From a3293c946ed5b8e2bc2076a9a7eb00a4c70a41aa Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Sun, 9 Jan 2022 14:49:15 +0100 Subject: refactor(core): update eaaf-components to switch to openSAML4.x --- .../specific/connector/test/FullStartUpAndProcessTest.java | 4 ++-- .../connector/test/saml2/Pvp2SProfileEndPointTest.java | 10 +++++----- pom.xml | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java index 64e8272e..63b11322 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java @@ -8,6 +8,7 @@ import java.io.IOException; import java.io.UnsupportedEncodingException; import java.lang.reflect.Field; import java.net.URISyntaxException; +import java.time.Instant; import java.util.Map; import java.util.Timer; @@ -15,7 +16,6 @@ import javax.xml.transform.TransformerException; import org.apache.commons.lang3.RandomStringUtils; import org.apache.ignite.Ignition; -import org.joda.time.DateTime; import org.junit.AfterClass; import org.junit.Assert; import org.junit.Before; @@ -475,7 +475,7 @@ public class FullStartUpAndProcessTest { final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream( XMLObjectProviderRegistrySupport.getParserPool(), Pvp2SProfileEndPointTest.class.getResourceAsStream("/data/pvp2_authn_1.xml")); - authnReq.setIssueInstant(DateTime.now()); + authnReq.setIssueInstant(Instant.now()); RequestAbstractType signedAuthnReq = Saml2Utils.signSamlObject(authnReq, credentialProvider.getMessageSigningCredential(), true); String b64 = Base64Utils.encodeToString(DomUtils.serializeNode( diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java index bcba3e11..6b39bd76 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java @@ -6,12 +6,12 @@ import java.io.UnsupportedEncodingException; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; +import java.time.Instant; import java.util.List; import java.util.Timer; import javax.xml.transform.TransformerException; -import org.joda.time.DateTime; import org.junit.Assert; import org.junit.Before; import org.junit.BeforeClass; @@ -129,7 +129,7 @@ public class Pvp2SProfileEndPointTest { final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream( XMLObjectProviderRegistrySupport.getParserPool(), Pvp2SProfileEndPointTest.class.getResourceAsStream("/data/pvp2_authn_3.xml")); - authnReq.setIssueInstant(DateTime.now()); + authnReq.setIssueInstant(Instant.now()); RequestAbstractType signedAuthnReq = Saml2Utils.signSamlObject(authnReq, credentialProvider.getMetaDataSigningCredential(), true); String b64 = Base64Utils.encodeToString(DomUtils.serializeNode( @@ -166,7 +166,7 @@ public class Pvp2SProfileEndPointTest { final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream( XMLObjectProviderRegistrySupport.getParserPool(), Pvp2SProfileEndPointTest.class.getResourceAsStream("/data/pvp2_authn_1.xml")); - authnReq.setIssueInstant(DateTime.now()); + authnReq.setIssueInstant(Instant.now()); RequestAbstractType signedAuthnReq = Saml2Utils.signSamlObject(authnReq, credentialProvider.getMetaDataSigningCredential(), true); String b64 = Base64Utils.encodeToString(DomUtils.serializeNode( @@ -203,7 +203,7 @@ public class Pvp2SProfileEndPointTest { final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream( XMLObjectProviderRegistrySupport.getParserPool(), Pvp2SProfileEndPointTest.class.getResourceAsStream("/data/pvp2_authn_1.xml")); - authnReq.setIssueInstant(DateTime.now()); + authnReq.setIssueInstant(Instant.now()); RequestAbstractType signedAuthnReq = Saml2Utils.signSamlObject(authnReq, credentialProvider.getMetaDataSigningCredential(), true); String b64 = Base64Utils.encodeToString(DomUtils.serializeNode( @@ -240,7 +240,7 @@ public class Pvp2SProfileEndPointTest { final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream( XMLObjectProviderRegistrySupport.getParserPool(), Pvp2SProfileEndPointTest.class.getResourceAsStream("/data/pvp2_authn_1.xml")); - authnReq.setIssueInstant(DateTime.now()); + authnReq.setIssueInstant(Instant.now()); RequestAbstractType signedAuthnReq = Saml2Utils.signSamlObject(authnReq, credentialProvider.getMessageSigningCredential(), true); String b64 = Base64Utils.encodeToString(DomUtils.serializeNode( diff --git a/pom.xml b/pom.xml index 80ee55b8..90f073e7 100644 --- a/pom.xml +++ b/pom.xml @@ -22,7 +22,7 @@ 0.3 0.4 - 1.1.17 + 1.2.1-SNAPSHOT 2.5.7 2.5.4 -- cgit v1.2.3 From 92cbdb1315174bed0cdb7e565fec181301012a85 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Sun, 9 Jan 2022 14:50:27 +0100 Subject: refactor(core): update GUI generation to new API from EAAF-Components 1.2.x --- .../resources/specific_eIDAS_connector.beans.xml | 2 +- .../spring/SpringTest_connector.beans.xml | 2 +- .../gui/DefaultVelocityGuiBuilderImpl.java | 11 ++ .../connector/gui/SpringMvcGuiFormBuilderImpl.java | 123 --------------------- .../gui/StaticGuiBuilderConfiguration.java | 8 +- .../resources/SpringTest-context_tasks_test.xml | 2 +- 6 files changed, 18 insertions(+), 130 deletions(-) delete mode 100644 connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/SpringMvcGuiFormBuilderImpl.java diff --git a/connector/src/main/resources/specific_eIDAS_connector.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.beans.xml index df2a9aa4..8ff4e565 100644 --- a/connector/src/main/resources/specific_eIDAS_connector.beans.xml +++ b/connector/src/main/resources/specific_eIDAS_connector.beans.xml @@ -104,7 +104,7 @@ class="at.asitplus.eidas.specific.connector.gui.DefaultVelocityGuiBuilderImpl" /> + class="at.gv.egiz.eaaf.core.impl.gui.builder.SpringMvcGuiFormBuilderImpl" /> diff --git a/connector/src/test/resources/spring/SpringTest_connector.beans.xml b/connector/src/test/resources/spring/SpringTest_connector.beans.xml index 4d770570..8f3d25ad 100644 --- a/connector/src/test/resources/spring/SpringTest_connector.beans.xml +++ b/connector/src/test/resources/spring/SpringTest_connector.beans.xml @@ -96,7 +96,7 @@ class="at.asitplus.eidas.specific.connector.gui.DefaultVelocityGuiBuilderImpl" /> + class="at.gv.egiz.eaaf.core.impl.gui.builder.SpringMvcGuiFormBuilderImpl" /> diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/DefaultVelocityGuiBuilderImpl.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/DefaultVelocityGuiBuilderImpl.java index e7ebc92f..2283081e 100644 --- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/DefaultVelocityGuiBuilderImpl.java +++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/DefaultVelocityGuiBuilderImpl.java @@ -25,10 +25,14 @@ package at.asitplus.eidas.specific.connector.gui; import java.io.InputStream; +import javax.servlet.http.HttpServletRequest; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.http.MediaType; import org.springframework.stereotype.Service; +import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration; import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration; import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; import at.gv.egiz.eaaf.core.impl.gui.AbstractVelocityGuiFormBuilderImpl; @@ -63,4 +67,11 @@ public class DefaultVelocityGuiBuilderImpl extends AbstractVelocityGuiFormBuilde } } + @Override + public String evaluateResponseContentType(HttpServletRequest httpReq, IGuiBuilderConfiguration config, + String loggerName) throws GuiBuildException { + return MediaType.TEXT_HTML_VALUE; + + } + } diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/SpringMvcGuiFormBuilderImpl.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/SpringMvcGuiFormBuilderImpl.java deleted file mode 100644 index 70ab73ad..00000000 --- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/SpringMvcGuiFormBuilderImpl.java +++ /dev/null @@ -1,123 +0,0 @@ -package at.asitplus.eidas.specific.connector.gui; - -import java.util.Locale; -import java.util.Map; - -import javax.annotation.Nullable; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.HttpStatus; -import org.springframework.web.servlet.LocaleResolver; -import org.springframework.web.servlet.ModelAndView; -import org.springframework.web.servlet.View; -import org.springframework.web.servlet.ViewResolver; - -import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration; -import at.gv.egiz.eaaf.core.api.gui.ISpringMvcGuiFormBuilder; -import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; - -public class SpringMvcGuiFormBuilderImpl implements ISpringMvcGuiFormBuilder { - private static final Logger log = LoggerFactory.getLogger(SpringMvcGuiFormBuilderImpl.class); - - private @Autowired(required = false) ViewResolver[] viewResolvers; - private @Autowired(required = false) LocaleResolver localeResolver; - - @Override - public void build(HttpServletRequest httpReq, HttpServletResponse httpResp, IGuiBuilderConfiguration config, - String loggerName) throws GuiBuildException { - build(httpReq, httpResp, config, null, loggerName); - - } - - @Override - public void build(HttpServletRequest httpReq, HttpServletResponse httpResp, IGuiBuilderConfiguration config, - String contentType, String loggerName) throws GuiBuildException { - try { - final ModelAndView mav = new ModelAndView(config.getViewName()); - if (config.getViewParameters() != null) { - mav.addAllObjects(config.getViewParameters()); - } - - render(mav, httpReq, httpResp); - - } catch (final Exception e) { - log.info("Can NOT generate GUI for illustration", e); - throw new GuiBuildException(e.getMessage(), e); - - } - - } - - protected void render(ModelAndView mv, HttpServletRequest request, HttpServletResponse response) - throws Exception { - // Determine locale for request and apply it to the response. - final Locale locale = - this.localeResolver != null ? this.localeResolver.resolveLocale(request) : request.getLocale(); - response.setLocale(locale); - - View view; - final String viewName = mv.getViewName(); - if (viewName != null) { - // We need to resolve the view name. - view = resolveViewName(viewName, mv.getModelMap(), locale, request); - if (view == null) { - throw new ServletException("Could not resolve view with name '" + mv.getViewName() + "' "); - } - - } else { - // No need to lookup: the ModelAndView object contains the actual View object. - view = mv.getView(); - if (view == null) { - throw new ServletException("ModelAndView [" + mv + "] neither contains a view name nor a " - + "View object "); - } - - } - - // Delegate to the View object for rendering. - if (log.isTraceEnabled()) { - log.trace("Rendering view [{}] ", view); - - } - - try { - HttpStatus status = mv.getStatus(); - if (status != null) { - response.setStatus(status.value()); - - } - - view.render(mv.getModelMap(), request, response); - - } catch (final Exception ex) { - if (log.isDebugEnabled()) { - log.debug("Error rendering view [" + view + "]", ex); - } - - throw ex; - - } - - } - - protected View resolveViewName(String viewName, @Nullable Map model, - Locale locale, HttpServletRequest request) throws Exception { - if (viewResolvers != null) { - for (final ViewResolver viewResolver : this.viewResolvers) { - final View view = viewResolver.resolveViewName(viewName, locale); - if (view != null) { - return view; - } - - } - } - - return null; - } - -} diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/StaticGuiBuilderConfiguration.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/StaticGuiBuilderConfiguration.java index 25f5beda..9701ddda 100644 --- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/StaticGuiBuilderConfiguration.java +++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/StaticGuiBuilderConfiguration.java @@ -26,7 +26,7 @@ package at.asitplus.eidas.specific.connector.gui; import java.io.IOException; import java.io.InputStream; -import org.apache.commons.lang.StringEscapeUtils; +import org.apache.commons.text.StringEscapeUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.core.io.Resource; @@ -123,16 +123,16 @@ public class StaticGuiBuilderConfiguration extends AbstractGuiFormBuilderConfigu @Override public void putCustomParameter(GroupDefinition group, String key, String value) { - setViewParameter(getFromGroup(), key, StringEscapeUtils.escapeHtml(value)); + setViewParameter(getFromGroup(), key, StringEscapeUtils.escapeHtml4(value)); } @Override protected void putSpecificViewParameters() { if (pendingReq != null) { - setViewParameter(getFromGroup(), PARAM_PENDINGREQUESTID, StringEscapeUtils.escapeHtml(pendingReq + setViewParameter(getFromGroup(), PARAM_PENDINGREQUESTID, StringEscapeUtils.escapeHtml4(pendingReq .getPendingRequestId())); - setViewParameter(getFromGroup(), PARAM_PENDINGREQUESTID_DEPRECATED, StringEscapeUtils.escapeHtml( + setViewParameter(getFromGroup(), PARAM_PENDINGREQUESTID_DEPRECATED, StringEscapeUtils.escapeHtml4( pendingReq.getPendingRequestId())); } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml index 60ecfa8c..6d6bb51e 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml @@ -20,7 +20,7 @@ + class="at.gv.egiz.eaaf.core.impl.gui.builder.SpringMvcGuiFormBuilderImpl" /> -- cgit v1.2.3 From f53793460867e95b38ce0800a703f759c674360b Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Mon, 10 Jan 2022 13:47:31 +0100 Subject: chore(core): update third-party libs to latest versions --- connector/pom.xml | 10 +++++ pom.xml | 123 +++++++++++++++++++++++++++++++++++++++++++++++------- 2 files changed, 119 insertions(+), 14 deletions(-) diff --git a/connector/pom.xml b/connector/pom.xml index 63a39346..2b2c0925 100644 --- a/connector/pom.xml +++ b/connector/pom.xml @@ -33,6 +33,16 @@ at.gv.egiz.eaaf eaaf_module_pvp2_idp + + + org.bouncycastle + bcpkix-jdk15on + + + org.bouncycastle + bcprov-jdk15on + + at.asitplus.eidas.ms_specific diff --git a/pom.xml b/pom.xml index 90f073e7..f227d2e5 100644 --- a/pom.xml +++ b/pom.xml @@ -24,30 +24,36 @@ 0.4 1.2.1-SNAPSHOT - 2.5.7 + 2.5.8 2.5.4 - 5.3.13 + 5.3.14 3.0.14.RELEASE - 3.4.5 + 3.5.0 2.5.0 3.12.0 1.9 4.4 - 30.1.1-jre + 31.0.1-jre 2.10.13 - 1.7.30 - 2.15.0 + 1.7.32 + 2.17.1 + 1.2.10 - 2.12.5 + 2.13.1 2.0.1.Final 6.1.5.Final 0.7.9 + + + 2.6.0 + 10.0.7 + 4.13.2 2.22.2 @@ -256,7 +262,12 @@ org.apache.logging.log4j log4j-to-slf4j ${log4j.version} - + + + ch.qos.logback + logback-classic + ${ch.qos.logback.version} + org.apache.commons commons-lang3 @@ -280,17 +291,47 @@ org.apache.cxf cxf-core - ${cxf.version} - + ${apache.cxf.version} + org.apache.cxf cxf-rt-frontend-jaxws - ${cxf.version} + ${apache.cxf.version} org.apache.cxf cxf-rt-transports-http - ${cxf.version} + ${apache.cxf.version} + + + org.apache.cxf + cxf-rt-features-clustering + ${apache.cxf.version} + + + org.apache.cxf + cxf-rt-features-logging + ${apache.cxf.version} + + + org.apache.cxf + cxf-rt-databinding-jaxb + ${apache.cxf.version} + + + org.apache.cxf + cxf-rt-bindings-soap + ${apache.cxf.version} + + + org.apache.cxf + cxf-rt-frontend-jaxrs + ${apache.cxf.version} + + + org.apache.cxf + cxf-testutils + ${apache.cxf.version} javax.servlet @@ -350,6 +391,54 @@ ${mockito-soap-cxf.version} test + + org.apache.cxf + cxf-rt-transports-http-jetty + ${apache.cxf.version} + test + + + org.apache.cxf + cxf-rt-transports-local + ${apache.cxf.version} + test + + + org.apache.cxf + cxf-rt-rs-extension-providers + ${apache.cxf.version} + test + + + org.eclipse.jetty + jetty-http + ${jetty.version} + test + + + org.eclipse.jetty + jetty-server + ${jetty.version} + test + + + org.eclipse.jetty + jetty-io + ${jetty.version} + test + + + org.eclipse.jetty + jetty-util + ${jetty.version} + test + + + org.eclipse.jetty + jetty-security + ${jetty.version} + test + at.gv.egiz.eaaf eaaf_core_utils @@ -402,7 +491,13 @@ powermock-api-mockito2 ${org.powermock.version} test - + + + com.jayway.jsonpath + json-path + ${json-path.version} + test + @@ -451,7 +546,7 @@ org.apache.cxf cxf-codegen-plugin - ${cxf.version} + ${apache.cxf.version} -- cgit v1.2.3 From 3b698599040807c889a2a87ff041f516d5626231 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Mon, 10 Jan 2022 13:48:04 +0100 Subject: doc: add file with release history information --- infos/history.txt | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 infos/history.txt diff --git a/infos/history.txt b/infos/history.txt new file mode 100644 index 00000000..53218f48 --- /dev/null +++ b/infos/history.txt @@ -0,0 +1,46 @@ +Dieses Dokument zeigt die Veränderungen und Erweiterungen am eIDAS MS-Connector + +Version 1.2.3 (2021-10-21): + - Bugfix + - Inkompatibilität zwischen AT MS-Connector und ID Austria System behoben + - Logging optimiert und Beispielkonfiguration um TransactionsId erweitert + - Akutalisierung von Drittherstellerbibliotheken + +Version 1.2.2 (2021-06-26): + - Bugfix + - Inkompatibilität zwischen AT MS-Connector, EidasNode v2.5 und Deutscher Middleware behoben + +Version 1.2.1 (2021-05-28): + - Bugfix + - Möglichen Fehler in der Sprachauswahl via GUI behoben + +Version 1.2 (2021-05-12): + - Erforderliche Anpassungen zur Integration in den ID Austria + - Update auf eIDAS Ref. Impl. 2.5.0 (Implementiert eIDAS Spezifikation 1.2) https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.5 + - Codestabilisierung + - Monitoring und HealthChecks Verbesserungen + - Akutalisierung von Drittherstellerbibliotheken + +Version 1.1 (2019-12-13): + - Update auf eIDAS Ref. Impl. 2.4.0 mit Apache Ignite Cache https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.4 + - Statischer Service-Provider Name für öffentliche Applikationen + - Mindest LoA, welche für Requests an eIDAS Proxy-Services verwendet wird. + - Requested Attributes je Land konfigurierbar + - Neue Template-Engine mit i18n Unterstützung + - Neuer Algorithmus zur Generierung von Sessiontokens + - Akutalisierung von Drittherstellerbibliotheken + +Version 1.0.1 (2019-08-02): + - Update auf eIDAS Ref. Impl. 2.2.0 + - Bugfix + - Ungültige Zeichenkodierung bei nonLatin Zeichen behoben + - Akutalisierung von Drittherstellerbibliotheken + +Version 1.0 (2018-10-30): + - Initiale Version des eIDAS MS-Connector + + + + + + -- cgit v1.2.3 From 31b5c646a4c51e8706d0cf884223a2fe95ee5bba Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Mon, 10 Jan 2022 16:00:22 +0100 Subject: chore(core): update commons-io to latest version and jetty to lastest 9.x version --- pom.xml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index f227d2e5..85460bd8 100644 --- a/pom.xml +++ b/pom.xml @@ -35,6 +35,7 @@ 3.12.0 1.9 4.4 + 2.11.0 31.0.1-jre 2.10.13 @@ -52,7 +53,7 @@ 2.6.0 - 10.0.7 + 9.4.44.v20210927 4.13.2 @@ -278,6 +279,11 @@ commons-text ${org.apache.commons-text.version} + + commons-io + commons-io + ${commons-io.version} + com.google.guava guava -- cgit v1.2.3