bwreg-ear/pom.xml

@@ -258,13 +258,15 @@
 					<groupId>dom4j</groupId>
 					<artifactId>dom4j</artifactId>
 				</exclusion>
-			</exclusions>				
+			</exclusions>
 		</dependency>
 		<!-- dom4j to override vt-ldap dom4j -->
 		<dependency>
-		    <groupId>org.dom4j</groupId>
-		    <artifactId>dom4j</artifactId>
-		</dependency>
+			<groupId>org.dom4j</groupId>
+			<artifactId>dom4j</artifactId>
+		</dependency>	
+		
+		
 
 	</dependencies>
 

bwreg-service/pom.xml

@@ -8,7 +8,9 @@
   Contributors:
       Michael Simon - initial
 -->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 	<modelVersion>4.0.0</modelVersion>
 	<artifactId>bwreg-service</artifactId>
 	<packaging>ejb</packaging>
@@ -271,7 +273,6 @@
 			<scope>provided</scope>
 		</dependency>
 
-		
 		<dependency>
 			<groupId>org.projectlombok</groupId>
 			<artifactId>lombok</artifactId>

bwreg-service/src/main/java/edu/kit/scc/webreg/dto/entity/HealthCheckResponseDto.java

+package edu.kit.scc.webreg.dto.entity;
+
+import java.util.Date;
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+public class HealthCheckResponseDto {
+
+	private String name;
+	private String status;
+	private Date lastRun;
+
+}

bwreg-service/src/main/java/edu/kit/scc/webreg/job/ExpiredVerificationTokens.java

+package edu.kit.scc.webreg.job;
+
+import static edu.kit.scc.webreg.dao.ops.PaginateBy.unlimited;
+import static edu.kit.scc.webreg.dao.ops.RqlExpressions.lessThan;
+import static edu.kit.scc.webreg.dao.ops.SortBy.ascendingBy;
+
+import java.util.Arrays;
+import java.util.Date;
+import java.util.List;
+
+import javax.naming.InitialContext;
+import javax.naming.NamingException;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import edu.kit.scc.webreg.entity.identity.IdentityEmailAddressEntity;
+import edu.kit.scc.webreg.entity.identity.IdentityEmailAddressEntity_;
+import edu.kit.scc.webreg.service.identity.IdentityEmailAddressService;
+
+public class ExpiredVerificationTokens extends AbstractExecutableJob {
+
+	private static final long serialVersionUID = 1L;
+
+	@Override
+	public void execute() {
+		Logger logger = LoggerFactory.getLogger(ExpiredVerificationTokens.class);
+
+		try {
+			InitialContext ic = new InitialContext();
+			
+			IdentityEmailAddressService service = (IdentityEmailAddressService) ic.lookup(
+					"global/bwreg/bwreg-service/IdentityEmailAddressService!edu.kit.scc.webreg.service.identity.IdentityEmailAddressService");			
+			
+			List<IdentityEmailAddressEntity> expiredTokens = service.findAllEagerly(unlimited(),
+					Arrays.asList(ascendingBy(IdentityEmailAddressEntity_.id)),
+					lessThan(IdentityEmailAddressEntity_.tokenValidUntil, new Date()));
+
+			if (expiredTokens != null && !expiredTokens.isEmpty()) {
+
+				for (IdentityEmailAddressEntity em : expiredTokens) {
+					service.deleteEmailAddress(em, "Expired token" );
+				}
+
+				logger.debug("Deletion is done");
+			} else {
+				logger.debug("No expired tokens to delete");
+			}
+
+		} catch (NamingException e) {
+			logger.warn("Could not delete expired tokens: {}", e);
+		}
+   }
+}
\ No newline at end of file

bwreg-service/src/main/java/edu/kit/scc/webreg/service/disco/DiscoveryCacheSingleton.java

@@ -29,6 +29,7 @@ import jakarta.ejb.Lock;
 import jakarta.ejb.LockType;
 import jakarta.ejb.Singleton;
 import jakarta.inject.Inject;
+import lombok.Getter;
 
 @Singleton
 @ConcurrencyManagement(ConcurrencyManagementType.CONTAINER)
@@ -54,7 +55,9 @@ public class DiscoveryCacheSingleton implements Serializable {
 	@Inject
 	private StatisticsDao statisticsDao;
 
+	@Getter
 	private Long lastRefresh;
+	
 	private List<UserProvisionerCachedEntry> allEntryList;
 	private List<UserProvisionerCachedEntry> extraEntryList;
 	private List<UserProvisionerCachedEntry> userCountEntryList;

bwreg-webapp/pom.xml

@@ -2,7 +2,8 @@
 	and the accompanying materials are made available under the terms of the 
 	GNU Public License v3.0 which accompanies this distribution, and is available 
 	at http://www.gnu.org/licenses/gpl.html Contributors: Michael Simon - initial -->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 	<modelVersion>4.0.0</modelVersion>
 	<artifactId>bwreg-webapp</artifactId>
@@ -191,8 +192,8 @@
 			<artifactId>all-themes</artifactId>
 		</dependency>
 		<dependency>
-		     <groupId>org.webjars</groupId>
-		     <artifactId>font-awesome</artifactId>
+			<groupId>org.webjars</groupId>
+			<artifactId>font-awesome</artifactId>
 		</dependency>
 		<dependency>
 			<groupId>org.omnifaces</groupId>
@@ -245,17 +246,19 @@
 		</dependency>
 
 		<dependency>
-		    <groupId>com.nimbusds</groupId>
-		    <artifactId>oauth2-oidc-sdk</artifactId>
+			<groupId>com.nimbusds</groupId>
+			<artifactId>oauth2-oidc-sdk</artifactId>
 			<scope>provided</scope>
 		</dependency>
-		
+
 		<dependency>
 			<groupId>org.projectlombok</groupId>
 			<artifactId>lombok</artifactId>
+			<scope>provided</scope>
 		</dependency>
 
-<!-- 
+
+		<!-- 
 		<dependency>
 			<groupId>com.google.guava</groupId>
 			<artifactId>guava</artifactId>

bwreg-webapp/src/main/java/edu/kit/scc/webreg/bean/EmailAddressesBean.java

@@ -14,9 +14,9 @@ import java.io.IOException;
 import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.Collections;
+import java.util.Date;
 import java.util.List;
 import java.util.Set;
-
 import edu.kit.scc.webreg.entity.identity.EmailAddressStatus;
 import edu.kit.scc.webreg.entity.identity.IdentityEmailAddressEntity;
 import edu.kit.scc.webreg.entity.identity.IdentityEntity;
@@ -71,6 +71,9 @@ public class EmailAddressesBean implements Serializable {
 	@Setter
 	private String token;
 
+	@Getter
+	private Date currentDate = new Date();
+
 	@Setter
 	private List<IdentityEmailAddressEntity> primaryEmailList;
 
@@ -115,12 +118,14 @@ public class EmailAddressesBean implements Serializable {
 			return;
 		}
 
-		boolean isEmailExists = getIdentity().getEmailAddresses().stream()
-				.anyMatch(t -> addEmailAddress.equals(t.getEmailAddress()));
+		cleanUp(addEmailAddress);
 
-		if (isEmailExists) {
+		IdentityEmailAddressEntity identityEntity = service.findByAttr("emailAddress", addEmailAddress);
+
+		if (identityEntity != null) {
 			messageGenerator.addResolvedErrorMessage("email_addresses_already_exists",
 					"email_addresses_already_exists_deatils", true);
+
 		} else {
 			try {
 				service.addEmailAddress(getIdentity(), addEmailAddress, "idty-" + session.getIdentityId());
@@ -134,6 +139,18 @@ public class EmailAddressesBean implements Serializable {
 		}
 	}
 
+	public void cleanUp(String email) {
+
+		IdentityEmailAddressEntity identityEntity = service.findByAttr("emailAddress", email);
+
+		if (identityEntity != null && identityEntity.getIdentity().getId().equals(getIdentity().getId())
+				&& identityEntity.getTokenValidUntil() != null
+				&& identityEntity.getTokenValidUntil().before(new Date())) {
+			service.deleteEmailAddress(identityEntity, "idty-" + session.getIdentityId());
+		}
+
+	}
+
 	public void setAnEmailAddress() {
 		if (inputEmailAddress == null) {
 			messageGenerator.addResolvedErrorMessage("email_addresses.set_notification",
@@ -141,10 +158,11 @@ public class EmailAddressesBean implements Serializable {
 			return;
 		}
 
-		boolean isEmailExists = getIdentity().getEmailAddresses().stream()
-				.anyMatch(t -> inputEmailAddress.equals(t.getEmailAddress()));
+		cleanUp(inputEmailAddress);
+
+		IdentityEmailAddressEntity identityEntity = service.findByAttr("emailAddress", inputEmailAddress);
 
-		if (isEmailExists) {
+		if (identityEntity != null) {
 			messageGenerator.addResolvedErrorMessage("email_addresses_already_exists",
 					"email_addresses_already_exists_deatils", true);
 		} else {

bwreg-webapp/src/main/java/edu/kit/scc/webreg/health/HealthCheckRestController.java

+package edu.kit.scc.webreg.health;
+
+import java.util.Date;
+import edu.kit.scc.webreg.dto.entity.HealthCheckResponseDto;
+import edu.kit.scc.webreg.service.disco.DiscoveryCacheSingleton;
+import jakarta.ws.rs.GET;
+import jakarta.ws.rs.Path;
+import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.Produces;
+
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
+
+@Path("/check")
+@ApplicationScoped
+public class HealthCheckRestController {
+
+	@Inject
+	private DiscoveryCacheSingleton singleton;
+
+	@GET
+	@Path("/live")
+	@Produces("application/json")
+	public Response getLiveness() {
+
+		HealthCheckResponseDto dto = new HealthCheckResponseDto();
+
+		long lastRefresh = singleton.getLastRefresh();
+		
+		String status = (lastRefresh == 0L) ? "Down" : "Up";
+		dto.setStatus(status);
+
+		dto.setName("RegApp Liveness Health Check");
+		dto.setLastRun(new Date(lastRefresh));
+
+		return Response.ok(dto).build();
+
+	}
+
+	@GET
+	@Path("/ready")
+	@Produces("application/json")
+	public Response getReadiness() {
+
+		HealthCheckResponseDto dto = new HealthCheckResponseDto();
+
+		long lastRefresh = singleton.getLastRefresh();
+		
+		String status = (lastRefresh == 0L) ? "Down" : "Up";
+		dto.setStatus(status);
+
+		dto.setName("RegApp Readiness Health Check");
+		dto.setLastRun(new Date(lastRefresh));
+
+		return Response.ok(dto).build();
+
+	}
+
+}

bwreg-webapp/src/main/java/edu/kit/scc/webreg/health/JaxRsHealthCheckApplicationActivator.java

+package edu.kit.scc.webreg.health;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import jakarta.ws.rs.ApplicationPath;
+import jakarta.ws.rs.core.Application;
+
+@ApplicationPath("/health")
+public class JaxRsHealthCheckApplicationActivator extends Application {
+
+	   @Override
+	    public Set<Class<?>> getClasses() {
+	        Set<Class<?>> resources = new HashSet<>();
+	        resources.add(HealthCheckRestController.class);
+	        return resources;
+	    }
+}

bwreg-webapp/src/main/java/edu/kit/scc/webreg/rest/JaxRsApplicationActivator.java

@@ -56,7 +56,7 @@ public class JaxRsApplicationActivator extends Application {
 	        resources.add(SshKeyController.class);
 	        resources.add(OtpController.class);
 	        resources.add(ProjectServiceAdminController.class);
-	        resources.add(UserProjectsController.class);
+	        resources.add(UserProjectsController.class);	      
 
 	        // Exceptions
 	        resources.add(AssertionExceptionMapper.class);

bwreg-webapp/src/main/java/edu/kit/scc/webreg/util/StringIds.java

@@ -17,7 +17,7 @@ public class StringIds {
 	
 	public static List<String> PATHS = Arrays.asList("/resources/", "/jakarta.faces.resource/", "/javax.faces.resource/", 
 			"/welcome/", "/Shibboleth.sso/", "/saml/", "/logout/", "/error/", "/oidc/", "/rpoidc/", "/rpoauth/", "/ferest/", 
-			"/rest/otp/simplecheck", "/rest/icon-cache", "/favicon.ico");
+			"/rest/otp/simplecheck", "/rest/icon-cache", "/favicon.ico", "/health");
 
 	public static final String REGISTER = "/register/";
 	public static final String IDP_DEBUG_LOGIN = "/idp-debug-login/";

bwreg-webapp/src/main/resources/msg/messages_de.properties

@@ -431,7 +431,7 @@ email_addresses.set_primary_email_success_detail    = Prim\u00E4re E-Mail-Adress
 email_addresses.set_success                         = Erfolg! 
 email_addresses.set_success_details                 = Die E-Mail-Adresse wurde erfolgreich gesetzt.
 email_addresses.token_expired                       = Das Token ist abgelaufen, bitte lassen Sie sich ein neues zusenden.
-email_addresses.token_sent                          = \u00DCberpr\u00FCfungstoken gesendet
+email_addresses.token_sent                          = Gesendetes \u00DCberpr\u00FCfungstoken
 email_addresses.token_valid_until                   = g\u00FCltig bis
 email_addresses.unverified                          = (noch nicht verifiziert)
 email_addresses.verification_success                = Verifizierung erfolgreich
@@ -1361,6 +1361,8 @@ text_properties = Texteinstellungen
 
 theme = Skin
 
+time = Uhr
+
 time_taken = Ben\u00F6tigte Zeit
 
 timer_configured = Konfigupdate Timer

bwreg-webapp/src/main/resources/msg/messages_en.properties

@@ -431,7 +431,7 @@ email_addresses.set_primary_email_success_detail    = Primary e-mail address has
 email_addresses.set_success                         = Success! 
 email_addresses.set_success_details                 = The e-mail was successfully set.
 email_addresses.token_expired                       = The token has expired, please have a new one sent to you.
-email_addresses.token_sent                          = Verification token sent
+email_addresses.token_sent                          = Sent verification token\n
 email_addresses.token_valid_until                   = valid until
 email_addresses.unverified                          = (not yet verified)
 email_addresses.verification_success                = Verification successful
@@ -1361,6 +1361,8 @@ text_properties = Text properties
 
 theme = Skin
 
+time = o'clock
+
 time_taken = Time consumed
 
 timer_configured = Timer configured

bwreg-webapp/src/main/resources/msg/messages_fr.properties

@@ -1361,6 +1361,8 @@ text_properties = Propri\u00E9t\u00E9s du texte
 
 theme = Skin
 
+time = Horloge
+
 time_taken = Temps consomm\u00E9
 
 timer_configured = Minuteur configur\u00E9

bwreg-webapp/src/main/webapp/user/email-addresses.xhtml

@@ -68,7 +68,7 @@
 											<p:commandLink
 												title="#{messages['tooltip.email_non_removable']}">
 												<i class="pi pi-ban"
-													style="color: #00876c; font-size: 1.5rem"></i>
+													style="color: #00876c; font-size: 35px; vertical-align: middle"></i>
 												<p:tooltip
 													value="#{messages['tooltip.email_non_removable']}"
 													showEffect="clip" hideEffect="fold" position="bottom" />
@@ -93,7 +93,7 @@
 											ajax="true" update="form"
 											oncomplete="setTimeout(function(){window.location.reload();}, 2000);">
 											<p:commandButton id="setPrimaryA" icon="fa fa-star"
-												style="width: 35px; height: 35px;" />
+												style="width: 35px; height: 35px; vertical-align: middle" />
 
 											<p:tooltip value="#{messages['tooltip.email_as_primary']}"
 												showEffect="clip" hideEffect="fold" position="bottom" />
@@ -108,18 +108,18 @@
 											<p:commandLink title="#{messages['tooltip.email_delete']}">
 
 												<p:commandButton icon="fa fa-trash"
-													style="width: 35px; height: 35px;"
+													style="width: 35px; height: 35px; vertical-align: middle"
 													onclick="PF('confirmDelete').show()" />
 
 												<p:tooltip value="#{messages['tooltip.email_delete']}"
 													showEffect="clip" hideEffect="fold" position="bottom" />
 											</p:commandLink>
 											<p:commandLink
-												title="#{messages['email_addresses.token_valid_until']}: #{of:formatDate(e.validUntil, 'HH:mm dd.MM.yyyy')}">
-												<i class="pi pi-info-circle"
-													style="color: #00876c; font-size: 1.5rem"></i>
+												title="#{messages['email_addresses.token_valid_until']} #{of:formatDate(e.validUntil, 'dd.MM.yyyy, HH:mm')} #{messages.time}">
+												<i class="pi pi-info-circle" 
+													style="color: #00876c; font-size: 35px; vertical-align: middle"></i>
 												<p:tooltip
-													value="#{messages['email_addresses.token_valid_until']}: #{of:formatDate(e.validUntil, 'HH:mm dd.MM.yyyy')}"
+													value="#{messages['email_addresses.token_valid_until']} #{of:formatDate(e.validUntil, 'dd.MM.yyyy, HH:mm')} #{messages.time}"
 													showEffect="clip" hideEffect="fold" position="bottom" />
 											</p:commandLink>
 											
@@ -133,7 +133,7 @@
 											<p:commandLink
 												title="#{messages['tooltip.email_non_removable']}">
 												<i class="pi pi-ban"
-													style="color: #00876c; font-size: 1.5rem"></i>
+													style="color: #00876c; font-size: 35px; vertical-align: middle"></i>
 												<p:tooltip
 													value="#{messages['tooltip.email_non_removable']}"
 													showEffect="clip" hideEffect="fold" position="bottom" />
@@ -163,7 +163,7 @@
 						<h:panelGroup layout="block"
 							style="margin: 1px; padding: 10px; background-color: #f8f9fa; border: 1px solid #dee2e6;"
 							class="col-12 md:col-3 xl:col-3, col-12 md:col-9 xl:col-9"
-							rendered="#{email.emailStatus == 'UNVERIFIED'}">
+							rendered="#{email.emailStatus == 'UNVERIFIED' and email.tokenValidUntil.after(emailAddressesBean.currentDate)}">
 							<h:panelGroup>
 								<div>
 									<b><h:outputText value="#{email.emailAddress}&nbsp;" /></b>
@@ -173,12 +173,10 @@
 								<div style="font-size: 1.05rem;">
 									<h:outputText
 										value="#{messages['email_addresses.token_sent']} " />
+									
 									<h:outputText
-										value="#{of:formatDate(email.verificationSent, 'HH:mm dd.MM.yyyy')}, " />
-
-									<h:outputText
-										value="#{messages['email_addresses.token_valid_until']}" />
-									#{of:formatDate(email.tokenValidUntil, 'HH:mm dd.MM.yyyy')}
+										value="#{messages['email_addresses.token_valid_until']}"  />
+									#{of:formatDate(email.tokenValidUntil, 'dd.MM.yyyy, HH:mm')} #{messages.time}"
 								</div>
 
 								<br></br>