use of com.helger.smpclient.bdxr2.marshal.BDXR2ServiceMetadataMarshaller in project peppol-commons by phax.
the class BDXR2Client method _saveServiceInformation.
private void _saveServiceInformation(@Nonnull final ServiceMetadataType aServiceMetadata, @Nonnull final BasicAuthClientCredentials aCredentials) throws SMPClientException {
final String sBody = new BDXR2ServiceMetadataMarshaller(isXMLSchemaValidation()).getAsString(aServiceMetadata);
if (sBody == null)
throw new IllegalArgumentException("Failed to serialize ServiceMetadata: " + aServiceMetadata);
final String sURI = getSMPHostURI() + PATH_OASIS_BDXR_SMP_2 + CIdentifier.getURIPercentEncoded(aServiceMetadata.getParticipantID()) + '/' + URL_PART_SERVICES + '/' + CIdentifier.getURIPercentEncoded(aServiceMetadata.getID());
if (LOGGER.isDebugEnabled())
LOGGER.debug("BDXR2Client saveServiceRegistration@" + sURI);
final HttpPut aRequest = new HttpPut(sURI);
aRequest.addHeader(CHttpHeader.AUTHORIZATION, aCredentials.getRequestValue());
aRequest.setEntity(new StringEntity(sBody, CONTENT_TYPE_TEXT_XML));
executeGenericRequest(aRequest, new SMPHttpResponseHandlerWriteOperations());
}
use of com.helger.smpclient.bdxr2.marshal.BDXR2ServiceMetadataMarshaller in project peppol-commons by phax.
the class BDXR2ClientReadOnly method getServiceMetadata.
/**
* Gets a signed service metadata object given by its service group id and its
* document type. This is a specification compliant method.
*
* @param aServiceGroupID
* The service group id of the service metadata to get. May not be
* <code>null</code>.
* @param aDocumentTypeID
* The document type of the service metadata to get. May not be
* <code>null</code>.
* @return A signed service metadata object. Never <code>null</code>.
* @throws SMPClientException
* in case something goes wrong
* @throws SMPClientUnauthorizedException
* A HTTP Forbidden was received, should not happen.
* @throws SMPClientNotFoundException
* The service group id or document type did not exist.
* @throws SMPClientBadRequestException
* The request was not well formed.
* @see #getServiceMetadataOrNull(IParticipantIdentifier,
* IDocumentTypeIdentifier)
*/
@Nonnull
public ServiceMetadataType getServiceMetadata(@Nonnull final IParticipantIdentifier aServiceGroupID, @Nonnull final IDocumentTypeIdentifier aDocumentTypeID) throws SMPClientException {
ValueEnforcer.notNull(aServiceGroupID, "ServiceGroupID");
ValueEnforcer.notNull(aDocumentTypeID, "DocumentTypeID");
final String sURI = getSMPHostURI() + PATH_OASIS_BDXR_SMP_2 + aServiceGroupID.getURIPercentEncoded() + "/" + URL_PART_SERVICES + "/" + aDocumentTypeID.getURIPercentEncoded();
if (LOGGER.isDebugEnabled())
LOGGER.debug("BDXR2Client getServiceRegistration@" + sURI);
final boolean bXSDValidation = isXMLSchemaValidation();
final boolean bVerifySignature = isVerifySignature();
final KeyStore aTrustStore = getTrustStore();
HttpGet aRequest = new HttpGet(sURI);
BDXR2ServiceMetadataMarshaller aMarshaller = new BDXR2ServiceMetadataMarshaller(bXSDValidation);
customizeMarshaller(aMarshaller);
ServiceMetadataType aMetadata = executeGenericRequest(aRequest, new SMPHttpResponseHandlerSigned<>(aMarshaller, aTrustStore).setVerifySignature(bVerifySignature));
if (LOGGER.isDebugEnabled())
LOGGER.debug("Received response: " + aMetadata);
if (!SimpleDocumentTypeIdentifier.wrap(aMetadata.getID()).equals(aDocumentTypeID)) {
// Inconsistency between request and response
throw new SMPClientException("Requested document type '" + aDocumentTypeID.getURIEncoded() + "' and received '" + CIdentifier.getURIEncoded(aMetadata.getID()) + "' - mismatch. Ignoring request.");
}
// If the Redirect element is present, then follow 1 redirect.
if (isFollowSMPRedirects()) {
for (final ProcessMetadataType aPM : aMetadata.getProcessMetadata()) {
final RedirectType aRedirect = aPM.getRedirect();
if (aRedirect != null) {
// Follow the redirect
if (LOGGER.isInfoEnabled())
LOGGER.info("Following a redirect from '" + sURI + "' to '" + aRedirect.getPublisherURIValue() + "'");
aRequest = new HttpGet(aRedirect.getPublisherURIValue());
// Create a new Marshaller to make sure customization is easy
aMarshaller = new BDXR2ServiceMetadataMarshaller(bXSDValidation);
customizeMarshaller(aMarshaller);
aMetadata = executeGenericRequest(aRequest, new SMPHttpResponseHandlerSigned<>(new BDXR2ServiceMetadataMarshaller(bXSDValidation), aTrustStore).setVerifySignature(bVerifySignature));
// Check that the certificateUID is correct.
boolean bCertificateSubjectFound = false;
if (aMetadata.hasSignatureEntries())
outer: for (final Object aObj : aMetadata.getSignatureAtIndex(0).getKeyInfo().getContent()) {
final Object aInfoValue = ((JAXBElement<?>) aObj).getValue();
if (aInfoValue instanceof X509DataType) {
final X509DataType aX509Data = (X509DataType) aInfoValue;
for (final Object aX509Obj : aX509Data.getX509IssuerSerialOrX509SKIOrX509SubjectName()) {
final JAXBElement<?> aX509element = (JAXBElement<?>) aX509Obj;
// Find the first subject (of type string)
if (aX509element.getValue() instanceof X509Certificate) {
final X509Certificate aSecondCert = (X509Certificate) aX509element.getValue();
// Check all certs of the source redirect
boolean bFound = false;
final ICommonsList<X509Certificate> aAllRedirectCerts = new CommonsArrayList<>();
for (final CertificateType aCT : aRedirect.getCertificate()) {
try {
final X509Certificate aRedirectCert = CertificateHelper.convertByteArrayToCertficate(aCT.getContentBinaryObjectValue());
if (aRedirectCert != null) {
aAllRedirectCerts.add(aRedirectCert);
// Certificate match?
if (aRedirectCert.equals(aSecondCert)) {
bFound = true;
break;
}
}
} catch (final CertificateException ex) {
// Error in certificate in SMP response
LOGGER.error("SMP Redirect contains an invalid certificate", ex);
}
}
if (!bFound)
throw new SMPClientException("No certificate of the redirect matched the provided certificate. Retrieved certificate is '" + aSecondCert + "'. Allowed certificates according to the redirect are: " + aAllRedirectCerts);
bCertificateSubjectFound = true;
break outer;
}
}
}
}
if (!bCertificateSubjectFound)
throw new SMPClientException("The X509 certificate did not contain a certificate subject.");
}
}
} else {
if (LOGGER.isDebugEnabled())
LOGGER.debug("Following SMP redirects is disabled");
}
return aMetadata;
}
Aggregations