summaryrefslogtreecommitdiff
path: root/eaaf-springboot-utils/src
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2020-12-28 16:15:06 +0100
committerThomas Lenz <thomas.lenz@egiz.gv.at>2020-12-28 16:15:06 +0100
commit07dcace901880965ea4b25816500f256f17899c0 (patch)
tree6797d9af002bbf384597ea016f9c7afa021692a3 /eaaf-springboot-utils/src
parent1aafdf3bbae55b09e6d28e97281797ba9e53aad0 (diff)
parent495403c917a39fdeb3906f10ac8b997f68eb3875 (diff)
downloadEAAF-Components-07dcace901880965ea4b25816500f256f17899c0.tar.gz
EAAF-Components-07dcace901880965ea4b25816500f256f17899c0.tar.bz2
EAAF-Components-07dcace901880965ea4b25816500f256f17899c0.zip
Merge branch 'feature/hsm_facade_update_and_healthcheck' into 'nightlyBuild'
update to HSM-Facade v0.6.0 and add HealthCheck functionality See merge request egiz/eaaf_components!11
Diffstat (limited to 'eaaf-springboot-utils/src')
-rw-r--r--eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/actuator/HsmFacadeProviderHealthCheck.java54
-rw-r--r--eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java2
-rw-r--r--eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckNoKeyStoreFactoryTest.java38
-rw-r--r--eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckTest.java96
-rw-r--r--eaaf-springboot-utils/src/test/resources/config/config1.properties15
-rw-r--r--eaaf-springboot-utils/src/test/resources/config/hsm_facade_trust_root.crt10
-rw-r--r--eaaf-springboot-utils/src/test/resources/config/jUnit_application.properties (renamed from eaaf-springboot-utils/src/test/resources/jUnit_application.properties)0
-rw-r--r--eaaf-springboot-utils/src/test/resources/spring/test_spring_actuator.xml28
8 files changed, 242 insertions, 1 deletions
diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/actuator/HsmFacadeProviderHealthCheck.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/actuator/HsmFacadeProviderHealthCheck.java
new file mode 100644
index 00000000..d2406552
--- /dev/null
+++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/actuator/HsmFacadeProviderHealthCheck.java
@@ -0,0 +1,54 @@
+package at.gv.egiz.eaaf.utils.springboot.actuator;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.actuate.health.Health;
+import org.springframework.boot.actuate.health.HealthIndicator;
+import org.springframework.stereotype.Service;
+
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory.HsmFacadeStatus;
+import lombok.extern.slf4j.Slf4j;
+
+/**
+ * Implements a Spring-Actuator HealthCheck for HSM-Facade from A-SIT+.
+ *
+ * @author tlenz
+ *
+ */
+@Slf4j
+@Service("HsmFacadeProvider")
+public class HsmFacadeProviderHealthCheck implements HealthIndicator {
+
+ @Autowired(required = false) EaafKeyStoreFactory factory;
+
+ @Override
+ public Health health() {
+ if (factory != null && factory.isHsmFacadeInitialized()) {
+ try {
+ HsmFacadeStatus status = factory.checkHsmFacadeStatus();
+ log.trace("Current HSM-Facade status: {}", status);
+ if (HsmFacadeStatus.UP.equals(status)) {
+ return Health.up().build();
+
+ } else if (HsmFacadeStatus.DOWN.equals(status)) {
+ return Health.down().build();
+
+ }
+
+ } catch (Exception e) {
+ log.warn("HSM-Facaden Health-Check has an error", e);
+ return Health.down(e).build();
+
+ }
+
+ } else {
+ log.trace("No {} or HSM-Facade is not initialized. Skipping healthCheck ...",
+ EaafKeyStoreFactory.class.getName());
+
+ }
+
+ return Health.unknown().build();
+
+ }
+
+}
diff --git a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java
index 3313d36e..611cc3aa 100644
--- a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java
+++ b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java
@@ -24,7 +24,7 @@ public class SimpleSpringBootStarterTest {
public void Test() throws ClientProtocolException, IOException {
DummySpringBootApp.main(new String[] {
- "--spring.config.location=classpath:/jUnit_application.properties"});
+ "--spring.config.location=classpath:/config/jUnit_application.properties"});
ConfigurableApplicationContext ctx = DummySpringBootApp.getCtx();
Assert.assertNotNull("SpringBootContext", ctx);
diff --git a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckNoKeyStoreFactoryTest.java b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckNoKeyStoreFactoryTest.java
new file mode 100644
index 00000000..92c88544
--- /dev/null
+++ b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckNoKeyStoreFactoryTest.java
@@ -0,0 +1,38 @@
+package at.gv.egiz.eaaf.utils.springboot.test.actuator;
+
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.actuate.health.Health;
+import org.springframework.boot.actuate.health.Status;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.utils.springboot.actuator.HsmFacadeProviderHealthCheck;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/spring/test_spring_actuator.xml")
+public class HsmFacadeProviderHealthCheckNoKeyStoreFactoryTest {
+
+ @Mock
+ private EaafKeyStoreFactory keyStoreFactory;
+
+ @InjectMocks
+ @Autowired
+ private HsmFacadeProviderHealthCheck check;
+
+ @Test
+ public void noEaafKeyStoreFactoryBean() {
+ //get current status
+ Health status = check.health();
+
+ //validate result
+ Assert.assertEquals("wrong statusCode", Status.UNKNOWN.getCode(), status.getStatus().getCode());
+
+ }
+
+}
diff --git a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckTest.java b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckTest.java
new file mode 100644
index 00000000..29feee5e
--- /dev/null
+++ b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckTest.java
@@ -0,0 +1,96 @@
+package at.gv.egiz.eaaf.utils.springboot.test.actuator;
+
+import static org.mockito.Mockito.when;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.MockitoAnnotations;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.actuate.health.Health;
+import org.springframework.boot.actuate.health.Status;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory.HsmFacadeStatus;
+import at.gv.egiz.eaaf.utils.springboot.actuator.HsmFacadeProviderHealthCheck;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/spring/test_spring_actuator.xml")
+public class HsmFacadeProviderHealthCheckTest {
+
+ @Mock
+ private EaafKeyStoreFactory keyStoreFactory = Mockito.mock(EaafKeyStoreFactory.class);
+
+ @InjectMocks
+ @Autowired
+ private HsmFacadeProviderHealthCheck check;
+
+ @Before
+ public void initMocks() {
+ MockitoAnnotations.initMocks(this);
+
+ }
+
+ @Test
+ public void hsmFacadeStatusUnknown() {
+ //set-up test result
+ when(keyStoreFactory.isHsmFacadeInitialized()).thenReturn(false);
+
+ //get current status
+ Health status = check.health();
+
+ //validate result
+ Assert.assertEquals("wrong statusCode", Status.UNKNOWN.getCode(), status.getStatus().getCode());
+
+ }
+
+ @Test
+ public void statusUp() throws Exception {
+ //set-up test result
+ when(keyStoreFactory.isHsmFacadeInitialized()).thenReturn(true);
+ when(keyStoreFactory.checkHsmFacadeStatus()).thenReturn(HsmFacadeStatus.UP);
+
+ //get current status
+ Health status = check.health();
+
+ //validate result
+ Assert.assertEquals("wrong statusCode", Status.UP.getCode(), status.getStatus().getCode());
+
+ }
+
+ @Test
+ public void statusDown() throws Exception {
+ //set-up test result
+ when(keyStoreFactory.isHsmFacadeInitialized()).thenReturn(true);
+ when(keyStoreFactory.checkHsmFacadeStatus()).thenReturn(HsmFacadeStatus.DOWN);
+
+ //get current status
+ Health status = check.health();
+
+ //validate result
+ Assert.assertEquals("wrong statusCode", Status.DOWN.getCode(), status.getStatus().getCode());
+
+ }
+
+ @Test
+ public void statusUnknown() throws Exception {
+ //set-up test result
+ when(keyStoreFactory.isHsmFacadeInitialized()).thenReturn(true);
+ when(keyStoreFactory.checkHsmFacadeStatus()).thenReturn(HsmFacadeStatus.UNKNOWN);
+
+ //get current status
+ Health status = check.health();
+
+ //validate result
+ Assert.assertEquals("wrong statusCode", Status.UNKNOWN.getCode(), status.getStatus().getCode());
+
+ }
+
+
+}
diff --git a/eaaf-springboot-utils/src/test/resources/config/config1.properties b/eaaf-springboot-utils/src/test/resources/config/config1.properties
new file mode 100644
index 00000000..ca134cf4
--- /dev/null
+++ b/eaaf-springboot-utils/src/test/resources/config/config1.properties
@@ -0,0 +1,15 @@
+security.hsmfacade.host=eid.a-sit.at
+security.hsmfacade.port=9050
+security.hsmfacade.trustedsslcert=src/test/resources/config/hsm_facade_trust_root.crt
+security.hsmfacade.username=authhandler-junit
+security.hsmfacade.password=supersecret123
+
+client.http.connection.timeout.socket=2
+client.http.connection.timeout.connection=2
+client.http.connection.timeout.request=2
+
+core.pendingrequestid.maxlifetime=180
+core.pendingrequestid.digist.type=passphrase
+core.pendingrequestid.digist.secret=pendingReqIdSecret
+core.pendingrequestid.digist.keystore.name=
+core.pendingrequestid.digist.key.alias= \ No newline at end of file
diff --git a/eaaf-springboot-utils/src/test/resources/config/hsm_facade_trust_root.crt b/eaaf-springboot-utils/src/test/resources/config/hsm_facade_trust_root.crt
new file mode 100644
index 00000000..01be3821
--- /dev/null
+++ b/eaaf-springboot-utils/src/test/resources/config/hsm_facade_trust_root.crt
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBdDCCARqgAwIBAgIEXkz1yjAKBggqhkjOPQQDAjARMQ8wDQYDVQQDDAZlY3Jv
+b3QwHhcNMjAwMjE5MDg0NjAyWhcNMjEwMjE4MDg0NjAyWjARMQ8wDQYDVQQDDAZl
+Y3Jvb3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS8yvpVIWbPj4E7Lr87hwQR
+T9DZf9WY5LMV7gF6NKpnJ5JkEql/s7fqBVbrh8aSNo6gmfmSk4VYGhPJ+DCMzzQj
+o2AwXjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFOXafzYpIOlu6BgNU+Ee
+JWuJobgWMB0GA1UdDgQWBBTl2n82KSDpbugYDVPhHiVriaG4FjALBgNVHQ8EBAMC
+AQYwCgYIKoZIzj0EAwIDSAAwRQIgRt/51PKL/bATuLCdib95Ika+h845Jo0G+Sbn
+bzNwJAcCIQCVD1cxEBuUkKaiaLbTiNVsEjvQb6ti0TFbbQUH66jCGA==
+-----END CERTIFICATE-----
diff --git a/eaaf-springboot-utils/src/test/resources/jUnit_application.properties b/eaaf-springboot-utils/src/test/resources/config/jUnit_application.properties
index dd7a77c1..dd7a77c1 100644
--- a/eaaf-springboot-utils/src/test/resources/jUnit_application.properties
+++ b/eaaf-springboot-utils/src/test/resources/config/jUnit_application.properties
diff --git a/eaaf-springboot-utils/src/test/resources/spring/test_spring_actuator.xml b/eaaf-springboot-utils/src/test/resources/spring/test_spring_actuator.xml
new file mode 100644
index 00000000..f41efac9
--- /dev/null
+++ b/eaaf-springboot-utils/src/test/resources/spring/test_spring_actuator.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"
+ default-lazy-init="true">
+
+ <bean id="dummyAuthConfigMap"
+ class="at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap" >
+ <constructor-arg value="/config/config1.properties" />
+ </bean>
+
+ <!-- bean id="eaafKeyStoreFactory"
+ class="at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory" /-->
+
+ <bean id="eaafUtilsMessageSource"
+ class="at.gv.egiz.eaaf.core.impl.logging.EaafUtilsMessageSource" />
+
+ <bean id="HsmFacadeProvider"
+ class="at.gv.egiz.eaaf.utils.springboot.actuator.HsmFacadeProviderHealthCheck"/>
+
+</beans> \ No newline at end of file