Merge branch 'release-0.5'

datasafe-business/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <artifactId>datasafe</artifactId>
         <groupId>de.adorsys</groupId>
-        <version>0.4.3</version>
+        <version>0.5</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 
@@ -113,6 +113,12 @@
             <version>${project.version}</version>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>de.adorsys</groupId>
+            <artifactId>datasafe-storage-impl-s3</artifactId>
+            <version>${project.version}</version>
+            <scope>test</scope>
+        </dependency>
         <dependency>
             <groupId>de.adorsys</groupId>
             <artifactId>datasafe-storage-impl-db</artifactId>

datasafe-business/src/main/java/de/adorsys/datasafe/business/impl/directory/DefaultCredentialsModule.java

@@ -6,9 +6,10 @@
 import dagger.Module;
 import dagger.Provides;
 import de.adorsys.datasafe.directory.api.profile.dfs.BucketAccessService;
-import de.adorsys.datasafe.directory.api.profile.keys.KeyStoreOperations;
+import de.adorsys.datasafe.directory.api.profile.keys.DocumentKeyStoreOperations;
 import de.adorsys.datasafe.directory.api.profile.keys.PrivateKeyService;
 import de.adorsys.datasafe.directory.api.profile.keys.PublicKeyService;
+import de.adorsys.datasafe.directory.api.profile.keys.StorageKeyStoreOperations;
 import de.adorsys.datasafe.directory.impl.profile.dfs.BucketAccessServiceImplRuntimeDelegatable;
 import de.adorsys.datasafe.directory.impl.profile.keys.*;
 import de.adorsys.datasafe.encrypiton.api.types.UserID;
@@ -29,24 +30,32 @@
 public abstract class DefaultCredentialsModule {
 
     /**
-     * Default keystore and public key Guava-based cache.
+     * Default keystore and public key Guava-based cache. If one can't afford that some instances
+     * may not see that storage access credentials were removed (for some time window they will be available)
+     * or keystore password has changed, they can use any distributed cache available. But for most use cases
+     * it is ok.
      */
     @Provides
     @Singleton
     static KeyStoreCache keyStoreCache(@Nullable OverridesRegistry registry) {
+
         Supplier<Cache<UserID, KeyStore>> cacheKeystore = () -> CacheBuilder.newBuilder()
                 .initialCapacity(1000)
+                // for this interval removed storage access key/changed keystore might not be seen
                 .expireAfterWrite(15, TimeUnit.MINUTES)
                 .build();
 
-        // These are actually static, so no need to expire them right now
+        // These are actually static, so we can afford longer expiry time
         Supplier<Cache<UserID, List<PublicKeyIDWithPublicKey>>> cachePubKeys = () -> CacheBuilder.newBuilder()
                 .initialCapacity(1000)
+                .expireAfterWrite(60, TimeUnit.MINUTES)
                 .build();
 
         return new DefaultKeyStoreCacheRuntimeDelegatable(
                 registry,
                 cachePubKeys.get().asMap(),
+                cacheKeystore.get().asMap(),
+                // it will generate new instance here
                 cacheKeystore.get().asMap()
         );
     }
@@ -64,10 +73,16 @@ static KeyStoreCache keyStoreCache(@Nullable OverridesRegistry registry) {
     abstract PublicKeyService publicKeyService(DFSPublicKeyServiceImplRuntimeDelegatable impl);
 
     /**
-     * Keystore operations class that hides keystore access from other components.
+     * Keystore(document) operations class that hides keystore access from other components.
+     */
+    @Binds
+    abstract DocumentKeyStoreOperations docKeyStoreOperations(DocumentKeyStoreOperationsImplRuntimeDelegatable impl);
+
+    /**
+     * Keystore(storage credentials) operations class that hides keystore access from other components.
      */
     @Binds
-    abstract KeyStoreOperations keyStoreOperations(KeyStoreOperationsImplRuntimeDelegatable impl);
+    abstract StorageKeyStoreOperations storageKeyStoreOperations(StorageKeyStoreOperationsImplRuntimeDelegatable impl);
 
     /**
      * Default private key service that reads user private/secret keys from the location specified by his

datasafe-business/src/main/java/de/adorsys/datasafe/business/impl/directory/DefaultProfileModule.java

@@ -9,6 +9,7 @@
 import de.adorsys.datasafe.directory.api.profile.operations.ProfileRegistrationService;
 import de.adorsys.datasafe.directory.api.profile.operations.ProfileRemovalService;
 import de.adorsys.datasafe.directory.api.profile.operations.ProfileRetrievalService;
+import de.adorsys.datasafe.directory.api.profile.operations.ProfileUpdatingService;
 import de.adorsys.datasafe.directory.api.resource.ResourceResolver;
 import de.adorsys.datasafe.directory.api.types.UserPrivateProfile;
 import de.adorsys.datasafe.directory.api.types.UserPublicProfile;
@@ -18,12 +19,14 @@
 import de.adorsys.datasafe.directory.impl.profile.operations.actions.ProfileRegistrationServiceImplRuntimeDelegatable;
 import de.adorsys.datasafe.directory.impl.profile.operations.actions.ProfileRemovalServiceImplRuntimeDelegatable;
 import de.adorsys.datasafe.directory.impl.profile.operations.actions.ProfileRetrievalServiceImplRuntimeDelegatable;
+import de.adorsys.datasafe.directory.impl.profile.operations.actions.ProfileUpdatingServiceImplRuntimeDelegatable;
 import de.adorsys.datasafe.directory.impl.profile.resource.ResourceResolverImplRuntimeDelegatable;
 import de.adorsys.datasafe.encrypiton.api.types.UserID;
 import de.adorsys.datasafe.types.api.context.overrides.OverridesRegistry;
 
 import javax.annotation.Nullable;
 import javax.inject.Singleton;
+import java.util.concurrent.TimeUnit;
 
 /**
  * This module is responsible for providing user profiles - his inbox, private storage, etc. locations.
@@ -39,9 +42,12 @@ public abstract class DefaultProfileModule {
     static UserProfileCache userProfileCache(@Nullable OverridesRegistry registry) {
         Cache<UserID, UserPublicProfile> publicProfileCache = CacheBuilder.newBuilder()
                 .initialCapacity(1000)
+                .expireAfterWrite(15, TimeUnit.MINUTES)
                 .build();
+
         Cache<UserID, UserPrivateProfile> privateProfileCache = CacheBuilder.newBuilder()
                 .initialCapacity(1000)
+                .expireAfterWrite(15, TimeUnit.MINUTES)
                 .build();
 
         return new DefaultUserProfileCacheRuntimeDelegatable(
@@ -63,6 +69,12 @@ static UserProfileCache userProfileCache(@Nullable OverridesRegistry registry) {
     @Binds
     abstract ProfileRegistrationService creationService(ProfileRegistrationServiceImplRuntimeDelegatable impl);
 
+    /**
+     * Default profile removal service.
+     */
+    @Binds
+    abstract ProfileUpdatingService updatingService(ProfileUpdatingServiceImplRuntimeDelegatable impl);
+
     /**
      * Default profile removal service.
      */

datasafe-business/src/main/java/de/adorsys/datasafe/business/impl/keystore/DefaultKeyStoreModule.java

@@ -4,8 +4,10 @@
 import dagger.Module;
 import de.adorsys.datasafe.encrypiton.api.keystore.KeyStoreService;
 import de.adorsys.datasafe.encrypiton.api.keystore.PublicKeySerde;
+import de.adorsys.datasafe.encrypiton.impl.keystore.DefaultPasswordBasedKeyConfigRuntimeDelegatable;
 import de.adorsys.datasafe.encrypiton.impl.keystore.KeyStoreServiceImplRuntimeDelegatable;
 import de.adorsys.datasafe.encrypiton.impl.keystore.PublicKeySerdeImplRuntimeDelegatable;
+import de.adorsys.datasafe.encrypiton.impl.keystore.types.PasswordBasedKeyConfig;
 
 /**
  * This module provides keystore management operations.
@@ -24,4 +26,7 @@ public abstract class DefaultKeyStoreModule {
      */
     @Binds
     public abstract KeyStoreService keyStoreService(KeyStoreServiceImplRuntimeDelegatable impl);
+
+    @Binds
+    public abstract PasswordBasedKeyConfig passwordBasedKeyConfig(DefaultPasswordBasedKeyConfigRuntimeDelegatable impl);
 }

datasafe-business/src/test/java/de/adorsys/datasafe/business/impl/e2e/BaseE2ETest.java

@@ -7,6 +7,7 @@
 import de.adorsys.datasafe.directory.api.profile.operations.ProfileRegistrationService;
 import de.adorsys.datasafe.directory.api.profile.operations.ProfileRemovalService;
 import de.adorsys.datasafe.directory.api.profile.operations.ProfileRetrievalService;
+import de.adorsys.datasafe.directory.api.profile.operations.ProfileUpdatingService;
 import de.adorsys.datasafe.encrypiton.api.types.UserID;
 import de.adorsys.datasafe.encrypiton.api.types.UserIDAuth;
 import de.adorsys.datasafe.encrypiton.api.types.keystore.ReadKeyPassword;
@@ -65,6 +66,7 @@ public abstract class BaseE2ETest extends WithStorageProvider {
     protected WriteToInbox writeToInbox;
     protected RemoveFromInbox removeFromInbox;
     protected ProfileRegistrationService profileRegistrationService;
+    protected ProfileUpdatingService profileUpdatingService;
     protected ProfileRemovalService profileRemovalService;
     protected ProfileRetrievalService profileRetrievalService;
 
@@ -84,6 +86,7 @@ protected void initialize(DFSConfig dfsConfig, DefaultDatasafeServices datasafeS
         this.profileRegistrationService = datasafeServices.userProfile();
         this.profileRemovalService = datasafeServices.userProfile();
         this.profileRetrievalService = datasafeServices.userProfile();
+        this.profileUpdatingService = datasafeServices.userProfile();
     }
 
     protected void initialize(DFSConfig dfsConfig, VersionedDatasafeServices datasafeServices) {
@@ -99,6 +102,7 @@ protected void initialize(DFSConfig dfsConfig, VersionedDatasafeServices datasaf
         this.profileRegistrationService = datasafeServices.userProfile();
         this.profileRemovalService = datasafeServices.userProfile();
         this.profileRetrievalService = datasafeServices.userProfile();
+        this.profileUpdatingService = datasafeServices.userProfile();
     }
 
     @SneakyThrows
@@ -195,10 +199,7 @@ protected void removeFromInbox(UserIDAuth inboxOwner, PrivateResource location)
 
     protected UserIDAuth registerUser(String userName) {
         UserIDAuth auth = new UserIDAuth(new UserID(userName), new ReadKeyPassword("secure-password " + userName));
-
-        profileRegistrationService.registerPublic(dfsConfig.defaultPublicTemplate(auth));
-        profileRegistrationService.registerPrivate(dfsConfig.defaultPrivateTemplate(auth));
-
+        profileRegistrationService.registerUsingDefaults(auth);
         log.info("Created user: {}", Obfuscate.secure(userName));
         return auth;
     }

datasafe-business/src/test/java/de/adorsys/datasafe/business/impl/e2e/BasicFunctionalityTest.java

@@ -31,7 +31,6 @@
 @Slf4j
 class BasicFunctionalityTest extends BaseE2ETest {
 
-
     private StorageService storage;
     private Uri location;
 

datasafe-business/src/test/java/de/adorsys/datasafe/business/impl/e2e/BasicFunctionalityWithPasswordChangeTest.java

@@ -197,7 +197,7 @@ private void multishareFiles(UserIDAuth userOne, UserIDAuth userTwo, UserIDAuth
     private UserIDAuth checkUpdatedCredsWorkAndOldDont(UserIDAuth auth,
                                                        ReadKeyPassword newPassword,
                                                        Consumer<UserIDAuth> withAuth) {
-        profileRegistrationService.updateReadKeyPassword(auth, newPassword);
+        profileUpdatingService.updateReadKeyPassword(auth, newPassword);
         assertThrows(UnrecoverableKeyException.class, () -> withAuth.accept(auth));
         UserIDAuth newAuth = new UserIDAuth(auth.getUserID(), newPassword);
         withAuth.accept(newAuth);

datasafe-business/src/test/java/de/adorsys/datasafe/business/impl/e2e/KeystoreE2ETest.java

@@ -3,6 +3,7 @@
 import de.adorsys.datasafe.business.impl.service.DefaultDatasafeServices;
 import de.adorsys.datasafe.encrypiton.api.types.UserIDAuth;
 import de.adorsys.datasafe.encrypiton.api.types.keystore.ReadStorePassword;
+import de.adorsys.datasafe.encrypiton.impl.keystore.DefaultPasswordBasedKeyConfig;
 import de.adorsys.datasafe.encrypiton.impl.keystore.KeyStoreServiceImpl;
 import de.adorsys.datasafe.storage.impl.fs.FileSystemStorageService;
 import de.adorsys.datasafe.types.api.resource.Uri;
@@ -49,7 +50,7 @@ void testDefaultKeystoreHasProperKeys() {
         URI keystorePath = datasafeServices.userProfile().privateProfile(auth)
                 .getKeystore().location().asURI();
 
-        KeyStoreServiceImpl keyStoreService = new KeyStoreServiceImpl();
+        KeyStoreServiceImpl keyStoreService = new KeyStoreServiceImpl(new DefaultPasswordBasedKeyConfig());
         KeyStore keyStore = keyStoreService.deserialize(
                 Files.readAllBytes(Paths.get(keystorePath)),
                 "ID",