fixed tests

client/src/test/java/dev/fitko/fitconnect/client/SubscriberClientTest.java

@@ -134,6 +134,7 @@ class SubscriberClientTest {
         when(subscriberMock.decryptStringContent(any(), any())).thenReturn(mapper.writeValueAsBytes(metadata));
         when(subscriberMock.validateMetadata(any())).thenReturn(ValidationResult.ok());
         when(subscriberMock.validateHashIntegrity(any(), any())).thenReturn(ValidationResult.ok());
+        when(subscriberMock.validateSubmissionDataSchema(any(), any())).thenReturn(ValidationResult.ok());
 
         // When
         underTest.requestSubmission(submissionId).acceptSubmission();
@@ -172,6 +173,7 @@ class SubscriberClientTest {
         when(subscriberMock.decryptStringContent(any(), any())).thenReturn(mapper.writeValueAsBytes(metadata));
         when(subscriberMock.validateMetadata(any())).thenReturn(ValidationResult.ok());
         when(subscriberMock.validateHashIntegrity(any(), any())).thenReturn(ValidationResult.ok());
+        when(subscriberMock.validateSubmissionDataSchema(any(), any())).thenReturn(ValidationResult.ok());
 
         // When
         underTest.requestSubmission(submissionId).rejectSubmission(List.of(new InvalidEventLog()));
@@ -263,6 +265,7 @@ class SubscriberClientTest {
         when(subscriberMock.getSubmission(any())).thenReturn(submission);
         when(subscriberMock.validateMetadata(any())).thenReturn(ValidationResult.ok());
         when(subscriberMock.validateHashIntegrity(any(), any())).thenReturn(ValidationResult.ok());
+        when(subscriberMock.validateSubmissionDataSchema(any(), any())).thenReturn(ValidationResult.ok());
         when(subscriberMock.decryptStringContent(encryptionKey, submission.getEncryptedData())).thenReturn(dataPayload.getBytes());
         when(subscriberMock.decryptStringContent(encryptionKey, submission.getEncryptedMetadata())).thenReturn(metadataBytes);
 
@@ -348,6 +351,7 @@ class SubscriberClientTest {
         when(subscriberMock.decryptStringContent(any(), any())).thenReturn(invalidMetadata);
         when(subscriberMock.validateMetadata(any())).thenReturn(ValidationResult.ok());
         when(subscriberMock.validateHashIntegrity(any(), any())).thenReturn(ValidationResult.ok());
+        when(subscriberMock.validateSubmissionDataSchema(any(), any())).thenReturn(ValidationResult.ok());
 
         // When
         final var receivedSubmission = underTest.requestSubmission(submissionId);
@@ -398,6 +402,7 @@ class SubscriberClientTest {
         when(subscriberMock.getSubmission(any())).thenReturn(submission);
         when(subscriberMock.validateMetadata(any())).thenReturn(ValidationResult.ok());
         when(subscriberMock.validateHashIntegrity(any(), any())).thenReturn(ValidationResult.ok());
+        when(subscriberMock.validateSubmissionDataSchema(any(), any())).thenReturn(ValidationResult.ok());
         when(subscriberMock.decryptStringContent(encryptionKey, submission.getEncryptedData())).thenReturn(dataPayload.getBytes());
         when(subscriberMock.decryptStringContent(encryptionKey, submission.getEncryptedMetadata())).thenReturn(metadataBytes);
 
@@ -458,6 +463,59 @@ class SubscriberClientTest {
         logs.assertContains("Data might be corrupted, hash-sum does not match");
     }
 
+    @Test
+    void testInvalidSubmissionDataSchema() throws JsonProcessingException {
+
+        // Given
+        final RSAKey decryptionKey = privateKey;
+        final RSAKey encryptionKey = decryptionKey.toPublicJWK();
+        final CryptoService cryptoService = new JWECryptoService(new HashService());
+
+        final var dataPayload = "some data that was transferred";
+
+        final var hash = new Hash();
+        hash.setContent(cryptoService.hashBytes(dataPayload.getBytes()));
+        final SubmissionSchema submissionSchema = new SubmissionSchema();
+        submissionSchema.setSchemaUri(URI.create("urn:something"));
+        final var data = new Data();
+        data.setHash(hash);
+        data.setSubmissionSchema(submissionSchema);
+        final var contentStructure = new ContentStructure();
+        contentStructure.setData(data);
+        final var metadata = new Metadata();
+        metadata.setContentStructure(contentStructure);
+
+        final String encryptedData = cryptoService.encryptString(encryptionKey, mapper.writeValueAsString(data));
+        final String encryptedMetadata = cryptoService.encryptString(encryptionKey, mapper.writeValueAsString(metadata));
+        final var metadataBytes = mapper.writeValueAsBytes(metadata);
+        final var dataBytes = mapper.writeValueAsBytes(data);
+
+        final var submissionId = UUID.randomUUID();
+        final var destinationId = UUID.randomUUID();
+        final var caseId = UUID.randomUUID();
+
+        final var submission = new Submission();
+        submission.setCaseId(caseId);
+        submission.setSubmissionId(submissionId);
+        submission.setDestinationId(destinationId);
+        submission.setEncryptedMetadata(encryptedMetadata);
+        submission.setEncryptedData(encryptedData);
+
+        when(subscriberMock.getSubmission(any())).thenReturn(submission);
+        when(subscriberMock.decryptStringContent(decryptionKey, encryptedMetadata)).thenReturn(metadataBytes);
+        when(subscriberMock.decryptStringContent(decryptionKey, encryptedData)).thenReturn(dataBytes);
+        when(subscriberMock.validateMetadata(any())).thenReturn(ValidationResult.ok());
+        when(subscriberMock.validateHashIntegrity(any(), any())).thenReturn(ValidationResult.ok());
+        when(subscriberMock.validateSubmissionDataSchema(any(), any())).thenReturn(ValidationResult.error(new RuntimeException("Something went wrong!")));
+
+        // When
+        final var receivedSubmission = underTest.requestSubmission(submissionId);
+
+        // Then
+        assertNull(receivedSubmission);
+        logs.assertContains("Submission data does not match the provided schema");
+    }
+
     @Test
     void testCorruptedAttachment() throws JsonProcessingException {
         // Given
@@ -467,8 +525,11 @@ class SubscriberClientTest {
 
         final var dataHash = new Hash();
         dataHash.setContent("");
+        final SubmissionSchema submissionSchema = new SubmissionSchema();
+        submissionSchema.setSchemaUri(URI.create("urn:something"));
         final var data = new Data();
         data.setHash(dataHash);
+        data.setSubmissionSchema(submissionSchema);
 
         final var attachmentHash = new Hash();
         attachmentHash.setContent("");
@@ -502,6 +563,7 @@ class SubscriberClientTest {
         when(subscriberMock.decryptStringContent(decryptionKey, encryptedMetadata)).thenReturn(metadataBytes);
         when(subscriberMock.decryptStringContent(decryptionKey, encryptedData)).thenReturn(dataBytes);
         when(subscriberMock.validateMetadata(any())).thenReturn(ValidationResult.ok());
+        when(subscriberMock.validateSubmissionDataSchema(any(), any())).thenReturn(ValidationResult.ok());
 
         final var decryptedDataBytes = cryptoService.decryptBytes(decryptionKey, submission.getEncryptedData());
         when(subscriberMock.validateHashIntegrity(dataHash.getContent(), decryptedDataBytes)).thenReturn(ValidationResult.ok());

client/src/test/java/dev/fitko/fitconnect/client/util/ValidDataGuardTest.java

@@ -252,11 +252,9 @@ class ValidDataGuardTest {
         }
     }
 
-
     @Nested
     class EncryptedSubmissionPayloadDataTests {
 
-
         @Test
         void testValidEncryptedSubmissionPayload() {
 

core/src/main/java/dev/fitko/fitconnect/core/validation/DefaultValidationService.java

@@ -155,7 +155,7 @@ public class DefaultValidationService implements ValidationService {
 
         if (config.getCurrentEnvironment().isSkipSubmissionDataValidation()) {
             LOGGER.warn("Submission data validation is deactivated. This should be done only on secure test environments.");
-            return  ValidationResult.ok();
+            return ValidationResult.ok();
         }
 
         String schema = schemaProvider.loadSubmissionDataSchema(schemaUri);

core/src/test/java/dev/fitko/fitconnect/core/schema/SchemaResourceProviderTest.java

@@ -8,15 +8,20 @@ import dev.fitko.fitconnect.api.exceptions.SchemaNotFoundException;
 import dev.fitko.fitconnect.api.services.schema.SchemaProvider;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
+import org.springframework.http.ResponseEntity;
 import org.springframework.web.client.RestTemplate;
 
 import java.net.URI;
 import java.util.List;
 
 import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.containsString;
 import static org.hamcrest.Matchers.equalTo;
 import static org.junit.jupiter.api.Assertions.*;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
 
 class SchemaResourceProviderTest {
 
@@ -95,4 +100,59 @@ class SchemaResourceProviderTest {
         final URI schemaUri = URI.create("https://schema.fitko.de/fit-connect/metadata/9.9.9/metadata.schema.json");
         assertThrows(SchemaNotFoundException.class, () -> underTest.loadMetadataSchema(schemaUri));
     }
+
+    @Test
+    void loadSubmissionDataSchemaFromRemote() {
+
+        RestTemplate restTemplate = mock(RestTemplate.class);
+        when(restTemplate.getForEntity(eq(URI.create("https://test.json")), any())).thenReturn(ResponseEntity.ok("schema"));
+
+        SchemaResourceProvider schemaResourceProvider = new SchemaResourceProvider(restTemplate,
+                new SchemaResources(List.of(), List.of(), List.of(), List.of()));
+
+        String schema = schemaResourceProvider.loadSubmissionDataSchema(URI.create("https://test.json"));
+
+        assertThat(schema, equalTo("schema"));
+    }
+
+    @Test
+    void loadSubmissionDataSchemaFromRemoteFailed() {
+
+        RestTemplate restTemplate = mock(RestTemplate.class);
+        when(restTemplate.getForEntity(eq(URI.create("https://test.json")), any())).thenThrow(new RuntimeException("Something went wrong!"));
+
+        SchemaResourceProvider schemaResourceProvider = new SchemaResourceProvider(restTemplate,
+                new SchemaResources(List.of(), List.of(), List.of(), List.of()));
+
+        Exception exception = assertThrows(SchemaNotFoundException.class,
+                () -> schemaResourceProvider.loadSubmissionDataSchema(URI.create("https://test.json")));
+
+        assertThat(exception.getMessage(), equalTo("Submission data schema https://test.json is not available."));
+    }
+
+    @Test
+    void loadSubmissionDataSchemaFromMemory() {
+
+        SchemaResources schemaResources = new SchemaResources(List.of(), List.of(), List.of(),
+                List.of("/submission_data_schema_local.json"));
+
+        SchemaResourceProvider schemaResourceProvider = new SchemaResourceProvider(mock(RestTemplate.class), schemaResources);
+
+        String schema = schemaResourceProvider.loadSubmissionDataSchema(URI.create("urn:test:submission_data_schema.json"));
+
+        assertThat(schema, containsString("\"$id\": \"urn:test:submission_data_schema.json\""));
+    }
+
+    @Test
+    void loadSubmissionDataSchemaFromMemoryFailed() {
+
+        SchemaResources schemaResources = new SchemaResources(List.of(), List.of(), List.of(), List.of());
+
+        SchemaResourceProvider schemaResourceProvider = new SchemaResourceProvider(mock(RestTemplate.class), schemaResources);
+
+        Exception exception = assertThrows(SchemaNotFoundException.class,
+                () -> schemaResourceProvider.loadSubmissionDataSchema(URI.create("urn:test:submission_data_schema.json")));
+
+        assertThat(exception.getMessage(), equalTo("Submission data schema urn:test:submission_data_schema.json is not available."));
+    }
 }
\ No newline at end of file

core/src/test/java/dev/fitko/fitconnect/core/validation/DefaultValidationServiceTest.java

@@ -56,7 +56,7 @@ class DefaultValidationServiceTest {
 
     @BeforeEach
     void setUp() {
-        final var config = getApplicationConfig(true);
+        final var config = getApplicationConfig(true, false);
         hashService = new HashService();
         final List<String> setSchemas = SchemaConfig.getSetSchemaFilePaths("/set-schema");
         final List<String> metadataSchemas = SchemaConfig.getMetadataSchemaFileNames("/metadata-schema");
@@ -132,7 +132,7 @@ class DefaultValidationServiceTest {
     void testInvalidPublicKeyWithInsecureKeyAllowed() throws Exception {
 
         // Given
-        final ApplicationConfig config = getApplicationConfig(true);
+        final ApplicationConfig config = getApplicationConfig(true, false);
         final var underTest = new DefaultValidationService(config, hashService, schemaProvider);
 
         final RSAKey rsaKey = new RSAKeyGenerator(4096)
@@ -152,7 +152,7 @@ class DefaultValidationServiceTest {
     void testInvalidPublicKeyWithInsecureKeyNotAllowed() throws Exception {
 
         // Given
-        final ApplicationConfig config = getApplicationConfig(false);
+        final ApplicationConfig config = getApplicationConfig(false, false);
         final var underTest = new DefaultValidationService(config, hashService, schemaProvider);
 
         final RSAKey rsaKey = new RSAKeyGenerator(4096)
@@ -414,7 +414,7 @@ class DefaultValidationServiceTest {
         // Given
         SchemaProvider schemaProvider = mock(SchemaProvider.class);
         when(schemaProvider.loadSubmissionDataSchema(any())).thenReturn("{}");
-        DefaultValidationService defaultValidationService = new DefaultValidationService(getApplicationConfig(true), new HashService(), schemaProvider);
+        DefaultValidationService defaultValidationService = new DefaultValidationService(getApplicationConfig(true, false), new HashService(), schemaProvider);
 
         final var validJson = getResource("/valid_json_data.json");
 
@@ -431,7 +431,7 @@ class DefaultValidationServiceTest {
         // Given
         SchemaProvider schemaProvider = mock(SchemaProvider.class);
         when(schemaProvider.loadSubmissionDataSchema(any())).thenReturn("{}");
-        DefaultValidationService defaultValidationService = new DefaultValidationService(getApplicationConfig(true), new HashService(), schemaProvider);
+        DefaultValidationService defaultValidationService = new DefaultValidationService(getApplicationConfig(true, false), new HashService(), schemaProvider);
 
         final var invalidJson = getResource("/invalid_json_data.json");
 
@@ -449,8 +449,8 @@ class DefaultValidationServiceTest {
 
         // Given
         SchemaProvider schemaProvider = mock(SchemaProvider.class);
-        when(schemaProvider.loadSubmissionDataSchema(any())).thenReturn(getResource("/submission_data_schema.json"));
-        DefaultValidationService defaultValidationService = new DefaultValidationService(getApplicationConfig(true), new HashService(), schemaProvider);
+        when(schemaProvider.loadSubmissionDataSchema(any())).thenReturn(getResource("/submission_data_schema_remote.json"));
+        DefaultValidationService defaultValidationService = new DefaultValidationService(getApplicationConfig(true, false), new HashService(), schemaProvider);
 
         final var invalidJson = "{ \"someString\": \"someStringValue\", \"someArray\": [\"someArrayValue\"] }";
 
@@ -467,8 +467,8 @@ class DefaultValidationServiceTest {
 
         // Given
         SchemaProvider schemaProvider = mock(SchemaProvider.class);
-        when(schemaProvider.loadSubmissionDataSchema(any())).thenReturn(getResource("/submission_data_schema.json"));
-        DefaultValidationService defaultValidationService = new DefaultValidationService(getApplicationConfig(true), new HashService(), schemaProvider);
+        when(schemaProvider.loadSubmissionDataSchema(any())).thenReturn(getResource("/submission_data_schema_remote.json"));
+        DefaultValidationService defaultValidationService = new DefaultValidationService(getApplicationConfig(true, false), new HashService(), schemaProvider);
 
         final var invalidJson = "{ \"wrongString\": \"someStringValue\", \"someArray\": [\"someArrayValue\"] }";
 
@@ -481,6 +481,24 @@ class DefaultValidationServiceTest {
         assertThat(validationResult.getError().getMessage(), containsString("$.someString"));
     }
 
+    @Test
+    void testIgnoreInvalidSubmissionDataSchemaWhenValidationIsDeactivated() throws IOException {
+
+        // Given
+        SchemaProvider schemaProvider = mock(SchemaProvider.class);
+        when(schemaProvider.loadSubmissionDataSchema(any())).thenReturn(getResource("/submission_data_schema_remote.json"));
+        DefaultValidationService defaultValidationService = new DefaultValidationService(getApplicationConfig(true, true), new HashService(), schemaProvider);
+
+        final var invalidJson = "{ \"wrongString\": \"someStringValue\", \"someArray\": [\"someArrayValue\"] }";
+
+        // When
+        final ValidationResult validationResult = defaultValidationService.validateSubmissionDataSchema(invalidJson, URI.create("urn:something"));
+
+        // Then
+        assertTrue(validationResult.isValid());
+        assertFalse(validationResult.hasError());
+    }
+
     @Test
     void validateCallback() {
 
@@ -545,10 +563,11 @@ class DefaultValidationServiceTest {
         );
     }
 
-    private static ApplicationConfig getApplicationConfig(final boolean allowInsecureKey) {
+    private static ApplicationConfig getApplicationConfig(final boolean allowInsecureKey, final boolean skipSubmissionDataValidation) {
         final var envName = new EnvironmentName("testing");
         final var testing = new Environment();
         testing.setAllowInsecurePublicKey(allowInsecureKey);
+        testing.setSkipSubmissionDataValidation(skipSubmissionDataValidation);
         final var config = new ApplicationConfig();
         config.setEnvironments(Map.of(envName, testing));
         config.setActiveEnvironment(envName);

core/src/test/resources/submission_data_schema_local.json

+{
+  "type": "object",
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "urn:test:submission_data_schema.json",
+  "title": "test service",
+  "properties": {
+    "someString": {
+      "type": "string"
+    },
+    "someArray": {
+      "type": "array",
+      "items": {
+        "type": "string"
+      },
+      "minItems": 1
+    }
+  },
+  "required": [
+    "someString",
+    "someArray"
+  ]
+}
\ No newline at end of file