From 7665997a90c87a400f92ae9bf1ec6cc5a3099e16 Mon Sep 17 00:00:00 2001 From: Christof Rabensteiner Date: Thu, 23 May 2019 10:20:38 +0200 Subject: MZS Schema Changes + Changes in Interface - MZS cant reply with a msg:DeliveryRequestStatusType to a mzs:DeliveryRequest. Reason: unmarshalling a msg:DeliveryRequestStatusType with JAXB (after receiving the msg reply) breaks the signature in msg:DeliveryRequestStatusType. Why? Because JAXB marshalling tinkers with the namespaces and, as for the current state of knowledge, we cannot configure the JAXB marshaller to reconstruct a XML Document byte-by-byte such that a signature that went through this process can be verified successfully (see [1]). - For this reason, we revert back to mzs:DeliveryResponse and add new fields / remove obsolete fields / capture all changes between zusemsg 1.5.3 and zusemsg 2.0.0. - The easier solution would be to wrap and transmit signed data + signature in a binary (base64) container, such that apache cxf and other web service frameworks won't unmarshall them. This doesnt work because zusemsg 2.0.0 is final. app2mzs.xsd Changes in Detail : - Add DeliverySystem, ZSDeliveryID and GZ to MessageType (MessageType is the base type of DeliveryResponse.Success, -PartialSuccess, and -Error); Reason: It was added to zusemsg 2.0.0. - Add SignedDeliveryRequestStatus to MessageType. Reason: If msg returns signed reply, this element contains the reply as byte[] such that the signature does not break. - Add optional PreadvicenoteSend to ErrorType (because it was added in zusemsg 2.0.0) - Remove MZSDeliveryID from every instance because this ID does not exist anymore (moa zs does not maintain requests in a database). - Remove DocumentReference from ErrorType as it was removed from zusemsg 2.0.0. - Remove DeliveryConfirmation as node in DeliveryNotificiationType because it does not exist anymore in zusemsg 2.0.0; DeliveryConfirmation is also obsolete because all msg' replies are signed and need to be transferred to the sender application as a byte[], which is done by SignedDeliveryRequestStatus node in MessageType. - Remove DeliveryStatement as node in DeliveryNotificiationType because it does not exist anymore in zusemsg 2.0.0. Other Changes - Adapt codebase: MzsService returns mzs:DeliveryResponse. - Implement conversion from msg:DeliveryRequestStatus to mzs:DeliveryResponse. - Add store / retrieve interface to DeliveryRepository that stores signed delivery request statuses as byte[]. Temporary Changes - Disable integration tests which have external dependencies. [1] https://download.oracle.com/javaee-archive/jaxb.java.net/users/2007/03/6674.html Signed-off-by: Christof Rabensteiner --- .../gv/egiz/moazs/repository/DeliveryRepository.java | 4 ++++ .../moazs/repository/InMemoryDeliveryRepository.java | 20 ++++++++++++++++---- .../moazs/repository/RedisDeliveryRepository.java | 10 ++++++++++ 3 files changed, 30 insertions(+), 4 deletions(-) (limited to 'src/main/java/at/gv/egiz/moazs/repository') diff --git a/src/main/java/at/gv/egiz/moazs/repository/DeliveryRepository.java b/src/main/java/at/gv/egiz/moazs/repository/DeliveryRepository.java index 228d55e..be61d1e 100644 --- a/src/main/java/at/gv/egiz/moazs/repository/DeliveryRepository.java +++ b/src/main/java/at/gv/egiz/moazs/repository/DeliveryRepository.java @@ -17,5 +17,9 @@ public interface DeliveryRepository { Optional getDeliveryRequestStatus(String appDeliveryID); + void addSignedDeliveryRequestStatus(byte[] bytes, String appDeliveryId); + + Optional getSignedDeliveryRequestStatus(String appDeliveryID); + } diff --git a/src/main/java/at/gv/egiz/moazs/repository/InMemoryDeliveryRepository.java b/src/main/java/at/gv/egiz/moazs/repository/InMemoryDeliveryRepository.java index 570296f..58ec92c 100644 --- a/src/main/java/at/gv/egiz/moazs/repository/InMemoryDeliveryRepository.java +++ b/src/main/java/at/gv/egiz/moazs/repository/InMemoryDeliveryRepository.java @@ -30,6 +30,10 @@ public class InMemoryDeliveryRepository implements DeliveryRepository { .expireAfterWrite(30, TimeUnit.MINUTES) .build(); + private static final Cache signedStatusRepository = CacheBuilder.newBuilder() + .expireAfterWrite(30, TimeUnit.MINUTES) + .build(); + @Override public void add(DeliveryRequestType request) { var key = request.getMetaData().getAppDeliveryID(); @@ -38,8 +42,7 @@ public class InMemoryDeliveryRepository implements DeliveryRepository { @Override public Optional getDeliveryRequest(String appDeliveryID) { - var deliveryRequestType = requestRepository.getIfPresent(appDeliveryID); - return ofNullable(deliveryRequestType); + return ofNullable(requestRepository.getIfPresent(appDeliveryID)); } @Override @@ -51,7 +54,16 @@ public class InMemoryDeliveryRepository implements DeliveryRepository { @Override public Optional getDeliveryRequestStatus(String appDeliveryID) { - var deliveryRequestType = statusRepository.getIfPresent(appDeliveryID); - return ofNullable(deliveryRequestType); + return ofNullable(statusRepository.getIfPresent(appDeliveryID)); + } + + @Override + public void addSignedDeliveryRequestStatus(byte[] bytes, String appDeliveryId) { + signedStatusRepository.put(appDeliveryId, bytes); + } + + @Override + public Optional getSignedDeliveryRequestStatus(String appDeliveryID) { + return ofNullable(signedStatusRepository.getIfPresent(appDeliveryID)); } } diff --git a/src/main/java/at/gv/egiz/moazs/repository/RedisDeliveryRepository.java b/src/main/java/at/gv/egiz/moazs/repository/RedisDeliveryRepository.java index c24902d..4ffe85d 100644 --- a/src/main/java/at/gv/egiz/moazs/repository/RedisDeliveryRepository.java +++ b/src/main/java/at/gv/egiz/moazs/repository/RedisDeliveryRepository.java @@ -69,4 +69,14 @@ public class RedisDeliveryRepository implements DeliveryRepository { public Optional getDeliveryRequestStatus(String appDeliveryID) { throw new UnsupportedOperationException("Not Implemented Yet"); } + + @Override + public void addSignedDeliveryRequestStatus(byte[] bytes, String appDeliveryId) { + throw new UnsupportedOperationException("Not Implemented Yet"); + } + + @Override + public Optional getSignedDeliveryRequestStatus(String appDeliveryID) { + return Optional.empty(); + } } -- cgit v1.2.3