update third-party libs to latest versions

author: Thomas <> 2021-09-22 17:56:33 +0200
committer: Thomas <> 2021-09-22 17:56:33 +0200
commit: 27e1535d75978bb7558c17bf27db7d1a1131fe40 (patch)
tree: 234ecd5a5664b7382256f6bb6a2d9562bde45cf5
parent: af4097de42e0208d19fdcee7bbfc1406b64c17c7 (diff)
download: National_eIDAS_Gateway-27e1535d75978bb7558c17bf27db7d1a1131fe40.tar.gz
National_eIDAS_Gateway-27e1535d75978bb7558c17bf27db7d1a1131fe40.tar.bz2
National_eIDAS_Gateway-27e1535d75978bb7558c17bf27db7d1a1131fe40.zip
8 files changed, 204 insertions, 58 deletions
diff --git a/connector/checks/spotbugs-exclude.xml b/connector/checks/spotbugs-exclude.xml
index 281e3796..bb41eb27 100644
--- a/connector/checks/spotbugs-exclude.xml
+++ b/connector/checks/spotbugs-exclude.xml
@@ -24,4 +24,13 @@
       <Class name="at.asitplus.eidas.specific.connector.MsSpecificSpringBootApplicationContextInitializer" />
       <Bug pattern="PATH_TRAVERSAL_IN" />
     </Match>
+  <Match>
+    <!-- Builder pattern does not expose date elements -->
+    <OR>
+      <Class name="at.asitplus.eidas.specific.connector.health.IgniteClusterHealthIndicator" />
+    </OR>
+    <OR>
+      <Bug pattern="EI_EXPOSE_REP2" />
+    </OR>
+  </Match>      
 </FindBugsFilter>
diff --git a/connector/pom.xml b/connector/pom.xml
index ee3d8d09..3145f051 100644
--- a/connector/pom.xml
+++ b/connector/pom.xml
@@ -87,6 +87,19 @@
         <artifactId>hibernate-validator</artifactId>
     </dependency>    
 
+   <dependency>
+      <groupId>org.apache.cxf</groupId>
+      <artifactId>cxf-core</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.cxf</groupId>
+      <artifactId>cxf-rt-frontend-jaxws</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.cxf</groupId>
+      <artifactId>cxf-rt-transports-http</artifactId>
+    </dependency>
+
 
     <!-- Testing -->
     <dependency>
@@ -122,6 +135,13 @@
       <scope>test</scope>
     </dependency>
     <dependency>
+      <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
+      <artifactId>authmodule-eIDAS-v2</artifactId>
+      <classifier>tests</classifier>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>      
+    <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-tomcat</artifactId>
       <scope>test</scope>
@@ -132,41 +152,27 @@
       <scope>test</scope>
     </dependency>     
     <dependency>
+      <groupId>com.squareup.okhttp3</groupId>
+      <artifactId>mockwebserver</artifactId>
+      <scope>test</scope>
+    </dependency>
+    
+    <dependency>
       <groupId>com.github.skjolber</groupId>
       <artifactId>mockito-soap-cxf</artifactId>
-      <scope>test</scope>
-      <!--exclusions>
-        <exclusion>
-          <groupId>org.apache.cxf</groupId>
-          <artifactId>cxf-rt-wsdl</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>org.apache.cxf</groupId>
-          <artifactId>cxf-rt-bindings-soap</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>org.apache.cxf</groupId>
-          <artifactId>cxf-core</artifactId>
-        </exclusion>
-      </exclusions-->
+      <scope>test</scope>      
     </dependency>
+    
     <dependency>
       <groupId>org.powermock</groupId>
       <artifactId>powermock-module-junit4</artifactId>
-      <version>2.0.7</version>
       <scope>test</scope>
     </dependency>
     <dependency>
       <groupId>org.powermock</groupId>
       <artifactId>powermock-api-mockito2</artifactId>
-      <version>2.0.7</version>
       <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>com.squareup.okhttp3</groupId>
-      <artifactId>mockwebserver</artifactId>
-      <scope>test</scope>
-    </dependency>    
+    </dependency>        
   </dependencies>
   
   <profiles>
diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties
index 73a83c13..e7437840 100644
--- a/connector/src/main/resources/application.properties
+++ b/connector/src/main/resources/application.properties
@@ -12,7 +12,9 @@ app.build.artifactId=ms_connector
 ## SpringBoot Admin client
 spring.boot.admin.client.enabled=false
 
-
+#############################################################################
+## SpringBoot Actuator
+management.endpoints.web.exposure.include=health,info
 
 
 #############################################################################
diff --git a/connector/src/test/resources/config/application-exectest.properties b/connector/src/test/resources/config/application-exectest.properties
new file mode 100644
index 00000000..e63cda7b
--- /dev/null
+++ b/connector/src/test/resources/config/application-exectest.properties
@@ -0,0 +1,83 @@
+## embbeded Tomcat
+tomcat.workingdir=./target/work
+tomcat.ajp.enabled=true
+tomcat.ajp.port=8009
+tomcat.ajp.networkAddress=127.0.0.1
+tomcat.ajp.additionalAttributes.secretrequired=true
+tomcat.ajp.additionalAttributes.secret=junit
+
+## Basic service configuration
+eidas.ms.context.url.prefix=http://localhost
+eidas.ms.core.configRootDir=file:./src/test/resources/config/
+
+eidas.ms.context.use.clustermode=true
+
+##Monitoring
+eidas.ms.monitoring.eIDASNode.metadata.url=http://localhost:40900/mockup
+
+## extended validation of pending-request Id's
+eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret
+
+## eIDAS Ref. Implementation connector ###
+eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://eidas.node/junit
+
+eidas.ms.auth.eIDAS.szrclient.useTestService=true
+eidas.ms.auth.eIDAS.szrclient.endpoint.prod=
+eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/junit.jks
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=password
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path=
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password=
+
+#tech. AuthBlock signing for E-ID process
+eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s
+eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair
+eidas.ms.auth.eIDAS.authblock.keystore.path=keys/teststore.jks
+eidas.ms.auth.eIDAS.authblock.keystore.type=jks
+eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair
+eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s
+
+
+#Raw eIDAS Id data storage
+eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true
+eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false
+
+
+
+## PVP2 S-Profile end-point configuration
+eidas.ms.pvp2.keystore.type=jks
+eidas.ms.pvp2.keystore.path=keys/junit.jks
+eidas.ms.pvp2.keystore.password=password
+eidas.ms.pvp2.key.metadata.alias=meta
+eidas.ms.pvp2.key.metadata.password=password
+eidas.ms.pvp2.key.signing.alias=sig
+eidas.ms.pvp2.key.signing.password=password
+eidas.ms.pvp2.metadata.validity=24
+
+eidas.ms.pvp2.metadata.organisation.name=JUnit
+eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit
+eidas.ms.pvp2.metadata.organisation.url=http://junit.test
+eidas.ms.pvp2.metadata.contact.givenname=Max
+eidas.ms.pvp2.metadata.contact.surname=Mustermann
+eidas.ms.pvp2.metadata.contact.email=max@junit.test
+
+## Service Provider configuration
+eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata
+eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks
+eidas.ms.sp.0.pvp2.metadata.truststore.password=password
+eidas.ms.sp.0.friendlyName=jUnit test
+eidas.ms.sp.0.newEidMode=true
+
+#eidas.ms.sp.0.pvp2.metadata.url=
+#eidas.ms.sp.0.policy.allowed.requested.targets=.*
+#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false
+
+## Service Provider configuration
+eidas.ms.sp.1.uniqueID=https://demo.egiz.gv.at/junit_test
+eidas.ms.sp.1.pvp2.metadata.truststore=keys/junit.jks
+eidas.ms.sp.1.pvp2.metadata.truststore.password=password
+eidas.ms.sp.1.friendlyName=jUnit test
+eidas.ms.sp.1.pvp2.metadata.url=http://junit.test/metadata
+eidas.ms.sp.1.policy.allowed.requested.targets=test
+eidas.ms.sp.1.policy.hasBaseIdTransferRestriction=true
+
diff --git a/connector_lib/checks/spotbugs-exclude.xml b/connector_lib/checks/spotbugs-exclude.xml
index 90ca96f2..9700a0c0 100644
--- a/connector_lib/checks/spotbugs-exclude.xml
+++ b/connector_lib/checks/spotbugs-exclude.xml
@@ -5,5 +5,16 @@
       <Class name="at.asitplus.eidas.specific.connector.gui.SpringMvcGuiFormBuilderImpl" />
       <Method name="build" />
       <Bug pattern="SPRING_FILE_DISCLOSURE" />               
-    </Match>  
+    </Match>
+  <Match>
+    <!-- Builder pattern does not expose date elements -->
+    <OR>
+      <Class name="at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration" />
+      <Class name="at.asitplus.eidas.specific.connector.gui.StaticGuiBuilderConfiguration"/>
+    </OR>
+    <OR>
+      <Bug pattern="EI_EXPOSE_REP" />
+      <Bug pattern="EI_EXPOSE_REP2" />
+    </OR>
+  </Match>          
 </FindBugsFilter>
diff --git a/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml b/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml
index 375f73f4..d961b4d6 100644
--- a/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml
@@ -2,7 +2,9 @@
 <FindBugsFilter>
     <Match>
       <!-- Do not check code generated by Apache CXF framework -->
-      <Class name="~szrservices.SZRException"/>
+      <Class name="~szrservices.*"/>
+      <Class name="~at.gv.e_government.reference.namespace.persondata.*" />
+      <Class name="~org.w3._2000._09.xmldsig.*" />
     </Match>
     <Match>
       <!-- Logging of SAML2 responses in case of errors or for debugging is allowed -->
@@ -27,5 +29,16 @@
       <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask" />
       <Method name="execute" />
       <Bug pattern="UNVALIDATED_REDIRECT" />               
-    </Match>  
+    </Match>
+  <Match>
+    <!-- Builder pattern does not expose date elements -->
+    <OR>
+      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData" />
+      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils$JwsResult"/>
+    </OR>
+    <OR>
+      <Bug pattern="EI_EXPOSE_REP" />
+      <Bug pattern="EI_EXPOSE_REP2" />
+    </OR>
+  </Match>        
 </FindBugsFilter>
diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml
index 188bbd26..603395ab 100644
--- a/eidas_modules/authmodule-eIDAS-v2/pom.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml
@@ -120,6 +120,11 @@
     </dependency>
 
     <dependency>
+      <groupId>org.bitbucket.b_c</groupId>
+      <artifactId>jose4j</artifactId>
+    </dependency>
+
+    <dependency>
       <groupId>javax.servlet</groupId>
       <artifactId>javax.servlet-api</artifactId>
       <scope>provided</scope>
@@ -136,23 +141,6 @@
       <artifactId>spring-test</artifactId>
       <scope>test</scope>
     </dependency>
-    <dependency>
-      <groupId>com.github.skjolber</groupId>
-      <artifactId>mockito-soap-cxf</artifactId>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>org.powermock</groupId>
-      <artifactId>powermock-module-junit4</artifactId>
-      <version>2.0.7</version>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>org.powermock</groupId>
-      <artifactId>powermock-api-mockito2</artifactId>
-      <version>2.0.7</version>
-      <scope>test</scope>
-    </dependency>
     
     <dependency>
       <groupId>at.asitplus.eidas.ms_specific</groupId>
@@ -173,17 +161,24 @@
       <scope>test</scope>
       <type>test-jar</type>
     </dependency>
+    
     <dependency>
-      <groupId>com.fasterxml.jackson.core</groupId>
-      <artifactId>jackson-databind</artifactId>
-      <version>2.11.2</version>
-      <scope>compile</scope>
+      <groupId>com.github.skjolber</groupId>
+      <artifactId>mockito-soap-cxf</artifactId>
+      <scope>test</scope>      
     </dependency>
+    
     <dependency>
-      <groupId>org.bitbucket.b_c</groupId>
-      <artifactId>jose4j</artifactId>
-      <version>0.7.2</version>
+      <groupId>org.powermock</groupId>
+      <artifactId>powermock-module-junit4</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.powermock</groupId>
+      <artifactId>powermock-api-mockito2</artifactId>
+      <scope>test</scope>
     </dependency>
+    
   </dependencies>
 
   <build>
diff --git a/pom.xml b/pom.xml
index ebbeed70..c9bf2953 100644
--- a/pom.xml
+++ b/pom.xml
@@ -22,13 +22,13 @@
     <!-- ===================================================================== -->
     <egiz-spring-api>0.3</egiz-spring-api>
     <egiz-eventlog-slf4jBackend>0.4</egiz-eventlog-slf4jBackend>
-    <eaaf-core.version>1.1.13</eaaf-core.version>
+    <eaaf-core.version>1.1.16</eaaf-core.version>
 
-    <spring-boot-starter-web.version>2.4.5</spring-boot-starter-web.version>
-    <spring-boot-admin-starter-client.version>2.4.1</spring-boot-admin-starter-client.version>
-    <org.springframework.version>5.3.6</org.springframework.version>
+    <spring-boot-starter-web.version>2.5.4</spring-boot-starter-web.version>
+    <spring-boot-admin-starter-client.version>2.5.1</spring-boot-admin-starter-client.version>
+    <org.springframework.version>5.3.10</org.springframework.version>
     <org.thymeleaf-spring5.version>3.0.12.RELEASE</org.thymeleaf-spring5.version>
-    <cxf.version>3.3.5</cxf.version>
+    <cxf.version>3.4.4</cxf.version>
 
     <eidas-ref.version>2.5.0</eidas-ref.version>
 
@@ -38,23 +38,25 @@
     <com.google.guava.version>30.1.1-jre</com.google.guava.version>
     <joda-time.version>2.10.10</joda-time.version>
     <org.slf4j.version>1.7.30</org.slf4j.version>
-    <jackson-datatype-jsr310.version>2.12.3</jackson-datatype-jsr310.version>
+    <jackson-datatype-jsr310.version>2.12.5</jackson-datatype-jsr310.version>
     <!-- org.xerial.sqlite-jdbc.version>3.34.0</org.xerial.sqlite-jdbc.version -->
 
     <javax.validation-api.version>2.0.1.Final</javax.validation-api.version>
     <hibernate-validator.version>6.1.5.Final</hibernate-validator.version>
+    <org.bitbucket.b_c.jose4j.version>0.7.9</org.bitbucket.b_c.jose4j.version>
 
     <!-- testing -->
     <junit.version>4.13.2</junit.version>
     <surefire.version>2.22.2</surefire.version>
     <mockito-soap-cxf.version>1.2.0</mockito-soap-cxf.version>
     <com.squareup.okhttp3.version>4.0.0</com.squareup.okhttp3.version>
+    <org.powermock.version>2.0.9</org.powermock.version>
 
     <!-- Code quality checks -->
     <jacoco-maven-plugin.version>0.8.6</jacoco-maven-plugin.version>
     <maven-checkstyle-plugin.version>3.1.1</maven-checkstyle-plugin.version>
     <maven-pmd-plugin.version>3.14.0</maven-pmd-plugin.version>
-    <spotbugs-maven-plugin.version>4.1.4</spotbugs-maven-plugin.version>
+    <spotbugs-maven-plugin.version>4.4.1</spotbugs-maven-plugin.version>
     <findsecbugs-plugin.version>1.11.0</findsecbugs-plugin.version>
 
     <dependency-check-maven.version>6.0.3</dependency-check-maven.version>
@@ -308,6 +310,11 @@
         <artifactId>hibernate-validator</artifactId>
         <version>${hibernate-validator.version}</version>
       </dependency>
+      <dependency>
+        <groupId>org.bitbucket.b_c</groupId>
+        <artifactId>jose4j</artifactId>
+        <version>${org.bitbucket.b_c.jose4j.version}</version>
+      </dependency>      
 
 
       <!-- Testing -->
@@ -363,11 +370,31 @@
         <type>test-jar</type>
       </dependency>
       <dependency>
+        <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
+        <artifactId>authmodule-eIDAS-v2</artifactId>
+        <version>${egiz.eidas.version}</version>
+        <classifier>tests</classifier>
+        <scope>test</scope>
+        <type>test-jar</type>
+      </dependency>            
+      <dependency>
         <groupId>com.squareup.okhttp3</groupId>
         <artifactId>mockwebserver</artifactId>
         <version>${com.squareup.okhttp3.version}</version>
         <scope>test</scope>
       </dependency>
+      <dependency>
+        <groupId>org.powermock</groupId>
+        <artifactId>powermock-module-junit4</artifactId>
+        <version>${org.powermock.version}</version>
+        <scope>test</scope>
+      </dependency>
+      <dependency>
+        <groupId>org.powermock</groupId>
+        <artifactId>powermock-api-mockito2</artifactId>
+        <version>${org.powermock.version}</version>
+        <scope>test</scope>
+      </dependency>            
     </dependencies>
   </dependencyManagement>
   <dependencies>
author	Thomas <>	2021-09-22 17:56:33 +0200
committer	Thomas <>	2021-09-22 17:56:33 +0200
commit	27e1535d75978bb7558c17bf27db7d1a1131fe40 (patch)
tree	234ecd5a5664b7382256f6bb6a2d9562bde45cf5
parent	af4097de42e0208d19fdcee7bbfc1406b64c17c7 (diff)
download	National_eIDAS_Gateway-27e1535d75978bb7558c17bf27db7d1a1131fe40.tar.gz National_eIDAS_Gateway-27e1535d75978bb7558c17bf27db7d1a1131fe40.tar.bz2 National_eIDAS_Gateway-27e1535d75978bb7558c17bf27db7d1a1131fe40.zip