diff --git a/application/src/main/kotlin/org/gxf/crestdeviceservice/config/ApiAccessFilter.kt b/application/src/main/kotlin/org/gxf/crestdeviceservice/config/ApiAccessFilter.kt index 78e071af..83bfb235 100644 --- a/application/src/main/kotlin/org/gxf/crestdeviceservice/config/ApiAccessFilter.kt +++ b/application/src/main/kotlin/org/gxf/crestdeviceservice/config/ApiAccessFilter.kt @@ -3,27 +3,33 @@ // SPDX-License-Identifier: Apache-2.0 package org.gxf.crestdeviceservice.config +import io.github.oshai.kotlinlogging.KotlinLogging import jakarta.servlet.Filter import jakarta.servlet.FilterChain import jakarta.servlet.ServletRequest import jakarta.servlet.ServletResponse import jakarta.servlet.http.HttpServletRequest import jakarta.servlet.http.HttpServletResponse +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty import org.springframework.boot.autoconfigure.web.ServerProperties import org.springframework.stereotype.Component @Component +@ConditionalOnProperty(name = ["config.api-access-filter.enabled"], matchIfMissing = true) class ApiAccessFilter(private val serverProperties: ServerProperties) : Filter { + private val logger = KotlinLogging.logger {} + override fun doFilter(request: ServletRequest, response: ServletResponse, chain: FilterChain) { - if (isAllowedCombination(request)) { + if (isAllowedCombination(request as HttpServletRequest)) { chain.doFilter(request, response) } else { (response as HttpServletResponse).sendError(404) } } - private fun isAllowedCombination(request: ServletRequest): Boolean { - val requestUri = (request as HttpServletRequest).requestURI + private fun isAllowedCombination(request: HttpServletRequest): Boolean { + logger.debug { "Filtering request for ${request.requestURL}" } + val requestUri = request.requestURI return isErrorEndpoint(requestUri) || if (isProxyPort(request)) { @@ -33,11 +39,17 @@ class ApiAccessFilter(private val serverProperties: ServerProperties) : Filter { } } - private fun isErrorEndpoint(requestUri: String) = requestUri.startsWith("/error") + private fun isErrorEndpoint(requestUri: String) = + requestUri.startsWith("/error").also { logger.debug { "isErrorEndpoint: $it" } } - private fun isProxyEndpoint(requestUri: String) = requestUri.startsWith("/sng") || requestUri.startsWith("/psk") + private fun isProxyEndpoint(requestUri: String) = + (requestUri.startsWith("/sng") || requestUri.startsWith("/psk")).also { + logger.debug { "isProxyEndpoint: $it" } + } - private fun isWebEndpoint(requestUri: String) = requestUri.startsWith("/web") || requestUri.startsWith("/test") + private fun isWebEndpoint(requestUri: String) = + (requestUri.startsWith("/web") || requestUri.startsWith("/test")).also { logger.debug { "isWebEndpoint: $it" } } - private fun isProxyPort(request: ServletRequest) = request.serverPort == serverProperties.port + private fun isProxyPort(request: ServletRequest) = + (request.localPort == serverProperties.port).also { logger.debug { "isProxyPort: $it" } } } diff --git a/application/src/main/kotlin/org/gxf/crestdeviceservice/controller/MessageController.kt b/application/src/main/kotlin/org/gxf/crestdeviceservice/controller/MessageController.kt index 4163b9dc..f9f3a767 100644 --- a/application/src/main/kotlin/org/gxf/crestdeviceservice/controller/MessageController.kt +++ b/application/src/main/kotlin/org/gxf/crestdeviceservice/controller/MessageController.kt @@ -5,6 +5,7 @@ package org.gxf.crestdeviceservice.controller import com.fasterxml.jackson.databind.JsonNode import io.github.oshai.kotlinlogging.KotlinLogging +import org.gxf.crestdeviceservice.command.entity.Command import org.gxf.crestdeviceservice.service.DeviceMessageService import org.springframework.http.ResponseEntity import org.springframework.lang.NonNull @@ -29,6 +30,7 @@ class MessageController(private val deviceMessageService: DeviceMessageService) return try { val downlink = deviceMessageService.processDeviceMessage(body, identity) + logDownlink(downlink, identity) ResponseEntity.ok(downlink) } catch (e: Exception) { logger.error(e) { @@ -39,4 +41,15 @@ class MessageController(private val deviceMessageService: DeviceMessageService) logger.debug { "Processed message" } } } + + private fun logDownlink(downlink: String, identity: String) { + logger.debug { + if (downlink.contains(Command.CommandType.PSK.name)) { + // This covers both PSK and PSK:SET, don't log the actual PSK + "Sending downlink with PSK to device $identity" + } else { + "Sending downlink '$downlink' to device $identity" + } + } + } } diff --git a/application/src/test/kotlin/org/gxf/crestdeviceservice/config/ApiAccessFilterTest.kt b/application/src/test/kotlin/org/gxf/crestdeviceservice/config/ApiAccessFilterTest.kt index 555fb8d7..a7fed0c2 100644 --- a/application/src/test/kotlin/org/gxf/crestdeviceservice/config/ApiAccessFilterTest.kt +++ b/application/src/test/kotlin/org/gxf/crestdeviceservice/config/ApiAccessFilterTest.kt @@ -43,7 +43,7 @@ class ApiAccessFilterTest { fun shouldReturnTheRightStatusCodeForRequestOnPort(port: Int, uri: String, expectedHttpCode: Int) { val chain = MockFilterChain() val request = MockHttpServletRequest() - request.serverPort = port + request.localPort = port request.requestURI = uri val response = MockHttpServletResponse() diff --git a/application/src/test/resources/application.yaml b/application/src/test/resources/application.yaml index e346b3dc..32de1452 100644 --- a/application/src/test/resources/application.yaml +++ b/application/src/test/resources/application.yaml @@ -1,2 +1,6 @@ server: - port: 9000 \ No newline at end of file + port: 9000 + +config: + api-access-filter: + enabled: false # localPort is not handled well by mockmvc