Skip to content
Snippets Groups Projects
Commit d9e2430d authored by Martin Vogel's avatar Martin Vogel
Browse files

refactor: pass signer name instead of cert (planning#2403)

parent 67ff5439
No related branches found
No related tags found
1 merge request!476planning#2403 Dynamic Signer
......@@ -6,6 +6,7 @@ import dev.fitko.fitconnect.api.domain.zbp.attachment.ZBPApiAttachment;
import dev.fitko.fitconnect.api.domain.zbp.message.CreateMessage;
import dev.fitko.fitconnect.api.domain.zbp.message.CreateMessageResponse;
import dev.fitko.fitconnect.api.domain.zbp.state.CreateState;
import dev.fitko.fitconnect.core.crypto.utils.CertUtils;
import dev.fitko.fitconnect.core.zbp.ZBPApiService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
......@@ -27,13 +28,15 @@ public class ZBPServiceAdapter {
public CreateMessageResponse sendMessage(CreateMessage createMessage, List<ZBPApiAttachment> attachments, String authorCertificate, String authorToken) {
LOGGER.info("Sending new message with {} attachment(s) to ZBP mailbox {}", attachments.size(), createMessage.getMailboxUuid());
final ZBPEnvelope messageEnvelope = ZBPEnvelopeBuilder.fromSenderPayload(createMessage, signingKey, authorCertificate, authorToken);
return apiService.sendMessageToMailbox(signingKey, authorCertificate, messageEnvelope, attachments);
final String signer = CertUtils.getSubjectCNFromCertificate(authorCertificate);
return apiService.sendMessageToMailbox(signingKey, signer, messageEnvelope, attachments);
}
public void createNewState(CreateState createState, String authorCertificate, String authorToken) {
LOGGER.info("Creating state {} for application {}", createState.getState(), createState.getApplicationId());
final ZBPEnvelope createStateEnvelope = ZBPEnvelopeBuilder.fromSenderPayload(createState, signingKey, authorCertificate, authorToken);
apiService.createNewState(signingKey, authorCertificate, createStateEnvelope);
final String signer = CertUtils.getSubjectCNFromCertificate(authorCertificate);
apiService.createNewState(signingKey, signer, createStateEnvelope);
}
}
......@@ -8,7 +8,6 @@ import com.nimbusds.jose.crypto.RSASSASigner;
import com.nimbusds.jose.jwk.RSAKey;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import dev.fitko.fitconnect.core.crypto.utils.CertUtils;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
......@@ -23,19 +22,18 @@ public final class TokenGenerator {
/**
* Create a JWT token for access to the ZBP.
*
* @param signingKey the private key the token is signed with
* @param publicCertificate
* @param signingKey the private key the token is signed with
* @param signer name of the signer the token is issued for
* @return JWT token as string
* @throws RuntimeException if there was error signing the token
*/
public static String buildToken(RSAKey signingKey, String publicCertificate) {
public static String buildToken(RSAKey signingKey, String signer) {
final JWSHeader jwsHeader = new JWSHeader.Builder(JWSAlgorithm.RS512)
.type(JOSEObjectType.JWT)
.build();
final Instant issueTime = Instant.now();
final String signer = CertUtils.getSubjectCNFromCertificate(publicCertificate);
final JWTClaimsSet claimsSet = new JWTClaimsSet.Builder()
.issueTime(Date.from(issueTime))
......
......@@ -3,11 +3,13 @@ package dev.fitko.fitconnect.core.zbp;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.nimbusds.jose.jwk.RSAKey;
import dev.fitko.fitconnect.api.config.ZBPCertConfig;
import dev.fitko.fitconnect.api.domain.zbp.ZBPEnvelope;
import dev.fitko.fitconnect.api.domain.zbp.attachment.ZBPApiAttachment;
import dev.fitko.fitconnect.api.domain.zbp.message.CreateMessageResponse;
import dev.fitko.fitconnect.api.exceptions.internal.RestApiException;
import dev.fitko.fitconnect.api.services.http.HttpClient;
import dev.fitko.fitconnect.core.crypto.utils.CertUtils;
import okhttp3.MediaType;
import okhttp3.MultipartBody;
import okhttp3.RequestBody;
......@@ -38,10 +40,10 @@ public class ZBPApiService {
* @return {@link CreateMessageResponse}
* @throws RestApiException if there was a technical error sending the message
*/
public CreateMessageResponse sendMessageToMailbox(final RSAKey signingKey, String cert, final ZBPEnvelope envelope, final List<ZBPApiAttachment> attachments) throws RestApiException {
public CreateMessageResponse sendMessageToMailbox(final RSAKey signingKey, String signer, final ZBPEnvelope envelope, final List<ZBPApiAttachment> attachments) throws RestApiException {
final String url = String.format(baseUrl + MAILBOX_MESSAGE_PATH);
try {
final String token = TokenGenerator.buildToken(signingKey, cert);
final String token = TokenGenerator.buildToken(signingKey, signer);
final Map<String, String> headers = buildHeaders(token, "multipart/form-data");
final MultipartBody multipartBody = buildMultipartBody(envelope, attachments);
return httpClient.put(url, headers, multipartBody, CreateMessageResponse.class).getBody();
......@@ -57,10 +59,10 @@ public class ZBPApiService {
* @param createStateEnvelope the signed envelope that contains the signed state payload
* @throws RestApiException if there was a technical error creating the state
*/
public void createNewState(final RSAKey signingKey, String cert, final ZBPEnvelope createStateEnvelope) throws RestApiException {
public void createNewState(final RSAKey signingKey, String signer, final ZBPEnvelope createStateEnvelope) throws RestApiException {
final String url = String.format(baseUrl + CREATE_STATE_PATH);
try {
final String token = TokenGenerator.buildToken(signingKey, cert);
final String token = TokenGenerator.buildToken(signingKey, signer);
final Map<String, String> headers = buildHeaders(token, "application/json");
httpClient.post(url, headers, createStateEnvelope, Void.class);
} catch (final Exception e) {
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment