aboutsummaryrefslogtreecommitdiff
path: root/src/test/java/at/gv/egiz
AgeCommit message (Collapse)AuthorFilesLines
2020-02-18SSL Tests: Fix RoutesChristof Rabensteiner1-5/+5
2019-12-09Add "Forward-Response-to-Service" Test CasesChristof Rabensteiner4-23/+137
- Refactor: Move genTimestamp from ITMzsServiceTest to TestUtils (because needed in multiple test cases). - application.yaml: Complete app-client config in config profile.
2019-12-09Test Refactor: Move SOAP Client Utilities into Dedicated ClassChristof Rabensteiner2-56/+66
2019-12-03Finalize "Removal of JAXB Class Not Found Fix"Christof Rabensteiner1-1/+3
- Problem: I fixed CompletableFuture.*async within the DeliveryRequest flow, but forgot to do the same for the DeliveryRequestStatus / DeliveryNotification flow. - Solution: Ensure that all CompletableFuture.*async() invocations have Spring's task executor attached.
2019-11-29Refactor & Fix Client Creation in Client FactoryChristof Rabensteiner3-6/+6
- Refactor: Replace createSoap1{1,2} with create{Tnvz,App,Msg}Client. Configure each method with zusespec's specific parameters. Reason: Each service requires different parameters (e.g. with / without MTOM? soap11 / soap12? store responses in binary respository - yes/no?). These parameters could be placed in the client configuration of application.yaml. Since the parameters are tied to zusespecs, they do not need to be configurable via application.yaml. Another benefit for this refactoring is to improve readability. - Fix: Disable "Store Response" for TNVZ Client and App Client
2019-11-29Alter Case Handling "Get Notification where AppDeliveryID is unknown"Christof Rabensteiner1-13/+12
- Former: Fail with Exception. - Now: Issue a warning and fall back to default configuration profile after verifying that sinks in default configuration profile are correctly configured. - Refactor: Make DEFAULT_CONFIG_KEY static.
2019-11-22Fix Msg Schema Error: Honor Mutual Exclusiveness of <Choice>Christof Rabensteiner1-0/+35
- Problem: When activating the QueryPersonRequest, the TNVZ returns an Identification element that needs to be integrated into the msg:DeliveryRequest as a child of Receiver. The Identification child is mutually exclusive to another sequence consisting of (Person, AustrianAddressesOnly, Address). I forget to delete the sequence when adding the Identifcation element and violate the the msg schema. - Solution: Delete sequence when adding Identification. - Test the fix in test case. Thanks to Johannes Hörtnagl for pointing out the problem.
2019-10-30Refactor: Rename ClientFactory.create InterfaceChristof Rabensteiner3-6/+6
- Reason: Consistency
2019-10-04Add @author Tag Where It Was MissingChristof Rabensteiner13-0/+52
2019-10-04Add Licenses, NOTICE, and License HeaderChristof Rabensteiner13-0/+273
2019-10-03Update zusemsg and zusetnvz to Newest Version & Accommodate ChangesChristof Rabensteiner2-18/+26
Upgrade zusemsg 2.2.0 to 2.2.007: - msg:RelayedViaERV - Change from boolean to complex type (ervcode). - Move from msg:DeliveryRequestStatusType/Success into msg:DeliveryRequestStatusType, which affects Success, Error, and PartialSuccess. - Was removed from DeliveryNotificationType. - Change msg:DeliveryNotification/Answer from list to singleton. - Change msg:DeliveryRequestStatusType/PartialSuccess is to type AnswerType. - msg:DeliveryRequestStatusType and msg:DeliveryNotificationType receive the attribute ID (for signature referencing). - Add new optional element msg:AustrianAdressesOnly (IndicatorType) to DeliveryRequestType/Receiver/(choice sequence). - Add new optional element ClearingProfilID to DeliveryRequestType/Sender. - Add new element ERVConfirmedDelivery, which subsitutes msg:Answer and extends msg:AbstractOperation - Has element ErvCode (also new token256 type). - Has element ERVDeliveryTimestamp. - Add new optional element TargetIdentification of type p:IdentificationType to msg:DeliveryNotification/User/ as optional element. - Add new enumeration "System" to msg:DeliveryNotification/User/Role. - Rename type AustrianLanguageType from "AustrianEthicMinorityLanguageType" to "AustrianLanguageType" and add "DE" as value. - msg:Tags were unbounded, now they are limited to 20. - VersionNumberType: Patch version can have three digits. Upgrade zusetnvz 2.2.0 to 2.2.006: - Add StandardMimeTypeList to tnvz:QueryPersonResponse and tnvz:QueryAdressabilityResponse. - Add AllStandardMimeTypes (indicator) to tnvz:PersonResult/Success. - Add optional msg:MetadataList to tnvz:PersonQueryType/Metadata tnvz:AddressabilityQueryType/Metadata. - Move tnvz:AustrianAdressesOnly to msg namespace. Carry zusemsg changes into app2mzs interface: - Switch namespace of AustrianAdressesOnly from tnvz to msg. - Add new optional element ClearingProfilID to mzs:DeliveryRequestType/Sender; Reason: Element was added to zusemsg 2.2.007. - Add new choice in mzs:DeliveryNotification to forward new answer type msg:ERVConfirmedDelivery to the app. - Move msg:RelayedViaERV from SuccessType into MessageType (now it's available to all types that derive from MessageType). Accommodate zusemsg/tnvz changes in code base: - TNVZHelper: Consider StandardMimeTypeList when assessing if DeliveryRequest/mimetypes overlap with TNVZ's Accepted Mimetypes. - Msg2MzsConverter: - Put getRelayedViaERV() into all DeliveryStatusRequest replies. - Honor that Notification/Answer is Singleton instead of List. - Handle case were DeliveryNotification/Answer is of type ERVConfirmedDeliveryType. - Remove RelayedViaERV from DeliveryNotification as this element is not available anymore. - NotificationResponse: Honor that Notification/Answer is Singleton instead of List. Fix all testcases and sample soap messages to comply with schema changes.
2019-10-02For {TNVZ, MSG}: Switch to Soap 1.2Christof Rabensteiner2-8/+8
- But: Leave MZS Interface at Soap 1.1 - Add ClientFactory.createSOAP11 to ensure that we can talk back to the app.
2019-10-02Add Testcase for Parsing BooleansChristof Rabensteiner1-0/+16
2019-08-30Fix Tnvz TypoChristof Rabensteiner1-1/+1
- sed 's/tvnz/tnvz/'
2019-08-28Fixes and RefactoringChristof Rabensteiner1-5/+2
- JAXB Hack: Handle InterruptionException properly (as in [1], "Dont swallow Interrupts") - Mzs2MsgConverter: Rename convert(Person) to convertReceiverPerson(Person) to emphasize that this method can only be used to convert Receiver Persons (Reminder: Receiver Persons are PhysicalPersons / CorporateBodies. SenderPersons can also be Authorities) - Mzs2MsgConverter: Remove assertion because not needed anymore. - Refactor: Move mzs:DeliveryRequest validation out ouf augmenter and into service. - Refactor: Create a single entry point for validating a mzs:DeliveryRequest. - Remove unused imports. - Fix log messages. [1] https://www.ibm.com/developerworks/java/library/j-jtp05236/index.html?ca=drs-#2.1
2019-08-26Fix: Change Injection of signatureVerifier Bean into TestSuiteChristof Rabensteiner1-14/+14
- Problem: @TestConfiguration did not override config/MoaSigConfig. - Therefore test uses bean that is configured via application.yaml. - Solution: Replace @TestConfiguration with bean that was created and configured directly in testcase.
2019-08-23Remove SSL Depending Testcases from Integration Test SuiteChristof Rabensteiner1-4/+4
- Reason: Now we can run integration tests without the need to set up SSL reverse proxy with client certificates.
2019-08-20Replace Thread.sleep with AwaitChristof Rabensteiner1-13/+11
2019-08-20Add Custom Http Headers to HTTP ClientsChristof Rabensteiner1-0/+80
- Change app2mzs schema: Add Custom Headers to ClientType Element. - Set custom headers in ClientFactory. - Parse custom headers from spring environment. - Merge custom headers from two different profiles. - Add example to application.yaml. - Test conversion of custom headers from spring profile - Test merging and overriding custom headers.
2019-08-19Add Two "VerifySignature" TestcasesChristof Rabensteiner1-0/+38
2019-07-31Add Testcase For "Verify Signed Notification"Christof Rabensteiner1-0/+10
2019-07-22Test Flow of DeliveryRequest from "End-To-End" & Fix BugsChristof Rabensteiner6-44/+436
Schema Changes: - Remove mzs:DeliveryRequest/TnvzMetaData because all metadata fields can be collected from DeliveryRequest and redundancy is not needed. Fixes and Refactoring in preprocess: - MzsDeliveryRequestValidator: Instead of returning false, throw an exception when a condition is not met, and explain which condition is not met / why it is not met in the exception's message. - Integrate interface change in ConfigProfileGenerator and DeliveryRequestAugmenter. - Rewrite and simplify DeliveryRequestAugmenter's augmentation. - ConfigUtil Fixes: Ensure that we do not override the wrong parameters while merging. This error appeared in tnvz / msg client, connection / receive timeout, key / trust store, and lax hostname verification / trust all. Fix Bugs in Interceptor / SoapUtils: - Problem: DOM access and information extraction was implemented somewhat sloppy. - SolutioN: Change DOM access interface to access DOM more efficiently. Add boundary checks and handle edge cases while extracting information from SOAP Messages. - Test those changes properly. Testing: - Implement Delivery Request Flow in ITEndToEndTest. - Start application on random port instead of fixed port when running integration tests. - Add assertions to tests in ITMzsServiceTest suite. Others Bug Fixes: - ServicesConfig: Ensure that mzs service and msg service run on different endpoint addresses (/msg and /mzs). - DeliveryRequestBackend: Throw exception when binary message is missing. Don't wrap the exception. - SaveResponseToFileSink: Wrap Response in JAXB Element (otherwise, marshaller does not recognize it)
2019-07-17Put MoaZSException on Diet & Handle Edge CasesChristof Rabensteiner2-23/+14
Reason: MoaZSException (and: its builder) were used to collect intermediary results while stepping through the delivery request backend. These results were needed to generate meaningful responses towards the sender application in case of error. However, the builder sprawled over too many interfaces (e.g. DeliveryRequestBackend and TNVZHelper) and it became difficult to understand from where intermediary results originated. Solution: Put MoaZSException on diet: - Remove all DeliveryAnswer fields from MoaZSException and refactor code base to ensure that the removed fields get sourced by other means. - Remove Builder since amount of parameters is manageable. Refactor DeliveryRequestBackend: - Instead of passing down the builder and using MoaZSException as the only source for intermediary results, we collect available results at the outermost stack frame (DeliveryRequestBackend.accept) and only retrieve results via exception if those results appear somewhere down the stack frame (E.g. PredviceNoteSent). We collect available results with the "fallbackAnswerBuilder" and switch to the msg client response, once received. Refactor MsgResponseBackend: - Handle cases (response missing, binary response missing) properly. - Integrate changes from MsgResponse.generateError() Refactor TVNZHelper: - Remove MoaZSExceptionBuilder from all interfaces. Refactor MsgResponse.generateError: - Change interface such that it's more intuitive. - Implement NotificationResponse.generateError. - Implement RequestStatusResponse.generateError. Others: - Replace all invocations against MoaZSException.Builder.
2019-07-15Save Response To File Sink: Add Path to Configuration + FixChristof Rabensteiner1-2/+2
- Fix in ConfigUtil: SaveResponseToFile boolean would override LogResponse configuration (Copy Paste Error).
2019-07-12Allow App To Choose Between MsgResponse SinksChristof Rabensteiner2-1/+79
- MZS Schema Change: Add "MsgResponseSinks" element to mzs:DeliveryRequest/Config that allows sender to configure how MsgResponses should be archived. - ConfigUtil: Interpret MsgResponseSink parameters from Spring Environment and merge with ConfigType. - MsgResponseBackend: Send responses to sinks according to MsgResponseSinks in Config - application.yaml: Add MsgResponseSinks parameter to configuration. - Uncouple Sink implementations from java.util.function.Function, because the sink interfaces are going to differ and there is no need to unite them under one interface. - Add and test LogResponseSink, which logs responses to it's logger. - MsgResponse: Add JAXB getter for response. Reason: Can be passed to marshaller.
2019-07-12Renamed and Simplified SignatureVerifierChristof Rabensteiner1-2/+2
2019-07-09Refactor Needles Interfaces and Rename "process" to "backend"Christof Rabensteiner4-27/+21
Reason: - Interfaces with a single method can be replaced with interfaces from java.util.function. - Less interfaces = less code = less maintenance! - Spring can inject beans by name so we name dependencies correctly to prevent ambiguity. Others: - Rename process to backend since backend gives a better description of its components.
2019-07-09Minor Fixes And RefactoringChristof Rabensteiner1-7/+7
- Fix typo in SafeResponseToFileSink. - MoaZSException: Simplify constructor by replacing lots of arguments with the builder instance. - Fix minor codesmells (unused imports, superfluous braces).
2019-07-09Refactor: Merge BinaryRepository into DeliveryRepositoryChristof Rabensteiner3-18/+14
- Reason: Components, which rely on one of those, usually also rely on the other, so merging them reduces amount of dependencies. - Frame operations in DeliveryRepository API as "store" and "retrieve" operations. - Rename: Convert *Id in local variable names to upper case.
2019-07-09Refactor MsgResponse and its IDsChristof Rabensteiner1-2/+2
StoreSOAPBodyBinaryInRepositoryInterceptor: - Replace "generate body's id via concatenation" with "give the right generator function the app delivery id and let the generator function do the work". Reason: Prevent the logistics of deriving IDs to spill into unrelated components. MsgResponse refactor: - Make MsgResponse an abstract class. - Derive ResponseID's ONLY in MsgResponse::createResponseID. Others: - Ensure that all invocations to DeliveryRepository.getResponse and BinaryRepository.get use "responseID" instead of ambiguous "id" or incorrect "appDeliveryID". - Move SingleThreadedDeliveryPipeline into process package.
2019-07-08Implement Zuse2App ServicesChristof Rabensteiner7-35/+169
- Add zuse2app.wsdl contract. - Add MsgResponse as an type-agnostic view for DeliveryRequestStatus and DeliveryNotification messages. Reason: Both DeliveryNotification and DeliveryRequestStatus messages have similar fields and need to be treated similarly (e.g.: receive from msg service, store to repository, verify signature, store to file...). In order to prevent duplicated code, the wrapper interface provides a type-agnostic view onto these messages for depending components to operate on. - Add MsgResponseHandler interface; decides how to process MsgResponse. Also implement this handler with a multi-threaded single-node implementation. - Add MsgResponseSink interface; decides how to archive MsgResponse. - Implement and test SafeResponseToFileSink. Change Identifier for MsgResponses: - Before, DeliveryRequestStatus and DeliveryNotifications had their own repositories. Now, both types are stored in the same repository (the MsgResponse repository) to streamline the handling of MsgResponses. We need to change the identification of MsgReponses, otherwise the identifiers (AppDeliveryID) clash. - MsgResponses are not identified by: <AppDeliveryId>+<typeSpecificSuffix> - Rewrite StoreSOAPInterceptor to accommodate fact that, both DeliveryRequestStatus and DeliveryNotification messages have different IDs upon storage / retrieval. Restructure packages and components as follows: - client: All components that are involved when consuming a web service. - process: "fabric" of MoaZS; contains business logic that orchestrates back-end tasks of MoaZS's operational services, e.g.: by processing a delivery request. - service: Implementation of MoaZS's front-end services. Refactoring: - MoaZSException: Remove unused fields. Before: Store mzsrequest, tnvzresult, msgrequest and msgresult as members. Now: Only keep the fields that are needed later, e.g for generating a msg:DeliveryRequestStatus element. Add copy constructor to Builder. - Put storage of byte[] into a dedicated "BinaryRepository". Reason: This was useful in a former design. Now it's not really needed anymore. - Put "create Endpoint" code into EndpointFactory. Reason: Eliminate duplicated code when configuring a service. Testing: - Activate Stacktraces in surefire.
2019-07-03Refactor: Restructure ProjectChristof Rabensteiner5-12/+11
- Move components that depend on the service contracts into scheme package. - Move cxf related components into util package. - Rename SameThread to SingleThreaded.
2019-07-03TnvzHelper: Handle Edge Case and Add Test CasesChristof Rabensteiner1-0/+202
- TnvzHelper: Handle edge case where Mzs/DeliveryRequest/Sender/CorporateBody is missing (Reason: This field is in a <choice> with msg:SenderProfile, so if CorporateBody is missing the request still passes the schema validation). Handle case by rejecting missing CorporateBody and TnvzQuery activated. - Add test cases for TnvzHelper.
2019-07-02Handle tnvz Query Edge Cases by Improving ValidationChristof Rabensteiner2-7/+16
TnvzHelper Fixes - Handle additional edge cases. - Mzs:Schema Change: Eliminate PreAdviceNote redundancy by removing it from mzs:DeliveryRequest/TnvzMetaData; PreadviceNote is already in the Receiver element. Update TnvzHelper accordingly. - Implement and integrate tnvz completeness check into DeliveryRequestAugmenter to ensure that, after augmentation, tnvz can be performed. Refactor mzs:DeliveryRequest Validation: - Before: Validating, merging and generatig ConfigType in ConfigUtil. - Change: Need to add validation of DeliveryRequest (Reason: For performing Tnvz Requests, the DeliveryRequest needs to be in a consistent state). - Problem: DeliveryRequest validation does not fit into ConfigUtil. - Solution: Put validation of DeliveryRequest and Config into new Component "MzsValidation".
2019-07-02Implement And Integrate tnvz:QueryPersonRequest.Christof Rabensteiner2-117/+51
- Merge TnvzClient and TnvzResultVerifier to TnvzHelper; TnvzHelper now builds the QueryPersonRequest, sends it to the tnvz port and evaluates the result. - Publish some interfaces in Mzs2MsgConverter because they are needed by TnvzHelper. - Generalize MsgClientFactory to ClientFactory such that it can be used to generate arbitrary SOAP clients (e.g. also for tnvz!). Schema Changes to accomodate Tnvz's QueryPersonRequest: - Add optional tnvz:AustrianAddressesOnly and optional TnvzMetaData to mzs:mzs:DeliveryRequest. Removed Unit Tests: - Remove subset of SameThreadDeliveryPipeline testcases (mimetype related) because its logic moved to TnvzHelper.
2019-06-28Remove EgovUtils DependencyChristof Rabensteiner2-7/+63
- EgovUtils were needed because of DomUtils. Replace it with eaaf components' DomUtils. - Add test case to ensure SoapUtils still works as intended. - Remove unused import statement
2019-06-28Separate Test Suite into Unit- And Integration TestsChristof Rabensteiner3-29/+32
Per default, integration tests are excluded from build. They can be included with the `-P integration-test` argument. - Pom: Add maven profile for integration tests. - Rename integration tests (add `IT` prefix). - Move Resources into IT* folders. - Add MsgClientTest to test suite and add assertions to each test case.
2019-06-28Refactor: Deduplicate Code by Simplifying MarshallerConfigChristof Rabensteiner1-11/+7
- Move JaxbM initialization into Marshaller such that it can be used in tests without Spring's Application Context. - Remove SpringRunner from Mzs2MsgConverter Test, which makes the test run faster.
2019-06-28Simplified Config ValidationChristof Rabensteiner1-16/+15
- Also: Ensure that truststore is of type JKS because PKCS12 is not supported.
2019-06-27Honor & Test TrustAll and LaxHostNameVerificationChristof Rabensteiner1-19/+84
- Print a big scary warning message for everyone who enables "trustAll" - Test TrustAll and LaxHostNameVerification - Describe test case requirements and add key material needed to run these test cases.
2019-06-27Inject Configurable HTTP Policies to MsgClientChristof Rabensteiner2-12/+10
- Refactor: Get rid of MsgClient, because MsgClientFactory can do all the work. - Add Connection Timeout and Request Timeout (Policies of HTTP Client) to mzs:DeliveryRequest/Config and application.yaml. - Update readme: Add JDK 12 Requirement
2019-06-27Fixes; SSL Client Auth Works!Christof Rabensteiner1-9/+42
- Switch to java 12 for now. Reason: Bug [1] in JDK 11 (up to jdk-11+28) impairs SSLHandshake ("Unsupported Operation Exception"), but was fixed in Java 12. - Set HTTP policy to infinite. - Fix key/truststore path resolution - Fix NPE in ConfigUtil.merge - Rearrange application.yaml to include two config profiles (one with and one without SSL for the msg client). - Add key material for testcases (Note: expires: May 2 14:47:08 2020 GMT) - Update MsgClient Testcases [1] https://bugs.openjdk.java.net/browse/JDK-8214098
2019-06-26Protect MsgClient via SSL (ink Client Authentication)Christof Rabensteiner3-38/+39
- Add Component to create SSLContexts with own Key- and trust store. - Inject SSLContext into HTTP Client. - Add EAAF-Components Core Dependency, which is needed by SSLContextCreator (KeyStoreUtils). Schema Changes in mzs:DeliveryRequest/Config: - Got Rid of mzs:DeliveryRequest/Config/Server. In mzs 1.4.1, Server replaces the result of zkopf query person request. Since this zkopf interface does not exist anymore, Server was removed. - Add ClientType, which holds all parameters needed to connect to a service (Url, SSL params, a.o.). Configuration: - Add default parameters for SSL Clients in application.yaml. - Merge default parameters into incoming mzs:DeliveryRequests. MoaZSException Fixes: - Remove "Extends throwable" from Builder. - Add convenient shorthand init method (message, throwable). Refactor: - Put "determinePath" to FileUtils. - Put string related utility functions into StringUtils.
2019-06-19Add Testcase: Reject Invalid Delivery Response SignatureChristof Rabensteiner1-3/+10
2019-06-19Finalize moa-sig-lib's Integration and Add TestcaseChristof Rabensteiner2-7/+53
- Interpret `ISignatureVerificationService` response properly (by following security layer spec [1] and moaspss handbook [2]). - Add config flag `moa.spss.is-manifest-check-active` - Change SignatureVerifier Interface: Remove @return boolean, just throw an exception when a validation error occurs. Reason: In case the signature cannot be validated, the application always needs the reason for the validation error, which requires the verifier to throw an exception. In turn, the only valid return value for `verify()` becomes `true`, which can be omitted at that point. - Add testcase for verifying a valid enveloped xml signature - Remove Certificates that are not needed. [1] https://www.buergerkarte.at/konzept/securitylayer/spezifikation/20140114/core/core.html [2] https://apps.egiz.gv.at/handbooks/moa-spss/handbook/handbook/usage/usage.html
2019-06-13Refactor: Move Signature Verification in Dedicated PackageChristof Rabensteiner1-1/+1
2019-06-13Fix moa-sig-lib's Integration IssuesChristof Rabensteiner1-2/+2
Fixing "ASN.1 creation error: iaik.asn1.CodingException: Length: Too large ASN.1 object: 109" - Set fallback value ('jks') for system property 'javax.net.ssl.keyStoreType' and 'javax.net.ssl.trustStoreType'. If system property is not defined, MoaSigConfig falls back to value from spring environment. Reason: Without this property explicitly set to JKS, the inclusion of eaaf-components-moa-sig-lib breaks the HTTP client builder and the ASN.1 creation error arises. See [1] for explanation. - Why fall back: Allows a user to configure these parameters via command line, but gives meaningful defaults in case of absent command line properties. Furthermore, these parameters can be configured via application.yaml or .properties. Others: - Set fallback value for system property 'moa.spss.server.configuration'. If system property is not defined, fall back to value from spring environment. Reason: Allows a user to configure these parameters via command line while providing meaningful defaults in case of absent command line properties. - Add switch 'moa.spss.is-active' to enable / disable signature verification. - Change log levels of at.gv.* and iaik.* packages to INFO - Add default certstore (copied from EAAF Components). - Add mzs root certificate to cert- and truststore. - Update readme's installation requirements and guide. Refactor: - Extract public interface of SignatureVerification class. - Rename trustprofile folder. [1] Why eaaf-components-moa-sig-lib breaks HTTP client: - Including eaaf-components-moa-sig-lib includes IAIK's jca/jce and xsect, which in turn injects the iaik provider for cryptographic operations and its own key store (iaik.pkcs.pkcs12.PKCS12KeyStore). - The Apache HTTP client builder will ask for a java.base/javax.net.ssl.SSLSocketFactory because it creates an SSL context, even if the connection runs without SSL. - Somewhere down the stack, this will trigger the TrustStoreManager to hand over the systems default trust store (a JKS file) to IAIK's PKCS12KeyStore. This happens if the type properties of the trust stores are not set. - Oracle relaxed a precondition of this trust store (somewhere in between Java 8 and 11) in the TrustStoreManager: Formerly, the trust store was a JKS object. Now, the trust store can be both a JKS and a PKCS12 object. The TrustStoreManager expects the key store to handle both types, and Oracle's keystore does. However, IAIK's key store cannot handle a JKS object, but since eaaf-components-moa-sig-lib was included, the IAIK key store comes first. - PKCS12KeyStore expects a PKCS12 file but receives a JKS file -> Parser Error.
2019-05-28Integrate Sign.Verification and Improve Error Handling of PipelineChristof Rabensteiner2-25/+78
- Ensure proper communication of errors between pipeline and mzs service by converting MoaZSExceptions into DeliveryRequestStatus messages. - Revise MoaZSException: Add optional fields; those fields are a) helpful to construct meaningful error messages and b) optional because, depending on where an exception appears, either existent or non-existent and thus optional. Add inner-class Builder. - Integrate Signature Verification into pipeline and add Stub for SignatureVerification. - Move TNVZResponse's Mimetype check into dedicated class (Reason: separate abstration layers). - Update api changes in testcases.
2019-05-27Intercept Incoming DeliveryRequestStatus and Store as byte[]Christof Rabensteiner1-11/+13
- Add egovutils dependency (Reason: Need DomUtils to serialize / unserialize Soap Message via DOMParser) - Add Incerceptor to MsgClient / -Factory that stores the message content byte-by-byte in the DeliveryRepository. The format is required for successfully validating a DeliveryRequestStatus. - Add SoapUtils, which interacts with byte[] Soap message. - Add CXFMessageUtils, which interacts with CXF Messages from interceptor chains. - Refactor xsd namespaces: Move them out from the PrefixMapper and into a dedicated class.
2019-05-23MZS Schema Changes + Changes in InterfaceChristof Rabensteiner1-3/+4
- MZS cant reply with a msg:DeliveryRequestStatusType to a mzs:DeliveryRequest. Reason: unmarshalling a msg:DeliveryRequestStatusType with JAXB (after receiving the msg reply) breaks the signature in msg:DeliveryRequestStatusType. Why? Because JAXB marshalling tinkers with the namespaces and, as for the current state of knowledge, we cannot configure the JAXB marshaller to reconstruct a XML Document byte-by-byte such that a signature that went through this process can be verified successfully (see [1]). - For this reason, we revert back to mzs:DeliveryResponse and add new fields / remove obsolete fields / capture all changes between zusemsg 1.5.3 and zusemsg 2.0.0. - The easier solution would be to wrap and transmit signed data + signature in a binary (base64) container, such that apache cxf and other web service frameworks won't unmarshall them. This doesnt work because zusemsg 2.0.0 is final. app2mzs.xsd Changes in Detail : - Add DeliverySystem, ZSDeliveryID and GZ to MessageType (MessageType is the base type of DeliveryResponse.Success, -PartialSuccess, and -Error); Reason: It was added to zusemsg 2.0.0. - Add SignedDeliveryRequestStatus to MessageType. Reason: If msg returns signed reply, this element contains the reply as byte[] such that the signature does not break. - Add optional PreadvicenoteSend to ErrorType (because it was added in zusemsg 2.0.0) - Remove MZSDeliveryID from every instance because this ID does not exist anymore (moa zs does not maintain requests in a database). - Remove DocumentReference from ErrorType as it was removed from zusemsg 2.0.0. - Remove DeliveryConfirmation as node in DeliveryNotificiationType because it does not exist anymore in zusemsg 2.0.0; DeliveryConfirmation is also obsolete because all msg' replies are signed and need to be transferred to the sender application as a byte[], which is done by SignedDeliveryRequestStatus node in MessageType. - Remove DeliveryStatement as node in DeliveryNotificiationType because it does not exist anymore in zusemsg 2.0.0. Other Changes - Adapt codebase: MzsService returns mzs:DeliveryResponse. - Implement conversion from msg:DeliveryRequestStatus to mzs:DeliveryResponse. - Add store / retrieve interface to DeliveryRepository that stores signed delivery request statuses as byte[]. Temporary Changes - Disable integration tests which have external dependencies. [1] https://download.oracle.com/javaee-archive/jaxb.java.net/users/2007/03/6674.html Signed-off-by: Christof Rabensteiner <christof.rabensteiner@iaik.tugraz.at>