From c34a81f728bcfe8a0bf32c5df7b0e154b1ffd388 Mon Sep 17 00:00:00 2001
From: GeorgeC <gcolon021@gmail.com>
Date: Fri, 7 Feb 2025 16:06:00 -0500
Subject: [PATCH 1/6] Filter expired permissions from RAS Ga4gh Passports
Updated logic to exclude expired permissions when processing Ga4gh Passports and their corresponding RasDbgapPermissions. Adjusted tests to validate the new filtering behavior, ensuring only non-expired permissions are included.
---
.../auth/service/impl/RASPassPortService.java | 17 +++++------
.../RASAuthenticationService.java | 5 +++-
.../service/impl/RASPassPortServiceTest.java | 28 +++++++++++++++++--
3 files changed, 36 insertions(+), 14 deletions(-)
diff --git a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortService.java b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortService.java
index e4b09a1a8..59d7b4ad1 100644
--- a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortService.java
+++ b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortService.java
@@ -8,7 +8,6 @@
import edu.harvard.hms.dbmi.avillach.auth.model.ras.RasDbgapPermission;
import edu.harvard.hms.dbmi.avillach.auth.utils.JWTUtil;
import edu.harvard.hms.dbmi.avillach.auth.utils.RestClientUtil;
-import jakarta.annotation.PostConstruct;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -21,10 +20,8 @@
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Optional;
-import java.util.Set;
+import java.util.*;
+import java.util.stream.Collectors;
@Service
public class RASPassPortService {
@@ -161,7 +158,7 @@ public Optional<String> validateVisa(String visa) {
return Optional.ofNullable(responseVal);
}
- public Set<RasDbgapPermission> ga4gpPassportToRasDbgapPermissions(List<String> ga4ghPassports) {
+ public Set<RasDbgapPermission> ga4gpPassportToRasDbgapPermissions(Set<Optional<Ga4ghPassportV1>> ga4ghPassports) {
if (ga4ghPassports == null) {
return null;
}
@@ -169,12 +166,12 @@ public Set<RasDbgapPermission> ga4gpPassportToRasDbgapPermissions(List<String> g
logger.debug("Converting ga4ghPassports to RasDbgapPermissions");
HashSet<RasDbgapPermission> rasDbgapPermissions = new HashSet<>();
ga4ghPassports.forEach(ga4ghPassport -> {
- Optional<Ga4ghPassportV1> parsedGa4ghPassportV1 = JWTUtil.parseGa4ghPassportV1(ga4ghPassport);
- if (parsedGa4ghPassportV1.isPresent()) {
- Ga4ghPassportV1 ga4ghPassportV1 = parsedGa4ghPassportV1.get();
+ if (ga4ghPassport.isPresent()) {
+ Ga4ghPassportV1 ga4ghPassportV1 = ga4ghPassport.get();
logger.info("ga4gh_passport_v1: {}", ga4ghPassportV1);
- rasDbgapPermissions.addAll(ga4ghPassportV1.getRasDbgagPermissions());
+ long date = new Date().toInstant().toEpochMilli();
+ rasDbgapPermissions.addAll(ga4ghPassportV1.getRasDbgagPermissions().stream().filter(rasDbgapPermission -> date <= rasDbgapPermission.getExpiration()).collect(Collectors.toSet()));
}
});
diff --git a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/authentication/RASAuthenticationService.java b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/authentication/RASAuthenticationService.java
index 40b62ef31..058586fae 100644
--- a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/authentication/RASAuthenticationService.java
+++ b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/authentication/RASAuthenticationService.java
@@ -5,10 +5,12 @@
import com.fasterxml.jackson.databind.node.ObjectNode;
import edu.harvard.hms.dbmi.avillach.auth.entity.Connection;
import edu.harvard.hms.dbmi.avillach.auth.entity.User;
+import edu.harvard.hms.dbmi.avillach.auth.model.ras.Ga4ghPassportV1;
import edu.harvard.hms.dbmi.avillach.auth.model.ras.Passport;
import edu.harvard.hms.dbmi.avillach.auth.model.ras.RasDbgapPermission;
import edu.harvard.hms.dbmi.avillach.auth.service.AuthenticationService;
import edu.harvard.hms.dbmi.avillach.auth.service.impl.*;
+import edu.harvard.hms.dbmi.avillach.auth.utils.JWTUtil;
import edu.harvard.hms.dbmi.avillach.auth.utils.RestClientUtil;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
@@ -142,7 +144,8 @@ private Optional<Passport> extractAndVerifyPassport(Map<String, String> authRequ
protected User updateRasUserRoles(String code, User user, Passport rasPassport) {
logger.info("RAS PASSPORT FOUND ___ USER: {} ___ PASSPORT: {} ___ CODE {}", user.getSubject(), rasPassport, code);
- Set<RasDbgapPermission> dbgapPermissions = this.rasPassPortService.ga4gpPassportToRasDbgapPermissions(rasPassport.getGa4ghPassportV1());
+ Set<Optional<Ga4ghPassportV1>> ga4ghPassports = rasPassport.getGa4ghPassportV1().stream().map(JWTUtil::parseGa4ghPassportV1).filter(Optional::isPresent).collect(Collectors.toSet());
+ Set<RasDbgapPermission> dbgapPermissions = this.rasPassPortService.ga4gpPassportToRasDbgapPermissions(ga4ghPassports);
Set<String> dbgapRoleNames = this.roleService.getRoleNamesForDbgapPermissions(dbgapPermissions);
user = userService.updateUserRoles(user, dbgapRoleNames);
logger.debug("USER {} ROLES UPDATED {} ___ CODE {}",
diff --git a/pic-sure-auth-services/src/test/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortServiceTest.java b/pic-sure-auth-services/src/test/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortServiceTest.java
index af68ecdf1..06b0f9623 100644
--- a/pic-sure-auth-services/src/test/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortServiceTest.java
+++ b/pic-sure-auth-services/src/test/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortServiceTest.java
@@ -1,6 +1,7 @@
package edu.harvard.hms.dbmi.avillach.auth.service.impl;
import edu.harvard.hms.dbmi.avillach.auth.enums.PassportValidationResponse;
+import edu.harvard.hms.dbmi.avillach.auth.model.ras.Ga4ghPassportV1;
import edu.harvard.hms.dbmi.avillach.auth.model.ras.Passport;
import edu.harvard.hms.dbmi.avillach.auth.model.ras.RasDbgapPermission;
import edu.harvard.hms.dbmi.avillach.auth.utils.JWTUtil;
@@ -13,8 +14,11 @@
import org.springframework.http.ResponseEntity;
import org.springframework.test.context.ContextConfiguration;
+import java.util.Date;
+import java.util.List;
import java.util.Optional;
import java.util.Set;
+import java.util.stream.Collectors;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertNotNull;
@@ -57,16 +61,34 @@ public void testGa4ghPassPortStudies_IsNull() {
}
@Test
- public void testGa4gpPassportStudies_IsNotNull() {
+ public void testGa4gpPassportStudies_IsNotNull_And_ExpiredPermissionsExcluded() {
Optional<Passport> passport = JWTUtil.parsePassportJWTV11(exampleRasPassport);
- Set<RasDbgapPermission> permissions = rasPassPortService.ga4gpPassportToRasDbgapPermissions(passport.get().getGa4ghPassportV1());
+ Set<Optional<Ga4ghPassportV1>> ga4ghPassports = passport.get().getGa4ghPassportV1().stream().map(JWTUtil::parseGa4ghPassportV1).filter(Optional::isPresent).collect(Collectors.toSet());
+ Set<RasDbgapPermission> permissions = rasPassPortService.ga4gpPassportToRasDbgapPermissions(ga4ghPassports);
assertNotNull(permissions);
+ assertTrue(permissions.isEmpty());
}
@Test
public void testGa4gpPassportStudies_HasCorrectStudies() {
Optional<Passport> passport = JWTUtil.parsePassportJWTV11(exampleRasPassport);
- Set<RasDbgapPermission> permissions = rasPassPortService.ga4gpPassportToRasDbgapPermissions(passport.get().getGa4ghPassportV1());
+ long futureDate = new Date().toInstant().toEpochMilli() + 100000;
+
+ // Update the expiry date of each permission in our test passport. All permissions in the example passport
+ // expired in 2022.
+ Set<Optional<Ga4ghPassportV1>> ga4ghPassports = passport.get().getGa4ghPassportV1().stream()
+ .map(JWTUtil::parseGa4ghPassportV1)
+ .filter(Optional::isPresent)
+ .map(optionalPassport -> {
+ Ga4ghPassportV1 ga4ghPassportV1 = optionalPassport.get();
+ List<RasDbgapPermission> rasDbgagPermissions = ga4ghPassportV1.getRasDbgagPermissions();
+ List<RasDbgapPermission> newExpires = rasDbgagPermissions.stream().peek(rasDbgapPermission -> rasDbgapPermission.setExpiration(futureDate)).toList();
+ ga4ghPassportV1.setRasDbgagPermissions(newExpires);
+ return Optional.of(ga4ghPassportV1);
+ })
+ .collect(Collectors.toSet());
+
+ Set<RasDbgapPermission> permissions = rasPassPortService.ga4gpPassportToRasDbgapPermissions(ga4ghPassports);
assertEquals(2, permissions.size());
assertTrue(permissions.stream().anyMatch(p -> p.getPhsId().equals("phs000300")));
From 347a5a54b3421f819b6e55d3de78a11eb49f92ce Mon Sep 17 00:00:00 2001
From: GeorgeC <gcolon021@gmail.com>
Date: Mon, 10 Feb 2025 12:12:33 -0500
Subject: [PATCH 2/6] Refactor date initialization and add test for permission
filtering
Moved date initialization out of the loop in `RASPassPortService` for better efficiency. Added a new test case to ensure expired permissions are filtered correctly during GA4GH passport conversion. Enhanced assertions to validate expected behavior.
---
.../auth/service/impl/RASPassPortService.java | 2 +-
.../service/impl/RASPassPortServiceTest.java | 64 ++++++++++++++++---
2 files changed, 57 insertions(+), 9 deletions(-)
diff --git a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortService.java b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortService.java
index 59d7b4ad1..8fbd42b0a 100644
--- a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortService.java
+++ b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortService.java
@@ -165,12 +165,12 @@ public Set<RasDbgapPermission> ga4gpPassportToRasDbgapPermissions(Set<Optional<G
logger.debug("Converting ga4ghPassports to RasDbgapPermissions");
HashSet<RasDbgapPermission> rasDbgapPermissions = new HashSet<>();
+ long date = new Date().toInstant().toEpochMilli();
ga4ghPassports.forEach(ga4ghPassport -> {
if (ga4ghPassport.isPresent()) {
Ga4ghPassportV1 ga4ghPassportV1 = ga4ghPassport.get();
logger.info("ga4gh_passport_v1: {}", ga4ghPassportV1);
- long date = new Date().toInstant().toEpochMilli();
rasDbgapPermissions.addAll(ga4ghPassportV1.getRasDbgagPermissions().stream().filter(rasDbgapPermission -> date <= rasDbgapPermission.getExpiration()).collect(Collectors.toSet()));
}
});
diff --git a/pic-sure-auth-services/src/test/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortServiceTest.java b/pic-sure-auth-services/src/test/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortServiceTest.java
index 06b0f9623..b29ac43e3 100644
--- a/pic-sure-auth-services/src/test/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortServiceTest.java
+++ b/pic-sure-auth-services/src/test/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortServiceTest.java
@@ -14,16 +14,11 @@
import org.springframework.http.ResponseEntity;
import org.springframework.test.context.ContextConfiguration;
-import java.util.Date;
-import java.util.List;
-import java.util.Optional;
-import java.util.Set;
+import java.util.*;
+import java.util.concurrent.atomic.AtomicInteger;
import java.util.stream.Collectors;
-import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.junit.jupiter.api.Assertions.assertNotNull;
-import static org.junit.jupiter.api.Assertions.assertNull;
-import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assertions.*;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.when;
@@ -95,6 +90,59 @@ public void testGa4gpPassportStudies_HasCorrectStudies() {
assertTrue(permissions.stream().anyMatch(p -> p.getPhsId().equals("phs000006")));
}
+ @Test
+ public void testGa4gpPassportStudies_HalfAreExpired() {
+ Optional<Passport> passport = JWTUtil.parsePassportJWTV11(exampleRasPassport);
+ long futureDate = new Date().toInstant().toEpochMilli() + 100000;
+ long pastDate = new Date().toInstant().toEpochMilli() - 100000;
+
+ List<String> expiredPHS = new ArrayList<>();
+ List<String> validPHS = new ArrayList<>();
+ // Update the expiry date of each permission in our test passport.
+ // We alternate: even-indexed permissions become valid, odd-indexed ones remain (or become) invalid.
+ Set<Optional<Ga4ghPassportV1>> ga4ghPassports = passport.get().getGa4ghPassportV1().stream()
+ .map(JWTUtil::parseGa4ghPassportV1)
+ .filter(Optional::isPresent)
+ .map(optionalPassport -> {
+ Ga4ghPassportV1 ga4ghPassportV1 = optionalPassport.get();
+ List<RasDbgapPermission> rasDbgagPermissions = ga4ghPassportV1.getRasDbgagPermissions();
+
+ AtomicInteger index = new AtomicInteger();
+ List<RasDbgapPermission> updatedPermissions = rasDbgagPermissions.stream()
+ .peek(permission -> {
+ if (index.getAndIncrement() % 2 == 0) {
+ // For even indices, use a valid future expiration.
+ permission.setExpiration(futureDate);
+ validPHS.add(permission.getPhsId());
+ } else {
+ // For odd indices, use an expired (invalid) timestamp.
+ permission.setExpiration(pastDate);
+ expiredPHS.add(permission.getPhsId());
+ }
+ })
+ .collect(Collectors.toList());
+
+ ga4ghPassportV1.setRasDbgagPermissions(updatedPermissions);
+ return Optional.of(ga4ghPassportV1);
+ })
+ .collect(Collectors.toSet());
+
+ // Convert the GA4GH passports to RAS DbGaP permissions. The underlying conversion
+ // should filter out the ones with invalid expiration dates.
+ Set<RasDbgapPermission> permissions = rasPassPortService.ga4gpPassportToRasDbgapPermissions(ga4ghPassports);
+
+ // We expect only the valid (future-dated) permissions to be returned.
+ assertEquals(validPHS.size(), permissions.size());
+
+ // verify only expected values are in permissions set
+ List<String> finalPHS = permissions.stream().map(RasDbgapPermission::getPhsId).toList();
+ assertEquals(finalPHS, validPHS, "The valid phs ids do not match the expected values.");
+
+ // verify no expired permissions are in the passport.
+ expiredPHS.forEach(phs -> assertFalse(finalPHS.contains(phs), "Expired phs id " + phs + " should not appear in the valid permissions."));
+ }
+
+
@Test
public void testValidateVisa_Valid() {
when(restClientUtil.retrievePostResponse(any(String.class), any()))
From b8088ad38dd69e2294d43c8310af6caf5351e455 Mon Sep 17 00:00:00 2001
From: GeorgeC <gcolon021@gmail.com>
Date: Mon, 10 Feb 2025 13:45:59 -0500
Subject: [PATCH 3/6] Use `Instant.now()` instead of `new Date().toInstant()`.
Replaced `new Date().toInstant()` with `Instant.now()` for clearer and more concise timestamp generation. This simplifies the code and eliminates unnecessary intermediate objects while maintaining the same functionality. Updated corresponding test cases to reflect the changes.
---
.../avillach/auth/service/impl/RASPassPortService.java | 3 ++-
.../avillach/auth/service/impl/RASPassPortServiceTest.java | 7 ++++---
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortService.java b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortService.java
index 8fbd42b0a..22465c01e 100644
--- a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortService.java
+++ b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortService.java
@@ -20,6 +20,7 @@
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
+import java.time.Instant;
import java.util.*;
import java.util.stream.Collectors;
@@ -165,7 +166,7 @@ public Set<RasDbgapPermission> ga4gpPassportToRasDbgapPermissions(Set<Optional<G
logger.debug("Converting ga4ghPassports to RasDbgapPermissions");
HashSet<RasDbgapPermission> rasDbgapPermissions = new HashSet<>();
- long date = new Date().toInstant().toEpochMilli();
+ long date = Instant.now().toEpochMilli();
ga4ghPassports.forEach(ga4ghPassport -> {
if (ga4ghPassport.isPresent()) {
Ga4ghPassportV1 ga4ghPassportV1 = ga4ghPassport.get();
diff --git a/pic-sure-auth-services/src/test/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortServiceTest.java b/pic-sure-auth-services/src/test/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortServiceTest.java
index b29ac43e3..c31d69ff4 100644
--- a/pic-sure-auth-services/src/test/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortServiceTest.java
+++ b/pic-sure-auth-services/src/test/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortServiceTest.java
@@ -14,6 +14,7 @@
import org.springframework.http.ResponseEntity;
import org.springframework.test.context.ContextConfiguration;
+import java.time.Instant;
import java.util.*;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.stream.Collectors;
@@ -67,7 +68,7 @@ public void testGa4gpPassportStudies_IsNotNull_And_ExpiredPermissionsExcluded()
@Test
public void testGa4gpPassportStudies_HasCorrectStudies() {
Optional<Passport> passport = JWTUtil.parsePassportJWTV11(exampleRasPassport);
- long futureDate = new Date().toInstant().toEpochMilli() + 100000;
+ long futureDate = Instant.now().toEpochMilli() + 100000;
// Update the expiry date of each permission in our test passport. All permissions in the example passport
// expired in 2022.
@@ -93,8 +94,8 @@ public void testGa4gpPassportStudies_HasCorrectStudies() {
@Test
public void testGa4gpPassportStudies_HalfAreExpired() {
Optional<Passport> passport = JWTUtil.parsePassportJWTV11(exampleRasPassport);
- long futureDate = new Date().toInstant().toEpochMilli() + 100000;
- long pastDate = new Date().toInstant().toEpochMilli() - 100000;
+ long futureDate = Instant.now().toEpochMilli() + 100000;
+ long pastDate = Instant.now().toEpochMilli() - 100000;
List<String> expiredPHS = new ArrayList<>();
List<String> validPHS = new ArrayList<>();
From 6ad5215adaa049427b07a8c6686e15061be125a8 Mon Sep 17 00:00:00 2001
From: GeorgeC <gcolon021@gmail.com>
Date: Mon, 10 Feb 2025 13:56:43 -0500
Subject: [PATCH 4/6] Use `Instant.now()` instead of `new Date().toInstant()`.
---
.../service/impl/authentication/RASAuthenticationService.java | 2 ++
1 file changed, 2 insertions(+)
diff --git a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/authentication/RASAuthenticationService.java b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/authentication/RASAuthenticationService.java
index 058586fae..8872cc7fd 100644
--- a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/authentication/RASAuthenticationService.java
+++ b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/authentication/RASAuthenticationService.java
@@ -145,7 +145,9 @@ private Optional<Passport> extractAndVerifyPassport(Map<String, String> authRequ
protected User updateRasUserRoles(String code, User user, Passport rasPassport) {
logger.info("RAS PASSPORT FOUND ___ USER: {} ___ PASSPORT: {} ___ CODE {}", user.getSubject(), rasPassport, code);
Set<Optional<Ga4ghPassportV1>> ga4ghPassports = rasPassport.getGa4ghPassportV1().stream().map(JWTUtil::parseGa4ghPassportV1).filter(Optional::isPresent).collect(Collectors.toSet());
+ ga4ghPassports.forEach(ga4ghPassport -> logger.info(ga4ghPassport.toString()));
Set<RasDbgapPermission> dbgapPermissions = this.rasPassPortService.ga4gpPassportToRasDbgapPermissions(ga4ghPassports);
+ dbgapPermissions.forEach(dbgapPermission -> logger.info(dbgapPermission.toString()));
Set<String> dbgapRoleNames = this.roleService.getRoleNamesForDbgapPermissions(dbgapPermissions);
user = userService.updateUserRoles(user, dbgapRoleNames);
logger.debug("USER {} ROLES UPDATED {} ___ CODE {}",
From 0d713eaa72fa040cb075b6fac8df95eca6bb5fa0 Mon Sep 17 00:00:00 2001
From: GeorgeC <gcolon021@gmail.com>
Date: Mon, 10 Feb 2025 14:30:42 -0500
Subject: [PATCH 5/6] Normalize timestamp to seconds in RASPassPortService.
Updated timestamp calculations to use seconds instead of milliseconds for consistency with expected formats. Adjusted related test cases to align with the updated logic.
---
.../dbmi/avillach/auth/service/impl/RASPassPortService.java | 4 +---
.../avillach/auth/service/impl/RASPassPortServiceTest.java | 6 +++---
2 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortService.java b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortService.java
index 22465c01e..f9dc669ab 100644
--- a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortService.java
+++ b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortService.java
@@ -166,12 +166,10 @@ public Set<RasDbgapPermission> ga4gpPassportToRasDbgapPermissions(Set<Optional<G
logger.debug("Converting ga4ghPassports to RasDbgapPermissions");
HashSet<RasDbgapPermission> rasDbgapPermissions = new HashSet<>();
- long date = Instant.now().toEpochMilli();
+ long date = Instant.now().toEpochMilli() / 1000;
ga4ghPassports.forEach(ga4ghPassport -> {
if (ga4ghPassport.isPresent()) {
Ga4ghPassportV1 ga4ghPassportV1 = ga4ghPassport.get();
- logger.info("ga4gh_passport_v1: {}", ga4ghPassportV1);
-
rasDbgapPermissions.addAll(ga4ghPassportV1.getRasDbgagPermissions().stream().filter(rasDbgapPermission -> date <= rasDbgapPermission.getExpiration()).collect(Collectors.toSet()));
}
});
diff --git a/pic-sure-auth-services/src/test/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortServiceTest.java b/pic-sure-auth-services/src/test/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortServiceTest.java
index c31d69ff4..a2aa4c271 100644
--- a/pic-sure-auth-services/src/test/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortServiceTest.java
+++ b/pic-sure-auth-services/src/test/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/RASPassPortServiceTest.java
@@ -68,7 +68,7 @@ public void testGa4gpPassportStudies_IsNotNull_And_ExpiredPermissionsExcluded()
@Test
public void testGa4gpPassportStudies_HasCorrectStudies() {
Optional<Passport> passport = JWTUtil.parsePassportJWTV11(exampleRasPassport);
- long futureDate = Instant.now().toEpochMilli() + 100000;
+ long futureDate = (Instant.now().toEpochMilli() / 1000) + 100000;
// Update the expiry date of each permission in our test passport. All permissions in the example passport
// expired in 2022.
@@ -94,8 +94,8 @@ public void testGa4gpPassportStudies_HasCorrectStudies() {
@Test
public void testGa4gpPassportStudies_HalfAreExpired() {
Optional<Passport> passport = JWTUtil.parsePassportJWTV11(exampleRasPassport);
- long futureDate = Instant.now().toEpochMilli() + 100000;
- long pastDate = Instant.now().toEpochMilli() - 100000;
+ long futureDate = (Instant.now().toEpochMilli() / 1000) + 100000;
+ long pastDate = (Instant.now().toEpochMilli() / 1000) - 100000;
List<String> expiredPHS = new ArrayList<>();
List<String> validPHS = new ArrayList<>();
From 68d956a195eeb7d8dd5087461a8839334bd42b87 Mon Sep 17 00:00:00 2001
From: Gcolon021 <34667267+Gcolon021@users.noreply.github.com>
Date: Mon, 10 Feb 2025 15:12:53 -0500
Subject: [PATCH 6/6] Update
pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/authentication/RASAuthenticationService.java
---
.../service/impl/authentication/RASAuthenticationService.java | 2 --
1 file changed, 2 deletions(-)
diff --git a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/authentication/RASAuthenticationService.java b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/authentication/RASAuthenticationService.java
index 8872cc7fd..058586fae 100644
--- a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/authentication/RASAuthenticationService.java
+++ b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/authentication/RASAuthenticationService.java
@@ -145,9 +145,7 @@ private Optional<Passport> extractAndVerifyPassport(Map<String, String> authRequ
protected User updateRasUserRoles(String code, User user, Passport rasPassport) {
logger.info("RAS PASSPORT FOUND ___ USER: {} ___ PASSPORT: {} ___ CODE {}", user.getSubject(), rasPassport, code);
Set<Optional<Ga4ghPassportV1>> ga4ghPassports = rasPassport.getGa4ghPassportV1().stream().map(JWTUtil::parseGa4ghPassportV1).filter(Optional::isPresent).collect(Collectors.toSet());
- ga4ghPassports.forEach(ga4ghPassport -> logger.info(ga4ghPassport.toString()));
Set<RasDbgapPermission> dbgapPermissions = this.rasPassPortService.ga4gpPassportToRasDbgapPermissions(ga4ghPassports);
- dbgapPermissions.forEach(dbgapPermission -> logger.info(dbgapPermission.toString()));
Set<String> dbgapRoleNames = this.roleService.getRoleNamesForDbgapPermissions(dbgapPermissions);
user = userService.updateUserRoles(user, dbgapRoleNames);
logger.debug("USER {} ROLES UPDATED {} ___ CODE {}",