Minor Fixes And Refactoring

- Fix typo in SafeResponseToFileSink.
- MoaZSException: Simplify constructor by replacing lots of arguments
  with the builder instance.
- Fix minor codesmells (unused imports, superfluous braces).

2 files changed, 0 insertions, 246 deletions

diff --git a/src/main/java/at/gv/egiz/moazs/util/ClientFactory.java b/src/main/java/at/gv/egiz/moazs/util/ClientFactory.java
deleted file mode 100644
index d0a445b..0000000
--- a/src/main/java/at/gv/egiz/moazs/util/ClientFactory.java
+++ /dev/null
@@ -1,113 +0,0 @@
-package at.gv.egiz.moazs.client;
-
-import at.gv.egiz.moazs.util.FileUtils;
-import at.gv.egiz.moazs.util.StoreSOAPBodyBinaryInRepositoryInterceptor;
-import at.gv.zustellung.app2mzs.xsd.ClientType;
-import at.gv.zustellung.app2mzs.xsd.KeyStoreType;
-import at.gv.zustellung.app2mzs.xsd.SSLType;
-import org.apache.cxf.configuration.jsse.TLSClientParameters;
-import org.apache.cxf.endpoint.Client;
-import org.apache.cxf.frontend.ClientProxy;
-import org.apache.cxf.jaxws.JaxWsClientFactoryBean;
-import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
-import org.apache.cxf.transport.http.HTTPConduit;
-import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
-import javax.annotation.Nullable;
-import javax.net.ssl.SSLContext;
-import javax.xml.ws.BindingProvider;
-import javax.xml.ws.soap.SOAPBinding;
-
-import static at.gv.zustellung.app2mzs.xsd.KeyStoreType.keyStoreTypeBuilder;
-
-@Component
-public class ClientFactory {
-
-    private static final Logger log = LoggerFactory.getLogger(ClientFactory.class);
-
-    private final StoreSOAPBodyBinaryInRepositoryInterceptor storeResponseInterceptor;
-    private final SSLContextCreator sslContextCreator;
-    private final FileUtils fileUtils;
-
-    @Autowired
-    public ClientFactory(StoreSOAPBodyBinaryInRepositoryInterceptor storeResponseInterceptor,
-                         SSLContextCreator creator,
-                         FileUtils fileUtils) {
-        this.storeResponseInterceptor = storeResponseInterceptor;
-        this.sslContextCreator = creator;
-        this.fileUtils = fileUtils;
-    }
-
-    /**
-     * Creates a client that communicates with a soap service.
-     *
-     * @param params for the client, such as service url and ssl parameters.
-     * @return the client
-     */
-    public <T> T create(ClientType params, Class<T> clazz) {
-
-        var factory = new JaxWsClientFactoryBean();
-        factory.setServiceClass(clazz);
-        factory.setAddress(params.getURL());
-        factory.getInInterceptors().add(storeResponseInterceptor);
-
-        var proxy = new JaxWsProxyFactoryBean(factory).create();
-        Client client = ClientProxy.getClient(proxy);
-        HTTPConduit http = (HTTPConduit) client.getConduit();
-
-        var bindingProvider = (BindingProvider) proxy;
-        SOAPBinding binding = (SOAPBinding) bindingProvider.getBinding();
-        binding.setMTOMEnabled(true);
-
-        var httpClientPolicy = new HTTPClientPolicy();
-        httpClientPolicy.setConnectionTimeout(params.getConnectionTimeout().longValueExact());
-        httpClientPolicy.setReceiveTimeout(params.getReceiveTimeout().longValueExact());
-        http.setClient(httpClientPolicy);
-
-        if (params.getURL().startsWith("https")) {
-            TLSClientParameters tlsParams = setupTLSParams(params.getSSL());
-            http.setTlsClientParameters(tlsParams);
-            log.info("SSLContext initialized. ");
-        }
-
-        return ((T)proxy);
-    }
-
-    private TLSClientParameters setupTLSParams(SSLType ssl) {
-
-        var tlsParams = new TLSClientParameters();
-        var keystore = resolveKeyStorePath(ssl.getKeyStore());
-
-        SSLContext sslContext;
-        if (ssl.isTrustAll()) {
-            sslContext = sslContextCreator.createUnsafeSSLContext(keystore);
-        } else {
-            var truststore = resolveKeyStorePath(ssl.getTrustStore());
-            sslContext = sslContextCreator.createSSLContext(keystore, truststore);
-        }
-        tlsParams.setSSLSocketFactory(sslContext.getSocketFactory());
-
-        if (ssl.isLaxHostNameVerification()) {
-            tlsParams.setDisableCNCheck(true);
-        }
-
-        return tlsParams;
-    }
-
-    private KeyStoreType resolveKeyStorePath(@Nullable KeyStoreType store) {
-
-        if (store == null) return null;
-
-        var resolvedURI = "file:" + fileUtils.determinePath(store.getFileName());
-        log.trace("Resolved key store path from {} to {}.", store.getFileName(), resolvedURI);
-
-        return keyStoreTypeBuilder(store)
-                .withFileName(resolvedURI)
-                .build();
-    }
-
-}
diff --git a/src/main/java/at/gv/egiz/moazs/util/SSLContextCreator.java b/src/main/java/at/gv/egiz/moazs/util/SSLContextCreator.java
deleted file mode 100644
index 8fb5d80..0000000
--- a/src/main/java/at/gv/egiz/moazs/util/SSLContextCreator.java
+++ /dev/null
@@ -1,133 +0,0 @@
-package at.gv.egiz.moazs.client;
-
-import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils;
-import at.gv.zustellung.app2mzs.xsd.KeyStoreType;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.lang.Nullable;
-import org.springframework.stereotype.Component;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import javax.net.ssl.X509TrustManager;
-
-import javax.net.ssl.*;
-import java.io.IOException;
-import java.security.*;
-
-import static at.gv.egiz.moazs.MoaZSException.moaZSException;
-import static java.lang.String.format;
-
-@Component
- /**
-  * Adapted from at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient
-  */
-public class SSLContextCreator {
-
-    private static final Logger log = LoggerFactory.getLogger(SSLContextCreator.class);
-
-    private static final String SSL_WARN_MAN_IN_THE_MIDDLE_MSG =
-            "HTTP Client trusts ANY server certificate and is therefore vulnerable to Man-In-The-Middle attacks. " +
-                    "Use this configuration for testing purposes only and NOT IN PRODUCTION. ";
-
-    /**
-     * Creates an SSL Context.
-     *
-     * @param keystore (if null, use no key store)
-     * @param truststore (if null, use default trust store)
-     * @throws at.gv.egiz.moazs.MoaZSException
-     */
-    public SSLContext createSSLContext(@Nullable KeyStoreType keystore, @Nullable KeyStoreType truststore) {
-        return createSSLContext(keystore, false, truststore);
-    }
-
-    /**
-     * Creates an SSL Context that trusts all certificates. Don't use in production.
-     *
-     * @param keystore (if null, use no key store)
-     * @throws at.gv.egiz.moazs.MoaZSException
-     */
-    public SSLContext createUnsafeSSLContext(@Nullable KeyStoreType keystore) {
-        log.warn(SSL_WARN_MAN_IN_THE_MIDDLE_MSG);
-        return createSSLContext(keystore, true, null);
-    }
-
-    private SSLContext createSSLContext(@Nullable KeyStoreType keystore, boolean trustAll, @Nullable KeyStoreType truststore) {
-        try {
-            SSLContext context = SSLContext.getInstance("TLS");
-            KeyManager[] keyManager = initKeyManager(keystore);
-            TrustManager[] trustManager = trustAll
-                    ? new TrustManager[]{new TrustAllManager()}
-                    : initTrustManager(truststore);
-            context.init(keyManager, trustManager, new SecureRandom());
-            return context;
-        } catch (NoSuchAlgorithmException | KeyManagementException e) {
-            throw moaZSException("SSLContext initialization FAILED.", e);
-        }
-    }
-
-    private KeyManager[] initKeyManager(KeyStoreType keystore) {
-        if (keystore == null) {
-            log.trace("No keystore path provided. NOT using SSL client authentication. ");
-            return null;
-        } else {
-            log.trace("Find keystore path: {}. Injecting SSL client certificate... ", keystore.getFileName());
-            try {
-                KeyStore keyStore = KeyStoreUtils.loadKeyStore(
-                        keystore.getFileType(), keystore.getFileName(), keystore.getPassword());
-                KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
-                kmf.init(keyStore, keystore.getPassword().toCharArray());
-                log.trace("SSL client certificate injected.");
-                return kmf.getKeyManagers();
-            } catch (IOException | GeneralSecurityException e) {
-                throw moaZSException(format("Can NOT load SSL client certificate from path: %s.",
-                        keystore.getFileName()), e);
-            }
-        }
-    }
-
-    private TrustManager[] initTrustManager(KeyStoreType truststore) {
-        if (truststore == null) {
-            log.trace("Using default truststore. ");
-            return null;
-        } else {
-            log.trace("Find truststore path: {}. Injecting SSL truststore... ", truststore.getFileName());
-            try {
-                KeyStore trustStore = KeyStoreUtils.loadKeyStore(
-                        truststore.getFileType(), truststore.getFileName(), truststore.getPassword());
-                TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
-                tmf.init(trustStore);
-                log.trace("SSL TrustStore injected to client. ");
-                return tmf.getTrustManagers();
-            } catch (GeneralSecurityException | IOException e) {
-                throw moaZSException(format("Can NOT open SSL TrustStore from path: %s.",
-                        truststore.getFileName()), e);
-            }
-        }
-    }
-
-    /**
-     * Class implementing a trust manager that trusts all certificates.
-     *
-     * @author Arne Tauber
-     */
-    public static class TrustAllManager implements X509TrustManager {
-
-        private static Logger log = LoggerFactory.getLogger(TrustAllManager.class);
-
-        public X509Certificate[] getAcceptedIssuers() {
-            return new X509Certificate[0];
-        }
-
-        public void checkClientTrusted(X509Certificate[] arg0, String arg1)
-                throws CertificateException {
-            log.debug("Automatically accepting client certificate as trusted.");
-        }
-
-        public void checkServerTrusted(X509Certificate[] arg0, String arg1)
-                throws CertificateException {
-            log.debug("Automatically accepting server certificate as trusted.");
-        }
-    }
-
-
-}