From cde7d4a71cbd2ca0eda6d0b991834b195b3e6056 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Fri, 18 Sep 2020 08:01:34 +0200
Subject: update third-party libs and fix incompatibilities with new APIs

---
 .../connector/controller/MonitoringController.java |  2 +-
 .../connector/provider/PvpMetadataProvider.java    | 33 ++--------------------
 2 files changed, 3 insertions(+), 32 deletions(-)

(limited to 'connector/src')

diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java
index 633559de..aa45c836 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java
@@ -48,8 +48,8 @@ import at.gv.egiz.eaaf.core.api.data.EaafConstants;
 import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
 import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory;
 import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
-import at.gv.egiz.eaaf.core.impl.utils.IHttpClientFactory;
 import at.gv.egiz.eaaf.core.impl.utils.Random;
 import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration;
 import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataConfigurationFactory;
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java
index 43f1740f..651b7b78 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java
@@ -25,10 +25,8 @@ package at.asitplus.eidas.specific.connector.provider;
 
 import java.io.IOException;
 import java.security.KeyStore;
-import java.security.KeyStoreException;
 import java.security.Provider;
 import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
 import java.text.MessageFormat;
 import java.util.ArrayList;
 import java.util.Collections;
@@ -38,7 +36,6 @@ import org.apache.commons.lang3.StringUtils;
 import org.opensaml.saml.metadata.resolver.MetadataResolver;
 import org.opensaml.saml.metadata.resolver.filter.MetadataFilter;
 import org.opensaml.saml.metadata.resolver.filter.MetadataFilterChain;
-import org.opensaml.security.x509.BasicX509Credential;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -50,11 +47,10 @@ import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
 import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
-import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils;
 import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
 import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
-import at.gv.egiz.eaaf.core.impl.utils.IHttpClientFactory;
+import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory;
 import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
 import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.AbstractChainingMetadataProvider;
 import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
@@ -131,7 +127,7 @@ public class PvpMetadataProvider extends AbstractChainingMetadataProvider {
         final List<MetadataFilter> filterList = new ArrayList<>();
         filterList.add(new SchemaValidationFilter(true));
         filterList.add(new SimpleMetadataSignatureVerificationFilter(
-            getTrustedCertificates(keyStore.getFirst()), entityId));
+            keyStore.getFirst(), entityId));
         filterList.add(new PvpEntityCategoryFilter(
             basicConfig.getBasicConfigurationBoolean(MsEidasNodeConstants.PROP_CONFIG_PVP_ENABLE_ENTITYCATEGORIES,
             true)));
@@ -177,29 +173,4 @@ public class PvpMetadataProvider extends AbstractChainingMetadataProvider {
     return "Service-provider chainging metadata provider";
     
   }
-    
-  private List<BasicX509Credential> getTrustedCertificates(KeyStore trustStore) throws EaafConfigurationException {
-    try {
-      final List<X509Certificate> certs =
-          EaafKeyStoreUtils.readCertsFromKeyStore(trustStore);
-      if (certs.isEmpty()) {
-        log.warn("No trusted metadata-signing certificates in configuration");
-        throw new EaafConfigurationException("module.eidasauth.02",
-            new Object[] { "No trusted metadata-signing certificates" });
-
-      }
-
-      final List<BasicX509Credential> result = new ArrayList<>();
-      for (final X509Certificate cert : certs) {
-        result.add(new BasicX509Credential(cert));
-
-      }
-      return result;
-
-    } catch (final KeyStoreException e) {
-      throw new EaafConfigurationException("module.eidasauth.01",
-          new Object[] { "Trusted metadata-signing certificates", e.getMessage() }, e);
-
-    }
-  }
 }
-- 
cgit v1.2.3