Merge remote-tracking branch 'origin/master' into dleifker/default_ja…

…va_11_nonexplicit

.gitignore

@@ -68,7 +68,7 @@ metadata-ingestion/generated/**
 # docs
 docs/generated/
 tmp*
-temp*
+temp/**
 
 # frontend assets
 datahub-frontend/public/**

build.gradle

@@ -48,6 +48,7 @@ project.ext.externalDependency = [
     'avroCompiler_1_7': 'org.apache.avro:avro-compiler:1.7.7',
     'awsGlueSchemaRegistrySerde': 'software.amazon.glue:schema-registry-serde:1.1.10',
     'awsMskIamAuth': 'software.amazon.msk:aws-msk-iam-auth:1.1.1',
+    'awsSecretsManagerJdbc': 'com.amazonaws.secretsmanager:aws-secretsmanager-jdbc:1.0.8',
     'cacheApi' : 'javax.cache:cache-api:1.1.0',
     'commonsCli': 'commons-cli:commons-cli:1.5.0',
     'commonsIo': 'commons-io:commons-io:2.4',
@@ -87,6 +88,7 @@ project.ext.externalDependency = [
     'jerseyGuava': 'org.glassfish.jersey.bundles.repackaged:jersey-guava:2.25.1',
     'jettyJaas': 'org.eclipse.jetty:jetty-jaas:9.4.46.v20220331',
     'jgrapht': 'org.jgrapht:jgrapht-core:1.5.1',
+    'jsonPatch': 'com.github.java-json-tools:json-patch:1.13',
     'jsonSchemaAvro': 'com.github.fge:json-schema-avro:0.1.4',
     'jsonSimple': 'com.googlecode.json-simple:json-simple:1.1.1',
     'jsonSmart': 'net.minidev:json-smart:2.4.6',

datahub-frontend/app/client/AuthServiceClient.java

@@ -1,6 +1,8 @@
 package client;
 
+import com.datahub.authentication.Authentication;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.node.ObjectNode;
 import java.util.Objects;
 import javax.annotation.Nonnull;
 import lombok.extern.slf4j.Slf4j;
@@ -13,7 +15,6 @@
 import org.apache.http.impl.client.HttpClients;
 import org.apache.http.util.EntityUtils;
 import play.mvc.Http;
-import com.datahub.authentication.Authentication;
 
 
 /**
@@ -66,11 +67,15 @@ public String generateSessionTokenForUser(@Nonnull final String userId) {
     try {
 
       final String protocol = this.metadataServiceUseSsl ? "https" : "http";
-      final HttpPost request = new HttpPost(String.format("%s://%s:%s/%s", protocol, this.metadataServiceHost,
-          this.metadataServicePort, GENERATE_SESSION_TOKEN_ENDPOINT));
+      final HttpPost request = new HttpPost(
+          String.format("%s://%s:%s/%s", protocol, this.metadataServiceHost, this.metadataServicePort,
+              GENERATE_SESSION_TOKEN_ENDPOINT));
 
       // Build JSON request to generate a token on behalf of a user.
-      String json = String.format("{ \"%s\":\"%s\" }", USER_ID_FIELD, userId);
+      final ObjectMapper objectMapper = new ObjectMapper();
+      final ObjectNode objectNode = objectMapper.createObjectNode();
+      objectNode.put(USER_ID_FIELD, userId);
+      final String json = objectMapper.writerWithDefaultPrettyPrinter().writeValueAsString(objectNode);
       request.setEntity(new StringEntity(json));
 
       // Add authorization header with DataHub frontend system id and secret.
@@ -101,7 +106,6 @@ public String generateSessionTokenForUser(@Nonnull final String userId) {
   /**
    * Call the Auth Service to create a native Datahub user.
    */
-  @Nonnull
   public boolean signUp(@Nonnull final String userUrn, @Nonnull final String fullName, @Nonnull final String email,
       @Nonnull final String title, @Nonnull final String password, @Nonnull final String inviteToken) {
     Objects.requireNonNull(userUrn, "userUrn must not be null");
@@ -115,15 +119,20 @@ public boolean signUp(@Nonnull final String userUrn, @Nonnull final String fullN
     try {
 
       final String protocol = this.metadataServiceUseSsl ? "https" : "http";
-      final HttpPost request =
-          new HttpPost(String.format("%s://%s:%s/%s", protocol, this.metadataServiceHost, this.metadataServicePort,
+      final HttpPost request = new HttpPost(
+          String.format("%s://%s:%s/%s", protocol, this.metadataServiceHost, this.metadataServicePort,
               SIGN_UP_ENDPOINT));
 
-      // Build JSON request to verify credentials for a native user.
-      String json =
-          String.format("{ \"%s\":\"%s\", \"%s\":\"%s\", \"%s\":\"%s\", \"%s\":\"%s\", \"%s\":\"%s\", \"%s\":\"%s\" }",
-              USER_URN_FIELD, userUrn, FULL_NAME_FIELD, fullName, EMAIL_FIELD, email, TITLE_FIELD, title,
-              PASSWORD_FIELD, password, INVITE_TOKEN_FIELD, inviteToken);
+      // Build JSON request to sign up a native user.
+      final ObjectMapper objectMapper = new ObjectMapper();
+      final ObjectNode objectNode = objectMapper.createObjectNode();
+      objectNode.put(USER_URN_FIELD, userUrn);
+      objectNode.put(FULL_NAME_FIELD, fullName);
+      objectNode.put(EMAIL_FIELD, email);
+      objectNode.put(TITLE_FIELD, title);
+      objectNode.put(PASSWORD_FIELD, password);
+      objectNode.put(INVITE_TOKEN_FIELD, inviteToken);
+      final String json = objectMapper.writerWithDefaultPrettyPrinter().writeValueAsString(objectNode);
       request.setEntity(new StringEntity(json));
 
       // Add authorization header with DataHub frontend system id and secret.
@@ -141,7 +150,7 @@ public boolean signUp(@Nonnull final String userUrn, @Nonnull final String fullN
                 response.getEntity().toString()));
       }
     } catch (Exception e) {
-      throw new RuntimeException("Failed to create user", e);
+      throw new RuntimeException(String.format("Failed to create user %s", userUrn), e);
     } finally {
       try {
         httpClient.close();
@@ -154,7 +163,6 @@ public boolean signUp(@Nonnull final String userUrn, @Nonnull final String fullN
   /**
    * Call the Auth Service to reset credentials for a native DataHub user.
    */
-  @Nonnull
   public boolean resetNativeUserCredentials(@Nonnull final String userUrn, @Nonnull final String password,
       @Nonnull final String resetToken) {
     Objects.requireNonNull(userUrn, "userUrn must not be null");
@@ -170,9 +178,12 @@ public boolean resetNativeUserCredentials(@Nonnull final String userUrn, @Nonnul
               RESET_NATIVE_USER_CREDENTIALS_ENDPOINT));
 
       // Build JSON request to verify credentials for a native user.
-      String json =
-          String.format("{ \"%s\":\"%s\", \"%s\":\"%s\", \"%s\":\"%s\" }", USER_URN_FIELD, userUrn,
-              PASSWORD_FIELD, password, RESET_TOKEN_FIELD, resetToken);
+      final ObjectMapper objectMapper = new ObjectMapper();
+      final ObjectNode objectNode = objectMapper.createObjectNode();
+      objectNode.put(USER_URN_FIELD, userUrn);
+      objectNode.put(PASSWORD_FIELD, password);
+      objectNode.put(RESET_TOKEN_FIELD, resetToken);
+      final String json = objectMapper.writerWithDefaultPrettyPrinter().writeValueAsString(objectNode);
       request.setEntity(new StringEntity(json));
 
       // Add authorization header with DataHub frontend system id and secret.
@@ -203,7 +214,6 @@ public boolean resetNativeUserCredentials(@Nonnull final String userUrn, @Nonnul
   /**
    * Call the Auth Service to verify the credentials for a native Datahub user.
    */
-  @Nonnull
   public boolean verifyNativeUserCredentials(@Nonnull final String userUrn, @Nonnull final String password) {
     Objects.requireNonNull(userUrn, "userUrn must not be null");
     Objects.requireNonNull(password, "password must not be null");
@@ -217,8 +227,11 @@ public boolean verifyNativeUserCredentials(@Nonnull final String userUrn, @Nonnu
               VERIFY_NATIVE_USER_CREDENTIALS_ENDPOINT));
 
       // Build JSON request to verify credentials for a native user.
-      String json =
-          String.format("{ \"%s\":\"%s\", \"%s\":\"%s\" }", USER_URN_FIELD, userUrn, PASSWORD_FIELD, password);
+      final ObjectMapper objectMapper = new ObjectMapper();
+      final ObjectNode objectNode = objectMapper.createObjectNode();
+      objectNode.put(USER_URN_FIELD, userUrn);
+      objectNode.put(PASSWORD_FIELD, password);
+      final String json = objectMapper.writerWithDefaultPrettyPrinter().writeValueAsString(objectNode);
       request.setEntity(new StringEntity(json));
 
       // Add authorization header with DataHub frontend system id and secret.

datahub-frontend/app/controllers/Application.java

@@ -120,7 +120,7 @@ public CompletableFuture<Result> proxy(String path) throws ExecutionException, I
             .entrySet()
             .stream()
             // Remove X-DataHub-Actor to prevent malicious delegation.
-            .filter(entry -> !AuthenticationConstants.LEGACY_X_DATAHUB_ACTOR_HEADER.equals(entry.getKey()))
+            .filter(entry -> !AuthenticationConstants.LEGACY_X_DATAHUB_ACTOR_HEADER.equalsIgnoreCase(entry.getKey()))
             .filter(entry -> !Http.HeaderNames.CONTENT_LENGTH.equals(entry.getKey()))
             .filter(entry -> !Http.HeaderNames.CONTENT_TYPE.equals(entry.getKey()))
             .filter(entry -> !Http.HeaderNames.AUTHORIZATION.equals(entry.getKey()))
@@ -305,7 +305,11 @@ private String mapPath(@Nonnull final String path) {
     // Case 2: Map requests to /gms to / (Rest.li API)
     final String gmsApiPath = "/api/gms";
     if (path.startsWith(gmsApiPath)) {
-      return String.format("%s", path.substring(gmsApiPath.length()));
+      String newPath = path.substring(gmsApiPath.length());
+      if (!newPath.startsWith("/")) {
+        newPath = "/" + newPath;
+      }
+      return newPath;
     }
 
     // Otherwise, return original path