Commit 9d32e432 authored by Benny Prange's avatar Benny Prange
Browse files

Release eumw-1.0.5-rc.1

parent ad3674ab
......@@ -10,3 +10,6 @@ e78b3ff8c6e824ac3ab43fcaeb695aaafb3c236c eumw-1.0.2
f33f98135e4d97738965caf8369910526a4ba5eb eumw-1.0.3
241787841eb0799eca7a5e1fc975de7d34186807 eumw-1.0.4-rc.1
1832cd8ad07210ce87e68e1efe861200ed1974d2 eumw-1.0.4-rc.2
cd6877486ad7373dae2fec12f9f74d19e78d1110 eumw-1.0.4
0000000000000000000000000000000000000000 eumw-1.0.4
76f405023426c019aee600be45f72020a1f66159 eumw-1.0.4
......@@ -14,7 +14,7 @@
<parent>
<groupId>de.governikus.eumw</groupId>
<artifactId>eumw</artifactId>
<version>1.0.4</version>
<version>1.0.5-SNAPSHOT</version>
</parent>
<artifactId>configuration-wizard</artifactId>
......
......@@ -20,6 +20,7 @@ public enum MiddlewarePropertiesIdentifier
SERVICE_PROVIDER_CONFIG_FOLDER,
SERVICE_PROVIDER_METADATA_SIGNATURE_CERT,
ENTITYID_INT,
SERVER_URL,
MIDDLEWARE_SIGN_KEY,
MIDDLEWARE_SIGN_PIN,
MIDDLEWARE_SIGN_ALIAS,
......
......@@ -118,7 +118,7 @@ public class ConfigurationForm implements Observer
/**
* this method is used to check if a poseidas xml file is going to be overridden at the current save
* location
*
*
* @return true if the poseidas.xml does already exist
*/
public boolean willPoseidasBeOverridden()
......@@ -221,8 +221,12 @@ public class ConfigurationForm implements Observer
try
{
getEidasmiddlewareProperties().save(saveLocation,
getPoseidasConfig().getServiceProvider().getEntityID());
// Set missing properties with values from POSeIDAS.xml
getEidasmiddlewareProperties().setEntityIdInt(getPoseidasConfig().getServiceProvider().getEntityID());
String serverURL = getPoseidasConfig().getCoreConfig().getServerUrl().replace("/eidas-middleware", "");
getEidasmiddlewareProperties().setServerURL(serverURL);
getEidasmiddlewareProperties().save(saveLocation);
}
catch (IOException | KeyStoreCreationFailedException | CertificateEncodingException e)
{
......@@ -232,7 +236,7 @@ public class ConfigurationForm implements Observer
/**
* used in case that the value in the {@link ConfigDirectory} will be set
*
*
* @param configDirectoryObject the {@link ConfigDirectory} instance
* @param configDirectoryString the argument that has been changed
*/
......
......@@ -29,6 +29,7 @@ import javax.validation.constraints.NotBlank;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.disk.DiskFileItem;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.io.output.DeferredFileOutputStream;
import org.apache.commons.lang3.StringUtils;
......@@ -94,6 +95,11 @@ public class EidasmiddlewarePropertiesForm extends AbstractPropertiesConfigurati
*/
private String entityIdInt;
/**
* The serverURL of the middleware, must match with the URLs in the POSeIDAS.xml
*/
private String serverURL;
/**
* keystore containing the middleware signature keypair
*/
......@@ -151,6 +157,7 @@ public class EidasmiddlewarePropertiesForm extends AbstractPropertiesConfigurati
getServiceProviderMetadataFile(middlewareProperties).ifPresent(this::setServiceProviderMetadataFile);
loadMetadataSignatureCertificate(middlewareProperties).ifPresent(this::setMetadataSignatureCertificate);
this.entityIdInt = (String)middlewareProperties.get(MiddlewarePropertiesIdentifier.ENTITYID_INT.name());
this.serverURL = (String)middlewareProperties.get(MiddlewarePropertiesIdentifier.SERVER_URL.name());
// @formatter:off
String keystorePath =
(String)middlewareProperties.get(MiddlewarePropertiesIdentifier.MIDDLEWARE_SIGN_KEY.name());
......@@ -294,11 +301,10 @@ public class EidasmiddlewarePropertiesForm extends AbstractPropertiesConfigurati
* save the eidas middleware properties form into directory/eidasmiddleware.properties file
*
* @param directory file path
* @param entityIdInt EntityID of the corresponding service provider in POSeIDAS.xml
* @throws IOException
* @throws CertificateEncodingException
*/
public void save(String directory, String entityIdInt) throws IOException, CertificateEncodingException
public void save(String directory) throws IOException, CertificateEncodingException
{
KeyStoreSupporter.keyStoreToFile(new File(directory),
middlewareSignKeystore.getKeystoreName(),
......@@ -310,6 +316,8 @@ public class EidasmiddlewarePropertiesForm extends AbstractPropertiesConfigurati
middlewareCryptKeystore.getKeystorePassword());
Files.createDirectories(Paths.get(directory, SERVICEPROVIDER_METADATA_FOLDERNAME));
FileUtils.cleanDirectory(Paths.get(directory,
SERVICEPROVIDER_METADATA_FOLDERNAME).toFile());
Files.write(Paths.get(directory,
SERVICEPROVIDER_METADATA_FOLDERNAME,
serviceProviderMetadataFile.getOriginalFilename()),
......@@ -318,7 +326,6 @@ public class EidasmiddlewarePropertiesForm extends AbstractPropertiesConfigurati
Files.write(Paths.get(directory, metadataSignatureCertificate.getName() + ".crt"),
metadataSignatureCertificate.getCertificate().getEncoded());
this.entityIdInt = entityIdInt;
Properties properties = toProperties(directory);
File file = Paths.get(directory, FileNames.MIDDLEWARE_PROPERTIES.getFileName()).toFile();
try (FileOutputStream fileOut = new FileOutputStream(file))
......@@ -347,6 +354,7 @@ public class EidasmiddlewarePropertiesForm extends AbstractPropertiesConfigurati
properties.setProperty(MiddlewarePropertiesIdentifier.SERVICE_PROVIDER_METADATA_SIGNATURE_CERT.name(),
addPathPrefix(pathPrefix, metadataSignatureCertificate.getName() + ".crt"));
properties.setProperty(MiddlewarePropertiesIdentifier.ENTITYID_INT.name(), entityIdInt);
properties.setProperty(MiddlewarePropertiesIdentifier.SERVER_URL.name(), serverURL);
// @formatter:off
properties.setProperty(MiddlewarePropertiesIdentifier.MIDDLEWARE_SIGN_KEY.name(),
addPathPrefix(pathPrefix,
......
......@@ -22,7 +22,9 @@ import java.io.FileInputStream;
import java.io.IOException;
import java.net.URL;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.KeyStoreException;
......@@ -31,7 +33,6 @@ import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Locale;
import java.util.Properties;
import javax.xml.bind.JAXBException;
......@@ -46,6 +47,7 @@ import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.security.crypto.bcrypt.BCrypt;
import org.springframework.test.context.junit.jupiter.SpringExtension;
import com.gargoylesoftware.htmlunit.WebAssert;
import com.gargoylesoftware.htmlunit.html.DomElement;
import com.gargoylesoftware.htmlunit.html.HtmlButton;
import com.gargoylesoftware.htmlunit.html.HtmlFileInput;
......@@ -156,6 +158,11 @@ public class CompleteUserJourneyTest extends AbstractWebTest // NOPMD
*/
private static final String SERVICEPROVIDER_ENTITY_ID = "myEntityID";
/**
* the server url used in the poseidas.xml and the eidasmiddleware.properties
*/
private static final String SERVER_URL = "http://myhost:8443";
/**
* password for accessing the keystores in the resources
*/
......@@ -209,6 +216,51 @@ public class CompleteUserJourneyTest extends AbstractWebTest // NOPMD
validateApplicationProperties();
validatePoseidasData();
validateEidasMiddlewareProperties();
uploadNewMetadata();
}
private void uploadNewMetadata() throws IOException
{
// check that there is only one metadata file
Path path = Paths.get(getTempDirectory(), "serviceprovider-metadata");
assertEquals(path.toFile().listFiles().length,
1,
"There must be exactly one service provider metadata file");
// Clear cookies to start from the first page
getWebClient().getCookieManager().clearCookies();
HtmlPage currentPage = getWebClient().getPage(getRequestUrl("/"));
setTextValue(currentPage, "configDirectory.configDirectory", getTempDirectory());
// go to upload existing config
currentPage = click(currentPage, Button.NEXT_PAGE);
// go to application.properties
currentPage = click(currentPage, Button.NEXT_PAGE);
// go to POSeIDAS.xml
currentPage = click(currentPage, Button.NEXT_PAGE);
// go to eidasmiddleware.properties
currentPage = click(currentPage, Button.NEXT_PAGE);
// Upload new metadata
String newMetadataContent = "<newMetadata/>";
Path newMetadataFile = Files.write(Paths.get(getTempDirectory(), "newMetadata.xml"),
newMetadataContent.getBytes(StandardCharsets.UTF_8));
HtmlFileInput metadataFileInput = (HtmlFileInput)currentPage.getElementById("serviceProviderMetadataFile");
metadataFileInput.setFiles(newMetadataFile.toFile());
// go to save page
currentPage = click(currentPage, Button.NEXT_PAGE);
WebAssert.assertTextPresent(currentPage, "Save location");
click(currentPage, Button.SAVE);
assertEquals(path.toFile().listFiles().length,
1,
"There must be exactly one service provider metadata file");
assertEquals(new String(Files.readAllBytes(path.resolveSibling("newMetadata.xml"))),
newMetadataContent,
"New content expected");
}
/**
......@@ -290,7 +342,9 @@ public class CompleteUserJourneyTest extends AbstractWebTest // NOPMD
setTextValue(currentPageWithKeystore, adminUsernameFieldId, "poseidasUsername");
setPasswordValue(currentPageWithKeystore, adminPasswordFieldId, "poseidasPassword");
setTextValue(currentPageWithKeystore, logFileFieldId, "logFilePath");
setTextValue(currentPageWithKeystore, additionalPropertiesFieldId, "logging.level.de.governikus=DEBUG\nlogging.level.foo.bar=ERROR");
setTextValue(currentPageWithKeystore,
additionalPropertiesFieldId,
"logging.level.de.governikus=DEBUG\nlogging.level.foo.bar=ERROR");
return click(currentPageWithKeystore, Button.NEXT_PAGE);
}
......@@ -351,7 +405,7 @@ public class CompleteUserJourneyTest extends AbstractWebTest // NOPMD
// fill in form
HtmlPage selectedRadioButtonPage = setRadioButton(allFilesUploaded, dvcaBudruFieldId);
setTextValue(selectedRadioButtonPage, serverUrlFieldId, "http://myhost:8443");
setTextValue(selectedRadioButtonPage, serverUrlFieldId, SERVER_URL);
setTextValue(selectedRadioButtonPage, entityIdFieldId, SERVICEPROVIDER_ENTITY_ID);
setSelectValue(selectedRadioButtonPage, blackListFieldId, blacklist);
setSelectValue(selectedRadioButtonPage, masterListFieldId, masterlist);
......@@ -492,7 +546,7 @@ public class CompleteUserJourneyTest extends AbstractWebTest // NOPMD
applicationProperties.remove(ApplicationPropertiesIdentifier.ADMIN_USERNAME.getPropertyName()),
VALIDATE_APPLICATION_PROPERTIES_MESSAGE);
assertTrue(BCrypt.checkpw("poseidasPassword",
(String)applicationProperties.remove(ApplicationPropertiesIdentifier.ADMIN_PASSWORD.getPropertyName())),
(String)applicationProperties.remove(ApplicationPropertiesIdentifier.ADMIN_PASSWORD.getPropertyName())),
VALIDATE_APPLICATION_PROPERTIES_MESSAGE);
assertEquals("logFilePath",
applicationProperties.remove(ApplicationPropertiesIdentifier.LOGGING_FILE.getPropertyName()),
......@@ -692,6 +746,9 @@ public class CompleteUserJourneyTest extends AbstractWebTest // NOPMD
eidasProperties.load(eidasInputStream);
}
assertEquals(SERVER_URL,
eidasProperties.getProperty(MiddlewarePropertiesIdentifier.SERVER_URL.name()),
VALIDATE_MIDDLEWARE_PROPERTIES_MESSAGE);
assertEquals(SERVICEPROVIDER_ENTITY_ID,
eidasProperties.getProperty(MiddlewarePropertiesIdentifier.ENTITYID_INT.name()),
VALIDATE_MIDDLEWARE_PROPERTIES_MESSAGE);
......
......@@ -123,6 +123,12 @@ public class EidasmiddlewarePropertiesFormTest extends AbstractConfigFileTest
overriddenProperties.getProperty(MiddlewarePropertiesIdentifier.ENTITYID_INT.name()));
EQUAL_NULL_CHECK.accept(entityIdInt,
eidasmiddlewarePropertiesForm.getEntityIdInt());
final String serverURL = "https://localhost:8443";
EQUAL_NULL_CHECK.accept(serverURL,
overriddenProperties.getProperty(MiddlewarePropertiesIdentifier.SERVER_URL.name()));
EQUAL_NULL_CHECK.accept(serverURL,
eidasmiddlewarePropertiesForm.getServerURL());
checkContactDetails(overriddenProperties, eidasmiddlewarePropertiesForm);
// @formatter:on
}
......
......@@ -14,6 +14,8 @@ SERVICE_PROVIDER_CONFIG_FOLDER=
SERVICE_PROVIDER_METADATA_SIGNATURE_CERT=
#EntityID of the corresponding service provider in POSeIDAS.xml
ENTITYID_INT=
#ServerURL of the middleware
SERVER_URL=
#Path to the keystore containing the middleware signature keypair
MIDDLEWARE_SIGN_KEY=
#Pin of the signature key
......
......@@ -14,6 +14,8 @@ SERVICE_PROVIDER_CONFIG_FOLDER=/opt/application/config/euconfigs
SERVICE_PROVIDER_METADATA_SIGNATURE_CERT=D:/Projekte/intern/eumw/configuration-wizard/configuration/test-metadata.cer
#EntityID of the corresponding service provider in POSeIDAS.xml
ENTITYID_INT=providerA
#ServerURL of the middleware
SERVER_URL=https://localhost:8443
#Path to the keystore containing the middleware signature keypair
MIDDLEWARE_SIGN_KEY=D:/Projekte/intern/eumw/configuration-wizard/configuration/tomcat.jks
#Pin of the signature key
......
......@@ -14,6 +14,8 @@ SERVICE_PROVIDER_CONFIG_FOLDER=/opt/application/config/euconfigs
SERVICE_PROVIDER_METADATA_SIGNATURE_CERT=D:/Projekte/intern/eumw/configuration-wizard/configuration/test-metadata.cer
#EntityID of the corresponding service provider in POSeIDAS.xml
ENTITYID_INT=providerA
#ServerURL of the middleware
SERVER_URL=https://localhost:8443
#Path to the keystore containing the middleware signature keypair
MIDDLEWARE_SIGN_KEY=D:/Projekte/intern/eumw/configuration-wizard/configuration/tomcat.jks
#Pin of the signature key
......
......@@ -14,7 +14,7 @@
<parent>
<artifactId>eumw</artifactId>
<groupId>de.governikus.eumw</groupId>
<version>1.0.4</version>
<version>1.0.5-SNAPSHOT</version>
</parent>
<artifactId>database-migration</artifactId>
......
......@@ -147,6 +147,7 @@ You can add these additional properties in the text area at the bottom.
On the next page the eID server of the eIDAS Middleware is configured.
The server URL is important especially if the middleware is running behind a reverse proxy.
It will be used for the POSeIDAS.xml and for SERVER_URL in the eidasmiddleware.properties.
The entity ID is used in the web admin of the middleware, you can use something like `providerA`.
......@@ -259,6 +260,10 @@ Additional details:
Only change this value if you have changed the value ``entityID`` in the ``POSeIDAS.xml``.
#. **SERVER_URL**
This value is used for the URL in the Middelware Metadata. Use the following format: https://servername:port
#. **MIDDLEWARE_SIGN_KEY**
Insert the path to the keystore that should be used to sign eIDAS responses.
......
......@@ -17,6 +17,9 @@ SERVICE_PROVIDER_METADATA_SIGNATURE_CERT=
#EntityID of the corresponding service provider in POSeIDAS.xml
ENTITYID_INT=providerA
#ServerURL that is used for the Middleware Metadata, https://servername:port
SERVER_URL=
#Path to the keystore containing the middleware signature keypair
MIDDLEWARE_SIGN_KEY=
#Pin of the signature key
......
......@@ -14,7 +14,7 @@
<parent>
<groupId>de.governikus.eumw</groupId>
<artifactId>eumw</artifactId>
<version>1.0.4</version>
<version>1.0.5-SNAPSHOT</version>
</parent>
<artifactId>eid-service</artifactId>
......
......@@ -14,7 +14,7 @@
<parent>
<groupId>de.governikus.eumw</groupId>
<artifactId>eumw</artifactId>
<version>1.0.4</version>
<version>1.0.5-SNAPSHOT</version>
</parent>
<artifactId>eidas-common</artifactId>
......
......@@ -571,15 +571,6 @@ public final class Utils
return req.getScheme() + "://" + req.getServerName() + ":" + req.getServerPort();
}
/**
*
* Return URL prefix from http request with the context path.
*/
public static String createOwnURLWithContextPath(HttpServletRequest req)
{
return createOwnUrlPrefix(req) + req.getContextPath();
}
/**
* Returns an HTML page for an error case.
*/
......
......@@ -14,7 +14,7 @@
<parent>
<groupId>de.governikus.eumw</groupId>
<artifactId>eumw</artifactId>
<version>1.0.4</version>
<version>1.0.5-SNAPSHOT</version>
</parent>
<artifactId>eidas-demo</artifactId>
......
......@@ -14,7 +14,7 @@
<parent>
<groupId>de.governikus.eumw</groupId>
<artifactId>eumw</artifactId>
<version>1.0.4</version>
<version>1.0.5-SNAPSHOT</version>
</parent>
<artifactId>eidas-middleware</artifactId>
......
......@@ -92,6 +92,11 @@ public class ConfigHolder
*/
private static final String KEY_ENTITYID_INT = "ENTITYID_INT";
/**
* Eu Middleware ENTITYID to be used towards POSeIDAS
*/
private static final String KEY_SERVER_URL = "SERVER_URL";
/**
* Country Code (of the country where the middleware is deployed).
*/
......@@ -131,6 +136,8 @@ public class ConfigHolder
private String entityIdInt = null;
private String serverURL;
private String countryCode = null;
private EidasOrganisation organization = null;
......@@ -326,6 +333,18 @@ public class ConfigHolder
return ConfigHolder.holder.entityIdInt;
}
/**
* Return the value for SERVER_URL with the default context path
*/
public static synchronized String getServerURLWithContextPath()
{
if (ConfigHolder.holder.serverURL == null)
{
ConfigHolder.holder.serverURL = ConfigHolder.holder.properties.getProperty(KEY_SERVER_URL);
}
return ConfigHolder.holder.serverURL + EIDASMiddlewareApplication.CONTEXT_PATH;
}
public static synchronized String getCountryCode()
{
if (ConfigHolder.holder.countryCode == null)
......
......@@ -14,7 +14,10 @@ import java.security.Security;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.web.server.WebServerFactoryCustomizer;
import org.springframework.boot.web.servlet.ServletComponentScan;
import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.transaction.annotation.EnableTransactionManagement;
......@@ -28,6 +31,11 @@ import de.governikus.eumw.eidascommon.Utils;
public class EIDASMiddlewareApplication
{
/**
* The context path of the eIDAS Middleware
*/
public static final String CONTEXT_PATH = "/eidas-middleware";
public static void main(String[] args)
{
System.setProperty("jdk.tls.namedGroups", "secp521r1,secp384r1,secp256r1,secp224r1");
......@@ -40,4 +48,13 @@ public class EIDASMiddlewareApplication
SpringApplication.run(EIDASMiddlewareApplication.class, args);
}
/**
* Set the context path programmatically
*/
@Bean
public WebServerFactoryCustomizer<ConfigurableServletWebServerFactory> webServerFactoryCustomizer()
{
return factory -> factory.setContextPath(CONTEXT_PATH);
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment