Merge pull request #114 from OpenFuturePlatform/key-master-fix

Added wallet detail endpoint

Author: Elaman Nazarkulov

src/main/kotlin/io/openfuture/api/component/key/DefaultKeyApi.kt

@@ -30,8 +30,8 @@ class DefaultKeyApi(
         return response.body!!
     }
 
-    override fun getAllWalletsByApplication(applicationId: String): Array<KeyWalletDto> {
-        val response = keyRestTemplate.getForEntity("/key?applicationId={applicationId}", Array<KeyWalletDto>::class.java, applicationId)
+    override fun getAllWalletsByApplication(applicationId: String): Array<KeyWalletEncryptedDto> {
+        val response = keyRestTemplate.getForEntity("/key?applicationId={applicationId}", Array<KeyWalletEncryptedDto>::class.java, applicationId)
         return response.body!!
     }
 

src/main/kotlin/io/openfuture/api/component/key/KeyApi.kt

@@ -7,7 +7,7 @@ interface KeyApi {
     fun importWallet(request: ImportKeyRequest): KeyWalletDto
     fun generateMultipleWallets(createMultipleKeyRequest: CreateMultipleKeyRequest): Array<KeyWalletDto>
     fun updateWallets(createMultipleKeyRequest: CreateMultipleKeyRequest): Array<KeyWalletDto>
-    fun getAllWalletsByApplication(applicationId: String): Array<KeyWalletDto>
+    fun getAllWalletsByApplication(applicationId: String): Array<KeyWalletEncryptedDto>
     fun getAllWalletsByOrderKey(orderKey: String): Array<KeyWalletDto>
     fun getApplicationByAddress(address: String): WalletAddressResponse
     fun deleteAllWalletsByApplicationAddress(applicationId: String, address: String)

src/main/kotlin/io/openfuture/api/component/state/DefaultStateApi.kt

@@ -11,9 +11,13 @@ import org.springframework.web.client.RestTemplate
 @Component
 class DefaultStateApi(private val stateRestTemplate: RestTemplate) : StateApi {
 
-    override fun createWallet(address: String, webHook: String, blockchain: Blockchain, applicationId: String): StateWalletDto {
+    override fun createWallet(
+        address: String,
+        webHook: String,
+        blockchain: Blockchain,
+        applicationId: String
+    ): StateWalletDto {
         val request = CreateStateWalletRequest(address, webHook, blockchain.getValue(), applicationId)
-        println("Blockchain : $blockchain")
         val response = stateRestTemplate.postForEntity("/wallets/single", request, StateWalletDto::class.java)
         return response.body!!
     }
@@ -48,7 +52,13 @@ class DefaultStateApi(private val stateRestTemplate: RestTemplate) : StateApi {
 
     override fun getPaymentDetailByOrder(orderKey: String): PaymentWidgetResponse {
         val url = "/orders/${orderKey}"
+        println("Order key : $orderKey")
         return stateRestTemplate.getForEntity(url, PaymentWidgetResponse::class.java).body!!
     }
 
+    override fun getOrderDetailsByApplication(applicationId: String): Array<StateOrderDetail> {
+        val url = "/wallets/application/${applicationId}"
+        return stateRestTemplate.getForEntity(url, Array<StateOrderDetail>::class.java).body!!
+    }
+
 }

src/main/kotlin/io/openfuture/api/component/state/StateApi.kt

@@ -23,4 +23,6 @@ interface StateApi {
     fun getTransactionsByAddress(address: String): Array<TransactionDto>
 
     fun getPaymentDetailByOrder(orderKey: String): PaymentWidgetResponse
+
+    fun getOrderDetailsByApplication(applicationId: String): Array<StateOrderDetail>
 }

src/main/kotlin/io/openfuture/api/config/WebMvcConfig.kt

@@ -4,8 +4,10 @@ import io.openfuture.api.annotation.resolver.CurrentUserArgumentResolver
 import io.openfuture.api.service.UserService
 import org.springframework.context.annotation.Configuration
 import org.springframework.web.method.support.HandlerMethodArgumentResolver
+import org.springframework.web.servlet.config.annotation.CorsRegistry
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer
 
+
 @Configuration
 class WebMvcConfig(
     private val userService: UserService
@@ -15,4 +17,11 @@ class WebMvcConfig(
         resolvers.add(CurrentUserArgumentResolver(userService))
     }
 
+    override fun addCorsMappings(registry: CorsRegistry) {
+        registry.addMapping("/**")
+            .allowedOrigins("*")
+            .allowedMethods("HEAD", "OPTIONS", "GET", "POST", "PUT", "PATCH", "DELETE")
+            .maxAge(3600)
+    }
+
 }

src/main/kotlin/io/openfuture/api/config/filter/PublicApiAuthorizationFilter.kt

@@ -3,12 +3,14 @@ package io.openfuture.api.config.filter
 import com.fasterxml.jackson.databind.ObjectMapper
 import com.fasterxml.jackson.module.kotlin.jacksonObjectMapper
 import io.openfuture.api.config.propety.AuthorizationProperties
-import org.springframework.http.HttpStatus.UNAUTHORIZED
 import io.openfuture.api.domain.exception.ExceptionResponse
 import io.openfuture.api.domain.key.WalletApiCreateRequest
 import io.openfuture.api.domain.state.WalletApiStateRequest
+import io.openfuture.api.entity.application.Application
 import io.openfuture.api.service.ApplicationService
 import io.openfuture.api.util.*
+import org.springframework.http.HttpStatus.NOT_FOUND
+import org.springframework.http.HttpStatus.UNAUTHORIZED
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
 import org.springframework.security.core.authority.SimpleGrantedAuthority
 import org.springframework.security.core.context.SecurityContextHolder
@@ -36,29 +38,54 @@ class PublicApiAuthorizationFilter(
             val accessKey = request.getHeader("X-API-KEY")
             val signature = request.getHeader("X-API-SIGNATURE")
 
-            val requestWrapper = CustomHttpRequestWrapper(request)
-            val walletApiCreateRequest =
-                mapper.readValue(requestWrapper.bodyInStringFormat, WalletApiCreateRequest::class.java)
-            val mapper = jacksonObjectMapper()
-            val str = mapper.writeValueAsString(walletApiCreateRequest)
-
-            val application = applicationService.getByAccessKey(accessKey)
-
-            if (!checkHash(accessKey, signature, walletApiCreateRequest.timestamp.toLong(), str)) {
-                val exceptionResponse = ExceptionResponse(UNAUTHORIZED.value(), "Signature mismatch or request timeout")
-                response.status = exceptionResponse.status
-                response.writer.write(mapper.writeValueAsString(exceptionResponse))
-                return
+            try {
+                val application = applicationService.getByAccessKey(accessKey)
+
+                if (request.method == "POST") {
+
+                    val requestWrapper = CustomHttpRequestWrapper(request)
+                    val walletApiCreateRequest =
+                        mapper.readValue(requestWrapper.bodyInStringFormat, WalletApiCreateRequest::class.java)
+                    val mapper = jacksonObjectMapper()
+                    val str = mapper.writeValueAsString(walletApiCreateRequest)
+
+                    if (!checkHash(application, signature, str, walletApiCreateRequest.timestamp.toLong())) {
+                        println("Signature mismatch or request timeout")
+                        val exceptionResponse =
+                            ExceptionResponse(UNAUTHORIZED.value(), "Signature mismatch or request timeout")
+                        response.status = exceptionResponse.status
+                        response.writer.write(mapper.writeValueAsString(exceptionResponse))
+                        return
+                    }
+
+                    val token = UsernamePasswordAuthenticationToken(
+                        application.user,
+                        null,
+                        listOf(SimpleGrantedAuthority("ROLE_APPLICATION"))
+                    )
+                    SecurityContextHolder.getContext().authentication = token
+
+                    chain.doFilter(requestWrapper, response)
+                    return
+                } else {
+                    val token = UsernamePasswordAuthenticationToken(
+                        application.user,
+                        null,
+                        listOf(SimpleGrantedAuthority("ROLE_APPLICATION"))
+                    )
+                    SecurityContextHolder.getContext().authentication = token
+
+                    chain.doFilter(request, response)
+                    return
+                }
+
+            } catch (exception: RuntimeException) {
+                println("Exception thrown")
+                response.setContentType("application/json")
+                response.setStatus(NOT_FOUND.value())
             }
 
-            val token = UsernamePasswordAuthenticationToken(application.user, null, listOf(SimpleGrantedAuthority("ROLE_APPLICATION")))
-            SecurityContextHolder.getContext().authentication = token
-
-            chain.doFilter(requestWrapper, response)
-            return
-        }
-
-        else if (request.requestURI.startsWith("/public") && request.getHeader("OPEN-API-KEY") != null) {
+        } /*else if (request.requestURI.startsWith("/public") && request.getHeader("OPEN-API-KEY") != null) {
 
             val accessKey = request.getHeader("OPEN-API-KEY")
             val signature = request.getHeader("OPEN-API-SIGNATURE")
@@ -71,19 +98,23 @@ class PublicApiAuthorizationFilter(
 
             val application = applicationService.getByAccessKey(accessKey)
 
-            if (!checkHash(accessKey, signature, walletApiStateRequest.timestamp.toLong(), str)) {
+            if (!checkHash(application, signature, str, walletApiStateRequest.timestamp.toLong())) {
                 val exceptionResponse = ExceptionResponse(UNAUTHORIZED.value(), "Signature mismatch or request timeout")
                 response.status = exceptionResponse.status
                 response.writer.write(mapper.writeValueAsString(exceptionResponse))
                 return
             }
 
-            val token = UsernamePasswordAuthenticationToken(application.user, null, listOf(SimpleGrantedAuthority("ROLE_APPLICATION")))
+            val token = UsernamePasswordAuthenticationToken(
+                application.user,
+                null,
+                listOf(SimpleGrantedAuthority("ROLE_APPLICATION"))
+            )
             SecurityContextHolder.getContext().authentication = token
 
             chain.doFilter(requestWrapper, response)
             return
-        }
+        }*/
 
         chain.doFilter(request, response)
     }
@@ -92,16 +123,18 @@ class PublicApiAuthorizationFilter(
         // Do nothing
     }
 
-    private fun checkHash(accessKey: String, signature: String, timestamp: Long, str: String): Boolean{
+    private fun checkHash(application: Application, signature: String, str: String, timestamp: Long): Boolean {
+
         val diffMinutes = differenceEpochs(currentEpochs(), timestamp)
         val expirePeriod = properties.expireApi!!
 
-        val application = applicationService.getByAccessKey(accessKey)
-
         val hmacSha256 = application.let {
             KeyGeneratorUtils.calcHmacSha256(it.apiSecretKey, str)
         }
-
+        println(hmacSha256)
+        println(signature)
+        println("HASH ${hmacSha256 != signature}")
+        println("PERIOD ${diffMinutes > expirePeriod}")
         if (hmacSha256 != signature || diffMinutes > expirePeriod) {
             return false
         }

src/main/kotlin/io/openfuture/api/controller/api/ApplicationWalletApiController.kt

@@ -4,6 +4,7 @@ import io.openfuture.api.annotation.CurrentUser
 import io.openfuture.api.domain.key.GenerateWalletRequest
 import io.openfuture.api.domain.key.ImportWalletRequest
 import io.openfuture.api.domain.key.KeyWalletDto
+import io.openfuture.api.domain.key.KeyWalletEncryptedDto
 import io.openfuture.api.domain.state.StateSignRequest
 import io.openfuture.api.domain.state.StateWalletTransactionDetail
 import io.openfuture.api.entity.auth.User
@@ -31,7 +32,7 @@ class ApplicationWalletApiController(
     }
 
     @GetMapping("/{applicationId}")
-    fun getAll(@PathVariable("applicationId") applicationId: Long): Array<KeyWalletDto> {
+    fun getAll(@PathVariable("applicationId") applicationId: Long): Array<KeyWalletEncryptedDto> {
         return service.getAllWallets(applicationId)
     }
 

src/main/kotlin/io/openfuture/api/controller/api/PublicWalletApiController.kt

@@ -1,52 +1,60 @@
 package io.openfuture.api.controller.api
 
 import io.openfuture.api.domain.key.KeyWalletDto
+import io.openfuture.api.domain.key.KeyWalletEncryptedDto
 import io.openfuture.api.domain.key.WalletApiCreateRequest
+import io.openfuture.api.domain.state.StateOrderDetail
 import io.openfuture.api.domain.state.WalletApiStateRequest
 import io.openfuture.api.domain.state.WalletApiStateResponse
 import io.openfuture.api.service.ApplicationService
+import io.openfuture.api.service.ApplicationWalletService
 import io.openfuture.api.service.WalletApiService
+import org.springframework.security.access.prepost.PreAuthorize
 import org.springframework.web.bind.annotation.*
 import org.web3j.protocol.core.methods.response.TransactionReceipt
 
 
 @RestController
 @RequestMapping("/public/api/v1/wallet")
+@PreAuthorize(value = "hasAnyRole('ROLE_APPLICATION')")
 class PublicWalletApiController(
-    private val service: WalletApiService,
-    private val applicationService: ApplicationService
+    private val walletApiService: WalletApiService,
+    private val applicationService: ApplicationService,
+    private val applicationWalletService: ApplicationWalletService
 ) {
 
-    //@PreAuthorize(value = "hasAnyRole('ROLE_APPLICATION')")
     @PostMapping("/process")
-    fun generateWallet(
-        @RequestBody walletApiCreateRequest: WalletApiCreateRequest,
-        @RequestHeader("X-API-KEY") accessKey: String
-    ): Array<KeyWalletDto> {
+    fun generateWallet(@RequestBody walletApiCreateRequest: WalletApiCreateRequest, @RequestHeader("X-API-KEY") accessKey: String): Array<KeyWalletDto> {
+        println("ACCESS KEY: $accessKey")
         val application = applicationService.getByAccessKey(accessKey)
-        return service.processWalletSDK(walletApiCreateRequest, application, application.user)
+        return walletApiService.processWalletSDK(walletApiCreateRequest, application, application.user)
+    }
+
+    @GetMapping
+    fun getWallets(@RequestHeader("X-API-KEY") accessKey: String): Array<KeyWalletEncryptedDto> {
+        val application = applicationService.getByAccessKey(accessKey)
+        return applicationWalletService.getAllWallets(application.id)
+    }
+
+    @GetMapping("/details")
+    fun getWalletDetails(@RequestHeader("X-API-KEY") accessKey: String): Array<StateOrderDetail> {
+        val application = applicationService.getByAccessKey(accessKey)
+        return walletApiService.getOrderDetails(application.id.toString())
     }
 
     @PostMapping("/save")
-    fun saveWallet(
-        @RequestBody walletApiStateRequest: WalletApiStateRequest,
-        @RequestHeader("OPEN-API-KEY") accessKey: String
-    ): Boolean {
+    fun saveWallet(@RequestBody walletApiStateRequest: WalletApiStateRequest, @RequestHeader("OPEN-API-KEY") accessKey: String): Boolean {
         val application = applicationService.getByAccessKey(accessKey)
-        return service.saveWalletSDK(walletApiStateRequest, application, application.user)
+        return walletApiService.saveWalletSDK(walletApiStateRequest, application, application.user)
     }
 
     @PostMapping("/fetch")
-    fun getWallet(
-        @RequestBody walletApiStateRequest: WalletApiStateRequest
-    ): WalletApiStateResponse {
-        return service.getWallet(walletApiStateRequest.address, walletApiStateRequest.blockchain)
+    fun getWallet(@RequestBody walletApiStateRequest: WalletApiStateRequest): WalletApiStateResponse {
+        return walletApiService.getWallet(walletApiStateRequest.address, walletApiStateRequest.blockchain)
     }
 
     @PostMapping("/broadcast")
-    fun broadcastTransaction(
-        @RequestBody walletApiStateRequest: WalletApiStateRequest
-    ): TransactionReceipt {
-        return service.broadcastTransaction(walletApiStateRequest.address, walletApiStateRequest.blockchain)
+    fun broadcastTransaction(@RequestBody walletApiStateRequest: WalletApiStateRequest): TransactionReceipt {
+        return walletApiService.broadcastTransaction(walletApiStateRequest.address, walletApiStateRequest.blockchain)
     }
 }

src/main/kotlin/io/openfuture/api/controller/base/ExceptionRestControllerAdvice.kt

@@ -4,6 +4,7 @@ import io.openfuture.api.domain.exception.ErrorDto
 import io.openfuture.api.domain.exception.ExceptionResponse
 import io.openfuture.api.exception.*
 import org.springframework.http.HttpStatus.BAD_REQUEST
+import org.springframework.http.HttpStatus.NOT_FOUND
 import org.springframework.http.converter.HttpMessageNotReadableException
 import org.springframework.validation.FieldError
 import org.springframework.web.bind.MethodArgumentNotValidException
@@ -15,6 +16,11 @@ import javax.validation.ConstraintViolationException
 @RestControllerAdvice
 class ExceptionRestControllerAdvice {
 
+    @ResponseStatus(code = NOT_FOUND)
+    @ExceptionHandler(NotFoundException::class)
+    fun notFoundExceptionHandler(exception: NotFoundException): ExceptionResponse =
+        ExceptionResponse(NOT_FOUND.value(), exception.message!!)
+
     @ResponseStatus(code = BAD_REQUEST)
     @ExceptionHandler(MethodArgumentNotValidException::class)
     fun methodArgumentNotValidExceptionHandler(exception: MethodArgumentNotValidException): ExceptionResponse {
@@ -74,4 +80,10 @@ class ExceptionRestControllerAdvice {
             ExceptionResponse(BAD_REQUEST.value(), exception.message ?: """Something went wrong. Please read the
                 |documentation https://docs.openfuture.io/ or contact us openplatform@zensoft.io""".trimMargin())
 
+    @ResponseStatus(code = BAD_REQUEST)
+    @ExceptionHandler(RuntimeException::class)
+    fun runtimeExceptionHandler(exception: RuntimeException): ExceptionResponse =
+        ExceptionResponse(BAD_REQUEST.value(), exception.message ?: """Something went wrong. Please read the
+                |documentation https://docs.openfuture.io/ or contact us openplatform@zensoft.io""".trimMargin())
+
 }

src/main/kotlin/io/openfuture/api/controller/widget/PaymentAddressWidgetController.kt

@@ -8,7 +8,7 @@ import org.springframework.web.bind.annotation.*
 @RestController
 @RequestMapping("/widget/payment/addresses")
 class PaymentAddressWidgetController(
-    private val service : WalletApiService
+    private val service: WalletApiService
 ) {
     @GetMapping("/order/{orderKey}")
     fun getAllAddressesByOrder(@PathVariable orderKey: String): PaymentWidgetResponse {