From 6537266c9a1555a8bad56c89a9b6d59a7f28642b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pablo=20Hern=C3=A1n=20Carle?= Date: Tue, 28 Nov 2023 17:06:26 +0100 Subject: [PATCH 01/14] enable cors in attls mode MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pablo Hernán Carle --- gateway-service/src/main/resources/application.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/gateway-service/src/main/resources/application.yml b/gateway-service/src/main/resources/application.yml index d7ec93953e..1898b504c3 100644 --- a/gateway-service/src/main/resources/application.yml +++ b/gateway-service/src/main/resources/application.yml @@ -346,6 +346,7 @@ server: scheme: http apiml: service: + corsEnabled: true scheme: http eureka: instance: From 283ebe89574199590e49abfa65c695797b72f162 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pablo=20Hern=C3=A1n=20Carle?= Date: Tue, 28 Nov 2023 17:39:18 +0100 Subject: [PATCH 02/14] wip attls allowed origin MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pablo Hernán Carle --- api-catalog-services/src/main/resources/application.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/api-catalog-services/src/main/resources/application.yml b/api-catalog-services/src/main/resources/application.yml index d3a1554642..a2453e8d22 100644 --- a/api-catalog-services/src/main/resources/application.yml +++ b/api-catalog-services/src/main/resources/application.yml @@ -246,6 +246,7 @@ eureka: metadata-map: apiml: corsEnabled: true + corsAllowedOrigins: https://${apiml.service.hostname}:${apiml.service.port} apiInfo: - apiId: zowe.apiml.apicatalog version: 1.0.0 From b84f181ad807160d52a8e6d5f6aa4ac7cae9cae1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pablo=20Hern=C3=A1n=20Carle?= Date: Wed, 29 Nov 2023 09:45:38 +0100 Subject: [PATCH 03/14] update to correct environment variable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pablo Hernán Carle --- .../main/resources/zosmf-static-definition.yaml.template | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/discovery-package/src/main/resources/zosmf-static-definition.yaml.template b/discovery-package/src/main/resources/zosmf-static-definition.yaml.template index 1786279a84..a5b8865614 100644 --- a/discovery-package/src/main/resources/zosmf-static-definition.yaml.template +++ b/discovery-package/src/main/resources/zosmf-static-definition.yaml.template @@ -8,7 +8,7 @@ services: title: z/OSMF description: IBM z/OS Management Facility REST API service instanceBaseUrls: - - ${ZOSMF_SCHEME:-https}://${ZOSMF_HOST}:${ZOSMF_PORT}/zosmf/ + - ${ZWE_zOSMF_scheme:-https}://${ZOSMF_HOST}:${ZOSMF_PORT}/zosmf/ homePageRelativeUrl: # Home page is at the same URL routedServices: - gatewayUrl: api/v1 @@ -29,7 +29,7 @@ services: description: 'IBM z/OS Management Facility REST API service. Once configured you can access z/OSMF via the API gateway: https://${ZOWE_EXPLORER_HOST}:${GATEWAY_PORT}/ibmzosmf/api/v1/info' catalogUiTileId: zosmf instanceBaseUrls: - - ${ZOSMF_SCHEME:-https}://${ZOSMF_HOST}:${ZOSMF_PORT}/ + - ${ZWE_zOSMF_scheme:-https}://${ZOSMF_HOST}:${ZOSMF_PORT}/ homePageRelativeUrl: # Home page is at the same URL routedServices: - gatewayUrl: api/v1 @@ -40,7 +40,7 @@ services: - apiId: ibm.zosmf gatewayUrl: api/v1 documentationUrl: https://www.ibm.com/support/knowledgecenter/en/SSLTBW_2.4.0/com.ibm.zos.v2r4.izua700/IZUHPINFO_RESTServices.htm - swaggerUrl: ${ZOSMF_SCHEME:-https}://${ZOSMF_HOST}:${ZOSMF_PORT}/zosmf/api/docs + swaggerUrl: ${ZWE_zOSMF_scheme:-https}://${ZOSMF_HOST}:${ZOSMF_PORT}/zosmf/api/docs customMetadata: apiml: enableUrlEncodedCharacters: true From fbf71243f6b61117b76748ec5c015a782034eaf0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20Jare=C5=A1?= Date: Wed, 29 Nov 2023 15:44:01 +0100 Subject: [PATCH 04/14] enhacement for CORS --- .../config/ConnectionsConfig.java | 11 +++-- .../java/org/zowe/apiml/util/CorsUtils.java | 3 ++ .../org/zowe/apiml/util/CorsUtilsTest.java | 32 +++++++++++-- .../gateway/security/config/CorsBeans.java | 46 +++++++++++++++++-- 4 files changed, 79 insertions(+), 13 deletions(-) diff --git a/cloud-gateway-service/src/main/java/org/zowe/apiml/cloudgatewayservice/config/ConnectionsConfig.java b/cloud-gateway-service/src/main/java/org/zowe/apiml/cloudgatewayservice/config/ConnectionsConfig.java index 6408249eb7..6b7617d234 100644 --- a/cloud-gateway-service/src/main/java/org/zowe/apiml/cloudgatewayservice/config/ConnectionsConfig.java +++ b/cloud-gateway-service/src/main/java/org/zowe/apiml/cloudgatewayservice/config/ConnectionsConfig.java @@ -23,6 +23,8 @@ import io.netty.handler.ssl.SslContext; import io.netty.handler.ssl.SslContextBuilder; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang3.StringUtils; +import org.apache.http.client.utils.URIBuilder; import org.springframework.aop.support.AopUtils; import org.springframework.beans.BeanUtils; import org.springframework.beans.BeansException; @@ -49,6 +51,7 @@ import org.springframework.context.annotation.Conditional; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Primary; +import org.springframework.core.env.Environment; import org.springframework.http.client.reactive.ReactorClientHttpConnector; import org.springframework.web.cors.reactive.CorsConfigurationSource; import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource; @@ -70,12 +73,10 @@ import javax.annotation.PostConstruct; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.TrustManagerFactory; +import java.net.URISyntaxException; import java.security.KeyStore; import java.time.Duration; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; +import java.util.*; import static org.springframework.cloud.netflix.eureka.EurekaClientConfigBean.DEFAULT_ZONE; @@ -322,7 +323,7 @@ public CorsConfigurationSource corsConfigurationSource(RoutePredicateHandlerMapp @Bean public CorsUtils corsUtils() { - return new CorsUtils(corsEnabled); + return new CorsUtils(corsEnabled, null); } @Bean diff --git a/common-service-core/src/main/java/org/zowe/apiml/util/CorsUtils.java b/common-service-core/src/main/java/org/zowe/apiml/util/CorsUtils.java index 446f13193f..13b360bd34 100644 --- a/common-service-core/src/main/java/org/zowe/apiml/util/CorsUtils.java +++ b/common-service-core/src/main/java/org/zowe/apiml/util/CorsUtils.java @@ -26,6 +26,7 @@ public class CorsUtils { private static final List allowedCorsHttpMethods; private final boolean corsEnabled; + private final List allowedOrigins; private static final Pattern gatewayRoutesPattern = Pattern.compile("apiml\\.routes.*.gateway\\S*"); private static final List CORS_ENABLED_ENDPOINTS = Arrays.asList("/*/*/gateway/**", "/gateway/*/*/**", "/gateway/version"); @@ -75,6 +76,8 @@ private CorsConfiguration setAllowedOriginsForService(Map metada public void registerDefaultCorsConfiguration(BiConsumer pathMapper) { final CorsConfiguration config = new CorsConfiguration(); List pathsToEnable; + + config.setAllowedOrigins(allowedOrigins); if (corsEnabled) { config.setAllowCredentials(true); config.addAllowedOriginPattern(CorsConfiguration.ALL); //NOSONAR this is a replication of existing code diff --git a/common-service-core/src/test/java/org/zowe/apiml/util/CorsUtilsTest.java b/common-service-core/src/test/java/org/zowe/apiml/util/CorsUtilsTest.java index 3da76071cd..cfce1dab54 100644 --- a/common-service-core/src/test/java/org/zowe/apiml/util/CorsUtilsTest.java +++ b/common-service-core/src/test/java/org/zowe/apiml/util/CorsUtilsTest.java @@ -13,11 +13,15 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Nested; import org.junit.jupiter.api.Test; +import org.mockito.ArgumentCaptor; +import org.springframework.web.cors.CorsConfiguration; -import java.util.HashMap; -import java.util.Map; +import java.util.*; +import java.util.function.BiConsumer; import static org.junit.jupiter.api.Assertions.*; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.*; class CorsUtilsTest { @@ -31,7 +35,7 @@ void setup() { @Nested class GivenCorsEnabled { - CorsUtils corsUtils = new CorsUtils(true); + CorsUtils corsUtils = new CorsUtils(true, Collections.emptyList()); @Test void registerDefaultConfig() { @@ -86,7 +90,7 @@ void registerConfigForServiceWithCustomOrigins() { @Nested class GivenCorsDisabled { - CorsUtils corsUtils = new CorsUtils(false); + CorsUtils corsUtils = new CorsUtils(false, Collections.emptyList()); @Test void registerEmptyDefaultConfig() { @@ -106,4 +110,24 @@ void registerEmptyConfigForService() { ); } } + + @Nested + class Attls { + + @Test + void setAllowedOrigins() { + List allowedOrigins = Arrays.asList("a"); + CorsUtils corsUtils = new CorsUtils(true, allowedOrigins); + BiConsumer pathMapper = mock(BiConsumer.class); + corsUtils.registerDefaultCorsConfiguration(pathMapper); + + ArgumentCaptor corsConfigurationCaptor = ArgumentCaptor.forClass(CorsConfiguration.class); + + verify(pathMapper, times(3)).accept(any(), corsConfigurationCaptor.capture()); + assertEquals(1, corsConfigurationCaptor.getValue().getAllowedOrigins().size()); + assertEquals("a", corsConfigurationCaptor.getValue().getAllowedOrigins().get(0)); + } + + } + } diff --git a/gateway-service/src/main/java/org/zowe/apiml/gateway/security/config/CorsBeans.java b/gateway-service/src/main/java/org/zowe/apiml/gateway/security/config/CorsBeans.java index d3087a345d..b2c1fc1b3e 100644 --- a/gateway-service/src/main/java/org/zowe/apiml/gateway/security/config/CorsBeans.java +++ b/gateway-service/src/main/java/org/zowe/apiml/gateway/security/config/CorsBeans.java @@ -11,17 +11,20 @@ package org.zowe.apiml.gateway.security.config; import lombok.RequiredArgsConstructor; +import org.apache.commons.lang3.StringUtils; +import org.apache.http.client.utils.URIBuilder; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.cloud.netflix.zuul.filters.ZuulProperties; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.core.env.Environment; import org.springframework.web.cors.CorsConfigurationSource; import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import org.zowe.apiml.util.CorsUtils; -import java.util.Arrays; -import java.util.HashSet; +import java.net.URISyntaxException; +import java.util.*; /** * Externalized configuration of CORS behavior @@ -54,8 +57,43 @@ private void addCorsRelatedIgnoredHeaders() { )); } + List getDefaultAllowedOrigins( + Environment environment, + boolean ssl, + String externalUrl, + String hostname, + int port + ) throws URISyntaxException { + if (corsEnabled) return null; + + boolean attls = Arrays.asList(environment.getActiveProfiles()).contains("attls"); + if (!attls) { + // TODO: this method is a hotfix for AT-TLS, but it could be a breaking change, verify no-ATTLS configuration in v3 + return null; + } + + Set gatewayOrigins = new HashSet<>(); + if (StringUtils.isNotBlank(externalUrl)) { + gatewayOrigins.add(externalUrl); + } + gatewayOrigins.add(new URIBuilder() + .setScheme(attls || ssl ? "https" : "http") + .setHost(hostname) + .setPort(port) + .build().toString() + ); + + return new ArrayList<>(gatewayOrigins); + } @Bean - CorsUtils corsUtils() { - return new CorsUtils(corsEnabled); + CorsUtils corsUtils( + Environment environment, + @Value("${server.ssl.enabled}") boolean ssl, + @Value("${apiml.service.externalUrl:}") String externalUrl, + @Value("${server.hostname:${apiml.service.hostname}}") String hostname, + @Value("${server.port}") int port + ) throws URISyntaxException { + + return new CorsUtils(corsEnabled, getDefaultAllowedOrigins(environment, ssl, externalUrl, hostname, port)); } } From b3c81431749a0fd5936a858ade63848d5e8a47b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pablo=20Hern=C3=A1n=20Carle?= Date: Wed, 29 Nov 2023 16:29:16 +0100 Subject: [PATCH 05/14] wip cors configuration, update start.sh scripts MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pablo Hernán Carle --- .../src/main/resources/bin/start.sh | 14 ++++++++++++- .../src/main/resources/application.yml | 2 +- .../src/main/resources/bin/start.sh | 7 ++++++- .../src/main/resources/bin/start.sh | 7 ++++++- .../config/ConnectionsConfig.java | 10 ++++----- .../java/org/zowe/apiml/util/CorsUtils.java | 2 ++ .../src/main/resources/bin/start.sh | 7 ++++++- .../src/main/resources/bin/start.sh | 21 ++++++++++++------- .../service/CorsMetadataProcessorTest.java | 9 +++----- .../src/main/resources/bin/start.sh | 7 ++++++- 10 files changed, 61 insertions(+), 25 deletions(-) diff --git a/api-catalog-package/src/main/resources/bin/start.sh b/api-catalog-package/src/main/resources/bin/start.sh index 204bef2987..5cec097c96 100755 --- a/api-catalog-package/src/main/resources/bin/start.sh +++ b/api-catalog-package/src/main/resources/bin/start.sh @@ -125,9 +125,20 @@ LIBPATH="$LIBPATH":"${JAVA_HOME}"/lib/s390/default LIBPATH="$LIBPATH":"${JAVA_HOME}"/lib/s390/j9vm LIBPATH="$LIBPATH":"${LIBRARY_PATH}" +ATTLS_ENABLED="false" +if [ -n "$(echo ${ZWE_configs_spring_profiles_active:-} | awk '/^(.*,)?attls(,.*)?$/')" ]; then + ATTLS_ENABLED="true" +fi + +if [ "${ZWE_configs_server_ssl_enabled:-true}" = "true" -o "$ATTLS_ENABLED" = "true" ]; then + httpProtocol="https" +else + httpProtocol="http" +fi + # Verify discovery service URL in case AT-TLS is enabled, assumes outgoing rules are in place ZWE_DISCOVERY_SERVICES_LIST=${ZWE_DISCOVERY_SERVICES_LIST:-"https://${ZWE_haInstance_hostname:-localhost}:${ZWE_components_discovery_port:-7553}/eureka/"} -if [ -n "$(echo ${ZWE_configs_spring_profiles_active:-} | awk '/^(.*,)?attls(,.*)?$/')" ]; then +if [ "$ATTLS_ENABLED" = "true" ]; then ZWE_DISCOVERY_SERVICES_LIST=$(echo "${ZWE_DISCOVERY_SERVICES_LIST=}" | sed -e 's|https://|http://|g') fi @@ -157,6 +168,7 @@ _BPX_JOBNAME=${ZWE_zowe_job_prefix}${CATALOG_CODE} java \ -Dapiml.service.discoveryServiceUrls=${ZWE_DISCOVERY_SERVICES_LIST} \ -Dapiml.service.gatewayHostname=${ZWE_GATEWAY_HOST:-${ZWE_haInstance_hostname:-localhost}} \ -Dapiml.logs.location=${ZWE_zowe_logDirectory} \ + -Dapiml.service.externalUrl="${httpProtocol}://${ZWE_zowe_externalDomains_0}:${ZWE_zowe_externalPort}" \ -Dapiml.discovery.staticApiDefinitionsDirectories=${ZWE_STATIC_DEFINITIONS_DIR} \ -Dapiml.security.ssl.verifySslCertificatesOfServices=${verifySslCertificatesOfServices:-false} \ -Dapiml.security.ssl.nonStrictVerifySslCertificatesOfServices=${nonStrictVerifySslCertificatesOfServices:-false} \ diff --git a/api-catalog-services/src/main/resources/application.yml b/api-catalog-services/src/main/resources/application.yml index a2453e8d22..3d58036ce9 100644 --- a/api-catalog-services/src/main/resources/application.yml +++ b/api-catalog-services/src/main/resources/application.yml @@ -246,7 +246,7 @@ eureka: metadata-map: apiml: corsEnabled: true - corsAllowedOrigins: https://${apiml.service.hostname}:${apiml.service.port} + corsAllowedOrigins: https://${apiml.service.hostname}:${apiml.service.port},${apiml.service.externalUrl} apiInfo: - apiId: zowe.apiml.apicatalog version: 1.0.0 diff --git a/caching-service-package/src/main/resources/bin/start.sh b/caching-service-package/src/main/resources/bin/start.sh index efe285d742..98bb1f78dd 100755 --- a/caching-service-package/src/main/resources/bin/start.sh +++ b/caching-service-package/src/main/resources/bin/start.sh @@ -113,9 +113,14 @@ LIBPATH="$LIBPATH":"${JAVA_HOME}"/lib/s390/default LIBPATH="$LIBPATH":"${JAVA_HOME}"/lib/s390/j9vm LIBPATH="$LIBPATH":"${LIBRARY_PATH}" +ATTLS_ENABLED="false" +if [ -n "$(echo ${ZWE_configs_spring_profiles_active:-} | awk '/^(.*,)?attls(,.*)?$/')" ]; then + ATTLS_ENABLED="true" +fi + # Verify discovery service URL in case AT-TLS is enabled, assumes outgoing rules are in place ZWE_DISCOVERY_SERVICES_LIST=${ZWE_DISCOVERY_SERVICES_LIST:-"https://${ZWE_haInstance_hostname:-localhost}:${ZWE_components_discovery_port:-7553}/eureka/"} -if [ -n "$(echo ${ZWE_configs_spring_profiles_active:-} | awk '/^(.*,)?attls(,.*)?$/')" ]; then +if [ "$ATTLS_ENABLED" = "true" ]; then ZWE_DISCOVERY_SERVICES_LIST=$(echo "${ZWE_DISCOVERY_SERVICES_LIST=}" | sed -e 's|https://|http://|g') fi diff --git a/cloud-gateway-package/src/main/resources/bin/start.sh b/cloud-gateway-package/src/main/resources/bin/start.sh index c6c30d389b..e4440c52e0 100755 --- a/cloud-gateway-package/src/main/resources/bin/start.sh +++ b/cloud-gateway-package/src/main/resources/bin/start.sh @@ -76,9 +76,14 @@ LIBPATH="$LIBPATH":"${JAVA_HOME}"/lib/s390/default LIBPATH="$LIBPATH":"${JAVA_HOME}"/lib/s390/j9vm LIBPATH="$LIBPATH":"${LIBRARY_PATH}" +ATTLS_ENABLED="false" +if [ -n "$(echo ${ZWE_configs_spring_profiles_active:-} | awk '/^(.*,)?attls(,.*)?$/')" ]; then + ATTLS_ENABLED="true" +fi + # Verify discovery service URL in case AT-TLS is enabled, assumes outgoing rules are in place ZWE_DISCOVERY_SERVICES_LIST=${ZWE_DISCOVERY_SERVICES_LIST:-"https://${ZWE_haInstance_hostname:-localhost}:${ZWE_components_discovery_port:-7553}/eureka/"} -if [ -n "$(echo ${ZWE_configs_spring_profiles_active:-} | awk '/^(.*,)?attls(,.*)?$/')" ]; then +if [ "$ATTLS_ENABLED" = "true" ]; then ZWE_DISCOVERY_SERVICES_LIST=$(echo "${ZWE_DISCOVERY_SERVICES_LIST=}" | sed -e 's|https://|http://|g') fi diff --git a/cloud-gateway-service/src/main/java/org/zowe/apiml/cloudgatewayservice/config/ConnectionsConfig.java b/cloud-gateway-service/src/main/java/org/zowe/apiml/cloudgatewayservice/config/ConnectionsConfig.java index 6b7617d234..b7995bde5f 100644 --- a/cloud-gateway-service/src/main/java/org/zowe/apiml/cloudgatewayservice/config/ConnectionsConfig.java +++ b/cloud-gateway-service/src/main/java/org/zowe/apiml/cloudgatewayservice/config/ConnectionsConfig.java @@ -23,8 +23,6 @@ import io.netty.handler.ssl.SslContext; import io.netty.handler.ssl.SslContextBuilder; import lombok.extern.slf4j.Slf4j; -import org.apache.commons.lang3.StringUtils; -import org.apache.http.client.utils.URIBuilder; import org.springframework.aop.support.AopUtils; import org.springframework.beans.BeanUtils; import org.springframework.beans.BeansException; @@ -51,7 +49,6 @@ import org.springframework.context.annotation.Conditional; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Primary; -import org.springframework.core.env.Environment; import org.springframework.http.client.reactive.ReactorClientHttpConnector; import org.springframework.web.cors.reactive.CorsConfigurationSource; import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource; @@ -73,10 +70,13 @@ import javax.annotation.PostConstruct; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.TrustManagerFactory; -import java.net.URISyntaxException; + import java.security.KeyStore; import java.time.Duration; -import java.util.*; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; import static org.springframework.cloud.netflix.eureka.EurekaClientConfigBean.DEFAULT_ZONE; diff --git a/common-service-core/src/main/java/org/zowe/apiml/util/CorsUtils.java b/common-service-core/src/main/java/org/zowe/apiml/util/CorsUtils.java index 13b360bd34..c38b594312 100644 --- a/common-service-core/src/main/java/org/zowe/apiml/util/CorsUtils.java +++ b/common-service-core/src/main/java/org/zowe/apiml/util/CorsUtils.java @@ -69,6 +69,8 @@ private CorsConfiguration setAllowedOriginsForService(Map metada config.setAllowCredentials(true); config.setAllowedHeaders(Collections.singletonList(CorsConfiguration.ALL)); config.setAllowedMethods(allowedCorsHttpMethods); + } else { + config.setAllowedOrigins(allowedOrigins); } return config; } diff --git a/discovery-package/src/main/resources/bin/start.sh b/discovery-package/src/main/resources/bin/start.sh index ce65b0a23b..2f23d3ff41 100755 --- a/discovery-package/src/main/resources/bin/start.sh +++ b/discovery-package/src/main/resources/bin/start.sh @@ -99,9 +99,14 @@ if [ "$(uname)" = "OS/390" ]; then QUICK_START="-Xquickstart" fi +ATTLS_ENABLED="false" +if [ -n "$(echo ${ZWE_configs_spring_profiles_active:-} | awk '/^(.*,)?attls(,.*)?$/')" ]; then + ATTLS_ENABLED="true" +fi + # Verify discovery service URL in case AT-TLS is enabled, assumes outgoing rules are in place ZWE_DISCOVERY_SERVICES_LIST=${ZWE_DISCOVERY_SERVICES_LIST:-"https://${ZWE_haInstance_hostname:-localhost}:${ZWE_components_discovery_port:-7553}/eureka/"} -if [ -n "$(echo ${ZWE_configs_spring_profiles_active:-} | awk '/^(.*,)?attls(,.*)?$/')" ]; then +if [ "$ATTLS_ENABLED" = "true" ]; then ZWE_DISCOVERY_SERVICES_LIST=$(echo "${ZWE_DISCOVERY_SERVICES_LIST=}" | sed -e 's|https://|http://|g') fi diff --git a/gateway-package/src/main/resources/bin/start.sh b/gateway-package/src/main/resources/bin/start.sh index a05800a819..5b7b8c4a4f 100755 --- a/gateway-package/src/main/resources/bin/start.sh +++ b/gateway-package/src/main/resources/bin/start.sh @@ -137,12 +137,6 @@ else nonStrictVerifySslCertificatesOfServices=false fi -if [ "${ZWE_configs_server_ssl_enabled:-true}" = "true" ]; then - httpProtocol="https" -else - httpProtocol="http" -fi - if [ -z "${ZWE_configs_apiml_catalog_serviceId}" ] then APIML_GATEWAY_CATALOG_ID="apicatalog" @@ -161,9 +155,20 @@ else GATEWAY_LOADER_PATH=${COMMON_LIB} fi +ATTLS_ENABLED="false" +if [ -n "$(echo ${ZWE_configs_spring_profiles_active:-} | awk '/^(.*,)?attls(,.*)?$/')" ]; then + ATTLS_ENABLED="true" +fi + +if [ "${ZWE_configs_server_ssl_enabled:-true}" = "true" -o "$ATTLS_ENABLED" = "true" ]; then + httpProtocol="https" +else + httpProtocol="http" +fi + # Verify discovery service URL in case AT-TLS is enabled, assumes outgoing rules are in place ZWE_DISCOVERY_SERVICES_LIST=${ZWE_DISCOVERY_SERVICES_LIST:-"https://${ZWE_haInstance_hostname:-localhost}:${ZWE_components_discovery_port:-7553}/eureka/"} -if [ -n "$(echo ${ZWE_configs_spring_profiles_active:-} | awk '/^(.*,)?attls(,.*)?$/')" ]; then +if [ "$ATTLS_ENABLED" = "true" ]; then ZWE_DISCOVERY_SERVICES_LIST=$(echo "${ZWE_DISCOVERY_SERVICES_LIST=}" | sed -e 's|https://|http://|g') fi @@ -218,7 +223,7 @@ _BPX_JOBNAME=${ZWE_zowe_job_prefix}${GATEWAY_CODE} java \ -Dapiml.service.discoveryServiceUrls=${ZWE_DISCOVERY_SERVICES_LIST} \ -Dapiml.service.allowEncodedSlashes=${ZWE_configs_apiml_service_allowEncodedSlashes:-true} \ -Dapiml.service.corsEnabled=${ZWE_configs_apiml_service_corsEnabled:-false} \ - -Dapiml.service.externalUrl="${httpProtocol}://${ZWE_zowe_externalDomains_0}:${ZWE_zowe_externalPort}" \ + -Dapiml.service.externalUrl="${httpProtocol}://${ZWE_zowe_externalDomains_0}:${ZWE_zowe_externalPort}" \ -- http protocol is http -Dapiml.service.apimlId=${ZWE_configs_apimlId:-} \ -Dapiml.catalog.serviceId=${APIML_GATEWAY_CATALOG_ID:-apicatalog} \ -Dapiml.cache.storage.location=${ZWE_zowe_workspaceDirectory}/api-mediation/${ZWE_haInstance_id:-localhost} \ diff --git a/gateway-service/src/test/java/org/zowe/apiml/gateway/metadata/service/CorsMetadataProcessorTest.java b/gateway-service/src/test/java/org/zowe/apiml/gateway/metadata/service/CorsMetadataProcessorTest.java index 579635ed89..881025bf92 100644 --- a/gateway-service/src/test/java/org/zowe/apiml/gateway/metadata/service/CorsMetadataProcessorTest.java +++ b/gateway-service/src/test/java/org/zowe/apiml/gateway/metadata/service/CorsMetadataProcessorTest.java @@ -29,8 +29,7 @@ import static org.mockito.Mockito.verify; class CorsMetadataProcessorTest { - private CorsMetadataProcessor underTest; - private CorsUtils corsUtils = new CorsUtils(true); + private CorsUtils corsUtils = new CorsUtils(true, null); ; private UrlBasedCorsConfigurationSource configurationSource; private ArgumentCaptor configurationCaptor = ArgumentCaptor.forClass(CorsConfiguration.class); @@ -39,8 +38,8 @@ class CorsMetadataProcessorTest { void setUp() { EurekaApplications applications = mock(EurekaApplications.class); configurationSource = mock(UrlBasedCorsConfigurationSource.class); - underTest = new CorsMetadataProcessor(applications, configurationSource, corsUtils); - corsUtils = new CorsUtils(true); + new CorsMetadataProcessor(applications, configurationSource, corsUtils); + corsUtils = new CorsUtils(true, null); } @Nested @@ -102,6 +101,4 @@ void corsIsDisabledPerService() { } } - - } diff --git a/metrics-service-package/src/main/resources/bin/start.sh b/metrics-service-package/src/main/resources/bin/start.sh index a432f32907..76b3d62c7a 100755 --- a/metrics-service-package/src/main/resources/bin/start.sh +++ b/metrics-service-package/src/main/resources/bin/start.sh @@ -85,9 +85,14 @@ LIBPATH="$LIBPATH":"${JAVA_HOME}"/lib/s390/default LIBPATH="$LIBPATH":"${JAVA_HOME}"/lib/s390/j9vm LIBPATH="$LIBPATH":"${LIBRARY_PATH}" +ATTLS_ENABLED="false" +if [ -n "$(echo ${ZWE_configs_spring_profiles_active:-} | awk '/^(.*,)?attls(,.*)?$/')" ]; then + ATTLS_ENABLED="true" +fi + # Verify discovery service URL in case AT-TLS is enabled, assumes outgoing rules are in place ZWE_DISCOVERY_SERVICES_LIST=${ZWE_DISCOVERY_SERVICES_LIST:-"https://${ZWE_haInstance_hostname:-localhost}:${ZWE_components_discovery_port:-7553}/eureka/"} -if [ -n "$(echo ${ZWE_configs_spring_profiles_active:-} | awk '/^(.*,)?attls(,.*)?$/')" ]; then +if [ "$ATTLS_ENABLED" = "true" ]; then ZWE_DISCOVERY_SERVICES_LIST=$(echo "${ZWE_DISCOVERY_SERVICES_LIST=}" | sed -e 's|https://|http://|g') fi From a1adef57a4e3ff9780c712e25781dc7548461393 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pablo=20Hern=C3=A1n=20Carle?= Date: Wed, 29 Nov 2023 17:10:03 +0100 Subject: [PATCH 06/14] fix message MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pablo Hernán Carle --- gateway-package/src/main/resources/bin/start.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gateway-package/src/main/resources/bin/start.sh b/gateway-package/src/main/resources/bin/start.sh index 5b7b8c4a4f..0f4eea3517 100755 --- a/gateway-package/src/main/resources/bin/start.sh +++ b/gateway-package/src/main/resources/bin/start.sh @@ -223,7 +223,7 @@ _BPX_JOBNAME=${ZWE_zowe_job_prefix}${GATEWAY_CODE} java \ -Dapiml.service.discoveryServiceUrls=${ZWE_DISCOVERY_SERVICES_LIST} \ -Dapiml.service.allowEncodedSlashes=${ZWE_configs_apiml_service_allowEncodedSlashes:-true} \ -Dapiml.service.corsEnabled=${ZWE_configs_apiml_service_corsEnabled:-false} \ - -Dapiml.service.externalUrl="${httpProtocol}://${ZWE_zowe_externalDomains_0}:${ZWE_zowe_externalPort}" \ -- http protocol is http + -Dapiml.service.externalUrl="${httpProtocol}://${ZWE_zowe_externalDomains_0}:${ZWE_zowe_externalPort}" \ -Dapiml.service.apimlId=${ZWE_configs_apimlId:-} \ -Dapiml.catalog.serviceId=${APIML_GATEWAY_CATALOG_ID:-apicatalog} \ -Dapiml.cache.storage.location=${ZWE_zowe_workspaceDirectory}/api-mediation/${ZWE_haInstance_id:-localhost} \ From a1657741ca649832222062cbc626af45e0d66554 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pablo=20Hern=C3=A1n=20Carle?= Date: Wed, 29 Nov 2023 17:37:19 +0100 Subject: [PATCH 07/14] fix sonar, missing coverage MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pablo Hernán Carle --- .../zowe/apiml/gateway/security/config/CorsBeans.java | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/gateway-service/src/main/java/org/zowe/apiml/gateway/security/config/CorsBeans.java b/gateway-service/src/main/java/org/zowe/apiml/gateway/security/config/CorsBeans.java index b2c1fc1b3e..2640cb08a8 100644 --- a/gateway-service/src/main/java/org/zowe/apiml/gateway/security/config/CorsBeans.java +++ b/gateway-service/src/main/java/org/zowe/apiml/gateway/security/config/CorsBeans.java @@ -64,12 +64,10 @@ List getDefaultAllowedOrigins( String hostname, int port ) throws URISyntaxException { - if (corsEnabled) return null; - - boolean attls = Arrays.asList(environment.getActiveProfiles()).contains("attls"); - if (!attls) { + boolean isAttls = Arrays.asList(environment.getActiveProfiles()).contains("attls"); + if (corsEnabled || !isAttls) { // TODO: this method is a hotfix for AT-TLS, but it could be a breaking change, verify no-ATTLS configuration in v3 - return null; + return null; // NOSONAR } Set gatewayOrigins = new HashSet<>(); @@ -77,7 +75,7 @@ List getDefaultAllowedOrigins( gatewayOrigins.add(externalUrl); } gatewayOrigins.add(new URIBuilder() - .setScheme(attls || ssl ? "https" : "http") + .setScheme("https") .setHost(hostname) .setPort(port) .build().toString() From 8af3fdeeb18da87a8bc26263caa4e557bfdbc814 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pablo=20Hern=C3=A1n=20Carle?= Date: Thu, 30 Nov 2023 11:59:08 +0100 Subject: [PATCH 08/14] add test for coverage MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pablo Hernán Carle --- .../gateway/security/config/CorsBeans.java | 8 +-- .../gateway/security/config/CorsBeanTest.java | 56 +++++++++++++++++++ 2 files changed, 58 insertions(+), 6 deletions(-) create mode 100644 gateway-service/src/test/java/org/zowe/apiml/gateway/security/config/CorsBeanTest.java diff --git a/gateway-service/src/main/java/org/zowe/apiml/gateway/security/config/CorsBeans.java b/gateway-service/src/main/java/org/zowe/apiml/gateway/security/config/CorsBeans.java index 2640cb08a8..866f44c4b0 100644 --- a/gateway-service/src/main/java/org/zowe/apiml/gateway/security/config/CorsBeans.java +++ b/gateway-service/src/main/java/org/zowe/apiml/gateway/security/config/CorsBeans.java @@ -57,16 +57,14 @@ private void addCorsRelatedIgnoredHeaders() { )); } - List getDefaultAllowedOrigins( + List getDefaultAllowedOrigins( // TODO: this method is a hotfix for AT-TLS, but it could be a breaking change, verify no-ATTLS configuration in v3 Environment environment, - boolean ssl, String externalUrl, String hostname, int port ) throws URISyntaxException { boolean isAttls = Arrays.asList(environment.getActiveProfiles()).contains("attls"); if (corsEnabled || !isAttls) { - // TODO: this method is a hotfix for AT-TLS, but it could be a breaking change, verify no-ATTLS configuration in v3 return null; // NOSONAR } @@ -86,12 +84,10 @@ List getDefaultAllowedOrigins( @Bean CorsUtils corsUtils( Environment environment, - @Value("${server.ssl.enabled}") boolean ssl, @Value("${apiml.service.externalUrl:}") String externalUrl, @Value("${server.hostname:${apiml.service.hostname}}") String hostname, @Value("${server.port}") int port ) throws URISyntaxException { - - return new CorsUtils(corsEnabled, getDefaultAllowedOrigins(environment, ssl, externalUrl, hostname, port)); + return new CorsUtils(corsEnabled, getDefaultAllowedOrigins(environment, externalUrl, hostname, port)); } } diff --git a/gateway-service/src/test/java/org/zowe/apiml/gateway/security/config/CorsBeanTest.java b/gateway-service/src/test/java/org/zowe/apiml/gateway/security/config/CorsBeanTest.java new file mode 100644 index 0000000000..88506470b2 --- /dev/null +++ b/gateway-service/src/test/java/org/zowe/apiml/gateway/security/config/CorsBeanTest.java @@ -0,0 +1,56 @@ +/* + * This program and the accompanying materials are made available under the terms of the + * Eclipse Public License v2.0 which accompanies this distribution, and is available at + * https://www.eclipse.org/legal/epl-v20.html + * + * SPDX-License-Identifier: EPL-2.0 + * + * Copyright Contributors to the Zowe Project. + */ + +package org.zowe.apiml.gateway.security.config; + +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Nested; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; +import org.mockito.Mock; +import org.mockito.junit.jupiter.MockitoExtension; +import org.springframework.cloud.netflix.zuul.filters.ZuulProperties; +import org.springframework.core.env.Environment; + +import java.net.URISyntaxException; +import java.util.List; + +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertTrue; +import static org.mockito.Mockito.when; + +// For now, it's only to verify at-tls settings are the correct ones +@ExtendWith(MockitoExtension.class) +class CorsBeanTest { + + @Mock + private Environment environment; + + private CorsBeans corsBeans; + + @BeforeEach + void setUp() { + this.corsBeans = new CorsBeans(new ZuulProperties()); + } + + @Nested + class GivenATTLSIsEnabled { + + @Test + void whenGetDefaultOrigins_thenAllowHttps() throws URISyntaxException { + when(environment.getActiveProfiles()).thenReturn(new String[]{"attls"}); + + List allowedOrigins = corsBeans.getDefaultAllowedOrigins(environment, "https://dvipahost:10010", "lparhost", 10010); + assertEquals(2, allowedOrigins.size()); + assertTrue(allowedOrigins.contains("https://dvipahost:10010")); + assertTrue(allowedOrigins.contains("https://lparhost:10010")); + } + } +} From c81428f7d2b659fe955015c10aa80128dda4f80c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20Jare=C5=A1?= Date: Thu, 30 Nov 2023 14:40:44 +0100 Subject: [PATCH 09/14] add logging message --- .../acceptance/DeterministicUserBasedRoutingTest.java | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/gateway-service/src/test/java/org/zowe/apiml/acceptance/DeterministicUserBasedRoutingTest.java b/gateway-service/src/test/java/org/zowe/apiml/acceptance/DeterministicUserBasedRoutingTest.java index 2082cfcc41..d65d6a1a77 100644 --- a/gateway-service/src/test/java/org/zowe/apiml/acceptance/DeterministicUserBasedRoutingTest.java +++ b/gateway-service/src/test/java/org/zowe/apiml/acceptance/DeterministicUserBasedRoutingTest.java @@ -77,8 +77,14 @@ void thenCallTheSameInstance(RepetitionInfo repetitionInfo) throws IOException { URI selectedInSecondCall = routeToService(token, SC_OK); URI selectedInThirdCall = routeToService(token, SC_OK); - assertThat(selectedInFirstCall.compareTo(selectedInSecondCall), is(0)); - assertThat(selectedInFirstCall.compareTo(selectedInThirdCall), is(0)); + String message = String.format("URLs of the same calls are not the same: `%s`, `%s`, `%s`", + selectedInFirstCall, + selectedInSecondCall, + selectedInThirdCall + ); + + assertThat(message, selectedInFirstCall.compareTo(selectedInSecondCall), is(0)); + assertThat(message, selectedInFirstCall.compareTo(selectedInThirdCall), is(0)); } } From 4cccaddc11db40a3b21ae2b50b5d002fb0782dd2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pablo=20Hern=C3=A1n=20Carle?= Date: Thu, 30 Nov 2023 14:53:55 +0100 Subject: [PATCH 10/14] disable test run in publish result stage MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pablo Hernán Carle --- .github/workflows/integration-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index a68468bbfb..8e1a35173e 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -1540,7 +1540,7 @@ jobs: - name: Code coverage and publish results run: > - ./gradlew --info coverage sonar -Dresults="containercitests/results,citestswithinfinispan/results,containercitestszosmfrsu2012/results,ContainerCITestsWithRedisReplica/results,ContainerCITestsWithRedisSentinel/results,containercitestsinternalport/results,cloudgatewayproxy/results,citestswebsocketchaoticha/results,cloudgatewayservicerouting/results,containercitestszaas/results" + ./gradlew -x test --info coverage sonar -Dresults="containercitests/results,citestswithinfinispan/results,containercitestszosmfrsu2012/results,ContainerCITestsWithRedisReplica/results,ContainerCITestsWithRedisSentinel/results,containercitestsinternalport/results,cloudgatewayproxy/results,citestswebsocketchaoticha/results,cloudgatewayservicerouting/results,containercitestszaas/results" -Psonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_TOKEN -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD env: From ff592f5a8042e90fdb7ebf0b29c7ab1155987cb6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pablo=20Hern=C3=A1n=20Carle?= Date: Thu, 30 Nov 2023 15:19:17 +0100 Subject: [PATCH 11/14] wip MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pablo Hernán Carle --- .github/workflows/integration-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 8e1a35173e..a68468bbfb 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -1540,7 +1540,7 @@ jobs: - name: Code coverage and publish results run: > - ./gradlew -x test --info coverage sonar -Dresults="containercitests/results,citestswithinfinispan/results,containercitestszosmfrsu2012/results,ContainerCITestsWithRedisReplica/results,ContainerCITestsWithRedisSentinel/results,containercitestsinternalport/results,cloudgatewayproxy/results,citestswebsocketchaoticha/results,cloudgatewayservicerouting/results,containercitestszaas/results" + ./gradlew --info coverage sonar -Dresults="containercitests/results,citestswithinfinispan/results,containercitestszosmfrsu2012/results,ContainerCITestsWithRedisReplica/results,ContainerCITestsWithRedisSentinel/results,containercitestsinternalport/results,cloudgatewayproxy/results,citestswebsocketchaoticha/results,cloudgatewayservicerouting/results,containercitestszaas/results" -Psonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_TOKEN -Partifactory_user=$ARTIFACTORY_USERNAME -Partifactory_password=$ARTIFACTORY_PASSWORD env: From a6eddee3e11096eb3a14fb62f132252ab73277b1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20Jare=C5=A1?= Date: Thu, 30 Nov 2023 18:48:24 +0100 Subject: [PATCH 12/14] fix the test --- .../DeterministicUserBasedRoutingTest.java | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/gateway-service/src/test/java/org/zowe/apiml/acceptance/DeterministicUserBasedRoutingTest.java b/gateway-service/src/test/java/org/zowe/apiml/acceptance/DeterministicUserBasedRoutingTest.java index d65d6a1a77..3b0a7b9769 100644 --- a/gateway-service/src/test/java/org/zowe/apiml/acceptance/DeterministicUserBasedRoutingTest.java +++ b/gateway-service/src/test/java/org/zowe/apiml/acceptance/DeterministicUserBasedRoutingTest.java @@ -16,9 +16,10 @@ import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.HttpUriRequest; import org.apache.http.message.BasicStatusLine; +import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Nested; import org.junit.jupiter.api.RepeatedTest; -import org.junit.jupiter.api.RepetitionInfo; +import org.junit.jupiter.api.TestInstance; import org.mockito.ArgumentCaptor; import org.mockito.Mockito; import org.springframework.beans.factory.annotation.Autowired; @@ -40,11 +41,18 @@ * Verify that the behavior configured for the routing chooses for the same user the same service instance. */ @AcceptanceTest +@TestInstance(TestInstance.Lifecycle.PER_CLASS) class DeterministicUserBasedRoutingTest extends AcceptanceTestWithTwoServices { @Autowired protected LoadBalancerCache cache; + @Override public void prepareApplications() { + // to stop updating before each method + } + + @BeforeAll + public void prepareApplicationsAll() { cache.getLocalCache().clear(); applicationRegistry.clearApplications(); MetadataBuilder defaultBuilder = MetadataBuilder.defaultInstance(); @@ -62,13 +70,7 @@ class GivenAuthenticatedUserAndMoreInstancesOfService { class WhenCallingToServiceMultipleTimes { @RepeatedTest(3) - void thenCallTheSameInstance(RepetitionInfo repetitionInfo) throws IOException { - - // initialize the cache and registry only once on first repetition - if (repetitionInfo.getCurrentRepetition() == 1) { - prepareApplications(); - } - + void thenCallTheSameInstance() throws IOException { Cookie token = securityRequests.validJwtToken(); applicationRegistry.setCurrentApplication(serviceWithCustomConfiguration.getId()); From 237336c9a027cc18e9c4b35c1933c4bdc4e1b310 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pablo=20Hern=C3=A1n=20Carle?= Date: Fri, 1 Dec 2023 13:42:53 +0100 Subject: [PATCH 13/14] remove unneeded lines MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Pablo Hernán Carle --- .../gateway/metadata/service/CorsMetadataProcessorTest.java | 2 -- 1 file changed, 2 deletions(-) diff --git a/gateway-service/src/test/java/org/zowe/apiml/gateway/metadata/service/CorsMetadataProcessorTest.java b/gateway-service/src/test/java/org/zowe/apiml/gateway/metadata/service/CorsMetadataProcessorTest.java index 881025bf92..6477fe3ee7 100644 --- a/gateway-service/src/test/java/org/zowe/apiml/gateway/metadata/service/CorsMetadataProcessorTest.java +++ b/gateway-service/src/test/java/org/zowe/apiml/gateway/metadata/service/CorsMetadataProcessorTest.java @@ -36,9 +36,7 @@ class CorsMetadataProcessorTest { @BeforeEach void setUp() { - EurekaApplications applications = mock(EurekaApplications.class); configurationSource = mock(UrlBasedCorsConfigurationSource.class); - new CorsMetadataProcessor(applications, configurationSource, corsUtils); corsUtils = new CorsUtils(true, null); } From bfffd5a60c37d8b3e1a0ca1f19a243b0ff77d677 Mon Sep 17 00:00:00 2001 From: Pablo Carle Date: Fri, 1 Dec 2023 17:59:14 +0100 Subject: [PATCH 14/14] Update gateway-service/src/test/java/org/zowe/apiml/gateway/metadata/service/CorsMetadataProcessorTest.java MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Pavel Jareš <58428711+pj892031@users.noreply.github.com> Signed-off-by: Pablo Carle --- .../gateway/metadata/service/CorsMetadataProcessorTest.java | 1 - 1 file changed, 1 deletion(-) diff --git a/gateway-service/src/test/java/org/zowe/apiml/gateway/metadata/service/CorsMetadataProcessorTest.java b/gateway-service/src/test/java/org/zowe/apiml/gateway/metadata/service/CorsMetadataProcessorTest.java index 6477fe3ee7..94eacf989f 100644 --- a/gateway-service/src/test/java/org/zowe/apiml/gateway/metadata/service/CorsMetadataProcessorTest.java +++ b/gateway-service/src/test/java/org/zowe/apiml/gateway/metadata/service/CorsMetadataProcessorTest.java @@ -30,7 +30,6 @@ class CorsMetadataProcessorTest { private CorsUtils corsUtils = new CorsUtils(true, null); - ; private UrlBasedCorsConfigurationSource configurationSource; private ArgumentCaptor configurationCaptor = ArgumentCaptor.forClass(CorsConfiguration.class);