diff --git a/jenkinsfiles/tests-soapui.Jenkinsfile b/jenkinsfiles/tests-soapui.Jenkinsfile
index 850b1e5320db549f207b8cac53929547739588b6..061fefd2a22e5384597846608dc5b03365520d24 100644
--- a/jenkinsfiles/tests-soapui.Jenkinsfile
+++ b/jenkinsfiles/tests-soapui.Jenkinsfile
@@ -15,6 +15,8 @@ pipeline {
string(name: 'BASE_URL_INSPIRE_PLU', defaultValue: "https://xplanbox.lat-lon.de", description: 'Set base URL of INSPIRE PLU')
string(name: 'BASE_URL_MAPSERVER', defaultValue: "https://xplanbox.lat-lon.de", description: 'Set base URL of MapServer')
string(name: 'BASE_URL_MAPPROXY', defaultValue: "https://xplanbox.lat-lon.de", description: 'Set base URL of MapProxy')
+ string(name: 'JWT_URL', description: 'URL to retrieve a JSON Web Token')
+ string(name: 'JWT_CLIENTID', defaultValue: "xplanbox-api", description: 'ID of the Client configured in Keycloak')
string(name: 'SLACK_CHANNEL', defaultValue: "#installationen", description: 'Set slack channel')
string(name: 'SLACK_TESTED_ENVIRONMENT', defaultValue: "https://xplanbox.lat-lon.de/", description: 'Set name of test environment which shall be printed in slack messages')
string(name: 'SLACK_TEAM_DOMAIN', defaultValue: "xplanbox", description: 'Set slack team domain')
@@ -33,6 +35,7 @@ pipeline {
]) {
sh 'mvn test -pl :xplan-tests-soapui -Psystem-tests -DtestFileName=xplan-manager-api-soapui-project.xml \
-DbaseUrlManagerApi=${BASE_URL_MANAGER_API} -Dusername=$Username -Dpassword=$Password \
+ -DjwtUrl=$JWT_URL -DjwtClientId=$JWT_CLIENTID \
-DbaseUrlServices=${BASE_URL_DIENSTE} '
}
}
@@ -43,7 +46,8 @@ pipeline {
usernamePassword(credentialsId:"${CREDENTIALS_ID}", passwordVariable: 'Password', usernameVariable: 'Username')
]) {
sh 'mvn test -pl :xplan-tests-soapui -Psystem-tests -DtestFileName=xplan-validator-api-soapui-project.xml \
- -DbaseUrlValidatorApi=${BASE_URL_VALIDATOR_API} -Dusername=$Username -Dpassword=$Password'
+ -DbaseUrlValidatorApi=${BASE_URL_VALIDATOR_API} -Dusername=$Username -Dpassword=$Password \
+ -DjwtUrl=$JWT_URL -DjwtClientId=$JWT_CLIENTID'
}
}
}
@@ -54,7 +58,8 @@ pipeline {
]) {
sh 'mvn test -pl :xplan-tests-soapui -Psystem-tests -DtestFileName=xplan-dokumente-api-soapui-project.xml \
-DbaseUrlManagerApi=${BASE_URL_MANAGER_API} -DusernameManagerApi=$Username -DpasswordManagerApi=$Password \
- -DbaseUrlDokumenteApi=${BASE_URL_DOKUMENTE_API} -DusernameDokumenteApi=$Username -DpasswordDokumenteApi=$Password'
+ -DbaseUrlDokumenteApi=${BASE_URL_DOKUMENTE_API} -DusernameDokumenteApi=$Username -DpasswordDokumenteApi=$Password \
+ -DjwtUrl=$JWT_URL -DjwtClientId=$JWT_CLIENTID'
}
}
}
@@ -69,7 +74,8 @@ pipeline {
-DbaseUrlManagerApi=${BASE_URL_MANAGER_API} -DusernameManagerApi=$Username -DpasswordManagerApi=$Password \
-DbaseUrlMapServer=${BASE_URL_MAPSERVER} -DusernameMapServer=$Username -DpasswordMapServer=$Password \
-DbaseUrlMapProxy=${BASE_URL_MAPPROXY} -DusernameMapProxy=$Username -DpasswordMapProxy=$Password \
- -DapiKey=${SERVICES_API_KEY}'
+ -DapiKey=${SERVICES_API_KEY} \
+ -DjwtUrl=$JWT_URL -DjwtClientId=$JWT_CLIENTID'
}
}
}
diff --git a/pom.xml b/pom.xml
index 1b13682ecf8288f878e3137f523a3f53fc766569..4c9371a70c38d34794a5a4c45a65ff1e515f82fa 100644
--- a/pom.xml
+++ b/pom.xml
@@ -19,7 +19,7 @@
<maven.version>3.9.0</maven.version>
<!-- version properties -->
<deegree3.version>3.6.0-SNAPSHOT</deegree3.version>
- <xplanung.regeln.version>1.1.9</xplanung.regeln.version>
+ <xplanung.regeln.version>1.1.10-SNAPSHOT</xplanung.regeln.version>
<xplanung.regeln.berlin.version>0.4</xplanung.regeln.berlin.version>
<xplanung.regeln.brandenburg.version>0.2</xplanung.regeln.brandenburg.version>
<gwt.version>2.12.1</gwt.version>
@@ -1097,6 +1097,11 @@
<artifactId>xplan-core-raster</artifactId>
<version>${project.version}</version>
</dependency>
+ <dependency>
+ <groupId>${project.groupId}</groupId>
+ <artifactId>xplan-core-security</artifactId>
+ <version>${project.version}</version>
+ </dependency>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>xplan-core-schemas</artifactId>
diff --git a/xplan-core/xplan-core-api/src/main/java/de/latlon/xplanbox/api/commons/exception/ConstraintViolationExceptionMapper.java b/xplan-core/xplan-core-api/src/main/java/de/latlon/xplanbox/api/commons/exception/ConstraintViolationExceptionMapper.java
index 5e2d4cb8408d7ddc31b5c1c428979d6279924dce..9b566009313b621a1f6e5e297b18e52c69e9a34a 100644
--- a/xplan-core/xplan-core-api/src/main/java/de/latlon/xplanbox/api/commons/exception/ConstraintViolationExceptionMapper.java
+++ b/xplan-core/xplan-core-api/src/main/java/de/latlon/xplanbox/api/commons/exception/ConstraintViolationExceptionMapper.java
@@ -20,13 +20,13 @@
*/
package de.latlon.xplanbox.api.commons.exception;
+import static jakarta.ws.rs.core.Response.Status.BAD_REQUEST;
+
import jakarta.validation.ConstraintViolationException;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.ext.ExceptionMapper;
import jakarta.ws.rs.ext.Provider;
-import static de.latlon.xplanbox.api.commons.exception.StatusCodes.UNPROCESSABLE_CONTENT;
-
/**
* @author <a href="mailto:goltz@lat-lon.de">Lyn Goltz </a>
* @since 7.0
@@ -36,7 +36,7 @@ public class ConstraintViolationExceptionMapper implements ExceptionMapper<Const
@Override
public Response toResponse(ConstraintViolationException exception) {
- return Response.status(UNPROCESSABLE_CONTENT).entity(exception.getMessage()).build();
+ return Response.status(BAD_REQUEST).entity(exception.getMessage()).build();
}
}
diff --git a/xplan-core/xplan-core-api/src/main/java/de/latlon/xplanbox/api/commons/exception/InvalidXPlanGmlOrArchive.java b/xplan-core/xplan-core-api/src/main/java/de/latlon/xplanbox/api/commons/exception/InvalidXPlanGmlOrArchive.java
index 47a90f9480074d34ec569a8f6cc3cbf7ad469ba1..76627c8f04a8eeafc96c37616e0492ec5520631e 100644
--- a/xplan-core/xplan-core-api/src/main/java/de/latlon/xplanbox/api/commons/exception/InvalidXPlanGmlOrArchive.java
+++ b/xplan-core/xplan-core-api/src/main/java/de/latlon/xplanbox/api/commons/exception/InvalidXPlanGmlOrArchive.java
@@ -20,7 +20,7 @@
*/
package de.latlon.xplanbox.api.commons.exception;
-import static de.latlon.xplanbox.api.commons.exception.StatusCodes.UNPROCESSABLE_CONTENT;
+import static jakarta.ws.rs.core.Response.Status.BAD_REQUEST;
/**
* @author <a href="mailto:goltz@lat-lon.de">Lyn Goltz </a>
@@ -33,7 +33,7 @@ public class InvalidXPlanGmlOrArchive extends XPlanApiException {
@Override
public int getStatusCode() {
- return UNPROCESSABLE_CONTENT;
+ return BAD_REQUEST.getStatusCode();
}
}
diff --git a/xplan-core/xplan-core-security/pom.xml b/xplan-core/xplan-core-security/pom.xml
index c402ddbcd27baaeb163ae5a7722c38e605edfffa..d2391cfb8db2795f6a484fef4a00648033132bdc 100644
--- a/xplan-core/xplan-core-security/pom.xml
+++ b/xplan-core/xplan-core-security/pom.xml
@@ -19,6 +19,10 @@
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
+ </dependency>
<dependency>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-annotations</artifactId>
@@ -40,6 +44,12 @@
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>io.swagger.core.v3</groupId>
+ <artifactId>swagger-models-jakarta</artifactId>
+ <version>2.2.25</version>
+ <scope>compile</scope>
+ </dependency>
</dependencies>
</project>
diff --git a/xplan-core/xplan-core-security/src/main/java/de/latlon/xplanbox/security/config/OAuth2JwtContext.java b/xplan-core/xplan-core-security/src/main/java/de/latlon/xplanbox/security/config/OAuth2JwtContext.java
new file mode 100644
index 0000000000000000000000000000000000000000..0baa23f90259ac4d709e25384261fa4e0d831e80
--- /dev/null
+++ b/xplan-core/xplan-core-security/src/main/java/de/latlon/xplanbox/security/config/OAuth2JwtContext.java
@@ -0,0 +1,62 @@
+/*-
+ * #%L
+ * xplan-core-security - Modul zur Gruppierung der Kernmodule
+ * %%
+ * Copyright (C) 2008 - 2024 Freie und Hansestadt Hamburg, developed by lat/lon gesellschaft für raumbezogene Informationssysteme mbH
+ * %%
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ * #L%
+ */
+package de.latlon.xplanbox.security.config;
+
+import de.latlon.xplanbox.security.openapi.BearerSecurityOpenApiWriter;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.Customizer;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.web.SecurityFilterChain;
+
+/**
+ * @author <a href="mailto:goltz@lat-lon.de">Lyn Goltz </a>
+ * @since 8.0
+ */
+@EnableWebSecurity
+@Configuration
+@Profile("enableOAuth2JWT")
+public class OAuth2JwtContext {
+
+ private static final Logger LOG = LoggerFactory.getLogger(OAuth2JwtContext.class);
+
+ @Bean
+ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+ LOG.info("Configure security.");
+ http.authorizeHttpRequests(authorize -> authorize
+ .requestMatchers("/xmanager/api/v1", "/xvalidator/api/v1", "/xdokumente/api/v1", "/api/v2", "/actuator/**",
+ "/internal/api/traceInfo")
+ .permitAll()
+ .anyRequest()
+ .authenticated()).oauth2ResourceServer((oauth2) -> oauth2.jwt(Customizer.withDefaults()));
+ return http.build();
+ }
+
+ @Bean
+ public BearerSecurityOpenApiWriter bearerSecurityOpenApi() {
+ return new BearerSecurityOpenApiWriter();
+ }
+
+}
diff --git a/xplan-core/xplan-core-security/src/main/java/de/latlon/xplanbox/security/openapi/BearerSecurityOpenApiWriter.java b/xplan-core/xplan-core-security/src/main/java/de/latlon/xplanbox/security/openapi/BearerSecurityOpenApiWriter.java
new file mode 100644
index 0000000000000000000000000000000000000000..650839c53c9dfce08e99adc411a393a0544ff8af
--- /dev/null
+++ b/xplan-core/xplan-core-security/src/main/java/de/latlon/xplanbox/security/openapi/BearerSecurityOpenApiWriter.java
@@ -0,0 +1,33 @@
+package de.latlon.xplanbox.security.openapi;
+
+import static io.swagger.v3.oas.models.security.SecurityScheme.Type.HTTP;
+
+import io.swagger.v3.oas.models.Components;
+import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.security.SecurityRequirement;
+import io.swagger.v3.oas.models.security.SecurityScheme;
+
+/**
+ * @author <a href="mailto:goltz@lat-lon.de">Lyn Goltz </a>
+ */
+public class BearerSecurityOpenApiWriter {
+
+ static final String SECURITY_KEY_BEARER = "Bearer";
+
+ public void addSecurity(OpenAPI openApi) {
+ SecurityRequirement securityItem = new SecurityRequirement().addList(SECURITY_KEY_BEARER);
+ openApi.addSecurityItem(securityItem);
+ SecurityScheme securityScheme = new SecurityScheme().name(SECURITY_KEY_BEARER)
+ .type(HTTP)
+ .scheme("bearer")
+ .bearerFormat("JWT");
+ getComponents(openApi).addSecuritySchemes(SECURITY_KEY_BEARER, securityScheme);
+ }
+
+ private Components getComponents(OpenAPI openApi) {
+ if (openApi.getComponents() == null)
+ openApi.components(new Components());
+ return openApi.getComponents();
+ }
+
+}
diff --git a/xplan-core/xplan-core-security/src/main/resources/application-enableOAuth2JWT.properties b/xplan-core/xplan-core-security/src/main/resources/application-enableOAuth2JWT.properties
new file mode 100644
index 0000000000000000000000000000000000000000..a7651bd587d2cb98f8e1b6b424c64fed789d992d
--- /dev/null
+++ b/xplan-core/xplan-core-security/src/main/resources/application-enableOAuth2JWT.properties
@@ -0,0 +1,21 @@
+###
+# #%L
+# xplan-manager-api - Modul zur Gruppierung der REST-API
+# %%
+# Copyright (C) 2008 - 2024 Freie und Hansestadt Hamburg, developed by lat/lon gesellschaft für raumbezogene Informationssysteme mbH
+# %%
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+# #L%
+###
+spring.security.oauth2.resourceserver.jwt.jwk-set-uri=${XPLAN_OAUTH2_JWT_URL:}
\ No newline at end of file
diff --git a/xplan-core/xplan-core-security/src/test/java/de/latlon/xplanbox/security/config/OAuth2JwtContextTest.java b/xplan-core/xplan-core-security/src/test/java/de/latlon/xplanbox/security/config/OAuth2JwtContextTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..234aa537882077b65c5ff375ad262a4d3ce6b5d9
--- /dev/null
+++ b/xplan-core/xplan-core-security/src/test/java/de/latlon/xplanbox/security/config/OAuth2JwtContextTest.java
@@ -0,0 +1,40 @@
+/*-
+ * #%L
+ * xplan-core-security - Modul zur Gruppierung der Kernmodule
+ * %%
+ * Copyright (C) 2008 - 2024 Freie und Hansestadt Hamburg, developed by lat/lon gesellschaft für raumbezogene Informationssysteme mbH
+ * %%
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ * #L%
+ */
+package de.latlon.xplanbox.security.config;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.ContextConfiguration;
+
+/**
+ * @author <a href="mailto:goltz@lat-lon.de">Lyn Goltz </a>
+ * @since 8.0
+ */
+@SpringBootTest
+@ContextConfiguration(classes = OAuth2JwtContext.class)
+public class OAuth2JwtContextTest {
+
+ @Test
+ public void contextLoad() {
+
+ }
+
+}
diff --git a/xplan-core/xplan-core-security/src/test/java/de/latlon/xplanbox/security/openapi/BearerSecurityOpenApiWriterTest.java b/xplan-core/xplan-core-security/src/test/java/de/latlon/xplanbox/security/openapi/BearerSecurityOpenApiWriterTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..a1462e711327905f95241700e3f817233032c080
--- /dev/null
+++ b/xplan-core/xplan-core-security/src/test/java/de/latlon/xplanbox/security/openapi/BearerSecurityOpenApiWriterTest.java
@@ -0,0 +1,39 @@
+package de.latlon.xplanbox.security.openapi;
+
+import static de.latlon.xplanbox.security.openapi.BearerSecurityOpenApiWriter.SECURITY_KEY_BEARER;
+import static io.swagger.v3.oas.models.security.SecurityScheme.Type.HTTP;
+import static org.assertj.core.api.Assertions.assertThat;
+
+import java.util.List;
+import java.util.Map;
+
+import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.security.SecurityRequirement;
+import io.swagger.v3.oas.models.security.SecurityScheme;
+import org.junit.jupiter.api.Test;
+
+/**
+ * @author <a href="mailto:goltz@lat-lon.de">Lyn Goltz </a>
+ */
+public class BearerSecurityOpenApiWriterTest {
+
+ private final BearerSecurityOpenApiWriter bearerSecurityOpenApiWriter = new BearerSecurityOpenApiWriter();
+
+ @Test
+ void testAddSecurity() {
+ OpenAPI openAPI = new OpenAPI();
+ bearerSecurityOpenApiWriter.addSecurity(openAPI);
+
+ List<SecurityRequirement> securityRequirements = openAPI.getSecurity();
+ assertThat(securityRequirements.size()).isEqualTo(1);
+ assertThat(securityRequirements.get(0).containsKey(SECURITY_KEY_BEARER)).isTrue();
+
+ Map<String, SecurityScheme> securitySchemes = openAPI.getComponents().getSecuritySchemes();
+ assertThat(securitySchemes.size()).isEqualTo(1);
+ assertThat(securitySchemes.get(SECURITY_KEY_BEARER).getType()).isEqualTo(HTTP);
+ assertThat(securitySchemes.get(SECURITY_KEY_BEARER).getScheme()).isEqualTo("bearer");
+ assertThat(securitySchemes.get(SECURITY_KEY_BEARER).getBearerFormat()).isEqualTo("JWT");
+
+ }
+
+}
diff --git a/xplan-database/xplan-database-scripts/.trivyignore b/xplan-database/xplan-database-scripts/.trivyignore
new file mode 100644
index 0000000000000000000000000000000000000000..1578d61edc00881c44356aaf1af5e3569b38459f
--- /dev/null
+++ b/xplan-database/xplan-database-scripts/.trivyignore
@@ -0,0 +1 @@
+# no issue to ignore currenty
diff --git a/xplan-dokumente/xplan-dokumente-api/pom.xml b/xplan-dokumente/xplan-dokumente-api/pom.xml
index 44b534a23153213d6975a9a05b705670c1f3dcde..b27a491f62dbaed6628860bc79145a11abfb8a84 100755
--- a/xplan-dokumente/xplan-dokumente-api/pom.xml
+++ b/xplan-dokumente/xplan-dokumente-api/pom.xml
@@ -92,6 +92,10 @@
<groupId>${project.groupId}</groupId>
<artifactId>xplan-core-manager</artifactId>
</dependency>
+ <dependency>
+ <groupId>${project.groupId}</groupId>
+ <artifactId>xplan-core-security</artifactId>
+ </dependency>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>xplan-core-manager-db</artifactId>
@@ -283,7 +287,7 @@
<id>docker</id>
<properties>
<docker-image.skip>false</docker-image.skip>
- <docker-contextTarFile.expectedSizeInMat10pct>105</docker-contextTarFile.expectedSizeInMat10pct>
+ <docker-contextTarFile.expectedSizeInMat10pct>112</docker-contextTarFile.expectedSizeInMat10pct>
</properties>
<dependencies>
<dependency> <!-- faked maven dependency to be after base docker image in the reactor build -->
diff --git a/xplan-dokumente/xplan-dokumente-api/src/main/java/de/latlon/xplanbox/api/dokumente/SpringBootApp.java b/xplan-dokumente/xplan-dokumente-api/src/main/java/de/latlon/xplanbox/api/dokumente/SpringBootApp.java
index b014702398facbd6ac5da11ccf05f313f9489310..fb181b071fad60da55b270f560ddef3c3701c6a6 100644
--- a/xplan-dokumente/xplan-dokumente-api/src/main/java/de/latlon/xplanbox/api/dokumente/SpringBootApp.java
+++ b/xplan-dokumente/xplan-dokumente-api/src/main/java/de/latlon/xplanbox/api/dokumente/SpringBootApp.java
@@ -21,7 +21,10 @@
package de.latlon.xplanbox.api.dokumente;
import org.springframework.boot.SpringApplication;
+import org.springframework.boot.actuate.autoconfigure.security.servlet.ManagementWebSecurityAutoConfiguration;
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
import org.springframework.context.annotation.ComponentScan;
@@ -29,6 +32,7 @@ import org.springframework.context.annotation.ComponentScan;
@SpringBootApplication
@ComponentScan(
basePackages = { "de.latlon.xplanbox.api.dokumente.config", "de.latlon.xplanbox.api.dokumente.internalapi" })
+@EnableAutoConfiguration(exclude = { SecurityAutoConfiguration.class, ManagementWebSecurityAutoConfiguration.class })
public class SpringBootApp extends SpringBootServletInitializer {
public static void main(String[] args) {
diff --git a/xplan-dokumente/xplan-dokumente-api/src/main/java/de/latlon/xplanbox/api/dokumente/config/ApplicationContext.java b/xplan-dokumente/xplan-dokumente-api/src/main/java/de/latlon/xplanbox/api/dokumente/config/ApplicationContext.java
index 87cbbbc9980f69fa0f1a15cecb14c7eefd4204fb..9846a706093046db07334079edce8ae4f13d6b68 100644
--- a/xplan-dokumente/xplan-dokumente-api/src/main/java/de/latlon/xplanbox/api/dokumente/config/ApplicationContext.java
+++ b/xplan-dokumente/xplan-dokumente-api/src/main/java/de/latlon/xplanbox/api/dokumente/config/ApplicationContext.java
@@ -27,17 +27,13 @@ import de.latlon.xplan.core.manager.db.repository.ArtefactRepository;
import de.latlon.xplan.core.manager.db.repository.PlanRepository;
import de.latlon.xplan.core.manager.db.repository.PlanwerkWmsMetadataRepository;
import de.latlon.xplan.manager.web.shared.ConfigurationException;
+import de.latlon.xplanbox.security.config.OAuth2JwtContext;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.jdbc.DataSourceBuilder;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
-import org.springframework.context.annotation.Primary;
-
-import javax.sql.DataSource;
/**
* @author <a href="mailto:goltz@lat-lon.de">Lyn Goltz </a>
@@ -46,7 +42,7 @@ import javax.sql.DataSource;
@Configuration
@ComponentScan(basePackages = { "de.latlon.xplanbox.api.dokumente.handler", "de.latlon.xplanbox.api.dokumente.v1",
"de.latlon.xplanbox.api.dokumente.service" })
-@Import({ JpaContext.class, S3DocumentContext.class })
+@Import({ OAuth2JwtContext.class, JpaContext.class, S3DocumentContext.class })
public class ApplicationContext {
@Autowired
diff --git a/xplan-dokumente/xplan-dokumente-api/src/main/java/de/latlon/xplanbox/api/dokumente/config/JerseyConfig.java b/xplan-dokumente/xplan-dokumente-api/src/main/java/de/latlon/xplanbox/api/dokumente/config/JerseyConfig.java
index 2778a57f6fa742607526d6a5abfde47d1799c44f..474838bf2cefaf49a00dbccb44f764b861a17172 100644
--- a/xplan-dokumente/xplan-dokumente-api/src/main/java/de/latlon/xplanbox/api/dokumente/config/JerseyConfig.java
+++ b/xplan-dokumente/xplan-dokumente-api/src/main/java/de/latlon/xplanbox/api/dokumente/config/JerseyConfig.java
@@ -20,6 +20,14 @@
*/
package de.latlon.xplanbox.api.dokumente.config;
+import static org.slf4j.LoggerFactory.getLogger;
+
+import java.util.Collections;
+import java.util.List;
+import java.util.Optional;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+
import de.latlon.xplanbox.api.commons.ObjectMapperContextResolver;
import de.latlon.xplanbox.api.commons.config.ApiConfiguration;
import de.latlon.xplanbox.api.commons.converter.StringListConverterProvider;
@@ -31,6 +39,7 @@ import de.latlon.xplanbox.api.commons.openapi.OpenApiFilter;
import de.latlon.xplanbox.api.dokumente.v1.DefaultApi;
import de.latlon.xplanbox.api.dokumente.v1.DokumentApi;
import de.latlon.xplanbox.api.dokumente.v1.InfoApi;
+import de.latlon.xplanbox.security.openapi.BearerSecurityOpenApiWriter;
import io.swagger.v3.oas.integration.SwaggerConfiguration;
import io.swagger.v3.oas.models.ExternalDocumentation;
import io.swagger.v3.oas.models.OpenAPI;
@@ -39,21 +48,14 @@ import io.swagger.v3.oas.models.info.Info;
import io.swagger.v3.oas.models.info.License;
import io.swagger.v3.oas.models.servers.Server;
import io.swagger.v3.oas.models.tags.Tag;
+import jakarta.servlet.ServletContext;
+import jakarta.ws.rs.ApplicationPath;
+import jakarta.ws.rs.core.Context;
import org.glassfish.jersey.server.ResourceConfig;
import org.glassfish.jersey.server.ServerProperties;
import org.slf4j.Logger;
import org.springframework.context.annotation.Configuration;
-import jakarta.servlet.ServletContext;
-import jakarta.ws.rs.ApplicationPath;
-import jakarta.ws.rs.core.Context;
-import java.util.Collections;
-import java.util.List;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
-
-import static org.slf4j.LoggerFactory.getLogger;
-
/**
* Application configuration for XPlanDokumenten REST API. Example mapping for proxy
* mapping: http://xplanbox.lat-lon.de/xdokumente/api/v1/ ->
@@ -72,7 +74,8 @@ public class JerseyConfig extends ResourceConfig {
private static final String APP_PATH = "xdokumente/api/v1";
- public JerseyConfig(@Context ServletContext servletContext, DokumenteApiConfiguration apiConfiguration) {
+ public JerseyConfig(@Context ServletContext servletContext, DokumenteApiConfiguration apiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter) {
property(ServerProperties.WADL_FEATURE_DISABLE, true);
register(new ObjectMapperContextResolver());
@@ -95,6 +98,7 @@ public class JerseyConfig extends ResourceConfig {
openApi.servers(servers(servletContext, apiConfiguration));
Tag tag = createTag(apiConfiguration);
openApi.tags(Collections.singletonList(tag));
+ bearerSecurityOpenApiWriter.ifPresent(apiSecurity -> apiSecurity.addSecurity(openApi));
DefaultApi openApiResource = new DefaultApi();
SwaggerConfiguration oasConfig = new SwaggerConfiguration().openAPI(openApi)
diff --git a/xplan-gateway/.trivyignore b/xplan-gateway/.trivyignore
new file mode 100644
index 0000000000000000000000000000000000000000..1578d61edc00881c44356aaf1af5e3569b38459f
--- /dev/null
+++ b/xplan-gateway/.trivyignore
@@ -0,0 +1 @@
+# no issue to ignore currenty
diff --git a/xplan-manager/xplan-manager-api/pom.xml b/xplan-manager/xplan-manager-api/pom.xml
index 0e3712ac3f23cdac8ea029c59716e703ee2e8933..975b5f3a1211bdf5852f722db16c20ecd1625b77 100644
--- a/xplan-manager/xplan-manager-api/pom.xml
+++ b/xplan-manager/xplan-manager-api/pom.xml
@@ -94,9 +94,8 @@
<artifactId>xplan-core-api</artifactId>
</dependency>
<dependency>
- <groupId>de.latlon.product.xplanbox</groupId>
+ <groupId>${project.groupId}</groupId>
<artifactId>xplan-core-security</artifactId>
- <version>${project.version}</version>
</dependency>
<dependency>
<groupId>de.latlon.product.xplanbox</groupId>
@@ -349,7 +348,7 @@
<id>docker</id>
<properties>
<docker-image.skip>false</docker-image.skip>
- <docker-contextTarFile.expectedSizeInMat10pct>108</docker-contextTarFile.expectedSizeInMat10pct>
+ <docker-contextTarFile.expectedSizeInMat10pct>119</docker-contextTarFile.expectedSizeInMat10pct>
</properties>
<dependencies>
<dependency> <!-- faked maven dependency to be after base docker image in the reactor build -->
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/SpringBootApp.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/SpringBootApp.java
index 6868ebe7df78dbfb36a3f5e77f848d570b044b72..ce029f21e3646157c2b591d4a466b21a24b42d0b 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/SpringBootApp.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/SpringBootApp.java
@@ -20,9 +20,12 @@
*/
package de.latlon.xplanbox.api.manager;
+import java.util.Optional;
+
import de.latlon.xplanbox.api.manager.config.ManagerApiConfiguration;
import de.latlon.xplanbox.api.manager.openapi.v1.ApiV1Config;
import de.latlon.xplanbox.api.manager.openapi.v2.ApiV2Config;
+import de.latlon.xplanbox.security.openapi.BearerSecurityOpenApiWriter;
import jakarta.servlet.ServletContext;
import jakarta.ws.rs.core.Context;
import org.glassfish.jersey.servlet.ServletContainer;
@@ -64,9 +67,12 @@ public class SpringBootApp extends SpringBootServletInitializer {
@Bean
public ServletRegistrationBean v1config(@Context ServletContext servletContext,
- ManagerApiConfiguration managerApiConfiguration) {
+ ManagerApiConfiguration managerApiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter) {
ServletRegistrationBean v1config = new ServletRegistrationBean(
- new ServletContainer(new ApiV1Config(servletContext, managerApiConfiguration)), "/xmanager/api/v1/*");
+ new ServletContainer(
+ new ApiV1Config(servletContext, managerApiConfiguration, bearerSecurityOpenApiWriter)),
+ "/xmanager/api/v1/*");
v1config.addInitParameter(ServletProperties.JAXRS_APPLICATION_CLASS, ApiV1Config.class.getName());
v1config.setName(ApiV1Config.class.getName());
v1config.setLoadOnStartup(1);
@@ -75,9 +81,12 @@ public class SpringBootApp extends SpringBootServletInitializer {
@Bean
public ServletRegistrationBean v2config(@Context ServletContext servletContext,
- ManagerApiConfiguration managerApiConfiguration) {
+ ManagerApiConfiguration managerApiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter) {
ServletRegistrationBean v2config = new ServletRegistrationBean(
- new ServletContainer(new ApiV2Config(servletContext, managerApiConfiguration)), "/api/v2/*");
+ new ServletContainer(
+ new ApiV2Config(servletContext, managerApiConfiguration, bearerSecurityOpenApiWriter)),
+ "/api/v2/*");
v2config.addInitParameter(ServletProperties.JAXRS_APPLICATION_CLASS, ApiV2Config.class.getName());
v2config.setName(ApiV2Config.class.getName());
v2config.setLoadOnStartup(2);
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/config/ApplicationContext.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/config/ApplicationContext.java
index 432c97c7c9a00643111026b33848976bee0e91b7..70dfb0a52dbdfbb6ce49d4098259fda59c8d0ea4 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/config/ApplicationContext.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/config/ApplicationContext.java
@@ -82,6 +82,7 @@ import de.latlon.xplan.validator.syntactic.SyntacticValidatorImpl;
import de.latlon.xplanbox.api.commons.handler.SystemConfigHandler;
import de.latlon.xplanbox.core.raster.config.RasterEvaluationContext;
import de.latlon.xplanbox.core.raster.evaluation.XPlanRasterEvaluator;
+import de.latlon.xplanbox.security.config.OAuth2JwtContext;
import de.latlon.xplanbox.security.config.SecurityContext;
import de.latlon.xplanbox.validator.storage.config.AmazonS3ValidationContext;
import org.deegree.cs.coordinatesystems.ICRS;
@@ -104,7 +105,7 @@ import org.springframework.core.io.ResourceLoader;
*/
@Configuration
@ComponentScan(basePackages = { "de.latlon.xplanbox.api.manager.handler" })
-@Import({ SecurityContext.class, JpaContext.class, AmazonS3RasterStorageContext.class,
+@Import({ SecurityContext.class, OAuth2JwtContext.class, JpaContext.class, AmazonS3RasterStorageContext.class,
AmazonS3DocumentStorageContext.class, AmazonS3ValidationContext.class, RasterEvaluationContext.class })
public class ApplicationContext {
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/exception/InvalidPlan.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/exception/InvalidPlan.java
index c8ca113b1ec42945645277724a8062c30b606523..790b2e03c18d1b6d20d7101369b098036077732c 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/exception/InvalidPlan.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/exception/InvalidPlan.java
@@ -20,7 +20,7 @@
*/
package de.latlon.xplanbox.api.manager.exception;
-import static jakarta.ws.rs.core.Response.Status.BAD_REQUEST;
+import static de.latlon.xplanbox.api.commons.exception.StatusCodes.UNPROCESSABLE_CONTENT;
import de.latlon.xplanbox.api.commons.exception.XPlanApiException;
import de.latlon.xplanbox.api.commons.v1.model.ValidationReport;
@@ -41,7 +41,7 @@ public class InvalidPlan extends XPlanApiException {
@Override
public int getStatusCode() {
- return BAD_REQUEST.getStatusCode();
+ return UNPROCESSABLE_CONTENT;
}
@Override
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/openapi/AbstractApiConfig.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/openapi/AbstractApiConfig.java
index bbe1fef3bdba65c54d99cb9469bd79eb2edfe59b..0f6d5c72b1a0bfb3f751f1ccb6fbe8a1d27e28ad 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/openapi/AbstractApiConfig.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/openapi/AbstractApiConfig.java
@@ -8,12 +8,12 @@
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
* #L%
@@ -23,6 +23,7 @@ package de.latlon.xplanbox.api.manager.openapi;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
+import java.util.Optional;
import de.latlon.xplanbox.api.commons.ObjectMapperContextResolver;
import de.latlon.xplanbox.api.commons.converter.StringListConverterProvider;
@@ -35,6 +36,7 @@ import de.latlon.xplanbox.api.manager.config.ManagerApiConfiguration;
import de.latlon.xplanbox.api.manager.exception.AmbiguousBereichNummernExceptionMapper;
import de.latlon.xplanbox.api.manager.exception.PlanNotFoundExceptionMapper;
import de.latlon.xplanbox.api.manager.exception.UnsupportedPlanExceptionMapper;
+import de.latlon.xplanbox.security.openapi.BearerSecurityOpenApiWriter;
import io.swagger.v3.jaxrs2.integration.resources.BaseOpenApiResource;
import io.swagger.v3.oas.models.ExternalDocumentation;
import io.swagger.v3.oas.models.OpenAPI;
@@ -57,12 +59,14 @@ import org.glassfish.jersey.server.ServerProperties;
*/
public abstract class AbstractApiConfig extends ResourceConfig {
- public AbstractApiConfig(ServletContext servletContext, ManagerApiConfiguration managerApiConfiguration) {
+ public AbstractApiConfig(ServletContext servletContext, ManagerApiConfiguration managerApiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter) {
property(ServerProperties.WADL_FEATURE_DISABLE, true);
register(new ObjectMapperContextResolver());
- BaseOpenApiResource openApiResource = createDefaultApi(servletContext, managerApiConfiguration);
+ BaseOpenApiResource openApiResource = createDefaultApi(servletContext, managerApiConfiguration,
+ bearerSecurityOpenApiWriter);
register(openApiResource);
register(ConstraintViolationExceptionMapper.class);
@@ -82,17 +86,19 @@ public abstract class AbstractApiConfig extends ResourceConfig {
}
protected abstract BaseOpenApiResource createDefaultApi(ServletContext servletContext,
- ManagerApiConfiguration managerApiConfiguration);
+ ManagerApiConfiguration managerApiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter);
protected abstract void addInfo(OpenAPI openApi, ManagerApiConfiguration managerApiConfiguration);
protected OpenAPI createOpenAPI(ServletContext servletContext, ManagerApiConfiguration managerApiConfiguration,
- String apiPath) {
+ String apiPath, Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter) {
OpenAPI openApi = new OpenAPI();
addInfo(openApi, managerApiConfiguration);
addContact(openApi, managerApiConfiguration);
addServers(openApi, servletContext, managerApiConfiguration, apiPath);
addTags(openApi, managerApiConfiguration);
+ bearerSecurityOpenApiWriter.ifPresent(apiSecurity -> apiSecurity.addSecurity(openApi));
return openApi;
}
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/openapi/v1/ApiV1Config.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/openapi/v1/ApiV1Config.java
index 607bda466dd475f3a9da21294f1a6aff39b0c11c..4bb021cb6a12227b4121ffca9a4c90500119ec2a 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/openapi/v1/ApiV1Config.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/openapi/v1/ApiV1Config.java
@@ -8,12 +8,12 @@
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
* #L%
@@ -22,6 +22,7 @@ package de.latlon.xplanbox.api.manager.openapi.v1;
import static org.slf4j.LoggerFactory.getLogger;
+import java.util.Optional;
import java.util.stream.Collectors;
import java.util.stream.Stream;
@@ -38,6 +39,7 @@ import de.latlon.xplanbox.api.manager.v1.PlanGueltigkeitApi;
import de.latlon.xplanbox.api.manager.v1.PlanRasterbasisApi;
import de.latlon.xplanbox.api.manager.v1.PlanTextApi;
import de.latlon.xplanbox.api.manager.v1.PlansApi;
+import de.latlon.xplanbox.security.openapi.BearerSecurityOpenApiWriter;
import io.swagger.v3.jaxrs2.integration.resources.BaseOpenApiResource;
import io.swagger.v3.oas.integration.SwaggerConfiguration;
import io.swagger.v3.oas.models.OpenAPI;
@@ -67,9 +69,9 @@ public class ApiV1Config extends AbstractApiConfig {
public static final String APP_PATH = "xmanager/api/v1";
- public ApiV1Config(@Context ServletContext servletContext,
- @Context ManagerApiConfiguration managerApiConfiguration) {
- super(servletContext, managerApiConfiguration);
+ public ApiV1Config(@Context ServletContext servletContext, @Context ManagerApiConfiguration managerApiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter) {
+ super(servletContext, managerApiConfiguration, bearerSecurityOpenApiWriter);
register(InfoApi.class);
register(PlanAenderungenApi.class);
register(PlanApi.class);
@@ -85,9 +87,11 @@ public class ApiV1Config extends AbstractApiConfig {
@Override
protected BaseOpenApiResource createDefaultApi(ServletContext servletContext,
- ManagerApiConfiguration managerApiConfiguration) {
+ ManagerApiConfiguration managerApiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter) {
DefaultApi openApiResourceV1 = new DefaultApi();
- OpenAPI v1OpenApi = createOpenAPI(servletContext, managerApiConfiguration, APP_PATH);
+ OpenAPI v1OpenApi = createOpenAPI(servletContext, managerApiConfiguration, APP_PATH,
+ bearerSecurityOpenApiWriter);
SwaggerConfiguration oasConfigV1 = new SwaggerConfiguration().openAPI(v1OpenApi)
.filterClass(ManagerOpenApiFilter.class.getCanonicalName())
.prettyPrint(true)
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/openapi/v2/ApiV2Config.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/openapi/v2/ApiV2Config.java
index 6380019f2ded3a157f7cc3f2f4ba917eb7d5da77..fcadf25682c868fba9db39aa2bbc1d21e2f82a8b 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/openapi/v2/ApiV2Config.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/openapi/v2/ApiV2Config.java
@@ -8,12 +8,12 @@
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
* #L%
@@ -22,6 +22,7 @@ package de.latlon.xplanbox.api.manager.openapi.v2;
import static org.slf4j.LoggerFactory.getLogger;
+import java.util.Optional;
import java.util.stream.Collectors;
import java.util.stream.Stream;
@@ -38,6 +39,7 @@ import de.latlon.xplanbox.api.manager.v2.PlanTextApi2;
import de.latlon.xplanbox.api.manager.v2.PlansApi2;
import de.latlon.xplanbox.api.manager.v2.ReportApi;
import de.latlon.xplanbox.api.manager.v2.StatusApi;
+import de.latlon.xplanbox.security.openapi.BearerSecurityOpenApiWriter;
import io.swagger.v3.jaxrs2.integration.resources.BaseOpenApiResource;
import io.swagger.v3.oas.integration.SwaggerConfiguration;
import io.swagger.v3.oas.models.OpenAPI;
@@ -66,9 +68,9 @@ public class ApiV2Config extends AbstractApiConfig {
public static final String APP_PATH = "api/v2";
- public ApiV2Config(@Context ServletContext servletContext,
- @Context ManagerApiConfiguration managerApiConfiguration) {
- super(servletContext, managerApiConfiguration);
+ public ApiV2Config(@Context ServletContext servletContext, @Context ManagerApiConfiguration managerApiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter) {
+ super(servletContext, managerApiConfiguration, bearerSecurityOpenApiWriter);
register(InfoApi2.class);
register(PlanAenderungenApi2.class);
@@ -86,9 +88,11 @@ public class ApiV2Config extends AbstractApiConfig {
@Override
protected BaseOpenApiResource createDefaultApi(ServletContext servletContext,
- ManagerApiConfiguration managerApiConfiguration) {
+ ManagerApiConfiguration managerApiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter) {
DefaultApi openApiResourceV1 = new DefaultApi();
- OpenAPI v1OpenApi = createOpenAPI(servletContext, managerApiConfiguration, APP_PATH);
+ OpenAPI v1OpenApi = createOpenAPI(servletContext, managerApiConfiguration, APP_PATH,
+ bearerSecurityOpenApiWriter);
SwaggerConfiguration oasConfigV1 = new SwaggerConfiguration().openAPI(v1OpenApi)
.filterClass(ApiV2Filter.class.getCanonicalName())
.prettyPrint(true)
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanAenderungenApi.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanAenderungenApi.java
index 873d29c909b4e8ff80f780862accd6f61bac1232..448bad11563a8a9066796bba35d66fb69d715757 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanAenderungenApi.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanAenderungenApi.java
@@ -28,8 +28,6 @@ import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.parameters.RequestBody;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
-import org.springframework.beans.factory.annotation.Autowired;
-
import jakarta.validation.Valid;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.GET;
@@ -37,6 +35,7 @@ import jakarta.ws.rs.PUT;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
+import org.springframework.beans.factory.annotation.Autowired;
/**
* Controller class for handling access to the aenderungen resource of a plan.
@@ -70,15 +69,13 @@ public class PlanAenderungenApi {
@PUT
@Consumes({ "application/json" })
@Produces({ "application/json" })
- @Operation(operationId = "replaceAenderung", tags = { "edit", },
- responses = {
- @ApiResponse(responseCode = "200", description = "successful operation",
- content = @Content(schema = @Schema(implementation = Aenderungen.class))),
- @ApiResponse(responseCode = "400",
- description = "Unsupported plan version or planID is not a valid int value"),
- @ApiResponse(responseCode = "404", description = "Invalid planID, plan not found"),
- @ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content"), },
+ @Operation(operationId = "replaceAenderung", tags = { "edit", }, responses = {
+ @ApiResponse(responseCode = "200", description = "successful operation",
+ content = @Content(schema = @Schema(implementation = Aenderungen.class))),
+ @ApiResponse(responseCode = "400",
+ description = "Unsupported plan version or planID is not a valid int value. Request body contains invalid content."),
+ @ApiResponse(responseCode = "404", description = "Invalid planID, plan not found"),
+ @ApiResponse(responseCode = "406", description = "Requested format is not available") },
requestBody = @RequestBody(content = {
@Content(mediaType = "application/json", schema = @Schema(implementation = Aenderungen.class)) }))
public Aenderungen replaceAenderung(@PathParam("planId") @Parameter(description = "ID of the plan to be returned",
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanApi.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanApi.java
index 6ef844ec0da82258d4dd0203cbde87e22f4b7b0a..ea5972b2d77ac1650079e0e52f51b62567275c01 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanApi.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanApi.java
@@ -176,13 +176,13 @@ public class PlanApi {
@Content(mediaType = XPLANBOX_V1_JSON, schema = @Schema(implementation = PlanInfo.class)),
@Content(mediaType = XPLANBOX_V2_JSON,
array = @ArraySchema(schema = @Schema(implementation = PlanInfo.class))) }),
- @ApiResponse(responseCode = "400", description = "Invalid input",
- content = @Content(schema = @Schema(implementation = ValidationReport.class))),
+ @ApiResponse(responseCode = "400", description = "Invalid input"),
@ApiResponse(responseCode = "406", description = "Requested format is not available"),
@ApiResponse(responseCode = "415",
description = "Unsupported media type or content - only xml/gml, zip are accepted; all zip files entries must also match the supported content types for XPlanArchives"),
@ApiResponse(responseCode = "422",
- description = "Invalid content - the content of the XPlanGML file must conform to the specification of xPlanBox XPlanGML files") },
+ description = "Invalid content - the content of the XPlanGML file must conform to the specification of xPlanBox XPlanGML files",
+ content = @Content(schema = @Schema(implementation = ValidationReport.class))) },
requestBody = @RequestBody(
content = {
@Content(mediaType = "application/octet-stream",
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanBasisdatenApi.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanBasisdatenApi.java
index 541b7330d825eea3b71d2e8351166d8a200666ef..c5304e9da39cb5b81099d3e16b9fde782d338f24 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanBasisdatenApi.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanBasisdatenApi.java
@@ -72,15 +72,13 @@ public class PlanBasisdatenApi {
@PUT
@Consumes({ "application/json" })
@Produces({ "application/json" })
- @Operation(operationId = "replaceBasisdaten", tags = { "edit", },
- responses = {
- @ApiResponse(responseCode = "200", description = "successful operation",
- content = @Content(schema = @Schema(implementation = Basisdaten.class))),
- @ApiResponse(responseCode = "400",
- description = "Unsupported plan version or planID is not a valid int value"),
- @ApiResponse(responseCode = "404", description = "Invalid planID, plan not found"),
- @ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content"), },
+ @Operation(operationId = "replaceBasisdaten", tags = { "edit", }, responses = {
+ @ApiResponse(responseCode = "200", description = "successful operation",
+ content = @Content(schema = @Schema(implementation = Basisdaten.class))),
+ @ApiResponse(responseCode = "400",
+ description = "Unsupported plan version or planID is not a valid int value. Request body contains invalid content."),
+ @ApiResponse(responseCode = "404", description = "Invalid planID, plan not found"),
+ @ApiResponse(responseCode = "406", description = "Requested format is not available") },
requestBody = @RequestBody(content = {
@Content(mediaType = "application/json", schema = @Schema(implementation = Basisdaten.class)) }))
public Basisdaten replaceBasisdaten(@PathParam("planId") @Parameter(description = "ID of the plan to be returned",
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanDokumentApi.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanDokumentApi.java
index 30af96f4729fd9ccfac3c9c5b440a9641a72b08e..a21afd90cad6b68442e12680208d532bf7c427f3 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanDokumentApi.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanDokumentApi.java
@@ -90,10 +90,9 @@ public class PlanDokumentApi {
@ApiResponse(responseCode = "400",
description = "Unsupported plan version or dokumentmodel is missing or planID is not a valid int value"),
@ApiResponse(responseCode = "404",
- description = "Invalid planID or dokument ID, plan or dokument not found"),
+ description = "Unsupported plan version or planID is not a valid int value. Request body contains invalid content "),
@ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "415", description = "Unsupported media type"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content") })
+ @ApiResponse(responseCode = "415", description = "Unsupported media type") })
public Dokument addDokument(
@PathParam("planId") @Parameter(description = "ID of the plan to add a dokument",
example = "123") String planId,
@@ -139,12 +138,11 @@ public class PlanDokumentApi {
@ApiResponse(responseCode = "200", description = "successful operation",
content = @Content(schema = @Schema(implementation = Dokument.class))),
@ApiResponse(responseCode = "400",
- description = "Unsupported plan version or dokumentmodel is missing or planID is not a valid int value"),
+ description = "Unsupported plan version or dokumentmodel is missing or planID is not a valid int value. Request body contains invalid content."),
@ApiResponse(responseCode = "404",
description = "Invalid planID or dokument ID, plan or dokument not found"),
@ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "415", description = "Unsupported media type"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content") })
+ @ApiResponse(responseCode = "415", description = "Unsupported media type") })
public Dokument replaceDokumentById(
@PathParam("planId") @Parameter(description = "ID of the plan to replace dokument",
example = "123") String planId,
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanGueltigkeitApi.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanGueltigkeitApi.java
index 2f891014b3cc70a636bb59c75182ec12c3e34e8c..6098b1fc2440d13ec59a56cc0f2f4fa9f1ddaf6c 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanGueltigkeitApi.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanGueltigkeitApi.java
@@ -28,8 +28,6 @@ import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.parameters.RequestBody;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
-import org.springframework.beans.factory.annotation.Autowired;
-
import jakarta.validation.Valid;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.GET;
@@ -37,6 +35,7 @@ import jakarta.ws.rs.PUT;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
+import org.springframework.beans.factory.annotation.Autowired;
/**
* Controller class for handling access to the gueltigkeit resource of a plan.
@@ -71,15 +70,13 @@ public class PlanGueltigkeitApi {
@PUT
@Consumes({ "application/json" })
@Produces({ "application/json" })
- @Operation(operationId = "replaceGueltigkeit", tags = { "edit", },
- responses = {
- @ApiResponse(responseCode = "200", description = "successful operation",
- content = @Content(schema = @Schema(implementation = Zeitraum.class))),
- @ApiResponse(responseCode = "400",
- description = "Unsupported plan version or planID is not a valid int value"),
- @ApiResponse(responseCode = "404", description = "Invalid planID, plan not found"),
- @ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content") },
+ @Operation(operationId = "replaceGueltigkeit", tags = { "edit", }, responses = {
+ @ApiResponse(responseCode = "200", description = "successful operation",
+ content = @Content(schema = @Schema(implementation = Zeitraum.class))),
+ @ApiResponse(responseCode = "400",
+ description = "Unsupported plan version or planID is not a valid int value. Request body contains invalid content."),
+ @ApiResponse(responseCode = "404", description = "Invalid planID, plan not found"),
+ @ApiResponse(responseCode = "406", description = "Requested format is not available") },
requestBody = @RequestBody(content = {
@Content(mediaType = "application/json", schema = @Schema(implementation = Zeitraum.class)) }),
description = "deprecated: Gueltigkeitszeitraum will be removed in a future version. Since 8.0 the functionality is removed! Gueltigkeitszeitraum is no longer stored.",
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanRasterbasisApi.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanRasterbasisApi.java
index 75cf3c37280af4ff036b8a2037d1849406464d34..d89d5aafa60c7f7821619f8520a46620978e9a5b 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanRasterbasisApi.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanRasterbasisApi.java
@@ -88,11 +88,10 @@ public class PlanRasterbasisApi {
@ApiResponse(responseCode = "200", description = "successful operation",
content = @Content(schema = @Schema(implementation = Rasterbasis.class))),
@ApiResponse(responseCode = "400",
- description = "Unsupported plan type or version, missing bereich nummer or rasterbasismodel or planID is not a valid int value"),
+ description = "Unsupported plan version or planID is not a valid int value. Request body contains invalid content "),
@ApiResponse(responseCode = "404", description = "Invalid planID, plan not found"),
@ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "415", description = "Unsupported media type"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content") })
+ @ApiResponse(responseCode = "415", description = "Unsupported media type") })
public Rasterbasis addRasterBasis(
@PathParam("planId") @Parameter(description = "ID of the plan to add rasterbasis",
example = "123") String planId,
@@ -146,12 +145,11 @@ public class PlanRasterbasisApi {
@ApiResponse(responseCode = "200", description = "successful operation",
content = @Content(schema = @Schema(implementation = Rasterbasis.class))),
@ApiResponse(responseCode = "400",
- description = "Unsupported plan type or version, missing bereich nummer or rasterbasismodel or planID is not a valid int value"),
+ description = "Unsupported plan type or version, missing bereich nummer or rasterbasismodel or planID is not a valid int value. Request body contains invalid content."),
@ApiResponse(responseCode = "404",
description = "Invalid planID or rasterbasis ID, plan or rasterbasis not found"),
@ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "415", description = "Unsupported media type"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content") })
+ @ApiResponse(responseCode = "415", description = "Unsupported media type") })
public Rasterbasis replaceRasterbasisById(
@PathParam("planId") @Parameter(description = "ID of the plan to be updated",
example = "123") String planId,
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanTextApi.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanTextApi.java
index 124ee5614c309fa7c4a9358b26fc57165f466e7f..9519d5e892743a30595a59378184b5736dc09c1b 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanTextApi.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v1/PlanTextApi.java
@@ -20,6 +20,10 @@
*/
package de.latlon.xplanbox.api.manager.v1;
+import java.io.File;
+import java.io.InputStream;
+import java.util.List;
+
import de.latlon.xplanbox.api.manager.exception.MissingRequestEntity;
import de.latlon.xplanbox.api.manager.handler.EditTextHandler;
import de.latlon.xplanbox.api.manager.v1.model.Text;
@@ -30,11 +34,6 @@ import io.swagger.v3.oas.annotations.media.ArraySchema;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
-import org.glassfish.jersey.media.multipart.FormDataBodyPart;
-import org.glassfish.jersey.media.multipart.FormDataContentDisposition;
-import org.glassfish.jersey.media.multipart.FormDataParam;
-import org.springframework.beans.factory.annotation.Autowired;
-
import jakarta.validation.Valid;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.GET;
@@ -43,9 +42,10 @@ import jakarta.ws.rs.PUT;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
-import java.io.File;
-import java.io.InputStream;
-import java.util.List;
+import org.glassfish.jersey.media.multipart.FormDataBodyPart;
+import org.glassfish.jersey.media.multipart.FormDataContentDisposition;
+import org.glassfish.jersey.media.multipart.FormDataParam;
+import org.springframework.beans.factory.annotation.Autowired;
/**
* Controller class for handling access to the text resource of a plan.
@@ -84,10 +84,10 @@ public class PlanTextApi {
content = @Content(schema = @Schema(implementation = Text.class))),
@ApiResponse(responseCode = "400",
description = "Unsupported plan version or textmodel is missing or planID is not a valid int value"),
- @ApiResponse(responseCode = "404", description = "Invalid planID, plan not found"),
+ @ApiResponse(responseCode = "404",
+ description = "Invalid planID, plan not found. Request body contains invalid content."),
@ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "415", description = "Unsupported media type"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content") })
+ @ApiResponse(responseCode = "415", description = "Unsupported media type") })
public Text addText(
@PathParam("planId") @Parameter(description = "ID of the plan to add text", example = "123") String planId,
@Parameter(schema = @Schema(implementation = Text.class),
@@ -109,7 +109,7 @@ public class PlanTextApi {
@ApiResponse(responseCode = "200", description = "successful operation",
content = @Content(schema = @Schema(implementation = Text.class))),
@ApiResponse(responseCode = "400",
- description = "Unsupported plan version or planID is not a valid int value"),
+ description = "Unsupported plan version or planID is not a valid int value. Request body contains invalid content."),
@ApiResponse(responseCode = "404", description = "Invalid planID or text ID, plan or text not found"),
@ApiResponse(responseCode = "406", description = "Requested format is not available") })
public Text getTextById(
@@ -130,10 +130,10 @@ public class PlanTextApi {
content = @Content(schema = @Schema(implementation = Text.class))),
@ApiResponse(responseCode = "400",
description = "Unsupported plan version or textmodel is missing or planID is not a valid int value"),
- @ApiResponse(responseCode = "404", description = "Invalid planID or text ID, plan or Text not found"),
+ @ApiResponse(responseCode = "404",
+ description = "Invalid planID or text ID, plan or Text not found. Request body contains invalid content."),
@ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "415", description = "Unsupported media type"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content") })
+ @ApiResponse(responseCode = "415", description = "Unsupported media type") })
public Text replaceTextById(
@PathParam("planId") @Parameter(description = "ID of the plan to be updated",
example = "123") String planId,
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanAenderungenApi2.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanAenderungenApi2.java
index af7a024af738418612b41ba20af097b32bbdb3c0..ed44277443efdec640d6eb67b3b708282e000a59 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanAenderungenApi2.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanAenderungenApi2.java
@@ -67,15 +67,13 @@ public class PlanAenderungenApi2 {
@PUT
@Consumes({ "application/json" })
@Produces({ "application/json" })
- @Operation(operationId = "replaceAenderung", tags = { "edit", },
- responses = {
- @ApiResponse(responseCode = "200", description = "successful operation",
- content = @Content(schema = @Schema(implementation = Aenderungen.class))),
- @ApiResponse(responseCode = "400",
- description = "Unsupported plan version or planID is not a valid int value"),
- @ApiResponse(responseCode = "404", description = "Invalid planID, plan not found"),
- @ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content"), },
+ @Operation(operationId = "replaceAenderung", tags = { "edit", }, responses = {
+ @ApiResponse(responseCode = "200", description = "successful operation",
+ content = @Content(schema = @Schema(implementation = Aenderungen.class))),
+ @ApiResponse(responseCode = "400",
+ description = "Unsupported plan version or planID is not a valid int value. Request body contains invalid content."),
+ @ApiResponse(responseCode = "404", description = "Invalid planID, plan not found"),
+ @ApiResponse(responseCode = "406", description = "Requested format is not available") },
requestBody = @RequestBody(content = {
@Content(mediaType = "application/json", schema = @Schema(implementation = Aenderungen.class)) }))
public Aenderungen replaceAenderung(@PathParam("planId") @Parameter(description = "ID of the plan to be returned",
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanApi2.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanApi2.java
index 617b1c5e63b1d526471f4d1da240a8612650b501..c0f361189e8357c6bc7d3aa4cda105e6b363f669 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanApi2.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanApi2.java
@@ -43,7 +43,6 @@ import de.latlon.core.validator.events.planimport.ImportValidationRequestedEvent
import de.latlon.xplan.manager.web.shared.XPlan;
import de.latlon.xplan.validator.web.shared.ValidationSettings;
import de.latlon.xplanbox.api.commons.exception.UnsupportedParameterValue;
-import de.latlon.xplanbox.api.commons.v1.model.ValidationReport;
import de.latlon.xplanbox.api.commons.v2.model.ResponseLink;
import de.latlon.xplanbox.api.manager.PlanInfoBuilder;
import de.latlon.xplanbox.api.manager.config.DefaultValidationConfiguration;
@@ -118,8 +117,7 @@ public class PlanApi2 {
@ApiResponse(responseCode = "200", description = "ImportReceipt with uuid of the import",
content = { @Content(mediaType = "application/json",
schema = @Schema(implementation = ImportReceipt.class)) }),
- @ApiResponse(responseCode = "400", description = "Invalid input",
- content = @Content(schema = @Schema(implementation = ValidationReport.class))),
+ @ApiResponse(responseCode = "400", description = "Invalid input"),
@ApiResponse(responseCode = "406", description = "Requested format is not available"),
@ApiResponse(responseCode = "415",
description = "Unsupported media type or content - only xml/gml, zip are accepted; all zip files entries must also match the supported content types for XPlanArchives") },
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanBasisdatenApi2.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanBasisdatenApi2.java
index 92e88687129205629c3bdbdd1992a584d7ab7d9f..b73e53ffa05ce590f8f257e52ad9e4d1c54d952e 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanBasisdatenApi2.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanBasisdatenApi2.java
@@ -67,15 +67,13 @@ public class PlanBasisdatenApi2 {
@PUT
@Consumes({ "application/json" })
@Produces({ "application/json" })
- @Operation(operationId = "replaceBasisdaten", tags = { "edit", },
- responses = {
- @ApiResponse(responseCode = "200", description = "successful operation",
- content = @Content(schema = @Schema(implementation = Basisdaten.class))),
- @ApiResponse(responseCode = "400",
- description = "Unsupported plan version or planID is not a valid int value"),
- @ApiResponse(responseCode = "404", description = "Invalid planID, plan not found"),
- @ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content"), },
+ @Operation(operationId = "replaceBasisdaten", tags = { "edit", }, responses = {
+ @ApiResponse(responseCode = "200", description = "successful operation",
+ content = @Content(schema = @Schema(implementation = Basisdaten.class))),
+ @ApiResponse(responseCode = "400",
+ description = "Unsupported plan version or planID is not a valid int value. Request body contains invalid content."),
+ @ApiResponse(responseCode = "404", description = "Invalid planID, plan not found"),
+ @ApiResponse(responseCode = "406", description = "Requested format is not available") },
requestBody = @RequestBody(content = {
@Content(mediaType = "application/json", schema = @Schema(implementation = Basisdaten.class)) }))
public Basisdaten replaceBasisdaten(@PathParam("planId") @Parameter(description = "ID of the plan to be returned",
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanDokumentApi2.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanDokumentApi2.java
index f3e54addab554d2acc6ca66cb92a896269554adc..54e6af9cc30cb0b57e7af8ca998b207566406fb7 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanDokumentApi2.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanDokumentApi2.java
@@ -83,12 +83,11 @@ public class PlanDokumentApi2 {
@ApiResponse(responseCode = "200", description = "successful operation",
content = @Content(schema = @Schema(implementation = Dokument.class))),
@ApiResponse(responseCode = "400",
- description = "Unsupported plan version or dokumentmodel is missing or planID is not a valid int value"),
+ description = "Unsupported plan version or dokumentmodel is missing or planID is not a valid int value. Request body contains invalid content."),
@ApiResponse(responseCode = "404",
description = "Invalid planID or dokument ID, plan or dokument not found"),
@ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "415", description = "Unsupported media type"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content") })
+ @ApiResponse(responseCode = "415", description = "Unsupported media type") })
public Dokument addDokument(
@PathParam("planId") @Parameter(description = "ID of the plan to add a dokument",
example = "123") String planId,
@@ -134,12 +133,11 @@ public class PlanDokumentApi2 {
@ApiResponse(responseCode = "200", description = "successful operation",
content = @Content(schema = @Schema(implementation = Dokument.class))),
@ApiResponse(responseCode = "400",
- description = "Unsupported plan version or dokumentmodel is missing or planID is not a valid int value"),
+ description = "Unsupported plan version or dokumentmodel is missing or planID is not a valid int value. Request body contains invalid content."),
@ApiResponse(responseCode = "404",
description = "Invalid planID or dokument ID, plan or dokument not found"),
@ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "415", description = "Unsupported media type"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content") })
+ @ApiResponse(responseCode = "415", description = "Unsupported media type") })
public Dokument replaceDokumentById(
@PathParam("planId") @Parameter(description = "ID of the plan to replace dokument",
example = "123") String planId,
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanRasterbasisApi2.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanRasterbasisApi2.java
index 98f9ec728fd04c2e88f85259692921bf55e9b6ad..a03a789e74eaf2db82ea5839b66387c4d1c9ffbc 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanRasterbasisApi2.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanRasterbasisApi2.java
@@ -83,11 +83,10 @@ public class PlanRasterbasisApi2 {
@ApiResponse(responseCode = "200", description = "successful operation",
content = @Content(schema = @Schema(implementation = Rasterbasis.class))),
@ApiResponse(responseCode = "400",
- description = "Unsupported plan type or version, missing bereich nummer or rasterbasismodel or planID is not a valid int value"),
+ description = "Unsupported plan type or version, missing bereich nummer or rasterbasismodel or planID is not a valid int value. Request body contains invalid content."),
@ApiResponse(responseCode = "404", description = "Invalid planID, plan not found"),
@ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "415", description = "Unsupported media type"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content") })
+ @ApiResponse(responseCode = "415", description = "Unsupported media type") })
public Rasterbasis addRasterBasis(
@PathParam("planId") @Parameter(description = "ID of the plan to add rasterbasis",
example = "123") String planId,
@@ -140,12 +139,11 @@ public class PlanRasterbasisApi2 {
@ApiResponse(responseCode = "200", description = "successful operation",
content = @Content(schema = @Schema(implementation = Rasterbasis.class))),
@ApiResponse(responseCode = "400",
- description = "Unsupported plan type or version, missing bereich nummer or rasterbasismodel or planID is not a valid int value"),
+ description = "Unsupported plan type or version, missing bereich nummer or rasterbasismodel or planID is not a valid int value. Request body contains invalid content."),
@ApiResponse(responseCode = "404",
description = "Invalid planID or rasterbasis ID, plan or rasterbasis not found"),
@ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "415", description = "Unsupported media type"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content") })
+ @ApiResponse(responseCode = "415", description = "Unsupported media type") })
public Rasterbasis replaceRasterbasisById(
@PathParam("planId") @Parameter(description = "ID of the plan to be updated",
example = "123") String planId,
diff --git a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanTextApi2.java b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanTextApi2.java
index 78b4d3bab9686077d3ddcf68218b8338c3193f70..9c84801f92141b3328ef9508f7d8f799659946b5 100644
--- a/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanTextApi2.java
+++ b/xplan-manager/xplan-manager-api/src/main/java/de/latlon/xplanbox/api/manager/v2/PlanTextApi2.java
@@ -81,11 +81,10 @@ public class PlanTextApi2 {
@ApiResponse(responseCode = "200", description = "successful operation",
content = @Content(schema = @Schema(implementation = Text.class))),
@ApiResponse(responseCode = "400",
- description = "Unsupported plan version or textmodel is missing or planID is not a valid int value"),
+ description = "Unsupported plan version or textmodel is missing or planID is not a valid int value. Request body contains invalid content."),
@ApiResponse(responseCode = "404", description = "Invalid planID, plan not found"),
@ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "415", description = "Unsupported media type"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content") })
+ @ApiResponse(responseCode = "415", description = "Unsupported media type") })
public Text addText(
@PathParam("planId") @Parameter(description = "ID of the plan to add text", example = "123") String planId,
@Parameter(schema = @Schema(implementation = Text.class),
@@ -127,11 +126,10 @@ public class PlanTextApi2 {
@ApiResponse(responseCode = "200", description = "successful operation",
content = @Content(schema = @Schema(implementation = Text.class))),
@ApiResponse(responseCode = "400",
- description = "Unsupported plan version or textmodel is missing or planID is not a valid int value"),
+ description = "Unsupported plan version or textmodel is missing or planID is not a valid int value. Request body contains invalid content."),
@ApiResponse(responseCode = "404", description = "Invalid planID or text ID, plan or Text not found"),
@ApiResponse(responseCode = "406", description = "Requested format is not available"),
- @ApiResponse(responseCode = "415", description = "Unsupported media type"),
- @ApiResponse(responseCode = "422", description = "Request body contains invalid content") })
+ @ApiResponse(responseCode = "415", description = "Unsupported media type") })
public Text replaceTextById(
@PathParam("planId") @Parameter(description = "ID of the plan to be updated",
example = "123") String planId,
diff --git a/xplan-tests/xplan-tests-soapui/README.md b/xplan-tests/xplan-tests-soapui/README.md
index 3c49ada5d83f3e7f7a88ecb16119a12041938f4a..a6eb4fadc452d12b6b906096ed89d230167e285d 100644
--- a/xplan-tests/xplan-tests-soapui/README.md
+++ b/xplan-tests/xplan-tests-soapui/README.md
@@ -11,6 +11,11 @@ mvn clean test -Psystem-tests -DtestFileName=xplan-validator-api-soapui-project.
-DbaseUrlValidatorApi=https://xplanbox.lat-lon.de -Dusername=xplanbox -Dpassword='PWD'
```
+Bei Nutzung der Absicherung über ein Bearer Token muss zusätzlich die URL von z.B. Keycloak angegeben werden, um das JSON Web Token anzufragen:
+```
+-DjwtUrl=https://xplanbox.lat-lon.de/keycloak/realms/xplanbox/protocol/openid-connect/token -DjwtClientId=xplanbox-api
+```
+
### xplan-manager-api-soapui-project
```
@@ -20,6 +25,11 @@ mvn clean test -Psystem-tests -DtestFileName=xplan-manager-api-soapui-project.xm
-DjdbcUrl=jdbc:postgresql://localhost:5433/xplanbox?user=xplanbox&password=xplanbox
```
+Bei Nutzung der Absicherung über ein Bearer Token muss zusätzlich die URL von z.B. Keycloak angegeben werden, um das JSON Web Token anzufragen:
+```
+-DjwtUrl=https://xplanbox.lat-lon.de/keycloak/realms/xplanbox/protocol/openid-connect/token -DjwtClientId=xplanbox-api
+```
+
### xplan-dokumente-api-soapui-project
```
@@ -32,6 +42,10 @@ mvn clean test -Psystem-tests -DtestFileName=xplan-dokumente-api-soapui-project.
-DbaseUrlManagerApi=https://xplanbox.lat-lon.de -DusernameManagerApi=xplanbox -DpasswordManagerApi='PWD' \
-DbaseUrlDokumenteApi=https://xplanbox.lat-lon.de -DusernameDokumenteApi=xplanbox -DpasswordDokumenteApi='PWD'
```
+Bei Nutzung der Absicherung über ein Bearer Token muss zusätzlich die URL von z.B. Keycloak angegeben werden, um das JSON Web Token anzufragen:
+```
+-DjwtUrl=https://xplanbox.lat-lon.de/keycloak/realms/xplanbox/protocol/openid-connect/token -DjwtClientId=xplanbox-api
+```
### xplan-webservices-soapui-project
@@ -55,7 +69,10 @@ mvn clean test -Psystem-tests -DtestFileName=xplan-webservices-soapui-project.xm
-DbaseUrlMapProxy=https://xplanbox.lat-lon.de -DusernameMapProxy=xplanbox -DpasswordMapProxy='PWD' \
-DapiKey=xplanbox
```
-
+Bei Nutzung der Absicherung über ein Bearer Token muss zusätzlich die URL von z.B. Keycloak angegeben werden, um das JSON Web Token anzufragen:
+```
+-DjwtUrl=https://xplanbox.lat-lon.de/keycloak/realms/xplanbox/protocol/openid-connect/token -DjwtClientId=xplanbox-api
+```
## Ausführung im Docker container
@@ -87,6 +104,8 @@ docker run --env ... xplanbox/xplan-tests-soapui
- `XPLAN_MAPSERVER_PASSWORD`
- `XPLAN_SERVICES_API_KEY`
- `XPLAN_VALIDATOR_API_BASE_URL`
+- `XPLAN_JWT_URL`
+- `XPLAN_JWT_CLIENTID`
Optional, wenn die Tests der XPlanDB bei Ausführung der XPlanManagerAPI-SopaUI-Tests ausgeführt werden sollen:
diff --git a/xplan-tests/xplan-tests-soapui/pom.xml b/xplan-tests/xplan-tests-soapui/pom.xml
index 49db1b92b84b832a9dfab576660339f1a0310054..f44deb095e40a87d2394958dfd5eee716503c365 100644
--- a/xplan-tests/xplan-tests-soapui/pom.xml
+++ b/xplan-tests/xplan-tests-soapui/pom.xml
@@ -71,6 +71,8 @@
<baseUrlValidatorApi />
<username />
<password />
+ <jwtUrl />
+ <jwtClientId />
<apiKey />
<jdbcUrl />
</properties>
@@ -128,6 +130,8 @@
<value>baseUrlValidatorApi=${baseUrlValidatorApi}</value>
<value>username=${username}</value>
<value>password=${password}</value>
+ <value>jwtUrl=${jwtUrl}</value>
+ <value>jwtClientId=${jwtClientId}</value>
<value>apiKey=${apiKey}</value>
<value>jdbcUrl=${jdbcUrl}</value>
</projectProperties>
diff --git a/xplan-tests/xplan-tests-soapui/runAllSoapUiTests.sh b/xplan-tests/xplan-tests-soapui/runAllSoapUiTests.sh
index 8a743adf111e856d6a02330234052b61ccde5840..401cc623c4727ad03a20dcbc22410ee304ecff2f 100755
--- a/xplan-tests/xplan-tests-soapui/runAllSoapUiTests.sh
+++ b/xplan-tests/xplan-tests-soapui/runAllSoapUiTests.sh
@@ -65,11 +65,14 @@ echo "Executing tests..."
mvn test -Psystem-tests -DtestFileName=xplan-manager-api-soapui-project.xml \
-DbaseUrlManagerApi=$XPLAN_MANAGER_API_BASE_URL \
-Dusername=$XPLAN_MANAGER_API_USERNAME -Dpassword=$XPLAN_MANAGER_API_PASSWORD \
+ -DjwtUrl=$XPLAN_JWT_URL -DjwtClientId=$XPLAN_JWT_CLIENTID \
-DbaseUrlServices=$XPLAN_DIENSTE_BASE_URL \
-DjdbcUrl=$JDBC_URL
mvn test -Psystem-tests -DtestFileName=xplan-validator-api-soapui-project.xml \
- -DbaseUrlValidatorApi=$XPLAN_VALIDATOR_API_BASE_URL -Dusername=$XPLAN_VALIDATOR_API_USERNAME -Dpassword=$XPLAN_VALIDATOR_API_PASSWORD
+ -DbaseUrlValidatorApi=$XPLAN_VALIDATOR_API_BASE_URL \
+ -Dusername=$XPLAN_VALIDATOR_API_USERNAME -Dpassword=$XPLAN_VALIDATOR_API_PASSWORD \
+ -DjwtUrl=$XPLAN_JWT_URL -DjwtClientId=$XPLAN_JWT_CLIENTID
if [ -z ${XPLAN_DOKUMENTE_API_BASE_URL+x} ];
then
@@ -78,7 +81,8 @@ else
waitForRightVersion $XPLAN_DOKUMENTE_API_BASE_URL/xdokumente/version.txt
mvn test -Psystem-tests -DtestFileName=xplan-dokumente-api-soapui-project.xml \
-DbaseUrlManagerApi=$XPLAN_MANAGER_API_BASE_URL -DusernameManagerApi=$XPLAN_MANAGER_API_USERNAME -DpasswordManagerApi=$XPLAN_MANAGER_API_PASSWORD \
- -DbaseUrlDokumenteApi=$XPLAN_DOKUMENTE_API_BASE_URL -DusernameDokumenteApi=$XPLAN_DOKUMENTE_API_USERNAME -DpasswordDokumenteApi=$XPLAN_DOKUMENTE_API_PASSWORD
+ -DbaseUrlDokumenteApi=$XPLAN_DOKUMENTE_API_BASE_URL -DusernameDokumenteApi=$XPLAN_DOKUMENTE_API_USERNAME -DpasswordDokumenteApi=$XPLAN_DOKUMENTE_API_PASSWORD \
+ -DjwtUrl=$XPLAN_JWT_URL -DjwtClientId=$XPLAN_JWT_CLIENTID
fi
mvn test -Psystem-tests -DtestFileName=xplan-webservices-soapui-project.xml \
@@ -87,7 +91,8 @@ mvn test -Psystem-tests -DtestFileName=xplan-webservices-soapui-project.xml \
-DbaseUrlManagerApi=${XPLAN_MANAGER_API_BASE_URL} -DusernameManagerApi=$XPLAN_MANAGER_API_USERNAME -DpasswordManagerApi=$XPLAN_MANAGER_API_PASSWORD \
-DbaseUrlMapServer=${XPLAN_MAPSERVER_BASE_URL} -DusernameMapServer=$XPLAN_MAPSERVER_USERNAME -DpasswordMapServer=$XPLAN_MAPSERVER_PASSWORD \
-DbaseUrlMapProxy=${XPLAN_MAPPROXY_BASE_URL} -DusernameMapProxy=$XPLAN_MAPPROXY_USERNAME -DpasswordMapProxy=$XPLAN_MAPPROXY_PASSWORD \
- -DapiKey=$XPLAN_SERVICES_API_KEY
+ -DapiKey=$XPLAN_SERVICES_API_KEY \
+ -DjwtUrl=$XPLAN_JWT_URL -DjwtClientId=$XPLAN_JWT_CLIENTID
echo -e "\n"
echo "Results:"
diff --git a/xplan-tests/xplan-tests-soapui/src/main/resources/xplan-dokumente-api-soapui-project.xml b/xplan-tests/xplan-tests-soapui/src/main/resources/xplan-dokumente-api-soapui-project.xml
index 4b07c3b97479643c9f61d998f9838f49afbef872..368425076aa81ef7e3d2548504da7bb917850463 100644
--- a/xplan-tests/xplan-tests-soapui/src/main/resources/xplan-dokumente-api-soapui-project.xml
+++ b/xplan-tests/xplan-tests-soapui/src/main/resources/xplan-dokumente-api-soapui-project.xml
@@ -22,6 +22,11 @@
baseUrlManagerApi=http://localhost:8086/xplan-manager-api
+Set this if Keycloak authentication shall be used locally:
+
+jwtUrl=http://localhost:8096/keycloak/realms/xplanbox/protocol/openid-connect/token
+jwtClientId=xplan-dokumente-api
+
For execution against test environment use following property values:
baseUrlManagerApi=https://xplanbox.lat-lon.de</con:description>
@@ -434,6 +439,42 @@ OpenAPI document</con:description>
<con:params/>
<con:element>html</con:element>
</con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>406</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>406</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
<con:request name="Request 1" id="c3d70b20-79d3-4474-928b-deeb1f813de1" mediaType="application/json">
<con:settings/>
<con:endpoint>${#Project#baseUrlDokumenteApi}/xdokumente/api/v1</con:endpoint>
@@ -449,7 +490,7 @@ OpenAPI document</con:description>
</con:method>
</con:resource>
</con:interface>
- <con:testSuite id="d3d56f16-d37b-417e-b819-952ce0ea9a56" name="Authorization-Setup">
+ <con:testSuite id="d3d56f16-d37b-417e-b819-952ce0ea9a56" name="Authorization Setup">
<con:settings/>
<con:runType>SEQUENTIAL</con:runType>
<con:testCase id="99bcd57f-82b2-4034-abc7-db29a0927413" failOnError="true" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="Set Credentials" searchProperties="true">
@@ -481,6 +522,199 @@ if (username && password) {
</con:testStep>
<con:properties/>
</con:testCase>
+ <con:testCase id="f2d99dc9-1dd4-4cfc-823e-e98f40fdb82b" failOnError="false" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="JWT Authentication" searchProperties="true" timeout="0" wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo="" amfAuthorisation="false" amfEndpoint="" amfLogin="" amfPassword="">
+ <con:description>Es wird, falls nötig, eine JWT-Authentication durchgeführt</con:description>
+ <con:settings/>
+ <con:testStep type="groovy" name="checkIfJwtAuthEnabled" id="26518e5b-a2ed-47e4-9a46-8a2436c0d08d">
+ <con:settings/>
+ <con:config>
+ <script>def jwtUrl = testRunner.testCase.testSuite.project.getPropertyValue("jwtUrl");
+
+if (jwtUrl == ""){
+ testRunner.gotoStepByName("Cleanup");
+}</script>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="httprequest" name="retrieveToken XPlanDokumenteAPI" id="aee92a19-f24d-4bd9-9e3c-68b9622a9958">
+ <con:settings/>
+ <con:config method="POST" xsi:type="con:HttpRequest" id="951ebbc5-a5ba-418e-a699-aade30608a45" name="retrieveToken XPlanDokumenteAPI" postQueryString="true" mediaType="application/x-www-form-urlencoded" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:settings>
+ <con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Content-Type" value="application/x-www-form-urlencoded" xmlns="http://eviware.com/soapui/config"/></con:setting>
+ </con:settings>
+ <con:endpoint>${#Project#jwtUrl}</con:endpoint>
+ <con:request/>
+ <con:assertion type="Valid HTTP Status Codes" id="db5ca4f1-f21a-4b5d-b819-c41465665b8d" name="Valid HTTP Status Codes">
+ <con:configuration>
+ <codes>200</codes>
+ </con:configuration>
+ </con:assertion>
+ <con:credentials>
+ <con:authType>No Authorization</con:authType>
+ </con:credentials>
+ <con:jmsConfig JMSDeliveryMode="PERSISTENT"/>
+ <con:jmsPropertyConfig/>
+ <con:parameters>
+ <con:parameter>
+ <con:name>client_id</con:name>
+ <con:value>${#Project#jwtClientId}</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ <con:parameter>
+ <con:name>username</con:name>
+ <con:value>${#Project#usernameDokumenteApi}</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ <con:parameter>
+ <con:name>password</con:name>
+ <con:value>${#Project#passwordDokumenteApi}</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ <con:parameter>
+ <con:name>grant_type</con:name>
+ <con:value>password</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ </con:parameters>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="httprequest" name="retrieveToken XPlanManagerAPI" id="3650d21d-2d52-4071-848b-28a81bd1799f">
+ <con:settings/>
+ <con:config method="POST" xsi:type="con:HttpRequest" id="951ebbc5-a5ba-418e-a699-aade30608a45" name="retrieveToken XPlanManagerAPI" postQueryString="true" mediaType="application/x-www-form-urlencoded" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:settings>
+ <con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Content-Type" value="application/x-www-form-urlencoded" xmlns="http://eviware.com/soapui/config"/></con:setting>
+ </con:settings>
+ <con:endpoint>${#Project#jwtUrl}</con:endpoint>
+ <con:request/>
+ <con:assertion type="Valid HTTP Status Codes" id="db5ca4f1-f21a-4b5d-b819-c41465665b8d" name="Valid HTTP Status Codes">
+ <con:configuration>
+ <codes>200</codes>
+ </con:configuration>
+ </con:assertion>
+ <con:credentials>
+ <con:authType>No Authorization</con:authType>
+ </con:credentials>
+ <con:jmsConfig JMSDeliveryMode="PERSISTENT"/>
+ <con:jmsPropertyConfig/>
+ <con:parameters>
+ <con:parameter>
+ <con:name>client_id</con:name>
+ <con:value>${#Project#jwtClientId}</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ <con:parameter>
+ <con:name>username</con:name>
+ <con:value>${#Project#usernameManagerApi}</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ <con:parameter>
+ <con:name>password</con:name>
+ <con:value>${#Project#passwordManagerApi}</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ <con:parameter>
+ <con:name>grant_type</con:name>
+ <con:value>password</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ </con:parameters>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="transfer" name="retrieveToken Property Transfer" id="b63d4d2b-c0cf-46a5-a366-bd08d18813d8">
+ <con:settings/>
+ <con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
+ <con:name>access_token_dokumente_api</con:name>
+ <con:sourceType>Response</con:sourceType>
+ <con:sourceStep>retrieveToken XPlanDokumenteAPI</con:sourceStep>
+ <con:sourcePath>$.access_token</con:sourcePath>
+ <con:targetType>access_token_dokumente_api</con:targetType>
+ <con:targetStep>#TestCase#</con:targetStep>
+ <con:type>JSONPATH</con:type>
+ <con:targetTransferType>JSONPATH</con:targetTransferType>
+ <con:upgraded>true</con:upgraded>
+ </con:transfers>
+ <con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
+ <con:name>access_token_manager_api</con:name>
+ <con:sourceType>Response</con:sourceType>
+ <con:sourceStep>retrieveToken XPlanManagerAPI</con:sourceStep>
+ <con:sourcePath>$.access_token</con:sourcePath>
+ <con:targetType>access_token_manager_api</con:targetType>
+ <con:targetStep>#TestCase#</con:targetStep>
+ <con:type>JSONPATH</con:type>
+ <con:targetTransferType>JSONPATH</con:targetTransferType>
+ <con:upgraded>true</con:upgraded>
+ </con:transfers>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="groovy" name="setAuthorizationHeaders" id="d11aef1a-b18d-4ccb-9e6f-a5ce3bdee532">
+ <con:settings/>
+ <con:config>
+ <script>import com.eviware.soapui.impl.wsdl.teststeps.HttpTestRequestStep
+import com.eviware.soapui.impl.wsdl.teststeps.RestTestRequestStep
+
+def tokenDokumenteApi = testRunner.testCase.getPropertyValue("access_token_dokumente_api")
+def tokenManagerApi = testRunner.testCase.getPropertyValue("access_token_manager_api")
+
+def authHeaderDokumenteApi = "Bearer " + tokenDokumenteApi
+def authHeaderManagerApi = "Bearer " + tokenManagerApi
+
+testRunner.testCase.testSuite.project.testSuiteList.each
+{
+ testSuite ->
+ testSuite.testCaseList.each
+ {
+ testCase ->
+ testCase.testSteps.each
+ {
+ testStep->
+ var testStepValue = testStep.getValue()
+ if (testStepValue instanceof HttpTestRequestStep || testStepValue instanceof RestTestRequestStep){
+ def request = testStepValue.getHttpRequest()
+ def headers = request.getRequestHeaders()
+ headers.put("Authorization", testCase.getName()=="Import Data TestCase" ? authHeaderManagerApi : authHeaderDokumenteApi)
+ request.setRequestHeaders(headers)
+ }
+ }
+ }
+}</script>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="transfer" name="Cleanup" id="708ecb8a-defc-44b1-914e-9e172ab8cd15">
+ <con:settings/>
+ <con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
+ <con:name>access_token_dokumente_api</con:name>
+ <con:sourceType>empty</con:sourceType>
+ <con:sourceStep>#TestCase#</con:sourceStep>
+ <con:targetType>access_token_dokumente_api</con:targetType>
+ <con:targetStep>#TestCase#</con:targetStep>
+ <con:upgraded>true</con:upgraded>
+ </con:transfers>
+ <con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
+ <con:name>access_token_manager_api</con:name>
+ <con:sourceType>empty</con:sourceType>
+ <con:sourceStep>#TestCase#</con:sourceStep>
+ <con:targetType>access_token_manager_api</con:targetType>
+ <con:targetStep>#TestCase#</con:targetStep>
+ <con:upgraded>true</con:upgraded>
+ </con:transfers>
+ </con:config>
+ </con:testStep>
+ <con:properties>
+ <con:property>
+ <con:name>empty</con:name>
+ <con:value/>
+ </con:property>
+ <con:property>
+ <con:name>access_token_dokumente_api</con:name>
+ <con:value/>
+ </con:property>
+ <con:property>
+ <con:name>access_token_manager_api</con:name>
+ <con:value/>
+ </con:property>
+ </con:properties>
+ </con:testCase>
<con:properties/>
</con:testSuite>
<con:testSuite id="93c38a1c-7e2a-4fc9-b84d-7b26405954f7" name="XPlanDokumenteAPI TestSuite">
@@ -604,6 +838,26 @@ if (username && password) {
<ignoreComments>false</ignoreComments>
</con:configuration>
</con:assertion>
+ <con:assertion type="GroovyScriptAssertion" id="4bbfb7bb-e8bf-4f26-b73a-3229d536deb1" name="securitySchemes">
+ <con:configuration>
+ <scriptText>import groovy.json.JsonSlurper
+
+def jwtUrl = context.testCase.testSuite.project.getPropertyValue("jwtUrl");
+
+if (jwtUrl != ""){
+ def response = messageExchange.response.responseContent
+ def json = new JsonSlurper().parseText(response)
+
+ def type = json.components.securitySchemes.Bearer.type
+ def scheme = json.components.securitySchemes.Bearer.scheme
+ def bearerFormat = json.components.securitySchemes.Bearer.bearerFormat
+
+ assert(type == "http")
+ assert(scheme == "bearer")
+ assert(bearerFormat == "JWT")
+}</scriptText>
+ </con:configuration>
+ </con:assertion>
<con:credentials>
<con:username>${#Project#usernameDokumenteApi}</con:username>
<con:password>${#Project#passwordDokumenteApi}</con:password>
@@ -1372,6 +1626,42 @@ assert contentLength[0].toInteger() == 73</scriptText>
</con:property>
</con:properties>
</con:testSuite>
+ <con:testSuite id="8ca16c28-7035-4faf-aad3-5c6ff5f5affc" name="Cleanup">
+ <con:settings/>
+ <con:runType>SEQUENTIAL</con:runType>
+ <con:testCase id="9b4485ff-23ff-49d2-adba-7e33de46c261" failOnError="true" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="JWT Authentication" searchProperties="true">
+ <con:settings/>
+ <con:testStep type="groovy" name="removeAuthorizationHeaders" id="9001c782-7eca-48d8-abfb-cd24da4f0d34">
+ <con:settings/>
+ <con:config>
+ <script>import com.eviware.soapui.impl.wsdl.teststeps.HttpTestRequestStep
+import com.eviware.soapui.impl.wsdl.teststeps.RestTestRequestStep
+
+testRunner.testCase.testSuite.project.testSuiteList.each
+{
+ testSuite ->
+ testSuite.testCaseList.each
+ {
+ testCase ->
+ testCase.testSteps.each
+ {
+ testStep->
+ var testStepValue = testStep.getValue()
+ if (testStepValue instanceof HttpTestRequestStep || testStepValue instanceof RestTestRequestStep){
+ def request = testStepValue.getHttpRequest()
+ def headers = request.getRequestHeaders()
+ headers.remove("Authorization")
+ request.setRequestHeaders(headers)
+ }
+ }
+ }
+}</script>
+ </con:config>
+ </con:testStep>
+ <con:properties/>
+ </con:testCase>
+ <con:properties/>
+ </con:testSuite>
<con:endpointStrategy xsi:type="con:DefaultEndpointStrategy" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:endpoint mode="COMPLEMENT" password="${#Project#passwordDokumenteApi}" username="${#Project#usernameDokumenteApi}">${#Project#baseUrlDokumenteApi}/xdokumente/api/v1</con:endpoint>
</con:endpointStrategy>
@@ -1392,6 +1682,14 @@ assert contentLength[0].toInteger() == 73</scriptText>
<con:name>password</con:name>
<con:value/>
</con:property>
+ <con:property>
+ <con:name>jwtUrl</con:name>
+ <con:value/>
+ </con:property>
+ <con:property>
+ <con:name>jwtClientId</con:name>
+ <con:value>xplanbox-api</con:value>
+ </con:property>
<con:property>
<con:name>usernameDokumenteApi</con:name>
<con:value/>
diff --git a/xplan-tests/xplan-tests-soapui/src/main/resources/xplan-manager-api-soapui-project.xml b/xplan-tests/xplan-tests-soapui/src/main/resources/xplan-manager-api-soapui-project.xml
index 94a502271daca1e22bd95e1b6c9e28d33a981d7b..e571129cc1d2b100802ff51054e40c75f70f1766 100644
--- a/xplan-tests/xplan-tests-soapui/src/main/resources/xplan-manager-api-soapui-project.xml
+++ b/xplan-tests/xplan-tests-soapui/src/main/resources/xplan-manager-api-soapui-project.xml
@@ -21,6 +21,8 @@
<con:description>For local execution use following property values:
baseUrlManagerApi=http://localhost:8086
+jwtUrl=http://localhost:8096/keycloak/realms/xplanbox/protocol/openid-connect/token
+jwtClientId=xplan-manager-api
jdbcUrl=jdbc:postgresql://localhost:5433/xplanbox?user=xplanbox&password=xplanbox</con:description>
<con:settings/>
<con:interface xsi:type="con:RestService" id="4c3b4b1f-f0cd-4a9f-bbc4-433948e85871" wadlVersion="http://wadl.dev.java.net/2009/02" name="XPlanManagerAPI" type="rest" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
@@ -69,6 +71,12 @@ OpenAPI document</con:description>
<con:params/>
<con:element>data</con:element>
</con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
<con:request name="Request 1" id="e8223f9a-1c6b-40dd-b28d-ce2681af9b55" mediaType="application/json">
<con:settings/>
<con:endpoint>${#Project#baseUrlManagerApi}/xplan-manager-api/xmanager/api/v1</con:endpoint>
@@ -116,6 +124,12 @@ Show system and application configuration</con:description>
<con:params/>
<con:element>html</con:element>
</con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
<con:request name="Request 1" id="e9ab8dcf-b755-40af-baf7-aa17a2ca4cdc" mediaType="application/json">
<con:settings/>
<con:endpoint>${#Project#baseUrlManagerApi}/xplan-manager-api/xmanager/api/v1</con:endpoint>
@@ -367,6 +381,36 @@ Import the plan</con:description>
<con:params/>
<con:element>data</con:element>
</con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
<con:request name="Request 1" id="0ab9bfa6-1c76-41df-b253-dabff57568f7" mediaType="application/json" postQueryString="false">
<con:settings/>
<con:endpoint>${#Project#baseUrlManagerApi}/xplan-manager-api/xmanager/api/v1</con:endpoint>
@@ -899,6 +943,24 @@ Delete plan identified by the given plan ID</con:description>
<con:params/>
<con:element>html</con:element>
</con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
<con:request name="Request 1" id="87e0eac4-0a2c-4372-b086-982734318482" mediaType="application/json">
<con:settings/>
<con:endpoint>${#Project#baseUrlManagerApi}/xplan-manager-api/xmanager/api/v1</con:endpoint>
@@ -1269,6 +1331,30 @@ Delete plan identified by the given plan ID</con:description>
<con:params/>
<con:element>html</con:element>
</con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
<con:request name="Request 1" id="9c7337a1-1eb2-4f30-b174-dd4f06295f84" mediaType="application/json">
<con:settings/>
<con:endpoint>${#Project#baseUrlManagerApi}/xplan-manager-api/xmanager/api/v1</con:endpoint>
@@ -1946,6 +2032,136 @@ Search for plan by name</con:description>
</con:method>
</con:resource>
</con:interface>
+ <con:testSuite id="546177ed-bd4c-4071-b255-022d28f71ac6" name="Authorization Setup">
+ <con:settings/>
+ <con:runType>SEQUENTIAL</con:runType>
+ <con:testCase id="47321d7a-33c9-446d-8f6c-19cec1daa588" failOnError="false" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="JWT Authentication" searchProperties="true" timeout="0" wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo="" amfAuthorisation="false" amfEndpoint="" amfLogin="" amfPassword="">
+ <con:description>Es wird, falls nötig, eine JWT-Authentication durchgeführt</con:description>
+ <con:settings/>
+ <con:testStep type="groovy" name="checkIfJwtAuthEnabled" id="aa82b200-4b92-4e64-b76c-3f8bd4bbdb28">
+ <con:settings/>
+ <con:config>
+ <script>def jwtUrl = context.testCase.testSuite.project.getPropertyValue("jwtUrl");
+
+if (jwtUrl == ""){
+ testRunner.gotoStepByName("Cleanup");
+}</script>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="httprequest" name="retrieveToken" id="6e875353-710e-47ef-a1d6-65626fe24d9a">
+ <con:settings/>
+ <con:config method="POST" xsi:type="con:HttpRequest" id="951ebbc5-a5ba-418e-a699-aade30608a45" name="retrieveToken" postQueryString="true" mediaType="application/x-www-form-urlencoded" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:settings>
+ <con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Content-Type" value="application/x-www-form-urlencoded" xmlns="http://eviware.com/soapui/config"/></con:setting>
+ </con:settings>
+ <con:endpoint>${#Project#jwtUrl}</con:endpoint>
+ <con:request/>
+ <con:assertion type="Valid HTTP Status Codes" id="db5ca4f1-f21a-4b5d-b819-c41465665b8d" name="Valid HTTP Status Codes">
+ <con:configuration>
+ <codes>200</codes>
+ </con:configuration>
+ </con:assertion>
+ <con:credentials>
+ <con:authType>No Authorization</con:authType>
+ </con:credentials>
+ <con:jmsConfig JMSDeliveryMode="PERSISTENT"/>
+ <con:jmsPropertyConfig/>
+ <con:parameters>
+ <con:parameter>
+ <con:name>client_id</con:name>
+ <con:value>${#Project#jwtClientId}</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ <con:parameter>
+ <con:name>username</con:name>
+ <con:value>${#Project#username}</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ <con:parameter>
+ <con:name>password</con:name>
+ <con:value>${#Project#password}</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ <con:parameter>
+ <con:name>grant_type</con:name>
+ <con:value>password</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ </con:parameters>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="transfer" name="retrieveToken Property Transfer" id="857cfd0e-e558-4741-a1c2-18108d5a19f4">
+ <con:settings/>
+ <con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
+ <con:name>access_token</con:name>
+ <con:sourceType>Response</con:sourceType>
+ <con:sourceStep>retrieveToken</con:sourceStep>
+ <con:sourcePath>$.access_token</con:sourcePath>
+ <con:targetType>access_token</con:targetType>
+ <con:targetStep>#TestCase#</con:targetStep>
+ <con:type>JSONPATH</con:type>
+ <con:targetTransferType>JSONPATH</con:targetTransferType>
+ <con:upgraded>true</con:upgraded>
+ </con:transfers>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="groovy" name="setAuthorizationHeaders" id="710e3120-9b7c-4cc3-8d80-89d20a094d2f">
+ <con:settings/>
+ <con:config>
+ <script>import com.eviware.soapui.impl.wsdl.teststeps.HttpTestRequestStep
+import com.eviware.soapui.impl.wsdl.teststeps.RestTestRequestStep
+
+def token = testRunner.testCase.getPropertyValue("access_token")
+def authHeader = "Bearer " + token
+
+testRunner.testCase.testSuite.project.testSuiteList.each
+{
+ testSuite ->
+ testSuite.testCaseList.each
+ {
+ testCase ->
+ testCase.testSteps.each
+ {
+ testStep->
+ var testStepValue = testStep.getValue()
+ if (testStepValue instanceof HttpTestRequestStep || testStepValue instanceof RestTestRequestStep){
+ def request = testStepValue.getHttpRequest()
+ def headers = request.getRequestHeaders()
+ headers.put("Authorization", authHeader)
+ request.setRequestHeaders(headers)
+ }
+ }
+ }
+}</script>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="transfer" name="Cleanup" id="848d2b48-84d1-4b00-9996-7c5d8ecc162b">
+ <con:settings/>
+ <con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
+ <con:name>access_token</con:name>
+ <con:sourceType>empty</con:sourceType>
+ <con:sourceStep>#TestCase#</con:sourceStep>
+ <con:targetType>access_token</con:targetType>
+ <con:targetStep>#TestCase#</con:targetStep>
+ <con:upgraded>true</con:upgraded>
+ </con:transfers>
+ </con:config>
+ </con:testStep>
+ <con:properties>
+ <con:property>
+ <con:name>empty</con:name>
+ <con:value/>
+ </con:property>
+ <con:property>
+ <con:name>access_token</con:name>
+ <con:value/>
+ </con:property>
+ </con:properties>
+ </con:testCase>
+ <con:properties/>
+ </con:testSuite>
<con:testSuite id="ae0d5def-8690-4dc0-ad4a-ca5fa4c2df24" name="XPlanManagerAPI v1 TestSuite">
<con:description>TestSuite generated for REST Service [XPlanManagerAPI]</con:description>
<con:settings/>
@@ -2014,6 +2230,26 @@ Search for plan by name</con:description>
<regEx>1.*</regEx>
</con:configuration>
</con:assertion>
+ <con:assertion type="GroovyScriptAssertion" id="4d6aa1fb-c2f9-4165-9a42-5eba45e44ca3" name="securitySchemes">
+ <con:configuration>
+ <scriptText>import groovy.json.JsonSlurper
+
+def jwtUrl = context.testCase.testSuite.project.getPropertyValue("jwtUrl");
+
+if (jwtUrl != ""){
+ def response = messageExchange.response.responseContent
+ def json = new JsonSlurper().parseText(response)
+
+ def type = json.components.securitySchemes.Bearer.type
+ def scheme = json.components.securitySchemes.Bearer.scheme
+ def bearerFormat = json.components.securitySchemes.Bearer.bearerFormat
+
+ assert(type == "http")
+ assert(scheme == "bearer")
+ assert(bearerFormat == "JWT")
+}</scriptText>
+ </con:configuration>
+ </con:assertion>
<con:credentials>
<con:username>${#Project#username}</con:username>
<con:password>${#Project#password}</con:password>
@@ -2114,10 +2350,10 @@ assert json.version != null</scriptText>
<con:testCase id="590e4313-3d64-4a15-ba7b-622018c5b711" failOnError="false" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="/plan TestCase" searchProperties="true" timeout="0" wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo="" amfAuthorisation="false" amfEndpoint="" amfLogin="" amfPassword="">
<con:description>TestCase generated for REST Resource [/plan] located at [/plan]</con:description>
<con:settings/>
- <con:testStep type="restrequest" name="POST BP 4.0 sF,sG,sS importPlanInvalidLaufrichtungExpectError400" id="7e56ccf1-03dd-457c-8db3-39a2793a5837">
+ <con:testStep type="restrequest" name="POST BP 4.0 sF,sG,sS importPlanInvalidLaufrichtungExpectError422" id="7e56ccf1-03dd-457c-8db3-39a2793a5837">
<con:settings/>
<con:config service="XPlanManagerAPI" resourcePath="/plan" methodName="import" xsi:type="con:RestRequestStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <con:restRequest name="POST BP 4.0 sF,sG,sS importPlanInvalidLaufrichtungExpectError400" id="bf7971d6-e318-4bdc-b279-2bb920237af7" mediaType="application/octet-stream" postQueryString="false">
+ <con:restRequest name="POST BP 4.0 sF,sG,sS importPlanInvalidLaufrichtungExpectError422" id="bf7971d6-e318-4bdc-b279-2bb920237af7" mediaType="application/octet-stream" postQueryString="false">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Accept" value="application/json" xmlns="http://eviware.com/soapui/config"/></con:setting>
</con:settings>
@@ -2126,7 +2362,7 @@ assert json.version != null</scriptText>
<con:originalUri>http://localhost/xplan-manager-api/xmanager/api/v1/plan</con:originalUri>
<con:assertion type="Valid HTTP Status Codes" id="175f3cab-acc4-43f8-857f-68775292193b" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>400</codes>
+ <codes>422</codes>
</con:configuration>
</con:assertion>
<con:assertion type="JsonPath Match" id="dae44771-07af-42ae-b07d-9693bf7a9afd" name="geometrisch.valid">
@@ -2749,10 +2985,10 @@ assert actualHeader != null</scriptText>
</con:restRequest>
</con:config>
</con:testStep>
- <con:testStep type="restrequest" name="POST BP 4.1 XX importInvalidPlanExpectError400" id="e889d8ec-d819-4e8b-8220-2f4963722d8e">
+ <con:testStep type="restrequest" name="POST BP 4.1 XX importInvalidPlanExpectError422" id="e889d8ec-d819-4e8b-8220-2f4963722d8e">
<con:settings/>
<con:config service="XPlanManagerAPI" resourcePath="/plan" methodName="import" xsi:type="con:RestRequestStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <con:restRequest name="POST BP 4.1 XX importInvalidPlanExpectError400" id="bf7971d6-e318-4bdc-b279-2bb920237af7" mediaType="application/octet-stream" postQueryString="false">
+ <con:restRequest name="POST BP 4.1 XX importInvalidPlanExpectError422" id="bf7971d6-e318-4bdc-b279-2bb920237af7" mediaType="application/octet-stream" postQueryString="false">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Accept" value="application/json" xmlns="http://eviware.com/soapui/config"/></con:setting>
</con:settings>
@@ -2761,7 +2997,7 @@ assert actualHeader != null</scriptText>
<con:originalUri>http://localhost/xplan-manager-api/xmanager/api/v1/plan</con:originalUri>
<con:assertion type="Valid HTTP Status Codes" id="175f3cab-acc4-43f8-857f-68775292193b" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>400</codes>
+ <codes>422</codes>
</con:configuration>
</con:assertion>
<con:assertion type="JsonPath Match" id="a226cfa0-8b8e-4a88-bc0e-981e2d11821a" name="is invalid">
@@ -2979,10 +3215,10 @@ assert actualHeader != null</scriptText>
</con:restRequest>
</con:config>
</con:testStep>
- <con:testStep type="restrequest" name="POST BP 5.0 XX importInvalidPlanWithEntityExpectError422" id="73ba9f3f-eb85-413a-9bef-f617d876ce4d">
+ <con:testStep type="restrequest" name="POST BP 5.0 XX importInvalidPlanWithEntityExpectError400" id="73ba9f3f-eb85-413a-9bef-f617d876ce4d">
<con:settings/>
<con:config service="XPlanManagerAPI" resourcePath="/plan" methodName="import" xsi:type="con:RestRequestStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <con:restRequest name="POST BP 5.0 XX importInvalidPlanWithEntityExpectError422" id="bf7971d6-e318-4bdc-b279-2bb920237af7" mediaType="application/octet-stream" postQueryString="false">
+ <con:restRequest name="POST BP 5.0 XX importInvalidPlanWithEntityExpectError400" id="bf7971d6-e318-4bdc-b279-2bb920237af7" mediaType="application/octet-stream" postQueryString="false">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Accept" value="application/json" xmlns="http://eviware.com/soapui/config"/></con:setting>
</con:settings>
@@ -2991,7 +3227,7 @@ assert actualHeader != null</scriptText>
<con:originalUri>http://localhost/xplan-manager-api/xmanager/api/v1/plan</con:originalUri>
<con:assertion type="Valid HTTP Status Codes" id="175f3cab-acc4-43f8-857f-68775292193b" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:credentials>
@@ -3188,10 +3424,10 @@ assert actualHeader != null</scriptText>
</con:restRequest>
</con:config>
</con:testStep>
- <con:testStep type="restrequest" name="POST BP 5.1 sF,sS importPlanInvalidText/XMLExpectError422" id="ccff0c36-e6c2-4cb0-af59-dbd7de7c063f">
+ <con:testStep type="restrequest" name="POST BP 5.1 sF,sS importPlanInvalidText/XMLExpectError400" id="ccff0c36-e6c2-4cb0-af59-dbd7de7c063f">
<con:settings/>
<con:config service="XPlanManagerAPI" resourcePath="/plan" methodName="import" xsi:type="con:RestRequestStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <con:restRequest name="POST BP 5.1 sF,sS importPlanInvalidText/XMLExpectError422" id="bf7971d6-e318-4bdc-b279-2bb920237af7" mediaType="application/octet-stream" postQueryString="false">
+ <con:restRequest name="POST BP 5.1 sF,sS importPlanInvalidText/XMLExpectError400" id="bf7971d6-e318-4bdc-b279-2bb920237af7" mediaType="application/octet-stream" postQueryString="false">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Accept" value="application/json" xmlns="http://eviware.com/soapui/config"/></con:setting>
</con:settings>
@@ -3200,7 +3436,7 @@ assert actualHeader != null</scriptText>
<con:originalUri>http://localhost/xplan-manager-api/xmanager/api/v1/plan</con:originalUri>
<con:assertion type="Valid HTTP Status Codes" id="175f3cab-acc4-43f8-857f-68775292193b" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:credentials>
@@ -3630,10 +3866,10 @@ assert actualHeader != null</scriptText>
</con:restRequest>
</con:config>
</con:testStep>
- <con:testStep type="restrequest" name="POST BP 5.2 sF,sL,sS importPlanInvalidLaufrichtungExpectError400" id="97cec68b-daba-47f3-9603-d5c9d6dca21b">
+ <con:testStep type="restrequest" name="POST BP 5.2 sF,sL,sS importPlanInvalidLaufrichtungExpectError422" id="97cec68b-daba-47f3-9603-d5c9d6dca21b">
<con:settings/>
<con:config service="XPlanManagerAPI" resourcePath="/plan" methodName="import" xsi:type="con:RestRequestStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <con:restRequest name="POST BP 5.2 sF,sL,sS importPlanInvalidLaufrichtungExpectError400" id="bf7971d6-e318-4bdc-b279-2bb920237af7" mediaType="application/octet-stream" postQueryString="false">
+ <con:restRequest name="POST BP 5.2 sF,sL,sS importPlanInvalidLaufrichtungExpectError422" id="bf7971d6-e318-4bdc-b279-2bb920237af7" mediaType="application/octet-stream" postQueryString="false">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Accept" value="application/vnd.xplanbox.api+json" xmlns="http://eviware.com/soapui/config"/></con:setting>
</con:settings>
@@ -3642,7 +3878,7 @@ assert actualHeader != null</scriptText>
<con:originalUri>http://localhost/xplan-manager-api/xmanager/api/v1/plan</con:originalUri>
<con:assertion type="Valid HTTP Status Codes" id="175f3cab-acc4-43f8-857f-68775292193b" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>400</codes>
+ <codes>422</codes>
</con:configuration>
</con:assertion>
<con:assertion type="JsonPath Match" id="1769e33e-7fa7-465b-ad5d-cb361c180ef4" name="geometrisch.valid">
@@ -5972,10 +6208,10 @@ assert actualHeader != null</scriptText>
</con:restRequest>
</con:config>
</con:testStep>
- <con:testStep type="restrequest" name="POST BP 6.0.2 XX importPlanNoBereichExpectError400" id="70f7ce01-5dff-4f14-9854-4e2a5a4a959e">
+ <con:testStep type="restrequest" name="POST BP 6.0.2 XX importPlanNoBereichExpectError422" id="70f7ce01-5dff-4f14-9854-4e2a5a4a959e">
<con:settings/>
<con:config service="XPlanManagerAPI" resourcePath="/plan" methodName="import" xsi:type="con:RestRequestStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <con:restRequest name="POST BP 6.0.2 XX importPlanNoBereichExpectError400" id="bf7971d6-e318-4bdc-b279-2bb920237af7" mediaType="application/octet-stream" postQueryString="false">
+ <con:restRequest name="POST BP 6.0.2 XX importPlanNoBereichExpectError422" id="bf7971d6-e318-4bdc-b279-2bb920237af7" mediaType="application/octet-stream" postQueryString="false">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Accept" value="application/json" xmlns="http://eviware.com/soapui/config"/></con:setting>
</con:settings>
@@ -5984,7 +6220,7 @@ assert actualHeader != null</scriptText>
<con:originalUri>http://localhost/xplan-manager-api/xmanager/api/v1/plan</con:originalUri>
<con:assertion type="Valid HTTP Status Codes" id="175f3cab-acc4-43f8-857f-68775292193b" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>400</codes>
+ <codes>422</codes>
</con:configuration>
</con:assertion>
<con:assertion type="JsonPath Match" id="f31c01fb-90a3-4d83-b885-5a8e4de34d21" name="valid">
@@ -6117,16 +6353,21 @@ assert actualHeader != null</scriptText>
</con:restRequest>
</con:config>
</con:testStep>
- <con:testStep type="restrequest" name="POST BP 6.0 XX importPlanWithSyntacticErrorExpectError400" id="4987179e-23d8-42fc-a3b2-17aa7fedec43">
+ <con:testStep type="restrequest" name="POST BP 6.0 XX importPlanWithSyntacticErrorExpectError422" id="4987179e-23d8-42fc-a3b2-17aa7fedec43">
<con:settings/>
<con:config service="XPlanManagerAPI" resourcePath="/plan" methodName="import" xsi:type="con:RestRequestStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <con:restRequest name="POST BP 6.0 XX importPlanWithSyntacticErrorExpectError400" id="bf7971d6-e318-4bdc-b279-2bb920237af7" mediaType="application/gml+xml" postQueryString="false">
+ <con:restRequest name="POST BP 6.0 XX importPlanWithSyntacticErrorExpectError422" id="bf7971d6-e318-4bdc-b279-2bb920237af7" mediaType="application/gml+xml" postQueryString="false">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Accept" value="application/json" xmlns="http://eviware.com/soapui/config"/></con:setting>
</con:settings>
<con:endpoint>${#Project#baseUrlManagerApi}/xplan-manager-api/xmanager/api/v1</con:endpoint>
<con:request/>
<con:originalUri>http://localhost/xplan-manager-api/xmanager/api/v1/plan</con:originalUri>
+ <con:assertion type="Valid HTTP Status Codes" id="175f3cab-acc4-43f8-857f-68775292193b" name="Valid HTTP Status Codes">
+ <con:configuration>
+ <codes>422</codes>
+ </con:configuration>
+ </con:assertion>
<con:assertion type="JsonPath Match" id="aaecb4c3-ed57-42e9-ab0f-5c8c7f73a674" name="status">
<con:configuration>
<path>$.status</path>
@@ -6136,11 +6377,6 @@ assert actualHeader != null</scriptText>
<ignoreComments>false</ignoreComments>
</con:configuration>
</con:assertion>
- <con:assertion type="Valid HTTP Status Codes" id="175f3cab-acc4-43f8-857f-68775292193b" name="Valid HTTP Status Codes">
- <con:configuration>
- <codes>400</codes>
- </con:configuration>
- </con:assertion>
<con:assertion type="JsonPath Match" id="aaecb4c3-ed57-42e9-ab0f-5c8c7f73a674" name="valid">
<con:configuration>
<path>$.valid</path>
@@ -8138,10 +8374,10 @@ assert actualHeader != null</scriptText>
</con:restRequest>
</con:config>
</con:testStep>
- <con:testStep type="restrequest" name="PUT BP 5.0 pI modifyStatusXSSExpectError" id="e69f4d01-9afb-4cb0-b50d-838a0e6dc931">
+ <con:testStep type="restrequest" name="PUT BP 5.0 pI modifyStatusXSSExpectError400" id="e69f4d01-9afb-4cb0-b50d-838a0e6dc931">
<con:settings/>
<con:config service="XPlanManagerAPI" resourcePath="/plan/{planId}/aenderungen" methodName="replaceAenderung" xsi:type="con:RestRequestStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <con:restRequest name="PUT BP 5.0 pI modifyStatusXSSExpectError" id="753e70a8-62cd-41c0-a640-3158cc4a249e" mediaType="application/json" postQueryString="false">
+ <con:restRequest name="PUT BP 5.0 pI modifyStatusXSSExpectError400" id="753e70a8-62cd-41c0-a640-3158cc4a249e" mediaType="application/json" postQueryString="false">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><xml-fragment/></con:setting>
</con:settings>
@@ -8157,7 +8393,7 @@ assert actualHeader != null</scriptText>
<con:originalUri>http://localhost/xplan-manager-api/xmanager/api/v1/plan//aenderung/</con:originalUri>
<con:assertion type="Valid HTTP Status Codes" id="b55ab5ea-0394-4b3e-ad44-c7fa0370944b" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:assertion type="Simple Contains" id="d5841f16-98fa-401a-bb0b-65a124e6437c" name="Contains">
@@ -9079,10 +9315,10 @@ assert expectedHeader == actualHeader</scriptText>
</con:restRequest>
</con:config>
</con:testStep>
- <con:testStep type="restrequest" name="PUT BP 4.1 pI modifyStatusXSSExpectError" id="efcca8cf-a034-406b-a110-178916cc1f1c">
+ <con:testStep type="restrequest" name="PUT BP 4.1 pI modifyStatusXSSExpectError400" id="efcca8cf-a034-406b-a110-178916cc1f1c">
<con:settings/>
<con:config service="XPlanManagerAPI" resourcePath="/plan/{planId}/basisdaten" methodName="replaceBasisdaten" xsi:type="con:RestRequestStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <con:restRequest name="PUT BP 4.1 pI modifyStatusXSSExpectError" id="27ec97ed-93c9-4f9c-afee-5e2eda140ded" mediaType="application/json" postQueryString="false">
+ <con:restRequest name="PUT BP 4.1 pI modifyStatusXSSExpectError400" id="27ec97ed-93c9-4f9c-afee-5e2eda140ded" mediaType="application/json" postQueryString="false">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><xml-fragment/></con:setting>
</con:settings>
@@ -9101,7 +9337,7 @@ assert expectedHeader == actualHeader</scriptText>
<con:originalUri>http://localhost/xplan-manager-api/xmanager/api/v1/plan//basisdaten/</con:originalUri>
<con:assertion type="Valid HTTP Status Codes" id="5d774568-0387-45e2-88f7-ef9ba2625f5e" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:assertion type="Simple Contains" id="c8a22d62-0e66-4f9a-916f-02e8b923f436" name="Contains">
@@ -10982,10 +11218,10 @@ if (documentUrl != "null"){
</con:restRequest>
</con:config>
</con:testStep>
- <con:testStep type="restrequest" name="PUT BP 5.0 pI,id modifyStatusXSSExpectError" id="a8caec28-d0ba-45fc-80fa-65c099f58db0">
+ <con:testStep type="restrequest" name="PUT BP 5.0 pI,id modifyStatusXSSExpectError400" id="a8caec28-d0ba-45fc-80fa-65c099f58db0">
<con:settings/>
<con:config service="XPlanManagerAPI" resourcePath="/plan/{planId}/dokument/{id}" methodName="replaceDokumentById" xsi:type="con:RestRequestStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <con:restRequest name="PUT BP 5.0 pI,id modifyStatusXSSExpectError" id="98bfb182-e199-47f6-8ee0-9bb98b24a279" mediaType="multipart/form-data" postQueryString="false">
+ <con:restRequest name="PUT BP 5.0 pI,id modifyStatusXSSExpectError400" id="98bfb182-e199-47f6-8ee0-9bb98b24a279" mediaType="multipart/form-data" postQueryString="false">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><xml-fragment/></con:setting>
</con:settings>
@@ -10994,7 +11230,7 @@ if (documentUrl != "null"){
<con:originalUri>http://localhost/xplan-manager-api/xmanager/api/v1/plan//dokument/</con:originalUri>
<con:assertion type="Valid HTTP Status Codes" id="678b8f03-45a7-4613-b6ce-95447244503e" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:assertion type="Simple Contains" id="a1bef47d-c4a0-4cdc-ad8d-8a474b4fec23" name="Contains">
@@ -12405,7 +12641,7 @@ if (jdbcUrl == ""){
</con:property>
</con:properties>
</con:testCase>
- <con:testCase id="3bfb0623-257f-4f28-b076-99c7baabf23d" failOnError="true" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="/plan/{planId}/gueltigkeit/ TestCase" searchProperties="true">
+ <con:testCase id="3bfb0623-257f-4f28-b076-99c7baabf23d" failOnError="false" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="/plan/{planId}/gueltigkeit/ TestCase" searchProperties="true" timeout="0" wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo="" amfAuthorisation="false" amfEndpoint="" amfLogin="" amfPassword="">
<con:description>TestCase generated for REST Resource [/plan/{planId}/gueltigkeit/] located at [/plan/{planId}/gueltigkeit/]</con:description>
<con:settings/>
<con:testStep type="restrequest" name="GET BP 4.1 pI currentStatus" id="6e3c8487-1d2c-4cce-9d48-5900efd7530a">
@@ -13684,10 +13920,10 @@ if (documentUrl != "null"){
</con:restRequest>
</con:config>
</con:testStep>
- <con:testStep type="restrequest" name="POST LP 6.0 pI modifyStatusXSSExpectError" id="969c5aef-2107-4861-a056-46aea8b39ed9">
+ <con:testStep type="restrequest" name="POST LP 6.0 pI modifyStatusXSSExpectError400" id="969c5aef-2107-4861-a056-46aea8b39ed9">
<con:settings/>
<con:config service="XPlanManagerAPI" resourcePath="/plan/{planId}/rasterbasis" methodName="addRasterBasis" xsi:type="con:RestRequestStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <con:restRequest name="POST LP 6.0 pI modifyStatusXSSExpectError" id="e18e8142-72bd-457f-aaf4-6656c0313839" mediaType="multipart/form-data" postQueryString="false">
+ <con:restRequest name="POST LP 6.0 pI modifyStatusXSSExpectError400" id="e18e8142-72bd-457f-aaf4-6656c0313839" mediaType="multipart/form-data" postQueryString="false">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><xml-fragment/></con:setting>
</con:settings>
@@ -13696,7 +13932,7 @@ if (documentUrl != "null"){
<con:originalUri>http://localhost/xplan-manager-api/xmanager/api/v1/plan//rasterbasis</con:originalUri>
<con:assertion type="Valid HTTP Status Codes" id="c3c53e02-be1b-4e5f-9aa7-8adc8570c200" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:assertion type="Simple Contains" id="88bfdf9a-153c-4d56-98b2-abdb724014f5" name="Contains">
@@ -18082,10 +18318,10 @@ if (documentUrl != "null"){
</con:restRequest>
</con:config>
</con:testStep>
- <con:testStep type="restrequest" name="PUT BP 5.3 pI,id modifyStatusXSSExpectError422" id="13056ef9-71d0-4d4c-b3e1-e1199c0b16a9">
+ <con:testStep type="restrequest" name="PUT BP 5.3 pI,id modifyStatusXSSExpectError400" id="13056ef9-71d0-4d4c-b3e1-e1199c0b16a9">
<con:settings/>
<con:config service="XPlanManagerAPI" resourcePath="/plan/{planId}/text/{id}" methodName="replaceTextById" xsi:type="con:RestRequestStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <con:restRequest name="PUT BP 5.3 pI,id modifyStatusXSSExpectError422" id="b5d04874-8aeb-42d1-96d6-2c2ab73c5339" mediaType="multipart/form-data" postQueryString="false">
+ <con:restRequest name="PUT BP 5.3 pI,id modifyStatusXSSExpectError400" id="b5d04874-8aeb-42d1-96d6-2c2ab73c5339" mediaType="multipart/form-data" postQueryString="false">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><xml-fragment/></con:setting>
</con:settings>
@@ -18094,7 +18330,7 @@ if (documentUrl != "null"){
<con:originalUri>http://localhost/xplan-manager-api/xmanager/api/v1/plan//text/</con:originalUri>
<con:assertion type="Valid HTTP Status Codes" id="1c8de8a0-7d65-45b5-898b-71f8f9468e09" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:assertion type="Simple Contains" id="62851b08-fbce-4577-b390-8fe57d3e006f" name="Contains">
@@ -20758,6 +20994,7 @@ assert expectedHeader == actualHeader</scriptText>
<con:properties/>
</con:testCase>
<con:testCase id="ed9f2bfa-a4c8-4d72-8998-801a64239d82" failOnError="true" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="Cleanup Properties" searchProperties="true">
+ <con:description>Gesetzte Werte werden wieder geleert</con:description>
<con:settings/>
<con:testStep type="transfer" name="Property Transfer" id="769e5afc-6e57-49fa-a774-d1a7ccc60e54">
<con:settings/>
@@ -21519,9 +21756,9 @@ assert expectedHeader == actualHeader</scriptText>
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="httprequest" name="POST BP 6.0 xF,sS,sF,sG,sL,iI,pS importPlanFailingValidationExpectError400" id="5aa4570f-424d-41d2-b774-f3639251f4c8">
+ <con:testStep type="httprequest" name="POST BP 6.0 xF,sS,sF,sG,sL,iI,pS importPlanFailingValidationExpectError422" id="5aa4570f-424d-41d2-b774-f3639251f4c8">
<con:settings/>
- <con:config method="POST" xsi:type="con:HttpRequest" id="fb82fa77-b86e-45f2-8c0f-866cb490b0d1" name="POST BP 6.0 xF,sS,sF,sG,sL,iI,pS importPlanFailingValidationExpectError400" postQueryString="false" mediaType="application/octet-stream" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:config method="POST" xsi:type="con:HttpRequest" id="fb82fa77-b86e-45f2-8c0f-866cb490b0d1" name="POST BP 6.0 xF,sS,sF,sG,sL,iI,pS importPlanFailingValidationExpectError422" postQueryString="false" mediaType="application/octet-stream" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><xml-fragment xmlns:con="http://eviware.com/soapui/config">
<con:entry key="Accept" value="application/json"/>
@@ -21532,7 +21769,7 @@ assert expectedHeader == actualHeader</scriptText>
<con:request/>
<con:assertion type="Valid HTTP Status Codes" id="de44e7cd-c4f2-4f55-90d8-367bea84ef1e" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>400</codes>
+ <codes>422</codes>
</con:configuration>
</con:assertion>
<con:assertion type="JsonPath Match" id="730f17f4-56c5-4641-965d-511ec286741e" name="externalReferencesResult.name">
@@ -21844,7 +22081,7 @@ assert expectedHeader == actualHeader</scriptText>
</con:parameters>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="d947a05c-850e-49bf-bbaa-3f92778d452a">
+ <con:testStep type="transfer" name="Cleanup Properties" id="d947a05c-850e-49bf-bbaa-3f92778d452a">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -21871,9 +22108,9 @@ assert expectedHeader == actualHeader</scriptText>
<con:testCase id="3542673b-c766-45ae-8b08-2f68692b73a3" failOnError="false" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="Validation invalid TestCase" searchProperties="true" timeout="0" wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo="" amfAuthorisation="false" amfEndpoint="" amfLogin="" amfPassword="">
<con:description>TestCase für die Validierung von geometrisch, semantisch und syntaktisch invaliden Planwerken.</con:description>
<con:settings/>
- <con:testStep type="httprequest" name="POST BP 5.2 XX importPlanGeometricInvalid" id="be89dcd6-acd9-4627-89e9-0d197745750f">
+ <con:testStep type="httprequest" name="POST BP 5.2 XX importPlanGeometricInvalid422" id="be89dcd6-acd9-4627-89e9-0d197745750f">
<con:settings/>
- <con:config method="POST" xsi:type="con:HttpRequest" id="aa5ee7a4-a529-48ac-ad3a-eb3064f75a0f" name="POST BP 5.2 XX importPlanGeometricInvalid" postQueryString="false" mediaType="application/gml+xml" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:config method="POST" xsi:type="con:HttpRequest" id="aa5ee7a4-a529-48ac-ad3a-eb3064f75a0f" name="POST BP 5.2 XX importPlanGeometricInvalid422" postQueryString="false" mediaType="application/gml+xml" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><xml-fragment xmlns:con="http://eviware.com/soapui/config">
<con:entry key="Accept" value="application/json"/>
@@ -21884,7 +22121,7 @@ assert expectedHeader == actualHeader</scriptText>
<con:request/>
<con:assertion type="Valid HTTP Status Codes" id="047b0265-8e8e-45c2-b4d6-1c67ce5c4a7c" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>400</codes>
+ <codes>422</codes>
</con:configuration>
</con:assertion>
<con:assertion type="JsonPath Match" id="1a0f9a7d-f404-49ca-ad12-a0ebc4904a54" name="documentSummary.name">
@@ -21965,9 +22202,9 @@ assert expectedHeader == actualHeader</scriptText>
</con:parameters>
</con:config>
</con:testStep>
- <con:testStep type="httprequest" name="POST BP 6.0 XX importPlanSemanticInvalid" id="db5e9569-9d57-46da-b56e-25a842e9537f">
+ <con:testStep type="httprequest" name="POST BP 6.0 XX importPlanSemanticInvalidExpectError422" id="db5e9569-9d57-46da-b56e-25a842e9537f">
<con:settings/>
- <con:config method="POST" xsi:type="con:HttpRequest" id="aa5ee7a4-a529-48ac-ad3a-eb3064f75a0f" name="POST BP 6.0 XX importPlanSemanticInvalid" postQueryString="false" mediaType="application/gml+xml" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:config method="POST" xsi:type="con:HttpRequest" id="aa5ee7a4-a529-48ac-ad3a-eb3064f75a0f" name="POST BP 6.0 XX importPlanSemanticInvalidExpectError422" postQueryString="false" mediaType="application/gml+xml" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><xml-fragment xmlns:con="http://eviware.com/soapui/config">
<con:entry key="Accept" value="application/json"/>
@@ -21978,7 +22215,7 @@ assert expectedHeader == actualHeader</scriptText>
<con:request/>
<con:assertion type="Valid HTTP Status Codes" id="047b0265-8e8e-45c2-b4d6-1c67ce5c4a7c" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>400</codes>
+ <codes>422</codes>
</con:configuration>
</con:assertion>
<con:assertion type="JsonPath Match" id="1a0f9a7d-f404-49ca-ad12-a0ebc4904a54" name="documentSummary.name">
@@ -22059,9 +22296,9 @@ assert expectedHeader == actualHeader</scriptText>
</con:parameters>
</con:config>
</con:testStep>
- <con:testStep type="httprequest" name="POST BP 6.0 XX importPlanSyntacticInvalid" id="22cf0272-dd9a-4920-9480-bc8e46d34a95">
+ <con:testStep type="httprequest" name="POST BP 6.0 XX importPlanSyntacticInvalidExpectError422" id="22cf0272-dd9a-4920-9480-bc8e46d34a95">
<con:settings/>
- <con:config method="POST" xsi:type="con:HttpRequest" id="aa5ee7a4-a529-48ac-ad3a-eb3064f75a0f" name="POST BP 6.0 XX importPlanSyntacticInvalid" postQueryString="false" mediaType="application/gml+xml" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:config method="POST" xsi:type="con:HttpRequest" id="aa5ee7a4-a529-48ac-ad3a-eb3064f75a0f" name="POST BP 6.0 XX importPlanSyntacticInvalidExpectError422" postQueryString="false" mediaType="application/gml+xml" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><xml-fragment xmlns:con="http://eviware.com/soapui/config">
<con:entry key="Accept" value="application/json"/>
@@ -22072,7 +22309,7 @@ assert expectedHeader == actualHeader</scriptText>
<con:request/>
<con:assertion type="Valid HTTP Status Codes" id="047b0265-8e8e-45c2-b4d6-1c67ce5c4a7c" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>400</codes>
+ <codes>422</codes>
</con:configuration>
</con:assertion>
<con:assertion type="JsonPath Match" id="1a0f9a7d-f404-49ca-ad12-a0ebc4904a54" name="documentSummary">
@@ -22378,6 +22615,7 @@ assert expectedHeader == actualHeader</scriptText>
<con:properties/>
</con:testCase>
<con:testCase id="aedaa003-bb2b-42b6-958c-57575e10ec85" failOnError="true" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="Cleanup Properties" searchProperties="true">
+ <con:description>Gesetzte Werte werden wieder geleert</con:description>
<con:settings/>
<con:testStep type="transfer" name="Property Transfer" id="e40cda18-0926-49de-8cac-07dd1d3f6f89">
<con:settings/>
@@ -22542,6 +22780,26 @@ assert json.paths.'/report/{uuid}/geomfindings.json'.get.responses.'406'</script
<ignoreComments>false</ignoreComments>
</con:configuration>
</con:assertion>
+ <con:assertion type="GroovyScriptAssertion" id="4b10252b-c0ec-478b-8e74-b6f23c599c6b" name="securitySchemes">
+ <con:configuration>
+ <scriptText>import groovy.json.JsonSlurper
+
+def jwtUrl = context.testCase.testSuite.project.getPropertyValue("jwtUrl");
+
+if (jwtUrl != ""){
+ def response = messageExchange.response.responseContent
+ def json = new JsonSlurper().parseText(response)
+
+ def type = json.components.securitySchemes.Bearer.type
+ def scheme = json.components.securitySchemes.Bearer.scheme
+ def bearerFormat = json.components.securitySchemes.Bearer.bearerFormat
+
+ assert(type == "http")
+ assert(scheme == "bearer")
+ assert(bearerFormat == "JWT")
+}</scriptText>
+ </con:configuration>
+ </con:assertion>
<con:credentials>
<con:username>${#Project#username}</con:username>
<con:password>${#Project#password}</con:password>
@@ -24629,9 +24887,9 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="httprequest" name="PUT BP 6.0.2 pI xssExpectError422" id="839598ba-cc6a-4f56-a75d-bded567ea850">
+ <con:testStep type="httprequest" name="PUT BP 6.0.2 pI xssExpectError400" id="839598ba-cc6a-4f56-a75d-bded567ea850">
<con:settings/>
- <con:config method="PUT" xsi:type="con:HttpRequest" id="814b3598-7ff7-4708-bf40-b084c3dfdbd8" name="PUT BP 6.0.2 pI xssExpectError422" postQueryString="false" mediaType="application/json" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:config method="PUT" xsi:type="con:HttpRequest" id="814b3598-7ff7-4708-bf40-b084c3dfdbd8" name="PUT BP 6.0.2 pI xssExpectError400" postQueryString="false" mediaType="application/json" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Accept" value="application/json" xmlns="http://eviware.com/soapui/config"/></con:setting>
</con:settings>
@@ -24648,7 +24906,7 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
}</con:request>
<con:assertion type="Valid HTTP Status Codes" id="5bcfd2ec-377d-48c4-ab82-1bb088367de5" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:credentials>
@@ -24968,9 +25226,9 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="httprequest" name="PUT BP 6.0.2 pI xssExpectError422" id="115d3e56-7f99-4f4e-b707-bf0037290c53">
+ <con:testStep type="httprequest" name="PUT BP 6.0.2 pI xssExpectError400" id="115d3e56-7f99-4f4e-b707-bf0037290c53">
<con:settings/>
- <con:config method="PUT" xsi:type="con:HttpRequest" id="814b3598-7ff7-4708-bf40-b084c3dfdbd8" name="PUT BP 6.0.2 pI xssExpectError422" postQueryString="false" mediaType="application/json" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:config method="PUT" xsi:type="con:HttpRequest" id="814b3598-7ff7-4708-bf40-b084c3dfdbd8" name="PUT BP 6.0.2 pI xssExpectError400" postQueryString="false" mediaType="application/json" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Accept" value="application/json" xmlns="http://eviware.com/soapui/config"/></con:setting>
</con:settings>
@@ -24985,7 +25243,7 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
}</con:request>
<con:assertion type="Valid HTTP Status Codes" id="5bcfd2ec-377d-48c4-ab82-1bb088367de5" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:credentials>
@@ -25354,9 +25612,9 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="httprequest" name="POST BP 6.0.2 pI invalidContentInJsonExpectError422" id="7677393b-bea9-497c-a230-1d473ba2cada">
+ <con:testStep type="httprequest" name="POST BP 6.0.2 pI invalidContentInJsonExpectError400" id="7677393b-bea9-497c-a230-1d473ba2cada">
<con:settings/>
- <con:config method="POST" xsi:type="con:HttpRequest" id="814b3598-7ff7-4708-bf40-b084c3dfdbd8" name="POST BP 6.0.2 pI invalidContentInJsonExpectError422" postQueryString="false" mediaType="multipart/form-data" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:config method="POST" xsi:type="con:HttpRequest" id="814b3598-7ff7-4708-bf40-b084c3dfdbd8" name="POST BP 6.0.2 pI invalidContentInJsonExpectError400" postQueryString="false" mediaType="multipart/form-data" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Accept" value="application/json" xmlns="http://eviware.com/soapui/config"/></con:setting>
</con:settings>
@@ -25364,7 +25622,7 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
<con:request/>
<con:assertion type="Valid HTTP Status Codes" id="5bcfd2ec-377d-48c4-ab82-1bb088367de5" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:credentials>
@@ -25767,9 +26025,9 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="httprequest" name="PUT BP 6.0.2 pI,id invalidContentInJsonExpectError422" id="685c723f-5c5d-40db-9b03-23c756c53d1c">
+ <con:testStep type="httprequest" name="PUT BP 6.0.2 pI,id invalidContentInJsonExpectError400" id="685c723f-5c5d-40db-9b03-23c756c53d1c">
<con:settings/>
- <con:config method="PUT" xsi:type="con:HttpRequest" id="814b3598-7ff7-4708-bf40-b084c3dfdbd8" name="PUT BP 6.0.2 pI,id invalidContentInJsonExpectError422" postQueryString="false" mediaType="multipart/form-data" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:config method="PUT" xsi:type="con:HttpRequest" id="814b3598-7ff7-4708-bf40-b084c3dfdbd8" name="PUT BP 6.0.2 pI,id invalidContentInJsonExpectError400" postQueryString="false" mediaType="multipart/form-data" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Accept" value="application/json" xmlns="http://eviware.com/soapui/config"/></con:setting>
</con:settings>
@@ -25777,7 +26035,7 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
<con:request/>
<con:assertion type="Valid HTTP Status Codes" id="5bcfd2ec-377d-48c4-ab82-1bb088367de5" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:credentials>
@@ -26151,9 +26409,9 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="httprequest" name="POST BP 6.0.2 pI invalidContentInJsonExpectError422" id="a24a03bc-19ef-4eb1-afb0-3428ba2966ac">
+ <con:testStep type="httprequest" name="POST BP 6.0.2 pI invalidContentInJsonExpectError400" id="a24a03bc-19ef-4eb1-afb0-3428ba2966ac">
<con:settings/>
- <con:config method="POST" xsi:type="con:HttpRequest" id="814b3598-7ff7-4708-bf40-b084c3dfdbd8" name="POST BP 6.0.2 pI invalidContentInJsonExpectError422" postQueryString="false" mediaType="multipart/form-data" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:config method="POST" xsi:type="con:HttpRequest" id="814b3598-7ff7-4708-bf40-b084c3dfdbd8" name="POST BP 6.0.2 pI invalidContentInJsonExpectError400" postQueryString="false" mediaType="multipart/form-data" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Accept" value="application/json" xmlns="http://eviware.com/soapui/config"/></con:setting>
</con:settings>
@@ -26161,7 +26419,7 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
<con:request/>
<con:assertion type="Valid HTTP Status Codes" id="5bcfd2ec-377d-48c4-ab82-1bb088367de5" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:credentials>
@@ -26487,9 +26745,9 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="httprequest" name="PUT BP 6.0.2 pI,id invalidContentInJsonExpectError422" id="51da4eba-94f0-4da7-9024-ca14cd6be805">
+ <con:testStep type="httprequest" name="PUT BP 6.0.2 pI,id invalidContentInJsonExpectError400" id="51da4eba-94f0-4da7-9024-ca14cd6be805">
<con:settings/>
- <con:config method="PUT" xsi:type="con:HttpRequest" id="814b3598-7ff7-4708-bf40-b084c3dfdbd8" name="PUT BP 6.0.2 pI,id invalidContentInJsonExpectError422" postQueryString="false" mediaType="multipart/form-data" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:config method="PUT" xsi:type="con:HttpRequest" id="814b3598-7ff7-4708-bf40-b084c3dfdbd8" name="PUT BP 6.0.2 pI,id invalidContentInJsonExpectError400" postQueryString="false" mediaType="multipart/form-data" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Accept" value="application/json" xmlns="http://eviware.com/soapui/config"/></con:setting>
</con:settings>
@@ -26497,7 +26755,7 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
<con:request/>
<con:assertion type="Valid HTTP Status Codes" id="5bcfd2ec-377d-48c4-ab82-1bb088367de5" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:credentials>
@@ -27129,9 +27387,9 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="httprequest" name="POST BP 6.0.2 pI invalidContentInJsonExpectError422" id="5113bb78-6181-43b0-950b-c09cfcc11fae">
+ <con:testStep type="httprequest" name="POST BP 6.0.2 pI invalidContentInJsonExpectError400" id="5113bb78-6181-43b0-950b-c09cfcc11fae">
<con:settings/>
- <con:config method="POST" xsi:type="con:HttpRequest" id="814b3598-7ff7-4708-bf40-b084c3dfdbd8" name="POST BP 6.0.2 pI invalidContentInJsonExpectError422" postQueryString="false" mediaType="multipart/form-data" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:config method="POST" xsi:type="con:HttpRequest" id="814b3598-7ff7-4708-bf40-b084c3dfdbd8" name="POST BP 6.0.2 pI invalidContentInJsonExpectError400" postQueryString="false" mediaType="multipart/form-data" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Accept" value="application/json" xmlns="http://eviware.com/soapui/config"/></con:setting>
</con:settings>
@@ -27139,7 +27397,7 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
<con:request/>
<con:assertion type="Valid HTTP Status Codes" id="5bcfd2ec-377d-48c4-ab82-1bb088367de5" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:credentials>
@@ -27517,9 +27775,9 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="httprequest" name="PUT BP 6.0.2 pI,id invalidContentInJsonExpectError422" id="27a97564-7a59-4ca0-b78f-804e28b25f81">
+ <con:testStep type="httprequest" name="PUT BP 6.0.2 pI,id invalidContentInJsonExpectError400" id="27a97564-7a59-4ca0-b78f-804e28b25f81">
<con:settings/>
- <con:config method="PUT" xsi:type="con:HttpRequest" id="814b3598-7ff7-4708-bf40-b084c3dfdbd8" name="PUT BP 6.0.2 pI,id invalidContentInJsonExpectError422" postQueryString="false" mediaType="multipart/form-data" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:config method="PUT" xsi:type="con:HttpRequest" id="814b3598-7ff7-4708-bf40-b084c3dfdbd8" name="PUT BP 6.0.2 pI,id invalidContentInJsonExpectError400" postQueryString="false" mediaType="multipart/form-data" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Accept" value="application/json" xmlns="http://eviware.com/soapui/config"/></con:setting>
</con:settings>
@@ -27527,7 +27785,7 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
<con:request/>
<con:assertion type="Valid HTTP Status Codes" id="5bcfd2ec-377d-48c4-ab82-1bb088367de5" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:credentials>
@@ -28088,8 +28346,8 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FAILED" ){
</con:testStep>
<con:properties/>
</con:testCase>
- <con:testCase id="45abf6c5-f8d2-4a1e-8c19-d132aaf8cd8c" failOnError="false" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="CleanUp Properties" searchProperties="true" timeout="0" wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo="" amfAuthorisation="false" amfEndpoint="" amfLogin="" amfPassword="">
- <con:description>Gesetzte Properties werden wieder geleert</con:description>
+ <con:testCase id="45abf6c5-f8d2-4a1e-8c19-d132aaf8cd8c" failOnError="false" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="Cleanup Properties" searchProperties="true" timeout="0" wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo="" amfAuthorisation="false" amfEndpoint="" amfLogin="" amfPassword="">
+ <con:description>Gesetzte Werte werden wieder geleert</con:description>
<con:settings/>
<con:testStep type="transfer" name="Property Transfer" id="13275765-db9d-43ff-acce-e447fb399a29">
<con:settings/>
@@ -28652,7 +28910,7 @@ if( ++context.loopIndex < 40 && json.status != "IMPORT_FINISHED" ){
</con:parameters>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="f6db3459-6183-408a-a68a-d070a034a34f">
+ <con:testStep type="transfer" name="Cleanup Properties" id="f6db3459-6183-408a-a68a-d070a034a34f">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -29003,7 +29261,7 @@ if( ++context.loopIndex < 40 && json.status != "IMPORT_ABORTED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="4806fe96-bf30-4465-8087-0fa0c36949df">
+ <con:testStep type="transfer" name="Cleanup Properties" id="4806fe96-bf30-4465-8087-0fa0c36949df">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -29360,7 +29618,7 @@ if( ++context.loopIndex < 40 && json.status != "IMPORT_ABORTED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="b4a783ea-b823-4f80-a052-a2cacf6652f9">
+ <con:testStep type="transfer" name="Cleanup Properties" id="b4a783ea-b823-4f80-a052-a2cacf6652f9">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" disabled="false" entitize="false" ignoreEmpty="false" transferChildNodes="false" transferToAll="false" useXQuery="false">
@@ -29864,7 +30122,7 @@ if( ++context.loopIndex < 40 && json.status != "IMPORT_FINISHED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="305457bb-5704-4cb3-bf8f-968f825d2642">
+ <con:testStep type="transfer" name="Cleanup Properties" id="305457bb-5704-4cb3-bf8f-968f825d2642">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -30415,7 +30673,7 @@ if( ++context.loopIndex < 40 && json.status != "IMPORT_ABORTED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="78e7db8d-3bf3-4b27-b4e3-2237c17b771f">
+ <con:testStep type="transfer" name="Cleanup Properties" id="78e7db8d-3bf3-4b27-b4e3-2237c17b771f">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -30772,7 +31030,7 @@ if( ++context.loopIndex < 40 && json.status != "IMPORT_ABORTED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="2ebae5b1-b7f5-4f2a-a6ff-e2cfa22e951d">
+ <con:testStep type="transfer" name="Cleanup Properties" id="2ebae5b1-b7f5-4f2a-a6ff-e2cfa22e951d">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -31111,7 +31369,7 @@ if( ++context.loopIndex < 40 && json.status != "IMPORT_ABORTED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="4ccda974-a38f-4ab8-ad8b-bf78988ce275">
+ <con:testStep type="transfer" name="Cleanup Properties" id="4ccda974-a38f-4ab8-ad8b-bf78988ce275">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -31557,7 +31815,7 @@ if( ++context.loopIndex < 40 && json.status != "IMPORT_FINISHED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="3353301c-affe-45bd-951f-35532594db9c">
+ <con:testStep type="transfer" name="Cleanup Properties" id="3353301c-affe-45bd-951f-35532594db9c">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -31894,7 +32152,7 @@ if( ++context.loopIndex < 40 && json.status != "IMPORT_ABORTED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="93e1aaf2-9f53-4167-9a72-5563521f0d8f">
+ <con:testStep type="transfer" name="Cleanup Properties" id="93e1aaf2-9f53-4167-9a72-5563521f0d8f">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -32252,7 +32510,7 @@ if( ++context.loopIndex < 40 && json.status != "IMPORT_ABORTED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="a1012adb-4dca-4cd9-be77-952516aab180">
+ <con:testStep type="transfer" name="Cleanup Properties" id="a1012adb-4dca-4cd9-be77-952516aab180">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -32610,7 +32868,7 @@ if( ++context.loopIndex < 40 && json.status != "IMPORT_ABORTED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="7917701b-c567-4d83-a1ac-638121c801b2">
+ <con:testStep type="transfer" name="Cleanup Properties" id="7917701b-c567-4d83-a1ac-638121c801b2">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -33116,7 +33374,7 @@ if( ++context.loopIndex < 40 && json.status != "IMPORT_FINISHED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="993e72c2-9451-4694-8277-33163f7df39b">
+ <con:testStep type="transfer" name="Cleanup Properties" id="993e72c2-9451-4694-8277-33163f7df39b">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -33166,6 +33424,42 @@ if( ++context.loopIndex < 40 && json.status != "IMPORT_FINISHED" ){
</con:testCase>
<con:properties/>
</con:testSuite>
+ <con:testSuite id="edf19815-b8a9-4442-add6-cc60cd71da38" name="Cleanup">
+ <con:settings/>
+ <con:runType>SEQUENTIAL</con:runType>
+ <con:testCase id="067f9897-28de-4024-bba8-35768c5917b4" failOnError="true" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="JWT Authentication" searchProperties="true">
+ <con:settings/>
+ <con:testStep type="groovy" name="removeAuthorizationHeaders" id="73bc1373-c90f-43c4-8be3-b9cb607a519c">
+ <con:settings/>
+ <con:config>
+ <script>import com.eviware.soapui.impl.wsdl.teststeps.HttpTestRequestStep
+import com.eviware.soapui.impl.wsdl.teststeps.RestTestRequestStep
+
+testRunner.testCase.testSuite.project.testSuiteList.each
+{
+ testSuite ->
+ testSuite.testCaseList.each
+ {
+ testCase ->
+ testCase.testSteps.each
+ {
+ testStep->
+ var testStepValue = testStep.getValue()
+ if (testStepValue instanceof HttpTestRequestStep || testStepValue instanceof RestTestRequestStep){
+ def request = testStepValue.getHttpRequest()
+ def headers = request.getRequestHeaders()
+ headers.remove("Authorization")
+ request.setRequestHeaders(headers)
+ }
+ }
+ }
+}</script>
+ </con:config>
+ </con:testStep>
+ <con:properties/>
+ </con:testCase>
+ <con:properties/>
+ </con:testSuite>
<con:endpointStrategy xsi:type="con:DefaultEndpointStrategy" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:endpoint mode="COMPLEMENT" username="${#Project#username}" password="${#Project#password}">${#Project#baseUrlManagerApi}/xplan-manager-api/xmanager/api/v1</con:endpoint>
</con:endpointStrategy>
@@ -33182,6 +33476,14 @@ if( ++context.loopIndex < 40 && json.status != "IMPORT_FINISHED" ){
<con:name>password</con:name>
<con:value/>
</con:property>
+ <con:property>
+ <con:name>jwtUrl</con:name>
+ <con:value/>
+ </con:property>
+ <con:property>
+ <con:name>jwtClientId</con:name>
+ <con:value>xplanbox-api</con:value>
+ </con:property>
<con:property>
<con:name>jdbcUrl</con:name>
<con:value/>
diff --git a/xplan-tests/xplan-tests-soapui/src/main/resources/xplan-validator-api-soapui-project.xml b/xplan-tests/xplan-tests-soapui/src/main/resources/xplan-validator-api-soapui-project.xml
index 6f8ade5e9739dc337933a1eac3e82a7f54093aaf..a34e17c43aa838351c9caa4d4ab5f88864334fed 100644
--- a/xplan-tests/xplan-tests-soapui/src/main/resources/xplan-validator-api-soapui-project.xml
+++ b/xplan-tests/xplan-tests-soapui/src/main/resources/xplan-validator-api-soapui-project.xml
@@ -18,6 +18,10 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
#L%-->
<con:soapui-project id="45582ef9-4bae-43d8-9226-a378e02ff0b5" activeEnvironment="Default" name="xplan-validator-api" resourceRoot="" soapui-version="5.7.2" abortOnError="false" runType="SEQUENTIAL" xmlns:con="http://eviware.com/soapui/config">
+ <con:description>Set this if Keycloak authentication shall be used locally:
+
+jwtUrl=http://localhost:8096/keycloak/realms/xplanbox/protocol/openid-connect/token
+jwtClientId=xplan-validator-api</con:description>
<con:settings/>
<con:interface xsi:type="con:RestService" id="85ec4fc3-149e-4a77-a566-194de2899fd3" wadlVersion="http://wadl.dev.java.net/2009/02" name="XPlanValidatorAPI" type="rest" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:description>XPlanValidator REST API</con:description>
@@ -65,6 +69,12 @@ OpenAPI document</con:description>
<con:params/>
<con:element xmlns:v1="http://localhost/xplan-validator-api/xvalidator/api/v1/">v1:Fault</con:element>
</con:representation>
+ <con:representation type="FAULT">
+ <con:mediaType xsi:nil="true"/>
+ <con:status>401</con:status>
+ <con:params/>
+ <con:element>data</con:element>
+ </con:representation>
<con:request name="Request 1" id="17005e5b-eacc-4780-bec7-796702b4e0f4" mediaType="application/json">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><xml-fragment/></con:setting>
@@ -719,6 +729,136 @@ Validate XPlanGML or XPlanArchive</con:description>
</con:method>
</con:resource>
</con:interface>
+ <con:testSuite id="033755f6-7afe-44b0-a8bf-34b03ab23009" name="Authorization Setup">
+ <con:settings/>
+ <con:runType>SEQUENTIAL</con:runType>
+ <con:testCase id="b2fe7afe-d8ff-4f9a-bb53-62d94ac7561d" failOnError="false" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="JWT Authentication" searchProperties="true" timeout="0" wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo="" amfAuthorisation="false" amfEndpoint="" amfLogin="" amfPassword="">
+ <con:description>Es wird, falls nötig, eine JWT-Authentication durchgeführt</con:description>
+ <con:settings/>
+ <con:testStep type="groovy" name="checkIfJwtAuthEnabled" id="8611b811-9109-4635-805f-ac6991dcef90">
+ <con:settings/>
+ <con:config>
+ <script>def jwtUrl = context.testCase.testSuite.project.getPropertyValue("jwtUrl");
+
+if (jwtUrl == ""){
+ testRunner.gotoStepByName("Cleanup");
+}</script>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="httprequest" name="retrieveToken" id="91040f5f-1264-4e2c-80c6-790c5d03d27a">
+ <con:settings/>
+ <con:config method="POST" xsi:type="con:HttpRequest" id="951ebbc5-a5ba-418e-a699-aade30608a45" name="retrieveToken" postQueryString="true" mediaType="application/x-www-form-urlencoded" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:settings>
+ <con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Content-Type" value="application/x-www-form-urlencoded" xmlns="http://eviware.com/soapui/config"/></con:setting>
+ </con:settings>
+ <con:endpoint>${#Project#jwtUrl}</con:endpoint>
+ <con:request/>
+ <con:assertion type="Valid HTTP Status Codes" id="db5ca4f1-f21a-4b5d-b819-c41465665b8d" name="Valid HTTP Status Codes">
+ <con:configuration>
+ <codes>200</codes>
+ </con:configuration>
+ </con:assertion>
+ <con:credentials>
+ <con:authType>No Authorization</con:authType>
+ </con:credentials>
+ <con:jmsConfig JMSDeliveryMode="PERSISTENT"/>
+ <con:jmsPropertyConfig/>
+ <con:parameters>
+ <con:parameter>
+ <con:name>client_id</con:name>
+ <con:value>${#Project#jwtClientId}</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ <con:parameter>
+ <con:name>username</con:name>
+ <con:value>${#Project#username}</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ <con:parameter>
+ <con:name>password</con:name>
+ <con:value>${#Project#password}</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ <con:parameter>
+ <con:name>grant_type</con:name>
+ <con:value>password</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ </con:parameters>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="transfer" name="retrieveToken Property Transfer" id="27cceb5c-0c14-4e87-be89-9389e9e98d78">
+ <con:settings/>
+ <con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
+ <con:name>access_token</con:name>
+ <con:sourceType>Response</con:sourceType>
+ <con:sourceStep>retrieveToken</con:sourceStep>
+ <con:sourcePath>$.access_token</con:sourcePath>
+ <con:targetType>access_token</con:targetType>
+ <con:targetStep>#TestCase#</con:targetStep>
+ <con:type>JSONPATH</con:type>
+ <con:targetTransferType>JSONPATH</con:targetTransferType>
+ <con:upgraded>true</con:upgraded>
+ </con:transfers>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="groovy" name="setAuthorizationHeaders" id="30836aa2-f267-484a-a5e5-47fc1faadb8e">
+ <con:settings/>
+ <con:config>
+ <script>import com.eviware.soapui.impl.wsdl.teststeps.HttpTestRequestStep
+import com.eviware.soapui.impl.wsdl.teststeps.RestTestRequestStep
+
+def token = testRunner.testCase.getPropertyValue("access_token")
+def authHeader = "Bearer " + token
+
+testRunner.testCase.testSuite.project.testSuiteList.each
+{
+ testSuite ->
+ testSuite.testCaseList.each
+ {
+ testCase ->
+ testCase.testSteps.each
+ {
+ testStep->
+ var testStepValue = testStep.getValue()
+ if (testStepValue instanceof HttpTestRequestStep || testStepValue instanceof RestTestRequestStep){
+ def request = testStepValue.getHttpRequest()
+ def headers = request.getRequestHeaders()
+ headers.put("Authorization", authHeader)
+ request.setRequestHeaders(headers)
+ }
+ }
+ }
+}</script>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="transfer" name="Cleanup" id="ae2a236c-d2e0-4e3f-94aa-78e139fb724d">
+ <con:settings/>
+ <con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
+ <con:name>access_token</con:name>
+ <con:sourceType>empty</con:sourceType>
+ <con:sourceStep>#TestCase#</con:sourceStep>
+ <con:targetType>access_token</con:targetType>
+ <con:targetStep>#TestCase#</con:targetStep>
+ <con:upgraded>true</con:upgraded>
+ </con:transfers>
+ </con:config>
+ </con:testStep>
+ <con:properties>
+ <con:property>
+ <con:name>empty</con:name>
+ <con:value/>
+ </con:property>
+ <con:property>
+ <con:name>access_token</con:name>
+ <con:value/>
+ </con:property>
+ </con:properties>
+ </con:testCase>
+ <con:properties/>
+ </con:testSuite>
<con:testSuite id="9472cb1c-cefe-473d-ae66-d51e65516d44" name="XPlanValidatorAPI v1 TestSuite">
<con:description>TestSuite generated for REST Service [XPlanValidatorAPI]</con:description>
<con:settings/>
@@ -868,6 +1008,26 @@ Validate XPlanGML or XPlanArchive</con:description>
<regEx>1.*</regEx>
</con:configuration>
</con:assertion>
+ <con:assertion type="GroovyScriptAssertion" id="85537a76-2fda-486b-be65-6fcc0d663b0b" name="securitySchemes">
+ <con:configuration>
+ <scriptText>import groovy.json.JsonSlurper
+
+def jwtUrl = context.testCase.testSuite.project.getPropertyValue("jwtUrl");
+
+if (jwtUrl != ""){
+ def response = messageExchange.response.responseContent
+ def json = new JsonSlurper().parseText(response)
+
+ def type = json.components.securitySchemes.Bearer.type
+ def scheme = json.components.securitySchemes.Bearer.scheme
+ def bearerFormat = json.components.securitySchemes.Bearer.bearerFormat
+
+ assert(type == "http")
+ assert(scheme == "bearer")
+ assert(bearerFormat == "JWT")
+}</scriptText>
+ </con:configuration>
+ </con:assertion>
<con:credentials>
<con:username>${#Project#username}</con:username>
<con:password>${#Project#password}</con:password>
@@ -957,10 +1117,10 @@ assert json.version != null</scriptText>
<con:testCase id="85d037a4-a7b1-4109-84a5-6102ac7aeea0" failOnError="false" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="/validate TestCase" searchProperties="true" timeout="0" wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo="" amfAuthorisation="false" amfEndpoint="" amfLogin="" amfPassword="">
<con:description>TestCase generated for REST Resource [/validate] located at [/validate]</con:description>
<con:settings/>
- <con:testStep type="restrequest" name="POST BP 5.0 XX validatePlanExternalEntityExpectError" id="8d1802b2-8658-407c-b77c-1796e336f477">
+ <con:testStep type="restrequest" name="POST BP 5.0 XX validatePlanExternalEntityExpectError400" id="8d1802b2-8658-407c-b77c-1796e336f477">
<con:settings/>
<con:config service="XPlanValidatorAPI" resourcePath="/validate" methodName="validate" xsi:type="con:RestRequestStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <con:restRequest name="POST BP 5.0 XX validatePlanExternalEntityExpectError" id="1e838fd1-d5da-4a94-9638-1e66e478df75" mediaType="application/octet-stream" postQueryString="false">
+ <con:restRequest name="POST BP 5.0 XX validatePlanExternalEntityExpectError400" id="1e838fd1-d5da-4a94-9638-1e66e478df75" mediaType="application/octet-stream" postQueryString="false">
<con:settings>
<con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><xml-fragment/></con:setting>
</con:settings>
@@ -969,7 +1129,7 @@ assert json.version != null</scriptText>
<con:originalUri>http://localhost/xplan-validator-api/xvalidator/api/v1/validate</con:originalUri>
<con:assertion type="Valid HTTP Status Codes" id="7d16e282-0f06-406d-9b34-d11a52136ce3" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:credentials>
@@ -1892,7 +2052,7 @@ assert json.version != null</scriptText>
</con:restRequest>
</con:config>
</con:testStep>
- <con:testStep type="restrequest" name="POST BP 5.1 XX validatePlanRequestBodyApplication/ZIPContentTypeText/XMLExpectError" id="8e15b574-4b91-4e98-8f73-4b7f5098b500">
+ <con:testStep type="restrequest" name="POST BP 5.1 XX validatePlanRequestBodyApplication/ZIPContentTypeText/XMLExpectError400" id="8e15b574-4b91-4e98-8f73-4b7f5098b500">
<con:settings/>
<con:config service="XPlanValidatorAPI" resourcePath="/validate" methodName="validate" xsi:type="con:RestRequestStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:restRequest name="POST BP 5.1 XX validatePlanRequestBodyApplication/ZIPContentTypeText/XMLExpectError" id="1e838fd1-d5da-4a94-9638-1e66e478df75" mediaType="text/xml" postQueryString="false">
@@ -1904,7 +2064,7 @@ assert json.version != null</scriptText>
<con:originalUri>http://localhost/xplan-validator-api/xvalidator/api/v1/validate</con:originalUri>
<con:assertion type="Valid HTTP Status Codes" id="7d16e282-0f06-406d-9b34-d11a52136ce3" name="Valid HTTP Status Codes">
<con:configuration>
- <codes>422</codes>
+ <codes>400</codes>
</con:configuration>
</con:assertion>
<con:credentials>
@@ -4288,7 +4448,7 @@ assert json.version != null</scriptText>
<con:parameters/>
</con:config>
</con:testStep>
- <con:properties/>
+ <con:properties></con:properties>
</con:testCase>
<con:testCase id="390b7003-ed8f-4b66-976d-346be67663fb" failOnError="false" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="Validation invalid TestCase" searchProperties="true" timeout="0" wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo="" amfAuthorisation="false" amfEndpoint="" amfLogin="" amfPassword="">
<con:description>TestCase für die Validierung von geometrisch, semantisch und syntaktisch invaliden Planwerken.</con:description>
@@ -4491,7 +4651,7 @@ assert json.version != null</scriptText>
<con:parameters/>
</con:config>
</con:testStep>
- <con:properties/>
+ <con:properties></con:properties>
</con:testCase>
<con:properties/>
</con:testSuite>
@@ -4674,7 +4834,7 @@ assert json.version != null</scriptText>
</con:testStep>
<con:properties/>
</con:testCase>
- <con:testCase id="f37b9039-1b55-4870-9b1d-61f0e352bbc0" failOnError="true" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="Cleanup Properies" searchProperties="true">
+ <con:testCase id="f37b9039-1b55-4870-9b1d-61f0e352bbc0" failOnError="true" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="Cleanup Properties" searchProperties="true">
<con:settings/>
<con:testStep type="transfer" name="Property Transfer" id="b7495b1f-8626-4198-b433-87c453ce2797">
<con:settings/>
@@ -4899,6 +5059,26 @@ assert json.paths.'/report/{uuid}/geomfindings.json'.get.responses.'406'</script
<ignoreComments>false</ignoreComments>
</con:configuration>
</con:assertion>
+ <con:assertion type="GroovyScriptAssertion" id="cef0282f-a4fb-4721-b02b-2007fbad6156" name="securitySchemes">
+ <con:configuration>
+ <scriptText>import groovy.json.JsonSlurper
+
+def jwtUrl = context.testCase.testSuite.project.getPropertyValue("jwtUrl");
+
+if (jwtUrl != ""){
+ def response = messageExchange.response.responseContent
+ def json = new JsonSlurper().parseText(response)
+
+ def type = json.components.securitySchemes.Bearer.type
+ def scheme = json.components.securitySchemes.Bearer.scheme
+ def bearerFormat = json.components.securitySchemes.Bearer.bearerFormat
+
+ assert(type == "http")
+ assert(scheme == "bearer")
+ assert(bearerFormat == "JWT")
+}</scriptText>
+ </con:configuration>
+ </con:assertion>
<con:credentials>
<con:username>${#Project#username}</con:username>
<con:password>${#Project#password}</con:password>
@@ -5624,7 +5804,7 @@ if( ++context.loopIndex < 20 && json.status != "VALIDATION_FAILED" ){
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="b656d8db-6a71-40ff-baac-78f023b0205e">
+ <con:testStep type="transfer" name="Cleanup Properties" id="b656d8db-6a71-40ff-baac-78f023b0205e">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -6159,7 +6339,7 @@ if( ++context.loopIndex < 20 && json.status != "VALIDATION_FAILED" ){
</con:testStep>
<con:properties/>
</con:testCase>
- <con:testCase id="9fd4d5d4-1361-4668-adc4-d026000695b0" failOnError="false" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="CleanUp Properties" searchProperties="true" timeout="0" wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo="" amfAuthorisation="false" amfEndpoint="" amfLogin="" amfPassword="">
+ <con:testCase id="9fd4d5d4-1361-4668-adc4-d026000695b0" failOnError="false" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="Cleanup Properties" searchProperties="true" timeout="0" wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo="" amfAuthorisation="false" amfEndpoint="" amfLogin="" amfPassword="">
<con:description>Gesetzte Properties werden wieder geleert</con:description>
<con:settings/>
<con:testStep type="transfer" name="Property Transfer" id="50852410-a76f-4519-9e59-556d1486eb93">
@@ -6531,7 +6711,7 @@ if( ++context.loopIndex < 20 && json.status != "VALIDATION_FINISHED"
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="a51a8305-62a8-4755-9788-70e042323e18">
+ <con:testStep type="transfer" name="Cleanup Properties" id="a51a8305-62a8-4755-9788-70e042323e18">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -6826,7 +7006,7 @@ if( ++context.loopIndex < 20 && json.status != "VALIDATION_FINISHED"
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="21692de8-ada8-4504-a8eb-66c78d205573">
+ <con:testStep type="transfer" name="Cleanup Properties" id="21692de8-ada8-4504-a8eb-66c78d205573">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -7139,7 +7319,7 @@ if( ++context.loopIndex < 20 && json.status != "VALIDATION_FINISHED"
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="16c372a3-6efa-4f2b-ad15-7a6e7439d61a">
+ <con:testStep type="transfer" name="Cleanup Properties" id="16c372a3-6efa-4f2b-ad15-7a6e7439d61a">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -7545,7 +7725,7 @@ if( ++context.loopIndex < 20 && json.status != "VALIDATION_FINISHED"
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="e480de55-58e7-4664-ab9d-06212315320a">
+ <con:testStep type="transfer" name="Cleanup Properties" id="e480de55-58e7-4664-ab9d-06212315320a">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -8050,7 +8230,7 @@ if( ++context.loopIndex < 20 && json.status != "VALIDATION_FINISHED"
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="05519fd5-c866-4cce-8735-48bf8660526d">
+ <con:testStep type="transfer" name="Cleanup Properties" id="05519fd5-c866-4cce-8735-48bf8660526d">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -8373,7 +8553,7 @@ if( ++context.loopIndex < 20 && json.status != "VALIDATION_FINISHED"
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="d0eddf40-f3bb-4245-96a2-2eb876a5abe8">
+ <con:testStep type="transfer" name="Cleanup Properties" id="d0eddf40-f3bb-4245-96a2-2eb876a5abe8">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -8678,7 +8858,7 @@ if( ++context.loopIndex < 20 && json.status != "VALIDATION_FINISHED"
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="69b95143-385a-48af-83b0-e3cace0cecc7">
+ <con:testStep type="transfer" name="Cleanup Properties" id="69b95143-385a-48af-83b0-e3cace0cecc7">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -9027,7 +9207,7 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FINISHED"
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="573aa52e-dff8-4255-ab3b-4640972e2e74">
+ <con:testStep type="transfer" name="Cleanup Properties" id="573aa52e-dff8-4255-ab3b-4640972e2e74">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -9340,7 +9520,7 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FINISHED"
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="22dba76f-d0ed-4f69-b120-c63b682a6239">
+ <con:testStep type="transfer" name="Cleanup Properties" id="22dba76f-d0ed-4f69-b120-c63b682a6239">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -9698,7 +9878,7 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FINISHED"
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="4118b12d-5d3e-4aa5-9bab-dcb69cebfc3e">
+ <con:testStep type="transfer" name="Cleanup Properties" id="4118b12d-5d3e-4aa5-9bab-dcb69cebfc3e">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -10056,7 +10236,7 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FINISHED"
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="6e84e09d-487f-4010-93fd-7206238483af">
+ <con:testStep type="transfer" name="Cleanup Properties" id="6e84e09d-487f-4010-93fd-7206238483af">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -10473,7 +10653,7 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FINISHED"
<con:parameters/>
</con:config>
</con:testStep>
- <con:testStep type="transfer" name="CleanUp Properties" id="343551e4-2fdd-4050-88d3-900b361421ee">
+ <con:testStep type="transfer" name="Cleanup Properties" id="343551e4-2fdd-4050-88d3-900b361421ee">
<con:settings/>
<con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
@@ -10499,14 +10679,46 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FINISHED"
</con:testCase>
<con:properties/>
</con:testSuite>
+ <con:testSuite id="2f41edcb-daa9-4a70-ae0d-c5d2f5510a27" name="Cleanup">
+ <con:settings/>
+ <con:runType>SEQUENTIAL</con:runType>
+ <con:testCase id="08e6dfa0-3787-47c6-912c-c84073f7c4d2" failOnError="true" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="JWT Authentication" searchProperties="true">
+ <con:settings/>
+ <con:testStep type="groovy" name="removeAuthorizationHeaders" id="bcb668fd-0079-4947-bcec-34fd9cfb0d45">
+ <con:settings/>
+ <con:config>
+ <script>import com.eviware.soapui.impl.wsdl.teststeps.HttpTestRequestStep
+import com.eviware.soapui.impl.wsdl.teststeps.RestTestRequestStep
+
+testRunner.testCase.testSuite.project.testSuiteList.each
+{
+ testSuite ->
+ testSuite.testCaseList.each
+ {
+ testCase ->
+ testCase.testSteps.each
+ {
+ testStep->
+ var testStepValue = testStep.getValue()
+ if (testStepValue instanceof HttpTestRequestStep || testStepValue instanceof RestTestRequestStep){
+ def request = testStepValue.getHttpRequest()
+ def headers = request.getRequestHeaders()
+ headers.remove("Authorization")
+ request.setRequestHeaders(headers)
+ }
+ }
+ }
+}</script>
+ </con:config>
+ </con:testStep>
+ <con:properties/>
+ </con:testCase>
+ <con:properties/>
+ </con:testSuite>
<con:endpointStrategy xsi:type="con:DefaultEndpointStrategy" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<con:endpoint mode="COMPLEMENT" username="${#Project#username}" password="${#Project#password}">${#Project#baseUrlValidatorApi}/xplan-validator-api/xvalidator/api/v1</con:endpoint>
</con:endpointStrategy>
<con:properties>
- <con:property>
- <con:name>null</con:name>
- <con:value/>
- </con:property>
<con:property>
<con:name>baseUrlValidatorApi</con:name>
<con:value>http://localhost:8085</con:value>
@@ -10519,6 +10731,14 @@ if( ++context.loopIndex < 40 && json.status != "VALIDATION_FINISHED"
<con:name>password</con:name>
<con:value/>
</con:property>
+ <con:property>
+ <con:name>jwtUrl</con:name>
+ <con:value/>
+ </con:property>
+ <con:property>
+ <con:name>jwtClientId</con:name>
+ <con:value>xplanbox-api</con:value>
+ </con:property>
</con:properties>
<con:wssContainer/>
<con:oAuth2ProfileContainer/>
diff --git a/xplan-tests/xplan-tests-soapui/src/main/resources/xplan-webservices-soapui-project.xml b/xplan-tests/xplan-tests-soapui/src/main/resources/xplan-webservices-soapui-project.xml
index 93ef4024eb3ad60883ec882a479040f4b057cb45..4e5971585733d0d7266a793eedc1f6f4f47f9eac 100644
--- a/xplan-tests/xplan-tests-soapui/src/main/resources/xplan-webservices-soapui-project.xml
+++ b/xplan-tests/xplan-tests-soapui/src/main/resources/xplan-webservices-soapui-project.xml
@@ -75,6 +75,132 @@ if (username && password) {
</con:testStep>
<con:properties/>
</con:testCase>
+ <con:testCase id="532e6106-5d90-40f7-ba09-49162dea6fc4" failOnError="false" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="JWT Authentication" searchProperties="true" timeout="0" wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo="" amfAuthorisation="false" amfEndpoint="" amfLogin="" amfPassword="">
+ <con:description>Es wird, falls nötig, eine JWT-Authentication durchgeführt</con:description>
+ <con:settings/>
+ <con:testStep type="groovy" name="checkIfJwtAuthEnabled" id="1a15a2bf-f5c8-416c-bb18-46bb592c02e3">
+ <con:settings/>
+ <con:config>
+ <script>def jwtUrl = context.testCase.testSuite.project.getPropertyValue("jwtUrl");
+
+if (jwtUrl == ""){
+ testRunner.gotoStepByName("Cleanup");
+}</script>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="httprequest" name="retrieveToken" id="a15b3769-7a38-498a-8080-45a8be8155fa">
+ <con:settings/>
+ <con:config method="POST" xsi:type="con:HttpRequest" id="951ebbc5-a5ba-418e-a699-aade30608a45" name="retrieveToken" postQueryString="true" mediaType="application/x-www-form-urlencoded" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:settings>
+ <con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers"><entry key="Content-Type" value="application/x-www-form-urlencoded" xmlns="http://eviware.com/soapui/config"/></con:setting>
+ </con:settings>
+ <con:endpoint>${#Project#jwtUrl}</con:endpoint>
+ <con:request/>
+ <con:assertion type="Valid HTTP Status Codes" id="db5ca4f1-f21a-4b5d-b819-c41465665b8d" name="Valid HTTP Status Codes">
+ <con:configuration>
+ <codes>200</codes>
+ </con:configuration>
+ </con:assertion>
+ <con:credentials>
+ <con:authType>No Authorization</con:authType>
+ </con:credentials>
+ <con:jmsConfig JMSDeliveryMode="PERSISTENT"/>
+ <con:jmsPropertyConfig/>
+ <con:parameters>
+ <con:parameter>
+ <con:name>client_id</con:name>
+ <con:value>${#Project#jwtClientId}</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ <con:parameter>
+ <con:name>username</con:name>
+ <con:value>${#Project#usernameManagerApi}</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ <con:parameter>
+ <con:name>password</con:name>
+ <con:value>${#Project#passwordManagerApi}</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ <con:parameter>
+ <con:name>grant_type</con:name>
+ <con:value>password</con:value>
+ <con:style>QUERY</con:style>
+ </con:parameter>
+ </con:parameters>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="transfer" name="retrieveToken Property Transfer" id="297bd058-5039-4bb5-b3b3-7897af3ec5b2">
+ <con:settings/>
+ <con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
+ <con:name>access_token</con:name>
+ <con:sourceType>Response</con:sourceType>
+ <con:sourceStep>retrieveToken</con:sourceStep>
+ <con:sourcePath>$.access_token</con:sourcePath>
+ <con:targetType>access_token</con:targetType>
+ <con:targetStep>#TestCase#</con:targetStep>
+ <con:type>JSONPATH</con:type>
+ <con:targetTransferType>JSONPATH</con:targetTransferType>
+ <con:upgraded>true</con:upgraded>
+ </con:transfers>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="groovy" name="setAuthorizationHeaders" id="644a9214-f5a4-410d-9fd1-822031d4cf15">
+ <con:settings/>
+ <con:config>
+ <script>import com.eviware.soapui.impl.wsdl.teststeps.HttpTestRequestStep
+import com.eviware.soapui.impl.wsdl.teststeps.RestTestRequestStep
+
+def token = testRunner.testCase.getPropertyValue("access_token")
+def authHeader = "Bearer " + token
+
+testRunner.testCase.testSuite.project.testSuiteList.each
+{
+ testSuite ->
+ testSuite.testCaseList.each
+ {
+ testCase ->
+ testCase.testSteps.each
+ {
+ testStep->
+ var testStepValue = testStep.getValue()
+ if ((testStepValue instanceof HttpTestRequestStep || testStepValue instanceof RestTestRequestStep)
+ && testStepValue.getHttpRequest().getEndpoint().contains("baseUrlManagerApi")){
+ def request = testStepValue.getHttpRequest()
+ def headers = request.getRequestHeaders()
+ headers.put("Authorization", authHeader)
+ request.setRequestHeaders(headers)
+ }
+ }
+ }
+}</script>
+ </con:config>
+ </con:testStep>
+ <con:testStep type="transfer" name="Cleanup" id="17dedf6c-1123-4bc1-ab4e-668d287d4042">
+ <con:settings/>
+ <con:config xsi:type="con:PropertyTransfersStep" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:transfers setNullOnMissingSource="true" transferTextContent="true" failOnError="true" ignoreEmpty="false" transferToAll="false" entitize="false" transferChildNodes="false">
+ <con:name>access_token</con:name>
+ <con:sourceType>empty</con:sourceType>
+ <con:sourceStep>#TestCase#</con:sourceStep>
+ <con:targetType>access_token</con:targetType>
+ <con:targetStep>#TestCase#</con:targetStep>
+ <con:upgraded>true</con:upgraded>
+ </con:transfers>
+ </con:config>
+ </con:testStep>
+ <con:properties>
+ <con:property>
+ <con:name>empty</con:name>
+ <con:value/>
+ </con:property>
+ <con:property>
+ <con:name>access_token</con:name>
+ <con:value/>
+ </con:property>
+ </con:properties>
+ </con:testCase>
<con:properties/>
</con:testSuite>
<con:testSuite id="ef6a4631-78a1-4c83-b55b-a5a410e4ae47" name="xplan-wms">
@@ -13503,6 +13629,42 @@ declare namespace xplan='http://www.deegree.org/xplanung/1/0';
</con:property>
</con:properties>
</con:testSuite>
+ <con:testSuite id="11afb389-7bbe-4ed2-acda-9ad00f586134" name="Cleanup">
+ <con:settings/>
+ <con:runType>SEQUENTIAL</con:runType>
+ <con:testCase id="9ce5adc0-64b6-4afd-8729-9cca6e9cc402" failOnError="true" failTestCaseOnErrors="true" keepSession="false" maxResults="0" name="JWT Authentication" searchProperties="true">
+ <con:settings/>
+ <con:testStep type="groovy" name="removeAuthorizationHeaders" id="1b87a36c-3252-46c2-a97e-7ec1e74d9c35">
+ <con:settings/>
+ <con:config>
+ <script>import com.eviware.soapui.impl.wsdl.teststeps.HttpTestRequestStep
+import com.eviware.soapui.impl.wsdl.teststeps.RestTestRequestStep
+
+testRunner.testCase.testSuite.project.testSuiteList.each
+{
+ testSuite ->
+ testSuite.testCaseList.each
+ {
+ testCase ->
+ testCase.testSteps.each
+ {
+ testStep->
+ var testStepValue = testStep.getValue()
+ if (testStepValue instanceof HttpTestRequestStep || testStepValue instanceof RestTestRequestStep){
+ def request = testStepValue.getHttpRequest()
+ def headers = request.getRequestHeaders()
+ headers.remove("Authorization")
+ request.setRequestHeaders(headers)
+ }
+ }
+ }
+}</script>
+ </con:config>
+ </con:testStep>
+ <con:properties/>
+ </con:testCase>
+ <con:properties/>
+ </con:testSuite>
<con:properties>
<con:property>
<con:name>baseUrlServices</con:name>
@@ -13532,6 +13694,14 @@ declare namespace xplan='http://www.deegree.org/xplanung/1/0';
<con:name>password</con:name>
<con:value/>
</con:property>
+ <con:property>
+ <con:name>jwtUrl</con:name>
+ <con:value/>
+ </con:property>
+ <con:property>
+ <con:name>jwtClientId</con:name>
+ <con:value>xplanbox-api</con:value>
+ </con:property>
<con:property>
<con:name>usernameServices</con:name>
<con:value/>
diff --git a/xplan-validator/xplan-validator-api/pom.xml b/xplan-validator/xplan-validator-api/pom.xml
index 52f9956f9d37557465f2ec1359c953a8689cd642..0e4464812e4a6b1f86502c2119c433c9c99cffef 100755
--- a/xplan-validator/xplan-validator-api/pom.xml
+++ b/xplan-validator/xplan-validator-api/pom.xml
@@ -158,9 +158,8 @@
<artifactId>xplan-validator-storage</artifactId>
</dependency>
<dependency>
- <groupId>de.latlon.product.xplanbox</groupId>
+ <groupId>${project.groupId}</groupId>
<artifactId>xplan-core-security</artifactId>
- <version>${project.version}</version>
</dependency>
<!-- XPlanung -->
<dependency>
@@ -322,7 +321,7 @@
<id>docker</id>
<properties>
<docker-image.skip>false</docker-image.skip>
- <docker-contextTarFile.expectedSizeInMat10pct>88</docker-contextTarFile.expectedSizeInMat10pct>
+ <docker-contextTarFile.expectedSizeInMat10pct>91</docker-contextTarFile.expectedSizeInMat10pct>
</properties>
<dependencies>
<dependency> <!-- to copy jmx exporter stuff from docker image -->
diff --git a/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/SpringBootApp.java b/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/SpringBootApp.java
index 71b7266187597f1ee3dccc73a2c25a1493ad2bbe..e6b0912d79b2f97016f21d3a305c64ffb9f4b5c9 100644
--- a/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/SpringBootApp.java
+++ b/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/SpringBootApp.java
@@ -20,6 +20,14 @@
*/
package de.latlon.xplanbox.api.validator;
+import java.util.Optional;
+
+import de.latlon.xplanbox.api.validator.api.v1.ApiV1Config;
+import de.latlon.xplanbox.api.validator.api.v2.ApiV2Config;
+import de.latlon.xplanbox.api.validator.config.ValidatorApiConfiguration;
+import de.latlon.xplanbox.security.openapi.BearerSecurityOpenApiWriter;
+import jakarta.servlet.ServletContext;
+import jakarta.ws.rs.core.Context;
import org.glassfish.jersey.servlet.ServletContainer;
import org.glassfish.jersey.servlet.ServletProperties;
import org.springframework.boot.SpringApplication;
@@ -33,12 +41,6 @@ import org.springframework.boot.web.servlet.support.SpringBootServletInitializer
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
-import de.latlon.xplanbox.api.validator.api.v1.ApiV1Config;
-import de.latlon.xplanbox.api.validator.api.v2.ApiV2Config;
-import de.latlon.xplanbox.api.validator.config.ValidatorApiConfiguration;
-import jakarta.servlet.ServletContext;
-import jakarta.ws.rs.core.Context;
-
@SpringBootApplication
@ComponentScan(
basePackages = { "de.latlon.xplanbox.api.validator.config", "de.latlon.xplanbox.validator.storage.config",
@@ -62,9 +64,11 @@ public class SpringBootApp extends SpringBootServletInitializer {
@Bean
public ServletRegistrationBean v1config(@Context ServletContext servletContext,
- ValidatorApiConfiguration validatorApiConfiguration) {
+ ValidatorApiConfiguration validatorApiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter) {
ServletRegistrationBean v1config = new ServletRegistrationBean(
- new ServletContainer(new ApiV1Config(servletContext, validatorApiConfiguration)),
+ new ServletContainer(
+ new ApiV1Config(servletContext, validatorApiConfiguration, bearerSecurityOpenApiWriter)),
"/xvalidator/api/v1/*");
v1config.addInitParameter(ServletProperties.JAXRS_APPLICATION_CLASS, ApiV1Config.class.getName());
v1config.setName(ApiV1Config.class.getName());
@@ -74,9 +78,12 @@ public class SpringBootApp extends SpringBootServletInitializer {
@Bean
public ServletRegistrationBean v2config(@Context ServletContext servletContext,
- ValidatorApiConfiguration validatorApiConfiguration) {
+ ValidatorApiConfiguration validatorApiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter) {
ServletRegistrationBean v2config = new ServletRegistrationBean(
- new ServletContainer(new ApiV2Config(servletContext, validatorApiConfiguration)), "/api/v2/*");
+ new ServletContainer(
+ new ApiV2Config(servletContext, validatorApiConfiguration, bearerSecurityOpenApiWriter)),
+ "/api/v2/*");
v2config.addInitParameter(ServletProperties.JAXRS_APPLICATION_CLASS, ApiV2Config.class.getName());
v2config.setName(ApiV2Config.class.getName());
v2config.setLoadOnStartup(2);
diff --git a/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/api/AbstractApiConfig.java b/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/api/AbstractApiConfig.java
index 6b2e9a0d29b6d9d0ac836f7c194dbb9319da21a0..522a5f0a948f8b3fbadc32b7ba3de4cee750d5d6 100644
--- a/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/api/AbstractApiConfig.java
+++ b/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/api/AbstractApiConfig.java
@@ -21,15 +21,17 @@
package de.latlon.xplanbox.api.validator.api;
import java.util.Collections;
+import java.util.Optional;
import de.latlon.xplanbox.api.commons.ObjectMapperContextResolver;
import de.latlon.xplanbox.api.commons.converter.StringListConverterProvider;
import de.latlon.xplanbox.api.commons.exception.ConstraintViolationExceptionMapper;
+import de.latlon.xplanbox.api.commons.exception.EventExecutionExceptionMapper;
import de.latlon.xplanbox.api.commons.exception.UnsupportedContentTypeExceptionMapper;
import de.latlon.xplanbox.api.commons.exception.ValidatorExceptionMapper;
import de.latlon.xplanbox.api.commons.exception.XPlanApiExceptionMapper;
import de.latlon.xplanbox.api.validator.config.ValidatorApiConfiguration;
-import de.latlon.xplanbox.api.commons.exception.EventExecutionExceptionMapper;
+import de.latlon.xplanbox.security.openapi.BearerSecurityOpenApiWriter;
import io.swagger.v3.jaxrs2.integration.resources.BaseOpenApiResource;
import io.swagger.v3.oas.models.ExternalDocumentation;
import io.swagger.v3.oas.models.OpenAPI;
@@ -53,12 +55,14 @@ import org.glassfish.jersey.server.ServerProperties;
public abstract class AbstractApiConfig extends ResourceConfig {
public AbstractApiConfig(@Context ServletContext servletContext,
- ValidatorApiConfiguration validatorApiConfiguration) {
+ ValidatorApiConfiguration validatorApiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter) {
property(ServerProperties.WADL_FEATURE_DISABLE, true);
register(new ObjectMapperContextResolver());
- BaseOpenApiResource openApiResource = createDefaultApi(servletContext, validatorApiConfiguration);
+ BaseOpenApiResource openApiResource = createDefaultApi(servletContext, validatorApiConfiguration,
+ bearerSecurityOpenApiWriter);
register(openApiResource);
register(ConstraintViolationExceptionMapper.class);
@@ -70,17 +74,19 @@ public abstract class AbstractApiConfig extends ResourceConfig {
}
protected abstract BaseOpenApiResource createDefaultApi(ServletContext servletContext,
- ValidatorApiConfiguration validatorApiConfiguration);
+ ValidatorApiConfiguration validatorApiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter);
protected abstract void addInfo(OpenAPI openApi, ValidatorApiConfiguration validatorApiConfiguration);
protected OpenAPI createOpenAPI(ServletContext servletContext, ValidatorApiConfiguration validatorApiConfiguration,
- String apiPath) {
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter, String apiPath) {
OpenAPI openApi = new OpenAPI();
addInfo(openApi, validatorApiConfiguration);
addContact(openApi, validatorApiConfiguration);
addServers(openApi, servletContext, validatorApiConfiguration, apiPath);
addTag(openApi, validatorApiConfiguration);
+ bearerSecurityOpenApiWriter.ifPresent(apiSecurity -> apiSecurity.addSecurity(openApi));
return openApi;
}
diff --git a/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/api/v1/ApiV1Config.java b/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/api/v1/ApiV1Config.java
index ff2410c2ae3559ee5eca8999ca3607213a4d623d..bc432ab0970e52e013047cb3f87d64f8b29b62c9 100644
--- a/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/api/v1/ApiV1Config.java
+++ b/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/api/v1/ApiV1Config.java
@@ -22,6 +22,7 @@ package de.latlon.xplanbox.api.validator.api.v1;
import static org.slf4j.LoggerFactory.getLogger;
+import java.util.Optional;
import java.util.Set;
import de.latlon.xplanbox.api.commons.openapi.OpenApiFilter;
@@ -30,6 +31,7 @@ import de.latlon.xplanbox.api.validator.config.ValidatorApiConfiguration;
import de.latlon.xplanbox.api.validator.v1.DefaultApi;
import de.latlon.xplanbox.api.validator.v1.InfoApi;
import de.latlon.xplanbox.api.validator.v1.ValidateApi;
+import de.latlon.xplanbox.security.openapi.BearerSecurityOpenApiWriter;
import io.swagger.v3.jaxrs2.integration.resources.BaseOpenApiResource;
import io.swagger.v3.oas.integration.SwaggerConfiguration;
import io.swagger.v3.oas.models.OpenAPI;
@@ -56,8 +58,9 @@ public class ApiV1Config extends AbstractApiConfig {
private static final String APP_PATH = "xvalidator/api/v1";
- public ApiV1Config(@Context ServletContext servletContext, ValidatorApiConfiguration validatorApiConfiguration) {
- super(servletContext, validatorApiConfiguration);
+ public ApiV1Config(@Context ServletContext servletContext, ValidatorApiConfiguration validatorApiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter) {
+ super(servletContext, validatorApiConfiguration, bearerSecurityOpenApiWriter);
register(InfoApi.class);
register(ValidateApi.class);
@@ -66,9 +69,11 @@ public class ApiV1Config extends AbstractApiConfig {
}
public BaseOpenApiResource createDefaultApi(ServletContext servletContext,
- ValidatorApiConfiguration validatorApiConfiguration) {
+ ValidatorApiConfiguration validatorApiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter) {
DefaultApi openApiResourceV1 = new DefaultApi();
- OpenAPI v1OpenApi = createOpenAPI(servletContext, validatorApiConfiguration, APP_PATH);
+ OpenAPI v1OpenApi = createOpenAPI(servletContext, validatorApiConfiguration, bearerSecurityOpenApiWriter,
+ APP_PATH);
SwaggerConfiguration oasConfigV1 = new SwaggerConfiguration().openAPI(v1OpenApi)
.filterClass(OpenApiFilter.class.getCanonicalName())
.prettyPrint(true)
diff --git a/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/api/v2/ApiV2Config.java b/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/api/v2/ApiV2Config.java
index fa59cb22cd97a27eece203f977b282a97c022d50..c6632761a1e921c8998865e750003fe26a392298 100644
--- a/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/api/v2/ApiV2Config.java
+++ b/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/api/v2/ApiV2Config.java
@@ -22,6 +22,7 @@ package de.latlon.xplanbox.api.validator.api.v2;
import static org.slf4j.LoggerFactory.getLogger;
+import java.util.Optional;
import java.util.Set;
import de.latlon.xplanbox.api.validator.api.AbstractApiConfig;
@@ -31,6 +32,7 @@ import de.latlon.xplanbox.api.validator.v2.InfoApi2;
import de.latlon.xplanbox.api.validator.v2.ReportApi;
import de.latlon.xplanbox.api.validator.v2.StatusApi;
import de.latlon.xplanbox.api.validator.v2.ValidateApi2;
+import de.latlon.xplanbox.security.openapi.BearerSecurityOpenApiWriter;
import io.swagger.v3.jaxrs2.integration.resources.BaseOpenApiResource;
import io.swagger.v3.oas.integration.SwaggerConfiguration;
import io.swagger.v3.oas.models.OpenAPI;
@@ -57,8 +59,9 @@ public class ApiV2Config extends AbstractApiConfig {
private static final String APP_PATH = "api/v2";
- public ApiV2Config(@Context ServletContext servletContext, ValidatorApiConfiguration validatorApiConfiguration) {
- super(servletContext, validatorApiConfiguration);
+ public ApiV2Config(@Context ServletContext servletContext, ValidatorApiConfiguration validatorApiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter) {
+ super(servletContext, validatorApiConfiguration, bearerSecurityOpenApiWriter);
register(InfoApi2.class);
register(ValidateApi2.class);
@@ -70,9 +73,11 @@ public class ApiV2Config extends AbstractApiConfig {
@Override
protected BaseOpenApiResource createDefaultApi(ServletContext servletContext,
- ValidatorApiConfiguration validatorApiConfiguration) {
+ ValidatorApiConfiguration validatorApiConfiguration,
+ Optional<BearerSecurityOpenApiWriter> bearerSecurityOpenApiWriter) {
DefaultApi2 openApiResourceV2 = new DefaultApi2();
- OpenAPI v2OpenApi = createOpenAPI(servletContext, validatorApiConfiguration, APP_PATH);
+ OpenAPI v2OpenApi = createOpenAPI(servletContext, validatorApiConfiguration, bearerSecurityOpenApiWriter,
+ APP_PATH);
SwaggerConfiguration oasConfigV2 = new SwaggerConfiguration().openAPI(v2OpenApi)
.filterClass(ApiV2Filter.class.getCanonicalName())
.prettyPrint(true)
diff --git a/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/config/ApplicationContext.java b/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/config/ApplicationContext.java
index a3d7359d3304751f83ea9222f825bd708cbc9d57..fc99c88b16563efd0a066b42635e57f298675597 100644
--- a/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/config/ApplicationContext.java
+++ b/xplan-validator/xplan-validator-api/src/main/java/de/latlon/xplanbox/api/validator/config/ApplicationContext.java
@@ -50,6 +50,7 @@ import de.latlon.xplan.validator.semantic.xquery.XQuerySemanticValidator;
import de.latlon.xplan.validator.syntactic.SyntacticValidator;
import de.latlon.xplan.validator.syntactic.SyntacticValidatorImpl;
import de.latlon.xplanbox.api.commons.handler.SystemConfigHandler;
+import de.latlon.xplanbox.security.config.OAuth2JwtContext;
import de.latlon.xplanbox.security.config.SecurityContext;
import de.latlon.xplanbox.validator.storage.config.AmazonS3ValidationContext;
import org.springframework.beans.factory.annotation.Autowired;
@@ -65,7 +66,7 @@ import org.springframework.core.io.ResourceLoader;
*/
@Configuration
@ComponentScan(basePackages = { "de.latlon.xplanbox.api.validator.handler", "de.latlon.xplanbox.api.validator.v1" })
-@Import({ SecurityContext.class, AmazonS3ValidationContext.class })
+@Import({ SecurityContext.class, OAuth2JwtContext.class, AmazonS3ValidationContext.class })
public class ApplicationContext {
@Autowired
diff --git a/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v1/DefaultApiTest.java b/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v1/DefaultApiTest.java
index b822b79da74814fa1bca10a682d860ac09117c08..298ffd23e3c675a7e742d014de292a07360c73a3 100644
--- a/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v1/DefaultApiTest.java
+++ b/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v1/DefaultApiTest.java
@@ -23,6 +23,8 @@ package de.latlon.xplanbox.api.validator.v1;
import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON;
import static org.assertj.core.api.Assertions.assertThat;
+import java.util.Optional;
+
import de.latlon.xplanbox.api.validator.ValidatorApiJerseyTest;
import de.latlon.xplanbox.api.validator.api.AbstractApiConfig;
import de.latlon.xplanbox.api.validator.api.v1.ApiV1Config;
@@ -41,7 +43,7 @@ class DefaultApiTest extends ValidatorApiJerseyTest {
public AbstractApiConfig createConfig(ServletContext mockServletContext,
ValidatorApiConfiguration validatorConfig) {
- return new ApiV1Config(mockServletContext, validatorConfig);
+ return new ApiV1Config(mockServletContext, validatorConfig, Optional.empty());
}
@Test
diff --git a/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v1/InfoApiTest.java b/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v1/InfoApiTest.java
index a6b22e061942a63449ef8675aa092743deb7d131..383ebb2c1e664ef6730256d4c0bd6e218c915c0e 100644
--- a/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v1/InfoApiTest.java
+++ b/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v1/InfoApiTest.java
@@ -24,6 +24,8 @@ import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.jupiter.api.Assertions.assertEquals;
+import java.util.Optional;
+
import de.latlon.xplanbox.api.validator.ValidatorApiJerseyTest;
import de.latlon.xplanbox.api.validator.api.AbstractApiConfig;
import de.latlon.xplanbox.api.validator.api.v1.ApiV1Config;
@@ -41,7 +43,7 @@ class InfoApiTest extends ValidatorApiJerseyTest {
public AbstractApiConfig createConfig(ServletContext mockServletContext,
ValidatorApiConfiguration validatorConfig) {
- return new ApiV1Config(mockServletContext, validatorConfig);
+ return new ApiV1Config(mockServletContext, validatorConfig, Optional.empty());
}
@Test
diff --git a/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v1/ValidateApiJerseyTest.java b/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v1/ValidateApiJerseyTest.java
index dc1fed2e4380bcabd851971bb03574609c2a5e4c..b72158686814c5201878ac01e45ceb7217e26904 100644
--- a/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v1/ValidateApiJerseyTest.java
+++ b/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v1/ValidateApiJerseyTest.java
@@ -34,6 +34,7 @@ import java.net.URISyntaxException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
+import java.util.Optional;
import de.latlon.core.validator.events.ValidationRequestedEvent.OriginFile;
import de.latlon.xplan.validator.semantic.profile.SemanticProfiles;
@@ -72,7 +73,7 @@ public class ValidateApiJerseyTest extends ValidatorApiJerseyTest {
@Override
protected AbstractApiConfig createConfig(ServletContext mockServletContext,
ValidatorApiConfiguration validatorConfig) {
- return new ApiV1Config(mockServletContext, validatorConfig);
+ return new ApiV1Config(mockServletContext, validatorConfig, Optional.empty());
}
@Test
diff --git a/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/DefaultApi2Test.java b/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/DefaultApi2Test.java
index c7da99f078eeea17972543d46ebddb849996bc55..7c8af722223754a76d2cea643a326bcc57a38e9a 100644
--- a/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/DefaultApi2Test.java
+++ b/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/DefaultApi2Test.java
@@ -23,6 +23,8 @@ package de.latlon.xplanbox.api.validator.v2;
import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON;
import static org.assertj.core.api.Assertions.assertThat;
+import java.util.Optional;
+
import de.latlon.xplanbox.api.validator.ValidatorApiJerseyTest;
import de.latlon.xplanbox.api.validator.api.AbstractApiConfig;
import de.latlon.xplanbox.api.validator.api.v2.ApiV2Config;
@@ -41,7 +43,7 @@ class DefaultApi2Test extends ValidatorApiJerseyTest {
public AbstractApiConfig createConfig(ServletContext mockServletContext,
ValidatorApiConfiguration validatorConfig) {
- return new ApiV2Config(mockServletContext, validatorConfig);
+ return new ApiV2Config(mockServletContext, validatorConfig, Optional.empty());
}
@Test
diff --git a/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/InfoApi2Test.java b/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/InfoApi2Test.java
index 35d19c897cd8fdd79ac92e03dc95beda78a216d1..4d027f3d08c4c9bc72ff0278358670b52cfb0fd1 100644
--- a/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/InfoApi2Test.java
+++ b/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/InfoApi2Test.java
@@ -24,6 +24,8 @@ import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.jupiter.api.Assertions.assertEquals;
+import java.util.Optional;
+
import de.latlon.xplanbox.api.validator.ValidatorApiJerseyTest;
import de.latlon.xplanbox.api.validator.api.AbstractApiConfig;
import de.latlon.xplanbox.api.validator.api.v2.ApiV2Config;
@@ -42,7 +44,7 @@ class InfoApi2Test extends ValidatorApiJerseyTest {
public AbstractApiConfig createConfig(ServletContext mockServletContext,
ValidatorApiConfiguration validatorConfig) {
- return new ApiV2Config(mockServletContext, validatorConfig);
+ return new ApiV2Config(mockServletContext, validatorConfig, Optional.empty());
}
@Test
diff --git a/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/ReportApiTest.java b/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/ReportApiTest.java
index 8ffe2149b9b5e881e65e4ca3666984925b4f8a63..a81671d8fda75d8b278b57254455d34fc2fcc58c 100644
--- a/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/ReportApiTest.java
+++ b/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/ReportApiTest.java
@@ -3,6 +3,8 @@ package de.latlon.xplanbox.api.validator.v2;
import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON;
import static org.junit.jupiter.api.Assertions.assertEquals;
+import java.util.Optional;
+
import de.latlon.xplanbox.api.validator.ValidatorApiJerseyTest;
import de.latlon.xplanbox.api.validator.api.AbstractApiConfig;
import de.latlon.xplanbox.api.validator.api.v2.ApiV2Config;
@@ -20,7 +22,7 @@ public class ReportApiTest extends ValidatorApiJerseyTest {
@Override
public AbstractApiConfig createConfig(ServletContext mockServletContext,
ValidatorApiConfiguration validatorConfig) {
- return new ApiV2Config(mockServletContext, validatorConfig);
+ return new ApiV2Config(mockServletContext, validatorConfig, Optional.empty());
}
@Test
diff --git a/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/StatusApiTest.java b/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/StatusApiTest.java
index 3be8477d69d40f2adb0d207b5bdbbde37c58568e..5e2752d19690820c402c45acd23960f767f96c83 100644
--- a/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/StatusApiTest.java
+++ b/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/StatusApiTest.java
@@ -23,6 +23,7 @@ package de.latlon.xplanbox.api.validator.v2;
import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON;
import static org.junit.jupiter.api.Assertions.assertEquals;
+import java.util.Optional;
import java.util.UUID;
import de.latlon.xplanbox.api.validator.ValidatorApiJerseyTest;
@@ -41,7 +42,7 @@ class StatusApiTest extends ValidatorApiJerseyTest {
public AbstractApiConfig createConfig(ServletContext mockServletContext,
ValidatorApiConfiguration validatorConfig) {
- return new ApiV2Config(mockServletContext, validatorConfig);
+ return new ApiV2Config(mockServletContext, validatorConfig, Optional.empty());
}
@Test
diff --git a/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/ValidateApi2Test.java b/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/ValidateApi2Test.java
index d7df1153dd779a027fee1551d5ed0c3a14e08477..e2c534f42747ea51c1e5955ea3483c36a501b614 100644
--- a/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/ValidateApi2Test.java
+++ b/xplan-validator/xplan-validator-api/src/test/java/de/latlon/xplanbox/api/validator/v2/ValidateApi2Test.java
@@ -29,6 +29,7 @@ import java.io.IOException;
import java.net.URISyntaxException;
import java.nio.file.Files;
import java.nio.file.Paths;
+import java.util.Optional;
import de.latlon.xplanbox.api.validator.ValidatorApiJerseyTest;
import de.latlon.xplanbox.api.validator.api.AbstractApiConfig;
@@ -48,7 +49,7 @@ public class ValidateApi2Test extends ValidatorApiJerseyTest {
public AbstractApiConfig createConfig(ServletContext mockServletContext,
ValidatorApiConfiguration validatorConfig) {
- return new ApiV2Config(mockServletContext, validatorConfig);
+ return new ApiV2Config(mockServletContext, validatorConfig, Optional.empty());
}
@Test
diff --git a/xplan-validator/xplan-validator-executor/.trivyignore b/xplan-validator/xplan-validator-executor/.trivyignore
new file mode 100644
index 0000000000000000000000000000000000000000..1578d61edc00881c44356aaf1af5e3569b38459f
--- /dev/null
+++ b/xplan-validator/xplan-validator-executor/.trivyignore
@@ -0,0 +1 @@
+# no issue to ignore currenty
diff --git a/xplan-validator/xplan-validator-executor/src/test/resources/de/latlon/xplanbox/validator/executor/report1.expected.json b/xplan-validator/xplan-validator-executor/src/test/resources/de/latlon/xplanbox/validator/executor/report1.expected.json
index f7dcea424e342d5dfc3cd3d64c0fb06729b49dc3..45abdacec51e05141616220a30deb0a9f6962440 100644
--- a/xplan-validator/xplan-validator-executor/src/test/resources/de/latlon/xplanbox/validator/executor/report1.expected.json
+++ b/xplan-validator/xplan-validator-executor/src/test/resources/de/latlon/xplanbox/validator/executor/report1.expected.json
@@ -15,8 +15,8 @@
"semantisch": {
"valid": true,
"rulesMetadata": {
- "source": "https:\/\/gitlab.opencode.de\/xleitstelle\/xplanung\/validierungsregeln\/standard\/-\/tree\/v1.1.9",
- "version": "1.1.9"
+ "source": "https:\/\/gitlab.opencode.de\/xleitstelle\/xplanung\/validierungsregeln\/standard\/-\/tree\/v1.1.10-SNAPSHOT",
+ "version": "1.1.10-SNAPSHOT"
},
"rules": [
{
@@ -962,6 +962,10 @@
{
"id": "6.5.1.1",
"title": "Konsistenz von typ und sonstTyp"
+ },
+ {
+ "id": "bereich_nummer",
+ "title": "Regel bereich_nummer muss erfüllt sein"
}
],
"status": "COMPLETED"
diff --git a/xplan-validator/xplan-validator-executor/src/test/resources/de/latlon/xplanbox/validator/executor/report2.expected.json b/xplan-validator/xplan-validator-executor/src/test/resources/de/latlon/xplanbox/validator/executor/report2.expected.json
index 6749a7ef50f66edf10719159b4f9293de1e0766b..24e174e25fbd76ae25197d37b79027818b088303 100644
--- a/xplan-validator/xplan-validator-executor/src/test/resources/de/latlon/xplanbox/validator/executor/report2.expected.json
+++ b/xplan-validator/xplan-validator-executor/src/test/resources/de/latlon/xplanbox/validator/executor/report2.expected.json
@@ -31,8 +31,8 @@
"semantisch": {
"valid": true,
"rulesMetadata": {
- "source": "https:\/\/gitlab.opencode.de\/xleitstelle\/xplanung\/validierungsregeln\/standard\/-\/tree\/v1.1.9",
- "version": "1.1.9"
+ "source": "https:\/\/gitlab.opencode.de\/xleitstelle\/xplanung\/validierungsregeln\/standard\/-\/tree\/v1.1.10-SNAPSHOT",
+ "version": "1.1.10-SNAPSHOT"
},
"rules": [
{
@@ -978,6 +978,10 @@
{
"id": "6.5.1.1",
"title": "Konsistenz von typ und sonstTyp"
+ },
+ {
+ "id": "bereich_nummer",
+ "title": "Regel bereich_nummer muss erfüllt sein"
}
],
"status": "COMPLETED"
diff --git a/xplan-validator/xplan-validator-executor/src/test/resources/de/latlon/xplanbox/validator/executor/report3.expected.json b/xplan-validator/xplan-validator-executor/src/test/resources/de/latlon/xplanbox/validator/executor/report3.expected.json
index 8276a83c50ec98afd7ea00d21476b70087b65556..9cf18394f053d06fb720f0ac3ba219f8fd8db814 100644
--- a/xplan-validator/xplan-validator-executor/src/test/resources/de/latlon/xplanbox/validator/executor/report3.expected.json
+++ b/xplan-validator/xplan-validator-executor/src/test/resources/de/latlon/xplanbox/validator/executor/report3.expected.json
@@ -45,8 +45,8 @@
"semantisch": {
"valid": true,
"rulesMetadata": {
- "source": "https:\/\/gitlab.opencode.de\/xleitstelle\/xplanung\/validierungsregeln\/standard\/-\/tree\/v1.1.9",
- "version": "1.1.9"
+ "source": "https:\/\/gitlab.opencode.de\/xleitstelle\/xplanung\/validierungsregeln\/standard\/-\/tree\/v1.1.10-SNAPSHOT",
+ "version": "1.1.10-SNAPSHOT"
},
"rules": [
{
@@ -992,6 +992,10 @@
{
"id": "6.5.1.1",
"title": "Konsistenz von typ und sonstTyp"
+ },
+ {
+ "id": "bereich_nummer",
+ "title": "Regel bereich_nummer muss erfüllt sein"
}
],
"status": "COMPLETED"