fix: Fix broken managed identity endpoint (#1776)

nagyesta · web-flow · commit 220b25c599c1 · 2026-01-02T23:00:22.000+01:00
- Ignore versions when the request uses the metadata port - Add new tests Updates #1773 {patch} Signed-off-by: Esta Nagy <nagyesta@gmail.com>
diff --git a/lowkey-vault-app/src/main/java/com/github/nagyesta/lowkeyvault/WebConfig.java b/lowkey-vault-app/src/main/java/com/github/nagyesta/lowkeyvault/WebConfig.java
@@ -1,5 +1,6 @@
 package com.github.nagyesta.lowkeyvault;
 
+import com.github.nagyesta.lowkeyvault.context.OptionalQueryApiVersionResolver;
 import org.springframework.stereotype.Component;
 import org.springframework.web.accept.ApiVersionParser;
 import org.springframework.web.servlet.config.annotation.ApiVersionConfigurer;
@@ -14,9 +15,10 @@ public class WebConfig implements WebMvcConfigurer {
 
     @Override
     public void configureApiVersioning(final ApiVersionConfigurer configurer) {
-        configurer.useQueryParam(API_VERSION_NAME)
-                .addSupportedVersions(TOKEN_VERSION_2018_02_01, TOKEN_VERSION_2019_11_01, V_7_2, V_7_3, V_7_4, V_7_5, V_7_6)
+        configurer.useVersionResolver(new OptionalQueryApiVersionResolver())
+                .addSupportedVersions(V_7_2, V_7_3, V_7_4, V_7_5, V_7_6)
                 .setDefaultVersion(V_7_6)
                 .setVersionParser(IDENTITY_VERSION_PARSER);
     }
+
 }
diff --git a/lowkey-vault-app/src/main/java/com/github/nagyesta/lowkeyvault/context/OptionalQueryApiVersionResolver.java b/lowkey-vault-app/src/main/java/com/github/nagyesta/lowkeyvault/context/OptionalQueryApiVersionResolver.java
@@ -0,0 +1,26 @@
+package com.github.nagyesta.lowkeyvault.context;
+
+import jakarta.servlet.http.HttpServletRequest;
+import org.jspecify.annotations.Nullable;
+import org.springframework.web.accept.QueryApiVersionResolver;
+
+import static com.github.nagyesta.lowkeyvault.model.common.ApiConstants.API_VERSION_NAME;
+
+/**
+ * Query parameter-based version resolver that ignores versioning in case of metadata requests.
+ */
+public class OptionalQueryApiVersionResolver extends QueryApiVersionResolver {
+
+    public OptionalQueryApiVersionResolver() {
+        super(API_VERSION_NAME);
+    }
+
+    @Override
+    public @Nullable String resolveVersion(final HttpServletRequest request) {
+        //ignore versioning in case of metadata requests
+        if (!request.isSecure()) {
+            return null;
+        }
+        return super.resolveVersion(request);
+    }
+}
diff --git a/lowkey-vault-app/src/main/java/com/github/nagyesta/lowkeyvault/context/package-info.java b/lowkey-vault-app/src/main/java/com/github/nagyesta/lowkeyvault/context/package-info.java
@@ -0,0 +1,4 @@
+@NullMarked
+package com.github.nagyesta.lowkeyvault.context;
+
+import org.jspecify.annotations.NullMarked;
diff --git a/lowkey-vault-app/src/main/java/com/github/nagyesta/lowkeyvault/model/common/ApiConstants.java b/lowkey-vault-app/src/main/java/com/github/nagyesta/lowkeyvault/model/common/ApiConstants.java
@@ -56,14 +56,6 @@ public final class ApiConstants {
      * The latest supported API version.
      */
     public static final String LATEST = V_7_6;
-    /**
-     * The token API version: 2018-02-01.
-     */
-    public static final String TOKEN_VERSION_2018_02_01 = "2018-02-01";
-    /**
-     * The token API version: 2019-11-01.
-     */
-    public static final String TOKEN_VERSION_2019_11_01 = "2019-11-01";
     /**
      * API version parameter name.
      */
diff --git a/lowkey-vault-app/src/test/java/com/github/nagyesta/lowkeyvault/context/OptionalQueryApiVersionResolverTest.java b/lowkey-vault-app/src/test/java/com/github/nagyesta/lowkeyvault/context/OptionalQueryApiVersionResolverTest.java
@@ -0,0 +1,57 @@
+package com.github.nagyesta.lowkeyvault.context;
+
+import jakarta.servlet.http.HttpServletRequest;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.Arguments;
+import org.junit.jupiter.params.provider.MethodSource;
+
+import java.util.stream.Stream;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.mockito.Mockito.*;
+
+class OptionalQueryApiVersionResolverTest {
+
+    public static Stream<Arguments> versionProvider() {
+        return Stream.<Arguments>builder()
+                .add(Arguments.of("api-version=2021-10-01", true, "2021-10-01"))
+                .add(Arguments.of("api-version=2021-10-01", false, null))
+                .add(Arguments.of(null, true, null))
+                .add(Arguments.of("", true, null))
+                .add(Arguments.of("api-version=2021-10-01&other=value", true, "2021-10-01"))
+                .add(Arguments.of("api-version=2021-10-01&other=value", false, null))
+                .add(Arguments.of("other=value", true, null))
+                .add(Arguments.of("other=value", false, null))
+                .build();
+    }
+
+    @ParameterizedTest
+    @MethodSource("versionProvider")
+    void testResolveVersionShouldReturnVersionWhenTheRequestIsSecureAndTheParameterIsPresent(
+            final String queryString,
+            final boolean secure,
+            final String expected) {
+        // given
+        final var underTest = new OptionalQueryApiVersionResolver();
+        final var request = mock(HttpServletRequest.class);
+        when(request.isSecure()).thenReturn(secure);
+        when(request.getQueryString()).thenReturn(queryString);
+
+        // when
+        final var actual = underTest.resolveVersion(request);
+
+        // then
+        verify(request).isSecure();
+        if (secure) {
+            verify(request).getQueryString();
+        } else {
+            verify(request, never()).getQueryString();
+        }
+        if (expected == null) {
+            assertNull(actual);
+        } else {
+            assertEquals(expected, actual);
+        }
+    }
+}
