WIP: SSL Client Auth

- Refactor MsgClient: Not a Singleton anymore. Use MsgClientFactory to
  make a client. Make request and config private fields.
- Add configuration parameters to application.yaml.
- Init SSL client auth testcase, but dont include in testsuite because
  it aint working yet.

4 files changed, 105 insertions, 14 deletions

diff --git a/src/main/java/at/gv/egiz/moazs/msg/MsgClient.java b/src/main/java/at/gv/egiz/moazs/msg/MsgClient.java
index 47ee8c3..6f0b1d9 100644
--- a/src/main/java/at/gv/egiz/moazs/msg/MsgClient.java
+++ b/src/main/java/at/gv/egiz/moazs/msg/MsgClient.java
@@ -4,24 +4,64 @@ import at.gv.zustellung.app2mzs.xsd.ConfigType;
 import at.gv.zustellung.msg.xsd.App2ZusePort;
 import at.gv.zustellung.msg.xsd.DeliveryRequestStatusType;
 import at.gv.zustellung.msg.xsd.DeliveryRequestType;
+import org.apache.cxf.jaxws.JaxWsClientFactoryBean;
 import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
-import org.springframework.stereotype.Component;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
-@Component
 public class MsgClient {
 
-    public DeliveryRequestStatusType send(DeliveryRequestType msgRequest, ConfigType config) {
-        var address = config.getServer().getZUSEUrlID();
-        var proxy = connect(address);
+    private static final Logger log = LoggerFactory.getLogger(MsgClient.class);
+
+    private final DeliveryRequestType msgRequest;
+    private final ConfigType config;
+
+    MsgClient(DeliveryRequestType msgRequest, ConfigType config) {
+        this.msgRequest = msgRequest;
+        this.config = config;
+    }
+
+    public DeliveryRequestStatusType send() {
+
+        var proxy = connect(config);
+
         return proxy.delivery(msgRequest);
 
     }
 
-    private App2ZusePort connect(String address) {
+    private App2ZusePort connect(ConfigType config) {
+
+        new JaxWsClientFactoryBean();
+
+        var address = config.getServer().getZUSEUrlID();
         var factory = new JaxWsProxyFactoryBean();
         factory.setServiceClass(App2ZusePort.class);
         factory.setAddress(address);
-        return (App2ZusePort) factory.create();
+
+        var proxy = factory.create();
+
+//        var client = ClientProxy.getClient(proxy);
+//        var conduit = (HTTPConduit) client.getConduit();
+//
+//        if (addressIsHttps(address)) {
+//            var tlsParams = new TLSClientParameters();
+//            tlsParams.setSSLSocketFactory(createSSLContext().getSocketFactory());
+//            conduit.setTlsClientParameters(tlsParams);
+//        }
+
+        return (App2ZusePort) proxy;
+    }
+
+//    private SSLContext createSSLContext() {
+//        java.util.Properties props = new Properties();
+//        props.entrySet();
+//
+//        // return SSLUtils.getPropertiesSSLContext(this.props, this.configDir, this.propsPrefix, forceTrustAllManager);
+//        return null;
+//    }
+
+    private boolean addressIsHttps(String address) {
+        return address.startsWith("https://");
     }
 
 }
diff --git a/src/main/java/at/gv/egiz/moazs/msg/MsgClientFactory.java b/src/main/java/at/gv/egiz/moazs/msg/MsgClientFactory.java
new file mode 100644
index 0000000..9884bd5
--- /dev/null
+++ b/src/main/java/at/gv/egiz/moazs/msg/MsgClientFactory.java
@@ -0,0 +1,14 @@
+package at.gv.egiz.moazs.msg;
+
+import at.gv.zustellung.app2mzs.xsd.ConfigType;
+import at.gv.zustellung.msg.xsd.DeliveryRequestType;
+import org.springframework.stereotype.Component;
+
+@Component
+public class MsgClientFactory {
+
+    public MsgClient create(DeliveryRequestType msgRequest, ConfigType config) {
+        return new MsgClient(msgRequest, config);
+    }
+
+}
diff --git a/src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java b/src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java
index 3d7f8e9..bfd05b2 100644
--- a/src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java
+++ b/src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java
@@ -2,6 +2,7 @@ package at.gv.egiz.moazs.pipeline;
 
 
 import at.gv.egiz.moazs.msg.MsgClient;
+import at.gv.egiz.moazs.msg.MsgClientFactory;
 import at.gv.egiz.moazs.tnvz.TnvzClient;
 import at.gv.egiz.moazs.repository.DeliveryRepository;
 import at.gv.egiz.moazs.scheme.Mzs2MsgConverter;
@@ -27,17 +28,17 @@ public class SameThreadDeliveryPipeline implements DeliveryPipeline {
     private final DeliveryRepository repository;
     private final TnvzClient tnvzClient;
     private final Mzs2MsgConverter converter;
-    private final MsgClient msgClient;
+    private final MsgClientFactory msgClientFactory;
 
     @Autowired
     public SameThreadDeliveryPipeline(DeliveryRepository repository,
                                       TnvzClient tnvzClient,
                                       Mzs2MsgConverter converter,
-                                      MsgClient msgClient) {
+                                      MsgClientFactory msgClientFactory) {
         this.repository = repository;
         this.tnvzClient = tnvzClient;
         this.converter = converter;
-        this.msgClient = msgClient;
+        this.msgClientFactory = msgClientFactory;
     }
 
     @Override
@@ -48,7 +49,8 @@ public class SameThreadDeliveryPipeline implements DeliveryPipeline {
                 ? converter.convert(mzsRequest, queryPerson(mzsRequest))
                 : converter.convert(mzsRequest);
 
-        var status = msgClient.send(msgRequest, mzsRequest.getConfig());
+        var msgClient = msgClientFactory.create(msgRequest, mzsRequest.getConfig());
+        var status = msgClient.send();
         repository.add(status);
     }
 
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index a59c460..d43e7dc 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -13,9 +13,31 @@ spring:
 # Order: DeliveryRequest/Config > [chosen-profile] > default
 delivery-request-configuration-profiles:
   default:
+    ## All parameters for MSG client.
     msg:
-      url: http://localhost:8081/
-      x509: todo!
+
+      ## How to reach
+      url: http://localhost:8081/services/DeliveryRequest
+      ssl:
+
+        ## Parameters for ssl client auth
+        keystore:
+          ## Absolute path to file
+          filename:
+          ## Password to unlock key store.
+          password: 1233
+          ## JKS or PKCS12
+          type: JKS
+
+        ## Boolean; if true, app will trust all server certificates;
+        ## if false, server certificate needs to be in truststore.
+        trustall: false
+
+        ## Boolean; if true, app ignores mismatches between server's host name and
+        ## Certificate's common name / alternative subject name.
+        laxhostnameverification: false
+
+
     perform-query-person-request: false
 
   app-profile-1:
@@ -27,7 +49,20 @@ delivery-request-configuration-profiles:
     msg:
       url: https://msg-url2.com
 
+key-store-profiles:
+  msg-key-store:
+
+
+
+
 ## If set to false, moa zs ignores an incomplete default DeliveryRequest-configuration
 ## profile and continues startup. See 'delivery-request-configuration-profiles'.
 ## Default value: true
-# verify-completeness-of-default-delivery-request-configuration: false
\ No newline at end of file
+# verify-completeness-of-default-delivery-request-configuration: false
+
+
+#  ssl.keystore.file=../keys/www.egiz.gv.at.p12
+#  egovutil.mis.ssl.keystore.password=OSgmSn!
+#  egovutil.mis.ssl.keystore.type=PKCS12
+#  egovutil.mis.ssl.trustall=true
+#  egovutil.mis.ssl.laxhostnameverification=false
\ No newline at end of file