Commit 2e245108 authored by Tobias Assmann's avatar Tobias Assmann
Browse files

make client used validate-server-cert propertie also with refresh url, set default value to true

parent 2c9e835f
......@@ -13,6 +13,7 @@ package org.openecard.addons.reqesidta.ssa;
import java.io.IOException;
import java.net.URI;
import java.net.URL;
import org.openecard.addons.reqesidta.ReqesidtaProperties;
import org.openecard.httpcore.HttpResourceException;
import org.openecard.httpcore.InvalidProxyException;
import org.openecard.httpcore.InvalidUrlException;
......@@ -33,24 +34,39 @@ public class SsaSessionId {
this.sessionId = sessionId;
}
public static SsaSessionId loadFromRefreshUrl(URI refreshUri) throws IOException {
try {
URL refreshUrl = refreshUri.toURL();
public static SsaSessionId loadFromRefreshUrl(URI refreshUri) throws IOException {
try {
URL refreshUrl = refreshUri.toURL();
//check if we should validate the server`s cert
//if not, disable validation in ResourceContextLoader
ResourceContextLoader rcl;
if (ReqesidtaProperties.isValidateServerCert()) {
rcl = new ResourceContextLoader() {
@Override
public String getAcceptsHeader() {
return "text/plain";
}
};
} else {
rcl = new ResourceContextLoader() {
@Override
public String getAcceptsHeader() {
return "text/plain";
}
@Override
public boolean isPKIXVerify(){
return false;
}
};
}
ResourceContext result = rcl.getStream(refreshUrl);
String sessionId = result.getData();
ResourceContext result = new ResourceContextLoader() {
@Override
public String getAcceptsHeader() {
return "text/plain";
return new SsaSessionId(sessionId);
} catch (IOException | HttpResourceException | InvalidUrlException | ValidationError | InvalidProxyException ex) {
throw new IOException("Failed to resolve session ID via refresh URL.", ex);
}
}.getStream(refreshUrl);
String sessionId = result.getData();
return new SsaSessionId(sessionId);
} catch (IOException | HttpResourceException | InvalidUrlException | ValidationError | InvalidProxyException ex) {
throw new IOException("Failed to resolve session ID via refresh URL.", ex);
}
}
public String getSessionId() {
return sessionId;
......
# set to true when using prod
# validate-server-cert = false
#validate-server-cert = false
validate-server-cert = true
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment