# MOA ZS

## Prepare for Compilation

For compiling MOAZS, do the following:

1. Checkout MoaZS repository (directory name `moazs.git`)
1. Install `at.gv.egiz.eaaf.{eaaf_module_moa-sig, core}` to local repository.
1. Make `eaaf_module_moa-sig`'s transitive dependencies available by copying or symlinking `eaaf_module_moa-sig`'s repository into MOAZS repository.

Certain artifacts are not in the mvn central repo. You need to
install those articats to your local maven repository.

### How to Install `at.gv.egiz.eaaf` Artifacts

Requirements: JDK 1.8

```
export EAAF_COMPONENTS_VERSION=1.0.7
cd /path/to/working/dir
git clone https://gitlab.iaik.tugraz.at/egiz/eaaf_components/
cd eaaf_components
git checkout $EAAF_COMPONENTS_VERSION
mvn clean package source:jar install
```

### Workaround: Make eaaf_module_moa-sig's Transitive Dependencies Available

`eaaf_module_moa-sig` depends on artifacts that are also not in mvn's
central repo. You can make them available by copying or symlinking to
the repository directory in
https://gitlab.iaik.tugraz.at/egiz/eaaf_components/tree/master/eaaf_modules/eaaf_module_moa-sig/repository

```
cd moazs.git
# symlink to moa sig's artifacts
ln -s <path-to-local-eaaf-components-git-repo>/eaaf_modules/eaaf_module_moa-sig/repository
# copy repository
cp <path-to-local-eaaf-components-git-repo>/eaaf_modules/eaaf_module_moa-sig/repository .
```

## Compile & Test

### Run Unit Tests

Requirements:
- openJDK 12 (OpenJDK 11 has an unfixed bug [1] that prevents the completion of TLS handshakes.)

Command:
```
mvn test
```

### Run Integration Tests

Integration tests start with the prefix `IT`.

Requirements:
- OpenJDK 12
- Some integration tests have additional requirements (e.g. ITMsgClientTest also tests the TLS connection and Client Authentication). Ensure that these requirements are met as well.

Command:
```
mvn test -P integration-test
```

### Quick Guide: Set Up SSL in Apache 2.

Some tests in ITMsgClientTest require SSL protection of the service endpoint with SSL Client Authentication. Here's a quick guide how to set up an Apache 2 service on localhost as a SSL terminating reverse proxy to the zusemsg endpoint that runs on http://localhost:8081/ :

1. Install Apache 2.
1. Ensure that mod-proxy is installed and enabled.
1. In `default-ssl.conf` add the following lines to proxy requests from `https://localhost/zusemsg` to `http://localhost:8081`:
```
ProxyRequests off
ProxyPass /zusemsg/ http://localhost:8081/
ProxyPassReverse /zusemsg/ http://localhost:8081/
<Proxy *>
  Order allow,deny
  allow from all
</Proxy>
```
1. Use certificate and key provided in this repository for the TLS connection and add the following directives to `default-ssl.conf`:
```
SSLCertificateFile <path/to/repo/ssl/server>/server.localhost.cert.pem
SSLCertificateKeyFile <path/to/repo/ssl/server>/server.localhost.key.pem
SSLCertificateChainFile <path/to/repo/ssl/server>/ca-chain.cert.pem
```
1. Trust the client certificate with the following directive in `default-ssl-conf`:
```
SSLCACertificateFile <path/to/repo/ssl>/trusted-cas-bundle.pem
```

# Footnotes

[1] https://bugs.openjdk.java.net/browse/JDK-8214098