Example 1 with IPMode
use of com.helger.phase4.model.pmode.IPMode in project phase4 by phax.
the class PeppolCompatibilityValidator method validatePMode.
@Override
public void validatePMode(@Nonnull final IPMode aPMode, @Nonnull final ErrorList aErrorList) {
ValueEnforcer.isTrue(aErrorList.isEmpty(), () -> "Errors in global PMode validation: " + aErrorList.toString());
try {
MetaAS4Manager.getPModeMgr().validatePMode(aPMode);
} catch (final PModeValidationException ex) {
aErrorList.add(_createError(ex.getMessage()));
}
final EMEP eMEP = aPMode.getMEP();
final EMEPBinding eMEPBinding = aPMode.getMEPBinding();
if (eMEP == EMEP.ONE_WAY && eMEPBinding == EMEPBinding.PUSH) {
// Valid
} else {
aErrorList.add(_createError("An invalid combination of PMode MEP (" + eMEP + ") and MEP binding (" + eMEPBinding + ") was specified, only one-way/push is valid."));
}
// Leg1 must be present
final PModeLeg aPModeLeg1 = aPMode.getLeg1();
if (aPModeLeg1 == null) {
aErrorList.add(_createError("PMode.Leg[1] is missing"));
} else {
_checkIfLegIsValid(aErrorList, aPModeLeg1, "PMode.Leg[1].");
}
if (aPMode.getLeg2() != null) {
aErrorList.add(_createError("PMode.Leg[2] must not be present"));
}
// Compression application/gzip ONLY
// other possible states are absent or "" (No input)
final PModePayloadService aPayloadService = aPMode.getPayloadService();
if (aPayloadService != null) {
final EAS4CompressionMode eCompressionMode = aPayloadService.getCompressionMode();
if (eCompressionMode != null) {
if (!eCompressionMode.equals(EAS4CompressionMode.GZIP))
aErrorList.add(_createError("PMode.PayloadService.CompressionMode must be " + EAS4CompressionMode.GZIP + " instead of " + eCompressionMode));
}
}
}
Also used :
PModeValidationException(com.helger.phase4.model.pmode.PModeValidationException)
EMEPBinding(com.helger.phase4.model.EMEPBinding)
EMEP(com.helger.phase4.model.EMEP)
PModeLeg(com.helger.phase4.model.pmode.leg.PModeLeg)
EAS4CompressionMode(com.helger.phase4.attachment.EAS4CompressionMode)
PModePayloadService(com.helger.phase4.model.pmode.PModePayloadService)
Example 2 with IPMode
use of com.helger.phase4.model.pmode.IPMode in project phase4 by phax.
the class CEFCompatibilityValidator method validatePMode.
@Override
public void validatePMode(@Nonnull final IPMode aPMode, @Nonnull final ErrorList aErrorList) {
ValueEnforcer.isTrue(aErrorList.isEmpty(), () -> "Errors in global PMode validation: " + aErrorList.toString());
try {
MetaAS4Manager.getPModeMgr().validatePMode(aPMode);
} catch (final PModeValidationException ex) {
aErrorList.add(_createError(ex.getMessage()));
}
final EMEP eMEP = aPMode.getMEP();
final EMEPBinding eMEPBinding = aPMode.getMEPBinding();
if ((eMEP == EMEP.ONE_WAY && eMEPBinding == EMEPBinding.PUSH) || (eMEP == EMEP.TWO_WAY && eMEPBinding == EMEPBinding.PUSH_PUSH)) {
// Valid
} else {
aErrorList.add(_createError("An invalid combination of PMode MEP (" + eMEP + ") and MEP binding (" + eMEPBinding + ") was specified, valid are only one-way/push and two-way/push-push."));
}
// Leg1 must be present
final PModeLeg aPModeLeg1 = aPMode.getLeg1();
if (aPModeLeg1 == null) {
aErrorList.add(_createError("PMode.Leg[1] is missing"));
} else {
_checkIfLegIsValid(aErrorList, aPModeLeg1, "PMode.Leg[1].");
}
if (eMEP.isTwoWay()) {
final PModeLeg aPModeLeg2 = aPMode.getLeg2();
if (aPModeLeg2 == null) {
aErrorList.add(_createError("PMode.Leg[2] is missing as it specified as TWO-WAY"));
} else {
_checkIfLegIsValid(aErrorList, aPModeLeg2, "PMode.Leg[2].");
}
}
// Compression application/gzip ONLY
// other possible states are absent or "" (No input)
final PModePayloadService aPayloadService = aPMode.getPayloadService();
if (aPayloadService != null) {
final EAS4CompressionMode eCompressionMode = aPayloadService.getCompressionMode();
if (eCompressionMode != null) {
if (!eCompressionMode.equals(EAS4CompressionMode.GZIP))
aErrorList.add(_createError("PMode.PayloadService.CompressionMode must be " + EAS4CompressionMode.GZIP + " instead of " + eCompressionMode));
}
}
}
Also used :
PModeValidationException(com.helger.phase4.model.pmode.PModeValidationException)
EMEPBinding(com.helger.phase4.model.EMEPBinding)
EMEP(com.helger.phase4.model.EMEP)
PModeLeg(com.helger.phase4.model.pmode.leg.PModeLeg)
EAS4CompressionMode(com.helger.phase4.attachment.EAS4CompressionMode)
PModePayloadService(com.helger.phase4.model.pmode.PModePayloadService)
Example 3 with IPMode
use of com.helger.phase4.model.pmode.IPMode in project phase4 by phax.
the class StoringServletMessageProcessorSPI method processAS4UserMessage.
@Nonnull
public AS4MessageProcessorResult processAS4UserMessage(@Nonnull final IAS4IncomingMessageMetadata aMessageMetadata, @Nonnull final HttpHeaderMap aHttpHeaders, @Nonnull final Ebms3UserMessage aUserMessage, @Nonnull final IPMode aPMode, @Nullable final Node aPayload, @Nullable final ICommonsList<WSS4JAttachment> aIncomingAttachments, @Nonnull final IAS4MessageState aState, @Nonnull final ICommonsList<Ebms3Error> aProcessingErrorMessages) {
LOGGER.info("Received AS4 user message");
_dumpSoap(aMessageMetadata, aState);
// Dump all incoming attachments (but only if they are repeatable)
if (aIncomingAttachments != null) {
int nAttachmentIndex = 0;
for (final WSS4JAttachment aIncomingAttachment : aIncomingAttachments) {
if (aIncomingAttachment.isRepeatable())
_dumpIncomingAttachment(aMessageMetadata, aIncomingAttachment, nAttachmentIndex);
nAttachmentIndex++;
}
}
return AS4MessageProcessorResult.createSuccess();
}
Also used :
WSS4JAttachment(com.helger.phase4.attachment.WSS4JAttachment)
Nonnull(javax.annotation.Nonnull)
Example 4 with IPMode
use of com.helger.phase4.model.pmode.IPMode in project phase4 by phax.
the class ExampleReceiveMessageProcessorSPI method processAS4UserMessage.
@Nonnull
public AS4MessageProcessorResult processAS4UserMessage(@Nonnull final IAS4IncomingMessageMetadata aMessageMetadata, @Nonnull final HttpHeaderMap aHttpHeaders, @Nonnull final Ebms3UserMessage aUserMessage, @Nonnull final IPMode aPMode, @Nullable final Node aPayload, @Nullable final ICommonsList<WSS4JAttachment> aIncomingAttachments, @Nonnull final IAS4MessageState aState, @Nonnull final ICommonsList<Ebms3Error> aProcessingErrorMessages) {
LOGGER.info("Received AS4 user message");
_dumpSoap(aMessageMetadata, aState);
if (aIncomingAttachments != null) {
int nIndex = 1;
for (final WSS4JAttachment aIncomingAttachment : aIncomingAttachments) {
final File aFile = StorageHelper.getStorageFile(aMessageMetadata, "-" + nIndex + ".payload");
if (StreamHelper.copyInputStreamToOutputStream(aIncomingAttachment.getSourceStream(), FileHelper.getOutputStream(aFile)).isFailure())
LOGGER.error("Failed to write incoming attachment [" + nIndex + "] to '" + aFile.getAbsolutePath() + "'");
else
LOGGER.info("Wrote incoming attachment [" + nIndex + "] to '" + aFile.getAbsolutePath() + "'");
++nIndex;
}
}
return AS4MessageProcessorResult.createSuccess();
}
Also used :
File(java.io.File)
WSS4JAttachment(com.helger.phase4.attachment.WSS4JAttachment)
Nonnull(javax.annotation.Nonnull)
Example 5 with IPMode
use of com.helger.phase4.model.pmode.IPMode in project phase4 by phax.
the class SOAPHeaderElementProcessorWSS4J method processHeaderElement.
@Nonnull
public ESuccess processHeaderElement(@Nonnull final Document aSOAPDoc, @Nonnull final Element aSecurityNode, @Nonnull final ICommonsList<WSS4JAttachment> aAttachments, @Nonnull final AS4MessageState aState, @Nonnull final ErrorList aErrorList) {
IPMode aPMode = aState.getPMode();
if (aPMode == null)
aPMode = m_aFallbackPMode;
// Safety Check
if (aPMode == null)
throw new IllegalStateException("No PMode contained in AS4 state - seems like Ebms3 Messaging header is missing!");
// Default is Leg 1, gets overwritten when a reference to a message id
// exists and then uses leg2
final Locale aLocale = aState.getLocale();
PModeLeg aPModeLeg = aPMode.getLeg1();
final Ebms3UserMessage aUserMessage = aState.getEbmsUserMessage();
if (aUserMessage != null && StringHelper.hasText(aUserMessage.getMessageInfo().getRefToMessageId()))
aPModeLeg = aPMode.getLeg2();
// Does security - leg part checks if not <code>null</code>
if (aPModeLeg.getSecurity() != null) {
// Get Signature Algorithm
Element aSignedNode = XMLHelper.getFirstChildElementOfName(aSecurityNode, CAS4.DS_NS, "Signature");
if (aSignedNode != null) {
// Go through the security nodes to find the algorithm attribute
aSignedNode = XMLHelper.getFirstChildElementOfName(aSignedNode, CAS4.DS_NS, "SignedInfo");
final Element aSignatureAlgorithm = XMLHelper.getFirstChildElementOfName(aSignedNode, CAS4.DS_NS, "SignatureMethod");
String sAlgorithm = aSignatureAlgorithm == null ? null : aSignatureAlgorithm.getAttribute("Algorithm");
final ECryptoAlgorithmSign eSignAlgo = ECryptoAlgorithmSign.getFromURIOrNull(sAlgorithm);
if (eSignAlgo == null) {
LOGGER.error("Error processing the Security Header, your signing algorithm '" + sAlgorithm + "' is incorrect. Expected one of the following '" + Arrays.asList(ECryptoAlgorithmSign.values()) + "' algorithms");
aErrorList.add(EEbmsError.EBMS_FAILED_AUTHENTICATION.getAsError(aLocale));
return ESuccess.FAILURE;
}
if (LOGGER.isDebugEnabled())
LOGGER.debug("Using signature algorithm " + eSignAlgo);
// Get Signature Digest Algorithm
aSignedNode = XMLHelper.getFirstChildElementOfName(aSignedNode, CAS4.DS_NS, "Reference");
aSignedNode = XMLHelper.getFirstChildElementOfName(aSignedNode, CAS4.DS_NS, "DigestMethod");
sAlgorithm = aSignedNode == null ? null : aSignedNode.getAttribute("Algorithm");
final ECryptoAlgorithmSignDigest eSignDigestAlgo = ECryptoAlgorithmSignDigest.getFromURIOrNull(sAlgorithm);
if (eSignDigestAlgo == null) {
LOGGER.error("Error processing the Security Header, your signing digest algorithm is incorrect. Expected one of the following'" + Arrays.toString(ECryptoAlgorithmSignDigest.values()) + "' algorithms");
aErrorList.add(EEbmsError.EBMS_FAILED_AUTHENTICATION.getAsError(aLocale));
return ESuccess.FAILURE;
}
if (LOGGER.isDebugEnabled())
LOGGER.debug("Using signature digest algorithm " + eSignDigestAlgo);
}
// Check attachment validity only if a PartInfo element is available
if (aUserMessage != null) {
final boolean bBodyPayloadPresent = aState.isSoapBodyPayloadPresent();
// Check if Attachment IDs are the same
for (int i = 0; i < aAttachments.size(); i++) {
String sAttachmentID = aAttachments.get(i).getHeaders().get(AttachmentUtils.MIME_HEADER_CONTENT_ID);
if (StringHelper.hasNoText(sAttachmentID)) {
LOGGER.error("The provided attachment ID in the 'Content-ID' header may not be empty.");
aErrorList.add(EEbmsError.EBMS_VALUE_INCONSISTENT.getAsError(aLocale));
return ESuccess.FAILURE;
}
if (!sAttachmentID.startsWith(WSS4JAttachment.CONTENT_ID_PREFIX)) {
LOGGER.error("The provided attachment ID '" + sAttachmentID + "' in the 'Content-ID' header does not start with the required prefix '" + WSS4JAttachment.CONTENT_ID_PREFIX + "'");
aErrorList.add(EEbmsError.EBMS_VALUE_INCONSISTENT.getAsError(aLocale));
return ESuccess.FAILURE;
}
if (!sAttachmentID.endsWith(WSS4JAttachment.CONTENT_ID_SUFFIX)) {
LOGGER.error("The provided attachment ID '" + sAttachmentID + "' in the 'Content-ID' header does not end with the required suffix '" + WSS4JAttachment.CONTENT_ID_SUFFIX + "'");
aErrorList.add(EEbmsError.EBMS_VALUE_INCONSISTENT.getAsError(aLocale));
return ESuccess.FAILURE;
}
// Strip prefix and suffix
sAttachmentID = sAttachmentID.substring(WSS4JAttachment.CONTENT_ID_PREFIX.length(), sAttachmentID.length() - WSS4JAttachment.CONTENT_ID_SUFFIX.length());
// Add +1 because the payload has index 0
final String sHref = aUserMessage.getPayloadInfo().getPartInfoAtIndex((bBodyPayloadPresent ? 1 : 0) + i).getHref();
if (!sHref.contains(sAttachmentID)) {
LOGGER.error("The usermessage part information '" + sHref + "' does not reference the respective attachment ID '" + sAttachmentID + "'");
aErrorList.add(EEbmsError.EBMS_VALUE_INCONSISTENT.getAsError(aLocale));
return ESuccess.FAILURE;
}
}
}
final ESuccess eSuccess;
if (AS4Configuration.isWSS4JSynchronizedSecurity()) {
// Use static WSSConfig creation
eSuccess = WSSSynchronizer.call(() -> _verifyAndDecrypt(aSOAPDoc, aAttachments, aState, aErrorList, WSSConfigManager::createStaticWSSConfig));
} else {
// Use instance WSSConfig creation
eSuccess = _verifyAndDecrypt(aSOAPDoc, aAttachments, aState, aErrorList, WSSConfigManager.getInstance()::createWSSConfig);
}
if (eSuccess.isFailure())
return ESuccess.FAILURE;
}
return ESuccess.SUCCESS;
}
Also used :
Locale(java.util.Locale)
ESuccess(com.helger.commons.state.ESuccess)
PModeLeg(com.helger.phase4.model.pmode.leg.PModeLeg)
Element(org.w3c.dom.Element)
IPMode(com.helger.phase4.model.pmode.IPMode)
ECryptoAlgorithmSignDigest(com.helger.phase4.crypto.ECryptoAlgorithmSignDigest)
WSSConfigManager(com.helger.phase4.wss.WSSConfigManager)
Ebms3UserMessage(com.helger.phase4.ebms3header.Ebms3UserMessage)
ECryptoAlgorithmSign(com.helger.phase4.crypto.ECryptoAlgorithmSign)
Nonnull(javax.annotation.Nonnull)
Aggregations
Ebms3UserMessage (com.helger.phase4.ebms3header.Ebms3UserMessage)11
Nonnull (javax.annotation.Nonnull)9
IPMode (com.helger.phase4.model.pmode.IPMode)8
PModeLeg (com.helger.phase4.model.pmode.leg.PModeLeg)8
WSS4JAttachment (com.helger.phase4.attachment.WSS4JAttachment)6
Phase4Exception (com.helger.phase4.util.Phase4Exception)6
Node (org.w3c.dom.Node)6
EAS4CompressionMode (com.helger.phase4.attachment.EAS4CompressionMode)5
Ebms3Property (com.helger.phase4.ebms3header.Ebms3Property)5
Ebms3PullRequest (com.helger.phase4.ebms3header.Ebms3PullRequest)5
Ebms3SignalMessage (com.helger.phase4.ebms3header.Ebms3SignalMessage)5
IOException (java.io.IOException)5
Nullable (javax.annotation.Nullable)5
CommonsArrayList (com.helger.commons.collection.impl.CommonsArrayList)4
AS4DecompressException (com.helger.phase4.attachment.AS4DecompressException)4
Ebms3Error (com.helger.phase4.ebms3header.Ebms3Error)4
Locale (java.util.Locale)4
MessagingException (javax.mail.MessagingException)4
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)4
Document (org.w3c.dom.Document)4
