Example 1 with ESoapVersion
use of com.helger.phase4.soap.ESoapVersion in project phase4 by phax.
the class ENTSOGCompatibilityValidator method _checkIfLegIsValid.
private static void _checkIfLegIsValid(@Nonnull final ErrorList aErrorList, @Nonnull final PModeLeg aPModeLeg, @Nonnull @Nonempty final String sFieldPrefix) {
final PModeLegProtocol aLegProtocol = aPModeLeg.getProtocol();
if (aLegProtocol == null) {
aErrorList.add(_createError(sFieldPrefix + "Protocol is missing"));
} else {
// PROTOCOL Address only https allowed
final String sAddressProtocol = aLegProtocol.getAddressProtocol();
if (StringHelper.hasText(sAddressProtocol)) {
if (sAddressProtocol.equalsIgnoreCase("http") || sAddressProtocol.equalsIgnoreCase("https")) {
// Always okay
} else {
// Other protocol
aErrorList.add(_createError(sFieldPrefix + "AddressProtocol '" + sAddressProtocol + "' is unsupported"));
}
} else {
// Empty address protocol
aErrorList.add(_createError(sFieldPrefix + "AddressProtocol is missing"));
}
final ESoapVersion eSOAPVersion = aLegProtocol.getSoapVersion();
if (!eSOAPVersion.isAS4Default()) {
aErrorList.add(_createError(sFieldPrefix + "SoapVersion '" + eSOAPVersion.getVersion() + "' is unsupported"));
}
}
// Only check the security features if a Security Leg is currently present
final PModeLegSecurity aPModeLegSecurity = aPModeLeg.getSecurity();
if (aPModeLegSecurity != null) {
// Check Certificate
if (aPModeLegSecurity.getX509SignatureCertificate() == null) {
aErrorList.add(_createError(sFieldPrefix + "Security.X509SignatureCertificate is missing"));
}
// Check Signature Algorithm
if (aPModeLegSecurity.getX509SignatureAlgorithm() == null) {
aErrorList.add(_createError(sFieldPrefix + "Security.X509SignatureAlgorithm is missing"));
} else if (!aPModeLegSecurity.getX509SignatureAlgorithm().equals(ECryptoAlgorithmSign.RSA_SHA_256)) {
aErrorList.add(_createError(sFieldPrefix + "Security.X509SignatureAlgorithm must use the value '" + ECryptoAlgorithmSign.RSA_SHA_256.getID() + "'"));
}
// Check Hash Function
if (aPModeLegSecurity.getX509SignatureHashFunction() == null) {
aErrorList.add(_createError(sFieldPrefix + "Security.X509SignatureHashFunction is missing"));
} else if (!aPModeLegSecurity.getX509SignatureHashFunction().equals(ECryptoAlgorithmSignDigest.DIGEST_SHA_256)) {
aErrorList.add(_createError(sFieldPrefix + "Securoty.X509SignatureHashFunction must use the value '" + ECryptoAlgorithmSignDigest.DIGEST_SHA_256.getID() + "'"));
}
// Check Encrypt algorithm
if (aPModeLegSecurity.getX509EncryptionAlgorithm() == null) {
aErrorList.add(_createError(sFieldPrefix + "Security.X509EncryptionAlgorithm is missing"));
} else if (!aPModeLegSecurity.getX509EncryptionAlgorithm().equals(ECryptoAlgorithmCrypt.AES_128_GCM)) {
aErrorList.add(_createError(sFieldPrefix + "Securoty.X509EncryptionAlgorithm must use the value '" + ECryptoAlgorithmCrypt.AES_128_GCM.getID() + "' instead of '" + aPModeLegSecurity.getX509EncryptionAlgorithm().getID() + "'"));
}
// Check WSS Version = 1.1.1
if (aPModeLegSecurity.getWSSVersion() != null) {
// Check for WSS - Version if there is one present
if (!aPModeLegSecurity.getWSSVersion().equals(EWSSVersion.WSS_111))
aErrorList.add(_createError(sFieldPrefix + "Security.WSSVersion must use the value " + EWSSVersion.WSS_111 + " instead of " + aPModeLegSecurity.getWSSVersion()));
}
if (aPModeLegSecurity.isUsernameTokenCreatedDefined() || aPModeLegSecurity.isUsernameTokenDigestDefined() || aPModeLegSecurity.isUsernameTokenNonceDefined() || aPModeLegSecurity.hasUsernameTokenPassword() || aPModeLegSecurity.hasUsernameTokenUsername()) {
aErrorList.add(_createError(sFieldPrefix + "Username nor it's part MUST NOT be set"));
}
// PModeAuthorize
if (aPModeLegSecurity.isPModeAuthorizeDefined()) {
if (aPModeLegSecurity.isPModeAuthorize())
aErrorList.add(_createError(sFieldPrefix + "Security.PModeAuthorize must be set to 'false'"));
} else {
aErrorList.add(_createError(sFieldPrefix + "Security.PModeAuthorize is missing"));
}
// SEND RECEIPT TRUE/FALSE when false don't send receipts anymore
if (aPModeLegSecurity.isSendReceiptDefined()) {
if (aPModeLegSecurity.isSendReceipt()) {
// set response required
if (!aPModeLegSecurity.isSendReceiptNonRepudiation())
aErrorList.add(_createError(sFieldPrefix + "SendReceiptNonRepudiation must be set to 'true'"));
if (aPModeLegSecurity.getSendReceiptReplyPattern() != EPModeSendReceiptReplyPattern.RESPONSE)
aErrorList.add(_createError(sFieldPrefix + "Security.SendReceiptReplyPattern must use the value " + EPModeSendReceiptReplyPattern.RESPONSE + " instead of " + aPModeLegSecurity.getSendReceiptReplyPattern()));
}
}
} else {
aErrorList.add(_createError(sFieldPrefix + "Security is missing"));
}
// Error Handling
final PModeLegErrorHandling aErrorHandling = aPModeLeg.getErrorHandling();
if (aErrorHandling != null) {
if (aErrorHandling.isReportAsResponseDefined()) {
if (!aErrorHandling.isReportAsResponse())
aErrorList.add(_createError(sFieldPrefix + "ErrorHandling.Report.AsResponse must be 'true'"));
} else {
aErrorList.add(_createError(sFieldPrefix + "ErrorHandling.Report.AsResponse is missing"));
}
if (aErrorHandling.isReportProcessErrorNotifyConsumerDefined()) {
if (!aErrorHandling.isReportProcessErrorNotifyConsumer())
aErrorList.add(_createWarn(sFieldPrefix + "ErrorHandling.Report.ProcessErrorNotifyConsumer should be 'true'"));
} else {
aErrorList.add(_createError(sFieldPrefix + "ErrorHandling.Report.ProcessErrorNotifyConsumer is missing"));
}
if (aErrorHandling.isReportProcessErrorNotifyProducerDefined()) {
if (!aErrorHandling.isReportProcessErrorNotifyProducer())
aErrorList.add(_createWarn(sFieldPrefix + "ErrorHandling.Report.ProcessErrorNotifyProducer should be 'true'"));
} else {
aErrorList.add(_createError(sFieldPrefix + "ErrorHandling.Report.ProcessErrorNotifyProducer is missing"));
}
if (aErrorHandling.getReportSenderErrorsTo() != null && aErrorHandling.getReportSenderErrorsTo().addresses() != null && aErrorHandling.getReportSenderErrorsTo().addresses().isNotEmpty()) {
aErrorList.add(_createError(sFieldPrefix + "ReportSenderErrorsTo must not be set"));
}
} else {
aErrorList.add(_createError(sFieldPrefix + "ErrorHandling is missing"));
}
}
Also used :
ESoapVersion(com.helger.phase4.soap.ESoapVersion)
PModeLegErrorHandling(com.helger.phase4.model.pmode.leg.PModeLegErrorHandling)
PModeLegProtocol(com.helger.phase4.model.pmode.leg.PModeLegProtocol)
PModeLegSecurity(com.helger.phase4.model.pmode.leg.PModeLegSecurity)
Example 2 with ESoapVersion
use of com.helger.phase4.soap.ESoapVersion in project phase4 by phax.
the class AbstractCEFTestSetUp method createTestSignedUserMessage.
@Nonnull
protected Document createTestSignedUserMessage(@Nonnull final ESoapVersion eSOAPVersion, @Nullable final Node aPayload, @Nullable final ICommonsList<WSS4JAttachment> aAttachments, @Nonnull final AS4ResourceHelper aResMgr) throws WSSecurityException {
final AS4UserMessage aMsg = createTestUserMessageSoapNotSigned(aPayload, aAttachments);
final Document aSignedDoc = AS4Signer.createSignedMessage(m_aCryptoFactory, aMsg.getAsSoapDocument(aPayload), eSOAPVersion, aMsg.getMessagingID(), aAttachments, aResMgr, false, AS4SigningParams.createDefault());
return aSignedDoc;
}
Also used :
Document(org.w3c.dom.Document)
AS4UserMessage(com.helger.phase4.messaging.domain.AS4UserMessage)
Nonnull(javax.annotation.Nonnull)
Example 3 with ESoapVersion
use of com.helger.phase4.soap.ESoapVersion in project phase4 by phax.
the class CEFCompatibilityValidator method _checkIfLegIsValid.
private static void _checkIfLegIsValid(@Nonnull final ErrorList aErrorList, @Nonnull final PModeLeg aPModeLeg, @Nonnull @Nonempty final String sFieldPrefix) {
final PModeLegProtocol aLegProtocol = aPModeLeg.getProtocol();
if (aLegProtocol == null) {
aErrorList.add(_createError(sFieldPrefix + "Protocol is missing"));
} else {
// PROTOCOL Address only https allowed
final String sAddressProtocol = aLegProtocol.getAddressProtocol();
if (StringHelper.hasText(sAddressProtocol)) {
if (sAddressProtocol.equalsIgnoreCase("https")) {
// Always okay
} else if (sAddressProtocol.equalsIgnoreCase("http") && GlobalDebug.isDebugMode()) {
// Okay in debug mode only
} else {
// Other protocol
aErrorList.add(_createError(sFieldPrefix + "AddressProtocol '" + sAddressProtocol + "' is unsupported"));
}
} else {
// Empty address protocol
if (false)
aErrorList.add(_createError(sFieldPrefix + "AddressProtocol is missing"));
}
final ESoapVersion eSOAPVersion = aLegProtocol.getSoapVersion();
if (!eSOAPVersion.isAS4Default()) {
aErrorList.add(_createError(sFieldPrefix + "SoapVersion '" + eSOAPVersion.getVersion() + "' is unsupported"));
}
}
// Only check the security features if a Security Leg is currently present
final PModeLegSecurity aPModeLegSecurity = aPModeLeg.getSecurity();
if (aPModeLegSecurity != null) {
// certificate is in Partner/SMP - therefore not here :)
if (false)
if (aPModeLegSecurity.getX509SignatureCertificate() == null) {
aErrorList.add(_createError(sFieldPrefix + "Security.X509SignatureCertificate is missing"));
}
// Check Signature Algorithm
if (aPModeLegSecurity.getX509SignatureAlgorithm() == null) {
aErrorList.add(_createError(sFieldPrefix + "Security.X509SignatureAlgorithm is missing"));
} else if (!aPModeLegSecurity.getX509SignatureAlgorithm().equals(ECryptoAlgorithmSign.RSA_SHA_256)) {
aErrorList.add(_createError(sFieldPrefix + "Security.X509SignatureAlgorithm must use the value '" + ECryptoAlgorithmSign.RSA_SHA_256.getID() + "'"));
}
// Check Hash Function
if (aPModeLegSecurity.getX509SignatureHashFunction() == null) {
aErrorList.add(_createError(sFieldPrefix + "Security.X509SignatureHashFunction is missing"));
} else if (!aPModeLegSecurity.getX509SignatureHashFunction().equals(ECryptoAlgorithmSignDigest.DIGEST_SHA_256)) {
aErrorList.add(_createError(sFieldPrefix + "Securoty.X509SignatureHashFunction must use the value '" + ECryptoAlgorithmSignDigest.DIGEST_SHA_256.getID() + "'"));
}
// Check Encrypt algorithm
if (aPModeLegSecurity.getX509EncryptionAlgorithm() == null) {
aErrorList.add(_createError(sFieldPrefix + "Security.X509EncryptionAlgorithm is missing"));
} else if (!aPModeLegSecurity.getX509EncryptionAlgorithm().equals(ECryptoAlgorithmCrypt.AES_128_GCM)) {
aErrorList.add(_createError(sFieldPrefix + "Securoty.X509EncryptionAlgorithm must use the value '" + ECryptoAlgorithmCrypt.AES_128_GCM.getID() + "' instead of '" + aPModeLegSecurity.getX509EncryptionAlgorithm().getID() + "'"));
}
// Check WSS Version = 1.1.1
if (aPModeLegSecurity.getWSSVersion() != null) {
// Check for WSS - Version if there is one present
if (!aPModeLegSecurity.getWSSVersion().equals(EWSSVersion.WSS_111))
aErrorList.add(_createError(sFieldPrefix + "Security.WSSVersion must use the value " + EWSSVersion.WSS_111 + " instead of " + aPModeLegSecurity.getWSSVersion()));
}
// PModeAuthorize
if (aPModeLegSecurity.isPModeAuthorizeDefined()) {
if (aPModeLegSecurity.isPModeAuthorize())
aErrorList.add(_createError(sFieldPrefix + "Security.PModeAuthorize must be set to 'false'"));
} else {
aErrorList.add(_createError(sFieldPrefix + "Security.PModeAuthorize is missing"));
}
// SEND RECEIPT TRUE/FALSE when false don't send receipts anymore
if (aPModeLegSecurity.isSendReceiptDefined()) {
if (aPModeLegSecurity.isSendReceipt()) {
// set response required
if (aPModeLegSecurity.getSendReceiptReplyPattern() != EPModeSendReceiptReplyPattern.RESPONSE)
aErrorList.add(_createError(sFieldPrefix + "Security.SendReceiptReplyPattern must use the value " + EPModeSendReceiptReplyPattern.RESPONSE + " instead of " + aPModeLegSecurity.getSendReceiptReplyPattern()));
}
}
} else {
aErrorList.add(_createError(sFieldPrefix + "Security is missing"));
}
// Error Handling
final PModeLegErrorHandling aErrorHandling = aPModeLeg.getErrorHandling();
if (aErrorHandling != null) {
if (aErrorHandling.isReportAsResponseDefined()) {
if (!aErrorHandling.isReportAsResponse())
aErrorList.add(_createError(sFieldPrefix + "ErrorHandling.Report.AsResponse must be 'true'"));
} else {
aErrorList.add(_createError(sFieldPrefix + "ErrorHandling.Report.AsResponse is missing"));
}
if (aErrorHandling.isReportProcessErrorNotifyConsumerDefined()) {
if (!aErrorHandling.isReportProcessErrorNotifyConsumer())
aErrorList.add(_createWarn(sFieldPrefix + "ErrorHandling.Report.ProcessErrorNotifyConsumer should be 'true'"));
} else {
aErrorList.add(_createError(sFieldPrefix + "ErrorHandling.Report.ProcessErrorNotifyConsumer is missing"));
}
if (aErrorHandling.isReportProcessErrorNotifyProducerDefined()) {
if (!aErrorHandling.isReportProcessErrorNotifyProducer())
aErrorList.add(_createWarn(sFieldPrefix + "ErrorHandling.Report.ProcessErrorNotifyProducer should be 'true'"));
} else {
aErrorList.add(_createError(sFieldPrefix + "ErrorHandling.Report.ProcessErrorNotifyProducer is missing"));
}
} else {
aErrorList.add(_createError(sFieldPrefix + "ErrorHandling is missing"));
}
}
Also used :
ESoapVersion(com.helger.phase4.soap.ESoapVersion)
PModeLegErrorHandling(com.helger.phase4.model.pmode.leg.PModeLegErrorHandling)
PModeLegProtocol(com.helger.phase4.model.pmode.leg.PModeLegProtocol)
PModeLegSecurity(com.helger.phase4.model.pmode.leg.PModeLegSecurity)
Example 4 with ESoapVersion
use of com.helger.phase4.soap.ESoapVersion in project phase4 by phax.
the class MockPModeGenerator method _createPModeLeg.
@Nonnull
private static PModeLeg _createPModeLeg(@Nonnull final ESoapVersion eSOAPVersion) {
final PModeLegReliability aPModeLegReliability = null;
final PModeLegSecurity aPModeLegSecurity = null;
return new PModeLeg(_createPModeLegProtocol(eSOAPVersion), _createPModeLegBusinessInformation(eSOAPVersion), _createPModeLegErrorHandling(), aPModeLegReliability, aPModeLegSecurity);
}
Also used :
PModeLegReliability(com.helger.phase4.model.pmode.leg.PModeLegReliability)
PModeLeg(com.helger.phase4.model.pmode.leg.PModeLeg)
PModeLegSecurity(com.helger.phase4.model.pmode.leg.PModeLegSecurity)
Nonnull(javax.annotation.Nonnull)
Example 5 with ESoapVersion
use of com.helger.phase4.soap.ESoapVersion in project phase4 by phax.
the class MainOldAS4Client method main.
/**
* Starting point for the SAAJ - SOAP Client Testing
*
* @param args
* ignored
*/
public static void main(final String[] args) {
try (final AS4ResourceHelper aResHelper = new AS4ResourceHelper()) {
String sURL = "http://127.0.0.1:8080/as4";
if (false)
sURL = "http://msh.holodeck-b2b.org:8080/msh";
// Deactivate if not sending to local holodeck
if (false)
sURL = "http://localhost:8080/msh/";
final HttpClientSettings aHCS = new HttpClientSettings();
if (sURL.startsWith("https"))
aHCS.setSSLContextTrustAll();
if (false) {
aHCS.setProxyHost(new HttpHost("172.30.9.6", 8080));
aHCS.addNonProxyHostsFromPipeString("localhost|127.0.0.1");
}
final CloseableHttpClient aClient = new HttpClientFactory(aHCS).createHttpClient();
LOGGER.info("Sending to " + sURL);
final HttpPost aPost = new HttpPost(sURL);
final ICommonsList<WSS4JAttachment> aAttachments = new CommonsArrayList<>();
final Node aPayload = DOMReader.readXMLDOM(new ClassPathResource("SOAPBodyPayload.xml"));
final ESoapVersion eSoapVersion = ESoapVersion.SOAP_12;
final IAS4CryptoFactory aCryptoFactory = AS4CryptoFactoryProperties.getDefaultInstance();
if (true) {
// No Mime Message Not signed or encrypted, just SOAP + Payload in SOAP
// -
// Body
// final Document aDoc = TestMessages.testSignedUserMessage
// (ESOAPVersion.SOAP_11, aPayload, aAttachments);
final AS4UserMessage aMsg = MockClientMessages.createUserMessageNotSigned(eSoapVersion, aPayload, aAttachments);
final Document aDoc = aMsg.getAsSoapDocument(aPayload);
aPost.setEntity(new HttpXMLEntity(aDoc, eSoapVersion.getMimeType()));
} else if (false) {
// BodyPayload SIGNED
final Document aDoc = MockClientMessages.createUserMessageSigned(eSoapVersion, aPayload, aAttachments, aResHelper);
aPost.setEntity(new HttpXMLEntity(aDoc, eSoapVersion.getMimeType()));
} else if (false) {
// BodyPayload ENCRYPTED
final AS4UserMessage aMsg = MockClientMessages.createUserMessageNotSigned(eSoapVersion, aPayload, aAttachments);
Document aDoc = aMsg.getAsSoapDocument(aPayload);
aDoc = AS4Encryptor.encryptSoapBodyPayload(aCryptoFactory, eSoapVersion, aDoc, false, AS4CryptParams.createDefault().setAlias("dummy"));
aPost.setEntity(new HttpXMLEntity(aDoc, eSoapVersion.getMimeType()));
} else if (true) {
aAttachments.add(WSS4JAttachment.createOutgoingFileAttachment(Phase4OutgoingAttachment.builder().data(ClassPathResource.getAsFile("attachment/test.xml.gz")).mimeType(CMimeType.APPLICATION_GZIP).build(), aResHelper));
final AS4UserMessage aMsg = MockClientMessages.createUserMessageNotSigned(eSoapVersion, null, aAttachments);
final AS4MimeMessage aMimeMsg = MimeMessageCreator.generateMimeMessage(eSoapVersion, AS4Signer.createSignedMessage(aCryptoFactory, aMsg.getAsSoapDocument(null), eSoapVersion, aMsg.getMessagingID(), aAttachments, aResHelper, false, AS4SigningParams.createDefault()), aAttachments);
// Move all global mime headers to the POST request
MessageHelperMethods.forEachHeaderAndRemoveAfterwards(aMimeMsg, aPost::addHeader, true);
aPost.setEntity(new HttpMimeMessageEntity(aMimeMsg));
} else if (false) {
Document aDoc = MockClientMessages.createUserMessageSigned(eSoapVersion, aPayload, aAttachments, aResHelper);
aDoc = AS4Encryptor.encryptSoapBodyPayload(aCryptoFactory, eSoapVersion, aDoc, false, AS4CryptParams.createDefault().setAlias("dummy"));
aPost.setEntity(new HttpXMLEntity(aDoc, eSoapVersion.getMimeType()));
} else
throw new IllegalStateException("Some test message should be selected :)");
// re-instantiate if you want to see the request that is getting sent
LOGGER.info(EntityUtils.toString(aPost.getEntity()));
final CloseableHttpResponse aHttpResponse = aClient.execute(aPost);
LOGGER.info("GET Response Status:: " + aHttpResponse.getStatusLine().getStatusCode());
// print result
LOGGER.info(EntityUtils.toString(aHttpResponse.getEntity()));
} catch (final Exception e) {
LOGGER.error("Error occurred while sending SOAP Request to Server", e);
}
}
Also used :
CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient)
HttpPost(org.apache.http.client.methods.HttpPost)
IAS4CryptoFactory(com.helger.phase4.crypto.IAS4CryptoFactory)
Node(org.w3c.dom.Node)
HttpXMLEntity(com.helger.phase4.http.HttpXMLEntity)
Document(org.w3c.dom.Document)
AS4UserMessage(com.helger.phase4.messaging.domain.AS4UserMessage)
ClassPathResource(com.helger.commons.io.resource.ClassPathResource)
IOException(java.io.IOException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
SAXException(org.xml.sax.SAXException)
HttpHost(org.apache.http.HttpHost)
ESoapVersion(com.helger.phase4.soap.ESoapVersion)
AS4MimeMessage(com.helger.phase4.messaging.mime.AS4MimeMessage)
CloseableHttpResponse(org.apache.http.client.methods.CloseableHttpResponse)
HttpClientSettings(com.helger.httpclient.HttpClientSettings)
HttpMimeMessageEntity(com.helger.phase4.http.HttpMimeMessageEntity)
AS4ResourceHelper(com.helger.phase4.util.AS4ResourceHelper)
HttpClientFactory(com.helger.httpclient.HttpClientFactory)
CommonsArrayList(com.helger.commons.collection.impl.CommonsArrayList)
WSS4JAttachment(com.helger.phase4.attachment.WSS4JAttachment)
Aggregations
Nonnull (javax.annotation.Nonnull)29
Document (org.w3c.dom.Document)13
CommonsArrayList (com.helger.commons.collection.impl.CommonsArrayList)12
ESoapVersion (com.helger.phase4.soap.ESoapVersion)12
Ebms3MessageInfo (com.helger.phase4.ebms3header.Ebms3MessageInfo)9
Ebms3Property (com.helger.phase4.ebms3header.Ebms3Property)9
AS4UserMessage (com.helger.phase4.messaging.domain.AS4UserMessage)9
WSS4JAttachment (com.helger.phase4.attachment.WSS4JAttachment)8
Ebms3CollaborationInfo (com.helger.phase4.ebms3header.Ebms3CollaborationInfo)8
Ebms3MessageProperties (com.helger.phase4.ebms3header.Ebms3MessageProperties)8
Ebms3PartyInfo (com.helger.phase4.ebms3header.Ebms3PartyInfo)8
Ebms3PayloadInfo (com.helger.phase4.ebms3header.Ebms3PayloadInfo)8
Node (org.w3c.dom.Node)8
Ebms3Error (com.helger.phase4.ebms3header.Ebms3Error)6
Ebms3SignalMessage (com.helger.phase4.ebms3header.Ebms3SignalMessage)6
IOException (java.io.IOException)6
MessagingException (javax.mail.MessagingException)6
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)6
AS4DecompressException (com.helger.phase4.attachment.AS4DecompressException)5
Ebms3UserMessage (com.helger.phase4.ebms3header.Ebms3UserMessage)5
