From e2e77ed55687cb92c6f5a273995daf64dedef848 Mon Sep 17 00:00:00 2001 From: Christof Rabensteiner Date: Wed, 26 Jun 2019 08:47:58 +0200 Subject: Protect MsgClient via SSL (ink Client Authentication) - Add Component to create SSLContexts with own Key- and trust store. - Inject SSLContext into HTTP Client. - Add EAAF-Components Core Dependency, which is needed by SSLContextCreator (KeyStoreUtils). Schema Changes in mzs:DeliveryRequest/Config: - Got Rid of mzs:DeliveryRequest/Config/Server. In mzs 1.4.1, Server replaces the result of zkopf query person request. Since this zkopf interface does not exist anymore, Server was removed. - Add ClientType, which holds all parameters needed to connect to a service (Url, SSL params, a.o.). Configuration: - Add default parameters for SSL Clients in application.yaml. - Merge default parameters into incoming mzs:DeliveryRequests. MoaZSException Fixes: - Remove "Extends throwable" from Builder. - Add convenient shorthand init method (message, throwable). Refactor: - Put "determinePath" to FileUtils. - Put string related utility functions into StringUtils. --- .../egiz/moazs/DeliveryRequestAugmenterTest.java | 29 +++++++++++++++---- src/test/java/at/gv/egiz/moazs/MsgClientTest.java | 33 ++++++---------------- .../egiz/moazs/SameThreadDeliveryPipelineTest.java | 15 +++++----- 3 files changed, 39 insertions(+), 38 deletions(-) (limited to 'src/test') diff --git a/src/test/java/at/gv/egiz/moazs/DeliveryRequestAugmenterTest.java b/src/test/java/at/gv/egiz/moazs/DeliveryRequestAugmenterTest.java index c389b61..4bd64ef 100644 --- a/src/test/java/at/gv/egiz/moazs/DeliveryRequestAugmenterTest.java +++ b/src/test/java/at/gv/egiz/moazs/DeliveryRequestAugmenterTest.java @@ -4,19 +4,36 @@ import at.gv.egiz.moazs.preprocess.ConfigUtil; import at.gv.egiz.moazs.preprocess.DeliveryRequestAugmenter; import at.gv.zustellung.app2mzs.xsd.ConfigType; import at.gv.zustellung.app2mzs.xsd.DeliveryRequestType; +import org.junit.Before; import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.Mock; +import org.mockito.Mockito; +import org.mockito.junit.MockitoJUnitRunner; import java.util.Map; +import static at.gv.zustellung.app2mzs.xsd.ClientType.clientTypeBuilder; import static at.gv.zustellung.app2mzs.xsd.ConfigType.configTypeBuilder; import static at.gv.zustellung.app2mzs.xsd.DeliveryRequestType.deliveryRequestTypeBuilder; -import static at.gv.zustellung.app2mzs.xsd.ServerType.serverTypeBuilder; import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.when; +@RunWith(MockitoJUnitRunner.class) public class DeliveryRequestAugmenterTest { private final String msgUrl = "http://mzs"; + @Mock + private ConfigUtil configUtil; + + @Before + public void setupMock() { + when(configUtil.isComplete(Mockito.any())).thenReturn(true); + when(configUtil.merge(any(), any())).thenCallRealMethod(); + } + @Test public void augmentPrimaryWithoutConfig() { var fallback = createConfig(msgUrl, false); @@ -88,11 +105,11 @@ public class DeliveryRequestAugmenterTest { } private DeliveryRequestAugmenter createAugmenter(ConfigType fallback) { - return new DeliveryRequestAugmenter(Map.of("default", fallback), new ConfigUtil()); + return new DeliveryRequestAugmenter(Map.of("default", fallback), configUtil); } private DeliveryRequestAugmenter createAugmenter(Map profiles) { - return new DeliveryRequestAugmenter(profiles, new ConfigUtil()); + return new DeliveryRequestAugmenter(profiles, configUtil); } private ConfigType createConfig(String url, Boolean performTnvz) { @@ -101,12 +118,12 @@ public class DeliveryRequestAugmenterTest { private ConfigType createConfig(String url, Boolean performTnvz, String profileId) { - var server = serverTypeBuilder() - .withZUSEUrlID(url) + var msgClient = clientTypeBuilder() + .withURL(url) .build(); return configTypeBuilder() - .withServer(server) + .withMSGClient(msgClient) .withPerformQueryPersonRequest(performTnvz) .withProfileID(profileId) .build(); diff --git a/src/test/java/at/gv/egiz/moazs/MsgClientTest.java b/src/test/java/at/gv/egiz/moazs/MsgClientTest.java index 8cebf06..62df52d 100644 --- a/src/test/java/at/gv/egiz/moazs/MsgClientTest.java +++ b/src/test/java/at/gv/egiz/moazs/MsgClientTest.java @@ -4,24 +4,18 @@ import at.gv.egiz.moazs.msg.MsgClient; import at.gv.egiz.moazs.msg.MsgClientFactory; import at.gv.egiz.moazs.msg.StoreSOAPBodyBinaryInRepositoryInterceptor; import at.gv.egiz.moazs.scheme.Marshaller; -import at.gv.zustellung.app2mzs.xsd.ConfigType; +import at.gv.zustellung.app2mzs.xsd.ClientType; import at.gv.zustellung.msg.xsd.DeliveryRequestType; import at.gv.zustellung.msg.xsd.ObjectFactory; -import org.junit.runner.RunWith; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.test.context.junit4.SpringRunner; import javax.xml.bind.JAXBElement; import java.io.BufferedInputStream; import java.io.FileInputStream; import java.io.IOException; -import static at.gv.zustellung.app2mzs.xsd.ConfigType.configTypeBuilder; -import static at.gv.zustellung.app2mzs.xsd.ServerType.serverTypeBuilder; - // @RunWith(SpringRunner.class) // @SpringBootTest @@ -52,11 +46,11 @@ public class MsgClientTest { public void sendValidMessage() throws IOException { var request = loadFromFile("validDeliveryRequest.xml"); - var config = generateConfig(httpServiceUri); - var client = factory.create(request, config, interceptor); + var clientParams = generateClientParams(httpServiceUri); + var client = factory.create(clientParams); try{ - var status = client.send(); + var status = client.send(request); logger.info("status: " + msgMarshaller.marshallXml(OF.createDeliveryResponse(status))); } catch (Exception ex) { System.out.println(ex.getMessage()); @@ -67,10 +61,10 @@ public class MsgClientTest { public void sendValidMessageToSSL() throws IOException { var request = loadFromFile("validDeliveryRequest.xml"); - var config = generateConfig(sslServiceUri); - var client = factory.create(request, config, interceptor); + var clientParams = generateClientParams(sslServiceUri); + var client = factory.create(clientParams); - var status = client.send(); + var status = client.send(request); logger.info("status: " + msgMarshaller.marshallXml(OF.createDeliveryRequestStatus(status))); } @@ -82,17 +76,8 @@ public class MsgClientTest { } } - private ConfigType generateConfig(String zuseUrl) { - - var server = serverTypeBuilder() - .withZUSEUrlID(zuseUrl) - .build(); - - return configTypeBuilder() - .withServer(server) - .withPerformQueryPersonRequest(false) - .build(); - + private ClientType generateClientParams(String url) { + return ClientType.clientTypeBuilder().withURL(url).build(); } } diff --git a/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java b/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java index cd454f2..df54ef7 100644 --- a/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java +++ b/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java @@ -2,7 +2,6 @@ package at.gv.egiz.moazs; import at.gv.egiz.moazs.msg.MsgClient; import at.gv.egiz.moazs.msg.MsgClientFactory; -import at.gv.egiz.moazs.verify.MoaSPSSSignatureVerifier; import at.gv.egiz.moazs.msg.StoreSOAPBodyBinaryInRepositoryInterceptor; import at.gv.egiz.moazs.pipeline.DeliveryPipeline; import at.gv.egiz.moazs.pipeline.SameThreadDeliveryPipeline; @@ -11,6 +10,7 @@ import at.gv.egiz.moazs.repository.InMemoryDeliveryRepository; import at.gv.egiz.moazs.scheme.Mzs2MsgConverter; import at.gv.egiz.moazs.tnvz.TnvzClient; import at.gv.egiz.moazs.tnvz.TnvzResultVerifier; +import at.gv.egiz.moazs.verify.MoaSPSSSignatureVerifier; import at.gv.zustellung.app2mzs.xsd.DeliveryRequestType; import at.gv.zustellung.msg.xsd.DeliveryRequestStatusType; import at.gv.zustellung.msg.xsd.MetaData; @@ -20,17 +20,16 @@ import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mock; -import org.mockito.Mockito; import org.mockito.junit.MockitoJUnitRunner; import java.util.List; import static at.gv.egiz.moazs.MoaZSException.moaZSException; +import static at.gv.zustellung.app2mzs.xsd.ClientType.clientTypeBuilder; import static at.gv.zustellung.app2mzs.xsd.ConfigType.configTypeBuilder; import static at.gv.zustellung.app2mzs.xsd.DeliveryRequestType.Payload; import static at.gv.zustellung.app2mzs.xsd.DeliveryRequestType.Payload.payloadBuilder; import static at.gv.zustellung.app2mzs.xsd.DeliveryRequestType.deliveryRequestTypeBuilder; -import static at.gv.zustellung.app2mzs.xsd.ServerType.serverTypeBuilder; import static at.gv.zustellung.msg.xsd.DeliveryRequestStatusType.Success.successBuilder; import static at.gv.zustellung.msg.xsd.DeliveryRequestStatusType.deliveryRequestStatusTypeBuilder; import static at.gv.zustellung.msg.xsd.ErrorInfoType.errorInfoTypeBuilder; @@ -174,8 +173,8 @@ public class SameThreadDeliveryPipelineTest { when(tnvzClient.query(any(), any())).thenReturn(setupTnvzSuccess(acceptedTypes)); when(converter.convert(eq(mzsRequest) )).thenReturn(msgRequest); when(converter.convert(eq(mzsRequest), any())).thenReturn(msgRequest); - when(msgClientFactory.create(msgRequest, mzsRequest.getConfig(), interceptor)).thenReturn(msgClient); - when(msgClient.send()).thenReturn(status); + when(msgClientFactory.create(any())).thenReturn(msgClient); + when(msgClient.send(msgRequest)).thenReturn(status); return status; @@ -222,13 +221,13 @@ public class SameThreadDeliveryPipelineTest { private DeliveryRequestType setupMzsRequest(String appDeliveryId, boolean tnvzRequest, List mimeTypes) { - var server = serverTypeBuilder() - .withZUSEUrlID("http://zuse") + var msgClient = clientTypeBuilder() + .withURL("http://zuse") .build(); var config = configTypeBuilder() .withPerformQueryPersonRequest(tnvzRequest) - .withServer(server) + .withMSGClient(msgClient) .build(); return deliveryRequestTypeBuilder() -- cgit v1.2.3