From 59a13bea5783aa666bcbcec793df19f129965ff3 Mon Sep 17 00:00:00 2001 From: Christof Rabensteiner Date: Tue, 21 May 2019 13:47:34 +0200 Subject: WIP: SSL Client Auth - Refactor MsgClient: Not a Singleton anymore. Use MsgClientFactory to make a client. Make request and config private fields. - Add configuration parameters to application.yaml. - Init SSL client auth testcase, but dont include in testsuite because it aint working yet. --- src/main/java/at/gv/egiz/moazs/msg/MsgClient.java | 54 +++++++++++++++++++--- .../at/gv/egiz/moazs/msg/MsgClientFactory.java | 14 ++++++ .../moazs/pipeline/SameThreadDeliveryPipeline.java | 10 ++-- src/main/resources/application.yaml | 41 ++++++++++++++-- src/test/java/at/gv/egiz/moazs/MsgClientTest.java | 31 ++++++++++--- .../egiz/moazs/SameThreadDeliveryPipelineTest.java | 9 +++- 6 files changed, 136 insertions(+), 23 deletions(-) create mode 100644 src/main/java/at/gv/egiz/moazs/msg/MsgClientFactory.java (limited to 'src') diff --git a/src/main/java/at/gv/egiz/moazs/msg/MsgClient.java b/src/main/java/at/gv/egiz/moazs/msg/MsgClient.java index 47ee8c3..6f0b1d9 100644 --- a/src/main/java/at/gv/egiz/moazs/msg/MsgClient.java +++ b/src/main/java/at/gv/egiz/moazs/msg/MsgClient.java @@ -4,24 +4,64 @@ import at.gv.zustellung.app2mzs.xsd.ConfigType; import at.gv.zustellung.msg.xsd.App2ZusePort; import at.gv.zustellung.msg.xsd.DeliveryRequestStatusType; import at.gv.zustellung.msg.xsd.DeliveryRequestType; +import org.apache.cxf.jaxws.JaxWsClientFactoryBean; import org.apache.cxf.jaxws.JaxWsProxyFactoryBean; -import org.springframework.stereotype.Component; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; -@Component public class MsgClient { - public DeliveryRequestStatusType send(DeliveryRequestType msgRequest, ConfigType config) { - var address = config.getServer().getZUSEUrlID(); - var proxy = connect(address); + private static final Logger log = LoggerFactory.getLogger(MsgClient.class); + + private final DeliveryRequestType msgRequest; + private final ConfigType config; + + MsgClient(DeliveryRequestType msgRequest, ConfigType config) { + this.msgRequest = msgRequest; + this.config = config; + } + + public DeliveryRequestStatusType send() { + + var proxy = connect(config); + return proxy.delivery(msgRequest); } - private App2ZusePort connect(String address) { + private App2ZusePort connect(ConfigType config) { + + new JaxWsClientFactoryBean(); + + var address = config.getServer().getZUSEUrlID(); var factory = new JaxWsProxyFactoryBean(); factory.setServiceClass(App2ZusePort.class); factory.setAddress(address); - return (App2ZusePort) factory.create(); + + var proxy = factory.create(); + +// var client = ClientProxy.getClient(proxy); +// var conduit = (HTTPConduit) client.getConduit(); +// +// if (addressIsHttps(address)) { +// var tlsParams = new TLSClientParameters(); +// tlsParams.setSSLSocketFactory(createSSLContext().getSocketFactory()); +// conduit.setTlsClientParameters(tlsParams); +// } + + return (App2ZusePort) proxy; + } + +// private SSLContext createSSLContext() { +// java.util.Properties props = new Properties(); +// props.entrySet(); +// +// // return SSLUtils.getPropertiesSSLContext(this.props, this.configDir, this.propsPrefix, forceTrustAllManager); +// return null; +// } + + private boolean addressIsHttps(String address) { + return address.startsWith("https://"); } } diff --git a/src/main/java/at/gv/egiz/moazs/msg/MsgClientFactory.java b/src/main/java/at/gv/egiz/moazs/msg/MsgClientFactory.java new file mode 100644 index 0000000..9884bd5 --- /dev/null +++ b/src/main/java/at/gv/egiz/moazs/msg/MsgClientFactory.java @@ -0,0 +1,14 @@ +package at.gv.egiz.moazs.msg; + +import at.gv.zustellung.app2mzs.xsd.ConfigType; +import at.gv.zustellung.msg.xsd.DeliveryRequestType; +import org.springframework.stereotype.Component; + +@Component +public class MsgClientFactory { + + public MsgClient create(DeliveryRequestType msgRequest, ConfigType config) { + return new MsgClient(msgRequest, config); + } + +} diff --git a/src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java b/src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java index 3d7f8e9..bfd05b2 100644 --- a/src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java +++ b/src/main/java/at/gv/egiz/moazs/pipeline/SameThreadDeliveryPipeline.java @@ -2,6 +2,7 @@ package at.gv.egiz.moazs.pipeline; import at.gv.egiz.moazs.msg.MsgClient; +import at.gv.egiz.moazs.msg.MsgClientFactory; import at.gv.egiz.moazs.tnvz.TnvzClient; import at.gv.egiz.moazs.repository.DeliveryRepository; import at.gv.egiz.moazs.scheme.Mzs2MsgConverter; @@ -27,17 +28,17 @@ public class SameThreadDeliveryPipeline implements DeliveryPipeline { private final DeliveryRepository repository; private final TnvzClient tnvzClient; private final Mzs2MsgConverter converter; - private final MsgClient msgClient; + private final MsgClientFactory msgClientFactory; @Autowired public SameThreadDeliveryPipeline(DeliveryRepository repository, TnvzClient tnvzClient, Mzs2MsgConverter converter, - MsgClient msgClient) { + MsgClientFactory msgClientFactory) { this.repository = repository; this.tnvzClient = tnvzClient; this.converter = converter; - this.msgClient = msgClient; + this.msgClientFactory = msgClientFactory; } @Override @@ -48,7 +49,8 @@ public class SameThreadDeliveryPipeline implements DeliveryPipeline { ? converter.convert(mzsRequest, queryPerson(mzsRequest)) : converter.convert(mzsRequest); - var status = msgClient.send(msgRequest, mzsRequest.getConfig()); + var msgClient = msgClientFactory.create(msgRequest, mzsRequest.getConfig()); + var status = msgClient.send(); repository.add(status); } diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml index a59c460..d43e7dc 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml @@ -13,9 +13,31 @@ spring: # Order: DeliveryRequest/Config > [chosen-profile] > default delivery-request-configuration-profiles: default: + ## All parameters for MSG client. msg: - url: http://localhost:8081/ - x509: todo! + + ## How to reach + url: http://localhost:8081/services/DeliveryRequest + ssl: + + ## Parameters for ssl client auth + keystore: + ## Absolute path to file + filename: + ## Password to unlock key store. + password: 1233 + ## JKS or PKCS12 + type: JKS + + ## Boolean; if true, app will trust all server certificates; + ## if false, server certificate needs to be in truststore. + trustall: false + + ## Boolean; if true, app ignores mismatches between server's host name and + ## Certificate's common name / alternative subject name. + laxhostnameverification: false + + perform-query-person-request: false app-profile-1: @@ -27,7 +49,20 @@ delivery-request-configuration-profiles: msg: url: https://msg-url2.com +key-store-profiles: + msg-key-store: + + + + ## If set to false, moa zs ignores an incomplete default DeliveryRequest-configuration ## profile and continues startup. See 'delivery-request-configuration-profiles'. ## Default value: true -# verify-completeness-of-default-delivery-request-configuration: false \ No newline at end of file +# verify-completeness-of-default-delivery-request-configuration: false + + +# ssl.keystore.file=../keys/www.egiz.gv.at.p12 +# egovutil.mis.ssl.keystore.password=OSgmSn! +# egovutil.mis.ssl.keystore.type=PKCS12 +# egovutil.mis.ssl.trustall=true +# egovutil.mis.ssl.laxhostnameverification=false \ No newline at end of file diff --git a/src/test/java/at/gv/egiz/moazs/MsgClientTest.java b/src/test/java/at/gv/egiz/moazs/MsgClientTest.java index 6dc94e0..5b6419f 100644 --- a/src/test/java/at/gv/egiz/moazs/MsgClientTest.java +++ b/src/test/java/at/gv/egiz/moazs/MsgClientTest.java @@ -1,6 +1,7 @@ package at.gv.egiz.moazs; import at.gv.egiz.moazs.msg.MsgClient; +import at.gv.egiz.moazs.msg.MsgClientFactory; import at.gv.egiz.moazs.scheme.Marshaller; import at.gv.zustellung.app2mzs.xsd.ConfigType; import at.gv.zustellung.msg.xsd.DeliveryRequestType; @@ -28,25 +29,41 @@ public class MsgClientTest { private final static Logger logger = LoggerFactory.getLogger(MsgClient.class); - private final String serviceUri = "http://localhost:8081/services/DeliveryRequest"; + private String httpServiceUri = "http://localhost:8081/services/DeliveryRequest"; + private String sslServiceUri = "https://localhost/zusemsg/services/DeliveryRequest"; + private final String basePath = "src/test/resources/at/gv/egiz/moazs/MsgClientTest/"; + private MsgClientFactory factory = new MsgClientFactory(); + @Autowired private Marshaller msgMarshaller; private static final ObjectFactory OF = new ObjectFactory(); - // this test requires that a zusemsg service runs under serviceUri! + // this test requires that a zusemsg service runs under httpServiceUri! @Test public void sendValidMessage() throws IOException { var request = loadFromFile("validDeliveryRequest.xml"); - var config = generateConfig(); - var client = new MsgClient(); + var config = generateConfig(httpServiceUri); + var client = factory.create(request, config); + + var status = client.send(); + + logger.info("status: " + msgMarshaller.marshallXml(OF.createDeliveryRequestStatus(status))); + } + + //@Test + public void sendValidMessageToSSL() throws IOException { + + var request = loadFromFile("validDeliveryRequest.xml"); + var config = generateConfig(sslServiceUri); + var client = factory.create(request, config); - var status = client.send(request, config); + var status = client.send(); logger.info("status: " + msgMarshaller.marshallXml(OF.createDeliveryRequestStatus(status))); } @@ -58,10 +75,10 @@ public class MsgClientTest { } } - private ConfigType generateConfig() { + private ConfigType generateConfig(String zuseUrl) { var server = serverTypeBuilder() - .withZUSEUrlID(serviceUri) + .withZUSEUrlID(zuseUrl) .build(); return configTypeBuilder() diff --git a/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java b/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java index 9ee3ceb..5e4b9b0 100644 --- a/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java +++ b/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java @@ -1,6 +1,7 @@ package at.gv.egiz.moazs; import at.gv.egiz.moazs.msg.MsgClient; +import at.gv.egiz.moazs.msg.MsgClientFactory; import at.gv.egiz.moazs.pipeline.DeliveryPipeline; import at.gv.egiz.moazs.pipeline.SameThreadDeliveryPipeline; import at.gv.egiz.moazs.repository.DeliveryRepository; @@ -45,6 +46,9 @@ public class SameThreadDeliveryPipelineTest { @Mock private TnvzClient tnvzClient; + @Mock + private MsgClientFactory msgClientFactory; + @Mock private MsgClient msgClient; @@ -56,7 +60,7 @@ public class SameThreadDeliveryPipelineTest { @Before public void setup() { - pipeline = new SameThreadDeliveryPipeline(repository, tnvzClient, converter, msgClient); + pipeline = new SameThreadDeliveryPipeline(repository, tnvzClient, converter, msgClientFactory); } @Test @@ -129,7 +133,8 @@ public class SameThreadDeliveryPipelineTest { when(tnvzClient.queryPerson(any(), any())).thenReturn(setupTnvzSuccess(acceptedTypes)); when(converter.convert(eq(mzsRequest) )).thenReturn(msgRequest); when(converter.convert(eq(mzsRequest), any())).thenReturn(msgRequest); - when(msgClient.send(msgRequest, mzsRequest.getConfig())).thenReturn(status); + when(msgClientFactory.create(msgRequest, mzsRequest.getConfig())).thenReturn(msgClient); + when(msgClient.send()).thenReturn(status); return status; -- cgit v1.2.3