aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/at/gv
AgeCommit message (Collapse)AuthorFilesLines
2019-06-26Protect MsgClient via SSL (ink Client Authentication)Christof Rabensteiner11-73/+400
- Add Component to create SSLContexts with own Key- and trust store. - Inject SSLContext into HTTP Client. - Add EAAF-Components Core Dependency, which is needed by SSLContextCreator (KeyStoreUtils). Schema Changes in mzs:DeliveryRequest/Config: - Got Rid of mzs:DeliveryRequest/Config/Server. In mzs 1.4.1, Server replaces the result of zkopf query person request. Since this zkopf interface does not exist anymore, Server was removed. - Add ClientType, which holds all parameters needed to connect to a service (Url, SSL params, a.o.). Configuration: - Add default parameters for SSL Clients in application.yaml. - Merge default parameters into incoming mzs:DeliveryRequests. MoaZSException Fixes: - Remove "Extends throwable" from Builder. - Add convenient shorthand init method (message, throwable). Refactor: - Put "determinePath" to FileUtils. - Put string related utility functions into StringUtils.
2019-06-19Unify AppDeliveryID SpellingChristof Rabensteiner3-8/+8
2019-06-19Refactor DeliveryPipelineChristof Rabensteiner2-30/+44
- Resolve nested try-catch blocks - Log error if error occurs - MoaSPSSSignatureVerifier: Replace string concatenation with format strings
2019-06-19Finalize moa-sig-lib's Integration and Add TestcaseChristof Rabensteiner4-16/+98
- Interpret `ISignatureVerificationService` response properly (by following security layer spec [1] and moaspss handbook [2]). - Add config flag `moa.spss.is-manifest-check-active` - Change SignatureVerifier Interface: Remove @return boolean, just throw an exception when a validation error occurs. Reason: In case the signature cannot be validated, the application always needs the reason for the validation error, which requires the verifier to throw an exception. In turn, the only valid return value for `verify()` becomes `true`, which can be omitted at that point. - Add testcase for verifying a valid enveloped xml signature - Remove Certificates that are not needed. [1] https://www.buergerkarte.at/konzept/securitylayer/spezifikation/20140114/core/core.html [2] https://apps.egiz.gv.at/handbooks/moa-spss/handbook/handbook/usage/usage.html
2019-06-13Refactor: Create and Reuse Info Message TemplateChristof Rabensteiner1-4/+5
2019-06-13Refactor: Move Signature Verification in Dedicated PackageChristof Rabensteiner4-5/+5
2019-06-13Fix moa-sig-lib's Integration IssuesChristof Rabensteiner3-40/+119
Fixing "ASN.1 creation error: iaik.asn1.CodingException: Length: Too large ASN.1 object: 109" - Set fallback value ('jks') for system property 'javax.net.ssl.keyStoreType' and 'javax.net.ssl.trustStoreType'. If system property is not defined, MoaSigConfig falls back to value from spring environment. Reason: Without this property explicitly set to JKS, the inclusion of eaaf-components-moa-sig-lib breaks the HTTP client builder and the ASN.1 creation error arises. See [1] for explanation. - Why fall back: Allows a user to configure these parameters via command line, but gives meaningful defaults in case of absent command line properties. Furthermore, these parameters can be configured via application.yaml or .properties. Others: - Set fallback value for system property 'moa.spss.server.configuration'. If system property is not defined, fall back to value from spring environment. Reason: Allows a user to configure these parameters via command line while providing meaningful defaults in case of absent command line properties. - Add switch 'moa.spss.is-active' to enable / disable signature verification. - Change log levels of at.gv.* and iaik.* packages to INFO - Add default certstore (copied from EAAF Components). - Add mzs root certificate to cert- and truststore. - Update readme's installation requirements and guide. Refactor: - Extract public interface of SignatureVerification class. - Rename trustprofile folder. [1] Why eaaf-components-moa-sig-lib breaks HTTP client: - Including eaaf-components-moa-sig-lib includes IAIK's jca/jce and xsect, which in turn injects the iaik provider for cryptographic operations and its own key store (iaik.pkcs.pkcs12.PKCS12KeyStore). - The Apache HTTP client builder will ask for a java.base/javax.net.ssl.SSLSocketFactory because it creates an SSL context, even if the connection runs without SSL. - Somewhere down the stack, this will trigger the TrustStoreManager to hand over the systems default trust store (a JKS file) to IAIK's PKCS12KeyStore. This happens if the type properties of the trust stores are not set. - Oracle relaxed a precondition of this trust store (somewhere in between Java 8 and 11) in the TrustStoreManager: Formerly, the trust store was a JKS object. Now, the trust store can be both a JKS and a PKCS12 object. The TrustStoreManager expects the key store to handle both types, and Oracle's keystore does. However, IAIK's key store cannot handle a JKS object, but since eaaf-components-moa-sig-lib was included, the IAIK key store comes first. - PKCS12KeyStore expects a PKCS12 file but receives a JKS file -> Parser Error.
2019-05-29Integrate MoaSig Verification into SignatureVerifierChristof Rabensteiner2-2/+58
- Verify signature via ISignatureVerificationService. - Override System Property moa.spss.server.configuration via spring's environment (Reason: can configure path to moa SPSS config file via application.yaml & moa SPSS needs this parameter to find the config file) - Setup test configuration directory for moaspss in src/main/resources/moa-spss - Readme: Explain how to install moaspss' dependencies into local repository.
2019-05-28Remove Unused ImportsChristof Rabensteiner4-14/+1
2019-05-28Integrate Sign.Verification and Improve Error Handling of PipelineChristof Rabensteiner12-77/+308
- Ensure proper communication of errors between pipeline and mzs service by converting MoaZSExceptions into DeliveryRequestStatus messages. - Revise MoaZSException: Add optional fields; those fields are a) helpful to construct meaningful error messages and b) optional because, depending on where an exception appears, either existent or non-existent and thus optional. Add inner-class Builder. - Integrate Signature Verification into pipeline and add Stub for SignatureVerification. - Move TNVZResponse's Mimetype check into dedicated class (Reason: separate abstration layers). - Update api changes in testcases.
2019-05-27Intercept Incoming DeliveryRequestStatus and Store as byte[]Christof Rabensteiner7-60/+237
- Add egovutils dependency (Reason: Need DomUtils to serialize / unserialize Soap Message via DOMParser) - Add Incerceptor to MsgClient / -Factory that stores the message content byte-by-byte in the DeliveryRepository. The format is required for successfully validating a DeliveryRequestStatus. - Add SoapUtils, which interacts with byte[] Soap message. - Add CXFMessageUtils, which interacts with CXF Messages from interceptor chains. - Refactor xsd namespaces: Move them out from the PrefixMapper and into a dedicated class.
2019-05-23Refactor: Cleanup CodesmellsChristof Rabensteiner4-9/+5
- Remove unused imports, commented code and copy-pasted code
2019-05-23MZS Schema Changes + Changes in InterfaceChristof Rabensteiner7-15/+129
- MZS cant reply with a msg:DeliveryRequestStatusType to a mzs:DeliveryRequest. Reason: unmarshalling a msg:DeliveryRequestStatusType with JAXB (after receiving the msg reply) breaks the signature in msg:DeliveryRequestStatusType. Why? Because JAXB marshalling tinkers with the namespaces and, as for the current state of knowledge, we cannot configure the JAXB marshaller to reconstruct a XML Document byte-by-byte such that a signature that went through this process can be verified successfully (see [1]). - For this reason, we revert back to mzs:DeliveryResponse and add new fields / remove obsolete fields / capture all changes between zusemsg 1.5.3 and zusemsg 2.0.0. - The easier solution would be to wrap and transmit signed data + signature in a binary (base64) container, such that apache cxf and other web service frameworks won't unmarshall them. This doesnt work because zusemsg 2.0.0 is final. app2mzs.xsd Changes in Detail : - Add DeliverySystem, ZSDeliveryID and GZ to MessageType (MessageType is the base type of DeliveryResponse.Success, -PartialSuccess, and -Error); Reason: It was added to zusemsg 2.0.0. - Add SignedDeliveryRequestStatus to MessageType. Reason: If msg returns signed reply, this element contains the reply as byte[] such that the signature does not break. - Add optional PreadvicenoteSend to ErrorType (because it was added in zusemsg 2.0.0) - Remove MZSDeliveryID from every instance because this ID does not exist anymore (moa zs does not maintain requests in a database). - Remove DocumentReference from ErrorType as it was removed from zusemsg 2.0.0. - Remove DeliveryConfirmation as node in DeliveryNotificiationType because it does not exist anymore in zusemsg 2.0.0; DeliveryConfirmation is also obsolete because all msg' replies are signed and need to be transferred to the sender application as a byte[], which is done by SignedDeliveryRequestStatus node in MessageType. - Remove DeliveryStatement as node in DeliveryNotificiationType because it does not exist anymore in zusemsg 2.0.0. Other Changes - Adapt codebase: MzsService returns mzs:DeliveryResponse. - Implement conversion from msg:DeliveryRequestStatus to mzs:DeliveryResponse. - Add store / retrieve interface to DeliveryRepository that stores signed delivery request statuses as byte[]. Temporary Changes - Disable integration tests which have external dependencies. [1] https://download.oracle.com/javaee-archive/jaxb.java.net/users/2007/03/6674.html Signed-off-by: Christof Rabensteiner <christof.rabensteiner@iaik.tugraz.at>
2019-05-21WIP: SSL Client AuthChristof Rabensteiner3-11/+67
- Refactor MsgClient: Not a Singleton anymore. Use MsgClientFactory to make a client. Make request and config private fields. - Add configuration parameters to application.yaml. - Init SSL client auth testcase, but dont include in testsuite because it aint working yet.
2019-05-20Add Testcase for MsgClientChristof Rabensteiner1-1/+0
2019-05-16Refactor + Document in preprocessChristof Rabensteiner3-28/+30
- Refactor: Move ConfigType.merge's null check to caller. - Revise documentation of preprocess' public methods.
2019-05-16Document Method in ConfigUtilChristof Rabensteiner1-1/+1
2019-05-16Refactor: Merge Converter, Validator, and Merger into UtilChristof Rabensteiner7-137/+114
- Reason: All three classes opertate with the same data type, have the same clients, and have the same reasons for change. - Makes code in client more readable as it reduces number of dependencies.
2019-05-16Refactor and Test ConfigProfileGeneratorChristof Rabensteiner5-81/+192
Refactor - Add Builder to ConfigProfileGenerator. Reason: Constructor had too many arguments. - Move Conversion from Map to Config from ConfigProfileGenerator into dedicated 'ConvertMapToConfig' Class; Reason: I expect additional configuration properties and I don't want those changes to affect the ConfigProfileGenerator (or it's test cases) - Move Access to Spring's env into facade to simplify ConfigProfileGenerator.
2019-05-15Move Services / Clients To Dedicated PackagesChristof Rabensteiner4-15/+16
2019-05-15Handle Config Related Edge Cases in Augmenter & ProfileGeneratorChristof Rabensteiner5-23/+113
ConfigProfileGenerator: - Cancel startup if default Config profile is incomplete. - Add property flag 'verify-completeness-of-default-delivery-request-configuration', which allows admin to disable completeness check. In that case, just log a warning if the default profile is incomplete. Augmenter: - Ensure that after merging the config is complete (or throw an exception otherwise). - Refactor: Move ConfigProfileValidator from ConfigProfileGenerator to dedicated "ConfigProfileValidator" class; Reason: Augmenter needs to check completness of at-runtime-compiled configuration. - Refactor: Rewrote code for better readability. Others - NPE Fix in ConfigProfileMerger: If FallbackConfigProfile/Server is empty, use PrimaryProfile/Server.
2019-05-15Refactor ConfigProfileGeneratorChristof Rabensteiner1-16/+29
- Add Source for Code Snippet. - Break down generate() into smaller chunks.
2019-05-15Integrate Config Profiles + RefactoringChristof Rabensteiner3-52/+90
Config Profile Integration: - Merge generated Configs from ConfigProfileGenerator with the default Config; Reason: Merging profile Configs with default Config asap ensures that profile Configs are "as complete as possible" while allowing profile Configs to "on-demand"-override values from the default Config. - Adapt Augmenter to work with Config profiles: Select a Config on the basis of on msg:DeliveryRequest/Config/ProfileId, fall back to 'default' Config. - Schema change: Make ProfileID optional. Refactoring: - Move Config-merging code from Augmenter into dedicated 'ConfigProfileMerger' class. - ConfigProfileGenerator: Clarify stream pipeline and comply with coding standard w.r.t. constant members. - Add Augmenter test cases for profile selection.
2019-05-15WIP: Generate Map of Config Profiles from Spring EnvironmentChristof Rabensteiner4-23/+101
Augmenter - Replace default Config Profile with map of Config Profiles. Now, Augmenter can choose a config profile at runtime and augment it. - Move Augmenter to sub package. WIP - Implement ConfigProfileGenerator, which retrieves Config profiles from Spring Environment and returns an easy-to-use map with profiles that is keyed with profile id's. - Replace application.properties with application.yaml. - Remove Augmenter test cases: They need to be adapted.
2019-05-14Minor Fixes: Remove Unused Imports; Fix of Error Message; Add TODOChristof Rabensteiner1-1/+2
2019-05-14Implement Per-Field-Overriding of Configuration in AugmenterChristof Rabensteiner6-33/+102
- Rewrite DeliveryRequestAugmenter to allow per-field-overriding of configuration parameters and add test suite. - Mzs schema change: Move DeliveryRequest/Server into DeliveryRequest/Config; Reason: DeliveryRequest/Config contains all parameters exclusively needed by moazs to execute the delivery request. The msg's server url belongs to this set of parameters. - WIP: Add prototype implementation of MsgClient and move MsgClient to dedicated package. - Refactor: move TnvzClient to dedicated package.
2019-05-13Add Unit Tests for DeliveryPipelineChristof Rabensteiner2-7/+8
- Refactor: Move TnvzClient in sub package - Autowire all parameters instead of each parameter individually
2019-05-13Refactor: Throw UnsupportedOperationEx For `Yet To Implement` ClientChristof Rabensteiner1-1/+1
2019-05-13Refactor RedisConfig: Use Diamond OperatorChristof Rabensteiner1-4/+1
2019-05-13Refactor MarshallerChristof Rabensteiner1-4/+4
- Rename jaxbmarshaller field to prevent confusion with class name.
2019-05-13Refactor and Format Fixes in Mzs2MsgConverterChristof Rabensteiner1-3/+3
- Fix: Replace MessageFormat.format with String.format - Refactor: Use Method Reference - Add Todo Item
2019-05-13Refactor RedisDeliveryRepositoryChristof Rabensteiner1-5/+5
- Use correct marshaller bean (mzsMarshaller). - Replace RuntimeException with MoaZSException. - Remove pointless cast.
2019-05-13Refactor: Make NullCoalesce Non-InstantiableChristof Rabensteiner1-1/+3
2019-05-13Refactor and Format Fixes in PipelineChristof Rabensteiner1-10/+9
- Fix: Replace MessageFormat.format with String.format - Refactor: Replace RuntimeException with MoaZSException - Refactor: Use Method Reference
2019-05-13Refactor: Remove Unused MembersChristof Rabensteiner1-12/+2
2019-05-13Refactor: Remove Unused ImportsChristof Rabensteiner1-5/+0
2019-05-13Refactor + Fix: Replace MessageFormat.format with String.formatChristof Rabensteiner1-4/+3
- Reason: Using MessageFormat.format and String.format via static imports (meaning: code only contains `format()`) is confusing. - Format String Fix: Switch from argument position (`{0}`) to argument type specifies (`%s`).
2019-05-13Refactor: Remove 'throws RuntimeException' From SignatureChristof Rabensteiner1-1/+1
- Why was it there to begin with?
2019-05-13Refactor: Autowire All Parameters Once Instead of IndividuallyChristof Rabensteiner1-2/+3
2019-05-10Refactor Exception Handling in App2MzsChristof Rabensteiner2-5/+23
- Define dedicated runtime exception - Put AppDeliveryId in exception message
2019-05-10Refactor: Eliminate Non-Compliant HashMap InitializationChristof Rabensteiner1-8/+8
2019-05-10Refactor: Rename DeliveryPreprocessor to AugmenterChristof Rabensteiner2-14/+9
- Reason: Preprocessor does not perform any validation anymore!
2019-05-10Remove TargetNamespace Declaration in App2MzsServiceChristof Rabensteiner1-4/+1
2019-05-10Fix Hardcoded WSDL locationsChristof Rabensteiner1-2/+7
2019-05-09Reactivate and Fix Unit TestsChristof Rabensteiner1-1/+1
- Relax Validation for now by only validating incoming requests.
2019-05-09Fix: Enable ApacheCXF's Automated Schema ValidationChristof Rabensteiner3-42/+14
Problem: Apache CXF does not validate incoming mzs:DeliveryRequests automatically. Per default, validation is off (performs better). However, (1) we need to validate incoming requests, and (2) automated CXF validation requires less maintenance and is expected to be more stable than manual validation. Solution: - Add @SchemaValidation annotation to @Service. - Endpoint Configuration: set WsdlLocation and ServiceName (needed to prevent parser errors; see [1]). Without those, CXF validates against generated classes and not against the WSDL spec, and generated classes do not contain format restrictions. Add a testcase with an invalid delivery request ("rejectBothProfile- AndCorporateBody") to ensure that the validator works. [1] https://stackoverflow.com/questions/2231779/cxf-and-validation-schema-restrictions-ignored
2019-05-08WIP delivery request validationChristof Rabensteiner2-11/+42
2019-05-08Refactor: Consolidate Schema-Related ComponentsChristof Rabensteiner6-8/+7
2019-05-08Fix Namespace Prefixes in Marshaled Messages (msg: instead of ns#:)Christof Rabensteiner3-10/+106
- Implement own NamespacePrefixMapper that maps prefixes depending on whether a msg or a mzs object is being marshaled. - Namespaces are not hardcoded but extracted from jaxb's generated sources (somewhat indirect, can be considered a hack, but there's no public API to extract namespaces)
2019-05-08Implement Pipeline Flow and mzs2msg ConversionChristof Rabensteiner4-11/+420
- Implement and test conversion from mzs:DeliveryRequest to msg:DeliveryRequest with the "convert-pojos-by-hand"-strategy. Reason: The chosen strategy benefits from JAXB's strong typing, which is useful in this scenario: Differences between msg and mzs are nuanced and easy to overlook. The chosen strategy is, unfortunately, verbose and could become expensive to maintain. - Update SameThreadDeliveryPipeline: Integrate tnvz query, conversion, and msg query. - Add MsgClient stub. tnvz: - Change TnvzClient stub interface. - Implement mimetype mismatch check from tnvz Response. - Put p:Identification from tnvz response into msg:DeliveryRequest. MZS Schema changes: - Replace DeliveryRequest/Sender/Person with CorporateBody (because thats the only sender that is allowed by zusemsg) and add a SenderProfile choice. - Add ID Attribute to DeliveryRequest/Sender because msg/DeliveryRequest/Sender/AbstractSenderPersonType also has an id attribute. - Remove PersonDataType because it's dead code.