feat(FSADT1-1631): updating details api for legacy clients

backend/src/main/java/ca/bc/gov/app/ApplicationConstant.java

@@ -112,5 +112,6 @@ left join nrfc.province_code pc on (pc.province_code = sl.province_code and pc.c
 
   public static final String MDC_USERID = "X-USER";
 
+  public static final String MDC_USERROLES = "X-Role";
 }
 

backend/src/main/java/ca/bc/gov/app/configuration/GlobalServiceConfiguration.java

@@ -1,5 +1,6 @@
 package ca.bc.gov.app.configuration;
 
+import ca.bc.gov.app.converters.ForestClientDetailsSerializerModifier;
 import ca.bc.gov.app.dto.ValidationError;
 import ca.bc.gov.app.dto.bcregistry.BcRegistryAddressDto;
 import ca.bc.gov.app.dto.bcregistry.BcRegistryAlternateNameDto;
@@ -54,6 +55,8 @@
 import ca.bc.gov.app.health.HealthExchangeFilterFunction;
 import ca.bc.gov.app.health.ManualHealthIndicator;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.module.SimpleModule;
+import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.aot.hint.annotation.RegisterReflectionForBinding;
 import org.springframework.beans.factory.annotation.Qualifier;
@@ -305,7 +308,20 @@ public WebClient processorApi(
 
   @Bean
   public ObjectMapper objectMapper(Jackson2ObjectMapperBuilder builder) {
-    return builder.build();
+
+    ObjectMapper mapper = builder.build();
+    mapper.registerModule(new JavaTimeModule());
+    mapper.registerModule(forestClientDetailsDtoModule());
+
+    return mapper;
+  }
+
+  SimpleModule forestClientDetailsDtoModule() {
+    SimpleModule module = new SimpleModule();
+
+    // Register the serializer modifier
+    module.setSerializerModifier(new ForestClientDetailsSerializerModifier());
+    return module;
   }
 
 }

backend/src/main/java/ca/bc/gov/app/controller/client/ClientController.java

@@ -64,32 +64,11 @@ public Mono<ClientDetailsDto> getClientDetailsByIncorporationNumber(
             JwtPrincipalUtil.getProvider(principal)
         );
   }
-
-  /**
-   * Handles HTTP GET requests to retrieve client details based on the provided client number.
-   *
-   * <p>This method fetches the details of a client from the {@code ClientService} using the 
-   * specified {@code clientNumber}. The caller's JWT authentication token is used to extract 
-   * user-related information such as groups and user ID.</p>
-   *
-   * @param clientNumber the unique identifier of the client whose details are to be retrieved.
-   * @param principal    the {@link JwtAuthenticationToken} containing the authenticated user's 
-   *                     information, including their roles and groups.
-   * @return a {@link Mono} emitting the {@link ForestClientDetailsDto} containing the requested 
-   *         client details, or an error if the client cannot be found or accessed.
-   */
+
   @GetMapping("/details/{clientNumber}")
-  public Mono<ForestClientDetailsDto> getClientDetailsByClientNumber(
-      @PathVariable String clientNumber,
-      JwtAuthenticationToken principal
-  ) {   
-    log.info("Requesting client details for client number {} from the client service. {}",
-        clientNumber,
-        JwtPrincipalUtil.getUserId(principal)
-    );
-    return clientService.getClientDetailsByClientNumber(
-            clientNumber,
-            JwtPrincipalUtil.getGroups(principal));
+  public Mono<ForestClientDetailsDto> getClientDetailsByClientNumber(@PathVariable String clientNumber) {
+    log.info("Requesting client details for client number {}", clientNumber);
+    return clientService.getClientDetailsByClientNumber(clientNumber);
   }
 
   /**

backend/src/main/java/ca/bc/gov/app/controller/filters/ContextPropagatorWebFilter.java

@@ -0,0 +1,75 @@
+package ca.bc.gov.app.controller.filters;
+
+import io.micrometer.context.ContextRegistry;
+import java.util.function.Function;
+import org.slf4j.MDC;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.ReactiveSecurityContextHolder;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.web.server.ServerWebExchange;
+import org.springframework.web.server.WebFilter;
+import org.springframework.web.server.WebFilterChain;
+import reactor.core.publisher.Mono;
+import reactor.util.context.Context;
+
+public abstract class ContextPropagatorWebFilter implements WebFilter {
+
+  protected abstract String getContextKey();
+
+  protected abstract Function<Authentication, String> getContextValueExtractor();
+
+  /**
+   * Filters each incoming request to extract from the security context a {@link String} value using
+   * {@link #getContextValueExtractor()} and set it in the MDC.
+   * The value is then propagated down the filter chain and set in the reactive context
+   * to ensure it is available for logging and tracing in both reactive and non-reactive parts of
+   * the application.
+   *
+   * @param exchange The current server web exchange that contains information about the request and
+   *                 response.
+   * @param chain    The web filter chain that allows the filter to pass on the request to the next
+   *                 entity in the chain.
+   * @return A Mono<Void> that indicates when request handling is complete.
+   */
+  @Override
+  public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
+    // This is to be able to tackle non-reactive context
+    contextLoad();
+
+    return
+        // Here we are getting the user id from the security context
+        ReactiveSecurityContextHolder
+            .getContext()
+            .map(SecurityContext::getAuthentication)
+            .map(getContextValueExtractor())
+            // Then we set it to the MDC
+            .doOnNext(userId -> MDC.put(getContextKey(), userId))
+            // Then we chain the filter, passing the context down
+            .flatMap(userId -> chain
+                .filter(exchange)
+                .contextWrite(Context.of(getContextKey(), userId))
+                // While we are at it, we also set the context for the reactive part
+                .doOnNext(v -> contextLoad())
+            );
+  }
+
+  /**
+   * Initializes and registers a thread-local context for the current thread. This method configures
+   * the {@link ContextRegistry} to handle the value within the MDC (Mapped Diagnostic Context),
+   * allowing for the propagation of the value across different parts of the application that run
+   * on the same thread. It specifically sets up accessors for getting, setting, and removing the
+   * value from the MDC. This setup is crucial for maintaining state across the reactive and
+   * non-reactive parts of the application.
+   */
+  private void contextLoad() {
+    ContextRegistry
+        .getInstance()
+        .registerThreadLocalAccessor(
+            getContextKey(),
+            () -> MDC.get(getContextKey()),
+            userId -> MDC.put(getContextKey(), userId),
+            () -> MDC.remove(getContextKey())
+        );
+  }
+
+}

backend/src/main/java/ca/bc/gov/app/controller/filters/UserIdWebFilter.java

@@ -2,22 +2,14 @@
 
 import ca.bc.gov.app.ApplicationConstant;
 import ca.bc.gov.app.util.JwtPrincipalUtil;
-import io.micrometer.context.ContextRegistry;
+import java.util.function.Function;
 import lombok.extern.slf4j.Slf4j;
-import org.slf4j.MDC;
 import org.springframework.core.annotation.Order;
 import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.ReactiveSecurityContextHolder;
-import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.oauth2.jwt.Jwt;
 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
 import org.springframework.stereotype.Component;
-import org.springframework.web.server.ServerWebExchange;
-import org.springframework.web.server.WebFilter;
-import org.springframework.web.server.WebFilterChain;
-import reactor.core.publisher.Mono;
-import reactor.util.context.Context;
 
 
 /**
@@ -30,59 +22,11 @@
 @Component
 @Slf4j
 @Order(-1)
-public class UserIdWebFilter implements WebFilter {
+public class UserIdWebFilter extends ContextPropagatorWebFilter {
 
-  /**
-   * Filters each incoming request to extract the user ID from the security context and set it in
-   * the MDC. The user ID is then propagated down the filter chain and set in the reactive context
-   * to ensure it is available for logging and tracing in both reactive and non-reactive parts of
-   * the application.
-   *
-   * @param exchange The current server web exchange that contains information about the request and
-   *                 response.
-   * @param chain    The web filter chain that allows the filter to pass on the request to the next
-   *                 entity in the chain.
-   * @return A Mono<Void> that indicates when request handling is complete.
-   */
   @Override
-  public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
-    // This is to be able to tackle non-reactive context
-    contextLoad();
-
-    return
-        // Here we are getting the user id from the security context
-        ReactiveSecurityContextHolder
-            .getContext()
-            .map(SecurityContext::getAuthentication)
-            .map(this::extractUserId)
-            // Then we set it to the MDC
-            .doOnNext(userId -> MDC.put(ApplicationConstant.MDC_USERID, userId))
-            // Then we chain the filter, passing the context down
-            .flatMap(userId -> chain
-                .filter(exchange)
-                .contextWrite(Context.of(ApplicationConstant.MDC_USERID, userId))
-                // While we are at it, we also set the context for the reactive part
-                .doOnNext(v -> contextLoad())
-            );
-  }
-
-  /**
-   * Initializes and registers a thread-local context for the current thread. This method configures
-   * the {@link ContextRegistry} to handle the user ID within the MDC (Mapped Diagnostic Context),
-   * allowing for the propagation of the user ID across different parts of the application that run
-   * on the same thread. It specifically sets up accessors for getting, setting, and removing the
-   * user ID from the MDC. This setup is crucial for maintaining state across the reactive and
-   * non-reactive parts of the application.
-   */
-  private void contextLoad() {
-    ContextRegistry
-        .getInstance()
-        .registerThreadLocalAccessor(
-            ApplicationConstant.MDC_USERID,
-            () -> MDC.get(ApplicationConstant.MDC_USERID),
-            userId -> MDC.put(ApplicationConstant.MDC_USERID, userId),
-            () -> MDC.remove(ApplicationConstant.MDC_USERID)
-        );
+  protected String getContextKey() {
+    return ApplicationConstant.MDC_USERID;
   }
 
   /**
@@ -93,27 +37,29 @@ private void contextLoad() {
    * If the authentication object is null, not authenticated, or the principal type is not
    * supported, "no-user-id-found" is returned.
    *
-   * @param authentication The authentication object from which to extract the user ID.
    * @return The extracted user ID in the format "Provider\\UserID" or the username, or
    * "no-user-id-found" if it cannot be extracted.
    */
-  private String extractUserId(Authentication authentication) {
-    if (authentication != null && authentication.isAuthenticated()) {
-      Object principal = authentication.getPrincipal();
+  @Override
+  protected Function<Authentication, String> getContextValueExtractor() {
+    return authentication -> {
+      if (authentication != null && authentication.isAuthenticated()) {
+        Object principal = authentication.getPrincipal();
 
-      if (principal instanceof JwtAuthenticationToken jwt) {
-        return JwtPrincipalUtil.getUserId(jwt);
-      }
+        if (principal instanceof JwtAuthenticationToken jwt) {
+          return JwtPrincipalUtil.getUserId(jwt);
+        }
 
-      if (principal instanceof Jwt jwt) {
-        return JwtPrincipalUtil.getUserId(jwt);
-      }
+        if (principal instanceof Jwt jwt) {
+          return JwtPrincipalUtil.getUserId(jwt);
+        }
 
-      if (principal instanceof UserDetails userDetails) {
-        return userDetails.getUsername();
+        if (principal instanceof UserDetails userDetails) {
+          return userDetails.getUsername();
+        }
       }
-    }
-    return "no-user-id-found";
+      return "no-user-id-found";
+    };
   }
 
 }

backend/src/main/java/ca/bc/gov/app/controller/filters/UserRolesWebFilter.java

@@ -0,0 +1,55 @@
+package ca.bc.gov.app.controller.filters;
+
+import ca.bc.gov.app.ApplicationConstant;
+import ca.bc.gov.app.util.JwtPrincipalUtil;
+import java.util.Set;
+import java.util.function.Function;
+import java.util.stream.Collectors;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.core.annotation.Order;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.oauth2.jwt.Jwt;
+import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
+import org.springframework.stereotype.Component;
+
+@Component
+@Slf4j
+@Order(-2)
+public class UserRolesWebFilter extends ContextPropagatorWebFilter {
+
+  @Override
+  protected String getContextKey() {
+    return ApplicationConstant.MDC_USERROLES;
+  }
+
+  @Override
+  protected Function<Authentication, String> getContextValueExtractor() {
+    return authentication -> {
+      Set<String> roles = Set.of();
+      if (authentication != null && authentication.isAuthenticated()) {
+        Object principal = authentication.getPrincipal();
+
+        if (principal instanceof JwtAuthenticationToken jwt) {
+          roles = JwtPrincipalUtil.getGroups(jwt);
+        }
+
+        if (principal instanceof Jwt jwt) {
+          roles = JwtPrincipalUtil.getGroups(jwt);
+        }
+
+        if (principal instanceof UserDetails userDetails) {
+          roles = userDetails
+              .getAuthorities()
+              .stream()
+              .map(GrantedAuthority::getAuthority)
+              .collect(Collectors.toSet());
+
+        }
+      }
+      return String.join(",", roles);
+    };
+  }
+
+}

backend/src/main/java/ca/bc/gov/app/converters/ForestClientDetailsSerializerModifier.java

@@ -0,0 +1,26 @@
+package ca.bc.gov.app.converters;
+
+import ca.bc.gov.app.dto.legacy.ForestClientDetailsDto;
+import com.fasterxml.jackson.databind.BeanDescription;
+import com.fasterxml.jackson.databind.JsonSerializer;
+import com.fasterxml.jackson.databind.SerializationConfig;
+import com.fasterxml.jackson.databind.ser.BeanSerializerModifier;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+public class ForestClientDetailsSerializerModifier extends BeanSerializerModifier {
+
+  @Override
+  public JsonSerializer<?> modifySerializer(
+      SerializationConfig config,
+      BeanDescription beanDesc,
+      JsonSerializer<?> serializer
+  ) {
+
+    if (ForestClientDetailsDto.class.isAssignableFrom(beanDesc.getBeanClass())) {
+      return new ForestClientObfuscate<>();
+    }
+
+    return super.modifySerializer(config, beanDesc, serializer);
+  }
+}