aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristof Rabensteiner <christof.rabensteiner@iaik.tugraz.at>2019-05-21 13:47:34 +0200
committerChristof Rabensteiner <christof.rabensteiner@iaik.tugraz.at>2019-05-21 13:47:34 +0200
commit59a13bea5783aa666bcbcec793df19f129965ff3 (patch)
tree15049405249a0940484e3f177e5c5b51cb5458e9
parent96f82d09c22853ce3b37db0983ce6ccc34c2587f (diff)
downloadmoa-zs-59a13bea5783aa666bcbcec793df19f129965ff3.tar.gz
moa-zs-59a13bea5783aa666bcbcec793df19f129965ff3.tar.bz2
moa-zs-59a13bea5783aa666bcbcec793df19f129965ff3.zip
WIP: SSL Client Auth
- Refactor MsgClient: Not a Singleton anymore. Use MsgClientFactory to make a client. Make request and config private fields. - Add configuration parameters to application.yaml. - Init SSL client auth testcase, but dont include in testsuite because it aint working yet.
-rw-r--r--pom.xml7
-rw-r--r--src/main/java/at/gv/egiz/moazs/msg/MsgClient.java54
-rw-r--r--src/main/java/at/gv/egiz/moazs/msg/MsgClientFactory.java14
-rw-r--r--src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java10
-rw-r--r--src/main/resources/application.yaml41
-rw-r--r--src/test/java/at/gv/egiz/moazs/MsgClientTest.java31
-rw-r--r--src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java9
7 files changed, 143 insertions, 23 deletions
diff --git a/pom.xml b/pom.xml
index 716e901..f2724c7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -25,6 +25,7 @@
<jaxwsapi.version>2.3.1</jaxwsapi.version>
<jwsapi.version>1.1</jwsapi.version>
<jedisclient.version>2.9.3</jedisclient.version>
+ <!--<egovutils.version>2.0.7-snapshot</egovutils.version>-->
<guava.version>27.1-jre</guava.version>
<immutable-xjc-plugin.version>1.5</immutable-xjc-plugin.version>
<jacoco.version>0.8.3</jacoco.version>
@@ -96,6 +97,12 @@
<artifactId>javax.jws-api</artifactId>
<version>${jwsapi.version}</version>
</dependency>
+
+ <!--<dependency>-->
+ <!--<groupId>at.gv.util</groupId>-->
+ <!--<artifactId>egovutils</artifactId>-->
+ <!--<version>${egovutils.version}</version>-->
+ <!--</dependency>-->
</dependencies>
<build>
diff --git a/src/main/java/at/gv/egiz/moazs/msg/MsgClient.java b/src/main/java/at/gv/egiz/moazs/msg/MsgClient.java
index 47ee8c3..6f0b1d9 100644
--- a/src/main/java/at/gv/egiz/moazs/msg/MsgClient.java
+++ b/src/main/java/at/gv/egiz/moazs/msg/MsgClient.java
@@ -4,24 +4,64 @@ import at.gv.zustellung.app2mzs.xsd.ConfigType;
import at.gv.zustellung.msg.xsd.App2ZusePort;
import at.gv.zustellung.msg.xsd.DeliveryRequestStatusType;
import at.gv.zustellung.msg.xsd.DeliveryRequestType;
+import org.apache.cxf.jaxws.JaxWsClientFactoryBean;
import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
-import org.springframework.stereotype.Component;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
-@Component
public class MsgClient {
- public DeliveryRequestStatusType send(DeliveryRequestType msgRequest, ConfigType config) {
- var address = config.getServer().getZUSEUrlID();
- var proxy = connect(address);
+ private static final Logger log = LoggerFactory.getLogger(MsgClient.class);
+
+ private final DeliveryRequestType msgRequest;
+ private final ConfigType config;
+
+ MsgClient(DeliveryRequestType msgRequest, ConfigType config) {
+ this.msgRequest = msgRequest;
+ this.config = config;
+ }
+
+ public DeliveryRequestStatusType send() {
+
+ var proxy = connect(config);
+
return proxy.delivery(msgRequest);
}
- private App2ZusePort connect(String address) {
+ private App2ZusePort connect(ConfigType config) {
+
+ new JaxWsClientFactoryBean();
+
+ var address = config.getServer().getZUSEUrlID();
var factory = new JaxWsProxyFactoryBean();
factory.setServiceClass(App2ZusePort.class);
factory.setAddress(address);
- return (App2ZusePort) factory.create();
+
+ var proxy = factory.create();
+
+// var client = ClientProxy.getClient(proxy);
+// var conduit = (HTTPConduit) client.getConduit();
+//
+// if (addressIsHttps(address)) {
+// var tlsParams = new TLSClientParameters();
+// tlsParams.setSSLSocketFactory(createSSLContext().getSocketFactory());
+// conduit.setTlsClientParameters(tlsParams);
+// }
+
+ return (App2ZusePort) proxy;
+ }
+
+// private SSLContext createSSLContext() {
+// java.util.Properties props = new Properties();
+// props.entrySet();
+//
+// // return SSLUtils.getPropertiesSSLContext(this.props, this.configDir, this.propsPrefix, forceTrustAllManager);
+// return null;
+// }
+
+ private boolean addressIsHttps(String address) {
+ return address.startsWith("https://");
}
}
diff --git a/src/main/java/at/gv/egiz/moazs/msg/MsgClientFactory.java b/src/main/java/at/gv/egiz/moazs/msg/MsgClientFactory.java
new file mode 100644
index 0000000..9884bd5
--- /dev/null
+++ b/src/main/java/at/gv/egiz/moazs/msg/MsgClientFactory.java
@@ -0,0 +1,14 @@
+package at.gv.egiz.moazs.msg;
+
+import at.gv.zustellung.app2mzs.xsd.ConfigType;
+import at.gv.zustellung.msg.xsd.DeliveryRequestType;
+import org.springframework.stereotype.Component;
+
+@Component
+public class MsgClientFactory {
+
+ public MsgClient create(DeliveryRequestType msgRequest, ConfigType config) {
+ return new MsgClient(msgRequest, config);
+ }
+
+}
diff --git a/src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java b/src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java
index 3d7f8e9..bfd05b2 100644
--- a/src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java
+++ b/src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java
@@ -2,6 +2,7 @@ package at.gv.egiz.moazs.pipeline;
import at.gv.egiz.moazs.msg.MsgClient;
+import at.gv.egiz.moazs.msg.MsgClientFactory;
import at.gv.egiz.moazs.tnvz.TnvzClient;
import at.gv.egiz.moazs.repository.DeliveryRepository;
import at.gv.egiz.moazs.scheme.Mzs2MsgConverter;
@@ -27,17 +28,17 @@ public class SameThreadDeliveryPipeline implements DeliveryPipeline {
private final DeliveryRepository repository;
private final TnvzClient tnvzClient;
private final Mzs2MsgConverter converter;
- private final MsgClient msgClient;
+ private final MsgClientFactory msgClientFactory;
@Autowired
public SameThreadDeliveryPipeline(DeliveryRepository repository,
TnvzClient tnvzClient,
Mzs2MsgConverter converter,
- MsgClient msgClient) {
+ MsgClientFactory msgClientFactory) {
this.repository = repository;
this.tnvzClient = tnvzClient;
this.converter = converter;
- this.msgClient = msgClient;
+ this.msgClientFactory = msgClientFactory;
}
@Override
@@ -48,7 +49,8 @@ public class SameThreadDeliveryPipeline implements DeliveryPipeline {
? converter.convert(mzsRequest, queryPerson(mzsRequest))
: converter.convert(mzsRequest);
- var status = msgClient.send(msgRequest, mzsRequest.getConfig());
+ var msgClient = msgClientFactory.create(msgRequest, mzsRequest.getConfig());
+ var status = msgClient.send();
repository.add(status);
}
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index a59c460..d43e7dc 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -13,9 +13,31 @@ spring:
# Order: DeliveryRequest/Config > [chosen-profile] > default
delivery-request-configuration-profiles:
default:
+ ## All parameters for MSG client.
msg:
- url: http://localhost:8081/
- x509: todo!
+
+ ## How to reach
+ url: http://localhost:8081/services/DeliveryRequest
+ ssl:
+
+ ## Parameters for ssl client auth
+ keystore:
+ ## Absolute path to file
+ filename:
+ ## Password to unlock key store.
+ password: 1233
+ ## JKS or PKCS12
+ type: JKS
+
+ ## Boolean; if true, app will trust all server certificates;
+ ## if false, server certificate needs to be in truststore.
+ trustall: false
+
+ ## Boolean; if true, app ignores mismatches between server's host name and
+ ## Certificate's common name / alternative subject name.
+ laxhostnameverification: false
+
+
perform-query-person-request: false
app-profile-1:
@@ -27,7 +49,20 @@ delivery-request-configuration-profiles:
msg:
url: https://msg-url2.com
+key-store-profiles:
+ msg-key-store:
+
+
+
+
## If set to false, moa zs ignores an incomplete default DeliveryRequest-configuration
## profile and continues startup. See 'delivery-request-configuration-profiles'.
## Default value: true
-# verify-completeness-of-default-delivery-request-configuration: false \ No newline at end of file
+# verify-completeness-of-default-delivery-request-configuration: false
+
+
+# ssl.keystore.file=../keys/www.egiz.gv.at.p12
+# egovutil.mis.ssl.keystore.password=OSgmSn!
+# egovutil.mis.ssl.keystore.type=PKCS12
+# egovutil.mis.ssl.trustall=true
+# egovutil.mis.ssl.laxhostnameverification=false \ No newline at end of file
diff --git a/src/test/java/at/gv/egiz/moazs/MsgClientTest.java b/src/test/java/at/gv/egiz/moazs/MsgClientTest.java
index 6dc94e0..5b6419f 100644
--- a/src/test/java/at/gv/egiz/moazs/MsgClientTest.java
+++ b/src/test/java/at/gv/egiz/moazs/MsgClientTest.java
@@ -1,6 +1,7 @@
package at.gv.egiz.moazs;
import at.gv.egiz.moazs.msg.MsgClient;
+import at.gv.egiz.moazs.msg.MsgClientFactory;
import at.gv.egiz.moazs.scheme.Marshaller;
import at.gv.zustellung.app2mzs.xsd.ConfigType;
import at.gv.zustellung.msg.xsd.DeliveryRequestType;
@@ -28,25 +29,41 @@ public class MsgClientTest {
private final static Logger logger = LoggerFactory.getLogger(MsgClient.class);
- private final String serviceUri = "http://localhost:8081/services/DeliveryRequest";
+ private String httpServiceUri = "http://localhost:8081/services/DeliveryRequest";
+ private String sslServiceUri = "https://localhost/zusemsg/services/DeliveryRequest";
+
private final String basePath = "src/test/resources/at/gv/egiz/moazs/MsgClientTest/";
+ private MsgClientFactory factory = new MsgClientFactory();
+
@Autowired
private Marshaller msgMarshaller;
private static final ObjectFactory OF = new ObjectFactory();
- // this test requires that a zusemsg service runs under serviceUri!
+ // this test requires that a zusemsg service runs under httpServiceUri!
@Test
public void sendValidMessage() throws IOException {
var request = loadFromFile("validDeliveryRequest.xml");
- var config = generateConfig();
- var client = new MsgClient();
+ var config = generateConfig(httpServiceUri);
+ var client = factory.create(request, config);
+
+ var status = client.send();
+
+ logger.info("status: " + msgMarshaller.marshallXml(OF.createDeliveryRequestStatus(status)));
+ }
+
+ //@Test
+ public void sendValidMessageToSSL() throws IOException {
+
+ var request = loadFromFile("validDeliveryRequest.xml");
+ var config = generateConfig(sslServiceUri);
+ var client = factory.create(request, config);
- var status = client.send(request, config);
+ var status = client.send();
logger.info("status: " + msgMarshaller.marshallXml(OF.createDeliveryRequestStatus(status)));
}
@@ -58,10 +75,10 @@ public class MsgClientTest {
}
}
- private ConfigType generateConfig() {
+ private ConfigType generateConfig(String zuseUrl) {
var server = serverTypeBuilder()
- .withZUSEUrlID(serviceUri)
+ .withZUSEUrlID(zuseUrl)
.build();
return configTypeBuilder()
diff --git a/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java b/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java
index 9ee3ceb..5e4b9b0 100644
--- a/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java
+++ b/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java
@@ -1,6 +1,7 @@
package at.gv.egiz.moazs;
import at.gv.egiz.moazs.msg.MsgClient;
+import at.gv.egiz.moazs.msg.MsgClientFactory;
import at.gv.egiz.moazs.pipeline.DeliveryPipeline;
import at.gv.egiz.moazs.pipeline.SameThreadDeliveryPipeline;
import at.gv.egiz.moazs.repository.DeliveryRepository;
@@ -46,6 +47,9 @@ public class SameThreadDeliveryPipelineTest {
private TnvzClient tnvzClient;
@Mock
+ private MsgClientFactory msgClientFactory;
+
+ @Mock
private MsgClient msgClient;
@Mock
@@ -56,7 +60,7 @@ public class SameThreadDeliveryPipelineTest {
@Before
public void setup() {
- pipeline = new SameThreadDeliveryPipeline(repository, tnvzClient, converter, msgClient);
+ pipeline = new SameThreadDeliveryPipeline(repository, tnvzClient, converter, msgClientFactory);
}
@Test
@@ -129,7 +133,8 @@ public class SameThreadDeliveryPipelineTest {
when(tnvzClient.queryPerson(any(), any())).thenReturn(setupTnvzSuccess(acceptedTypes));
when(converter.convert(eq(mzsRequest) )).thenReturn(msgRequest);
when(converter.convert(eq(mzsRequest), any())).thenReturn(msgRequest);
- when(msgClient.send(msgRequest, mzsRequest.getConfig())).thenReturn(status);
+ when(msgClientFactory.create(msgRequest, mzsRequest.getConfig())).thenReturn(msgClient);
+ when(msgClient.send()).thenReturn(status);
return status;