value in description. * MOSIP-25438 Added channel placeholder value in description. * MOSIP-25438 Fixed junit failure. * MOSIP-25438 Removed un used constant. * Refactored for auth adapter changes (#642) * refactored-for-auth-adapter-changes * Fix to return kernel auth error code for auth failures * corrected merge issues * Handle client exception from auth codeflow proxy apis * Added flab based jwt verification of userinfo Co-authored-by: Loganathan Sekar * MOSIP-25438 Performed null check for purpose. (#643) * Fixed service history issue. * MOSIP-25438 Added default attribute for identity attributes. * MOSIP-25438 Removed send otp from service history. * MOSIP-25438 Added auth type to db in auth lock api. * MOSIP-25438 Added authTypes placeholder value in description. * MOSIP-25438 Added channel placeholder value in description. * MOSIP-25438 Fixed junit failure. * MOSIP-25438 Removed un used constant. * MOSIP-25438 Performed null check for purpose. * MOSIP-25438 increased purpose column value. (#644) * Fixed service history issue. * MOSIP-25438 Added default attribute for identity attributes. * MOSIP-25438 Removed send otp from service history. * MOSIP-25438 Added auth type to db in auth lock api. * MOSIP-25438 Added authTypes placeholder value in description. * MOSIP-25438 Added channel placeholder value in description. * MOSIP-25438 Fixed junit failure. * MOSIP-25438 Removed un used constant. * MOSIP-25438 Performed null check for purpose. * MOSIP-25438 increased purpose column value. * removed idtype (#646) Co-authored-by: Ritik Jain * [MOSIP-24670] Made corrections in API body, response code (#639) * [MOSIP-24670] Updated API correction id and version * [MOSIP-24670] Updated API body correction * [MOSIP-22640] Fixed Sonar Bugs * updated PR * updated PR * updated review code * [MOSIP-22640] Fixed sonar bugs * updated PR * updated PR * [MOSIP-22639] Resolved security hotspots in code * [MOSIP-24630] Fixed Security Vulnerability in code * added error for isValidUrl method * renamed vaildateURL method * updated PR * updated PR * [MOSIP-24670] Made corrections in id and version * resolved conflicts * updated PR * updated PR * [MOSIP-24670] Made corrections n API body, response code * updated PR * updated PR * updated dateTime * updated PR * MOSIP-25438 increased ref_id column value in otp_transaction.sql. (#647) * Fixed service history issue. * MOSIP-25438 Added default attribute for identity attributes. * MOSIP-25438 Removed send otp from service history. * MOSIP-25438 Added auth type to db in auth lock api. * MOSIP-25438 Added authTypes placeholder value in description. * MOSIP-25438 Added channel placeholder value in description. * MOSIP-25438 Fixed junit failure. * MOSIP-25438 Removed un used constant. * MOSIP-25438 Performed null check for purpose. * MOSIP-25438 increased purpose column value. * MOSIP-25438 increased ref_id column value in otp_transaction.sql. * Merge 1201b2 to develop (#650) * MOSIP-25514 Fixed null pointer exception in event enum. (#648) * MOSIP-25514 Fixed build failure. (#649) * MOSIP-25514 Fixed null pointer exception in event enum. * MOSIP-25514 Fixed build failure. * MOSIP-25514 imported correct package in main class. * Import organization Co-authored-by: kameshsr <47484458+kameshsr@users.noreply.github.com> Co-authored-by: Loganathan Sekar * MOSIP-24372 Fixed update my data api jpa issue. (#653) * Fixed service history issue. * MOSIP-24372 Fixed update my data api jpa issue. * Mosip 25364 resident api we are able to request card of a vid of a different user that is not logged in (#652) * checking logged in user with given vid * fixed juit test cases * removed else throw exception Co-authored-by: Ritik Jain * return masked attributes (#645) Co-authored-by: Ritik Jain Co-authored-by: Aiham Hasan <89243555+aihamh@users.noreply.github.com> Co-authored-by: kameshsr <47484458+kameshsr@users.noreply.github.com> Co-authored-by: RitikJain4108 <99730411+RitikJain4108@users.noreply.github.com> Co-authored-by: Ritik Jain Co-authored-by: Neha2365 <110969715+Neha2365@users.noreply.github.com> Co-authored-by: Neha Farheen Co-authored-by: Loganathan Sekar --- .../mosip/resident/constant/ResidentConstants.java | 3 +++ .../resident/service/impl/IdentityServiceImpl.java | 13 ++++++++++++- .../service/impl/ResidentConfigServiceImpl.java | 11 ++++++++++- 3 files changed, 25 insertions(+), 2 deletions(-) diff --git a/resident/resident-service/src/main/java/io/mosip/resident/constant/ResidentConstants.java b/resident/resident-service/src/main/java/io/mosip/resident/constant/ResidentConstants.java index f7c292534f9..9566603de44 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/constant/ResidentConstants.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/constant/ResidentConstants.java @@ -156,5 +156,8 @@ private ResidentConstants() { public static final String AUTH_TYPES = "authTypes"; public static final String CHANNEL = "channel"; + + public static final String MASK_PREFIX = "mask_"; + public static final String MASK_PERPETUAL_VID = "mask_perpetualVID"; } diff --git a/resident/resident-service/src/main/java/io/mosip/resident/service/impl/IdentityServiceImpl.java b/resident/resident-service/src/main/java/io/mosip/resident/service/impl/IdentityServiceImpl.java index 4e795a5df4a..a3cd4f71fe1 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/service/impl/IdentityServiceImpl.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/service/impl/IdentityServiceImpl.java @@ -247,7 +247,7 @@ public Map getIdentityAttributes(String id, boolean includeUin, } Map response = finalFilter.stream() .filter(a -> { - if(a.equals(PERPETUAL_VID)) { + if(a.equals(PERPETUAL_VID) || a.equals(ResidentConstants.MASK_PERPETUAL_VID)) { Optional perpVid= Optional.empty(); try { perpVid = residentVidService.getPerpatualVid((String) identity.get(UIN)); @@ -264,6 +264,17 @@ public Map getIdentityAttributes(String id, boolean includeUin, return true; } }) + .filter(attr -> { + if(attr.contains(ResidentConstants.MASK_PREFIX)) { + String attributeName = attr.replace(ResidentConstants.MASK_PREFIX, ""); + if(identity.containsKey(attributeName)) { + identity.put(attr, utility.convertToMaskDataFormat((String) identity.get(attributeName))); + } + return true; + } else { + return true; + } + }) .filter(attrib -> identity.containsKey(attrib)) .collect(Collectors.toMap(Function.identity(), identity::get,(m1, m2) -> m1, () -> new LinkedHashMap())); logger.debug("IdentityServiceImpl::getIdentityAttributes()::exit"); diff --git a/resident/resident-service/src/main/java/io/mosip/resident/service/impl/ResidentConfigServiceImpl.java b/resident/resident-service/src/main/java/io/mosip/resident/service/impl/ResidentConfigServiceImpl.java index 45e243ab9ef..94d2313c596 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/service/impl/ResidentConfigServiceImpl.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/service/impl/ResidentConfigServiceImpl.java @@ -25,6 +25,7 @@ import io.mosip.kernel.core.logger.spi.Logger; import io.mosip.kernel.core.util.StringUtils; import io.mosip.resident.config.LoggerConfiguration; +import io.mosip.resident.constant.ResidentConstants; import io.mosip.resident.constant.ResidentErrorCode; import io.mosip.resident.dto.SharableAttributesDTO; import io.mosip.resident.exception.ResidentServiceCheckedException; @@ -47,6 +48,8 @@ public class ResidentConfigServiceImpl implements ResidentConfigService { private static final String FILEUPLOAD = "fileupload"; private static final String INPUT_REQUIRED = "inputRequired"; + + private static final String MASK_REQUIRED = "maskRequired"; private static final String IDENTITY = "identity"; @@ -151,7 +154,13 @@ private List doGetUiSchemaFilteredInputAttributes(String schemaType) thr List uiSchemaFilteredInputAttributesList = identityList.stream() .filter(map -> Boolean.valueOf(String.valueOf(map.get(INPUT_REQUIRED)))) .filter(map -> !FILEUPLOAD.equals(map.get(CONTROL_TYPE))) - .map(map -> (String)map.get(ID)) + .map(map -> { + if(Boolean.valueOf(String.valueOf(map.get(MASK_REQUIRED)))) { + return ResidentConstants.MASK_PREFIX + (String) map.get(ID); + } else { + return (String)map.get(ID); + } + }) .collect(Collectors.toList()); return uiSchemaFilteredInputAttributesList; }