diff options
author | Thomas <> | 2023-08-31 20:37:42 +0200 |
---|---|---|
committer | Thomas <> | 2023-08-31 20:37:42 +0200 |
commit | e915685e22c7c084f7fd0c4870ff20d3f0194a91 (patch) | |
tree | 638deef490a63799ff48ca826ff8702b2efbee2a | |
parent | 5acc09000c59c93510567e88cb701919122dc5b2 (diff) | |
download | EAAF-Components-e915685e22c7c084f7fd0c4870ff20d3f0194a91.tar.gz EAAF-Components-e915685e22c7c084f7fd0c4870ff20d3f0194a91.tar.bz2 EAAF-Components-e915685e22c7c084f7fd0c4870ff20d3f0194a91.zip |
feat(core): refactor to openSAML 5 for Java 17
130 files changed, 772 insertions, 702 deletions
diff --git a/eaaf-springboot-utils/checks/spotbugs-exclude.xml b/eaaf-springboot-utils/checks/spotbugs-exclude.xml index 7bb320ee..183220ef 100644 --- a/eaaf-springboot-utils/checks/spotbugs-exclude.xml +++ b/eaaf-springboot-utils/checks/spotbugs-exclude.xml @@ -7,5 +7,19 @@ <OR> <Bug pattern="PATH_TRAVERSAL_IN" /> </OR> - </Match> + </Match> + <Match> + <OR> + <Class name="at.gv.egiz.eaaf.utils.springboot.ajp.TomcatProperties" /> + <Class name="at.gv.egiz.eaaf.utils.springboot.ajp.logging.LoggingProperties" /> + <Class name="at.gv.egiz.eaaf.utils.springboot.ajp.logging.LoggingProperties$Mdc" /> + <Class name="at.gv.egiz.eaaf.utils.springboot.ajp.logging.MdcEnhancerFilter" /> + <Class name="at.gv.egiz.eaaf.utils.springboot.security.AuthorizationConfiguration" /> + <Class name="at.gv.egiz.eaaf.utils.springboot.security.BasicAuthUser" /> + </OR> + <OR> + <Bug pattern="EI_EXPOSE_REP" /> + <Bug pattern="EI_EXPOSE_REP2" /> + </OR> + </Match> </FindBugsFilter> diff --git a/eaaf-springboot-utils/pom.xml b/eaaf-springboot-utils/pom.xml index 3f2d2f11..3c92b428 100644 --- a/eaaf-springboot-utils/pom.xml +++ b/eaaf-springboot-utils/pom.xml @@ -87,8 +87,8 @@ <type>test-jar</type> </dependency> <dependency> - <groupId>org.apache.httpcomponents</groupId> - <artifactId>httpclient</artifactId> + <groupId>org.apache.httpcomponents.client5</groupId> + <artifactId>httpclient5</artifactId> <scope>test</scope> </dependency> <dependency> diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatAjpConfiguration.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatAjpConfiguration.java index c665edb3..62b1c795 100644 --- a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatAjpConfiguration.java +++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatAjpConfiguration.java @@ -94,7 +94,7 @@ public class TomcatAjpConfiguration { ajp.getAdditionalAttributes().entrySet()) { log.debug("Set Tomcat AJP property: {} with value: {}", entry.getKey(), entry.getValue()); - ajpConnector.setAttribute(entry.getKey(), entry.getValue()); + ajpConnector.setProperty(entry.getKey(), entry.getValue()); } } log.debug("AJP connector requires secret: {}", diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/MdcEnhancerFilter.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/MdcEnhancerFilter.java index a1f59f66..f5da0ba5 100644 --- a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/MdcEnhancerFilter.java +++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/MdcEnhancerFilter.java @@ -4,19 +4,18 @@ import java.io.IOException; import java.util.HashMap; import java.util.Optional; -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; - import org.apache.commons.lang3.StringUtils; import org.slf4j.MDC; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.stereotype.Component; +import jakarta.servlet.Filter; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.ServletRequest; +import jakarta.servlet.ServletResponse; +import jakarta.servlet.http.Cookie; +import jakarta.servlet.http.HttpServletRequest; import lombok.Getter; @Component diff --git a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java index e0c478af..f9aa8d6e 100644 --- a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java +++ b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java @@ -5,13 +5,13 @@ import static org.junit.Assert.assertNotNull; import java.io.IOException; -import org.apache.http.client.ClientProtocolException; -import org.apache.http.client.methods.CloseableHttpResponse; -import org.apache.http.client.methods.HttpGet; -import org.apache.http.client.methods.HttpUriRequest; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClientBuilder; -import org.apache.http.impl.client.HttpClients; +import org.apache.hc.client5.http.ClientProtocolException; +import org.apache.hc.client5.http.classic.methods.HttpGet; +import org.apache.hc.client5.http.classic.methods.HttpUriRequest; +import org.apache.hc.client5.http.impl.classic.CloseableHttpClient; +import org.apache.hc.client5.http.impl.classic.CloseableHttpResponse; +import org.apache.hc.client5.http.impl.classic.HttpClientBuilder; +import org.apache.hc.client5.http.impl.classic.HttpClients; import org.junit.Assert; import org.junit.Test; import org.springframework.boot.ExitCodeGenerator; @@ -61,7 +61,7 @@ public class SimpleSpringBootStarterTest { final HttpUriRequest httpGet1 = new HttpGet("http://localhost:8080/junit"); final CloseableHttpResponse httpResp1 = client.execute(httpGet1); - assertEquals("http statusCode", 200, httpResp1.getStatusLine().getStatusCode()); + assertEquals("http statusCode", 200, httpResp1.getCode()); } diff --git a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/dummy/DummyController.java b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/dummy/DummyController.java index 65dcf5c1..641eebd7 100644 --- a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/dummy/DummyController.java +++ b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/dummy/DummyController.java @@ -2,13 +2,13 @@ package at.gv.egiz.eaaf.utils.springboot.test.dummy; import java.io.IOException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; + @Controller public class DummyController { diff --git a/eaaf_core/pom.xml b/eaaf_core/pom.xml index 50d51400..6a939710 100644 --- a/eaaf_core/pom.xml +++ b/eaaf_core/pom.xml @@ -33,8 +33,8 @@ <artifactId>egiz-spring-api</artifactId> </dependency> <dependency> - <groupId>javax.annotation</groupId> - <artifactId>javax.annotation-api</artifactId> + <groupId>jakarta.annotation</groupId> + <artifactId>jakarta.annotation-api</artifactId> </dependency> <dependency> <groupId>org.springframework</groupId> @@ -86,8 +86,8 @@ <artifactId>commons-text</artifactId> </dependency> <dependency> - <groupId>commons-fileupload</groupId> - <artifactId>commons-fileupload</artifactId> + <groupId>org.apache.commons</groupId> + <artifactId>commons-fileupload2-jakarta</artifactId> </dependency> <dependency> <groupId>jakarta.servlet</groupId> diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiFormBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiFormBuilder.java index ff90e9cc..f196ac76 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiFormBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/gui/IVelocityGuiFormBuilder.java @@ -2,12 +2,11 @@ package at.gv.egiz.eaaf.core.api.gui; import java.io.InputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import org.apache.velocity.VelocityContext; import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; public interface IVelocityGuiFormBuilder extends IGuiFormBuilder { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGuiFormBuilderImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGuiFormBuilderImpl.java index 5e4af55e..9b2fe767 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGuiFormBuilderImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/AbstractVelocityGuiFormBuilderImpl.java @@ -28,9 +28,6 @@ import java.util.Iterator; import java.util.Map; import java.util.Map.Entry; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import org.apache.commons.lang3.StringUtils; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; @@ -43,6 +40,8 @@ import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration; import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiFormBuilder; import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; import at.gv.egiz.eaaf.core.impl.gui.velocity.VelocityProvider; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; /** * Abstract VeloCity based GUI builder implementation. diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/builder/AsynchGuiFormBuilderImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/builder/AsynchGuiFormBuilderImpl.java index 6ed50955..5bcaebdb 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/builder/AsynchGuiFormBuilderImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/builder/AsynchGuiFormBuilderImpl.java @@ -1,8 +1,6 @@ package at.gv.egiz.eaaf.core.impl.gui.builder; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.servlet.LocaleResolver; @@ -12,6 +10,8 @@ import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration; import at.gv.egiz.eaaf.core.api.gui.ISpringMvcGuiFormBuilder; import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; import at.gv.egiz.eaaf.core.impl.gui.utils.MvcGuiRenderUtils; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; @Slf4j diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/builder/SpringMvcGuiFormBuilderImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/builder/SpringMvcGuiFormBuilderImpl.java index 9fae07e2..79941d60 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/builder/SpringMvcGuiFormBuilderImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/builder/SpringMvcGuiFormBuilderImpl.java @@ -1,7 +1,5 @@ package at.gv.egiz.eaaf.core.impl.gui.builder; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.servlet.LocaleResolver; @@ -11,6 +9,8 @@ import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration; import at.gv.egiz.eaaf.core.api.gui.ISpringMvcGuiFormBuilder; import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; import at.gv.egiz.eaaf.core.impl.gui.utils.MvcGuiRenderUtils; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; @Slf4j diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/interceptor/AsynchSpringMvcGuiBuilderIntercepter.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/interceptor/AsynchSpringMvcGuiBuilderIntercepter.java index 708e3b84..8b7eb251 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/interceptor/AsynchSpringMvcGuiBuilderIntercepter.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/interceptor/AsynchSpringMvcGuiBuilderIntercepter.java @@ -1,7 +1,8 @@ package at.gv.egiz.eaaf.core.impl.gui.interceptor; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; + +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.servlet.HandlerInterceptor; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/utils/MvcGuiRenderUtils.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/utils/MvcGuiRenderUtils.java index b212f140..75c7a42b 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/utils/MvcGuiRenderUtils.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/utils/MvcGuiRenderUtils.java @@ -2,12 +2,7 @@ package at.gv.egiz.eaaf.core.impl.gui.utils; import java.util.Locale; -import javax.annotation.Nullable; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.springframework.http.HttpStatus; +import org.springframework.http.HttpStatusCode; import org.springframework.util.Assert; import org.springframework.web.servlet.LocaleResolver; import org.springframework.web.servlet.ModelAndView; @@ -15,6 +10,10 @@ import org.springframework.web.servlet.View; import org.springframework.web.servlet.ViewResolver; import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration; +import jakarta.annotation.Nullable; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.NonNull; import lombok.extern.slf4j.Slf4j; @@ -127,7 +126,7 @@ public class MvcGuiRenderUtils { // Determine view for response View view = buildViewFromModel(viewResolvers, locale, mv); - final HttpStatus modelStatus = mv.getStatus(); + final HttpStatusCode modelStatus = mv.getStatus(); if (modelStatus != null) { response.setStatus(modelStatus.value()); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java index 76bc09e6..4279e427 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java @@ -25,11 +25,6 @@ import java.util.ArrayList; import java.util.Enumeration; import java.util.List; -import javax.annotation.PostConstruct; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import org.apache.commons.lang3.StringUtils; import org.apache.commons.text.StringEscapeUtils; import org.slf4j.Logger; @@ -56,6 +51,10 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.modules.ModuleRegistration; import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils; +import jakarta.annotation.PostConstruct; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; public abstract class AbstractAuthenticationManager implements IAuthenticationManager { private static final Logger log = LoggerFactory.getLogger(AbstractAuthenticationManager.class); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/AbstractAuthServletTask.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/AbstractAuthServletTask.java index 4e528ef5..b179132a 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/AbstractAuthServletTask.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/AbstractAuthServletTask.java @@ -22,20 +22,18 @@ package at.gv.egiz.eaaf.core.impl.idp.auth.modules; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; +import java.nio.charset.StandardCharsets; import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Map.Entry; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.fileupload.FileItem; -import org.apache.commons.fileupload.FileItemFactory; -import org.apache.commons.fileupload.FileUploadException; -import org.apache.commons.fileupload.disk.DiskFileItemFactory; -import org.apache.commons.fileupload.servlet.ServletFileUpload; +import org.apache.commons.fileupload2.core.DiskFileItemFactory; +import org.apache.commons.fileupload2.core.FileItem; +import org.apache.commons.fileupload2.core.FileItemFactory; +import org.apache.commons.fileupload2.core.FileUploadException; +import org.apache.commons.fileupload2.jakarta.JakartaServletFileUpload; import org.apache.commons.lang3.ArrayUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -55,6 +53,8 @@ import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController; import at.gv.egiz.eaaf.core.impl.idp.process.springweb.AbstractTask; import at.gv.egiz.eaaf.core.impl.utils.DataUrlBuilder; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.Setter; /** @@ -207,22 +207,21 @@ public abstract class AbstractAuthServletTask extends AbstractTask { final Map<String, String> parameters = new HashMap<>(); - if (ServletFileUpload.isMultipartContent(req)) { + if (JakartaServletFileUpload.isMultipartContent(req)) { // request is encoded as mulitpart/form-data - final FileItemFactory factory = new DiskFileItemFactory(); - ServletFileUpload upload = null; - upload = new ServletFileUpload(factory); + final FileItemFactory factory = DiskFileItemFactory.builder().get(); + JakartaServletFileUpload upload = new JakartaServletFileUpload(factory); List items = null; items = upload.parseRequest(req); for (int i = 0; i < items.size(); i++) { final FileItem item = (FileItem) items.get(i); if (item.isFormField()) { // Process only form fields - no file upload items - parameters.put(item.getFieldName(), item.getString("UTF-8")); + parameters.put(item.getFieldName(), item.getString(StandardCharsets.UTF_8)); // log requests on trace if (log.isTraceEnabled()) { - final String logString = item.getString("UTF-8"); + final String logString = item.getString(StandardCharsets.UTF_8); // TODO use RegExp final String startS = "<pr:Identification><pr:Value>"; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java index c1593cb1..4215ee80 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java @@ -28,8 +28,6 @@ import java.util.List; import java.util.Map; import java.util.ServiceLoader; -import javax.annotation.PostConstruct; - import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -42,6 +40,7 @@ import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.process.ProcessEngine; import at.gv.egiz.eaaf.core.impl.idp.process.ProcessDefinitionParserException; +import jakarta.annotation.PostConstruct; /** * This class handles registering modules. The modules are detected either with diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/DefaultErrorService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/DefaultErrorService.java index cd89f8a5..ea045c8d 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/DefaultErrorService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/DefaultErrorService.java @@ -5,9 +5,6 @@ import java.util.Collections; import java.util.HashSet; import java.util.Map; -import javax.annotation.PostConstruct; -import javax.servlet.http.HttpServletRequest; - import org.springframework.beans.factory.annotation.Autowired; import at.gv.egiz.eaaf.core.api.IRequest; @@ -17,6 +14,8 @@ import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; +import jakarta.annotation.PostConstruct; +import jakarta.servlet.http.HttpServletRequest; import lombok.Builder; import lombok.Getter; import lombok.extern.slf4j.Slf4j; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/IErrorService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/IErrorService.java index 45b1cfe8..ef04861d 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/IErrorService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/IErrorService.java @@ -4,11 +4,11 @@ import java.util.Map; import javax.annotation.Nonnull; import javax.annotation.Nullable; -import javax.servlet.http.HttpServletRequest; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.gui.ModifyableGuiBuilderConfiguration; import at.gv.egiz.eaaf.core.exceptions.EaafException; +import jakarta.servlet.http.HttpServletRequest; public interface IErrorService { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java index 08fcf6f8..8dd208a9 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java @@ -21,10 +21,7 @@ package at.gv.egiz.eaaf.core.impl.idp.auth.services; import java.io.IOException; -import javax.annotation.PostConstruct; import javax.naming.ConfigurationException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang3.ArrayUtils; import org.apache.commons.lang3.StringUtils; @@ -78,6 +75,9 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.services.IErrorService.LogLevel; import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController; import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; import at.gv.egiz.eaaf.core.impl.utils.ServletUtils; +import jakarta.annotation.PostConstruct; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; @Service public class ProtocolAuthenticationService implements IProtocolAuthenticationService { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/TicketErrorService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/TicketErrorService.java index e5f7a5ea..469a8cd3 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/TicketErrorService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/TicketErrorService.java @@ -12,8 +12,6 @@ import java.util.Set; import java.util.stream.Collectors; import javax.annotation.Nonnull; -import javax.annotation.PostConstruct; -import javax.servlet.http.HttpServletRequest; import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.StringUtils; @@ -40,6 +38,8 @@ import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController; import at.gv.egiz.eaaf.core.impl.utils.DefaultYamlMapper; import at.gv.egiz.eaaf.core.impl.utils.FileUtils; import at.gv.egiz.eaaf.core.impl.utils.ServletUtils; +import jakarta.annotation.PostConstruct; +import jakarta.servlet.http.HttpServletRequest; import lombok.Builder; import lombok.Getter; import lombok.var; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java index ea2cfcd6..b47f643e 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/AbstractSpringBootConfigurationImpl.java @@ -19,11 +19,12 @@ package at.gv.egiz.eaaf.core.impl.idp.conf; -import javax.annotation.PostConstruct; + import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; import at.gv.egiz.eaaf.core.impl.config.BasicSpringBootConfigurationImpl; +import jakarta.annotation.PostConstruct; /** * Basic implementation with SP functionality. diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java index c47446d8..41d15743 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java @@ -23,8 +23,6 @@ import java.io.IOException; import javax.annotation.Nonnull; import javax.annotation.Nullable; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -47,6 +45,8 @@ import at.gv.egiz.eaaf.core.exceptions.ProcessExecutionException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.data.ExceptionContainer; import at.gv.egiz.eaaf.core.impl.data.Pair; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; /** * Basic application controller that implements core error-handling. diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java index ea481bdb..46de6167 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java @@ -21,9 +21,6 @@ package at.gv.egiz.eaaf.core.impl.idp.controller; import java.io.IOException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import org.apache.commons.text.StringEscapeUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -38,6 +35,8 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.EaafIllegalStateException; import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; /** * Servlet that resumes a suspended process (in case of asynchronous tasks). diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java index 06da298b..a52d2fda 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java @@ -21,9 +21,6 @@ package at.gv.egiz.eaaf.core.impl.idp.controller; import java.io.IOException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import org.apache.commons.text.StringEscapeUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -43,6 +40,8 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.impl.data.ExceptionContainer; import at.gv.egiz.eaaf.core.impl.idp.auth.services.ProtocolAuthenticationService; import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; /** * Protocol finialization end-point. diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java index 27b032e3..92bf8af3 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java @@ -30,7 +30,6 @@ import java.util.Map.Entry; import java.util.UUID; import javax.annotation.Nonnull; -import javax.servlet.http.HttpServletRequest; import org.apache.commons.lang3.StringUtils; import org.springframework.lang.NonNull; @@ -57,6 +56,7 @@ import at.gv.egiz.eaaf.core.impl.json.EscapedJsonDeserializer; import at.gv.egiz.eaaf.core.impl.json.EscapedJsonSerializer; import at.gv.egiz.eaaf.core.impl.utils.DefaultJsonMapper; import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils; +import jakarta.servlet.http.HttpServletRequest; import lombok.AllArgsConstructor; import lombok.Builder; import lombok.Data; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/AbstractLocaleAuthServletTask.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/AbstractLocaleAuthServletTask.java index 007c3e1d..8dcded08 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/AbstractLocaleAuthServletTask.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/AbstractLocaleAuthServletTask.java @@ -2,9 +2,6 @@ package at.gv.egiz.eaaf.core.impl.idp.controller.tasks; import java.io.Serializable; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import org.apache.commons.lang3.StringUtils; import org.apache.commons.text.StringEscapeUtils; import org.slf4j.Logger; @@ -14,6 +11,8 @@ import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; public abstract class AbstractLocaleAuthServletTask extends AbstractAuthServletTask { private static final Logger log = LoggerFactory.getLogger(AbstractLocaleAuthServletTask.class); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/FinalizeAuthenticationTask.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/FinalizeAuthenticationTask.java index 892121c0..9e1259dc 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/FinalizeAuthenticationTask.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/FinalizeAuthenticationTask.java @@ -19,8 +19,6 @@ package at.gv.egiz.eaaf.core.impl.idp.controller.tasks; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -32,6 +30,8 @@ import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; /** * Finalize the authentication process-flow. diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java index 7a664915..efba8bb7 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java @@ -19,8 +19,6 @@ package at.gv.egiz.eaaf.core.impl.idp.controller.tasks; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -36,6 +34,8 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.ModuleRegistration; import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; /** * Restart the authentication process-flow. diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/SpringExpressionEvaluator.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/SpringExpressionEvaluator.java index 588a3bde..19d0a320 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/SpringExpressionEvaluator.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/spring/SpringExpressionEvaluator.java @@ -21,8 +21,6 @@ package at.gv.egiz.eaaf.core.impl.idp.process.spring; import java.util.Objects; -import javax.annotation.PostConstruct; - import org.apache.commons.lang3.BooleanUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -37,6 +35,7 @@ import org.springframework.expression.spel.support.StandardEvaluationContext; import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluationContext; import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluator; import at.gv.egiz.eaaf.core.impl.idp.process.model.Transition; +import jakarta.annotation.PostConstruct; /** * Expression evaluator for processing {@link Transition} conditions allowing to diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/AbstractTask.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/AbstractTask.java index 2cdb84c5..56e4642e 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/AbstractTask.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/AbstractTask.java @@ -19,9 +19,6 @@ package at.gv.egiz.eaaf.core.impl.idp.process.springweb; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import org.springframework.web.context.request.RequestAttributes; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; @@ -31,6 +28,8 @@ import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.process.Task; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; /** * Abstract task implementation providing {@link HttpServletRequest} and diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/SpringWebExpressionEvaluator.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/SpringWebExpressionEvaluator.java index 9ef88679..476a582f 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/SpringWebExpressionEvaluator.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/process/springweb/SpringWebExpressionEvaluator.java @@ -23,9 +23,6 @@ import java.io.Serializable; import java.util.Map; import java.util.Objects; -import javax.annotation.PostConstruct; -import javax.servlet.http.HttpServletRequest; - import org.apache.commons.lang3.BooleanUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -41,6 +38,8 @@ import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluationContext; import at.gv.egiz.eaaf.core.api.idp.process.ExpressionEvaluator; import at.gv.egiz.eaaf.core.impl.idp.process.model.Transition; +import jakarta.annotation.PostConstruct; +import jakarta.servlet.http.HttpServletRequest; /** * Expression evaluator for processing {@link Transition} conditions allowing diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/DummyAuthManager.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/DummyAuthManager.java index 6d2ca67e..9240d216 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/DummyAuthManager.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/DummyAuthManager.java @@ -1,13 +1,12 @@ package at.gv.egiz.eaaf.core.impl.idp.auth; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.slo.ISloInformationContainer; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; public class DummyAuthManager extends AbstractAuthenticationManager { diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/DummyHttpClientFactory.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/DummyHttpClientFactory.java index 6aea52ac..f08d6f7a 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/DummyHttpClientFactory.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/DummyHttpClientFactory.java @@ -1,10 +1,12 @@ package at.gv.egiz.eaaf.core.impl.idp.auth; +import org.apache.hc.client5.http.impl.classic.CloseableHttpClient; + import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.impl.http.HttpClientConfiguration; import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory; -import org.apache.http.impl.client.CloseableHttpClient; + public class DummyHttpClientFactory implements IHttpClientFactory { diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/dummy/DummyDefaultErrorService.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/dummy/DummyDefaultErrorService.java index ad7e9bdc..2c1fd087 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/dummy/DummyDefaultErrorService.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/dummy/DummyDefaultErrorService.java @@ -3,8 +3,6 @@ package at.gv.egiz.eaaf.core.impl.idp.auth.dummy; import java.text.MessageFormat; import java.util.Map; -import javax.servlet.http.HttpServletRequest; - import org.springframework.beans.factory.annotation.Autowired; import at.gv.egiz.eaaf.core.api.IRequest; @@ -14,6 +12,7 @@ import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.auth.services.IErrorService; +import jakarta.servlet.http.HttpServletRequest; import lombok.Builder; import lombok.Getter; import lombok.Setter; diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/service/TicketErrorServiceTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/service/TicketErrorServiceTest.java index d30f5a95..52149fd5 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/service/TicketErrorServiceTest.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/service/TicketErrorServiceTest.java @@ -9,8 +9,6 @@ import static org.mockito.Mockito.when; import java.util.regex.Pattern; -import javax.servlet.http.HttpServletRequest; - import org.apache.commons.lang3.RandomStringUtils; import org.junit.Assert; import org.junit.Before; @@ -34,6 +32,7 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.dummy.DummyPendingRequest; import at.gv.egiz.eaaf.core.impl.idp.auth.services.IErrorService; import at.gv.egiz.eaaf.core.impl.idp.auth.services.IErrorService.LogLevel; import ch.qos.logback.classic.spi.ILoggingEvent; +import jakarta.servlet.http.HttpServletRequest; import lombok.val; @RunWith(SpringJUnit4ClassRunner.class) diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/gui/DummyGuiFormBuilder.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/gui/DummyGuiFormBuilder.java index 5e12e7bc..fdf0fc90 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/gui/DummyGuiFormBuilder.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/gui/DummyGuiFormBuilder.java @@ -1,11 +1,11 @@ package at.gv.egiz.eaaf.core.impl.idp.module.gui; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration; import at.gv.egiz.eaaf.core.api.gui.IGuiFormBuilder; import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.Getter; @Getter diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/gui/DummyVelocityGuiFormBuilder.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/gui/DummyVelocityGuiFormBuilder.java index 8fe9e2eb..4dcacf1a 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/gui/DummyVelocityGuiFormBuilder.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/gui/DummyVelocityGuiFormBuilder.java @@ -2,14 +2,13 @@ package at.gv.egiz.eaaf.core.impl.idp.module.gui; import java.io.InputStream; -import javax.servlet.http.HttpServletRequest; - import org.springframework.http.MediaType; import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration; import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration; import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; import at.gv.egiz.eaaf.core.impl.gui.AbstractVelocityGuiFormBuilderImpl; +import jakarta.servlet.http.HttpServletRequest; public class DummyVelocityGuiFormBuilder extends AbstractVelocityGuiFormBuilderImpl { diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyProtocolAuthService.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyProtocolAuthService.java index 4b07bea9..45129677 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyProtocolAuthService.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyProtocolAuthService.java @@ -2,14 +2,13 @@ package at.gv.egiz.eaaf.core.impl.idp.module.test; import java.io.IOException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.auth.services.IProtocolAuthenticationService; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; import at.gv.egiz.eaaf.core.impl.data.Pair; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.Getter; public class DummyProtocolAuthService implements IProtocolAuthenticationService { diff --git a/eaaf_core_api/pom.xml b/eaaf_core_api/pom.xml index 9a482b7e..d9910044 100644 --- a/eaaf_core_api/pom.xml +++ b/eaaf_core_api/pom.xml @@ -40,10 +40,10 @@ <groupId>org.slf4j</groupId> <artifactId>slf4j-api</artifactId> </dependency> - <dependency> - <groupId>javax.annotation</groupId> - <artifactId>javax.annotation-api</artifactId> - </dependency> + <dependency> + <groupId>jakarta.annotation</groupId> + <artifactId>jakarta.annotation-api</artifactId> + </dependency> <dependency> <groupId>com.google.code.findbugs</groupId> <artifactId>jsr305</artifactId> diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiFormBuilder.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiFormBuilder.java index 09c4a8b3..50693d38 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiFormBuilder.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/gui/IGuiFormBuilder.java @@ -19,10 +19,10 @@ package at.gv.egiz.eaaf.core.api.gui; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; /** * Builder to generate HTML GUIs. diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java index 9a057801..308d88f2 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAction.java @@ -19,12 +19,12 @@ package at.gv.egiz.eaaf.core.api.idp; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface; import at.gv.egiz.eaaf.core.exceptions.EaafException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; /** * Basic interface of a specific operation that is requested by an diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java index 4834f15e..ed602382 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/IModulInfo.java @@ -19,10 +19,10 @@ package at.gv.egiz.eaaf.core.api.idp; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import at.gv.egiz.eaaf.core.api.IRequest; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; /** * Basic interface of an authentication protocol implementation on IDP side. diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java index c72c5b6f..76443a03 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/IAuthenticationManager.java @@ -19,12 +19,11 @@ package at.gv.egiz.eaaf.core.api.idp.auth; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.slo.ISloInformationContainer; import at.gv.egiz.eaaf.core.exceptions.EaafException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; public interface IAuthenticationManager { diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java index f0d6cfca..b110c680 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/ISsoManager.java @@ -19,12 +19,12 @@ package at.gv.egiz.eaaf.core.api.idp.auth; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface; import at.gv.egiz.eaaf.core.exceptions.EaafSsoException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; public interface ISsoManager { diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java index 8def4e32..08ef2457 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java @@ -22,14 +22,14 @@ package at.gv.egiz.eaaf.core.api.idp.auth.services; import java.io.IOException; import javax.annotation.Nonnull; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.logging.IStatisticLogger; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; import at.gv.egiz.eaaf.core.impl.data.Pair; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; public interface IProtocolAuthenticationService { diff --git a/eaaf_core_utils/pom.xml b/eaaf_core_utils/pom.xml index 103e8b13..8d8bd116 100644 --- a/eaaf_core_utils/pom.xml +++ b/eaaf_core_utils/pom.xml @@ -65,12 +65,8 @@ <artifactId>commons-lang3</artifactId> </dependency> <dependency> - <groupId>org.apache.httpcomponents</groupId> - <artifactId>httpclient</artifactId> - </dependency> - <dependency> - <groupId>org.apache.httpcomponents</groupId> - <artifactId>httpcore</artifactId> + <groupId>org.apache.httpcomponents.client5</groupId> + <artifactId>httpclient5</artifactId> </dependency> <dependency> <groupId>com.google.code.findbugs</groupId> diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java index 0ecdcc92..673a373d 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java @@ -23,9 +23,6 @@ import java.security.cert.X509Certificate; import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec; -import javax.annotation.Nonnull; -import javax.annotation.Nullable; -import javax.annotation.PostConstruct; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.PBEKeySpec; @@ -46,6 +43,9 @@ import at.gv.egiz.eaaf.core.impl.credential.inline.InlineKeyStoreParser; import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.utils.FileUtils; import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils; +import jakarta.annotation.Nonnull; +import jakarta.annotation.Nullable; +import jakarta.annotation.PostConstruct; import lombok.extern.slf4j.Slf4j; @Slf4j diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafHttpRequestRetryHandler.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafHttpRequestRetryHandler.java index 3aa908e8..026b76c4 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafHttpRequestRetryHandler.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafHttpRequestRetryHandler.java @@ -5,12 +5,13 @@ import java.util.Arrays; import javax.net.ssl.SSLException; -import org.apache.http.client.HttpRequestRetryHandler; -import org.apache.http.impl.client.DefaultHttpRequestRetryHandler; +import org.apache.hc.client5.http.HttpRequestRetryStrategy; +import org.apache.hc.client5.http.impl.DefaultHttpRequestRetryStrategy; +import org.apache.hc.core5.util.TimeValue; + +public class EaafHttpRequestRetryHandler extends DefaultHttpRequestRetryStrategy implements + HttpRequestRetryStrategy { -public class EaafHttpRequestRetryHandler extends DefaultHttpRequestRetryHandler implements - HttpRequestRetryHandler { - /** * Create the request retry handler using the following list of non-retriable. * IOException classes: <br> @@ -18,16 +19,22 @@ public class EaafHttpRequestRetryHandler extends DefaultHttpRequestRetryHandler * <li>UnknownHostException</li> * <li>SSLException</li> * </ul> - * - * @param retryCount how many times to retry; 0 means no retries - * @param requestSentRetryEnabled true if it's OK to retry non-idempotent - * requests that have been sent + * HTTP StatusCodes: + * <ul> + * <li>429</li> + * <li>502</li> + * </ul> + * After two seconds if no {@code Retry-After} header was set. + * + * @param retryCount how many times to retry; 0 means no retries */ - public EaafHttpRequestRetryHandler(final int retryCount, final boolean requestSentRetryEnabled) { - super(retryCount, requestSentRetryEnabled, Arrays.asList( - UnknownHostException.class, - SSLException.class)); - + public EaafHttpRequestRetryHandler(final int retryCount) { + super(retryCount, TimeValue.ofSeconds(2), + Arrays.asList( + UnknownHostException.class, + SSLException.class), + Arrays.asList(429, 502)); + } - + } diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafSslContextBuilder.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafSslContextBuilder.java index 1cd739de..d311982a 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafSslContextBuilder.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafSslContextBuilder.java @@ -29,10 +29,10 @@ import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509ExtendedKeyManager; import javax.net.ssl.X509TrustManager; -import org.apache.http.ssl.PrivateKeyDetails; -import org.apache.http.ssl.PrivateKeyStrategy; -import org.apache.http.ssl.SSLContextBuilder; -import org.apache.http.ssl.TrustStrategy; +import org.apache.hc.core5.ssl.PrivateKeyDetails; +import org.apache.hc.core5.ssl.PrivateKeyStrategy; +import org.apache.hc.core5.ssl.SSLContextBuilder; +import org.apache.hc.core5.ssl.TrustStrategy; import org.bouncycastle.jsse.provider.BouncyCastleJsseProvider; /** @@ -380,7 +380,7 @@ public class EaafSslContextBuilder { public String chooseClientAlias( final String[] keyTypes, final Principal[] issuers, final Socket socket) { final Map<String, PrivateKeyDetails> validAliases = getClientAliasMap(keyTypes, issuers); - return this.aliasStrategy.chooseAlias(validAliases, socket); + return this.aliasStrategy.chooseAlias(validAliases, null); } @Override @@ -393,7 +393,7 @@ public class EaafSslContextBuilder { public String chooseServerAlias( final String keyType, final Principal[] issuers, final Socket socket) { final Map<String, PrivateKeyDetails> validAliases = getServerAliasMap(keyType, issuers); - return this.aliasStrategy.chooseAlias(validAliases, socket); + return this.aliasStrategy.chooseAlias(validAliases, null); } @Override diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafSslKeySelectionStrategy.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafSslKeySelectionStrategy.java index 3918c94e..f9f2f43d 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafSslKeySelectionStrategy.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/EaafSslKeySelectionStrategy.java @@ -1,11 +1,12 @@ package at.gv.egiz.eaaf.core.impl.http; -import java.net.Socket; import java.util.Map; +import javax.net.ssl.SSLParameters; + import org.apache.commons.lang3.StringUtils; -import org.apache.http.ssl.PrivateKeyDetails; -import org.apache.http.ssl.PrivateKeyStrategy; +import org.apache.hc.core5.ssl.PrivateKeyDetails; +import org.apache.hc.core5.ssl.PrivateKeyStrategy; import lombok.extern.slf4j.Slf4j; @@ -31,7 +32,7 @@ public class EaafSslKeySelectionStrategy implements PrivateKeyStrategy { } @Override - public String chooseAlias(Map<String, PrivateKeyDetails> aliases, Socket socket) { + public String chooseAlias(Map<String, PrivateKeyDetails> aliases, SSLParameters sslParameters) { log.trace("Selection SSL client-auth key for alias: {}", keyAlias); if (aliases.keySet().isEmpty()) { log.debug("No Key with Alias: {} in empty KeyStore", keyAlias); diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientConfiguration.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientConfiguration.java index c189ff74..4d808f2b 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientConfiguration.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientConfiguration.java @@ -7,8 +7,8 @@ import java.util.UUID; import javax.annotation.Nonnull; import org.apache.commons.lang3.StringUtils; -import org.apache.http.HttpRequestInterceptor; -import org.apache.http.client.ServiceUnavailableRetryStrategy; +import org.apache.hc.client5.http.HttpRequestRetryStrategy; +import org.apache.hc.core5.http.HttpRequestInterceptor; import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration; @@ -67,9 +67,6 @@ public class HttpClientConfiguration { private int httpErrorRetryCount = 3; @Setter - private boolean httpErrorRetryPost = false; - - @Setter private int connectTimeout = -1; @Setter @@ -79,7 +76,7 @@ public class HttpClientConfiguration { private int socketTimeout = -1; @Setter - private ServiceUnavailableRetryStrategy serviceUnavailStrategy = null; + private HttpRequestRetryStrategy serviceUnavailStrategy = null; /** * List of {@link HttpRequestInterceptor} that are added first to HTTP client. diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java index f2955482..715b0c96 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java @@ -1,10 +1,10 @@ package at.gv.egiz.eaaf.core.impl.http; +import java.net.URI; import java.security.KeyStore; import java.security.Provider; import java.util.HashMap; import java.util.Map; -import java.util.Map.Entry; import java.util.concurrent.TimeUnit; import javax.annotation.Nonnull; @@ -13,35 +13,34 @@ import javax.net.ssl.HostnameVerifier; import javax.net.ssl.SSLContext; import org.apache.commons.lang3.StringUtils; -import org.apache.http.HttpRequest; -import org.apache.http.HttpResponse; -import org.apache.http.ProtocolException; -import org.apache.http.auth.AuthScope; -import org.apache.http.auth.UsernamePasswordCredentials; -import org.apache.http.client.CredentialsProvider; -import org.apache.http.client.RedirectStrategy; -import org.apache.http.client.config.RequestConfig; -import org.apache.http.client.methods.HttpUriRequest; -import org.apache.http.config.Registry; -import org.apache.http.config.RegistryBuilder; -import org.apache.http.config.SocketConfig; -import org.apache.http.conn.HttpClientConnectionManager; -import org.apache.http.conn.socket.ConnectionSocketFactory; -import org.apache.http.conn.socket.LayeredConnectionSocketFactory; -import org.apache.http.conn.socket.PlainConnectionSocketFactory; -import org.apache.http.conn.ssl.NoopHostnameVerifier; -import org.apache.http.conn.ssl.SSLConnectionSocketFactory; -import org.apache.http.impl.client.BasicCredentialsProvider; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.DefaultRedirectStrategy; -import org.apache.http.impl.client.HttpClientBuilder; -import org.apache.http.impl.client.HttpClients; -import org.apache.http.impl.conn.BasicHttpClientConnectionManager; -import org.apache.http.impl.conn.PoolingHttpClientConnectionManager; -import org.apache.http.protocol.HttpContext; -import org.apache.http.ssl.SSLContexts; +import org.apache.hc.client5.http.auth.AuthScope; +import org.apache.hc.client5.http.auth.UsernamePasswordCredentials; +import org.apache.hc.client5.http.config.ConnectionConfig; +import org.apache.hc.client5.http.config.RequestConfig; +import org.apache.hc.client5.http.impl.DefaultRedirectStrategy; +import org.apache.hc.client5.http.impl.auth.BasicCredentialsProvider; +import org.apache.hc.client5.http.impl.classic.CloseableHttpClient; +import org.apache.hc.client5.http.impl.classic.HttpClientBuilder; +import org.apache.hc.client5.http.impl.classic.HttpClients; +import org.apache.hc.client5.http.impl.io.BasicHttpClientConnectionManager; +import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager; +import org.apache.hc.client5.http.io.HttpClientConnectionManager; +import org.apache.hc.client5.http.protocol.RedirectStrategy; +import org.apache.hc.client5.http.socket.ConnectionSocketFactory; +import org.apache.hc.client5.http.socket.LayeredConnectionSocketFactory; +import org.apache.hc.client5.http.socket.PlainConnectionSocketFactory; +import org.apache.hc.client5.http.ssl.NoopHostnameVerifier; +import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory; +import org.apache.hc.core5.http.HttpException; +import org.apache.hc.core5.http.HttpRequest; +import org.apache.hc.core5.http.HttpResponse; +import org.apache.hc.core5.http.config.Registry; +import org.apache.hc.core5.http.config.RegistryBuilder; +import org.apache.hc.core5.http.io.SocketConfig; +import org.apache.hc.core5.http.protocol.HttpContext; +import org.apache.hc.core5.ssl.SSLContexts; +import org.apache.hc.core5.util.TimeValue; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.scheduling.annotation.Scheduled; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; @@ -74,8 +73,6 @@ public class HttpClientFactory implements IHttpClientFactory { "client.http.connection.timeout.request"; public static final String PROP_CONFIG_CLIENT_HTTP_CONNECTION_RETRY_COUNT = "client.http.connection.retry.count"; - public static final String PROP_CONFIG_CLIENT_HTTP_CONNECTION_RETRY_POST = - "client.http.connection.retry.post"; public static final String PROP_CONFIG_CLIENT_HTTP_SSL_HOSTNAMEVERIFIER_TRUSTALL = "client.http.ssl.hostnameverifier.trustall"; @@ -102,15 +99,13 @@ public class HttpClientFactory implements IHttpClientFactory { public static final String DEFAULT_CONFIG_CLIENT_HTTP_CONNECTION_POOL_MAXTOTAL = "500"; public static final String DEFAULT_CONFIG_CLIENT_HTTP_CONNECTION_POOL_MAXPERROUTE = "100"; public static final String DEFAULT_CONFIG_CLIENT_HTTP_CONNECTION_RETRY_COUNT = "3"; - public static final String DEFAUTL_CONFIG_CLIENT_HTTP_CONNECTION_RETRY_POST = String.valueOf(false); public static final int DEFAULT_CLEANUP_RUNNER_TIME = 30000; public static final int DEFAULT_CLEANUP_IDLE_TIME = 60; - - + private String defaultConfigurationId = null; - private final Map<String, Pair<HttpClientBuilder, HttpClientConnectionManager>> - availableBuilders = new HashMap<>(); + private final Map<String, Pair<HttpClientBuilder, HttpClientConnectionManager>> availableBuilders = + new HashMap<>(); /* * (non-Javadoc) @@ -156,17 +151,21 @@ public class HttpClientFactory implements IHttpClientFactory { final LayeredConnectionSocketFactory sslConnectionFactory = getSslContext(config); // set pool connection if required - HttpClientConnectionManager connectionManager - = injectConnectionManager(builder, sslConnectionFactory); + final HttpClientConnectionManager connectionManager = injectConnectionManager(builder, + sslConnectionFactory); + + // set evication for connection pool + builder.evictExpiredConnections(); + builder.evictIdleConnections(TimeValue.ofSeconds(DEFAULT_CLEANUP_IDLE_TIME)); - // set interceptor + // set interceptor if (config.getMessageInterceptors() != null) { for (int i = config.getMessageInterceptors().size() - 1; i >= 0; i--) { - builder.addInterceptorFirst(config.getMessageInterceptors().get(i)); - - } + builder.addRequestInterceptorFirst(config.getMessageInterceptors().get(i)); + + } } - + availableBuilders.put(config.getUuid(), Pair.newInstance(builder, connectionManager)); } @@ -176,38 +175,17 @@ public class HttpClientFactory implements IHttpClientFactory { } - /** - * Worker that closes expired connections or connections that in idle - * for more than DEFAULT_CLEANUP_IDLE_TIME seconds. - * - */ - @Scheduled(fixedDelay = DEFAULT_CLEANUP_RUNNER_TIME) - private void httpConnectionPoolCleaner() { - log.trace("Starting http connection-pool eviction policy ... "); - for (final Entry<String, Pair<HttpClientBuilder, HttpClientConnectionManager>> el - : availableBuilders.entrySet()) { - log.trace("Checking connections of http-client: {}", el.getKey()); - el.getValue().getSecond().closeExpiredConnections(); - el.getValue().getSecond().closeIdleConnections(DEFAULT_CLEANUP_IDLE_TIME, TimeUnit.SECONDS); - - } - - } - private void injectInternalRetryHandler(HttpClientBuilder builder, HttpClientConfiguration config) { - if (config.getHttpErrorRetryCount() > 0) { + if (config.getServiceUnavailStrategy() != null) { + log.debug("HttpClient configuration: {} set custom ServiceUnavailableRetryStrategy: {}", + config.getFriendlyName(), config.getServiceUnavailStrategy().getClass().getName()); + builder.setRetryStrategy(config.getServiceUnavailStrategy()); + + } else if (config.getHttpErrorRetryCount() > 0) { log.info("Set HTTP error-retry to {} for http-client: {}", config.getHttpErrorRetryCount(), config.getFriendlyName()); - builder.setRetryHandler(new EaafHttpRequestRetryHandler( - config.getHttpErrorRetryCount(), - config.isHttpErrorRetryPost())); - - if (config.getServiceUnavailStrategy() != null) { - log.debug("HttpClient configuration: {} set custom ServiceUnavailableRetryStrategy: {}", - config.getFriendlyName(), config.getServiceUnavailStrategy().getClass().getName()); - builder.setServiceUnavailableRetryStrategy(config.getServiceUnavailStrategy()); - - } + builder.setRetryStrategy(new EaafHttpRequestRetryHandler( + config.getHttpErrorRetryCount())); } else { log.info("Disable HTTP error-retry for http-client: {}", config.getFriendlyName()); @@ -237,12 +215,12 @@ public class HttpClientFactory implements IHttpClientFactory { getSslContext(defaultHttpClientConfig); // set pool connection if required - HttpClientConnectionManager connectionManager - = injectConnectionManager(defaultHttpClientBuilder, sslConnectionFactory); + final HttpClientConnectionManager connectionManager = injectConnectionManager(defaultHttpClientBuilder, + sslConnectionFactory); // set default http client builder defaultConfigurationId = defaultHttpClientConfig.getUuid(); - availableBuilders.put(defaultConfigurationId, + availableBuilders.put(defaultConfigurationId, Pair.newInstance(defaultHttpClientBuilder, connectionManager)); } @@ -281,9 +259,6 @@ public class HttpClientFactory implements IHttpClientFactory { config.setHttpErrorRetryCount(Integer.parseInt(basicConfig.getBasicConfiguration( PROP_CONFIG_CLIENT_HTTP_CONNECTION_RETRY_COUNT, DEFAULT_CONFIG_CLIENT_HTTP_CONNECTION_RETRY_COUNT))); - config.setHttpErrorRetryPost(Boolean.parseBoolean(basicConfig.getBasicConfiguration( - PROP_CONFIG_CLIENT_HTTP_CONNECTION_RETRY_POST, - DEFAUTL_CONFIG_CLIENT_HTTP_CONNECTION_RETRY_POST))); // validate configuration object config.validate(); @@ -294,25 +269,29 @@ public class HttpClientFactory implements IHttpClientFactory { private void injectBasicAuthenticationIfRequired(HttpClientBuilder builder, final HttpClientConfiguration httpClientConfig) { if (httpClientConfig.getAuthMode().equals(HttpClientConfiguration.ClientAuthMode.PASSWORD)) { - final CredentialsProvider provider = new BasicCredentialsProvider(); + final BasicCredentialsProvider provider = new BasicCredentialsProvider(); log.trace("Injecting basic authentication with username: {} and password: {}", httpClientConfig.getUsername(), httpClientConfig.getPassword()); + final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials( - httpClientConfig.getUsername(), httpClientConfig.getPassword()); + httpClientConfig.getUsername(), + httpClientConfig.getPassword() != null + ? httpClientConfig.getPassword().toCharArray() + : "".toCharArray()); - final AuthScope scope = new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM); + final AuthScope scope = new AuthScope(null, null, -1, null, null); provider.setCredentials(scope, credentials); builder.setDefaultCredentialsProvider(provider); log.info("Basic http authentication was injected with username: {}", httpClientConfig.getUsername()); if (httpClientConfig.isEnablePreEmptiveHttpBasicAuth()) { - log.info("Inject pre-emptive HTTP Basic-Auth interceptor for client: {}", + log.info("Inject pre-emptive HTTP Basic-Auth interceptor for client: {}", httpClientConfig.getFriendlyName()); - builder.addInterceptorFirst(new PreemptiveAuthInterceptor()); - + builder.addRequestInterceptorFirst(new PreemptiveAuthInterceptor()); + } - + } else { log.trace("Injection of Http Basic authentication was skipped"); @@ -360,50 +339,49 @@ public class HttpClientFactory implements IHttpClientFactory { HttpClientBuilder builder, final LayeredConnectionSocketFactory sslConnectionFactory) { if (basicConfig.getBasicConfigurationBoolean(PROP_CONFIG_CLIENT_HTTP_CONNECTION_POOL_USE, true)) { - PoolingHttpClientConnectionManager connectionPool - = new PoolingHttpClientConnectionManager(getDefaultRegistry(sslConnectionFactory)); + final PoolingHttpClientConnectionManager connectionPool = new PoolingHttpClientConnectionManager( + getDefaultRegistry(sslConnectionFactory)); connectionPool.setDefaultMaxPerRoute(Integer.parseInt( basicConfig.getBasicConfiguration(PROP_CONFIG_CLIENT_HTTP_CONNECTION_POOL_MAXPERROUTE, DEFAULT_CONFIG_CLIENT_HTTP_CONNECTION_POOL_MAXPERROUTE))); connectionPool.setMaxTotal(Integer.parseInt( basicConfig.getBasicConfiguration(PROP_CONFIG_CLIENT_HTTP_CONNECTION_POOL_MAXTOTAL, DEFAULT_CONFIG_CLIENT_HTTP_CONNECTION_POOL_MAXTOTAL))); - connectionPool.setDefaultSocketConfig(SocketConfig.custom().setSoTimeout(Integer.parseInt( - basicConfig.getBasicConfiguration(PROP_CONFIG_CLIENT_HTTP_CONNECTION_TIMEOUT_SOCKET, - DEFAULT_CONFIG_CLIENT_HTTP_CONNECTION_TIMEOUT_SOCKET)) - * 1000).build()); + connectionPool.setDefaultSocketConfig(SocketConfig.custom().setSoTimeout( + Integer.parseInt( + basicConfig.getBasicConfiguration( + PROP_CONFIG_CLIENT_HTTP_CONNECTION_TIMEOUT_SOCKET, + DEFAULT_CONFIG_CLIENT_HTTP_CONNECTION_TIMEOUT_SOCKET)), TimeUnit.SECONDS).build()); + connectionPool.setDefaultConnectionConfig(ConnectionConfig.custom() + .setConnectTimeout( + Long.parseLong(basicConfig.getBasicConfiguration( + PROP_CONFIG_CLIENT_HTTP_CONNECTION_TIMEOUT_CONNECTION, + DEFAULT_CONFIG_CLIENT_HTTP_CONNECTION_TIMEOUT_CONNECTION)), TimeUnit.SECONDS) + .build()); + builder.setConnectionManager(connectionPool); - log.debug("Initalize http-client pool with, maxTotal: {} maxPerRoute: {}", + log.debug("Initalize http-client pool with, maxTotal: {} maxPerRoute: {}", connectionPool.getMaxTotal(), connectionPool.getDefaultMaxPerRoute()); return connectionPool; - + } else { log.debug("Building http-client without Connection-Pool ... "); final BasicHttpClientConnectionManager basicPool = new BasicHttpClientConnectionManager( - getDefaultRegistry(sslConnectionFactory)); - builder.setConnectionManager(basicPool); + getDefaultRegistry(sslConnectionFactory)); + builder.setConnectionManager(basicPool); return basicPool; - + } - + } private RequestConfig buildDefaultRequestConfig(HttpClientConfiguration config) { final RequestConfig requestConfig = RequestConfig.custom() - .setConnectTimeout(selectTimeoutFromConfig(config.getConnectTimeout(), - Integer.parseInt(basicConfig.getBasicConfiguration( - PROP_CONFIG_CLIENT_HTTP_CONNECTION_TIMEOUT_CONNECTION, - DEFAULT_CONFIG_CLIENT_HTTP_CONNECTION_TIMEOUT_CONNECTION)) * 1000)) .setConnectionRequestTimeout(selectTimeoutFromConfig(config.getConnectionRequestTimeout(), Integer.parseInt(basicConfig.getBasicConfiguration( - PROP_CONFIG_CLIENT_HTTP_CONNECTION_TIMEOUT_REQUEST, - DEFAULT_CONFIG_CLIENT_HTTP_CONNECTION_TIMEOUT_REQUEST)) * 1000)) - .setSocketTimeout(selectTimeoutFromConfig(config.getSocketTimeout(), - Integer.parseInt(basicConfig.getBasicConfiguration( - PROP_CONFIG_CLIENT_HTTP_CONNECTION_TIMEOUT_SOCKET, - DEFAULT_CONFIG_CLIENT_HTTP_CONNECTION_TIMEOUT_SOCKET)) - * 1000)) + PROP_CONFIG_CLIENT_HTTP_CONNECTION_TIMEOUT_REQUEST, + DEFAULT_CONFIG_CLIENT_HTTP_CONNECTION_TIMEOUT_REQUEST))), TimeUnit.SECONDS) .build(); return requestConfig; @@ -420,14 +398,14 @@ public class HttpClientFactory implements IHttpClientFactory { redirectStrategy = new RedirectStrategy() { @Override - public boolean isRedirected(final HttpRequest request, final HttpResponse response, - final HttpContext context) throws ProtocolException { + public boolean isRedirected(HttpRequest request, HttpResponse response, HttpContext context) + throws HttpException { return false; } @Override - public HttpUriRequest getRedirect(final HttpRequest request, final HttpResponse response, - final HttpContext context) throws ProtocolException { + public URI getLocationURI(HttpRequest request, HttpResponse response, HttpContext context) + throws HttpException { return null; } }; @@ -435,7 +413,7 @@ public class HttpClientFactory implements IHttpClientFactory { return redirectStrategy; } - + private static Registry<ConnectionSocketFactory> getDefaultRegistry( final LayeredConnectionSocketFactory sslConnectionFactory) { final RegistryBuilder<ConnectionSocketFactory> builder = diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java index dd6f69ee..caa73e04 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java @@ -31,24 +31,25 @@ import java.security.UnrecoverableKeyException; import javax.annotation.Nonnull; import javax.annotation.Nullable; import javax.net.ssl.SSLContext; -import javax.servlet.http.HttpServletRequest; import org.apache.commons.lang3.StringUtils; -import org.apache.http.HttpRequest; -import org.apache.http.HttpResponse; -import org.apache.http.StatusLine; -import org.apache.http.client.ClientProtocolException; -import org.apache.http.client.ResponseHandler; -import org.apache.http.conn.ssl.TrustAllStrategy; -import org.apache.http.entity.ContentType; -import org.apache.http.ssl.TrustStrategy; -import org.apache.http.util.EntityUtils; +import org.apache.hc.client5.http.ClientProtocolException; +import org.apache.hc.client5.http.ssl.TrustAllStrategy; +import org.apache.hc.core5.http.ClassicHttpResponse; +import org.apache.hc.core5.http.ContentType; +import org.apache.hc.core5.http.HttpException; +import org.apache.hc.core5.http.HttpRequest; +import org.apache.hc.core5.http.io.HttpClientResponseHandler; +import org.apache.hc.core5.http.io.entity.EntityUtils; +import org.apache.hc.core5.http.message.StatusLine; +import org.apache.hc.core5.ssl.TrustStrategy; import org.bouncycastle.jsse.provider.BouncyCastleJsseProvider; import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException; import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.data.Triple; +import jakarta.servlet.http.HttpServletRequest; import lombok.NonNull; import lombok.extern.slf4j.Slf4j; @@ -62,13 +63,13 @@ public class HttpUtils { * * @return Status-Code of http response */ - public static ResponseHandler<StatusLine> simpleStatusCodeResponseHandler() { - return new ResponseHandler<StatusLine>() { + public static HttpClientResponseHandler<StatusLine> simpleStatusCodeResponseHandler() { + return new HttpClientResponseHandler<StatusLine>() { + @Override - public StatusLine handleResponse(HttpResponse response) throws ClientProtocolException, IOException { + public StatusLine handleResponse(ClassicHttpResponse response) throws HttpException, IOException { EntityUtils.consumeQuietly(response.getEntity()); - return response.getStatusLine(); - + return new StatusLine(response); } }; } @@ -80,15 +81,17 @@ public class HttpUtils { * @return {@link Triple} of http response {@link StatusLine}, http body as {@link InputStream}, * and {@link ContentType} */ - public static ResponseHandler<Triple<StatusLine, ByteArrayInputStream, ContentType>> + public static HttpClientResponseHandler<Triple<StatusLine, ByteArrayInputStream, ContentType>> bodyStatusCodeResponseHandler() { - return new ResponseHandler<Triple<StatusLine, ByteArrayInputStream, ContentType>>() { + return new HttpClientResponseHandler<Triple<StatusLine, ByteArrayInputStream, ContentType>>() { @Override - public Triple<StatusLine, ByteArrayInputStream, ContentType> handleResponse(HttpResponse response) + public Triple<StatusLine, ByteArrayInputStream, ContentType> handleResponse( + ClassicHttpResponse response) throws ClientProtocolException, IOException { byte[] bodyBytes = EntityUtils.toByteArray(response.getEntity()); - return Triple.newInstance(response.getStatusLine(), new ByteArrayInputStream(bodyBytes), - ContentType.getOrDefault(response.getEntity())); + + return Triple.newInstance(new StatusLine(response), new ByteArrayInputStream(bodyBytes), + ContentType.parse(response.getEntity().getContentType())); } }; diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/IHttpClientFactory.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/IHttpClientFactory.java index 4e8374e1..232006d8 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/IHttpClientFactory.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/IHttpClientFactory.java @@ -2,7 +2,7 @@ package at.gv.egiz.eaaf.core.impl.http; import javax.annotation.Nonnull; -import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.hc.client5.http.impl.classic.CloseableHttpClient; import at.gv.egiz.eaaf.core.exceptions.EaafException; diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/interceptor/PreemptiveAuthInterceptor.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/interceptor/PreemptiveAuthInterceptor.java index 5edc8cac..ac8c2312 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/interceptor/PreemptiveAuthInterceptor.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/interceptor/PreemptiveAuthInterceptor.java @@ -2,18 +2,19 @@ package at.gv.egiz.eaaf.core.impl.http.interceptor; import java.io.IOException; -import org.apache.http.HttpException; -import org.apache.http.HttpHost; -import org.apache.http.HttpRequest; -import org.apache.http.HttpRequestInterceptor; -import org.apache.http.auth.AuthScope; -import org.apache.http.auth.AuthState; -import org.apache.http.auth.Credentials; -import org.apache.http.client.CredentialsProvider; -import org.apache.http.client.protocol.HttpClientContext; -import org.apache.http.impl.auth.BasicScheme; -import org.apache.http.protocol.HttpContext; -import org.apache.http.protocol.HttpCoreContext; +import org.apache.hc.client5.http.auth.AuthExchange; +import org.apache.hc.client5.http.auth.AuthScope; +import org.apache.hc.client5.http.auth.Credentials; +import org.apache.hc.client5.http.auth.CredentialsProvider; +import org.apache.hc.client5.http.impl.auth.BasicScheme; +import org.apache.hc.client5.http.protocol.HttpClientContext; +import org.apache.hc.core5.http.EntityDetails; +import org.apache.hc.core5.http.HttpException; +import org.apache.hc.core5.http.HttpHeaders; +import org.apache.hc.core5.http.HttpHost; +import org.apache.hc.core5.http.HttpRequest; +import org.apache.hc.core5.http.HttpRequestInterceptor; +import org.apache.hc.core5.http.protocol.HttpContext; import lombok.extern.slf4j.Slf4j; @@ -27,29 +28,35 @@ import lombok.extern.slf4j.Slf4j; public class PreemptiveAuthInterceptor implements HttpRequestInterceptor { @Override - public void process(HttpRequest request, HttpContext context) throws HttpException, IOException { - final AuthState authState = (AuthState) context.getAttribute(HttpClientContext.TARGET_AUTH_STATE); + public void process(HttpRequest request, EntityDetails entity, HttpContext context) throws HttpException, + IOException { + log.trace("Executing {}", PreemptiveAuthInterceptor.class.getSimpleName()); + // final AuthState authState = (AuthState) + // context.getAttribute(HttpClientContext.TARGET_AUTH_STATE); + + HttpHost targetHost = ((HttpClientContext) context).getHttpRoute().getTargetHost(); + AuthExchange authState = ((HttpClientContext) context).getAuthExchange(targetHost); // If no auth scheme available yet, try to initialize it // preemptively if (authState.getAuthScheme() == null) { - final CredentialsProvider credentialsProvider = - (CredentialsProvider) context.getAttribute(HttpClientContext.CREDS_PROVIDER); - final HttpHost targetHost = (HttpHost) context.getAttribute(HttpCoreContext.HTTP_TARGET_HOST); - + final CredentialsProvider credentialsProvider = ((HttpClientContext) context).getCredentialsProvider(); + final Credentials credentials = credentialsProvider.getCredentials( - new AuthScope(targetHost.getHostName(), targetHost.getPort())); + new AuthScope(targetHost.getHostName(), targetHost.getPort()), + context); if (credentials == null) { log.warn("Find HTTP credential-provider but not credential matches. " + "Use it as it is and looking what happend"); - + } else { log.trace("Updating HTTP basic-auth state to pre-emptive credentials ... "); - authState.update(new BasicScheme(), credentials); - - } + BasicScheme basicAuthSchema = new BasicScheme(); + basicAuthSchema.initPreemptive(credentials); + request.setHeader(HttpHeaders.AUTHORIZATION, + basicAuthSchema.generateAuthResponse(targetHost, request, context)); + + } } - } - } diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/Random.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/Random.java index aedbbb7f..6c0a288f 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/Random.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/Random.java @@ -19,16 +19,16 @@ package at.gv.egiz.eaaf.core.impl.utils; -import java.io.UnsupportedEncodingException; import java.nio.ByteBuffer; +import java.nio.charset.StandardCharsets; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.text.DateFormat; import java.text.SimpleDateFormat; import java.util.Date; -import org.apache.commons.codec.binary.Hex; import org.apache.commons.lang3.ArrayUtils; +import org.apache.hc.client5.http.utils.Hex; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -83,19 +83,14 @@ public class Random { // generate ID String returnValue; - try { - returnValue = preFix + new String(Hex.encodeHex(ArrayUtils.addAll(now.getBytes("UTF-8"), randValue))); - - // 20 bytes = 160 bits - if (returnValue.length() > 40) { - return returnValue.substring(0, 40); - } else { - return returnValue; - } - - } catch (final UnsupportedEncodingException e) { - throw new RuntimeException(e); - + returnValue = preFix + new String(Hex.encodeHexString( + ArrayUtils.addAll(now.getBytes(StandardCharsets.UTF_8), randValue))); + + // 20 bytes = 160 bits + if (returnValue.length() > 40) { + return returnValue.substring(0, 40); + } else { + return returnValue; } } @@ -106,7 +101,7 @@ public class Random { * @return random hex encoded value [256bit] */ public static String nextHexRandom32() { - return new String(Hex.encodeHex(nextByteRandom(32))); // 32 bytes = 256 bits + return new String(Hex.encodeHexString(nextByteRandom(32))); // 32 bytes = 256 bits } @@ -116,7 +111,7 @@ public class Random { * @return random hex encoded value [128bit] */ public static String nextHexRandom16() { - return new String(Hex.encodeHex(nextByteRandom(16))); // 16 bytes = 128 bits + return new String(Hex.encodeHexString(nextByteRandom(16))); // 16 bytes = 128 bits } diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/ServletUtils.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/ServletUtils.java index c8865465..cf044d43 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/ServletUtils.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/ServletUtils.java @@ -19,7 +19,7 @@ package at.gv.egiz.eaaf.core.impl.utils; -import javax.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletRequest; public class ServletUtils { diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryProdHostTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryProdHostTest.java index 3d7ede90..170ddff9 100644 --- a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryProdHostTest.java +++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryProdHostTest.java @@ -11,12 +11,13 @@ import java.security.UnrecoverableKeyException; import java.security.cert.CertificateEncodingException; import org.apache.commons.lang3.RandomStringUtils; -import org.apache.http.client.ClientProtocolException; -import org.apache.http.client.methods.CloseableHttpResponse; -import org.apache.http.client.methods.HttpGet; -import org.apache.http.client.methods.HttpUriRequest; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.util.EntityUtils; +import org.apache.hc.client5.http.ClientProtocolException; +import org.apache.hc.client5.http.classic.methods.HttpGet; +import org.apache.hc.client5.http.classic.methods.HttpUriRequest; +import org.apache.hc.client5.http.impl.classic.CloseableHttpClient; +import org.apache.hc.client5.http.impl.classic.CloseableHttpResponse; +import org.apache.hc.core5.http.ParseException; +import org.apache.hc.core5.http.io.entity.EntityUtils; import org.bouncycastle.jsse.provider.BouncyCastleJsseProvider; import org.junit.Assert; import org.junit.Before; @@ -73,7 +74,7 @@ public class HttpClientFactoryProdHostTest { @DirtiesContext(methodMode = MethodMode.BEFORE_METHOD) public void getCustomClientX509AuthWithHsmFacadeTrustStore() throws EaafException, ClientProtocolException, IOException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, - CertificateEncodingException { + CertificateEncodingException, ParseException { System.setProperty("javax.net.debug", "ssl:handshake"); final HttpClientConfiguration clientConfig = new HttpClientConfiguration( @@ -89,7 +90,7 @@ public class HttpClientFactoryProdHostTest { //perform test request final HttpUriRequest httpGet3 = new HttpGet("https://vollmachten.egiz.gv.at/mms-eid-test/services/GetMandatesService?wsdl"); final CloseableHttpResponse httpResp3 = client.execute(httpGet3); - Assert.assertEquals("http statusCode", 200, httpResp3.getStatusLine().getStatusCode()); + Assert.assertEquals("http statusCode", 200, httpResp3.getCode()); String body = EntityUtils.toString(httpResp3.getEntity()); assertFalse("no http body", body.isEmpty()); assertTrue("no WSDL", body.contains("name=\"GetMandatesOperation\"")); diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java index 7f3982be..269c516e 100644 --- a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java +++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/http/HttpClientFactoryTest.java @@ -18,14 +18,14 @@ import java.security.UnrecoverableKeyException; import java.security.cert.X509Certificate; import org.apache.commons.lang3.RandomStringUtils; -import org.apache.http.StatusLine; -import org.apache.http.client.ClientProtocolException; -import org.apache.http.client.methods.CloseableHttpResponse; -import org.apache.http.client.methods.HttpGet; -import org.apache.http.client.methods.HttpPost; -import org.apache.http.client.methods.HttpUriRequest; -import org.apache.http.entity.ContentType; -import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.hc.client5.http.ClientProtocolException; +import org.apache.hc.client5.http.classic.methods.HttpGet; +import org.apache.hc.client5.http.classic.methods.HttpPost; +import org.apache.hc.client5.http.classic.methods.HttpUriRequest; +import org.apache.hc.client5.http.impl.classic.CloseableHttpClient; +import org.apache.hc.client5.http.impl.classic.CloseableHttpResponse; +import org.apache.hc.core5.http.ContentType; +import org.apache.hc.core5.http.message.StatusLine; import org.junit.After; import org.junit.AfterClass; import org.junit.Assert; @@ -148,7 +148,7 @@ public class HttpClientFactoryTest { //request webservice final HttpUriRequest httpGet1 = new HttpGet(mockServerUrl.url().toString()); final CloseableHttpResponse httpResp1 = client.execute(httpGet1); - Assert.assertEquals("http statusCode", 200, httpResp1.getStatusLine().getStatusCode()); + Assert.assertEquals("http statusCode", 200, httpResp1.getCode()); } @@ -202,7 +202,7 @@ public class HttpClientFactoryTest { //request webservice final HttpUriRequest httpGet2 = new HttpGet(mockServerUrl.url().toString()); final CloseableHttpResponse httpResp2 = client.execute(httpGet2); - Assert.assertEquals("http statusCode", 200, httpResp2.getStatusLine().getStatusCode()); + Assert.assertEquals("http statusCode", 200, httpResp2.getCode()); //check request contains basic authentication after authentication was requested final RecordedRequest httpReq1 = mockWebServer.takeRequest(); @@ -233,7 +233,7 @@ public class HttpClientFactoryTest { //request webservice final HttpUriRequest httpGet2 = new HttpGet(mockServerUrl.url().toString()); final CloseableHttpResponse httpResp2 = client.execute(httpGet2); - Assert.assertEquals("http statusCode", 200, httpResp2.getStatusLine().getStatusCode()); + Assert.assertEquals("http statusCode", 200, httpResp2.getCode()); //check request contains basic authentication after authentication was requested final RecordedRequest httpReq1 = mockWebServer.takeRequest(); @@ -262,7 +262,6 @@ public class HttpClientFactoryTest { final HttpClientConfiguration config = new HttpClientConfiguration("jUnit_retry_" + RandomStringUtils.randomAlphabetic(3)); config.setHttpErrorRetryCount(2); - config.setHttpErrorRetryPost(false); final CloseableHttpClient client = httpClientFactory.getHttpClient(config); Assert.assertNotNull("No httpClient", client); @@ -290,34 +289,6 @@ public class HttpClientFactoryTest { } @Test - public void httpPostRetryOneTime() throws EaafException, InterruptedException, - ClientProtocolException, IOException { - final HttpClientConfiguration config = - new HttpClientConfiguration("jUnit_retry_" + RandomStringUtils.randomAlphabetic(3)); - config.setHttpErrorRetryCount(2); - config.setHttpErrorRetryPost(true); - - final CloseableHttpClient client = httpClientFactory.getHttpClient(config); - Assert.assertNotNull("No httpClient", client); - - - mockWebServer = new MockWebServer(); - mockServerUrl = mockWebServer.url("/sp/junit"); - mockWebServer.enqueue(new MockResponse() - .setSocketPolicy(SocketPolicy.NO_RESPONSE) - .setResponseCode(HttpURLConnection.HTTP_NO_CONTENT)); - mockWebServer.enqueue(new MockResponse().setResponseCode(200) - .setBody("GetData")); - - //request webservice - final HttpUriRequest httpGet1 = new HttpPost(mockServerUrl.url().toString()); - final StatusLine httpResp1 = client.execute(httpGet1, - HttpUtils.simpleStatusCodeResponseHandler()); - Assert.assertEquals("http statusCode", 200, httpResp1.getStatusCode()); - - } - - @Test public void testHttpClientRetryOneTime() throws EaafException, InterruptedException, ClientProtocolException, IOException { final HttpClientConfiguration config = @@ -373,7 +344,7 @@ public class HttpClientFactoryTest { //request webservice final HttpUriRequest httpGet1 = new HttpGet(mockServerUrl.url().toString()); final CloseableHttpResponse httpResp1 = client.execute(httpGet1); - Assert.assertEquals("http statusCode", 200, httpResp1.getStatusLine().getStatusCode()); + Assert.assertEquals("http statusCode", 200, httpResp1.getCode()); } @@ -543,7 +514,7 @@ public class HttpClientFactoryTest { //perform test request final HttpUriRequest httpGet2 = new HttpGet(mockServerUrl.url().toString()); final CloseableHttpResponse httpResp2 = client.execute(httpGet2); - Assert.assertEquals("http statusCode", 200, httpResp2.getStatusLine().getStatusCode()); + Assert.assertEquals("http statusCode", 200, httpResp2.getCode()); } @@ -612,7 +583,7 @@ public class HttpClientFactoryTest { //perform test request final HttpUriRequest httpGet2 = new HttpGet(mockServerUrl.url().toString()); final CloseableHttpResponse httpResp2 = client.execute(httpGet2); - Assert.assertEquals("http statusCode", 200, httpResp2.getStatusLine().getStatusCode()); + Assert.assertEquals("http statusCode", 200, httpResp2.getCode()); } @@ -658,7 +629,7 @@ public class HttpClientFactoryTest { //perform test request final HttpUriRequest httpGet2 = new HttpGet(mockServerUrl.url().toString()); final CloseableHttpResponse httpResp2 = client.execute(httpGet2); - Assert.assertEquals("http statusCode", 200, httpResp2.getStatusLine().getStatusCode()); + Assert.assertEquals("http statusCode", 200, httpResp2.getCode()); } @@ -721,7 +692,7 @@ public class HttpClientFactoryTest { //perform test request final HttpUriRequest httpGet2 = new HttpGet(mockServerUrl.url().toString()); final CloseableHttpResponse httpResp2 = client.execute(httpGet2); - Assert.assertEquals("http statusCode", 200, httpResp2.getStatusLine().getStatusCode()); + Assert.assertEquals("http statusCode", 200, httpResp2.getCode()); } diff --git a/eaaf_modules/eaaf_module_auth_sl20/checks/spotbugs-exclude.xml b/eaaf_modules/eaaf_module_auth_sl20/checks/spotbugs-exclude.xml new file mode 100644 index 00000000..c3a419a2 --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/checks/spotbugs-exclude.xml @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<FindBugsFilter> + <Match> + <OR> + <Class name="at.gv.egiz.eaaf.modules.auth.sl20.data.VerificationResult" /> + <Class name="at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20HttpBindingUtils" /> + <Class name="at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20HttpBindingUtils$Sl20ResponseHolder" /> + </OR> + <OR> + <Bug pattern="EI_EXPOSE_REP" /> + <Bug pattern="EI_EXPOSE_REP2" /> + </OR> + </Match> + <Match> + <OR> + <Class name="at.gv.egiz.eaaf.modules.auth.sl20.utils.JsonMapper" /> + </OR> + <OR> + <Bug pattern="MS_EXPOSE_REP" /> + </OR> + </Match> +</FindBugsFilter> diff --git a/eaaf_modules/eaaf_module_auth_sl20/pom.xml b/eaaf_modules/eaaf_module_auth_sl20/pom.xml index 556f3aea..8ec445bc 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/pom.xml +++ b/eaaf_modules/eaaf_module_auth_sl20/pom.xml @@ -106,6 +106,15 @@ </filesets> </configuration> </plugin> + <plugin> + <groupId>com.github.spotbugs</groupId> + <artifactId>spotbugs-maven-plugin</artifactId> + <version>${spotbugs-maven-plugin.version}</version> + <configuration> + <failOnError>true</failOnError> + <excludeFilterFile>checks/spotbugs-exclude.xml</excludeFilterFile> + </configuration> + </plugin> </plugins> </build> diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java index d561a0bc..d7d2c90b 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java @@ -3,8 +3,6 @@ package at.gv.egiz.eaaf.modules.auth.sl20; import java.util.Arrays; import java.util.List; -import javax.annotation.PostConstruct; - import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -17,6 +15,7 @@ import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.impl.idp.auth.AbstractAuthenticationManager; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants; +import jakarta.annotation.PostConstruct; /** * AuthModule to select a Securtiy-Layer 2.0 based authentication process. diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java index 9dcfbe75..7e895d89 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java @@ -11,16 +11,13 @@ import java.util.Locale; import java.util.Map; import java.util.concurrent.TimeUnit; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.time.StopWatch; -import org.apache.http.NameValuePair; -import org.apache.http.client.entity.UrlEncodedFormEntity; -import org.apache.http.client.methods.HttpPost; -import org.apache.http.client.utils.URIBuilder; -import org.apache.http.message.BasicNameValuePair; +import org.apache.hc.client5.http.classic.methods.HttpPost; +import org.apache.hc.client5.http.entity.UrlEncodedFormEntity; +import org.apache.hc.core5.http.NameValuePair; +import org.apache.hc.core5.http.message.BasicNameValuePair; +import org.apache.hc.core5.net.URIBuilder; import org.jose4j.base64url.Base64Url; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.i18n.LocaleContextHolder; @@ -48,6 +45,8 @@ import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20HttpBindingUtils; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20HttpBindingUtils.Sl20ResponseHolder; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonBuilderUtils; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonExtractorUtils; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; @Slf4j diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java index 79d9f8d6..dd3e9ea7 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java @@ -3,10 +3,7 @@ package at.gv.egiz.eaaf.modules.auth.sl20.tasks; import java.io.IOException; import java.util.Map; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.fileupload.FileUploadException; +import org.apache.commons.fileupload2.core.FileUploadException; import org.apache.commons.lang3.StringUtils; import org.jose4j.base64url.Base64Url; import org.springframework.beans.factory.annotation.Autowired; @@ -36,6 +33,8 @@ import at.gv.egiz.eaaf.modules.auth.sl20.utils.JsonMapper; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonExtractorUtils; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20ResponseUtils; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; @Slf4j diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java index 668ce09a..5e7f926f 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java @@ -7,11 +7,11 @@ import java.security.KeyStoreException; import java.security.Provider; import java.security.cert.CertificateEncodingException; import java.security.cert.X509Certificate; +import java.util.Base64; import java.util.Collections; import java.util.List; import javax.annotation.Nonnull; -import javax.annotation.PostConstruct; import org.apache.commons.lang3.StringUtils; import org.bouncycastle.jce.provider.BouncyCastleProvider; @@ -26,7 +26,6 @@ import org.jose4j.lang.JoseException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.lang.NonNull; import org.springframework.stereotype.Service; -import org.springframework.util.Base64Utils; import com.fasterxml.jackson.core.JsonParseException; import com.fasterxml.jackson.databind.JsonNode; @@ -49,6 +48,7 @@ import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception; import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20SecurityException; import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoBuildException; import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoParserException; +import jakarta.annotation.PostConstruct; import lombok.extern.slf4j.Slf4j; @Service @@ -243,10 +243,9 @@ public class JsonSecurityUtils implements IJoseTools { if (!sortedX5cCerts.get(0).equals(encryptionCred.getSecond()[0])) { log.info("Certificate from JOSE header does NOT match encryption certificate"); - try { - - log.debug("JOSE certificate: {}", Base64Utils.encode(sortedX5cCerts.get(0).getEncoded())); + log.debug("JOSE certificate: {}", Base64.getEncoder().encodeToString( + sortedX5cCerts.get(0).getEncoded())); } catch (final CertificateEncodingException e) { e.printStackTrace(); } diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java index e75410f7..b98b2980 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java @@ -48,9 +48,9 @@ public class SL20Constants { */ public static VdaAuthMethod fromString(@Nonnull final String s) { try { - return VdaAuthMethod.valueOf(s.toUpperCase()); + return s != null ? VdaAuthMethod.valueOf(s.toUpperCase()) : VdaAuthMethod.ANY; - } catch (IllegalArgumentException | NullPointerException e) { + } catch (IllegalArgumentException e) { return VdaAuthMethod.ANY; } diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java index c45245b1..f9ca7cf8 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java @@ -7,26 +7,26 @@ import java.text.MessageFormat; import javax.annotation.Nonnull; import javax.annotation.Nullable; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.http.Header; -import org.apache.http.HttpEntity; -import org.apache.http.ParseException; -import org.apache.http.StatusLine; -import org.apache.http.client.ResponseHandler; -import org.apache.http.client.utils.URIBuilder; -import org.apache.http.entity.ContentType; -import org.apache.http.util.EntityUtils; + +import org.apache.hc.core5.http.ContentType; +import org.apache.hc.core5.http.Header; +import org.apache.hc.core5.http.HttpEntity; +import org.apache.hc.core5.http.io.HttpClientResponseHandler; +import org.apache.hc.core5.http.io.entity.EntityUtils; +import org.apache.hc.core5.http.message.StatusLine; +import org.apache.hc.core5.net.URIBuilder; import org.jose4j.base64url.Base64Url; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; +import com.fasterxml.jackson.core.JacksonException; import com.fasterxml.jackson.databind.JsonNode; import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoParserException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.Data; import lombok.Getter; @@ -48,20 +48,20 @@ public class SL20HttpBindingUtils { * * @return {@link Sl20ResponseHolder} */ - public static ResponseHandler<Sl20ResponseHolder> sl20ResponseHandler() { + public static HttpClientResponseHandler<Sl20ResponseHolder> sl20ResponseHandler() { return response -> { try { - final int httpStatusCode = response.getStatusLine().getStatusCode(); + final int httpStatusCode = response.getCode(); if (httpStatusCode == HttpStatus.OK.value()) { if (response.getEntity().getContentType() == null) { throw new SlCommandoParserException("SL20 response contains NO ContentType"); } - final ContentType contentType = ContentType.getOrDefault(response.getEntity()); + final ContentType contentType = ContentType.parse(response.getEntity().getContentType()); if (!ContentType.APPLICATION_JSON.getMimeType().equals(contentType.getMimeType())) { log.error("SL20 response with statuscode: {} has wrong http ContentType: {}", - response.getStatusLine(), contentType); + response.getCode(), contentType); throw new SlCommandoParserException( "SL20 response with a wrong http ContentType: " + contentType); @@ -69,7 +69,7 @@ public class SL20HttpBindingUtils { //parse OK response from body return new Sl20ResponseHolder(parseSL20ResultFromResponse(response.getEntity()), - response.getStatusLine()); + new StatusLine(response)); } else if (httpStatusCode == HttpStatus.SEE_OTHER.value() || httpStatusCode == HttpStatus.TEMPORARY_REDIRECT.value()) { @@ -81,24 +81,24 @@ public class SL20HttpBindingUtils { final String sl20RespString = new URIBuilder(locationHeader[0].getValue()).getQueryParams().get(0).getValue(); return new Sl20ResponseHolder(JsonMapper.getMapper().readTree(Base64Url.decode(sl20RespString)), - response.getStatusLine()); + new StatusLine(response)); } else if ( httpStatusCode == HttpStatus.INTERNAL_SERVER_ERROR.value() || httpStatusCode == HttpStatus.UNAUTHORIZED.value() || httpStatusCode == HttpStatus.BAD_REQUEST.value()) { log.info("SL20 response with http-code: {}. Search for error message", httpStatusCode); - + String bodyMsg = "_EMPTY_"; try { //extract JSON body from defined http error-codes bodyMsg = EntityUtils.toString(response.getEntity()); log.info("SL20 response with http-code: {} and errorMsg: {}", httpStatusCode, bodyMsg); Sl20ResponseHolder holder = new Sl20ResponseHolder( - JsonMapper.getMapper().readTree(bodyMsg), response.getStatusLine()); + JsonMapper.getMapper().readTree(bodyMsg), new StatusLine(response)); return holder; - } catch (final IOException | ParseException e) { + } catch (final JacksonException e) { log.warn("SL20 response contains no valid JSON. Body msg: {}", bodyMsg, e); throw new SlCommandoParserException(MessageFormat.format( "SL20 response with http-code: {} and generic response-processing error: {}", @@ -115,12 +115,12 @@ public class SL20HttpBindingUtils { } } catch (SlCommandoParserException e) { - Sl20ResponseHolder holder = new Sl20ResponseHolder(null, response.getStatusLine()); + Sl20ResponseHolder holder = new Sl20ResponseHolder(null, new StatusLine(response)); holder.setError(e); return holder; } catch (final Exception e) { - Sl20ResponseHolder holder = new Sl20ResponseHolder(null, response.getStatusLine()); + Sl20ResponseHolder holder = new Sl20ResponseHolder(null, new StatusLine(response)); holder.setError( new SlCommandoParserException("SL20 response parsing FAILED! Reason: " + e.getMessage(), e)); return holder; diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20ResponseUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20ResponseUtils.java index c3826087..af292964 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20ResponseUtils.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20ResponseUtils.java @@ -8,12 +8,9 @@ import java.util.HashMap; import java.util.Map; import java.util.UUID; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import org.apache.commons.lang3.StringUtils; -import org.apache.http.client.utils.URIBuilder; -import org.apache.http.entity.ContentType; +import org.apache.hc.core5.http.ContentType; +import org.apache.hc.core5.net.URIBuilder; import com.fasterxml.jackson.databind.node.ObjectNode; @@ -22,6 +19,8 @@ import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.modules.auth.sl20.Constants; import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; @Slf4j diff --git a/eaaf_modules/eaaf_module_moa-sig/checks/spotbugs-exclude.xml b/eaaf_modules/eaaf_module_moa-sig/checks/spotbugs-exclude.xml new file mode 100644 index 00000000..30b9c014 --- /dev/null +++ b/eaaf_modules/eaaf_module_moa-sig/checks/spotbugs-exclude.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<FindBugsFilter> + <Match> + <OR> + <Class name="at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data.GenericSignatureVerificationResponse" /> + <Class name="at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data.VerifyPdfSignatureResponse" /> + <Class name="at.gv.egiz.eaaf.modules.sigverify.moasig.impl.parser.VerifyXmlSignatureResponseParser" /> + </OR> + <OR> + <Bug pattern="EI_EXPOSE_REP" /> + <Bug pattern="EI_EXPOSE_REP2" /> + </OR> + </Match> +</FindBugsFilter> diff --git a/eaaf_modules/eaaf_module_moa-sig/pom.xml b/eaaf_modules/eaaf_module_moa-sig/pom.xml index 613e841d..c8a30654 100644 --- a/eaaf_modules/eaaf_module_moa-sig/pom.xml +++ b/eaaf_modules/eaaf_module_moa-sig/pom.xml @@ -221,7 +221,15 @@ </filesets> </configuration> </plugin> - + <plugin> + <groupId>com.github.spotbugs</groupId> + <artifactId>spotbugs-maven-plugin</artifactId> + <version>${spotbugs-maven-plugin.version}</version> + <configuration> + <failOnError>true</failOnError> + <excludeFilterFile>checks/spotbugs-exclude.xml</excludeFilterFile> + </configuration> + </plugin> </plugins> </build> </project> diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/MoaSigInitializer.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/MoaSigInitializer.java index 006f48c2..f4c68230 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/MoaSigInitializer.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/MoaSigInitializer.java @@ -7,8 +7,6 @@ import java.security.Security; import java.util.Iterator; import java.util.Map.Entry; -import javax.annotation.PostConstruct; - import org.springframework.beans.factory.annotation.Autowired; import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.ISchemaRessourceProvider; @@ -21,6 +19,7 @@ import at.gv.egovernment.moaspss.util.DOMUtils; import iaik.asn1.structures.AlgorithmID; import iaik.security.ec.provider.ECCelerate; import iaik.security.provider.IAIK; +import jakarta.annotation.PostConstruct; import lombok.Getter; import lombok.extern.slf4j.Slf4j; diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureCreationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureCreationService.java index 0d8b7975..b0ff765c 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureCreationService.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureCreationService.java @@ -1,6 +1,5 @@ package at.gv.egiz.eaaf.modules.sigverify.moasig.impl; -import javax.annotation.PostConstruct; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -9,6 +8,7 @@ import org.springframework.stereotype.Service; import at.gv.egiz.eaaf.modules.sigverify.moasig.api.ISignatureCreationService; import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureCreationInvoker; import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureCreationInvoker; +import jakarta.annotation.PostConstruct; @Service(value = "moaSigCreateService") public class SignatureCreationService extends AbstractSignatureService diff --git a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureVerificationService.java b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureVerificationService.java index 1f8bf3b8..9904b1ea 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureVerificationService.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/main/java/at/gv/egiz/eaaf/modules/sigverify/moasig/impl/SignatureVerificationService.java @@ -3,20 +3,18 @@ package at.gv.egiz.eaaf.modules.sigverify.moasig.impl; import java.io.ByteArrayInputStream; import java.security.cert.CertificateEncodingException; import java.util.ArrayList; +import java.util.Base64; import java.util.Collections; import java.util.Date; import java.util.Iterator; import java.util.List; import java.util.Map; -import javax.annotation.PostConstruct; - import org.apache.commons.lang3.time.DateFormatUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.lang.Nullable; import org.springframework.stereotype.Service; -import org.springframework.util.Base64Utils; import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.Node; @@ -44,6 +42,7 @@ import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; import at.gv.egovernment.moaspss.util.Constants; +import jakarta.annotation.PostConstruct; /** * MOA-Sig based signature verification implementation. @@ -425,7 +424,7 @@ public class SignatureVerificationService extends AbstractSignatureService verifySignatureEnvironmentElem.appendChild(base64ContentElem); // insert the base64 encoded signature - String base64EncodedAssertion = Base64Utils.encodeToString(signature); + String base64EncodedAssertion = Base64.getEncoder().encodeToString(signature); // replace all '\r' characters by no char. final StringBuffer replaced = new StringBuffer(); for (int i = 0; i < base64EncodedAssertion.length(); i++) { @@ -485,7 +484,7 @@ public class SignatureVerificationService extends AbstractSignatureService final Element content = requestDoc_.createElementNS(MOA_NS_URI, "Content"); content.setAttribute("Reference", reference); final Element b64content = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content"); - b64content.setTextContent(Base64Utils.encodeToString(contentBytes)); + b64content.setTextContent(Base64.getEncoder().encodeToString(signature)); content.appendChild(b64content); supplementProfile.appendChild(content); } diff --git a/eaaf_modules/eaaf_module_pvp2_core/checks/spotbugs-exclude.xml b/eaaf_modules/eaaf_module_pvp2_core/checks/spotbugs-exclude.xml index b1d216dc..3aa95b86 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/checks/spotbugs-exclude.xml +++ b/eaaf_modules/eaaf_module_pvp2_core/checks/spotbugs-exclude.xml @@ -12,4 +12,17 @@ <Method name="doDecode" /> <Bug pattern="CRLF_INJECTION_LOGS" /> </Match> + <Match> + <OR> + <Class name="at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage" /> + <Class name="at.gv.egiz.eaaf.modules.pvp2.impl.reqattr.EaafRequestedAttributeImpl" /> + <Class name="at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider" /> + <Class name="at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.SimpleMetadataSignatureVerificationFilter" /> + <Class name="at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSamlMessageHandlerChain" /> + </OR> + <OR> + <Bug pattern="EI_EXPOSE_REP" /> + <Bug pattern="EI_EXPOSE_REP2" /> + </OR> + </Match> </FindBugsFilter> diff --git a/eaaf_modules/eaaf_module_pvp2_core/pom.xml b/eaaf_modules/eaaf_module_pvp2_core/pom.xml index 88523925..0afca29a 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/pom.xml +++ b/eaaf_modules/eaaf_module_pvp2_core/pom.xml @@ -23,10 +23,6 @@ </dependency> <dependency> <groupId>org.opensaml</groupId> - <artifactId>opensaml-core</artifactId> - </dependency> - <dependency> - <groupId>org.opensaml</groupId> <artifactId>opensaml-saml-impl</artifactId> <exclusions> <exclusion> @@ -170,7 +166,7 @@ </build> <repositories> - <repository> + <repository> <id>shibboleth-release</id> <url>https://build.shibboleth.net/maven/releases/</url> <releases> @@ -179,7 +175,17 @@ <snapshots> <enabled>false</enabled> </snapshots> - </repository> + </repository> + <repository> + <id>shibboleth-snapshot</id> + <url>https://build.shibboleth.net/maven/snapshots/</url> + <releases> + <enabled>false</enabled> + </releases> + <snapshots> + <enabled>true</enabled> + </snapshots> + </repository> </repositories> </project> diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java index 83bfee84..b2219919 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java @@ -19,15 +19,15 @@ package at.gv.egiz.eaaf.modules.pvp2.api.binding; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import javax.xml.namespace.QName; import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import net.shibboleth.shared.net.URIComparator; -import net.shibboleth.utilities.java.support.net.URIComparator; public interface IDecoder { InboundMessageInterface decode(HttpServletRequest req, HttpServletResponse resp, diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java index 5a8bc4fb..82ed4184 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java @@ -19,17 +19,17 @@ package at.gv.egiz.eaaf.modules.pvp2.api.binding; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential; -import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; import org.opensaml.saml.saml2.core.RequestAbstractType; import org.opensaml.saml.saml2.core.StatusResponseType; import org.opensaml.security.SecurityException; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential; +import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; + public interface IEncoder { /** diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvp2MetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvp2MetadataProvider.java index ca3aa844..daeb452b 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvp2MetadataProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvp2MetadataProvider.java @@ -25,7 +25,8 @@ import javax.annotation.Nullable; import org.opensaml.saml.metadata.resolver.RefreshableMetadataResolver; import org.opensaml.saml.saml2.metadata.EntityDescriptor; -import net.shibboleth.utilities.java.support.resolver.ResolverException; +import net.shibboleth.shared.resolver.ResolverException; + public interface IPvp2MetadataProvider extends RefreshableMetadataResolver { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestPostProcessor.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestPostProcessor.java index 9f7a5980..cf61fdf5 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestPostProcessor.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestPostProcessor.java @@ -19,13 +19,12 @@ package at.gv.egiz.eaaf.modules.pvp2.api.validation; -import javax.servlet.http.HttpServletRequest; +import org.opensaml.saml.saml2.core.AuthnRequest; +import org.opensaml.saml.saml2.metadata.SPSSODescriptor; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; - -import org.opensaml.saml.saml2.core.AuthnRequest; -import org.opensaml.saml.saml2.metadata.SPSSODescriptor; +import jakarta.servlet.http.HttpServletRequest; /** * SAML2 Authn. request post-processor. diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/AbstractBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/AbstractBinding.java index 459c3fc3..ff3c9d95 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/AbstractBinding.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/AbstractBinding.java @@ -48,7 +48,7 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory; import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSamlMessageHandlerChain; import lombok.extern.slf4j.Slf4j; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; +import net.shibboleth.shared.component.ComponentInitializationException; /** * Abstract Binding implements common code for SAML2 binding implementations. diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java index 1faaf441..047c0492 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java @@ -19,8 +19,7 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.binding; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; + import javax.xml.namespace.QName; import org.opensaml.messaging.context.MessageContext; @@ -52,9 +51,12 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.EaafHttpPostDecoder; import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.HttpPostEncoderWithOwnTemplate; import at.gv.egiz.eaaf.modules.pvp2.impl.verification.EaafSamlProtocolMessageXmlSignatureSecurityHandler; import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSamlMessageHandlerChain; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; -import net.shibboleth.utilities.java.support.net.URIComparator; -import net.shibboleth.utilities.java.support.primitive.NonnullSupplier; +import net.shibboleth.shared.net.URIComparator; +import net.shibboleth.shared.primitive.NonnullSupplier; + @Slf4j public class PostBinding extends AbstractBinding implements IDecoder, IEncoder { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java index d3ab3f6b..db6b5285 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java @@ -19,8 +19,6 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.binding; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import javax.xml.namespace.QName; import org.opensaml.messaging.context.MessageContext; @@ -48,8 +46,10 @@ import at.gv.egiz.eaaf.modules.pvp2.exception.SamlBindingException; import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.EaafHttpRedirectDeflateDecoder; import at.gv.egiz.eaaf.modules.pvp2.impl.verification.EaafSaml2HttpRedirectDeflateSignatureSecurityHandler; import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSamlMessageHandlerChain; -import net.shibboleth.utilities.java.support.net.URIComparator; -import net.shibboleth.utilities.java.support.primitive.NonnullSupplier; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import net.shibboleth.shared.net.URIComparator; +import net.shibboleth.shared.primitive.NonnullSupplier; public class RedirectBinding extends AbstractBinding implements IDecoder, IEncoder { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java index 6c8a1682..f5a47645 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java @@ -19,8 +19,6 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.binding; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import javax.xml.namespace.QName; import org.opensaml.messaging.context.MessageContext; @@ -52,9 +50,11 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; import at.gv.egiz.eaaf.modules.pvp2.impl.verification.EaafMessageContextInitializationHandler; import at.gv.egiz.eaaf.modules.pvp2.impl.verification.EaafSamlProtocolMessageXmlSignatureSecurityHandler; import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSamlMessageHandlerChain; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; -import net.shibboleth.utilities.java.support.net.URIComparator; +import net.shibboleth.shared.component.ComponentInitializationException; +import net.shibboleth.shared.net.URIComparator; @Slf4j public class SoapBinding extends AbstractBinding implements IDecoder, IEncoder { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java index da3db0a8..7747ad4a 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java @@ -67,7 +67,7 @@ import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential; import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration; import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; -import net.shibboleth.utilities.java.support.xml.SerializeSupport; +import net.shibboleth.shared.xml.SerializeSupport; /** * PVP metadata builder implementation. diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeMarshaller.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeMarshaller.java index 4acee141..1e7c12fc 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeMarshaller.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeMarshaller.java @@ -23,8 +23,6 @@ import java.util.Map.Entry; import javax.xml.namespace.QName; -import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; - import org.opensaml.core.xml.XMLObject; import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport; import org.opensaml.core.xml.io.MarshallingException; @@ -32,7 +30,9 @@ import org.opensaml.saml.common.AbstractSAMLObjectMarshaller; import org.w3c.dom.Attr; import org.w3c.dom.Element; -import net.shibboleth.utilities.java.support.xml.AttributeSupport; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; +import net.shibboleth.shared.xml.AttributeSupport; + public class EaafRequestedAttributeMarshaller extends AbstractSAMLObjectMarshaller { @Override diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeUnmarshaller.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeUnmarshaller.java index 5313f340..51e02d08 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeUnmarshaller.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeUnmarshaller.java @@ -21,15 +21,15 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr; import javax.xml.namespace.QName; -import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; -import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; - import org.opensaml.core.xml.XMLObject; import org.opensaml.core.xml.io.UnmarshallingException; import org.opensaml.saml.common.AbstractSAMLObjectUnmarshaller; import org.w3c.dom.Attr; -import net.shibboleth.utilities.java.support.xml.QNameSupport; +import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; +import net.shibboleth.shared.xml.QNameSupport; + public class EaafRequestedAttributeUnmarshaller extends AbstractSAMLObjectUnmarshaller { @Override diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java index f77243c2..bccfa06a 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java @@ -36,7 +36,7 @@ import at.gv.egiz.eaaf.core.impl.utils.DomUtils; import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; import at.gv.egiz.eaaf.modules.pvp2.exception.NoMetadataInformationException; -import net.shibboleth.utilities.java.support.resolver.ResolverException; +import net.shibboleth.shared.resolver.ResolverException; public class InboundMessage implements InboundMessageInterface, Serializable { private static final Logger log = LoggerFactory.getLogger(InboundMessage.class); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java index 32e82ce4..944fdabe 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java @@ -50,10 +50,10 @@ import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpAddableChainingMetadataProvider; import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; import lombok.extern.slf4j.Slf4j; -import net.shibboleth.utilities.java.support.annotation.constraint.NonnullElements; -import net.shibboleth.utilities.java.support.component.IdentifiedComponent; -import net.shibboleth.utilities.java.support.resolver.CriteriaSet; -import net.shibboleth.utilities.java.support.resolver.ResolverException; +import net.shibboleth.shared.annotation.constraint.NonnullElements; +import net.shibboleth.shared.component.IdentifiedComponent; +import net.shibboleth.shared.resolver.CriteriaSet; +import net.shibboleth.shared.resolver.ResolverException; @Slf4j public abstract class AbstractChainingMetadataProvider implements IGarbageCollectorProcessing, diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/PvpMetadataResolverAdapter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/PvpMetadataResolverAdapter.java index f0291847..ca6bbb8f 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/PvpMetadataResolverAdapter.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/PvpMetadataResolverAdapter.java @@ -12,8 +12,8 @@ import org.opensaml.saml.saml2.metadata.EntityDescriptor; import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; import lombok.extern.slf4j.Slf4j; -import net.shibboleth.utilities.java.support.resolver.CriteriaSet; -import net.shibboleth.utilities.java.support.resolver.ResolverException; +import net.shibboleth.shared.resolver.CriteriaSet; +import net.shibboleth.shared.resolver.ResolverException; @Slf4j public class PvpMetadataResolverAdapter implements IPvp2MetadataProvider, IRefreshableMetadataProvider { @@ -25,6 +25,11 @@ public class PvpMetadataResolverAdapter implements IPvp2MetadataProvider, IRefre } @Override + public String getType() { + return getId(); + } + + @Override public void refresh() throws ResolverException { internalProvider.refresh(); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/PvpMetadataResolverFactory.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/PvpMetadataResolverFactory.java index bf541b67..2567e6a1 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/PvpMetadataResolverFactory.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/PvpMetadataResolverFactory.java @@ -4,12 +4,9 @@ import java.io.IOException; import java.time.Duration; import java.util.Timer; -import javax.annotation.Nonnull; -import javax.annotation.Nullable; -import javax.annotation.PostConstruct; import javax.net.ssl.SSLHandshakeException; -import org.apache.http.client.HttpClient; +import org.apache.hc.client5.http.classic.HttpClient; import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport; import org.opensaml.saml.metadata.resolver.RefreshableMetadataResolver; import org.opensaml.saml.metadata.resolver.filter.MetadataFilter; @@ -31,11 +28,14 @@ import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException; import at.gv.egiz.eaaf.modules.pvp2.exception.SignatureValidationException; import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.OpenSaml3ResourceAdapter; +import jakarta.annotation.Nonnull; +import jakarta.annotation.Nullable; +import jakarta.annotation.PostConstruct; import lombok.extern.slf4j.Slf4j; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; -import net.shibboleth.utilities.java.support.resolver.ResolverException; -import net.shibboleth.utilities.java.support.resource.Resource; -import net.shibboleth.utilities.java.support.xml.ParserPool; +import net.shibboleth.shared.component.ComponentInitializationException; +import net.shibboleth.shared.resolver.ResolverException; +import net.shibboleth.shared.resource.Resource; +import net.shibboleth.shared.xml.ParserPool; @Slf4j public class PvpMetadataResolverFactory implements IDestroyableObject { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpPostDecoder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpPostDecoder.java index 87d897d6..58698d56 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpPostDecoder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpPostDecoder.java @@ -3,8 +3,7 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.opensaml; import java.io.ByteArrayInputStream; import java.io.InputStream; import java.io.UnsupportedEncodingException; - -import javax.servlet.http.HttpServletRequest; +import java.util.Base64; import org.opensaml.core.xml.XMLObject; import org.opensaml.messaging.decoder.MessageDecodingException; @@ -14,9 +13,8 @@ import com.google.common.base.Strings; import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SamlHttpUtils; +import jakarta.servlet.http.HttpServletRequest; import lombok.extern.slf4j.Slf4j; -import net.shibboleth.utilities.java.support.codec.Base64Support; -import net.shibboleth.utilities.java.support.codec.DecodingException; /** * SAML2 Post-Binding decoder with same EAAF specific hardening regarding http @@ -54,7 +52,7 @@ public class EaafHttpPostDecoder extends HTTPPostDecoder { try { log.trace("Base64 decoding SAML message: {}", encodedMessage); - final byte[] decodedBytes = Base64Support.decode(encodedMessage); + final byte[] decodedBytes = Base64.getDecoder().decode(encodedMessage); try { log.trace("Decoded SAML message: {}", new String(decodedBytes, "UTF-8")); @@ -66,7 +64,7 @@ public class EaafHttpPostDecoder extends HTTPPostDecoder { return new ByteArrayInputStream(decodedBytes); - } catch (final DecodingException e) { + } catch (final IllegalArgumentException e) { log.error("Unable to Base64 decode SAML message"); throw new MessageDecodingException("Unable to Base64 decode SAML message",e); } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpRedirectDeflateDecoder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpRedirectDeflateDecoder.java index e4b5fedd..cbb80f4c 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpRedirectDeflateDecoder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpRedirectDeflateDecoder.java @@ -2,8 +2,7 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.opensaml; import java.io.InputStream; -import javax.servlet.http.HttpServletRequest; - +import org.apache.commons.lang3.StringUtils; import org.opensaml.core.xml.XMLObject; import org.opensaml.messaging.context.MessageContext; import org.opensaml.messaging.decoder.MessageDecodingException; @@ -16,8 +15,9 @@ import com.google.common.base.Strings; import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SamlHttpUtils; +import jakarta.servlet.http.HttpServletRequest; import lombok.extern.slf4j.Slf4j; -import net.shibboleth.utilities.java.support.primitive.StringSupport; + /** * SAML2 Redirect-Binding deflate decoder with same EAAF specific hardening @@ -46,7 +46,7 @@ public class EaafHttpRedirectDeflateDecoder extends HTTPRedirectDeflateDecoder { throw new MessageDecodingException("This message decoder only supports the HTTP GET method"); } - final String samlEncoding = StringSupport.trimOrNull(request.getParameter("SAMLEncoding")); + final String samlEncoding = StringUtils.trimToNull(request.getParameter("SAMLEncoding")); if (samlEncoding != null && !SAMLConstants.SAML2_BINDING_URL_ENCODING_DEFLATE_URI.equals(samlEncoding)) { throw new MessageDecodingException("Request indicated an unsupported SAMLEncoding: " + samlEncoding); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java index 396b513f..0f3a0fe4 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java @@ -26,8 +26,6 @@ import java.io.InputStreamReader; import java.io.OutputStreamWriter; import java.io.Writer; -import javax.servlet.http.HttpServletResponse; - import org.apache.velocity.VelocityContext; import org.apache.velocity.app.Velocity; import org.opensaml.messaging.context.MessageContext; @@ -37,8 +35,10 @@ import org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder; import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration; import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiFormBuilder; import at.gv.egiz.eaaf.core.impl.gui.velocity.VelocityProvider; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; -import net.shibboleth.utilities.java.support.net.HttpServletSupport; +import net.shibboleth.shared.servlet.HttpServletSupport; + /** * OpenSAML2 Post-Binding encoder that uses dynamic loaded templates. diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/OpenSaml3ResourceAdapter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/OpenSaml3ResourceAdapter.java index f474267f..912a8a31 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/OpenSaml3ResourceAdapter.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/OpenSaml3ResourceAdapter.java @@ -6,7 +6,7 @@ import java.io.InputStream; import java.net.URI; import java.net.URL; -import net.shibboleth.utilities.java.support.resource.Resource; +import net.shibboleth.shared.resource.Resource; /** * Adapter that connects a Spring {@link org.springframework.core.io.Resource} diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafOpenSaml3xInitializer.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafOpenSaml3xInitializer.java index 2c90bc57..a92692f2 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafOpenSaml3xInitializer.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafOpenSaml3xInitializer.java @@ -19,6 +19,8 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize; + + import java.util.HashMap; import java.util.Map; @@ -43,9 +45,9 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestedAttributes import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestedAttributesMarshaller; import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestedAttributesUnmarshaller; import lombok.extern.slf4j.Slf4j; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; -import net.shibboleth.utilities.java.support.xml.BasicParserPool; -import net.shibboleth.utilities.java.support.xml.ParserPool; +import net.shibboleth.shared.component.ComponentInitializationException; +import net.shibboleth.shared.xml.ParserPool; +import net.shibboleth.shared.xml.impl.BasicParserPool; /** * EAAF specific OpenSAML Initializer. diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java index e17e625e..e2cc3271 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java @@ -29,9 +29,6 @@ import java.util.Collections; import java.util.Enumeration; import java.util.List; -import javax.annotation.Nonnull; -import javax.annotation.PostConstruct; - import org.apache.commons.lang3.StringUtils; import org.apache.xml.security.algorithms.JCEMapper; import org.opensaml.security.credential.UsageType; @@ -50,6 +47,8 @@ import at.gv.egiz.eaaf.modules.pvp2.api.utils.IPvp2CredentialProvider; import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException; import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.EaafKeyStoreX509CredentialAdapter; +import jakarta.annotation.Nonnull; +import jakarta.annotation.PostConstruct; import lombok.extern.slf4j.Slf4j; @Slf4j diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java index 5059b1fb..ead7e55f 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java @@ -39,14 +39,6 @@ import javax.xml.transform.dom.DOMSource; import javax.xml.validation.Schema; import javax.xml.validation.Validator; -import at.gv.egiz.eaaf.core.impl.utils.DomUtils; -import at.gv.egiz.eaaf.core.impl.utils.Random; -import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; -import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential; -import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; -import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException; -import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException; - import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.lang3.StringUtils; import org.opensaml.core.xml.XMLObject; @@ -92,8 +84,16 @@ import org.w3c.dom.Document; import org.w3c.dom.Element; import org.xml.sax.SAXException; -import net.shibboleth.utilities.java.support.xml.QNameSupport; -import net.shibboleth.utilities.java.support.xml.SerializeSupport; +import at.gv.egiz.eaaf.core.impl.utils.DomUtils; +import at.gv.egiz.eaaf.core.impl.utils.Random; +import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; +import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; +import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException; +import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException; +import net.shibboleth.shared.xml.QNameSupport; +import net.shibboleth.shared.xml.SerializeSupport; + public class Saml2Utils { private static final Logger log = LoggerFactory.getLogger(Saml2Utils.class); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/SamlHttpUtils.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/SamlHttpUtils.java index 2e02bf22..be601715 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/SamlHttpUtils.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/SamlHttpUtils.java @@ -1,8 +1,9 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.utils; -import javax.annotation.Nonnull; -import javax.annotation.Nullable; -import javax.servlet.http.HttpServletRequest; + +import jakarta.annotation.Nonnull; +import jakarta.annotation.Nullable; +import jakarta.servlet.http.HttpServletRequest; public class SamlHttpUtils { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/EaafUriCompare.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/EaafUriCompare.java index 9015c40b..d0e8b35a 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/EaafUriCompare.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/EaafUriCompare.java @@ -22,7 +22,9 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.validation; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import net.shibboleth.utilities.java.support.net.URIComparator; +import net.shibboleth.shared.net.URIComparator; + + public class EaafUriCompare implements URIComparator { private static final Logger log = LoggerFactory.getLogger(EaafUriCompare.class); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/SignatureTrustEngineDecorator.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/SignatureTrustEngineDecorator.java index 66393bb4..c521771e 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/SignatureTrustEngineDecorator.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/SignatureTrustEngineDecorator.java @@ -9,7 +9,8 @@ import org.opensaml.xmlsec.signature.support.SignatureTrustEngine; import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; import lombok.AllArgsConstructor; import lombok.Getter; -import net.shibboleth.utilities.java.support.resolver.CriteriaSet; +import net.shibboleth.shared.resolver.CriteriaSet; + @AllArgsConstructor public class SignatureTrustEngineDecorator implements SignatureTrustEngine { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java index fe941f74..1231a1a6 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java @@ -35,7 +35,8 @@ import org.opensaml.xmlsec.signature.support.impl.ExplicitKeySignatureTrustEngin import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2InternalErrorException; import lombok.extern.slf4j.Slf4j; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; +import net.shibboleth.shared.component.ComponentInitializationException; + @Slf4j public class TrustEngineFactory { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PvpEntityCategoryFilter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PvpEntityCategoryFilter.java index 7317e7ba..391bbfac 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PvpEntityCategoryFilter.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PvpEntityCategoryFilter.java @@ -39,14 +39,13 @@ import org.opensaml.saml.saml2.metadata.Extensions; import org.opensaml.saml.saml2.metadata.RequestedAttribute; import org.opensaml.saml.saml2.metadata.SPSSODescriptor; import org.opensaml.saml.saml2.metadata.ServiceName; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import at.gv.egiz.eaaf.core.impl.data.Triple; import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpAttributeBuilder; import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; +import lombok.extern.slf4j.Slf4j; /** * Metadata filter that inject requested attributes based on Metadata @@ -55,8 +54,8 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; * @author tlenz * */ +@Slf4j public class PvpEntityCategoryFilter implements MetadataFilter { - private static final Logger log = LoggerFactory.getLogger(PvpEntityCategoryFilter.class); private boolean isUsed = false; @@ -71,6 +70,11 @@ public class PvpEntityCategoryFilter implements MetadataFilter { this.isUsed = isUsed; } + @Override + public String getType() { + return PvpEntityCategoryFilter.class.getSimpleName(); + } + /* * (non-Javadoc) * @@ -79,8 +83,8 @@ public class PvpEntityCategoryFilter implements MetadataFilter { * .XMLObject) */ @Override - public XMLObject filter(@Nullable final XMLObject metadata, - @Nonnull final MetadataFilterContext context) throws FilterException { + public XMLObject filter(@Nullable final XMLObject metadata, + @Nonnull final MetadataFilterContext context) throws FilterException { if (isUsed) { log.trace("Map PVP EntityCategory to single PVP Attributes ... "); @@ -131,46 +135,38 @@ public class PvpEntityCategoryFilter implements MetadataFilter { log.trace("Find ExtensionElement: " + el.getElementQName().toString()); if (el instanceof EntityAttributes) { final EntityAttributes entityAttrElem = (EntityAttributes) el; - if (entityAttrElem.getAttributes() != null) { - log.trace("Find EntityAttributes. Start attribute processing ..."); - for (final Attribute entityAttr : entityAttrElem.getAttributes()) { - if (entityAttr.getName().equals(PvpConstants.ENTITY_CATEGORY_ATTRIBITE)) { - if (!entityAttr.getAttributeValues().isEmpty()) { - final String entityAttrValue = - entityAttr.getAttributeValues().get(0).getDOM().getTextContent(); - if (PvpConstants.EGOVTOKEN.equals(entityAttrValue)) { - log.debug( - "Find 'EGOVTOKEN' EntityAttribute. Adding single pvp attributes ... "); - addAttributesToEntityDescriptor(metadata, - buildAttributeList(PvpConstants.EGOVTOKEN_PVP_ATTRIBUTES), - entityAttrValue); - - } else if (PvpConstants.CITIZENTOKEN.equals(entityAttrValue)) { - log.debug( - "Find 'CITIZENTOKEN' EntityAttribute. Adding single pvp attributes ... "); - addAttributesToEntityDescriptor(metadata, - buildAttributeList(PvpConstants.CITIZENTOKEN_PVP_ATTRIBUTES), - entityAttrValue); - - } else { - log.info("EntityAttributeValue: " + entityAttrValue + " is UNKNOWN!"); - } + log.trace("Find EntityAttributes. Start attribute processing ..."); + for (final Attribute entityAttr : entityAttrElem.getAttributes()) { + if (entityAttr.getName().equals(PvpConstants.ENTITY_CATEGORY_ATTRIBITE)) { + if (!entityAttr.getAttributeValues().isEmpty()) { + final String entityAttrValue = + entityAttr.getAttributeValues().get(0).getDOM().getTextContent(); + if (PvpConstants.EGOVTOKEN.equals(entityAttrValue)) { + log.debug( + "Find 'EGOVTOKEN' EntityAttribute. Adding single pvp attributes ... "); + addAttributesToEntityDescriptor(metadata, + buildAttributeList(PvpConstants.EGOVTOKEN_PVP_ATTRIBUTES), + entityAttrValue); + + } else if (PvpConstants.CITIZENTOKEN.equals(entityAttrValue)) { + log.debug( + "Find 'CITIZENTOKEN' EntityAttribute. Adding single pvp attributes ... "); + addAttributesToEntityDescriptor(metadata, + buildAttributeList(PvpConstants.CITIZENTOKEN_PVP_ATTRIBUTES), + entityAttrValue); } else { - log.info("EntityAttribute: No attribute value"); + log.info("EntityAttributeValue: " + entityAttrValue + " is UNKNOWN!"); } } else { - log.info("EntityAttribute: " + entityAttr.getName() + " is NOT supported"); + log.info("EntityAttribute: No attribute value"); } + } else { + log.info("EntityAttribute: " + entityAttr.getName() + " is NOT supported"); } - - } else { - log.info( - "Can NOT resolve EntityAttributes! Reason: Only EntityAttributes are supported!"); } - } } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java index 2c7892f9..59d81d74 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java @@ -19,8 +19,6 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata; -import javax.annotation.Nonnull; -import javax.annotation.Nullable; import javax.xml.transform.dom.DOMSource; import javax.xml.validation.Schema; import javax.xml.validation.Validator; @@ -35,6 +33,8 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException; +import jakarta.annotation.Nonnull; +import jakarta.annotation.Nullable; public class SchemaValidationFilter implements MetadataFilter { private static final Logger log = LoggerFactory.getLogger(SchemaValidationFilter.class); @@ -59,6 +59,11 @@ public class SchemaValidationFilter implements MetadataFilter { this.isActive = useSchemaValidation; } + @Override + public String getType() { + return SchemaValidationFilter.class.getSimpleName(); + } + /* * (non-Javadoc) * diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SimpleMetadataSignatureVerificationFilter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SimpleMetadataSignatureVerificationFilter.java index f4b008af..39ed0893 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SimpleMetadataSignatureVerificationFilter.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SimpleMetadataSignatureVerificationFilter.java @@ -31,8 +31,6 @@ import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.List; -import javax.annotation.Nonnull; - import org.apache.commons.lang3.ArrayUtils; import org.apache.xml.security.keys.KeyInfo; import org.apache.xml.security.keys.keyresolver.KeyResolverException; @@ -51,6 +49,7 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils; import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; import at.gv.egiz.eaaf.modules.pvp2.exception.SamlMetadataSignatureException; +import jakarta.annotation.Nonnull; import lombok.extern.slf4j.Slf4j; @Slf4j @@ -83,6 +82,11 @@ public class SimpleMetadataSignatureVerificationFilter extends AbstractMetadataS } @Override + public String getType() { + return SimpleMetadataSignatureVerificationFilter.class.getSimpleName(); + } + + @Override protected void verify(EntityDescriptor desc) throws Pvp2MetadataException { try { internalVerify(desc); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/EaafMessageContextInitializationHandler.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/EaafMessageContextInitializationHandler.java index 26f3d58e..9ddcabdc 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/EaafMessageContextInitializationHandler.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/EaafMessageContextInitializationHandler.java @@ -17,7 +17,8 @@ import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2InternalErrorException; import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory; import lombok.extern.slf4j.Slf4j; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; +import net.shibboleth.shared.component.ComponentInitializationException; + @Slf4j public class EaafMessageContextInitializationHandler extends AbstractMessageHandler { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/EaafSaml2HttpRedirectDeflateSignatureSecurityHandler.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/EaafSaml2HttpRedirectDeflateSignatureSecurityHandler.java index 36c8a1ee..8061fec3 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/EaafSaml2HttpRedirectDeflateSignatureSecurityHandler.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/EaafSaml2HttpRedirectDeflateSignatureSecurityHandler.java @@ -1,7 +1,7 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.verification; -import javax.annotation.Nonnull; -import javax.annotation.Nullable; + +import java.util.Base64; import org.opensaml.messaging.context.MessageContext; import org.opensaml.messaging.handler.MessageHandlerException; @@ -14,9 +14,9 @@ import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException; import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SamlHttpUtils; +import jakarta.annotation.Nonnull; +import jakarta.annotation.Nullable; import lombok.extern.slf4j.Slf4j; -import net.shibboleth.utilities.java.support.codec.Base64Support; -import net.shibboleth.utilities.java.support.codec.DecodingException; /** * Always extracts the last http parameter with a specific name from request, if @@ -97,9 +97,9 @@ public class EaafSaml2HttpRedirectDeflateSignatureSecurityHandler extends } try { - return Base64Support.decode(signature); + return Base64.getDecoder().decode(signature); - } catch (DecodingException e) { + } catch (IllegalArgumentException e) { throw new MessageHandlerException("Base64 decoding error", e); } } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpSamlMessageHandlerChain.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpSamlMessageHandlerChain.java index 44ed2013..51cc2847 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpSamlMessageHandlerChain.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpSamlMessageHandlerChain.java @@ -9,7 +9,8 @@ import org.opensaml.messaging.handler.MessageHandlerChain; import org.opensaml.messaging.handler.MessageHandlerException; import lombok.extern.slf4j.Slf4j; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; +import net.shibboleth.shared.component.ComponentInitializationException; + @Slf4j public class PvpSamlMessageHandlerChain implements MessageHandlerChain { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java index 6cace5cb..bdbc6ac1 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java @@ -79,10 +79,10 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest; import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse; import at.gv.egiz.eaaf.modules.pvp2.impl.validation.SignatureTrustEngineDecorator; import lombok.extern.slf4j.Slf4j; -import net.shibboleth.utilities.java.support.net.URIException; -import net.shibboleth.utilities.java.support.net.impl.BasicURLComparator; -import net.shibboleth.utilities.java.support.resolver.CriteriaSet; -import net.shibboleth.utilities.java.support.xml.SerializeSupport; +import net.shibboleth.shared.net.URIException; +import net.shibboleth.shared.net.impl.BasicURLComparator; +import net.shibboleth.shared.resolver.CriteriaSet; +import net.shibboleth.shared.xml.SerializeSupport; @Slf4j public class SamlVerificationEngine { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/AbstractSamlVerificationEngine.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/AbstractSamlVerificationEngine.java index 0eb80cc9..56ca877d 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/AbstractSamlVerificationEngine.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/AbstractSamlVerificationEngine.java @@ -50,7 +50,8 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine; import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyMetadataProvider; import lombok.SneakyThrows; -import net.shibboleth.utilities.java.support.xml.XMLParserException; +import net.shibboleth.shared.xml.XMLParserException; + public abstract class AbstractSamlVerificationEngine { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineEidasTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineEidasTest.java index 4577b94b..2aea97ea 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineEidasTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineEidasTest.java @@ -34,7 +34,8 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; import at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine; import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyMetadataProvider; -import net.shibboleth.utilities.java.support.xml.XMLParserException; +import net.shibboleth.shared.xml.XMLParserException; + @Ignore @RunWith(SpringJUnit4ClassRunner.class) diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineTest.java index 1f010d06..8b12cdda 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineTest.java @@ -39,7 +39,8 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory; import at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine; import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyMetadataProvider; -import net.shibboleth.utilities.java.support.xml.XMLParserException; +import net.shibboleth.shared.xml.XMLParserException; + @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml", diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java index 1511eb73..c59d7bb7 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java @@ -21,7 +21,7 @@ import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; import at.gv.egiz.eaaf.modules.pvp2.exception.SamlAssertionValidationExeption; import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException; import lombok.SneakyThrows; -import net.shibboleth.utilities.java.support.xml.XMLParserException; +import net.shibboleth.shared.xml.XMLParserException; //@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment") @RunWith(SpringJUnit4ClassRunner.class) diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java index e7c59459..f568df20 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java @@ -68,9 +68,9 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; import at.gv.egiz.eaaf.modules.pvp2.impl.validation.EaafUriCompare; import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; import at.gv.egiz.eaaf.modules.pvp2.test.metadata.MetadataResolverTest; -import net.shibboleth.utilities.java.support.net.URIComparator; -import net.shibboleth.utilities.java.support.xml.SerializeSupport; -import net.shibboleth.utilities.java.support.xml.XMLParserException; +import net.shibboleth.shared.net.URIComparator; +import net.shibboleth.shared.xml.SerializeSupport; +import net.shibboleth.shared.xml.XMLParserException; import okhttp3.HttpUrl; import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java index bfa4a072..75eb08a5 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java @@ -47,9 +47,9 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xIniti import at.gv.egiz.eaaf.modules.pvp2.impl.validation.EaafUriCompare; import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; import at.gv.egiz.eaaf.modules.pvp2.test.metadata.MetadataResolverTest; -import net.shibboleth.utilities.java.support.net.URIComparator; -import net.shibboleth.utilities.java.support.net.URISupport; -import net.shibboleth.utilities.java.support.xml.XMLParserException; +import net.shibboleth.shared.net.URIComparator; +import net.shibboleth.shared.net.URISupport; +import net.shibboleth.shared.xml.XMLParserException; import okhttp3.HttpUrl; import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java index 97a896f5..4b0c2117 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java @@ -37,10 +37,10 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xIniti import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; import at.gv.egiz.eaaf.modules.pvp2.impl.validation.EaafUriCompare; import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; -import net.shibboleth.utilities.java.support.logic.Constraint; -import net.shibboleth.utilities.java.support.net.URIComparator; -import net.shibboleth.utilities.java.support.xml.SerializeSupport; -import net.shibboleth.utilities.java.support.xml.XMLParserException; +import net.shibboleth.shared.logic.Constraint; +import net.shibboleth.shared.net.URIComparator; +import net.shibboleth.shared.xml.SerializeSupport; +import net.shibboleth.shared.xml.XMLParserException; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration({"/spring/test_eaaf_pvp.beans.xml", diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyMetadataProvider.java index 91da692c..bfa440e9 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyMetadataProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyMetadataProvider.java @@ -82,4 +82,8 @@ public class DummyMetadataProvider extends AbstractChainingMetadataProvider { } + @Override + public String getType() { + return "DummyMetadataProvider for testing"; + } } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/ChainingMetadataTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/ChainingMetadataTest.java index 27c42c57..6b7fbf36 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/ChainingMetadataTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/ChainingMetadataTest.java @@ -4,15 +4,6 @@ import java.io.IOException; import java.io.UnsupportedEncodingException; import java.util.Arrays; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory; -import at.gv.egiz.eaaf.core.impl.utils.FileUtils; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; -import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; -import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; -import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyMetadataProvider; - import org.apache.commons.io.IOUtils; import org.junit.Assert; import org.junit.BeforeClass; @@ -27,8 +18,16 @@ import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.TestPropertySource; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import net.shibboleth.utilities.java.support.resolver.CriteriaSet; -import net.shibboleth.utilities.java.support.resolver.ResolverException; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory; +import at.gv.egiz.eaaf.core.impl.utils.FileUtils; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; +import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; +import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; +import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyMetadataProvider; +import net.shibboleth.shared.resolver.CriteriaSet; +import net.shibboleth.shared.resolver.ResolverException; import okhttp3.HttpUrl; import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java index 3cc0a908..2d6d437a 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java @@ -51,7 +51,7 @@ import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpMetadataBuilder; import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; -import net.shibboleth.utilities.java.support.xml.XMLParserException; +import net.shibboleth.shared.xml.XMLParserException; diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java index 511b7283..ff69af43 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java @@ -71,11 +71,11 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.PvpEntityCategoryFi import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.SchemaValidationFilter; import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.SimpleMetadataSignatureVerificationFilter; import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; -import net.shibboleth.utilities.java.support.resolver.CriteriaSet; -import net.shibboleth.utilities.java.support.resolver.ResolverException; -import net.shibboleth.utilities.java.support.xml.SerializeSupport; -import net.shibboleth.utilities.java.support.xml.XMLParserException; +import net.shibboleth.shared.component.ComponentInitializationException; +import net.shibboleth.shared.resolver.CriteriaSet; +import net.shibboleth.shared.resolver.ResolverException; +import net.shibboleth.shared.xml.SerializeSupport; +import net.shibboleth.shared.xml.XMLParserException; import okhttp3.HttpUrl; import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; @@ -174,9 +174,9 @@ public class MetadataResolverTest { criteriaSet.add(new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME)); criteriaSet.add(new UsageCriterion(UsageType.SIGNING)); final SignatureValidationParameters sigValCrit = new SignatureValidationParameters(); - sigValCrit.setBlacklistedAlgorithms( + sigValCrit.setExcludedAlgorithms( ConfigurationService.get(SignatureValidationConfiguration.class) - .getBlacklistedAlgorithms()); + .getExcludedAlgorithms()); sigValCrit.setSignatureTrustEngine( TrustEngineFactory.getSignatureKnownKeysTrustEngine(mdResolver)); criteriaSet.add(new SignatureValidationParametersCriterion(sigValCrit)); @@ -579,9 +579,9 @@ public class MetadataResolverTest { sigCriteriaSet.add(new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME)); sigCriteriaSet.add(new UsageCriterion(UsageType.SIGNING)); final SignatureValidationParameters sigValCrit = new SignatureValidationParameters(); - sigValCrit.setBlacklistedAlgorithms( + sigValCrit.setExcludedAlgorithms( ConfigurationService.get(SignatureValidationConfiguration.class) - .getBlacklistedAlgorithms()); + .getExcludedAlgorithms()); sigValCrit.setSignatureTrustEngine( TrustEngineFactory.getSignatureKnownKeysTrustEngine(mdResolver)); sigCriteriaSet.add(new SignatureValidationParametersCriterion(sigValCrit)); diff --git a/eaaf_modules/eaaf_module_pvp2_idp/checks/spotbugs-exclude.xml b/eaaf_modules/eaaf_module_pvp2_idp/checks/spotbugs-exclude.xml index 855f39bd..eddef970 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/checks/spotbugs-exclude.xml +++ b/eaaf_modules/eaaf_module_pvp2_idp/checks/spotbugs-exclude.xml @@ -11,4 +11,13 @@ <Class name="at.gv.egiz.eaaf.modules.pvp2.idp.impl.AbstractPvp2XProtocol"/> <Bug pattern="CRLF_INJECTION_LOGS" /> </Match> + <Match> + <OR> + <Class name="at.gv.egiz.eaaf.modules.pvp2.idp.impl.PvpSProfilePendingRequest" /> + </OR> + <OR> + <Bug pattern="EI_EXPOSE_REP" /> + <Bug pattern="EI_EXPOSE_REP2" /> + </OR> + </Match> </FindBugsFilter> diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java index a2611165..8084a2e0 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java @@ -23,10 +23,6 @@ import java.time.Duration; import java.time.Instant; import java.util.List; -import javax.annotation.PostConstruct; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import org.apache.commons.lang3.StringUtils; import org.apache.commons.text.StringEscapeUtils; import org.opensaml.saml.common.xml.SAMLConstants; @@ -79,6 +75,9 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; import at.gv.egiz.eaaf.modules.pvp2.impl.validation.EaafUriCompare; import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory; import at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine; +import jakarta.annotation.PostConstruct; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.Setter; public abstract class AbstractPvp2XProtocol extends AbstractController implements IModulInfo { diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java index a3c6cb5d..e5076a48 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java @@ -21,10 +21,6 @@ package at.gv.egiz.eaaf.modules.pvp2.idp.impl; import java.time.Instant; -import javax.annotation.PostConstruct; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import org.opensaml.saml.common.xml.SAMLConstants; import org.opensaml.saml.saml2.core.Assertion; import org.opensaml.saml.saml2.core.AuthnRequest; @@ -58,6 +54,9 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.binding.PostBinding; import at.gv.egiz.eaaf.modules.pvp2.impl.binding.RedirectBinding; import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest; import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; +import jakarta.annotation.PostConstruct; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.Setter; @Service("PVPAuthenticationRequestAction") diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/MetadataAction.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/MetadataAction.java index 0b344ba3..57d14bc4 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/MetadataAction.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/MetadataAction.java @@ -19,9 +19,11 @@ package at.gv.egiz.eaaf.modules.pvp2.idp.impl; -import javax.annotation.PostConstruct; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.MediaType; +import org.springframework.stereotype.Service; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.IAction; @@ -34,12 +36,9 @@ import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataConfigurationFactor import at.gv.egiz.eaaf.modules.pvp2.api.utils.IPvp2CredentialProvider; import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpMetadataBuilder; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.MediaType; -import org.springframework.stereotype.Service; +import jakarta.annotation.PostConstruct; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; @Service("pvpMetadataService") public class MetadataAction implements IAction { diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java index 500482b2..bf3bf9c5 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java @@ -66,9 +66,9 @@ import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException; import at.gv.egiz.eaaf.modules.pvp2.idp.exception.InvalidAssertionEncryptionException; import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; -import net.shibboleth.utilities.java.support.resolver.CriteriaSet; -import net.shibboleth.utilities.java.support.resolver.ResolverException; +import net.shibboleth.shared.component.ComponentInitializationException; +import net.shibboleth.shared.resolver.CriteriaSet; +import net.shibboleth.shared.resolver.ResolverException; /** * Authentication response builder. diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthnResponseBuilderTest.java b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthnResponseBuilderTest.java index f2df5e8d..429351a6 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthnResponseBuilderTest.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthnResponseBuilderTest.java @@ -36,7 +36,7 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xIniti import at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine; import at.gv.egiz.eaaf.modules.pvp2.test.binding.PostBindingTest; import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; -import net.shibboleth.utilities.java.support.xml.XMLParserException; +import net.shibboleth.shared.xml.XMLParserException; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration({"/spring/test_eaaf_pvp.beans.xml"}) diff --git a/eaaf_modules/eaaf_module_pvp2_sp/checks/spotbugs-exclude.xml b/eaaf_modules/eaaf_module_pvp2_sp/checks/spotbugs-exclude.xml new file mode 100644 index 00000000..ff7f96e0 --- /dev/null +++ b/eaaf_modules/eaaf_module_pvp2_sp/checks/spotbugs-exclude.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<FindBugsFilter> + <Match> + <OR> + <Class name="at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor" /> + </OR> + <OR> + <Bug pattern="EI_EXPOSE_REP" /> + <Bug pattern="EI_EXPOSE_REP2" /> + </OR> + </Match> +</FindBugsFilter> diff --git a/eaaf_modules/eaaf_module_pvp2_sp/pom.xml b/eaaf_modules/eaaf_module_pvp2_sp/pom.xml index ea7f29fe..90e4866f 100644 --- a/eaaf_modules/eaaf_module_pvp2_sp/pom.xml +++ b/eaaf_modules/eaaf_module_pvp2_sp/pom.xml @@ -52,6 +52,18 @@ <build> <finalName>eaaf_module_pvp2_sp</finalName> + <plugins> + <plugin> + <groupId>com.github.spotbugs</groupId> + <artifactId>spotbugs-maven-plugin</artifactId> + <version>${spotbugs-maven-plugin.version}</version> + <configuration> + <failOnError>true</failOnError> + <excludeFilterFile>checks/spotbugs-exclude.xml</excludeFilterFile> + </configuration> + </plugin> + </plugins> + </build> </project> diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java index bac90451..13a9cc7a 100644 --- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java +++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java @@ -23,8 +23,6 @@ import java.security.NoSuchAlgorithmException; import java.time.Instant; import java.util.List; -import javax.servlet.http.HttpServletResponse; - import org.apache.commons.lang3.StringUtils; import org.opensaml.messaging.encoder.MessageEncodingException; import org.opensaml.saml.common.xml.SAMLConstants; @@ -60,7 +58,8 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestExtensionBui import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; import at.gv.egiz.eaaf.modules.pvp2.sp.api.IPvpAuthnRequestBuilderConfiguruation; import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AuthnRequestBuildException; -import net.shibboleth.utilities.java.support.security.impl.SecureRandomIdentifierGenerationStrategy; +import jakarta.servlet.http.HttpServletResponse; +import net.shibboleth.shared.security.impl.SecureRandomIdentifierGenerationStrategy; /** * PVP2 S-Profil Authentication-Request builder-implementation. diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java index 4d8c8993..71421aae 100644 --- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java +++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java @@ -316,13 +316,8 @@ public class AssertionAttributeExtractor { * @return Date, when the SAML2 assertion was issued, otherwise null */ public Instant getAssertionIssuingDate() { - try { - return getFullAssertion().getIssueInstant(); + return getFullAssertion() != null ? getFullAssertion().getIssueInstant() : null; - } catch (final NullPointerException e) { - return null; - - } } /** @@ -335,13 +330,11 @@ public class AssertionAttributeExtractor { * @return Date, after this SAML2 assertion is valid, otherwise null */ public Date getAssertionNotBefore() { - try { - return Date.from(getFullAssertion().getConditions().getNotBefore()); + return getFullAssertion() != null && getFullAssertion().getConditions() != null + && getFullAssertion().getConditions().getNotBefore() != null + ? Date.from(getFullAssertion().getConditions().getNotBefore()) + : null; - } catch (final NullPointerException e) { - return null; - - } } private AuthnStatement getAuthnStatement() throws AssertionAttributeExtractorExeption { @@ -14,7 +14,7 @@ <properties> <!-- General project properties --> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> - <java.version>1.8</java.version> + <java.version>17</java.version> <!-- Project versions --> <egiz.eaaf.version>${project.version}</egiz.eaaf.version> @@ -23,7 +23,7 @@ <at.gv.egiz.components.eventlog-api.version>0.4</at.gv.egiz.components.eventlog-api.version> <at.gv.egiz.components.egiz-spring-api>0.3.1</at.gv.egiz.components.egiz-spring-api> - <MOA.spss.server.moa-sig-lib.version>3.1.9</MOA.spss.server.moa-sig-lib.version> + <MOA.spss.server.moa-sig-lib.version>3.2.2</MOA.spss.server.moa-sig-lib.version> <MOA.spss.tsl_lib.version>2.1.1</MOA.spss.tsl_lib.version> <!-- IAIK libs --> @@ -48,8 +48,8 @@ <!-- Other third-party libs --> <spring-boot-starter-web.version>3.0.5</spring-boot-starter-web.version> <org.springframework.version>6.0.8</org.springframework.version> - <org.apache.tomcat.embed.version>9.0.73</org.apache.tomcat.embed.version> - <org.opensaml.version>4.0.1</org.opensaml.version> + <org.apache.tomcat.embed.version>10.1.13</org.apache.tomcat.embed.version> + <org.opensaml.version>5.0.0-SNAPSHOT</org.opensaml.version> <org.apache.santuario.xmlsec.version>2.3.2</org.apache.santuario.xmlsec.version> <org.cryptacular.version>1.2.5</org.cryptacular.version> <org.bouncycastle.bcprov-jdk18on.version>1.71.1</org.bouncycastle.bcprov-jdk18on.version> @@ -65,19 +65,18 @@ <org.apache.commons-collections>3.2.2</org.apache.commons-collections> <org.apache.commons-collections4>4.4</org.apache.commons-collections4> <commons-io.version>2.11.0</commons-io.version> - <commons-fileupload.version>1.5</commons-fileupload.version> + <commons-fileupload2.version>2.0.0-M1</commons-fileupload2.version> - <jakarta.servlet-api>4.0.4</jakarta.servlet-api> + <jakarta.servlet-api>6.0.0</jakarta.servlet-api> <org.apache.velocity.version>2.3</org.apache.velocity.version> - <javax.annotation-api>1.3.2</javax.annotation-api> + <jakarta.annotation-api.version>2.1.1</jakarta.annotation-api.version> <joda-time.version>2.12.2</joda-time.version> <jsr305.version>3.0.2</jsr305.version> <com.google.guava.version>31.1-jre</com.google.guava.version> <org.owasp.encoder.version>1.2.3</org.owasp.encoder.version> - <httpclient.version>4.5.14</httpclient.version> - <httpcore.version>4.4.16</httpcore.version> + <httpclient.version>5.2.1</httpclient.version> <com.fasterxml.jackson.core.version>2.15.0</com.fasterxml.jackson.core.version> <com.fasterxml.jackson.databind.version>2.15.0</com.fasterxml.jackson.databind.version> @@ -167,6 +166,17 @@ <name>Internet2</name> <url>https://build.shibboleth.net/nexus/content/groups/public/</url> </repository> + <repository> + <id>shibboleth.internet2.edu.snapshot</id> + <name>Shibboleth Snapshot repo</name> + <url>https://build.shibboleth.net/maven/snapshots/</url> + <releases> + <enabled>false</enabled> + </releases> + <snapshots> + <enabled>true</enabled> + </snapshots> + </repository> </repositories> <profiles> @@ -448,11 +458,11 @@ <version>${io.grpc-core.version}</version> </dependency> - <dependency> - <groupId>javax.annotation</groupId> - <artifactId>javax.annotation-api</artifactId> - <version>${javax.annotation-api}</version> - </dependency> + <dependency> + <groupId>jakarta.annotation</groupId> + <artifactId>jakarta.annotation-api</artifactId> + <version>${jakarta.annotation-api.version}</version> + </dependency> <dependency> <groupId>commons-collections</groupId> <artifactId>commons-collections</artifactId> @@ -552,9 +562,9 @@ <version>${org.apache.commons-text.version}</version> </dependency> <dependency> - <groupId>commons-fileupload</groupId> - <artifactId>commons-fileupload</artifactId> - <version>${commons-fileupload.version}</version> + <groupId>org.apache.commons</groupId> + <artifactId>commons-fileupload2-jakarta</artifactId> + <version>${commons-fileupload2.version}</version> </dependency> <dependency> <groupId>org.opensaml</groupId> @@ -631,16 +641,11 @@ <version>${xalan.version}</version> </dependency> - <dependency> - <groupId>org.apache.httpcomponents</groupId> - <artifactId>httpclient</artifactId> - <version>${httpclient.version}</version> - </dependency> - <dependency> - <groupId>org.apache.httpcomponents</groupId> - <artifactId>httpcore</artifactId> - <version>${httpcore.version}</version> - </dependency> + <dependency> + <groupId>org.apache.httpcomponents.client5</groupId> + <artifactId>httpclient5</artifactId> + <version>${httpclient.version}</version> + </dependency> <dependency> <groupId>org.owasp.encoder</groupId> |