Added endpoint for fetching wallet details for plugin

Author: physcom

src/main/kotlin/io/openfuture/api/component/state/DefaultStateApi.kt

@@ -11,7 +11,12 @@ import org.springframework.web.client.RestTemplate
 @Component
 class DefaultStateApi(private val stateRestTemplate: RestTemplate) : StateApi {
 
-    override fun createWallet(address: String, webHook: String, blockchain: Blockchain, applicationId: String): StateWalletDto {
+    override fun createWallet(
+        address: String,
+        webHook: String,
+        blockchain: Blockchain,
+        applicationId: String
+    ): StateWalletDto {
         val request = CreateStateWalletRequest(address, webHook, blockchain.getValue(), applicationId)
         val response = stateRestTemplate.postForEntity("/wallets/single", request, StateWalletDto::class.java)
         return response.body!!
@@ -51,4 +56,9 @@ class DefaultStateApi(private val stateRestTemplate: RestTemplate) : StateApi {
         return stateRestTemplate.getForEntity(url, PaymentWidgetResponse::class.java).body!!
     }
 
+    override fun getOrderDetailsByApplication(applicationId: String): Array<StateOrderDetail> {
+        val url = "/wallets/application/${applicationId}"
+        return stateRestTemplate.getForEntity(url, Array<StateOrderDetail>::class.java).body!!
+    }
+
 }

src/main/kotlin/io/openfuture/api/component/state/StateApi.kt

@@ -23,4 +23,6 @@ interface StateApi {
     fun getTransactionsByAddress(address: String): Array<TransactionDto>
 
     fun getPaymentDetailByOrder(orderKey: String): PaymentWidgetResponse
+
+    fun getOrderDetailsByApplication(applicationId: String): Array<StateOrderDetail>
 }

src/main/kotlin/io/openfuture/api/config/filter/PublicApiAuthorizationFilter.kt

@@ -3,12 +3,14 @@ package io.openfuture.api.config.filter
 import com.fasterxml.jackson.databind.ObjectMapper
 import com.fasterxml.jackson.module.kotlin.jacksonObjectMapper
 import io.openfuture.api.config.propety.AuthorizationProperties
-import org.springframework.http.HttpStatus.UNAUTHORIZED
 import io.openfuture.api.domain.exception.ExceptionResponse
 import io.openfuture.api.domain.key.WalletApiCreateRequest
 import io.openfuture.api.domain.state.WalletApiStateRequest
+import io.openfuture.api.entity.application.Application
 import io.openfuture.api.service.ApplicationService
 import io.openfuture.api.util.*
+import org.springframework.http.HttpStatus.NOT_FOUND
+import org.springframework.http.HttpStatus.UNAUTHORIZED
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
 import org.springframework.security.core.authority.SimpleGrantedAuthority
 import org.springframework.security.core.context.SecurityContextHolder
@@ -36,44 +38,54 @@ class PublicApiAuthorizationFilter(
             val accessKey = request.getHeader("X-API-KEY")
             val signature = request.getHeader("X-API-SIGNATURE")
 
-            val application = applicationService.getByAccessKey(accessKey)
-
-            if (request.method == "POST") {
-
-                val requestWrapper = CustomHttpRequestWrapper(request)
-                val walletApiCreateRequest =
-                    mapper.readValue(requestWrapper.bodyInStringFormat, WalletApiCreateRequest::class.java)
-                val mapper = jacksonObjectMapper()
-                val str = mapper.writeValueAsString(walletApiCreateRequest)
-
-                if (!checkHash(accessKey, signature, walletApiCreateRequest.timestamp.toLong(), str)) {
-                    val exceptionResponse =
-                        ExceptionResponse(UNAUTHORIZED.value(), "Signature mismatch or request timeout")
-                    response.status = exceptionResponse.status
-                    response.writer.write(mapper.writeValueAsString(exceptionResponse))
+            try {
+                val application = applicationService.getByAccessKey(accessKey)
+
+                if (request.method == "POST") {
+
+                    val requestWrapper = CustomHttpRequestWrapper(request)
+                    val walletApiCreateRequest =
+                        mapper.readValue(requestWrapper.bodyInStringFormat, WalletApiCreateRequest::class.java)
+                    val mapper = jacksonObjectMapper()
+                    val str = mapper.writeValueAsString(walletApiCreateRequest)
+
+                    if (!checkHash(application, signature, str, walletApiCreateRequest.timestamp.toLong())) {
+                        println("Signature mismatch or request timeout")
+                        val exceptionResponse =
+                            ExceptionResponse(UNAUTHORIZED.value(), "Signature mismatch or request timeout")
+                        response.status = exceptionResponse.status
+                        response.writer.write(mapper.writeValueAsString(exceptionResponse))
+                        return
+                    }
+
+                    val token = UsernamePasswordAuthenticationToken(
+                        application.user,
+                        null,
+                        listOf(SimpleGrantedAuthority("ROLE_APPLICATION"))
+                    )
+                    SecurityContextHolder.getContext().authentication = token
+
+                    chain.doFilter(requestWrapper, response)
+                    return
+                } else {
+                    val token = UsernamePasswordAuthenticationToken(
+                        application.user,
+                        null,
+                        listOf(SimpleGrantedAuthority("ROLE_APPLICATION"))
+                    )
+                    SecurityContextHolder.getContext().authentication = token
+
+                    chain.doFilter(request, response)
                     return
                 }
 
-                val token = UsernamePasswordAuthenticationToken(
-                    application.user,
-                    null,
-                    listOf(SimpleGrantedAuthority("ROLE_APPLICATION"))
-                )
-                SecurityContextHolder.getContext().authentication = token
-
-                chain.doFilter(requestWrapper, response)
-                return
+            } catch (exception: RuntimeException) {
+                println("Exception thrown")
+                response.setContentType("application/json")
+                response.setStatus(NOT_FOUND.value())
             }
-            else {
-                val token = UsernamePasswordAuthenticationToken(application.user, null, listOf(SimpleGrantedAuthority("ROLE_APPLICATION")))
-                SecurityContextHolder.getContext().authentication = token
 
-                chain.doFilter(request, response)
-                return
-            }
-        }
-
-        else if (request.requestURI.startsWith("/public") && request.getHeader("OPEN-API-KEY") != null) {
+        } /*else if (request.requestURI.startsWith("/public") && request.getHeader("OPEN-API-KEY") != null) {
 
             val accessKey = request.getHeader("OPEN-API-KEY")
             val signature = request.getHeader("OPEN-API-SIGNATURE")
@@ -86,19 +98,23 @@ class PublicApiAuthorizationFilter(
 
             val application = applicationService.getByAccessKey(accessKey)
 
-            if (!checkHash(accessKey, signature, walletApiStateRequest.timestamp.toLong(), str)) {
+            if (!checkHash(application, signature, str, walletApiStateRequest.timestamp.toLong())) {
                 val exceptionResponse = ExceptionResponse(UNAUTHORIZED.value(), "Signature mismatch or request timeout")
                 response.status = exceptionResponse.status
                 response.writer.write(mapper.writeValueAsString(exceptionResponse))
                 return
             }
 
-            val token = UsernamePasswordAuthenticationToken(application.user, null, listOf(SimpleGrantedAuthority("ROLE_APPLICATION")))
+            val token = UsernamePasswordAuthenticationToken(
+                application.user,
+                null,
+                listOf(SimpleGrantedAuthority("ROLE_APPLICATION"))
+            )
             SecurityContextHolder.getContext().authentication = token
 
             chain.doFilter(requestWrapper, response)
             return
-        }
+        }*/
 
         chain.doFilter(request, response)
     }
@@ -107,16 +123,18 @@ class PublicApiAuthorizationFilter(
         // Do nothing
     }
 
-    private fun checkHash(accessKey: String, signature: String, timestamp: Long, str: String): Boolean{
+    private fun checkHash(application: Application, signature: String, str: String, timestamp: Long): Boolean {
+
         val diffMinutes = differenceEpochs(currentEpochs(), timestamp)
         val expirePeriod = properties.expireApi!!
 
-        val application = applicationService.getByAccessKey(accessKey)
-
         val hmacSha256 = application.let {
             KeyGeneratorUtils.calcHmacSha256(it.apiSecretKey, str)
         }
-
+        println(hmacSha256)
+        println(signature)
+        println("HASH ${hmacSha256 != signature}")
+        println("PERIOD ${diffMinutes > expirePeriod}")
         if (hmacSha256 != signature || diffMinutes > expirePeriod) {
             return false
         }

src/main/kotlin/io/openfuture/api/controller/api/PublicWalletApiController.kt

@@ -3,26 +3,29 @@ package io.openfuture.api.controller.api
 import io.openfuture.api.domain.key.KeyWalletDto
 import io.openfuture.api.domain.key.KeyWalletEncryptedDto
 import io.openfuture.api.domain.key.WalletApiCreateRequest
+import io.openfuture.api.domain.state.StateOrderDetail
 import io.openfuture.api.domain.state.WalletApiStateRequest
 import io.openfuture.api.domain.state.WalletApiStateResponse
 import io.openfuture.api.service.ApplicationService
 import io.openfuture.api.service.ApplicationWalletService
 import io.openfuture.api.service.WalletApiService
+import org.springframework.security.access.prepost.PreAuthorize
 import org.springframework.web.bind.annotation.*
 import org.web3j.protocol.core.methods.response.TransactionReceipt
 
 
 @RestController
 @RequestMapping("/public/api/v1/wallet")
+@PreAuthorize(value = "hasAnyRole('ROLE_APPLICATION')")
 class PublicWalletApiController(
     private val walletApiService: WalletApiService,
     private val applicationService: ApplicationService,
     private val applicationWalletService: ApplicationWalletService
 ) {
 
-    //@PreAuthorize(value = "hasAnyRole('ROLE_APPLICATION')")
     @PostMapping("/process")
     fun generateWallet(@RequestBody walletApiCreateRequest: WalletApiCreateRequest, @RequestHeader("X-API-KEY") accessKey: String): Array<KeyWalletDto> {
+        println("ACCESS KEY: $accessKey")
         val application = applicationService.getByAccessKey(accessKey)
         return walletApiService.processWalletSDK(walletApiCreateRequest, application, application.user)
     }
@@ -33,6 +36,12 @@ class PublicWalletApiController(
         return applicationWalletService.getAllWallets(application.id)
     }
 
+    @GetMapping("/details")
+    fun getWalletDetails(@RequestHeader("X-API-KEY") accessKey: String): Array<StateOrderDetail> {
+        val application = applicationService.getByAccessKey(accessKey)
+        return walletApiService.getOrderDetails(application.id.toString())
+    }
+
     @PostMapping("/save")
     fun saveWallet(@RequestBody walletApiStateRequest: WalletApiStateRequest, @RequestHeader("OPEN-API-KEY") accessKey: String): Boolean {
         val application = applicationService.getByAccessKey(accessKey)

src/main/kotlin/io/openfuture/api/controller/base/ExceptionRestControllerAdvice.kt

@@ -16,6 +16,11 @@ import javax.validation.ConstraintViolationException
 @RestControllerAdvice
 class ExceptionRestControllerAdvice {
 
+    @ResponseStatus(code = NOT_FOUND)
+    @ExceptionHandler(NotFoundException::class)
+    fun notFoundExceptionHandler(exception: NotFoundException): ExceptionResponse =
+        ExceptionResponse(NOT_FOUND.value(), exception.message!!)
+
     @ResponseStatus(code = BAD_REQUEST)
     @ExceptionHandler(MethodArgumentNotValidException::class)
     fun methodArgumentNotValidExceptionHandler(exception: MethodArgumentNotValidException): ExceptionResponse {
@@ -75,11 +80,6 @@ class ExceptionRestControllerAdvice {
             ExceptionResponse(BAD_REQUEST.value(), exception.message ?: """Something went wrong. Please read the
                 |documentation https://docs.openfuture.io/ or contact us openplatform@zensoft.io""".trimMargin())
 
-    @ResponseStatus(code = NOT_FOUND)
-    @ExceptionHandler(NotFoundException::class)
-    fun notFoundExceptionHandler(exception: NotFoundException): ExceptionResponse =
-        ExceptionResponse(NOT_FOUND.value(), exception.message!!)
-
     @ResponseStatus(code = BAD_REQUEST)
     @ExceptionHandler(RuntimeException::class)
     fun runtimeExceptionHandler(exception: RuntimeException): ExceptionResponse =

src/main/kotlin/io/openfuture/api/controller/widget/PaymentAddressWidgetController.kt

@@ -8,7 +8,7 @@ import org.springframework.web.bind.annotation.*
 @RestController
 @RequestMapping("/widget/payment/addresses")
 class PaymentAddressWidgetController(
-    private val service : WalletApiService
+    private val service: WalletApiService
 ) {
     @GetMapping("/order/{orderKey}")
     fun getAllAddressesByOrder(@PathVariable orderKey: String): PaymentWidgetResponse {

src/main/kotlin/io/openfuture/api/controller/widget/TransactionWidgetController.kt

@@ -8,7 +8,7 @@ import org.springframework.web.bind.annotation.*
 @RestController
 @RequestMapping("/widget/transactions")
 class TransactionWidgetController(
-    private val service : ApplicationWalletService
+    private val service: ApplicationWalletService
 ) {
 
     @GetMapping("/address/{address}")

src/main/kotlin/io/openfuture/api/domain/state/StateOrderDetail.kt

@@ -0,0 +1,17 @@
+package io.openfuture.api.domain.state
+
+import java.math.BigDecimal
+
+data class StateOrderDetail(
+    var orderKey: String,
+    var amount: BigDecimal,
+    var totalPaid: BigDecimal = BigDecimal.ZERO,
+    var currency: String,
+    val blockchains: List<BlockchainWallets>
+)
+
+data class BlockchainWallets(
+    val address: String,
+    val blockchain: String,
+    val rate: BigDecimal
+)

src/main/kotlin/io/openfuture/api/domain/state/StateSignRequest.kt

@@ -1,7 +1,6 @@
 package io.openfuture.api.domain.state
 
 data class StateSignRequest(
-    val address: String,
-    val order_id: Int,
+    val order_key: String,
     val status: String
 )

src/main/kotlin/io/openfuture/api/domain/state/WalletMetaData.kt

@@ -5,6 +5,5 @@ data class WalletMetaData(
     var orderKey: String,
     var productCurrency: String,
     var source: String,
-    var test: Boolean,
-    var clientManaged: Boolean
+    var test: Boolean
 )