Age | Commit message (Collapse) | Author | Files | Lines |
|
Schema Changes:
- Remove mzs:DeliveryRequest/TnvzMetaData because all metadata fields
can be collected from DeliveryRequest and redundancy is not needed.
Fixes and Refactoring in preprocess:
- MzsDeliveryRequestValidator: Instead of returning false, throw an
exception when a condition is not met, and explain which condition
is not met / why it is not met in the exception's message.
- Integrate interface change in ConfigProfileGenerator and
DeliveryRequestAugmenter.
- Rewrite and simplify DeliveryRequestAugmenter's augmentation.
- ConfigUtil Fixes: Ensure that we do not override the wrong
parameters while merging. This error appeared in tnvz / msg client,
connection / receive timeout, key / trust store, and lax hostname
verification / trust all.
Fix Bugs in Interceptor / SoapUtils:
- Problem: DOM access and information extraction was implemented
somewhat sloppy.
- SolutioN: Change DOM access interface to access DOM more
efficiently. Add boundary checks and handle edge cases while
extracting information from SOAP Messages.
- Test those changes properly.
Testing:
- Implement Delivery Request Flow in ITEndToEndTest.
- Start application on random port instead of fixed port when running
integration tests.
- Add assertions to tests in ITMzsServiceTest suite.
Others Bug Fixes:
- ServicesConfig: Ensure that mzs service and msg service run on
different endpoint addresses (/msg and /mzs).
- DeliveryRequestBackend: Throw exception when binary message is
missing. Don't wrap the exception.
- SaveResponseToFileSink: Wrap Response in JAXB Element (otherwise,
marshaller does not recognize it)
|
|
|
|
Per default, integration tests are excluded from build. They can be
included with the `-P integration-test` argument.
- Pom: Add maven profile for integration tests.
- Rename integration tests (add `IT` prefix).
- Move Resources into IT* folders.
- Add MsgClientTest to test suite and add assertions to each test case.
|
|
|
|
- Interpret `ISignatureVerificationService` response properly (by
following security layer spec [1] and moaspss handbook [2]).
- Add config flag `moa.spss.is-manifest-check-active`
- Change SignatureVerifier Interface: Remove @return boolean, just
throw an exception when a validation error occurs. Reason: In case
the signature cannot be validated, the application always needs the
reason for the validation error, which requires the verifier to
throw an exception. In turn, the only valid return value for
`verify()` becomes `true`, which can be omitted at that point.
- Add testcase for verifying a valid enveloped xml signature
- Remove Certificates that are not needed.
[1] https://www.buergerkarte.at/konzept/securitylayer/spezifikation/20140114/core/core.html
[2] https://apps.egiz.gv.at/handbooks/moa-spss/handbook/handbook/usage/usage.html
|
|
|
|
|
|
- Relax Validation for now by only validating incoming requests.
|
|
Problem: Apache CXF does not validate incoming mzs:DeliveryRequests
automatically. Per default, validation is off (performs better).
However, (1) we need to validate incoming requests, and (2)
automated CXF validation requires less maintenance and is
expected to be more stable than manual validation.
Solution:
- Add @SchemaValidation annotation to @Service.
- Endpoint Configuration: set WsdlLocation and ServiceName (needed
to prevent parser errors; see [1]).
Without those, CXF validates against generated classes and not
against the WSDL spec, and generated classes do not contain format
restrictions.
Add a testcase with an invalid delivery request ("rejectBothProfile-
AndCorporateBody") to ensure that the validator works.
[1] https://stackoverflow.com/questions/2231779/cxf-and-validation-schema-restrictions-ignored
|
|
|
|
|
|
- Reason: Converter does not perform validation
|
|
- Implement and test conversion from mzs:DeliveryRequest to
msg:DeliveryRequest with the "convert-pojos-by-hand"-strategy.
Reason: The chosen strategy benefits from JAXB's strong typing,
which is useful in this scenario: Differences between msg and mzs
are nuanced and easy to overlook. The chosen strategy is,
unfortunately, verbose and could become expensive to maintain.
- Update SameThreadDeliveryPipeline: Integrate tnvz query, conversion,
and msg query.
- Add MsgClient stub.
tnvz:
- Change TnvzClient stub interface.
- Implement mimetype mismatch check from tnvz Response.
- Put p:Identification from tnvz response into msg:DeliveryRequest.
MZS Schema changes:
- Replace DeliveryRequest/Sender/Person with CorporateBody (because
thats the only sender that is allowed by zusemsg) and add a
SenderProfile choice.
- Add ID Attribute to DeliveryRequest/Sender because
msg/DeliveryRequest/Sender/AbstractSenderPersonType also has an id
attribute.
- Remove PersonDataType because it's dead code.
|
|
Add Optional "Config" to MZS Schema:
- Add mzs:DeliveryRequest/Config Element with a
"PerformQueryPersonRequest" node
- The config element contains parameters that are interpreted by
moa-zs and not forwarded to the ZD
- The boolean PerformQueryPersonRequest tells moa-zs if moa-zs should
perform a QueryPersonRequest towards the TNVZ.
- If config is missing, moa-zs augments the delivery request with
parameters from the app's configuartion or the default configuartion
Other Changes:
- Validate and augment incoming requests with the
DeliveryPreprocessor.
- Add stub for TlnvzClient.
- Remove some leftover ObjectFactory imports (because of the builder
they are not needed anymore)
Fixes
- Fixed incorrect API usage of Messageformat.format: format string
needs an index.
pom.xml
- Add Hamcrest Dependency (for writing more expressive tests)
- Add copy constructor to JAXB Builder
Testing
- Test validation of incoming request
- Refactor testcases to improve readability
|
|
|
|
- Add Target to CorporateBodyType
- Remove Authority
- make DateOfBirth optional
|
|
- Important Fix: I forgot to annotate App2MzsService with @Service and
autowire the App2MzsService object when creating the endpoint
bean. For this reason, Spring did not autowire the dependencies in
App2MzsService and I ended up with NullPointerExceptions in the
testsuite.
- Updated some more namespaces
- Add objectFactory bean. objectfactory is autogenerated via the
cxf-code-generation plugin, so i cannot annotate it with @Component
or @Service. Alternative: create the @Bean by myself
- Update the validDeliveryRequest SOAP Message to match the mzs 2.0.0
scheme.
|
|
|