[yugabyte#8335] [Platform] [API] EncryptionAtRestController error handling. (yugabyte#8474)

* Description:
Use the new global exception handling in the EncryptionAtRestController.

Test Plan:

Its mostly refactor. Unit tests are updated.
Run server and tested basic operations.

* Description:
Use the new global exception handling in the EncryptionAtRestController.

Test Plan:

Its mostly refactor. Unit tests are updated.
Run server and tested basic operations.

* Fix merge conflicts.

Co-authored-by: jitendra-12113 <jitedra.kumar@hashedin.com>

Author: jitendra-12113

managed/src/main/java/com/yugabyte/yw/common/kms/util/EncryptionAtRestUtil.java

@@ -14,6 +14,7 @@
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.node.ObjectNode;
 import com.yugabyte.yw.common.Util;
+import com.yugabyte.yw.common.YWServiceException;
 import com.yugabyte.yw.common.kms.algorithms.SupportedAlgorithmInterface;
 import com.yugabyte.yw.common.kms.services.EncryptionAtRestService;
 import com.yugabyte.yw.models.KmsConfig;
@@ -32,6 +33,7 @@
 import org.springframework.security.crypto.encrypt.TextEncryptor;
 import play.api.Play;
 import play.libs.Json;
+import static play.mvc.Http.Status.BAD_REQUEST;
 
 public class EncryptionAtRestUtil {
   protected static final Logger LOG = LoggerFactory.getLogger(EncryptionAtRestUtil.class);
@@ -153,6 +155,7 @@ public static boolean keyRefExists(UUID universeUUID, byte[] keyRef) {
         KmsHistoryId.TargetType.UNIVERSE_KEY);
   }
 
+  @Deprecated
   public static KmsHistory getActiveKey(UUID universeUUID) {
     KmsHistory activeHistory = null;
     try {
@@ -230,6 +233,14 @@ public static void activateKeyRef(UUID universeUUID, UUID configUUID, byte[] key
         Base64.getEncoder().encodeToString(keyRef));
   }
 
+    public static KmsHistory getActiveKeyOrBadRequest(UUID universeUUID) {
+      KmsHistory activeKey = getActiveKey(universeUUID);
+      if(activeKey == null) {
+        throw new YWServiceException(BAD_REQUEST, "Could not retrieve ActiveKey");
+      }
+      return activeKey;
+    }
+
   public static List<KmsHistory> getAllUniverseKeys(UUID universeUUID) {
     return KmsHistory.getAllTargetKeyRefs(universeUUID, KmsHistoryId.TargetType.UNIVERSE_KEY);
   }

managed/src/main/java/com/yugabyte/yw/controllers/EncryptionAtRestController.java

@@ -16,6 +16,7 @@
 import com.yugabyte.yw.commissioner.Commissioner;
 import com.yugabyte.yw.commissioner.tasks.params.KMSConfigTaskParams;
 import com.yugabyte.yw.common.ApiResponse;
+import com.yugabyte.yw.common.YWServiceException;
 import com.yugabyte.yw.common.kms.EncryptionAtRestManager;
 import com.yugabyte.yw.common.kms.util.EncryptionAtRestUtil;
 import com.yugabyte.yw.common.kms.util.KeyProvider;
@@ -35,61 +36,65 @@
 import java.util.stream.Collectors;
 
 public class EncryptionAtRestController extends AuthenticatedController {
-  public static final Logger LOG = LoggerFactory.getLogger(EncryptionAtRestController.class);
-
-  @Inject EncryptionAtRestManager keyManager;
-
-  @Inject Commissioner commissioner;
-
-  public Result createKMSConfig(UUID customerUUID, String keyProvider) {
-    LOG.info(
-        String.format(
-            "Creating KMS configuration for customer %s with %s",
-            customerUUID.toString(), keyProvider));
-    try {
-      TaskType taskType = TaskType.CreateKMSConfig;
-      ObjectNode formData = (ObjectNode) request().body().asJson();
-      KMSConfigTaskParams taskParams = new KMSConfigTaskParams();
-      taskParams.kmsProvider = Enum.valueOf(KeyProvider.class, keyProvider);
-      taskParams.providerConfig = formData;
-      taskParams.customerUUID = customerUUID;
-      taskParams.kmsConfigName = formData.get("name").asText();
-      formData.remove("name");
-      UUID taskUUID = commissioner.submit(taskType, taskParams);
-      LOG.info("Submitted create KMS config for {}, task uuid = {}.", customerUUID, taskUUID);
-
-      // Add this task uuid to the user universe.
-      CustomerTask.create(
-          Customer.get(customerUUID),
-          customerUUID,
-          taskUUID,
-          CustomerTask.TargetType.KMSConfiguration,
-          CustomerTask.TaskType.Create,
-          taskParams.getName());
-      LOG.info(
-          "Saved task uuid " + taskUUID + " in customer tasks table for customer: " + customerUUID);
-
-      auditService().createAuditEntry(ctx(), request(), formData);
-      return new YWResults.YWTask(taskUUID).asResult();
-    } catch (Exception e) {
-      final String errMsg = "Error caught attempting to create KMS configuration";
-      LOG.error(errMsg, e);
-      return ApiResponse.error(BAD_REQUEST, e.getMessage());
+    public static final Logger LOG = LoggerFactory.getLogger(EncryptionAtRestController.class);
+
+    @Inject
+    EncryptionAtRestManager keyManager;
+
+    @Inject
+    Commissioner commissioner;
+
+    public Result createKMSConfig(UUID customerUUID, String keyProvider) {
+        LOG.info(String.format(
+                "Creating KMS configuration for customer %s with %s",
+                customerUUID.toString(),
+                keyProvider
+        ));
+        Customer customer = Customer.getOrBadRequest(customerUUID);
+        try {
+          TaskType taskType = TaskType.CreateKMSConfig;
+          ObjectNode formData = (ObjectNode) request().body().asJson();
+          KMSConfigTaskParams taskParams = new KMSConfigTaskParams();
+          taskParams.kmsProvider = Enum.valueOf(KeyProvider.class, keyProvider);
+          taskParams.providerConfig = formData;
+          taskParams.customerUUID = customerUUID;
+          taskParams.kmsConfigName = formData.get("name").asText();
+          formData.remove("name");
+          UUID taskUUID = commissioner.submit(taskType, taskParams);
+          LOG.info("Submitted create KMS config for {}, task uuid = {}.", customerUUID, taskUUID);
+          // Add this task uuid to the user universe.
+          CustomerTask.create(customer,
+            customerUUID,
+            taskUUID,
+            CustomerTask.TargetType.KMSConfiguration,
+            CustomerTask.TaskType.Create,
+            taskParams.getName());
+          LOG.info("Saved task uuid " + taskUUID + " in customer tasks table for customer: " +
+            customerUUID);
+
+          auditService().createAuditEntry(ctx(), request(), formData);
+          return new YWResults.YWTask(taskUUID).asResult();
+        } catch (Exception e) {
+          throw new YWServiceException(BAD_REQUEST, e.getMessage());
+        }
     }
-  }
 
-  public Result getKMSConfig(UUID customerUUID, UUID configUUID) {
-    LOG.info(String.format("Retrieving KMS configuration %s", configUUID.toString()));
-    KmsConfig config = KmsConfig.get(configUUID);
-    ObjectNode kmsConfig =
-        keyManager.getServiceInstance(config.keyProvider.name()).getAuthConfig(configUUID);
-    if (kmsConfig == null) {
-      return ApiResponse.error(
-          BAD_REQUEST,
-          String.format("No KMS configuration found for config %s", configUUID.toString()));
+    public Result getKMSConfig(UUID customerUUID, UUID configUUID) {
+        LOG.info(String.format(
+                "Retrieving KMS configuration %s",
+                configUUID.toString()
+        ));
+        KmsConfig config = KmsConfig.get(configUUID);
+        ObjectNode kmsConfig = keyManager.getServiceInstance(config.keyProvider.name())
+          .getAuthConfig(configUUID);
+        if (kmsConfig == null) {
+            throw new YWServiceException(BAD_REQUEST, String.format(
+                    "No KMS configuration found for config %s",
+                    configUUID.toString()
+            ));
+        }
+        return ApiResponse.success(kmsConfig);
     }
-    return ApiResponse.success(kmsConfig);
-  }
 
   public Result listKMSConfigs(UUID customerUUID) {
     LOG.info(String.format("Listing KMS configurations for customer %s", customerUUID.toString()));
@@ -125,126 +130,120 @@ public Result listKMSConfigs(UUID customerUUID) {
     return ApiResponse.success(kmsConfigs);
   }
 
-  public Result deleteKMSConfig(UUID customerUUID, UUID configUUID) {
-    LOG.info(
-        String.format(
-            "Deleting KMS configuration %s for customer %s",
-            configUUID.toString(), customerUUID.toString()));
-    try {
-      KmsConfig config = KmsConfig.get(configUUID);
-      TaskType taskType = TaskType.DeleteKMSConfig;
-      KMSConfigTaskParams taskParams = new KMSConfigTaskParams();
-      taskParams.kmsProvider = config.keyProvider;
-      taskParams.customerUUID = customerUUID;
-      taskParams.configUUID = configUUID;
-      UUID taskUUID = commissioner.submit(taskType, taskParams);
-      LOG.info("Submitted delete KMS config for {}, task uuid = {}.", customerUUID, taskUUID);
-
-      // Add this task uuid to the user universe.
-      CustomerTask.create(
-          Customer.get(customerUUID),
-          customerUUID,
-          taskUUID,
-          CustomerTask.TargetType.KMSConfiguration,
-          CustomerTask.TaskType.Delete,
-          taskParams.getName());
-      LOG.info(
-          "Saved task uuid " + taskUUID + " in customer tasks table for customer: " + customerUUID);
-
-      auditService().createAuditEntry(ctx(), request());
-      return new YWResults.YWTask(taskUUID).asResult();
-    } catch (Exception e) {
-      final String errMsg = "Error caught attempting to delete KMS configuration";
-      LOG.error(errMsg, e);
-      return ApiResponse.error(BAD_REQUEST, e.getMessage());
+    public Result deleteKMSConfig(UUID customerUUID, UUID configUUID) {
+        LOG.info(String.format(
+                "Deleting KMS configuration %s for customer %s",
+                configUUID.toString(),
+                customerUUID.toString()
+        ));
+        Customer customer = Customer.getOrBadRequest(customerUUID);
+        try {
+          KmsConfig config = KmsConfig.get(configUUID);
+          TaskType taskType = TaskType.DeleteKMSConfig;
+          KMSConfigTaskParams taskParams = new KMSConfigTaskParams();
+          taskParams.kmsProvider = config.keyProvider;
+          taskParams.customerUUID = customerUUID;
+          taskParams.configUUID = configUUID;
+          UUID taskUUID = commissioner.submit(taskType, taskParams);
+          LOG.info("Submitted delete KMS config for {}, task uuid = {}.", customerUUID, taskUUID);
+
+          // Add this task uuid to the user universe.
+          CustomerTask.create(customer,
+            customerUUID,
+            taskUUID,
+            CustomerTask.TargetType.KMSConfiguration,
+            CustomerTask.TaskType.Delete,
+            taskParams.getName());
+          LOG.info("Saved task uuid " + taskUUID + " in customer tasks table for customer: " +
+            customerUUID);
+          auditService().createAuditEntry(ctx(), request());
+          return new YWResults.YWTask(taskUUID).asResult();
+        } catch (Exception e) {
+          throw new YWServiceException(BAD_REQUEST, e.getMessage());
+        }
+    }
+
+    public Result retrieveKey(UUID customerUUID, UUID universeUUID) {
+        LOG.info(String.format(
+                "Retrieving universe key for universe %s",
+                customerUUID.toString(),
+                universeUUID.toString()
+        ));
+        ObjectNode formData = (ObjectNode) request().body().asJson();
+        byte[] keyRef = Base64.getDecoder().decode(formData.get("reference").asText());
+        UUID configUUID = UUID.fromString(formData.get("configUUID").asText());
+        byte[] recoveredKey = getRecoveredKeyOrBadRequest(
+          universeUUID,
+          configUUID,
+          keyRef
+        );
+        ObjectNode result = Json.newObject()
+          .put("reference", keyRef)
+          .put("value", Base64.getEncoder().encodeToString(recoveredKey));
+        auditService().createAuditEntry(ctx(), request(), formData);
+        return ApiResponse.success(result);
     }
-  }
 
-  public Result retrieveKey(UUID customerUUID, UUID universeUUID) {
-    LOG.info(
-        String.format(
-            "Retrieving universe key for universe %s",
-            customerUUID.toString(), universeUUID.toString()));
-    byte[] keyRef = null;
-    byte[] recoveredKey = null;
-    try {
-      ObjectNode formData = (ObjectNode) request().body().asJson();
-      keyRef = Base64.getDecoder().decode(formData.get("reference").asText());
-      UUID configUUID = UUID.fromString(formData.get("configUUID").asText());
-      recoveredKey = keyManager.getUniverseKey(universeUUID, configUUID, keyRef);
+    public byte[] getRecoveredKeyOrBadRequest(UUID universeUUID, UUID configUUID, byte[] keyRef) {
+      byte[] recoveredKey = keyManager.getUniverseKey(universeUUID, configUUID, keyRef);
       if (recoveredKey == null || recoveredKey.length == 0) {
-        final String errMsg =
-            String.format("No universe key found for universe %s", universeUUID.toString());
-        throw new RuntimeException(errMsg);
+        final String errMsg = String.format(
+          "No universe key found for universe %s",
+          universeUUID.toString()
+        );
+        throw new YWServiceException(BAD_REQUEST, errMsg);
       }
-      ObjectNode result =
-          Json.newObject()
-              .put("reference", keyRef)
-              .put("value", Base64.getEncoder().encodeToString(recoveredKey));
-      auditService().createAuditEntry(ctx(), request(), formData);
-      return ApiResponse.success(result);
-    } catch (Exception e) {
-      final String errMsg =
-          String.format("Could not recover universe key from universe %s", universeUUID.toString());
-      LOG.error(errMsg, e);
-      return ApiResponse.error(BAD_REQUEST, e.getMessage());
+      return recoveredKey;
     }
-  }
 
-  public Result getKeyRefHistory(UUID customerUUID, UUID universeUUID) {
-    LOG.info(
-        String.format(
-            "Retrieving key ref history for customer %s and universe %s",
-            customerUUID.toString(), universeUUID.toString()));
-    try {
-      return ApiResponse.success(
-          KmsHistory.getAllTargetKeyRefs(universeUUID, KmsHistoryId.TargetType.UNIVERSE_KEY)
-              .stream()
-              .map(
-                  history -> {
-                    return Json.newObject()
-                        .put("reference", history.uuid.keyRef)
-                        .put("configUUID", history.configUuid.toString())
-                        .put("timestamp", history.timestamp.toString());
-                  })
-              .collect(Collectors.toList()));
-    } catch (Exception e) {
-      return ApiResponse.error(BAD_REQUEST, e.getMessage());
+    public Result getKeyRefHistory(UUID customerUUID, UUID universeUUID) {
+        LOG.info(String.format(
+                "Retrieving key ref history for customer %s and universe %s",
+                customerUUID.toString(),
+                universeUUID.toString()
+        ));
+        return ApiResponse.success(KmsHistory.getAllTargetKeyRefs(
+          universeUUID,
+          KmsHistoryId.TargetType.UNIVERSE_KEY
+        )
+          .stream()
+          .map(history -> {
+            return Json.newObject()
+              .put("reference", history.uuid.keyRef)
+              .put("configUUID", history.configUuid.toString())
+              .put("timestamp", history.timestamp.toString());
+          })
+          .collect(Collectors.toList()));
     }
-  }
 
-  public Result removeKeyRefHistory(UUID customerUUID, UUID universeUUID) {
-    LOG.info(
-        String.format(
-            "Removing key ref for customer %s with universe %s",
-            customerUUID.toString(), universeUUID.toString()));
-    try {
-      keyManager.cleanupEncryptionAtRest(customerUUID, universeUUID);
-      auditService().createAuditEntry(ctx(), request());
-      return YWResults.YWSuccess.withMessage("Key ref was successfully removed");
-    } catch (Exception e) {
-      return ApiResponse.error(BAD_REQUEST, e.getMessage());
+    public Result removeKeyRefHistory(UUID customerUUID, UUID universeUUID) {
+        LOG.info(String.format(
+                "Removing key ref for customer %s with universe %s",
+                customerUUID.toString(),
+                universeUUID.toString()
+        ));
+        keyManager.cleanupEncryptionAtRest(customerUUID, universeUUID);
+        auditService().createAuditEntry(ctx(), request());
+        return YWResults.YWSuccess.withMessage("Key ref was successfully removed");
     }
-  }
 
-  public Result getCurrentKeyRef(UUID customerUUID, UUID universeUUID) {
-    LOG.info(
-        String.format(
-            "Retrieving key ref for customer %s and universe %s",
-            customerUUID.toString(), universeUUID.toString()));
-    try {
-      KmsHistory activeKey = EncryptionAtRestUtil.getActiveKey(universeUUID);
-      String keyRef = activeKey.uuid.keyRef;
-      if (keyRef == null || keyRef.length() == 0) {
-        return ApiResponse.error(
-            BAD_REQUEST,
-            String.format(
-                "Could not retrieve key service for customer %s and universe %s",
-                customerUUID.toString(), universeUUID.toString()));
-      }
-      return ApiResponse.success(Json.newObject().put("reference", keyRef));
-    } catch (Exception e) {
-      return ApiResponse.error(BAD_REQUEST, e.getMessage());
-    }
+    public Result getCurrentKeyRef(UUID customerUUID, UUID universeUUID) {
+        LOG.info(String.format(
+                "Retrieving key ref for customer %s and universe %s",
+                customerUUID.toString(),
+                universeUUID.toString()
+        ));
+        KmsHistory activeKey = EncryptionAtRestUtil.getActiveKeyOrBadRequest(universeUUID);
+        String keyRef = activeKey.uuid.keyRef;
+        if (keyRef == null || keyRef.length() == 0) {
+          throw new YWServiceException(BAD_REQUEST, String.format(
+            "Could not retrieve key service for customer %s and universe %s",
+            customerUUID.toString(),
+            universeUUID.toString()
+          ));
+        }
+        return ApiResponse.success(Json.newObject().put(
+          "reference", keyRef
+        ));
   }
 }