Changing API design and making tests compatible

- Hardcode PostgreSQL connection URL to match docker service name 'postgres'
- Remove DB_URL environment variable dependency that was causing startup failures
- Keep username/password as environment variables for flexibility

.gitea/workflows/integration_test.yaml

@@ -0,0 +1,26 @@
+name: Daily cloudflare API integration test
+on:
+  push:
+    branches: [ main ]
+  schedule:
+    - cron: '0 */12 * * *' # Every hour
+  workflow_dispatch:
+
+jobs:
+  cloudflare-api-test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+      - name: JDK setup
+        uses: actions/setup-java@v4
+        with:
+          distribution: 'zulu'
+          java-version: '17'
+      - name: Run integration tests with Cloudflare API
+        env:
+          SPRING_PROFILES_ACTIVE: integration
+          CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
+          CLOUDFLARE_API_KEY: ${{ secrets.CLOUDFLARE_API_KEY }}
+          CLOUDFLARE_EMAIL: hitanshu98@gmail.com
+        run: ./gradlew integrationTestOnly

.gitea/workflows/test_image_build_push.yml

@@ -64,23 +64,4 @@ jobs:
         run: |
           docker push 192.168.0.100:8928/hithomelabs/cftunnels:test
           docker push 192.168.0.100:8928/hithomelabs/cftunnels:${{ needs.tag.outputs.new_version }}
-  sync_forks:
+  
-    name: Sync All Forks
-    runs-on: ubuntu-latest
-    needs: build_tag_push
-    steps:
-      - name: Check out repository code
-        uses: actions/checkout@v4
-      - name: Sync all forks via Gitea API
-        run: |
-          echo "Fetching forks for Hithomelabs/CFTunnels..."
-          response=$(curl -s -X GET "https://gitea.hithomelabs.com/api/v1/repos/Hithomelabs/CFTunnels/forks" -H "Authorization: token ${{secrets.TOKEN}}")
-          filtered=$(echo "$response" | grep -o '"clone_url":"[^"]*"' | sed 's/"clone_url":"\([^"]*\)"/\1/' | grep -v "/Hithomelabs")
-          echo "Detected forks:"
-          echo "$filtered"
-          readarray -t forks <<< "$filtered"
-          for fork_url in "${forks[@]}"; do
-            echo "🔄 Syncing fork: $fork_url"
-            authed_url=$(echo "$fork_url" | sed "s#https://#https://${{secrets.TOKEN}}@#")
-            git push "$authed_url" test &
-          done

build.gradle

@@ -14,7 +14,28 @@ java {
 }
 
 test {
-	systemProperty 'spring.profiles.active', 'test'
+	systemProperty 'spring.profiles.active', 'ci'
+	useJUnitPlatform {
+		excludeTags 'integration'
+	}
+	testLogging {
+		events "passed", "skipped", "failed", "standardOut", "standardError"
+		exceptionFormat "full" // shows full stack trace
+		showStandardStreams = true // shows println/log output
+	}
+}
+
+tasks.register('integrationTestOnly', Test) {
+	useJUnitPlatform {
+		includeTags 'integration'
+	}
+	description = 'Runs only integration tests tagged with @Tag("integration")'
+	group = 'verification'
+	testLogging {
+		events "passed", "skipped", "failed"
+		exceptionFormat "full"
+		showStandardStreams = true
+	}
 }
 
 repositories {
@@ -33,6 +54,7 @@ dependencies {
 	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
 	runtimeOnly 'org.postgresql:postgresql'
 	implementation 'org.hibernate.validator:hibernate-validator'
+    runtimeOnly 'com.h2database:h2'
 }
 
 tasks.named('test') {

docker-compose.yaml

@@ -14,6 +14,7 @@ services:
       - HOST_PORT=${HOST_PORT}
       - POSTGRES_USER=${POSTGRES_USERNAME}
       - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
+      - SWAGGER_OAUTH_CLIENT_ID=${SWAGGER_OAUTH_CLIENT_ID}
     env_file:
       - stack.env
     restart: unless-stopped

settings.gradle

@@ -1 +0,0 @@
-rootProject.name = 'CFTunnels'

src/main/java/com/hithomelabs/CFTunnels/Config/OpenApiConfig.java

@@ -1,26 +1,54 @@
 package com.hithomelabs.CFTunnels.Config;
 
+import io.swagger.v3.oas.models.Components;
 import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.security.*;
 import io.swagger.v3.oas.models.servers.Server;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
 
 import java.util.ArrayList;
 
 @Configuration
+@Profile("!integration")
 public class OpenApiConfig {
 
     @Value("${api.baseUrl}")
     private String baseUrl;
 
+    @Value("${springdoc.swagger-ui.oauth.authorization-url}")
+    private String authorizationUri;
+
+    @Value("${springdoc.swagger-ui.oauth.token-url}")
+    private String tokenUri;
+
     @Bean
-    public OpenAPI openAPI(){
+    public OpenAPI openAPI() {
         Server httpsServer = new Server().url(baseUrl);
         OpenAPI openApi = new OpenAPI();
         ArrayList<Server> servers = new ArrayList<>();
         servers.add(httpsServer);
         openApi.setServers(servers);
+        openApi.addSecurityItem(new SecurityRequirement().addList("oidcAuth"))
+                .components(new Components()
+                        .addSecuritySchemes("oidcAuth",
+                                new SecurityScheme()
+                                        .type(SecurityScheme.Type.OAUTH2)
+                                        .flows(new OAuthFlows()
+                                                .authorizationCode(new OAuthFlow()
+                                                        .authorizationUrl(authorizationUri)
+                                                        .tokenUrl(tokenUri)
+                                                        .scopes(new Scopes()
+                                                                .addString("openid", "OpenID scope")
+                                                                .addString("profile", "OpenID profile")
+                                                                .addString("email", "OpenID email"))
+                                                )
+                                        )
+                        )
+                )
+                .addSecurityItem(new SecurityRequirement().addList("oidcAuth"));
         return openApi;
     }
 }

src/main/java/com/hithomelabs/CFTunnels/Config/Security/SecuirtyConfig.java

@@ -28,6 +28,7 @@ public class SecuirtyConfig {
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         http
                 .authorizeHttpRequests(auth -> auth
+                        //.requestMatchers( "/v3/api-docs/**", "/swagger-ui/**", "/swagger-ui.html" ).permitAll()
                         .anyRequest().authenticated()
                 ).csrf(csrf -> csrf.disable())
                 .with(new OAuth2LoginConfigurer<>(),

src/main/java/com/hithomelabs/CFTunnels/Controllers/HomeController.java

@@ -1,32 +0,0 @@
-package com.hithomelabs.CFTunnels.Controllers;
-
-
-import org.springframework.boot.web.servlet.error.ErrorController;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-
-@Controller
-public class HomeController implements ErrorController {
-
-    private static final String ERROR_PATH = "/error";
-
-    /**
-     * Redirects the root (including any query params like ?continue=…)
-     * straight into Swagger UI.
-     */
-    @GetMapping("/")
-    public String rootRedirect() {
-        return "redirect:/swagger-ui/index.html";
-    }
-
-    /**
-     * Catches any errors (404s, unhandled paths) and punts them
-     * into the same Swagger UI page.
-     */
-    @RequestMapping(ERROR_PATH)
-    public String onError() {
-        return "redirect:/swagger-ui/index.html";
-    }
-
-}

src/main/java/com/hithomelabs/CFTunnels/Controllers/TunnelController.java

@@ -4,11 +4,15 @@ import com.fasterxml.jackson.core.JsonProcessingException;
 import com.hithomelabs.CFTunnels.Config.AuthoritiesToGroupMapping;
 import com.hithomelabs.CFTunnels.Config.CloudflareConfig;
 import com.hithomelabs.CFTunnels.Config.RestTemplateConfig;
+import com.hithomelabs.CFTunnels.Entity.Request;
 import com.hithomelabs.CFTunnels.Headers.AuthKeyEmailHeader;
 import com.hithomelabs.CFTunnels.Models.Config;
 import com.hithomelabs.CFTunnels.Models.Ingress;
 import com.hithomelabs.CFTunnels.Models.TunnelResponse;
 import com.hithomelabs.CFTunnels.Services.CloudflareAPIService;
+import com.hithomelabs.CFTunnels.Services.MappingRequestService;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.web.servlet.error.ErrorController;
 import org.springframework.http.*;
@@ -44,6 +48,9 @@ public class TunnelController implements ErrorController {
     @Autowired
     CloudflareAPIService cloudflareAPIService;
 
+    @Autowired
+    MappingRequestService mappingRequestService;
+
     @PreAuthorize("hasAnyRole('USER')")
     @GetMapping("/whoami")
     public Map<String,Object> whoAmI(@AuthenticationPrincipal OidcUser oidcUser) {
@@ -59,6 +66,7 @@ public class TunnelController implements ErrorController {
 
     @PreAuthorize("hasAnyRole('USER')")
     @GetMapping("/tunnels")
+    @Operation( security = { @SecurityRequirement(name = "oidcAuth") } )
     public ResponseEntity<Map<String,Object>> getTunnels(){
 
         ResponseEntity<Map> responseEntity = cloudflareAPIService.getCloudflareTunnels();
@@ -70,7 +78,7 @@ public class TunnelController implements ErrorController {
     }
 
     @PreAuthorize("hasAnyRole('DEVELOPER')")
-    @GetMapping("/tunnel/{tunnelId}")
+    @GetMapping("/tunnel/{tunnelId}/mappings")
     public ResponseEntity<Map<String,Object>> getTunnelConfigurations(@PathVariable String tunnelId) {
 
         ResponseEntity<Map> responseEntity = cloudflareAPIService.getCloudflareTunnelConfigurations(tunnelId, restTemplate, Map.class);
@@ -83,7 +91,7 @@ public class TunnelController implements ErrorController {
 
     // 50df9101-f625-4618-b7c5-100338a57124
     @PreAuthorize("hasAnyRole('ADMIN')")
-    @PutMapping("/tunnel/{tunnelId}/add")
+    @PostMapping("/tunnel/{tunnelId}/mappings")
     public ResponseEntity<Map<String, Object>> addTunnelconfiguration(@PathVariable String tunnelId, @RequestBody Ingress ingress) throws JsonProcessingException {
 
         ResponseEntity<TunnelResponse> responseEntity = cloudflareAPIService.getCloudflareTunnelConfigurations(tunnelId, restTemplateConfig.restTemplate(), TunnelResponse.class);
@@ -105,7 +113,7 @@ public class TunnelController implements ErrorController {
     }
 
     @PreAuthorize("hasAnyRole('DEVELOPER')")
-    @PutMapping("/tunnel/{tunnelId}/delete")
+    @DeleteMapping("/tunnel/{tunnelId}/mappings")
     public ResponseEntity<Map<String, Object>> deleteTunnelConfiguration(@PathVariable String tunnelId, @RequestBody Ingress ingress) throws JsonProcessingException {
 
         ResponseEntity<TunnelResponse> responseEntity = cloudflareAPIService.getCloudflareTunnelConfigurations(tunnelId, restTemplateConfig.restTemplate(), TunnelResponse.class);
@@ -132,4 +140,14 @@ public class TunnelController implements ErrorController {
 
         return ResponseEntity.ok(jsonResponse);
     }
+
+    @PreAuthorize("hasAnyRole('DEVELOPER')")
+    @PostMapping("/tunnel/{tunnelId}/requests")
+    public ResponseEntity<Request> createTunnelMappingRequest(@PathVariable String tunnelId, @AuthenticationPrincipal OidcUser oidcUser, @RequestBody Ingress ingess){
+        Request request = mappingRequestService.createMappingRequest(tunnelId, ingess, oidcUser);
+        if(request.getId() != null)
+            return ResponseEntity.status(HttpStatus.CREATED).body(request);
+        return ResponseEntity.status(HttpStatus.BAD_REQUEST).build();
+    }
+
 }

src/main/java/com/hithomelabs/CFTunnels/Entity/Mapping.java

@@ -0,0 +1,34 @@
+package com.hithomelabs.CFTunnels.Entity;
+
+import jakarta.persistence.*;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+
+import java.util.UUID;
+
+@Entity
+@Getter
+@Setter
+@NoArgsConstructor
+@AllArgsConstructor
+@Table(name = "mappings")
+public class Mapping {
+
+    @Id
+    @GeneratedValue
+    @Column(columnDefinition = "uuid", nullable = false, unique = true)
+    private UUID id;
+
+    @Column(nullable = false)
+    private int port;
+
+    @Column(length = 50, nullable = false)
+    private String subdomain;
+
+    @ManyToOne(fetch = FetchType.LAZY)
+    @JoinColumn(name = "tunnel_id", nullable = false)
+    private Tunnel tunnel;
+}

src/main/java/com/hithomelabs/CFTunnels/Entity/Request.java

@@ -0,0 +1,45 @@
+package com.hithomelabs.CFTunnels.Entity;
+
+import jakarta.persistence.*;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+import java.util.UUID;
+
+@Entity
+@Getter
+@Setter
+@NoArgsConstructor
+@AllArgsConstructor
+@Table(name = "requests")
+public class Request {
+
+    @Id
+    @GeneratedValue
+    @Column(columnDefinition = "uuid", unique = true, nullable = false)
+    private UUID id;
+
+    @OneToOne
+    @JoinColumn(name = "mapping_id", unique = true, nullable = false)
+    private Mapping mapping;
+
+    @ManyToOne
+    @JoinColumn(name = "created_by", nullable = false)
+    private User createdBy;
+
+    @ManyToOne
+    @JoinColumn(name = "accepted_by")
+    private User acceptedBy;
+
+    public enum RequestStatus {
+        PENDING,
+        APPROVED,
+        REJECTED
+    }
+
+    @Enumerated(EnumType.STRING)
+    @Column(length = 10, nullable = false)
+    private RequestStatus status;
+}

src/main/java/com/hithomelabs/CFTunnels/Entity/Tunnel.java

@@ -0,0 +1,29 @@
+package com.hithomelabs.CFTunnels.Entity;
+
+import jakarta.persistence.*;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+import java.util.UUID;
+
+@Entity
+@Getter
+@Setter
+@NoArgsConstructor
+@AllArgsConstructor
+@Table(name="tunnels")
+public class Tunnel {
+
+    @Id
+    @GeneratedValue
+    @Column(columnDefinition = "uuid", insertable = false, updatable = false, nullable = false)
+    private UUID id;
+
+    @Column(length = 10, unique = true, nullable = false)
+    private String environment;
+
+    @Column(name = "cf_tunnel_id", columnDefinition = "uuid", unique = true, nullable = false)
+    private UUID cfTunnelId;
+}

src/main/java/com/hithomelabs/CFTunnels/Entity/User.java

@@ -0,0 +1,30 @@
+package com.hithomelabs.CFTunnels.Entity;
+import jakarta.persistence.*;
+import jakarta.validation.constraints.Size;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+import java.util.UUID;
+
+@Entity
+@Getter
+@Setter
+@NoArgsConstructor
+@AllArgsConstructor
+@Table(name = "users")
+public class User {
+    @Id
+    @GeneratedValue
+    @Column(columnDefinition = "uuid", insertable = false, updatable = false, nullable = false)
+    private UUID id;
+
+    @Column(length = 50, nullable = false)
+    @Size(max = 50)
+    private String name;
+
+    @Column(length = 50, nullable = false)
+    @Size(max = 50)
+    private String email;
+}

src/main/java/com/hithomelabs/CFTunnels/Models/Ingress.java

@@ -1,8 +1,17 @@
 package com.hithomelabs.CFTunnels.Models;
 
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
 import java.util.List;
 import java.util.Map;
 
+@NoArgsConstructor
+@AllArgsConstructor
+@Getter
+@Setter
 public class Ingress {
 
     private String service;
@@ -10,40 +19,8 @@ public class Ingress {
     private Map<String, Object> originRequest;
     private String path;
 
-
-    public String getPath() {
-        return path;
-    }
-
-    public void setPath(String path) {
-        this.path = path;
-    }
-
     public static boolean deleteByHostName(List<Ingress> ingressList, String toBeDeleted){
          return ingressList.removeIf(ingress -> ingress.getHostname() != null && ingress.getHostname().equals(toBeDeleted));
     }
 
-    public String getService() {
-        return service;
-    }
-
-    public void setService(String service) {
-        this.service = service;
-    }
-
-    public String getHostname() {
-        return hostname;
-    }
-
-    public void setHostname(String hostname) {
-        this.hostname = hostname;
-    }
-
-    public Map<String, Object> getOriginRequest() {
-        return originRequest;
-    }
-
-    public void setOriginRequest(Map<String, Object> originRequest) {
-        this.originRequest = originRequest;
-    }
 }

src/main/java/com/hithomelabs/CFTunnels/Repositories/MappingRepository.java

@@ -0,0 +1,11 @@
+package com.hithomelabs.CFTunnels.Repositories;
+
+import com.hithomelabs.CFTunnels.Entity.Mapping;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+import java.util.UUID;
+
+@Repository
+public interface MappingRepository extends JpaRepository<Mapping, UUID> {
+}

src/main/java/com/hithomelabs/CFTunnels/Repositories/RequestRepository.java

@@ -0,0 +1,11 @@
+package com.hithomelabs.CFTunnels.Repositories;
+
+import com.hithomelabs.CFTunnels.Entity.Request;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+import java.util.UUID;
+
+@Repository
+public interface RequestRepository extends JpaRepository<Request, UUID> {
+}

src/main/java/com/hithomelabs/CFTunnels/Repositories/TunnelRepository.java

@@ -0,0 +1,13 @@
+package com.hithomelabs.CFTunnels.Repositories;
+
+import com.hithomelabs.CFTunnels.Entity.Tunnel;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+import java.util.Optional;
+import java.util.UUID;
+
+@Repository
+public interface TunnelRepository extends JpaRepository<Tunnel, UUID> {
+    Optional<Tunnel> findByCfTunnelId(UUID cfTunnelId);
+}

src/main/java/com/hithomelabs/CFTunnels/Repositories/UserRepository.java

@@ -0,0 +1,14 @@
+package com.hithomelabs.CFTunnels.Repositories;
+
+import com.hithomelabs.CFTunnels.Entity.User;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+import java.util.Optional;
+import java.util.UUID;
+
+@Repository
+public interface UserRepository extends JpaRepository<User, UUID> {
+
+    Optional<User> findByEmail(String email);
+}

src/main/java/com/hithomelabs/CFTunnels/Services/MappingRequestService.java

@@ -0,0 +1,71 @@
+package com.hithomelabs.CFTunnels.Services;
+
+import com.hithomelabs.CFTunnels.Entity.Mapping;
+import com.hithomelabs.CFTunnels.Entity.Request;
+import com.hithomelabs.CFTunnels.Entity.Tunnel;
+import com.hithomelabs.CFTunnels.Entity.User;
+import com.hithomelabs.CFTunnels.Models.Ingress;
+import com.hithomelabs.CFTunnels.Repositories.MappingRepository;
+import com.hithomelabs.CFTunnels.Repositories.RequestRepository;
+import com.hithomelabs.CFTunnels.Repositories.TunnelRepository;
+import com.hithomelabs.CFTunnels.Repositories.UserRepository;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.oauth2.core.oidc.user.OidcUser;
+import org.springframework.stereotype.Service;
+
+import java.util.Map;
+import java.util.UUID;
+
+@Service
+public class MappingRequestService {
+
+    @Autowired
+    UserRepository userRepository;
+
+    @Autowired
+    MappingRepository mappingRepository;
+
+    @Autowired
+    RequestRepository requestRepository;
+
+    @Autowired
+    TunnelRepository tunnelRepository;
+
+    public Mapping createMapping(UUID tunnelId, Ingress ingress){
+        Tunnel tunnel = tunnelRepository.findByCfTunnelId(tunnelId).orElseThrow(() -> new RuntimeException("Tunnel not found"));
+        Mapping mapping = createMappingFromTunnelIngress(tunnel, ingress);
+        return mappingRepository.save(mapping);
+    }
+
+    public Request createRequest(Mapping mapping, User user){
+        Request request = new Request();
+        request.setMapping(mapping);
+        request.setCreatedBy(user);
+        request.setStatus(Request.RequestStatus.PENDING);
+        return requestRepository.save(request);
+    }
+
+    public Request createMappingRequest(String tunnelId, Ingress ingress, OidcUser oidcUser){
+        User user = userRepository.findByEmail(oidcUser.getEmail()).orElseGet(()-> mapUser(oidcUser));
+        Mapping mapping = createMapping(UUID.fromString(tunnelId), ingress);
+        return createRequest(mapping, user);
+    }
+
+    public User mapUser(OidcUser oidcUser){
+        String email = oidcUser.getEmail();
+        String name = oidcUser.getNickName();
+        User user = new User();
+        user.setEmail(email);
+        user.setName(name);
+        userRepository.save(user);
+        return user;
+    }
+
+    public Mapping createMappingFromTunnelIngress(Tunnel tunnel, Ingress ingress){
+        Mapping mapping = new Mapping();
+        mapping.setTunnel(tunnel);
+        mapping.setPort(Integer.parseInt(ingress.getService().split(":")[2]));
+        mapping.setSubdomain(ingress.getHostname().split("\\.")[0]);
+        return mapping;
+    }
+}

src/main/resources/application-ci.properties

@@ -0,0 +1,7 @@
+api.baseUrl=https://testcf.hithomelabs.com
+
+spring.datasource.url=jdbc:h2:mem:testdb
+spring.datasource.driver-class-name=org.h2.Driver
+spring.datasource.username=sa
+spring.datasource.password=
+spring.jpa.hibernate.ddl-auto=none

src/main/resources/application-integration.properties

@@ -0,0 +1,9 @@
+cloudflare.accountId=${CLOUDFLARE_ACCOUNT_ID}
+cloudflare.apiKey=${CLOUDFLARE_API_KEY}
+cloudflare.email=${CLOUDFLARE_EMAIL}
+
+spring.datasource.url=jdbc:h2:mem:testdb
+spring.datasource.driver-class-name=org.h2.Driver
+spring.datasource.username=sa
+spring.datasource.password=
+spring.jpa.hibernate.ddl-auto=none

src/main/resources/application-prod.properties

@@ -1 +1,12 @@
 api.baseUrl=https://cftunnels.hithomelabs.com
+
+# Production Database Configuration
+spring.datasource.url=jdbc:postgresql://postgres:5432/cftunnel
+spring.datasource.username=${POSTGRES_USERNAME}
+spring.datasource.password=${POSTGRES_PASSWORD}
+spring.datasource.driver-class-name=org.postgresql.Driver
+
+# JPA Configuration
+spring.jpa.hibernate.ddl-auto=update
+spring.jpa.show-sql=false
+spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect

src/main/resources/application-test.properties

@@ -1 +1,12 @@
 api.baseUrl=https://testcf.hithomelabs.com
+
+# Test Database Configuration - Same as Production
+spring.datasource.url=jdbc:postgresql://postgres:5432/cftunnel
+spring.datasource.username=${POSTGRES_USERNAME}
+spring.datasource.password=${POSTGRES_PASSWORD}
+spring.datasource.driver-class-name=org.postgresql.Driver
+
+# JPA Configuration
+spring.jpa.hibernate.ddl-auto=update
+spring.jpa.show-sql=true
+spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect

src/main/resources/application.properties

@@ -4,12 +4,6 @@ cloudflare.apiKey=${CLOUDFLARE_API_KEY}
 cloudflare.email=${CLOUDFLARE_EMAIL}
 spring.profiles.active=${ENV}
 
-# set root level
-logging.level.root=INFO
-# package-specific
-logging.level.org.springframework=TRACE
-logging.level.com.myapp=INFO
-
 / * * Masking sure app works behind a reverse proxy
 server.forward-headers-strategy=framework
 
@@ -24,6 +18,13 @@ spring.security.oauth2.client.provider.cftunnels.user-info-uri=https://auth.hith
 spring.security.oauth2.client.provider.cftunnels.jwk-set-uri=https://auth.hithomelabs.com/application/o/cftunnels/jwks/
 spring.security.oauth2.client.provider.cftunnels.issuer-uri=https://auth.hithomelabs.com/application/o/cftunnels/
 
+springdoc.swagger-ui.oauth.client-id=${SWAGGER_OAUTH_CLIENT_ID}
+springdoc.swagger-ui.oauth.client-secret= # leave empty for public client
+springdoc.swagger-ui.oauth.use-pkce=true
+springdoc.swagger-ui.oauth.scopes=openid,profile,email
+springdoc.swagger-ui.oauth.authorization-url=https://auth.hithomelabs.com/application/o/authorize/
+springdoc.swagger-ui.oauth.token-url=https://auth.hithomelabs.com/application/o/token/
+
 spring.datasource.url=jdbc:postgresql://192.168.0.100:5432/cftunnel
 spring.datasource.username=${POSTGRES_USERNAME}
 spring.datasource.password=${POSTGRES_PASSWORD}

src/main/resources/schema.sql

@@ -1,37 +1,29 @@
--- schema.sql
+CREATE EXTENSION IF NOT EXISTS "pgcrypto";
 
--- Roles table
-CREATE TABLE IF NOT EXISTS roles (
-    role_id SERIAL PRIMARY KEY,
-    role_name VARCHAR(50) UNIQUE NOT NULL
-);
-
--- Users table
-CREATE TABLE IF NOT EXISTS users (
-    user_id SERIAL PRIMARY KEY,
-    user_name VARCHAR(100) NOT NULL,
-    password VARCHAR(255) NOT NULL
-);
-
--- User-Role Mapping table (many-to-many relationship)
-CREATE TABLE IF NOT EXISTS user_role_mapping (
-    mapping_id SERIAL PRIMARY KEY,
-    user_id INTEGER NOT NULL REFERENCES users(user_id) ON DELETE CASCADE,
-    role_id INTEGER NOT NULL REFERENCES roles(role_id) ON DELETE CASCADE
-);
-
--- Tunnels table
 CREATE TABLE IF NOT EXISTS tunnels (
-    tunnel_id SERIAL PRIMARY KEY,
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
-    tunnel_name VARCHAR(100) NOT NULL,
+    environment VARCHAR(10) NOT NULL,
-    tunnel_type VARCHAR(50) NOT NULL
+    cf_tunnel_id UUID UNIQUE NOT NULL
 );
 
--- Mapping Requests table
+CREATE TABLE IF NOT EXISTS users (
-CREATE TABLE IF NOT EXISTS mapping_requests (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
-    request_id SERIAL PRIMARY KEY,
+    name VARCHAR(50) NOT NULL
-    request_date TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+);
-    status VARCHAR(20) NOT NULL,
+
-    user_id INTEGER REFERENCES users(user_id) ON DELETE SET NULL,
+CREATE TABLE IF NOT EXISTS mappings (
-    tunnel_id INTEGER REFERENCES tunnels(tunnel_id) ON DELETE SET NULL
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    tunnel_id UUID NOT NULL REFERENCES tunnels(id) ON DELETE CASCADE,
+    port INT NOT NULL,
+    subdomain VARCHAR(50) NOT NULL
+--    UNIQUE (tunnel_id, port),
+--    UNIQUE (tunnel_id, subdomain)
+);
+
+CREATE TABLE IF NOT EXISTS requests (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    mapping_id UUID NOT NULL REFERENCES mappings(id) ON DELETE CASCADE,
+    created_by UUID NOT NULL REFERENCES users(id) ON DELETE RESTRICT,
+    accepted_by UUID REFERENCES users(id) ON DELETE SET NULL,
+    status VARCHAR(20) NOT NULL CHECK (status IN ('PENDING', 'APPROVED', 'REJECTED'))
 );

src/test/java/com/hithomelabs/CFTunnels/Controllers/TunnelControllerTest.java

@@ -10,6 +10,7 @@ import com.hithomelabs.CFTunnels.Models.Config;
 import com.hithomelabs.CFTunnels.Models.Groups;
 import com.hithomelabs.CFTunnels.Models.TunnelResponse;
 import com.hithomelabs.CFTunnels.Services.CloudflareAPIService;
+import com.hithomelabs.CFTunnels.Services.MappingRequestService;
 import org.junit.jupiter.api.DisplayName;
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -35,8 +36,7 @@ import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.when;
 import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
 import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.oauth2Login;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.put;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
 import static org.hamcrest.Matchers.not;
@@ -66,6 +66,9 @@ class TunnelControllerTest {
     @MockitoBean
     RestTemplateConfig restTemplateConfig;
 
+    @MockitoBean
+    MappingRequestService mappingRequestService;
+
     private static final String tunnelResponseSmallIngressFile = "tunnelResponseSmallIngress.json";
 
     private static final String tunnelResponseLargeIngressFile = "tunnelResponseLargeIngress.json";
@@ -158,7 +161,7 @@ class TunnelControllerTest {
 
         when(cloudflareAPIService.getCloudflareTunnelConfigurations(eq("sampleTunnelId"), any(RestTemplate.class), eq(Map.class))).thenReturn(mockResponse);
 
-        mockMvc.perform(get("/cloudflare/tunnel/{tunnelId}", "sampleTunnelId")
+        mockMvc.perform(get("/cloudflare/tunnel/{tunnelId}/mappings", "sampleTunnelId")
                         .with(oauth2Login().oauth2User(buildOidcUser("username", Groups.HOMELAB_DEVELOPER))))
                 .andExpect(status().isOk())
                 .andExpect(MockMvcResultMatchers.content().contentType(MediaType.APPLICATION_JSON))
@@ -180,7 +183,7 @@ class TunnelControllerTest {
         ResponseEntity<TunnelResponse> expectedHttpTunnelResponse = new ResponseEntity<>(expectedTunnelConfig, HttpStatus.OK);
         when(cloudflareAPIService.putCloudflareTunnelConfigurations(eq("sampleTunnelId"), any(RestTemplate.class), eq(TunnelResponse.class), any(Config.class))).thenReturn(expectedHttpTunnelResponse);
 
-        mockMvc.perform(put("/cloudflare/tunnel/{tunnelId}/add", "sampleTunnelId")
+        mockMvc.perform(post("/cloudflare/tunnel/{tunnelId}/mappings", "sampleTunnelId")
                         .with(oauth2Login().oauth2User(buildOidcUser("admin", Groups.SYSTEM_ADMIN)))
                         .with(csrf())
                         .contentType(MediaType.APPLICATION_JSON)
@@ -205,7 +208,7 @@ class TunnelControllerTest {
         ResponseEntity<TunnelResponse> expectedHttpTunnelResponse = new ResponseEntity<>(expectedTunnelConfig, HttpStatus.OK);
         when(cloudflareAPIService.putCloudflareTunnelConfigurations(eq("sampleTunnelId"), any(RestTemplate.class), eq(TunnelResponse.class), any(Config.class))).thenReturn(expectedHttpTunnelResponse);
 
-        mockMvc.perform(put("/cloudflare/tunnel/{tunnelId}/delete", "sampleTunnelId")
+        mockMvc.perform(delete("/cloudflare/tunnel/{tunnelId}/mappings", "sampleTunnelId")
                         .with(oauth2Login().oauth2User(buildOidcUser("admin", Groups.SYSTEM_ADMIN)))
                         .with(csrf())
                         .contentType(MediaType.APPLICATION_JSON)

src/test/java/com/hithomelabs/CFTunnels/Integration/CoudflareApiIntegrationTest.java

@@ -0,0 +1,107 @@
+package com.hithomelabs.CFTunnels.Integration;
+
+import com.hithomelabs.CFTunnels.Config.CloudflareConfig;
+import com.hithomelabs.CFTunnels.Headers.AuthKeyEmailHeader;
+import com.hithomelabs.CFTunnels.Models.Config;
+import com.hithomelabs.CFTunnels.Models.Ingress;
+import com.hithomelabs.CFTunnels.Models.TunnelResponse;
+import com.hithomelabs.CFTunnels.Services.CloudflareAPIService;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Tag;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.web.client.RestTemplate;
+
+import java.util.List;
+import java.util.Map;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
+@ActiveProfiles("integration")
+@Tag("integration")
+public class CoudflareApiIntegrationTest {
+
+    @Autowired
+    RestTemplate restTemplate;
+
+    @Autowired
+    AuthKeyEmailHeader authKeyEmailHeader;
+
+    @Autowired
+    CloudflareConfig cloudflareConfig;
+
+    @Autowired
+    CloudflareAPIService cloudflareAPIService;
+
+    private static final String DEV_TUNNEL_ID = "50df9101-f625-4618-b7c5-100338a57124";
+
+    @Test
+    @DisplayName("Calls cloudflare cfd tunnels API and checks that dev tunnel should be a part of the response")
+    public void testGetTunnelsTest() {
+
+        ResponseEntity<Map> response = cloudflareAPIService.getCloudflareTunnels();
+
+        assertEquals(HttpStatus.OK, response.getStatusCode());
+
+        List<Map<String, Object>> tunnelList = (List<Map<String, Object>>) response.getBody().get("result");
+        boolean hasName = tunnelList.stream()
+                .anyMatch(tunnel -> "devtunnel".equals(tunnel.get("name")));
+
+        assertTrue(hasName);
+    }
+
+    @Test
+    @DisplayName("Calls cloudflare API to get mappings for devtunnel tunnel")
+    public void testTunnelConfigurations() {
+
+        ResponseEntity<TunnelResponse> responseEntity = cloudflareAPIService.getCloudflareTunnelConfigurations(DEV_TUNNEL_ID, restTemplate, TunnelResponse.class);
+
+        // * * Check if status code is 200
+        assertEquals(HttpStatus.OK, responseEntity.getStatusCode());
+
+        // * * Checking if mapping for devdocker exists
+        TunnelResponse tunnelResponse = responseEntity.getBody();
+        boolean hasMatch = tunnelResponse.getResult().getConfig().getIngress().stream()
+                .anyMatch(ingress -> "devdocker.hithomelabs.com".equals(ingress.getHostname()));
+        assertTrue(hasMatch);
+    }
+
+    @Test
+    @DisplayName("Inserts and deletes a mapping using Cloudflare API")
+    public void testAddAndDeleteMapping() {
+
+        ResponseEntity<TunnelResponse> beforeMapping = cloudflareAPIService.getCloudflareTunnelConfigurations(DEV_TUNNEL_ID, restTemplate, TunnelResponse.class);
+
+        assertEquals(HttpStatus.OK, beforeMapping.getStatusCode());
+
+        Ingress ingress = new Ingress();
+        ingress.setHostname("random.hithomelabs.com");
+        ingress.setService("http://192.168.0.100:3457");
+
+        Config beforeInsertConfig = beforeMapping.getBody().getResult().getConfig();
+        List<Ingress> beforeInsert = beforeInsertConfig.getIngress();
+        beforeInsert.add(beforeInsert.size() - 1, ingress);
+
+        ResponseEntity<TunnelResponse> afterInsert = cloudflareAPIService.putCloudflareTunnelConfigurations(DEV_TUNNEL_ID, restTemplate, TunnelResponse.class, beforeInsertConfig);
+
+        assertEquals(HttpStatus.OK, afterInsert.getStatusCode());
+        Config afterInsertConfig = afterInsert.getBody().getResult().getConfig();
+        List<Ingress> ingressList = afterInsertConfig.getIngress();
+
+        boolean hasIngress = ingressList.get(ingressList.size() - 2 ).getHostname().equals("random.hithomelabs.com");
+        assertTrue(hasIngress);
+
+        Boolean deleteSuccess = Ingress.deleteByHostName(ingressList, ingress.getHostname());
+        assertTrue(deleteSuccess);
+
+        ResponseEntity<TunnelResponse> afterDelete = cloudflareAPIService.putCloudflareTunnelConfigurations(DEV_TUNNEL_ID, restTemplate, TunnelResponse.class, afterInsertConfig);
+        assertEquals(HttpStatus.OK, afterDelete.getStatusCode());
+        assertFalse(afterDelete.getBody().getResult().getConfig().getIngress().stream().anyMatch(anyIngress -> "random.hithomelabs.com".equals(anyIngress.getHostname())));
+    }
+
+}