diff options
author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-12-28 16:15:06 +0100 |
---|---|---|
committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-12-28 16:15:06 +0100 |
commit | 07dcace901880965ea4b25816500f256f17899c0 (patch) | |
tree | 6797d9af002bbf384597ea016f9c7afa021692a3 /eaaf-springboot-utils/src | |
parent | 1aafdf3bbae55b09e6d28e97281797ba9e53aad0 (diff) | |
parent | 495403c917a39fdeb3906f10ac8b997f68eb3875 (diff) | |
download | EAAF-Components-07dcace901880965ea4b25816500f256f17899c0.tar.gz EAAF-Components-07dcace901880965ea4b25816500f256f17899c0.tar.bz2 EAAF-Components-07dcace901880965ea4b25816500f256f17899c0.zip |
Merge branch 'feature/hsm_facade_update_and_healthcheck' into 'nightlyBuild'
update to HSM-Facade v0.6.0 and add HealthCheck functionality
See merge request egiz/eaaf_components!11
Diffstat (limited to 'eaaf-springboot-utils/src')
8 files changed, 242 insertions, 1 deletions
diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/actuator/HsmFacadeProviderHealthCheck.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/actuator/HsmFacadeProviderHealthCheck.java new file mode 100644 index 00000000..d2406552 --- /dev/null +++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/actuator/HsmFacadeProviderHealthCheck.java @@ -0,0 +1,54 @@ +package at.gv.egiz.eaaf.utils.springboot.actuator; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.actuate.health.Health; +import org.springframework.boot.actuate.health.HealthIndicator; +import org.springframework.stereotype.Service; + +import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; +import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory.HsmFacadeStatus; +import lombok.extern.slf4j.Slf4j; + +/** + * Implements a Spring-Actuator HealthCheck for HSM-Facade from A-SIT+. + * + * @author tlenz + * + */ +@Slf4j +@Service("HsmFacadeProvider") +public class HsmFacadeProviderHealthCheck implements HealthIndicator { + + @Autowired(required = false) EaafKeyStoreFactory factory; + + @Override + public Health health() { + if (factory != null && factory.isHsmFacadeInitialized()) { + try { + HsmFacadeStatus status = factory.checkHsmFacadeStatus(); + log.trace("Current HSM-Facade status: {}", status); + if (HsmFacadeStatus.UP.equals(status)) { + return Health.up().build(); + + } else if (HsmFacadeStatus.DOWN.equals(status)) { + return Health.down().build(); + + } + + } catch (Exception e) { + log.warn("HSM-Facaden Health-Check has an error", e); + return Health.down(e).build(); + + } + + } else { + log.trace("No {} or HSM-Facade is not initialized. Skipping healthCheck ...", + EaafKeyStoreFactory.class.getName()); + + } + + return Health.unknown().build(); + + } + +} diff --git a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java index 3313d36e..611cc3aa 100644 --- a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java +++ b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java @@ -24,7 +24,7 @@ public class SimpleSpringBootStarterTest { public void Test() throws ClientProtocolException, IOException { DummySpringBootApp.main(new String[] { - "--spring.config.location=classpath:/jUnit_application.properties"}); + "--spring.config.location=classpath:/config/jUnit_application.properties"}); ConfigurableApplicationContext ctx = DummySpringBootApp.getCtx(); Assert.assertNotNull("SpringBootContext", ctx); diff --git a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckNoKeyStoreFactoryTest.java b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckNoKeyStoreFactoryTest.java new file mode 100644 index 00000000..92c88544 --- /dev/null +++ b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckNoKeyStoreFactoryTest.java @@ -0,0 +1,38 @@ +package at.gv.egiz.eaaf.utils.springboot.test.actuator; + +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.mockito.Mock; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.actuate.health.Health; +import org.springframework.boot.actuate.health.Status; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; +import at.gv.egiz.eaaf.utils.springboot.actuator.HsmFacadeProviderHealthCheck; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration("/spring/test_spring_actuator.xml") +public class HsmFacadeProviderHealthCheckNoKeyStoreFactoryTest { + + @Mock + private EaafKeyStoreFactory keyStoreFactory; + + @InjectMocks + @Autowired + private HsmFacadeProviderHealthCheck check; + + @Test + public void noEaafKeyStoreFactoryBean() { + //get current status + Health status = check.health(); + + //validate result + Assert.assertEquals("wrong statusCode", Status.UNKNOWN.getCode(), status.getStatus().getCode()); + + } + +} diff --git a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckTest.java b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckTest.java new file mode 100644 index 00000000..29feee5e --- /dev/null +++ b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckTest.java @@ -0,0 +1,96 @@ +package at.gv.egiz.eaaf.utils.springboot.test.actuator; + +import static org.mockito.Mockito.when; + +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.mockito.Mock; +import org.mockito.Mockito; +import org.mockito.MockitoAnnotations; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.actuate.health.Health; +import org.springframework.boot.actuate.health.Status; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; +import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory.HsmFacadeStatus; +import at.gv.egiz.eaaf.utils.springboot.actuator.HsmFacadeProviderHealthCheck; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration("/spring/test_spring_actuator.xml") +public class HsmFacadeProviderHealthCheckTest { + + @Mock + private EaafKeyStoreFactory keyStoreFactory = Mockito.mock(EaafKeyStoreFactory.class); + + @InjectMocks + @Autowired + private HsmFacadeProviderHealthCheck check; + + @Before + public void initMocks() { + MockitoAnnotations.initMocks(this); + + } + + @Test + public void hsmFacadeStatusUnknown() { + //set-up test result + when(keyStoreFactory.isHsmFacadeInitialized()).thenReturn(false); + + //get current status + Health status = check.health(); + + //validate result + Assert.assertEquals("wrong statusCode", Status.UNKNOWN.getCode(), status.getStatus().getCode()); + + } + + @Test + public void statusUp() throws Exception { + //set-up test result + when(keyStoreFactory.isHsmFacadeInitialized()).thenReturn(true); + when(keyStoreFactory.checkHsmFacadeStatus()).thenReturn(HsmFacadeStatus.UP); + + //get current status + Health status = check.health(); + + //validate result + Assert.assertEquals("wrong statusCode", Status.UP.getCode(), status.getStatus().getCode()); + + } + + @Test + public void statusDown() throws Exception { + //set-up test result + when(keyStoreFactory.isHsmFacadeInitialized()).thenReturn(true); + when(keyStoreFactory.checkHsmFacadeStatus()).thenReturn(HsmFacadeStatus.DOWN); + + //get current status + Health status = check.health(); + + //validate result + Assert.assertEquals("wrong statusCode", Status.DOWN.getCode(), status.getStatus().getCode()); + + } + + @Test + public void statusUnknown() throws Exception { + //set-up test result + when(keyStoreFactory.isHsmFacadeInitialized()).thenReturn(true); + when(keyStoreFactory.checkHsmFacadeStatus()).thenReturn(HsmFacadeStatus.UNKNOWN); + + //get current status + Health status = check.health(); + + //validate result + Assert.assertEquals("wrong statusCode", Status.UNKNOWN.getCode(), status.getStatus().getCode()); + + } + + +} diff --git a/eaaf-springboot-utils/src/test/resources/config/config1.properties b/eaaf-springboot-utils/src/test/resources/config/config1.properties new file mode 100644 index 00000000..ca134cf4 --- /dev/null +++ b/eaaf-springboot-utils/src/test/resources/config/config1.properties @@ -0,0 +1,15 @@ +security.hsmfacade.host=eid.a-sit.at +security.hsmfacade.port=9050 +security.hsmfacade.trustedsslcert=src/test/resources/config/hsm_facade_trust_root.crt +security.hsmfacade.username=authhandler-junit +security.hsmfacade.password=supersecret123 + +client.http.connection.timeout.socket=2 +client.http.connection.timeout.connection=2 +client.http.connection.timeout.request=2 + +core.pendingrequestid.maxlifetime=180 +core.pendingrequestid.digist.type=passphrase +core.pendingrequestid.digist.secret=pendingReqIdSecret +core.pendingrequestid.digist.keystore.name= +core.pendingrequestid.digist.key.alias=
\ No newline at end of file diff --git a/eaaf-springboot-utils/src/test/resources/config/hsm_facade_trust_root.crt b/eaaf-springboot-utils/src/test/resources/config/hsm_facade_trust_root.crt new file mode 100644 index 00000000..01be3821 --- /dev/null +++ b/eaaf-springboot-utils/src/test/resources/config/hsm_facade_trust_root.crt @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE----- +MIIBdDCCARqgAwIBAgIEXkz1yjAKBggqhkjOPQQDAjARMQ8wDQYDVQQDDAZlY3Jv +b3QwHhcNMjAwMjE5MDg0NjAyWhcNMjEwMjE4MDg0NjAyWjARMQ8wDQYDVQQDDAZl +Y3Jvb3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS8yvpVIWbPj4E7Lr87hwQR +T9DZf9WY5LMV7gF6NKpnJ5JkEql/s7fqBVbrh8aSNo6gmfmSk4VYGhPJ+DCMzzQj +o2AwXjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFOXafzYpIOlu6BgNU+Ee +JWuJobgWMB0GA1UdDgQWBBTl2n82KSDpbugYDVPhHiVriaG4FjALBgNVHQ8EBAMC +AQYwCgYIKoZIzj0EAwIDSAAwRQIgRt/51PKL/bATuLCdib95Ika+h845Jo0G+Sbn +bzNwJAcCIQCVD1cxEBuUkKaiaLbTiNVsEjvQb6ti0TFbbQUH66jCGA== +-----END CERTIFICATE----- diff --git a/eaaf-springboot-utils/src/test/resources/jUnit_application.properties b/eaaf-springboot-utils/src/test/resources/config/jUnit_application.properties index dd7a77c1..dd7a77c1 100644 --- a/eaaf-springboot-utils/src/test/resources/jUnit_application.properties +++ b/eaaf-springboot-utils/src/test/resources/config/jUnit_application.properties diff --git a/eaaf-springboot-utils/src/test/resources/spring/test_spring_actuator.xml b/eaaf-springboot-utils/src/test/resources/spring/test_spring_actuator.xml new file mode 100644 index 00000000..f41efac9 --- /dev/null +++ b/eaaf-springboot-utils/src/test/resources/spring/test_spring_actuator.xml @@ -0,0 +1,28 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd" + default-lazy-init="true"> + + <bean id="dummyAuthConfigMap" + class="at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap" > + <constructor-arg value="/config/config1.properties" /> + </bean> + + <!-- bean id="eaafKeyStoreFactory" + class="at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory" /--> + + <bean id="eaafUtilsMessageSource" + class="at.gv.egiz.eaaf.core.impl.logging.EaafUtilsMessageSource" /> + + <bean id="HsmFacadeProvider" + class="at.gv.egiz.eaaf.utils.springboot.actuator.HsmFacadeProviderHealthCheck"/> + +</beans>
\ No newline at end of file |