update Http client for MIS communication

4 files changed, 63 insertions, 203 deletions

diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
index a24cc9a43..3383cf201 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
@@ -79,7 +79,7 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask {
 					authConfig,
 					connectionParameters);
 			List<MISMandate> list = MISSimpleClient.sendGetMandatesRequest(
-					connectionParameters.getUrl(), misSessionID, sslFactory);
+					connectionParameters.getUrl(), misSessionID, sslFactory, authConfig);
 
 			//check if mandates received
 			if (list == null || list.size() == 0) {
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
index 8acfd255b..975dec429 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
@@ -122,7 +122,8 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
 	        		profiles, 
 	        		targetType,
 	        		authBlock,
-	        		sslFactory);
+	        		sslFactory,
+	        		authConfig);
 	        
 	        if (misSessionID == null) {
 	      	  Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null.");
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWSecureSocketFactory.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWSecureSocketFactory.java
deleted file mode 100644
index 22b575489..000000000
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/SZRGWSecureSocketFactory.java
+++ /dev/null
@@ -1,170 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- * 
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- * 
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw;
-
-import java.io.IOException;
-import java.net.InetAddress;
-import java.net.Socket;
-import java.net.UnknownHostException;
-
-import javax.net.ssl.SSLSocketFactory;
-
-import org.apache.commons.httpclient.params.HttpConnectionParams;
-import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
-
-/**
- * This class implements a secure protocol socket factory
- * for the Apache HTTP client.
- * 
- * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>
- */
-public class SZRGWSecureSocketFactory implements SecureProtocolSocketFactory {
-
-  /**
-   * The SSL socket factory.
-   */
-  private SSLSocketFactory factory;
-  
-  /**
-   * Creates a new Secure socket factory for the
-   * Apache HTTP client.
-   * 
-   * @param factory the SSL socket factory to use.
-   */
-  public SZRGWSecureSocketFactory(SSLSocketFactory factory) {
-    this.factory = factory;
-  }
-  
-  
-  /**
-   * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int)
-   */
-  public Socket createSocket(
-      String host,
-      int port,
-      InetAddress clientHost,
-      int clientPort)
-      throws IOException, UnknownHostException {
-
-      return this.factory.createSocket(
-          host,
-          port,
-          clientHost,
-          clientPort
-      );
-  }
-
-  /**
-   * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int)
-   */
-  public Socket createSocket(String host, int port)
-      throws IOException, UnknownHostException {
-      return this.factory.createSocket(
-          host,
-          port
-      );
-  }
-
-  /**
-   * @see SecureProtocolSocketFactory#createSocket(java.net.Socket,java.lang.String,int,boolean)
-   */
-  public Socket createSocket(
-      Socket socket,
-      String host,
-      int port,
-      boolean autoClose)
-      throws IOException, UnknownHostException {
-      return this.factory.createSocket(
-          socket,
-          host,
-          port,
-          autoClose
-      );
-  }
-  
-  /**
-   * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int,org.apache.commons.httpclient.params.HttpConnectionParams)
-   */
-  public Socket createSocket(
-      String host,
-      int port,
-      InetAddress clientHost,
-      int clientPort,
-      HttpConnectionParams params)
-      throws IOException, UnknownHostException, org.apache.commons.httpclient.ConnectTimeoutException {
-
-      Socket socket = createSocket(host, port, clientHost, clientPort);
-      if (socket != null) {
-          // socket.setKeepAlive(false);
-          if (params.getReceiveBufferSize() >= 0)
-              socket.setReceiveBufferSize(params.getReceiveBufferSize());
-          if (params.getSendBufferSize() >= 0)
-              socket.setSendBufferSize(params.getSendBufferSize());
-          socket.setReuseAddress(true);
-          if (params.getSoTimeout() >= 0)
-              socket.setSoTimeout(params.getSoTimeout());
-      }
-      return socket;
-    
-  }
-
-  /**
-   * @see java.lang.Object#equals(java.lang.Object)
-   */
-  public boolean equals(Object obj) {
-      return ((obj != null) && obj.getClass().equals(SZRGWSecureSocketFactory.class));
-  }
-
-  /**
-   * @see java.lang.Object#hashCode()
-   */
-  public int hashCode() {
-      return SZRGWSecureSocketFactory.class.hashCode();
-  }
-  
-}
-
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
index 12e58342a..26d50905e 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
@@ -56,10 +56,12 @@ import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.transform.TransformerException;
 
 import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.httpclient.HttpClient;
-import org.apache.commons.httpclient.methods.PostMethod;
-import org.apache.commons.httpclient.methods.StringRequestEntity;
-import org.apache.commons.httpclient.protocol.Protocol;
+import org.apache.http.HttpEntity;
+import org.apache.http.client.methods.CloseableHttpResponse;
+import org.apache.http.client.methods.HttpPost;
+import org.apache.http.entity.ContentType;
+import org.apache.http.entity.StringEntity;
+import org.apache.http.impl.client.CloseableHttpClient;
 import org.apache.xpath.XPathAPI;
 import org.w3c.dom.DOMException;
 import org.w3c.dom.Document;
@@ -69,7 +71,7 @@ import org.w3c.dom.NodeList;
 import org.xml.sax.SAXException;
 
 import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWSecureSocketFactory;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
 import at.gv.egovernment.moa.id.commons.utils.HttpClientWithProxySupport;
 import at.gv.egovernment.moa.id.data.MISMandate;
 import at.gv.egovernment.moa.logging.Logger;
@@ -96,21 +98,14 @@ public class MISSimpleClient {
 		}
 	}
 	
-	public static List<MISMandate> sendGetMandatesRequest(String webServiceURL, String sessionId, SSLSocketFactory sSLSocketFactory) throws MISSimpleClientException {
+	public static List<MISMandate> sendGetMandatesRequest(String webServiceURL, String sessionId, SSLSocketFactory sSLSocketFactory, AuthConfiguration authConfig) throws MISSimpleClientException {
 		if (webServiceURL == null) {
 			throw new NullPointerException("Argument webServiceURL must not be null.");
 		}
 		if (sessionId == null) {
 			throw new NullPointerException("Argument sessionId must not be null.");
 		}
-		
-		// ssl settings
-		if (sSLSocketFactory != null) {
-	        SZRGWSecureSocketFactory fac = new SZRGWSecureSocketFactory(sSLSocketFactory); 
-	        Protocol.registerProtocol("https", new Protocol("https", fac, 443));
-		}
-
-		
+				
 		try {
 			Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
 			Element mirElement = doc.createElementNS(MIS_NS, "MandateIssueRequest");
@@ -119,7 +114,11 @@ public class MISSimpleClient {
 			mirElement.appendChild(sessionIdElement);
 	    
 			// send soap request
-			Element mandateIssueResponseElement = sendSOAPRequest(webServiceURL, mirElement);
+			Element mandateIssueResponseElement = sendSOAPRequest(
+					webServiceURL, 
+					mirElement,
+					sSLSocketFactory,
+					authConfig);
 	    
 			// check for error
 			checkForError(mandateIssueResponseElement);
@@ -160,7 +159,7 @@ public class MISSimpleClient {
 		} 
 	}
 	
-	public static MISSessionId sendSessionIdRequest(String webServiceURL, byte[] idl, byte[] cert, String oaFriendlyName, String redirectURL, String referenceValue, List<String> mandateIdentifier, String targetType, byte[] authBlock, SSLSocketFactory sSLSocketFactory) throws MISSimpleClientException {
+	public static MISSessionId sendSessionIdRequest(String webServiceURL, byte[] idl, byte[] cert, String oaFriendlyName, String redirectURL, String referenceValue, List<String> mandateIdentifier, String targetType, byte[] authBlock, SSLSocketFactory sSLSocketFactory, AuthConfiguration authConfig) throws MISSimpleClientException {
 		if (webServiceURL == null) {
 			throw new MISSimpleClientException("service.04");
 		}
@@ -170,13 +169,7 @@ public class MISSimpleClient {
 		if (redirectURL == null) {
 			throw new NullPointerException("Argument redirectURL must not be null.");
 		}
-		
-		// ssl settings
-		if (sSLSocketFactory != null) {
-	        SZRGWSecureSocketFactory fac = new SZRGWSecureSocketFactory(sSLSocketFactory); 
-	        Protocol.registerProtocol("https", new Protocol("https", fac, 443));
-		}
-		
+				
 		try {
 			Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
 			Element mirElement = doc.createElementNS(MIS_NS, "MandateIssueRequest");
@@ -233,7 +226,11 @@ public class MISSimpleClient {
 			mirElement.appendChild(authBlockElement);
 						
 			// send soap request
-			Element mandateIssueResponseElement = sendSOAPRequest(webServiceURL, mirElement);
+			Element mandateIssueResponseElement = sendSOAPRequest(
+					webServiceURL, 
+					mirElement,
+					sSLSocketFactory,
+					authConfig);
 
 			// check for error
 			checkForError(mandateIssueResponseElement);
@@ -284,7 +281,9 @@ public class MISSimpleClient {
 		}
 	}
 	
-	private static Element sendSOAPRequest(String webServiceURL, Element request) throws MISSimpleClientException {
+	private static Element sendSOAPRequest(String webServiceURL, Element request, 
+			SSLSocketFactory sSLSocketFactory, 
+			AuthConfiguration authConfig) throws MISSimpleClientException {
 		
 //		try {
 //			System.out.println("REQUEST-MIS: \n"  + DOMUtils.serializeNode(request));
@@ -300,18 +299,32 @@ public class MISSimpleClient {
 		if (request == null) {
 			throw new NullPointerException("Argument request must not be null.");
 		}
+
+		CloseableHttpClient httpclient = null;
+		CloseableHttpResponse httpResp = null;
 		try {
-			HttpClient httpclient = HttpClientWithProxySupport.getHttpClient();
-			PostMethod post = new PostMethod(webServiceURL);
-			StringRequestEntity re = new StringRequestEntity(DOMUtils.serializeNode(packIntoSOAP(request)),"text/xml", "UTF-8");
-			post.setRequestEntity(re);
-			int responseCode = httpclient.executeMethod(post);
+			httpclient = HttpClientWithProxySupport.getHttpClient(
+					sSLSocketFactory,
+					authConfig.getBasicMOAIDConfigurationBoolean(AuthConfiguration.PROP_KEY_OVS_SSL_HOSTNAME_VALIDATION, true));
 			
+			// set http POST Request
+			HttpPost post = new HttpPost(webServiceURL);		
+			HttpEntity postReq = new StringEntity(
+					DOMUtils.serializeNode(packIntoSOAP(request)), 
+					ContentType.create("text/xml", "UTF-8") );
+			post.setEntity(postReq);
+			
+			//request webService
+			httpResp = httpclient.execute(post);
+						
+			//parse response			
+			int responseCode = httpResp.getStatusLine().getStatusCode();			
 			if (responseCode != 200) {
 				throw new MISSimpleClientException("Invalid HTTP response code " + responseCode);
 			}
+						
 			//Element elem = parse(post.getResponseBodyAsStream());
-			Document doc = DOMUtils.parseDocumentSimple(post.getResponseBodyAsStream());
+			Document doc = DOMUtils.parseDocumentSimple(httpResp.getEntity().getContent());
 			return unpackFromSOAP(doc.getDocumentElement());
 			
 		} catch(IOException e) {
@@ -329,8 +342,24 @@ public class MISSimpleClient {
 		} catch (Exception e) {
 			throw new MISSimpleClientException("service.06", new Object[]{e.getMessage()}, e);
 			
+		} finally {
+				try {
+					if (httpclient != null)
+						httpclient.close();
+
+					if (httpResp != null)
+						httpResp.close();
+
+					
+				} catch (IOException e) {
+					Logger.error("HTTP-client or Response for MIS communication can NOT be closed!", e);
+					
+				}
+			
+			
 		}
 		
+		
 	}
 	
 	private static Element packIntoSOAP(Element element) throws MISSimpleClientException {