diff options
| -rw-r--r-- | connector/checks/spotbugs-exclude.xml | 9 | ||||
| -rw-r--r-- | connector/pom.xml | 52 | ||||
| -rw-r--r-- | connector/src/main/resources/application.properties | 4 | ||||
| -rw-r--r-- | connector/src/test/resources/config/application-exectest.properties | 83 | ||||
| -rw-r--r-- | connector_lib/checks/spotbugs-exclude.xml | 13 | ||||
| -rw-r--r-- | eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml | 17 | ||||
| -rw-r--r-- | eidas_modules/authmodule-eIDAS-v2/pom.xml | 43 | ||||
| -rw-r--r-- | pom.xml | 41 |
8 files changed, 204 insertions, 58 deletions
diff --git a/connector/checks/spotbugs-exclude.xml b/connector/checks/spotbugs-exclude.xml index 281e3796..bb41eb27 100644 --- a/connector/checks/spotbugs-exclude.xml +++ b/connector/checks/spotbugs-exclude.xml @@ -24,4 +24,13 @@ <Class name="at.asitplus.eidas.specific.connector.MsSpecificSpringBootApplicationContextInitializer" /> <Bug pattern="PATH_TRAVERSAL_IN" /> </Match> + <Match> + <!-- Builder pattern does not expose date elements --> + <OR> + <Class name="at.asitplus.eidas.specific.connector.health.IgniteClusterHealthIndicator" /> + </OR> + <OR> + <Bug pattern="EI_EXPOSE_REP2" /> + </OR> + </Match> </FindBugsFilter> diff --git a/connector/pom.xml b/connector/pom.xml index ee3d8d09..3145f051 100644 --- a/connector/pom.xml +++ b/connector/pom.xml @@ -87,6 +87,19 @@ <artifactId>hibernate-validator</artifactId> </dependency> + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-core</artifactId> + </dependency> + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-frontend-jaxws</artifactId> + </dependency> + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-transports-http</artifactId> + </dependency> + <!-- Testing --> <dependency> @@ -122,6 +135,13 @@ <scope>test</scope> </dependency> <dependency> + <groupId>at.asitplus.eidas.ms_specific.modules</groupId> + <artifactId>authmodule-eIDAS-v2</artifactId> + <classifier>tests</classifier> + <scope>test</scope> + <type>test-jar</type> + </dependency> + <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-tomcat</artifactId> <scope>test</scope> @@ -132,41 +152,27 @@ <scope>test</scope> </dependency> <dependency> + <groupId>com.squareup.okhttp3</groupId> + <artifactId>mockwebserver</artifactId> + <scope>test</scope> + </dependency> + + <dependency> <groupId>com.github.skjolber</groupId> <artifactId>mockito-soap-cxf</artifactId> - <scope>test</scope> - <!--exclusions> - <exclusion> - <groupId>org.apache.cxf</groupId> - <artifactId>cxf-rt-wsdl</artifactId> - </exclusion> - <exclusion> - <groupId>org.apache.cxf</groupId> - <artifactId>cxf-rt-bindings-soap</artifactId> - </exclusion> - <exclusion> - <groupId>org.apache.cxf</groupId> - <artifactId>cxf-core</artifactId> - </exclusion> - </exclusions--> + <scope>test</scope> </dependency> + <dependency> <groupId>org.powermock</groupId> <artifactId>powermock-module-junit4</artifactId> - <version>2.0.7</version> <scope>test</scope> </dependency> <dependency> <groupId>org.powermock</groupId> <artifactId>powermock-api-mockito2</artifactId> - <version>2.0.7</version> <scope>test</scope> - </dependency> - <dependency> - <groupId>com.squareup.okhttp3</groupId> - <artifactId>mockwebserver</artifactId> - <scope>test</scope> - </dependency> + </dependency> </dependencies> <profiles> diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties index 73a83c13..e7437840 100644 --- a/connector/src/main/resources/application.properties +++ b/connector/src/main/resources/application.properties @@ -12,7 +12,9 @@ app.build.artifactId=ms_connector ## SpringBoot Admin client spring.boot.admin.client.enabled=false - +############################################################################# +## SpringBoot Actuator +management.endpoints.web.exposure.include=health,info ############################################################################# diff --git a/connector/src/test/resources/config/application-exectest.properties b/connector/src/test/resources/config/application-exectest.properties new file mode 100644 index 00000000..e63cda7b --- /dev/null +++ b/connector/src/test/resources/config/application-exectest.properties @@ -0,0 +1,83 @@ +## embbeded Tomcat +tomcat.workingdir=./target/work +tomcat.ajp.enabled=true +tomcat.ajp.port=8009 +tomcat.ajp.networkAddress=127.0.0.1 +tomcat.ajp.additionalAttributes.secretrequired=true +tomcat.ajp.additionalAttributes.secret=junit + +## Basic service configuration +eidas.ms.context.url.prefix=http://localhost +eidas.ms.core.configRootDir=file:./src/test/resources/config/ + +eidas.ms.context.use.clustermode=true + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url=http://localhost:40900/mockup + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + +## eIDAS Ref. Implementation connector ### +eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://eidas.node/junit + +eidas.ms.auth.eIDAS.szrclient.useTestService=true +eidas.ms.auth.eIDAS.szrclient.endpoint.prod= +eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/junit.jks +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=password +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= + +#tech. AuthBlock signing for E-ID process +eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s +eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair +eidas.ms.auth.eIDAS.authblock.keystore.path=keys/teststore.jks +eidas.ms.auth.eIDAS.authblock.keystore.type=jks +eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair +eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s + + +#Raw eIDAS Id data storage +eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false + + + +## PVP2 S-Profile end-point configuration +eidas.ms.pvp2.keystore.type=jks +eidas.ms.pvp2.keystore.path=keys/junit.jks +eidas.ms.pvp2.keystore.password=password +eidas.ms.pvp2.key.metadata.alias=meta +eidas.ms.pvp2.key.metadata.password=password +eidas.ms.pvp2.key.signing.alias=sig +eidas.ms.pvp2.key.signing.password=password +eidas.ms.pvp2.metadata.validity=24 + +eidas.ms.pvp2.metadata.organisation.name=JUnit +eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit +eidas.ms.pvp2.metadata.organisation.url=http://junit.test +eidas.ms.pvp2.metadata.contact.givenname=Max +eidas.ms.pvp2.metadata.contact.surname=Mustermann +eidas.ms.pvp2.metadata.contact.email=max@junit.test + +## Service Provider configuration +eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata +eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks +eidas.ms.sp.0.pvp2.metadata.truststore.password=password +eidas.ms.sp.0.friendlyName=jUnit test +eidas.ms.sp.0.newEidMode=true + +#eidas.ms.sp.0.pvp2.metadata.url= +#eidas.ms.sp.0.policy.allowed.requested.targets=.* +#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false + +## Service Provider configuration +eidas.ms.sp.1.uniqueID=https://demo.egiz.gv.at/junit_test +eidas.ms.sp.1.pvp2.metadata.truststore=keys/junit.jks +eidas.ms.sp.1.pvp2.metadata.truststore.password=password +eidas.ms.sp.1.friendlyName=jUnit test +eidas.ms.sp.1.pvp2.metadata.url=http://junit.test/metadata +eidas.ms.sp.1.policy.allowed.requested.targets=test +eidas.ms.sp.1.policy.hasBaseIdTransferRestriction=true + diff --git a/connector_lib/checks/spotbugs-exclude.xml b/connector_lib/checks/spotbugs-exclude.xml index 90ca96f2..9700a0c0 100644 --- a/connector_lib/checks/spotbugs-exclude.xml +++ b/connector_lib/checks/spotbugs-exclude.xml @@ -5,5 +5,16 @@ <Class name="at.asitplus.eidas.specific.connector.gui.SpringMvcGuiFormBuilderImpl" /> <Method name="build" /> <Bug pattern="SPRING_FILE_DISCLOSURE" /> - </Match> + </Match> + <Match> + <!-- Builder pattern does not expose date elements --> + <OR> + <Class name="at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration" /> + <Class name="at.asitplus.eidas.specific.connector.gui.StaticGuiBuilderConfiguration"/> + </OR> + <OR> + <Bug pattern="EI_EXPOSE_REP" /> + <Bug pattern="EI_EXPOSE_REP2" /> + </OR> + </Match> </FindBugsFilter> diff --git a/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml b/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml index 375f73f4..d961b4d6 100644 --- a/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml +++ b/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml @@ -2,7 +2,9 @@ <FindBugsFilter> <Match> <!-- Do not check code generated by Apache CXF framework --> - <Class name="~szrservices.SZRException"/> + <Class name="~szrservices.*"/> + <Class name="~at.gv.e_government.reference.namespace.persondata.*" /> + <Class name="~org.w3._2000._09.xmldsig.*" /> </Match> <Match> <!-- Logging of SAML2 responses in case of errors or for debugging is allowed --> @@ -27,5 +29,16 @@ <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask" /> <Method name="execute" /> <Bug pattern="UNVALIDATED_REDIRECT" /> - </Match> + </Match> + <Match> + <!-- Builder pattern does not expose date elements --> + <OR> + <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData" /> + <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils$JwsResult"/> + </OR> + <OR> + <Bug pattern="EI_EXPOSE_REP" /> + <Bug pattern="EI_EXPOSE_REP2" /> + </OR> + </Match> </FindBugsFilter> diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml index 188bbd26..603395ab 100644 --- a/eidas_modules/authmodule-eIDAS-v2/pom.xml +++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml @@ -120,6 +120,11 @@ </dependency> <dependency> + <groupId>org.bitbucket.b_c</groupId> + <artifactId>jose4j</artifactId> + </dependency> + + <dependency> <groupId>javax.servlet</groupId> <artifactId>javax.servlet-api</artifactId> <scope>provided</scope> @@ -136,23 +141,6 @@ <artifactId>spring-test</artifactId> <scope>test</scope> </dependency> - <dependency> - <groupId>com.github.skjolber</groupId> - <artifactId>mockito-soap-cxf</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.powermock</groupId> - <artifactId>powermock-module-junit4</artifactId> - <version>2.0.7</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.powermock</groupId> - <artifactId>powermock-api-mockito2</artifactId> - <version>2.0.7</version> - <scope>test</scope> - </dependency> <dependency> <groupId>at.asitplus.eidas.ms_specific</groupId> @@ -173,17 +161,24 @@ <scope>test</scope> <type>test-jar</type> </dependency> + <dependency> - <groupId>com.fasterxml.jackson.core</groupId> - <artifactId>jackson-databind</artifactId> - <version>2.11.2</version> - <scope>compile</scope> + <groupId>com.github.skjolber</groupId> + <artifactId>mockito-soap-cxf</artifactId> + <scope>test</scope> </dependency> + <dependency> - <groupId>org.bitbucket.b_c</groupId> - <artifactId>jose4j</artifactId> - <version>0.7.2</version> + <groupId>org.powermock</groupId> + <artifactId>powermock-module-junit4</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.powermock</groupId> + <artifactId>powermock-api-mockito2</artifactId> + <scope>test</scope> </dependency> + </dependencies> <build> @@ -22,13 +22,13 @@ <!-- ===================================================================== --> <egiz-spring-api>0.3</egiz-spring-api> <egiz-eventlog-slf4jBackend>0.4</egiz-eventlog-slf4jBackend> - <eaaf-core.version>1.1.13</eaaf-core.version> + <eaaf-core.version>1.1.16</eaaf-core.version> - <spring-boot-starter-web.version>2.4.5</spring-boot-starter-web.version> - <spring-boot-admin-starter-client.version>2.4.1</spring-boot-admin-starter-client.version> - <org.springframework.version>5.3.6</org.springframework.version> + <spring-boot-starter-web.version>2.5.4</spring-boot-starter-web.version> + <spring-boot-admin-starter-client.version>2.5.1</spring-boot-admin-starter-client.version> + <org.springframework.version>5.3.10</org.springframework.version> <org.thymeleaf-spring5.version>3.0.12.RELEASE</org.thymeleaf-spring5.version> - <cxf.version>3.3.5</cxf.version> + <cxf.version>3.4.4</cxf.version> <eidas-ref.version>2.5.0</eidas-ref.version> @@ -38,23 +38,25 @@ <com.google.guava.version>30.1.1-jre</com.google.guava.version> <joda-time.version>2.10.10</joda-time.version> <org.slf4j.version>1.7.30</org.slf4j.version> - <jackson-datatype-jsr310.version>2.12.3</jackson-datatype-jsr310.version> + <jackson-datatype-jsr310.version>2.12.5</jackson-datatype-jsr310.version> <!-- org.xerial.sqlite-jdbc.version>3.34.0</org.xerial.sqlite-jdbc.version --> <javax.validation-api.version>2.0.1.Final</javax.validation-api.version> <hibernate-validator.version>6.1.5.Final</hibernate-validator.version> + <org.bitbucket.b_c.jose4j.version>0.7.9</org.bitbucket.b_c.jose4j.version> <!-- testing --> <junit.version>4.13.2</junit.version> <surefire.version>2.22.2</surefire.version> <mockito-soap-cxf.version>1.2.0</mockito-soap-cxf.version> <com.squareup.okhttp3.version>4.0.0</com.squareup.okhttp3.version> + <org.powermock.version>2.0.9</org.powermock.version> <!-- Code quality checks --> <jacoco-maven-plugin.version>0.8.6</jacoco-maven-plugin.version> <maven-checkstyle-plugin.version>3.1.1</maven-checkstyle-plugin.version> <maven-pmd-plugin.version>3.14.0</maven-pmd-plugin.version> - <spotbugs-maven-plugin.version>4.1.4</spotbugs-maven-plugin.version> + <spotbugs-maven-plugin.version>4.4.1</spotbugs-maven-plugin.version> <findsecbugs-plugin.version>1.11.0</findsecbugs-plugin.version> <dependency-check-maven.version>6.0.3</dependency-check-maven.version> @@ -308,6 +310,11 @@ <artifactId>hibernate-validator</artifactId> <version>${hibernate-validator.version}</version> </dependency> + <dependency> + <groupId>org.bitbucket.b_c</groupId> + <artifactId>jose4j</artifactId> + <version>${org.bitbucket.b_c.jose4j.version}</version> + </dependency> <!-- Testing --> @@ -363,11 +370,31 @@ <type>test-jar</type> </dependency> <dependency> + <groupId>at.asitplus.eidas.ms_specific.modules</groupId> + <artifactId>authmodule-eIDAS-v2</artifactId> + <version>${egiz.eidas.version}</version> + <classifier>tests</classifier> + <scope>test</scope> + <type>test-jar</type> + </dependency> + <dependency> <groupId>com.squareup.okhttp3</groupId> <artifactId>mockwebserver</artifactId> <version>${com.squareup.okhttp3.version}</version> <scope>test</scope> </dependency> + <dependency> + <groupId>org.powermock</groupId> + <artifactId>powermock-module-junit4</artifactId> + <version>${org.powermock.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.powermock</groupId> + <artifactId>powermock-api-mockito2</artifactId> + <version>${org.powermock.version}</version> + <scope>test</scope> + </dependency> </dependencies> </dependencyManagement> <dependencies> |