chore: make key auto-generated to simplify configuration

frontend/src/components/Analysis.vue

@@ -157,7 +157,7 @@ onMounted(() => {
         analyze();
       }
     })
-    .catch(handleError);
+    .catch(e => handleError(e.response?.data?.message ? e.response.data.message : e));
 });
 
 onUnmounted(() => {

server/server.gradle

@@ -78,40 +78,13 @@ applicationDefaultJvmArgs = ['--add-opens=java.base/java.lang=ALL-UNNAMED',
                              '--add-opens=java.base/java.util.concurrent.atomic=ALL-UNNAMED',
                              '-Djdk.util.zip.disableZip64ExtraFieldValidation=true']
 
-import java.nio.file.Files
-import java.security.KeyPair
-import java.security.KeyPairGenerator
-
-static void generateDevKey(File dir) {
-    def pubKeyPath = dir.toPath().resolve('dev_rsa.pub')
-    if (Files.exists(pubKeyPath)) {
-        return
-    }
-    KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
-    generator.initialize(2048);
-    KeyPair keyPair = generator.generateKeyPair();
-
-    String publicKeyEncoded =
-            '-----BEGIN PUBLIC KEY-----\n' + Base64.getEncoder().encodeToString(keyPair.getPublic().getEncoded()) + '\n-----END PUBLIC KEY-----\n'
-    Files.writeString(pubKeyPath, publicKeyEncoded)
-
-    String privateKeyEncoded =
-            '-----BEGIN PRIVATE KEY-----\n' + Base64.getEncoder().encodeToString(keyPair.getPrivate().getEncoded()) + '\n-----END PRIVATE KEY-----\n'
-    Files.writeString(dir.toPath().resolve('dev_rsa'), privateKeyEncoded)
-}
-
-afterEvaluate {
-    generateDevKey(projectDir)
-}
 
 import org.springframework.boot.gradle.tasks.run.BootRun
 
-static void setJvmOptionsAndDevKeys(BootRun bootRun) {
+static void setJvmOptions(BootRun bootRun) {
     bootRun.jvmArgs('--add-opens=java.base/java.lang=ALL-UNNAMED',
-                    '--add-opens=java.base/java.util.concurrent.atomic=ALL-UNNAMED',
-                    '-Djdk.util.zip.disableZip64ExtraFieldValidation=true')
-    bootRun.args('--jifa.public-key=file:' + bootRun.project.projectDir.toPath().resolve('dev_rsa.pub').toAbsolutePath().toString())
-    bootRun.args('--jifa.private-key=file:' + bootRun.project.projectDir.toPath().resolve('dev_rsa').toAbsolutePath().toString())
+            '--add-opens=java.base/java.util.concurrent.atomic=ALL-UNNAMED',
+            '-Djdk.util.zip.disableZip64ExtraFieldValidation=true')
 }
 
 static void setDatabase(BootRun bootRun) {
@@ -127,15 +100,15 @@ tasks.register('runStandaloneWorker', BootRun) {
     classpath(project.sourceSets.main.runtimeClasspath)
     mainClass.convention(mainClassName)
 
-    setJvmOptionsAndDevKeys(it)
+    setJvmOptions(it)
 }
 
 tasks.register('runStandaloneWorkerWithMysql', BootRun) {
     group('jifa')
     classpath(project.sourceSets.main.runtimeClasspath)
     mainClass.convention(mainClassName)
 
-    setJvmOptionsAndDevKeys(it)
+    setJvmOptions(it)
     setDatabase(it)
 }
 
@@ -145,7 +118,7 @@ tasks.register('runMaster', BootRun) {
     mainClass.convention(mainClassName)
 
     args('--jifa.role=master', '--jifa.scheduling-strategy=static')
-    setJvmOptionsAndDevKeys(it)
+    setJvmOptions(it)
     setDatabase(it)
 }
 
@@ -155,7 +128,7 @@ tasks.register('runStaticWorker', BootRun) {
     mainClass.convention(mainClassName)
 
     args('--jifa.role=static-worker', '--jifa.port=9102')
-    setJvmOptionsAndDevKeys(it)
+    setJvmOptions(it)
     setDatabase(it)
 }
 

server/src/main/java/org/eclipse/jifa/server/Configuration.java

@@ -22,14 +22,11 @@
 import org.eclipse.jifa.common.util.Validate;
 import org.eclipse.jifa.server.enums.Role;
 import org.eclipse.jifa.server.enums.SchedulingStrategy;
-import org.eclipse.jifa.server.util.DefaultRSAKeyPair;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.validation.annotation.Validated;
 
 import java.nio.file.Files;
 import java.nio.file.Path;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
 
 import static org.eclipse.jifa.server.Constant.DEFAULT_PORT;
 
@@ -107,16 +104,6 @@ public class Configuration {
     @Min(2)
     private int elasticWorkerIdleThreshold = 5;
 
-    /**
-     * Public key used by Jifa
-     */
-    private RSAPublicKey publicKey;
-
-    /**
-     * Private key used by Jifa
-     */
-    private RSAPrivateKey privateKey;
-
     /**
      * Whether to allow anonymous access, default is true
      */
@@ -164,10 +151,5 @@ private void init() {
                 Validate.isTrue(Files.isDirectory(storagePath), "jifa.storage-path must be a directory");
             }
         }
-
-        if (publicKey == null || privateKey == null) {
-            publicKey = DefaultRSAKeyPair.getPublicKey();
-            privateKey = DefaultRSAKeyPair.getPrivateKey();
-        }
     }
 }

server/src/main/java/org/eclipse/jifa/server/ConfigurationAccessor.java

@@ -17,9 +17,6 @@
 import org.eclipse.jifa.server.enums.SchedulingStrategy;
 import org.springframework.beans.factory.annotation.Autowired;
 
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
-
 public abstract class ConfigurationAccessor {
 
     @Autowired
@@ -54,14 +51,6 @@ protected final SchedulingStrategy getSchedulingStrategy() {
         return config.getSchedulingStrategy();
     }
 
-    protected final RSAPublicKey getPublicKey() {
-        return config.getPublicKey();
-    }
-
-    protected final RSAPrivateKey getPrivateKey() {
-        return config.getPrivateKey();
-    }
-
     protected final void mustBe(Role... roles) {
         boolean matched = false;
         for (Role role : roles) {

server/src/main/java/org/eclipse/jifa/server/Constant.java

@@ -86,4 +86,8 @@ public interface Constant extends org.eclipse.jifa.common.Constant {
     String ANALYSIS_API_REQUEST_TARGET_KEY = "target";
 
     String ANALYSIS_API_REQUEST_PARAMETERS_KEY = "parameters";
+
+    String CONFIGURATION_PUBLIC_KEY = "public-key";
+
+    String CONFIGURATION_PRIVATE_KEY = "private-key";
 }

server/src/main/java/org/eclipse/jifa/server/configurer/SecurityConfigurer.java

@@ -22,6 +22,7 @@
 import org.eclipse.jifa.server.Constant;
 import org.eclipse.jifa.server.condition.ConditionalOnRole;
 import org.eclipse.jifa.server.filter.JwtTokenRefreshFilter;
+import org.eclipse.jifa.server.service.CipherService;
 import org.eclipse.jifa.server.service.JwtService;
 import org.eclipse.jifa.server.service.UserService;
 import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties;
@@ -72,14 +73,14 @@
 public class SecurityConfigurer extends ConfigurationAccessor {
 
     @Bean
-    public JwtEncoder jwtEncoder() {
-        RSAKey jwk = new RSAKey.Builder(getPublicKey()).privateKey(getPrivateKey()).build();
+    public JwtEncoder jwtEncoder(CipherService cipherService) {
+        RSAKey jwk = new RSAKey.Builder(cipherService.getPublicKey()).privateKey(cipherService.getPrivateKey()).build();
         return new NimbusJwtEncoder(new ImmutableJWKSet<>(new JWKSet(jwk)));
     }
 
     @Bean
-    public JwtDecoder jwtDecoder() {
-        NimbusJwtDecoder decoder = NimbusJwtDecoder.withPublicKey(getPublicKey()).build();
+    public JwtDecoder jwtDecoder(CipherService cipherService) {
+        NimbusJwtDecoder decoder = NimbusJwtDecoder.withPublicKey(cipherService.getPublicKey()).build();
 
         if (getRole() == MASTER || getRole() == STANDALONE_WORKER) {
             decoder.setJwtValidator(new JwtTimestampValidator(Duration.ZERO));

server/src/main/java/org/eclipse/jifa/server/domain/entity/shared/ConfigurationEntity.java

@@ -0,0 +1,33 @@
+/********************************************************************************
+ * Copyright (c) 2023 Contributors to the Eclipse Foundation
+ *
+ * See the NOTICE file(s) distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License 2.0 which is available at
+ * http://www.eclipse.org/legal/epl-2.0
+ *
+ * SPDX-License-Identifier: EPL-2.0
+ ********************************************************************************/
+package org.eclipse.jifa.server.domain.entity.shared;
+
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Table;
+import lombok.Getter;
+import lombok.Setter;
+
+@SuppressWarnings("JpaDataSourceORMInspection")
+@Table(name = "configurations")
+@Entity
+@Getter
+@Setter
+public class ConfigurationEntity extends BaseEntity {
+
+    @Column(unique = true, nullable = false, updatable = false)
+    private String uniqueName;
+
+    @Column(nullable = false, length = 4096)
+    private String content;
+}

server/src/main/java/org/eclipse/jifa/server/repository/ConfigurationRepo.java

@@ -0,0 +1,12 @@
+package org.eclipse.jifa.server.repository;
+
+import org.eclipse.jifa.server.domain.entity.shared.ConfigurationEntity;
+import org.springframework.data.repository.CrudRepository;
+
+import java.util.Optional;
+
+public interface ConfigurationRepo extends CrudRepository<ConfigurationEntity, Long>  {
+
+    Optional<ConfigurationEntity> findByUniqueName(String uniqueName);
+
+}

server/src/main/java/org/eclipse/jifa/server/service/CipherService.java

@@ -14,11 +14,18 @@
 
 import org.eclipse.jifa.server.domain.dto.PublicKey;
 
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+
 public interface CipherService {
 
     String encrypt(String plaintext);
 
     String decrypt(String ciphertext);
 
+    RSAPublicKey getPublicKey();
+
+    RSAPrivateKey getPrivateKey();
+
     PublicKey getPublicKeyString();
 }